# HG changeset patch # User Luke Hoersten # Date 1591748506 18000 # Node ID b42b417751e5f6a86e3fe23bd49fd949c627f0b4 # Parent 90b1b7c4be7058efd00a225e65f26034a6276a9b Moved over postgresql and nginx roles from pleroma roles. diff -r 90b1b7c4be70 -r b42b417751e5 nginx/defaults/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/nginx/defaults/main.yaml Tue Jun 09 19:21:46 2020 -0500 @@ -0,0 +1,10 @@ +--- + +nginx_port: 80 +nginx_ssl_port: 443 +nginx_ssl_cert: "/etc/letsencrypt/live/{{nginx_server_name}}/fullchain.pem" +nginx_ssl_privkey: "/etc/letsencrypt/live/{{nginx_server_name}}/privkey.pem" +nginx_enable_certbot: No +nginx_server_name: "{{ansible_host}}" +nginx_conf_dst: "{{nginx_server_name}}.nginx.conf" +nginx_admin_email: "admin@{{nginx_server_name}}" diff -r 90b1b7c4be70 -r b42b417751e5 nginx/handlers/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/nginx/handlers/main.yaml Tue Jun 09 19:21:46 2020 -0500 @@ -0,0 +1,5 @@ +--- + +- name: restart nginx + become: yes + systemd: name="nginx" state="restarted" daemon_reload="yes" diff -r 90b1b7c4be70 -r b42b417751e5 nginx/tasks/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/nginx/tasks/main.yaml Tue Jun 09 19:21:46 2020 -0500 @@ -0,0 +1,39 @@ +--- + +- name: install nginx packages + become: yes + apt: name="nginx" + +- name: install site + become: yes + template: src="{{nginx_conf_src}}" dest="/etc/nginx/sites-available/{{nginx_conf_dst}}" + notify: restart nginx + +- name: install nginx packages + become: yes + apt: name="python-certbot-nginx" + notify: restart nginx + when: nginx_enable_certbot + +- name: install certbot in nginx + become: yes + command: "certbot certonly --nginx -n --agree-tos -d {{nginx_server_name}} -m {{nginx_admin_email}}" + changed_when: false + when: nginx_enable_certbot + +- name: disable default site + become: yes + file: path="/etc/nginx/sites-enabled/default" state="absent" + notify: restart nginx + +- name: enable site + become: yes + file: + src: "/etc/nginx/sites-available/{{nginx_conf_dst}}" + dest: "/etc/nginx/sites-enabled/{{nginx_conf_dst}}" + state: "link" + notify: restart nginx + +- name: enable nginx service + become: yes + systemd: name="nginx" enabled="yes" state="started" diff -r 90b1b7c4be70 -r b42b417751e5 postgresql/defaults/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/postgresql/defaults/main.yaml Tue Jun 09 19:21:46 2020 -0500 @@ -0,0 +1,10 @@ +--- + +postgresql_version: "11" +postgresql_config_path: "/etc/postgresql/{{postgresql_version}}/main/postgresql.conf" +postgresql_data_dir: "/var/lib/postgresql/{{postgresql_version}}/main" +postgresql_apt_packages: + - "postgresql-{{postgresql_version}}" + - "pgcli" + - "postgresql-client" + - "postgresql-common" diff -r 90b1b7c4be70 -r b42b417751e5 postgresql/handlers/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/postgresql/handlers/main.yaml Tue Jun 09 19:21:46 2020 -0500 @@ -0,0 +1,5 @@ +--- + +- name: restart postgres + become: yes + systemd: name="postgresql" state="restarted" daemon_reload="yes" diff -r 90b1b7c4be70 -r b42b417751e5 postgresql/tasks/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/postgresql/tasks/main.yaml Tue Jun 09 19:21:46 2020 -0500 @@ -0,0 +1,27 @@ +--- + +- name: install postgresql + become: yes + apt: name="{{postgresql_apt_packages}}" + +- name: configure postgresql data dir + become: yes + lineinfile: + path: "{{postgresql_config_path}}" + regexp: "^data_directory = " + line: "data_directory = '{{postgresql_data_dir}}'" + notify: restart postgres + +- name: create postgresql data dir + become: yes + file: + path: "{{postgresql_data_dir}}" + state: "directory" + mode: "0700" + owner: "postgres" + group: "postgres" + notify: restart postgres + +- name: ensure postgresql is started + become: yes + systemd: name="postgresql" enabled="yes" state="started"