diff --git a/ansible/base.yml b/ansible/base.yml index 56ba83d9..330089d5 100755 --- a/ansible/base.yml +++ b/ansible/base.yml @@ -1,18 +1,20 @@ #!/usr/bin/env ansible-playbook --- -- hosts: bde-nk20-beta.adh.crans.org +- hosts: bde-note.adh.crans.org vars_prompt: - name: DB_PASSWORD prompt: "Password of the database" private: yes vars: mirror: deb.debian.org + note: + server_name: bde-note.adh.crans.org roles: - 1-apt-basic - 2-nk20 - 3-pip - - 4-nginx - - 5-certbot + - 4-certbot + - 5-nginx - 6-psql - 7-postinstall diff --git a/ansible/hosts b/ansible/hosts index beafcc55..454b7aa0 100644 --- a/ansible/hosts +++ b/ansible/hosts @@ -1,5 +1,6 @@ [server] bde-nk20-beta.adh.crans.org +bde-note.adh.crans.org [all:vars] ansible_python_interpreter=/usr/bin/python3 diff --git a/ansible/roles/2-nk20/tasks/main.yml b/ansible/roles/2-nk20/tasks/main.yml index 37d29819..57615f52 100644 --- a/ansible/roles/2-nk20/tasks/main.yml +++ b/ansible/roles/2-nk20/tasks/main.yml @@ -11,7 +11,7 @@ git: repo: https://gitlab.crans.org/bde/nk20.git dest: /var/www/note_kfet - version: beta + version: master force: true - name: Use default env vars (should be updated!) diff --git a/ansible/roles/4-nginx/tasks/main.yml b/ansible/roles/4-nginx/tasks/main.yml deleted file mode 100644 index 431e470b..00000000 --- a/ansible/roles/4-nginx/tasks/main.yml +++ /dev/null @@ -1,44 +0,0 @@ ---- -- name: Install NGINX - apt: - name: nginx - register: pkg_result - retries: 3 - until: pkg_result is succeeded - -- name: Copy conf of Nginx - template: - src: "nginx_note.conf" - dest: /etc/nginx/sites-available/nginx_note.conf - mode: 0644 - owner: www-data - group: www-data - -- name: Enable Nginx site - file: - src: /etc/nginx/sites-available/nginx_note.conf - dest: /etc/nginx/sites-enabled/nginx_note.conf - owner: www-data - group: www-data - state: link - -- name: Disable default Nginx site - file: - dest: /etc/nginx/sites-enabled/default - state: absent - -- name: Copy conf of UWSGI - file: - src: /var/www/note_kfet/uwsgi_note.ini - dest: /etc/uwsgi/apps-enabled/uwsgi_note.ini - state: link - -- name: Reload Nginx - systemd: - name: nginx - state: reloaded - -- name: Restart UWSGI - systemd: - name: uwsgi - state: restarted diff --git a/ansible/roles/4-nginx/templates/nginx_note.conf b/ansible/roles/4-nginx/templates/nginx_note.conf deleted file mode 100644 index b195e739..00000000 --- a/ansible/roles/4-nginx/templates/nginx_note.conf +++ /dev/null @@ -1,63 +0,0 @@ -# the upstream component nginx needs to connect to -upstream note{ - server unix:///var/www/note_kfet/note_kfet.sock; # file socket -} - -# Redirect HTTP to nk20 HTTPS -server { - listen 80 default_server; - listen [::]:80 default_server; - - location / { - return 301 https://nk20-beta.crans.org$request_uri; - } -} - -# Redirect all HTTPS to nk20 HTTPS -server { - listen 443 ssl default_server; - listen [::]:443 ssl default_server; - - location / { - return 301 https://nk20-beta.crans.org$request_uri; - } - - ssl_certificate /etc/letsencrypt/live/nk20-beta.crans.org/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/nk20-beta.crans.org/privkey.pem; - include /etc/letsencrypt/options-ssl-nginx.conf; - ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; -} - -# configuration of the server -server { - listen 443 ssl; - listen [::]:443 ssl; - - # the port your site will be served on - # the domain name it will serve for - server_name