diff options
Diffstat (limited to 'ansible/roles/knot-apache')
-rw-r--r-- | ansible/roles/knot-apache/tasks/main.yml | 21 | ||||
-rw-r--r-- | ansible/roles/knot-apache/templates/etc/apache2/sites-enabled/sz-ds.trygvis.io.conf | 31 |
2 files changed, 52 insertions, 0 deletions
diff --git a/ansible/roles/knot-apache/tasks/main.yml b/ansible/roles/knot-apache/tasks/main.yml new file mode 100644 index 0000000..a3d1be6 --- /dev/null +++ b/ansible/roles/knot-apache/tasks/main.yml @@ -0,0 +1,21 @@ +- name: /etc/apache2/sites-enabled/{{ item.hostname }}.trygvis.io.conf + template: + src: etc/apache2/sites-enabled/sz-ds.trygvis.io.conf + dest: /etc/apache2/sites-enabled/{{ item.hostname }}.trygvis.io.conf + with_items: &backends + - hostname: sz + backend: sz-prod +# - hostname: sz-test +# backend: sz-test + +- name: "mkdir /var/www/{{ item.hostname }}.trygvis.io" + file: + dest: "/var/www/{{ item.hostname }}.trygvis.io" + state: directory + with_items: *backends + +- name: "mkdir /var/www/{{ item.hostname }}.trygvis.io/htdocs" + file: + dest: "/var/www/{{ item.hostname }}.trygvis.io/htdocs" + state: directory + with_items: *backends diff --git a/ansible/roles/knot-apache/templates/etc/apache2/sites-enabled/sz-ds.trygvis.io.conf b/ansible/roles/knot-apache/templates/etc/apache2/sites-enabled/sz-ds.trygvis.io.conf new file mode 100644 index 0000000..0172ff5 --- /dev/null +++ b/ansible/roles/knot-apache/templates/etc/apache2/sites-enabled/sz-ds.trygvis.io.conf @@ -0,0 +1,31 @@ +# Ansible +<IfModule mod_ssl.c> +<VirtualHost *:443> + ServerAdmin root@trygvis.io + ServerName {{ item.hostname }}.trygvis.io + + LogLevel warn + ErrorLog ${APACHE_LOG_DIR}/{{ item.hostname }}.trygvis.io-error.log + CustomLog ${APACHE_LOG_DIR}/{{ item.hostname }}.trygvis.io-access.log combined + + DocumentRoot /var/www/{{ item.hostname }}.trygvis.io/htdocs + <Directory /> + Options FollowSymLinks + AllowOverride None + </Directory> + <Directory /var/www/{{ item.hostname }}.trygvis.io/htdocs/> + Options Indexes FollowSymLinks MultiViews + AllowOverride None + Order allow,deny + allow from all + </Directory> + + ProxyTimeout 600 + ProxyPreserveHost On + ProxyPass / http://{{ lxc_containers[item.backend].ipv4.address }}:5000/ + + SSLCertificateFile /etc/letsencrypt/live/{{ item.hostname }}.trygvis.io/fullchain.pem + SSLCertificateKeyFile /etc/letsencrypt/live/{{ item.hostname }}.trygvis.io/privkey.pem + Include /etc/letsencrypt/options-ssl-apache.conf +</VirtualHost> +</IfModule> |