From 37d104f7d74fd7b5fd6b65caf6f4d0dcf0cd614a Mon Sep 17 00:00:00 2001 From: Trygve Laugstøl Date: Sun, 25 Feb 2018 07:15:53 +0100 Subject: wip --- .../apache2/sites-available/mw.trygvis.io-ssl.conf | 7 ++++--- ansible/roles/mw-frontend/handlers/main.yml | 5 +++++ ansible/roles/mw-frontend/tasks/main.yml | 23 ++++++++++++++++++++++ 3 files changed, 32 insertions(+), 3 deletions(-) create mode 100644 ansible/roles/mw-frontend/handlers/main.yml (limited to 'ansible/roles/mw-frontend') diff --git a/ansible/roles/mw-frontend/files/etc/apache2/sites-available/mw.trygvis.io-ssl.conf b/ansible/roles/mw-frontend/files/etc/apache2/sites-available/mw.trygvis.io-ssl.conf index 533c559..210cf2f 100644 --- a/ansible/roles/mw-frontend/files/etc/apache2/sites-available/mw.trygvis.io-ssl.conf +++ b/ansible/roles/mw-frontend/files/etc/apache2/sites-available/mw.trygvis.io-ssl.conf @@ -20,11 +20,12 @@ allow from all + ProxyTimeout 600 ProxyPreserveHost On - ProxyPass / http://mw.trygvis.io/ + ProxyPass / http://10.0.3.2/ - SSLCertificateFile /etc/letsencrypt/live/mw.trygvis.io/fullchain.pem - SSLCertificateKeyFile /etc/letsencrypt/live/mw.trygvis.io/privkey.pem + SSLCertificateFile /etc/letsencrypt/live/mw.trygvis.io-0001/fullchain.pem + SSLCertificateKeyFile /etc/letsencrypt/live/mw.trygvis.io-0001/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf diff --git a/ansible/roles/mw-frontend/handlers/main.yml b/ansible/roles/mw-frontend/handlers/main.yml new file mode 100644 index 0000000..1b2172f --- /dev/null +++ b/ansible/roles/mw-frontend/handlers/main.yml @@ -0,0 +1,5 @@ +--- +- name: reload apache + service: + name: apache2 + state: reloaded diff --git a/ansible/roles/mw-frontend/tasks/main.yml b/ansible/roles/mw-frontend/tasks/main.yml index 40906ea..ee54719 100644 --- a/ansible/roles/mw-frontend/tasks/main.yml +++ b/ansible/roles/mw-frontend/tasks/main.yml @@ -1,8 +1,31 @@ --- - name: Apache config become: yes + tags: + - mw-frontend block: - name: apache config copy: src: etc/apache2/sites-available/mw.trygvis.io-ssl.conf dest: /etc/apache2/sites-available/mw.trygvis.io-ssl.conf + - name: packages + apt: + name: "{{ item }}" + install_recommends: no + with_items: + - python-psycopg2 + - name: postgresql db + become: yes + become_user: postgres + vars: + ansible_ssh_pipelining: true + block: + - name: CREATE ROLE mediawiki + postgresql_user: + name: "mediawiki" + password: "{{ mediawiki_secrets.mediawiki_password }}" + encrypted: yes + - name: CREATE DATABASE mediawiki + postgresql_db: + name: "mediawiki" + encoding: "utf-8" -- cgit v1.2.3