nk20-beta.crans.org; # substitute your machine's IP address or FQDN - charset utf-8; - - # max upload size - client_max_body_size 75M; # adjust to taste - - # Django media - location /media { - alias /var/www/note_kfet/media; # your Django project's media files - amend as required - } - - location /static { - alias /var/www/note_kfet/static; # your Django project's static files - amend as required - } - - # Finally, send all non-media requests to the Django server. - location / { - uwsgi_pass note; - include /etc/nginx/uwsgi_params; - } - - ssl_certificate /etc/letsencrypt/live/nk20-beta.crans.org/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/nk20-beta.crans.org/privkey.pem; - include /etc/letsencrypt/options-ssl-nginx.conf; - ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; -} diff --git a/ansible/roles/5-certbot/tasks/main.yml b/ansible/roles/5-certbot/tasks/main.yml deleted file mode 100644 index 52bc0d67..00000000 --- a/ansible/roles/5-certbot/tasks/main.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- -- name: Install basic APT packages - apt: - update_cache: true - name: - - certbot - - python3-certbot-nginx - register: pkg_result - retries: 3 - until: pkg_result is succeeded - -- name: Create /etc/letsencrypt/conf.d - file: - path: /etc/letsencrypt/conf.d - state: directory - -- name: Add Certbot configuration - template: - src: "letsencrypt/conf.d/nk20.ini.j2" - dest: "/etc/letsencrypt/conf.d/nk20.ini" - mode: 0644 diff --git a/ansible/roles/5-certbot/templates/letsencrypt/conf.d/nk20.ini.j2 b/ansible/roles/5-certbot/templates/letsencrypt/conf.d/nk20.ini.j2 deleted file mode 100644 index b02abf5a..00000000 --- a/ansible/roles/5-certbot/templates/letsencrypt/conf.d/nk20.ini.j2 +++ /dev/null @@ -1,20 +0,0 @@ -{{ ansible_managed | comment }} - -# To generate the certificate, please use the following command -# certbot --config /etc/letsencrypt/conf.d/nk20.ini certonly - -# Use a 4096 bit RSA key instead of 2048 -rsa-key-size = 4096 - -# Always use the staging/testing server -# server = https://acme-staging.api.letsencrypt.org/directory - -# Uncomment and update to register with the specified e-mail address -email = notekfet2020@lists.crans.org - -# Uncomment to use a text interface instead of ncurses -text = True - -# Use DNS-01 challenge -authenticator = nginx - diff --git a/ansible/roles/7-postinstall/tasks/main.yml b/ansible/roles/7-postinstall/tasks/main.yml index 34a9011b..25fde0e7 100644 --- a/ansible/roles/7-postinstall/tasks/main.yml +++ b/ansible/roles/7-postinstall/tasks/main.yml @@ -22,3 +22,9 @@ args: chdir: /var/www/note_kfet become_user: postgres + +- name: Collect static files + command: /var/www/note_kfet/env/bin/python manage.py collectstatic --noinput + args: + chdir: /var/www/note_kfet + become_user: www-data diff --git a/apps/scripts b/apps/scripts index 4e1bcd18..525f091b 160000 --- a/apps/scripts +++ b/apps/scripts @@ -1 +1 @@ -Subproject commit 4e1bcd1808a24b532aa27bf2a119f6f8155af534 +Subproject commit 525f091b0caddc69cb2da7eba545ab9609bb1bb0 diff --git a/note_kfet/templates/base.html b/note_kfet/templates/base.html index fcee608a..6d092367 100644 --- a/note_kfet/templates/base.html +++ b/note_kfet/templates/base.html @@ -154,17 +154,6 @@ SPDX-License-Identifier: GPL-3.0-or-later {% trans "Your e-mail address is not validated. Please check your mail inbox and click on the validation link." %} {% endif %} -
Default content...