wip

author: Trygve Laugstøl <trygvis@inamo.no> 2018-02-25 07:15:53 +0100
committer: Trygve Laugstøl <trygvis@inamo.no> 2018-02-25 07:15:53 +0100
commit: 37d104f7d74fd7b5fd6b65caf6f4d0dcf0cd614a (patch)
tree: 9e5bd01097ccadf6de2ba59dc264df51cd335665 /ansible/roles/mw-frontend
parent: 443efffc41984ac604ffa733dd936fecd83006dd (diff)
download: infra-37d104f7d74fd7b5fd6b65caf6f4d0dcf0cd614a.tar.gz
infra-37d104f7d74fd7b5fd6b65caf6f4d0dcf0cd614a.tar.bz2
infra-37d104f7d74fd7b5fd6b65caf6f4d0dcf0cd614a.tar.xz
infra-37d104f7d74fd7b5fd6b65caf6f4d0dcf0cd614a.zip
3 files changed, 32 insertions, 3 deletions
diff --git a/ansible/roles/mw-frontend/files/etc/apache2/sites-available/mw.trygvis.io-ssl.conf b/ansible/roles/mw-frontend/files/etc/apache2/sites-available/mw.trygvis.io-ssl.conf
index 533c559..210cf2f 100644
--- a/ansible/roles/mw-frontend/files/etc/apache2/sites-available/mw.trygvis.io-ssl.conf
+++ b/ansible/roles/mw-frontend/files/etc/apache2/sites-available/mw.trygvis.io-ssl.conf
@@ -20,11 +20,12 @@
     allow from all
   </Directory>
 
+  ProxyTimeout 600
   ProxyPreserveHost On
-  ProxyPass / http://mw.trygvis.io/
+  ProxyPass / http://10.0.3.2/
 
-  SSLCertificateFile /etc/letsencrypt/live/mw.trygvis.io/fullchain.pem
-  SSLCertificateKeyFile /etc/letsencrypt/live/mw.trygvis.io/privkey.pem
+  SSLCertificateFile /etc/letsencrypt/live/mw.trygvis.io-0001/fullchain.pem
+  SSLCertificateKeyFile /etc/letsencrypt/live/mw.trygvis.io-0001/privkey.pem
   Include /etc/letsencrypt/options-ssl-apache.conf
 </VirtualHost>
 </IfModule>
diff --git a/ansible/roles/mw-frontend/handlers/main.yml b/ansible/roles/mw-frontend/handlers/main.yml
new file mode 100644
index 0000000..1b2172f
--- /dev/null
+++ b/ansible/roles/mw-frontend/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+- name: reload apache
+  service:
+    name: apache2
+    state: reloaded
diff --git a/ansible/roles/mw-frontend/tasks/main.yml b/ansible/roles/mw-frontend/tasks/main.yml
index 40906ea..ee54719 100644
--- a/ansible/roles/mw-frontend/tasks/main.yml
+++ b/ansible/roles/mw-frontend/tasks/main.yml
@@ -1,8 +1,31 @@
 ---
 - name: Apache config
   become: yes
+  tags:
+    - mw-frontend
   block:
     - name: apache config
       copy:
         src: etc/apache2/sites-available/mw.trygvis.io-ssl.conf
         dest: /etc/apache2/sites-available/mw.trygvis.io-ssl.conf
+    - name: packages
+      apt:
+        name: "{{ item }}"
+        install_recommends: no
+      with_items:
+        - python-psycopg2
+    - name: postgresql db
+      become: yes
+      become_user: postgres
+      vars:
+        ansible_ssh_pipelining: true
+      block:
+        - name: CREATE ROLE mediawiki
+          postgresql_user: 
+            name: "mediawiki"
+            password: "{{ mediawiki_secrets.mediawiki_password }}"
+            encrypted: yes
+        - name: CREATE DATABASE mediawiki
+          postgresql_db:
+            name: "mediawiki"
+            encoding: "utf-8"
author	Trygve Laugstøl <trygvis@inamo.no>	2018-02-25 07:15:53 +0100
committer	Trygve Laugstøl <trygvis@inamo.no>	2018-02-25 07:15:53 +0100
commit	37d104f7d74fd7b5fd6b65caf6f4d0dcf0cd614a (patch)
tree	9e5bd01097ccadf6de2ba59dc264df51cd335665 /ansible/roles/mw-frontend
parent	443efffc41984ac604ffa733dd936fecd83006dd (diff)
download	infra-37d104f7d74fd7b5fd6b65caf6f4d0dcf0cd614a.tar.gz infra-37d104f7d74fd7b5fd6b65caf6f4d0dcf0cd614a.tar.bz2 infra-37d104f7d74fd7b5fd6b65caf6f4d0dcf0cd614a.tar.xz infra-37d104f7d74fd7b5fd6b65caf6f4d0dcf0cd614a.zip