Moved over postgresql and nginx roles from pleroma roles.
authorLuke Hoersten <luke@hoersten.org>
Tue, 09 Jun 2020 19:21:46 -0500
changeset 40 b42b417751e5
parent 39 90b1b7c4be70
child 41 b2ee28d1694c
Moved over postgresql and nginx roles from pleroma roles.
nginx/defaults/main.yaml
nginx/handlers/main.yaml
nginx/tasks/main.yaml
postgresql/defaults/main.yaml
postgresql/handlers/main.yaml
postgresql/tasks/main.yaml
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/nginx/defaults/main.yaml	Tue Jun 09 19:21:46 2020 -0500
@@ -0,0 +1,10 @@
+---
+
+nginx_port: 80
+nginx_ssl_port: 443
+nginx_ssl_cert: "/etc/letsencrypt/live/{{nginx_server_name}}/fullchain.pem"
+nginx_ssl_privkey: "/etc/letsencrypt/live/{{nginx_server_name}}/privkey.pem"
+nginx_enable_certbot: No
+nginx_server_name: "{{ansible_host}}"
+nginx_conf_dst: "{{nginx_server_name}}.nginx.conf"
+nginx_admin_email: "admin@{{nginx_server_name}}"
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/nginx/handlers/main.yaml	Tue Jun 09 19:21:46 2020 -0500
@@ -0,0 +1,5 @@
+---
+
+- name: restart nginx
+  become: yes
+  systemd: name="nginx" state="restarted" daemon_reload="yes"
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/nginx/tasks/main.yaml	Tue Jun 09 19:21:46 2020 -0500
@@ -0,0 +1,39 @@
+---
+
+- name: install nginx packages
+  become: yes
+  apt: name="nginx"
+
+- name: install site
+  become: yes
+  template: src="{{nginx_conf_src}}" dest="/etc/nginx/sites-available/{{nginx_conf_dst}}"
+  notify: restart nginx
+
+- name: install nginx packages
+  become: yes
+  apt: name="python-certbot-nginx"
+  notify: restart nginx
+  when: nginx_enable_certbot
+
+- name: install certbot in nginx
+  become: yes
+  command: "certbot certonly --nginx -n --agree-tos -d {{nginx_server_name}} -m {{nginx_admin_email}}"
+  changed_when: false
+  when: nginx_enable_certbot
+
+- name: disable default site
+  become: yes
+  file: path="/etc/nginx/sites-enabled/default" state="absent"
+  notify: restart nginx
+
+- name: enable site
+  become: yes
+  file:
+    src:  "/etc/nginx/sites-available/{{nginx_conf_dst}}"
+    dest: "/etc/nginx/sites-enabled/{{nginx_conf_dst}}"
+    state: "link"
+  notify: restart nginx
+
+- name: enable nginx service
+  become: yes
+  systemd: name="nginx" enabled="yes" state="started"
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/postgresql/defaults/main.yaml	Tue Jun 09 19:21:46 2020 -0500
@@ -0,0 +1,10 @@
+---
+
+postgresql_version: "11"
+postgresql_config_path: "/etc/postgresql/{{postgresql_version}}/main/postgresql.conf"
+postgresql_data_dir: "/var/lib/postgresql/{{postgresql_version}}/main"
+postgresql_apt_packages:
+  - "postgresql-{{postgresql_version}}"
+  - "pgcli"
+  - "postgresql-client"
+  - "postgresql-common"
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/postgresql/handlers/main.yaml	Tue Jun 09 19:21:46 2020 -0500
@@ -0,0 +1,5 @@
+---
+
+- name: restart postgres
+  become: yes
+  systemd: name="postgresql" state="restarted" daemon_reload="yes"
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/postgresql/tasks/main.yaml	Tue Jun 09 19:21:46 2020 -0500
@@ -0,0 +1,27 @@
+---
+
+- name: install postgresql
+  become: yes
+  apt: name="{{postgresql_apt_packages}}"
+
+- name: configure postgresql data dir
+  become: yes
+  lineinfile:
+    path: "{{postgresql_config_path}}"
+    regexp: "^data_directory = "
+    line: "data_directory = '{{postgresql_data_dir}}'"
+  notify: restart postgres
+
+- name: create postgresql data dir
+  become: yes
+  file:
+    path: "{{postgresql_data_dir}}"
+    state: "directory"
+    mode: "0700"
+    owner: "postgres"
+    group: "postgres"
+  notify: restart postgres
+
+- name: ensure postgresql is started
+  become: yes
+  systemd: name="postgresql" enabled="yes" state="started"