This repository has been archived by the owner on Jan 25, 2025. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathweb.yml
104 lines (89 loc) · 2.98 KB
/
web.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
---
- hosts: web
become: yes
vars:
data_dir: "/srv/data"
dehydrated_accept_letsencrypt_terms: True
dehydrated_contactemail: "{{ server_admin }}"
dehydrated_domains:
- name: "md.freifunk.net"
deploy_challenge_hook: "systemctl reload apache2"
- name: "grafana.md.freifunk.net"
deploy_challenge_hook: "systemctl reload apache2"
- name: "web.md.freifunk.net"
deploy_challenge_hook: "systemctl reload apache2"
- name: "firmware.md.freifunk.net"
deploy_challenge_hook: "systemctl reload apache2"
- name: "map.md.freifunk.net"
deploy_challenge_hook: "systemctl reload apache2"
firmware_http_host_port: 9001
roles:
- role: apache
- role: apache_letsencrypt
- role: ansible-role-dehydrated
- role: penguineer.dehydrated_cron
tasks:
- name: Setup proxy site md.freifunk.net
include_role:
name: service-http-proxy
vars:
site_name: md.freifunk.net
proxy_port: 1234
extra_config:
- "ProxyPreserveHost On"
- name: Setup proxy site grafana.md.freifunk.net
include_role:
name: service-http-proxy
vars:
site_name: grafana.md.freifunk.net
proxy_port: 3000
- name: Setup proxy site map.md.freifunk.net
include_role:
name: service-http-proxy
vars:
site_name: map.md.freifunk.net
proxy_port: 8010
- name: Setup container for bind9-md.freifunk.net
docker_container:
name: bind9-md-freifunk-net
image: "ffmd/bind9-md-freifunk-net:2022111601"
pull: true
state: started
restart_policy: unless-stopped
detach: yes
ports:
# Bind to the external ip address only
# NOTE: There is also a container for the internal ffmd TLD
- "{{ ansible_default_ipv4.address }}:53:53/udp"
### firmware.md.freifunk.net
- name: Check if firmware directory exists
ansible.builtin.stat:
path: "{{ data_dir }}/firmware"
register: firmware_dir
- name: Fail if firmware data dir does not exist
ansible.builtin.fail:
msg: "Firmware data dir is missing, please restore from the backup!"
when: not firmware_dir.stat.exists
- name: Setup static HTTP server for firmware content
docker_container:
name: firmware-static-http
image: joseluisq/static-web-server:2.13.1
pull: true
state: started
detach: true
restart_policy: unless-stopped
env:
SERVER_PORT=80
SERVER_ROOT=/public
SERVER_DIRECTORY_LISTING=true
ports:
- "127.0.0.1:{{ firmware_http_host_port }}:80"
volumes:
- "{{ data_dir }}/firmware:/public:ro"
- name: Setup proxy site firmware.md.freifunk.net
# point to static website for now
include_role:
name: setup_http_site_proxy
vars:
site_name: "firmware.md.freifunk.net"
proxy_port: "{{ firmware_http_host_port }}"