ynerant
/
nk20
mirror of https://gitlab.crans.org/bde/nk20
1
0
Fork 0
Code Issues Releases Wiki Activity

🔧 Better Ansible script

This commit is contained in:
Yohann D'ANELLO 2020-07-21 22:36:37 +02:00
parent 4761d46696
commit 5d70a809c2
7 changed files with 81 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ansible/base.yml
View File

@ -7,4 +7,6 @@
- 2-nk20
- 3-pip
- 4-nginx
- 5-psql
- 5-certbot
- 6-psql
- 7-postinstall

1
ansible/roles/1-apt-basic/tasks/main.yml
View File

@ -12,6 +12,7 @@
- python3-venv
- git
- acl
- gettext
- texlive-latex-extra
- texlive-fonts-extra
- texlive-lang-french

23
ansible/roles/4-nginx/tasks/main.yml
View File

@ -1,20 +1,21 @@
---
- name: Copy example conf of Nginx
command: cp /var/www/note_kfet/nginx_note.conf_example /var/www/note_kfet/nginx_note.conf
- name: Copy conf of Nginx
template:
src: "nginx_note.conf"
dest: /etc/nginx/sites-available/nginx_note.conf
mode: 0644
owner: www-data
group: www-data
- name: Update Nginx conf
replace:
path: /var/www/note_kfet/nginx_note.conf
regexp: 'note.example.org'
replace: 'bde-nk20-beta.adh.crans.org'
- name: Copy conf to Nginx
- name: Enable Nginx site
file:
src: /var/www/note_kfet/nginx_note.conf
src: /etc/nginx/sites-available/nginx_note.conf
dest: /etc/nginx/sites-enabled/nginx_note.conf
owner: www-data
group: www-data
state: link
- name: Copy conf to UWSGI
- name: Copy conf of UWSGI
file:
src: /var/www/note_kfet/uwsgi_note.ini
dest: /etc/uwsgi/apps-enabled/uwsgi_note.ini

21
ansible/roles/5-certbot/tasks/main.yml Normal file
View File

@ -0,0 +1,21 @@
---
- name: Install basic APT packages
apt:
update_cache: true
name:
- certbot
- python3-certbot-nginx
register: pkg_result
retries: 3
until: pkg_result is succeeded
- name: Create /etc/letsencrypt/conf.d
file:
path: /etc/letsencrypt/conf.d
state: directory
- name: Add Certbot configuration
template:
src: "letsencrypt/conf.d/nk20.ini.j2"
dest: "/etc/letsencrypt/conf.d/nk20.ini"
mode: 0644

20
ansible/roles/5-certbot/templates/letsencrypt/conf.d/nk20.ini.j2 Normal file
View File

@ -0,0 +1,20 @@
{{ ansible_managed | comment }}
# To generate the certificate, please use the following command
# certbot --config /etc/letsencrypt/conf.d/nk20.ini certonly
# Use a 4096 bit RSA key instead of 2048
rsa-key-size = 4096
# Always use the staging/testing server
# server = https://acme-staging.api.letsencrypt.org/directory
# Uncomment and update to register with the specified e-mail address
email = notekfet2020@lists.crans.org
# Uncomment to use a text interface instead of ncurses
text = True
# Use DNS-01 challenge
authenticator = nginx

12
ansible/roles/5-psql/tasks/main.yml → ansible/roles/6-psql/tasks/main.yml
View File

@ -25,15 +25,3 @@
name: note_db
owner: note
become_user: postgres
- name: Make Django migrations
command: /var/www/note_kfet/env/bin/python manage.py makemigrations
args:
chdir: /var/www/note_kfet
become_user: www-data
- name: Migrate Django database
command: /var/www/note_kfet/env/bin/python manage.py migrate
args:
chdir: /var/www/note_kfet
become_user: www-data

24
ansible/roles/7-postinstall/tasks/main.yml Normal file
View File

@ -0,0 +1,24 @@
---
- name: Make Django migrations
command: /var/www/note_kfet/env/bin/python manage.py makemigrations
args:
chdir: /var/www/note_kfet
become_user: www-data
- name: Migrate Django database
command: /var/www/note_kfet/env/bin/python manage.py migrate
args:
chdir: /var/www/note_kfet
become_user: www-data
- name: Compile messages
command: /var/www/note_kfet/env/bin/python manage.py compilemessages
args:
chdir: /var/www/note_kfet
become_user: www-data
- name: Install initial fixtures
command: /var/www/note_kfet/env/bin/python manage.py loaddata initial
args:
chdir: /var/www/note_kfet
become_user: www-data