diff options
author | Trygve Laugstøl <trygvis@inamo.no> | 2018-02-25 07:15:53 +0100 |
---|---|---|
committer | Trygve Laugstøl <trygvis@inamo.no> | 2018-02-25 07:15:53 +0100 |
commit | 37d104f7d74fd7b5fd6b65caf6f4d0dcf0cd614a (patch) | |
tree | 9e5bd01097ccadf6de2ba59dc264df51cd335665 /ansible/roles/mw-frontend | |
parent | 443efffc41984ac604ffa733dd936fecd83006dd (diff) | |
download | infra-37d104f7d74fd7b5fd6b65caf6f4d0dcf0cd614a.tar.gz infra-37d104f7d74fd7b5fd6b65caf6f4d0dcf0cd614a.tar.bz2 infra-37d104f7d74fd7b5fd6b65caf6f4d0dcf0cd614a.tar.xz infra-37d104f7d74fd7b5fd6b65caf6f4d0dcf0cd614a.zip |
wip
Diffstat (limited to 'ansible/roles/mw-frontend')
3 files changed, 32 insertions, 3 deletions
diff --git a/ansible/roles/mw-frontend/files/etc/apache2/sites-available/mw.trygvis.io-ssl.conf b/ansible/roles/mw-frontend/files/etc/apache2/sites-available/mw.trygvis.io-ssl.conf index 533c559..210cf2f 100644 --- a/ansible/roles/mw-frontend/files/etc/apache2/sites-available/mw.trygvis.io-ssl.conf +++ b/ansible/roles/mw-frontend/files/etc/apache2/sites-available/mw.trygvis.io-ssl.conf @@ -20,11 +20,12 @@ allow from all </Directory> + ProxyTimeout 600 ProxyPreserveHost On - ProxyPass / http://mw.trygvis.io/ + ProxyPass / http://10.0.3.2/ - SSLCertificateFile /etc/letsencrypt/live/mw.trygvis.io/fullchain.pem - SSLCertificateKeyFile /etc/letsencrypt/live/mw.trygvis.io/privkey.pem + SSLCertificateFile /etc/letsencrypt/live/mw.trygvis.io-0001/fullchain.pem + SSLCertificateKeyFile /etc/letsencrypt/live/mw.trygvis.io-0001/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf </VirtualHost> </IfModule> diff --git a/ansible/roles/mw-frontend/handlers/main.yml b/ansible/roles/mw-frontend/handlers/main.yml new file mode 100644 index 0000000..1b2172f --- /dev/null +++ b/ansible/roles/mw-frontend/handlers/main.yml @@ -0,0 +1,5 @@ +--- +- name: reload apache + service: + name: apache2 + state: reloaded diff --git a/ansible/roles/mw-frontend/tasks/main.yml b/ansible/roles/mw-frontend/tasks/main.yml index 40906ea..ee54719 100644 --- a/ansible/roles/mw-frontend/tasks/main.yml +++ b/ansible/roles/mw-frontend/tasks/main.yml @@ -1,8 +1,31 @@ --- - name: Apache config become: yes + tags: + - mw-frontend block: - name: apache config copy: src: etc/apache2/sites-available/mw.trygvis.io-ssl.conf dest: /etc/apache2/sites-available/mw.trygvis.io-ssl.conf + - name: packages + apt: + name: "{{ item }}" + install_recommends: no + with_items: + - python-psycopg2 + - name: postgresql db + become: yes + become_user: postgres + vars: + ansible_ssh_pipelining: true + block: + - name: CREATE ROLE mediawiki + postgresql_user: + name: "mediawiki" + password: "{{ mediawiki_secrets.mediawiki_password }}" + encrypted: yes + - name: CREATE DATABASE mediawiki + postgresql_db: + name: "mediawiki" + encoding: "utf-8" |