Added pastebin bin role.
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/bin/build/defaults/main.yaml Sat Feb 10 15:40:23 2024 -0600
@@ -0,0 +1,7 @@
+---
+
+bin_version: "2.0.1"
+# https://github.com/w4/bin/releases
+bin_tar: "https://github.com/w4/bin/archive/refs/tags/v{{bin_version}}.tar.gz"
+bin_build_dir: "/tmp/bin-{{bin_version}}"
+bin_srv_dir: "/var/www/build/"
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/bin/build/tasks/main.yaml Sat Feb 10 15:40:23 2024 -0600
@@ -0,0 +1,37 @@
+---
+
+- name: install cargo
+ become: yes
+ apt: name="cargo"
+
+- name: unarchive bin
+ unarchive:
+ remote_src: yes
+ src: "{{bin_tar}}"
+ dest: "/tmp/"
+ creates: "{{bin_build_dir}}"
+
+- name: check if bin build exists
+ stat:
+ path: "{{bin_build_dir}}/target/release/bin"
+ register: build_file
+
+- name: build bin
+ command: "cargo build --release"
+ args:
+ chdir: "{{bin_build_dir}}"
+ when: not build_file.stat.exists
+
+- name: create build server dir
+ become: yes
+ file:
+ path: "{{bin_srv_dir}}"
+ mode: "0755"
+ state: "directory"
+
+- name: copy bin to build server dir
+ become: yes
+ copy:
+ remote_src: yes
+ src: "{{bin_build_dir}}/target/release/bin"
+ dest: "{{bin_srv_dir}}/bin"
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/bin/server/defaults/main.yaml Sat Feb 10 15:40:23 2024 -0600
@@ -0,0 +1,4 @@
+---
+
+bin_user: "pastebin"
+bin_port: 8820
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/bin/server/handlers/main.yaml Sat Feb 10 15:40:23 2024 -0600
@@ -0,0 +1,5 @@
+---
+
+- name: restart service
+ become: yes
+ systemd: name="bin@{{bin_port}}.service" state="restarted" daemon_reload="yes"
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/bin/server/tasks/main.yaml Sat Feb 10 15:40:23 2024 -0600
@@ -0,0 +1,24 @@
+---
+
+- name: add bin user
+ become: yes
+ user: name="{{bin_user}}" shell="/bin/false" system="yes"
+
+- name: install bin binary
+ become: yes
+ get_url:
+ url: "{{bin_url}}"
+ dest: "/usr/local/bin/bin"
+ mode: "0755"
+ notify: restart service
+
+- name: install systemd service
+ become: yes
+ template:
+ src: "[email protected]"
+ dest: "/lib/systemd/system/[email protected]"
+ notify: restart service
+
+- name: ensure service is started
+ become: yes
+ systemd: name="bin@{{bin_port}}.service" enabled="yes" state="started"
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/bin/server/templates/[email protected] Sat Feb 10 15:40:23 2024 -0600
@@ -0,0 +1,11 @@
+[Unit]
+Description=Bin pastebin server bound on port %i
+After=syslog.target network.target
+
+[Service]
+ExecStart=/usr/local/bin/bin 127.0.0.1:%i --buffer-size 10 --max-paste-size 16kB
+Restart=always
+User={{bin_user}}
+
+[Install]
+WantedBy=multi-user.target
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/bin/server/templates/nginx.conf.j2 Sat Feb 10 15:40:23 2024 -0600
@@ -0,0 +1,30 @@
+server {
+ listen 80;
+ listen [::]:80;
+ server_name {{nginx_server_name}};
+ return 301 https://$host$request_uri;
+}
+
+server {
+ listen 443 ssl http2;
+ # listen [::]:443 ssl ipv6only=on;
+ server_name {{nginx_server_name}};
+
+ ssl_certificate {{nginx_ssl_cert}};
+ ssl_certificate_key {{nginx_ssl_privkey}};
+ include /etc/letsencrypt/options-ssl-nginx.conf;
+ ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+
+ ssl_ecdh_curve X25519:prime256v1:secp384r1:secp521r1;
+ ssl_stapling on;
+ ssl_stapling_verify on;
+
+ location / {
+ proxy_pass http://127.0.0.1:{{nginx_proxy_port}};
+ proxy_redirect off;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ }
+}