DTSV/Ansible
1
0
Fork 0
Code Issues Pull Requests Releases Activity

initial ansible code

Browse Source
This commit is contained in:
Oli
2022-10-09 21:41:56 +00:00
parent 4a64eab4a0
commit feaec34dd2
103 changed files with 4473 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
roles/webserver/tasks/main.yml Normal file
View File

@@ -0,0 +1,15 @@
---
- name: Mount Volume
import_tasks: volume.yml
- name: Configure Rclone
import_tasks: rclone.yml
- name: Configure Nginx
import_tasks: nginx.yml
- name: Configure PHP
import_tasks: php.yml
- name: Flush handlers befor continue
meta: flush_handlers

55
roles/webserver/tasks/nginx.yml Normal file
View File

@@ -0,0 +1,55 @@
---
- name: Copy Nginx configs
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: 0644
loop:
- {src: "nginx.conf.j2", dest: "/etc/nginx/nginx.conf"}
- {src: "cert.conf.j2", dest: "/etc/nginx/global/cert.conf"}
- {src: "header.conf.j2", dest: "/etc/nginx/global/header.conf"}
- {src: "proxy.conf.j2", dest: "/etc/nginx/global/proxy.conf"}
- {src: "php_optimization.j2", dest: "/etc/nginx/global/php_optimization"}
notify: reload nginx
- name: Copy virtual server configs
template:
src: "{{ item }}"
dest: /etc/nginx/conf.d/{{ item | basename | regex_replace('\.j2$', '') }}
mode: 0644
with_fileglob: "../templates/conf.d/*.j2"
notify: reload nginx
## Certificates
- name: Create Certificate directory
file:
path: "{{ webserver_nginx_cert_path }}"
state: directory
mode: 0755
- name: Copy SSL certificates for {{ webserver_domain }}
copy:
remote_src: true
# make sure that ssl certs are available
src: "{{ lego_config_dir }}/certificates/{{ webserver_domain }}.{{ item }}"
dest: "{{ webserver_nginx_cert_path }}/{{ webserver_domain }}.{{ item }}"
owner: root
group: root
mode: 0600
loop: [crt, key, issuer.crt]
notify: reload nginx
- name: Create nginx.service.d directory
file:
path: /etc/systemd/system/nginx.service.d
mode: 0755
state: directory
- name: Increase max open files
template:
src: nginx_systemd.conf.j2
dest: /etc/systemd/system/nginx.service.d/nginx.conf
mode: 0644
notify: restart nginx

37
roles/webserver/tasks/php.yml Normal file
View File

@@ -0,0 +1,37 @@
---
- name: Set PHP options for FPM
ini_file:
path: /etc/php/{{ php_version }}/fpm/php.ini
section: "{{ item.section | default('PHP') }}"
option: "{{ item.option }}"
value: "{{ item.value }}"
state: "{{ item.state | default('present') }}"
loop: "{{ php_fpm_ini_options }}"
when: '"fpm" in php_modules'
notify: restart php-fpm
- name: Configure FPM pool
lineinfile:
path: /etc/php/{{ php_version }}/fpm/pool.d/www.conf
regexp: '^{{ item.option }}\s'
line: '{{ item.option }} = {{ item.value }}'
loop: "{{ php_fpm_pool_options }}"
when: '"fpm" in php_modules'
notify: restart php-fpm
- name: Configure FPM environment variables
replace:
path: /etc/php/{{ php_version }}/fpm/pool.d/www.conf
regexp: "^{{ item.regexp }}"
replace: "{{ item.replace }}"
loop:
- {regexp: ";env", replace: "env"}
- {regexp: ";clear_env", replace: "clear_env"}
when: '"fpm" in php_modules'
notify: restart php-fpm
- name: Install imagemagick package
apt:
name: imagemagick
when: '"imagick" in php_modules'

8
roles/webserver/tasks/rclone.yml Normal file
View File

@@ -0,0 +1,8 @@
---
- name: Copy rclone config file
template:
src: "rclone.conf.j2"
dest: "{{ rclone_config_file }}"
mode: 0600
# rclone config file changes while using to force update via ansible use rclone_config_force
force: "{{ rclone_config_force }}"

22
roles/webserver/tasks/volume.yml Normal file
View File

@@ -0,0 +1,22 @@
---
- name: Gather hcloud volume infos
hetzner.hcloud.hcloud_volume_info:
api_token: "{{ vault_hcloud_token }}"
name: "{{ hcloud_webserver_volume_name }}"
delegate_to: localhost
register: web_hcloud_volume
- name: Creates mount directory
file:
path: "{{ hcloud_webserver_volume_path }}"
state: directory
force: false
- name: Mount hcloud volume
ansible.posix.mount:
path: "{{ hcloud_webserver_volume_path }}"
src: "{{ web_hcloud_volume.hcloud_volume_info[0].linux_device }}"
fstype: ext4
opts: discard,nofail,defaults
state: mounted