From a5705d3f44cb86b216277c6311f313963d4f9c49 Mon Sep 17 00:00:00 2001
From: Trygve Laugstøl <trygvis@inamo.no>
Date: Tue, 28 Aug 2018 15:37:55 +0200
Subject: o sz-ds: wip.

---
 ansible/roles/knot-apache/tasks/main.yml           | 21 +++++++++++++++
 .../apache2/sites-enabled/sz-ds.trygvis.io.conf    | 31 ++++++++++++++++++++++
 2 files changed, 52 insertions(+)
 create mode 100644 ansible/roles/knot-apache/tasks/main.yml
 create mode 100644 ansible/roles/knot-apache/templates/etc/apache2/sites-enabled/sz-ds.trygvis.io.conf

(limited to 'ansible/roles/knot-apache')

diff --git a/ansible/roles/knot-apache/tasks/main.yml b/ansible/roles/knot-apache/tasks/main.yml
new file mode 100644
index 0000000..a3d1be6
--- /dev/null
+++ b/ansible/roles/knot-apache/tasks/main.yml
@@ -0,0 +1,21 @@
+- name: /etc/apache2/sites-enabled/{{ item.hostname }}.trygvis.io.conf
+  template:
+    src: etc/apache2/sites-enabled/sz-ds.trygvis.io.conf
+    dest: /etc/apache2/sites-enabled/{{ item.hostname }}.trygvis.io.conf
+  with_items: &backends
+    - hostname: sz
+      backend: sz-prod
+#    - hostname: sz-test
+#      backend: sz-test
+
+- name: "mkdir /var/www/{{ item.hostname }}.trygvis.io"
+  file:
+    dest: "/var/www/{{ item.hostname }}.trygvis.io"
+    state: directory
+  with_items: *backends
+
+- name: "mkdir /var/www/{{ item.hostname }}.trygvis.io/htdocs"
+  file:
+    dest: "/var/www/{{ item.hostname }}.trygvis.io/htdocs"
+    state: directory
+  with_items: *backends
diff --git a/ansible/roles/knot-apache/templates/etc/apache2/sites-enabled/sz-ds.trygvis.io.conf b/ansible/roles/knot-apache/templates/etc/apache2/sites-enabled/sz-ds.trygvis.io.conf
new file mode 100644
index 0000000..0172ff5
--- /dev/null
+++ b/ansible/roles/knot-apache/templates/etc/apache2/sites-enabled/sz-ds.trygvis.io.conf
@@ -0,0 +1,31 @@
+# Ansible
+<IfModule mod_ssl.c>
+<VirtualHost *:443>
+  ServerAdmin root@trygvis.io
+  ServerName {{ item.hostname }}.trygvis.io
+
+  LogLevel warn
+  ErrorLog ${APACHE_LOG_DIR}/{{ item.hostname }}.trygvis.io-error.log
+  CustomLog ${APACHE_LOG_DIR}/{{ item.hostname }}.trygvis.io-access.log combined
+
+  DocumentRoot /var/www/{{ item.hostname }}.trygvis.io/htdocs
+  <Directory />
+    Options FollowSymLinks
+    AllowOverride None
+  </Directory>
+  <Directory /var/www/{{ item.hostname }}.trygvis.io/htdocs/>
+    Options Indexes FollowSymLinks MultiViews
+    AllowOverride None
+    Order allow,deny
+    allow from all
+  </Directory>
+
+  ProxyTimeout 600
+  ProxyPreserveHost On
+  ProxyPass / http://{{ lxc_containers[item.backend].ipv4.address }}:5000/
+
+  SSLCertificateFile /etc/letsencrypt/live/{{ item.hostname }}.trygvis.io/fullchain.pem
+  SSLCertificateKeyFile /etc/letsencrypt/live/{{ item.hostname }}.trygvis.io/privkey.pem
+  Include /etc/letsencrypt/options-ssl-apache.conf
+</VirtualHost>
+</IfModule>
-- 
cgit v1.2.3