forked from infra/ansible
53 lines
1.5 KiB
YAML
53 lines
1.5 KiB
YAML
---
|
|
|
|
- name: Create user
|
|
user: name=drone
|
|
|
|
# TODO install drone to /opt/drone/bin
|
|
# currently it is manually compiled
|
|
|
|
- name: Configure drone
|
|
template: src=drone.j2 dest=/etc/default/drone
|
|
notify: Restart drone
|
|
|
|
- name: Install PostgreSQL
|
|
apt:
|
|
name:
|
|
- postgresql
|
|
- python3-psycopg2
|
|
|
|
- name: Configure PostgreSQL database
|
|
postgresql_db: name={{ drone_dbname }}
|
|
become: true
|
|
become_user: postgres
|
|
|
|
- name: Configure PostgreSQL user
|
|
postgresql_user: db={{ drone_dbname }} name={{ drone_dbuser }} password={{ drone_dbpass }} priv=ALL state=present
|
|
become: true
|
|
become_user: postgres
|
|
|
|
- name: Ensure certificates are available
|
|
command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ drone_domain }}.key -out /etc/nginx/ssl/{{ drone_domain }}.crt -days 730 -subj "/CN={{ drone_domain }}" creates=/etc/nginx/ssl/{{ drone_domain }}.crt
|
|
notify: Restart nginx
|
|
|
|
- name: Configure certificate manager for drone
|
|
template: src=certs.j2 dest=/etc/acertmgr/{{ drone_domain }}.conf
|
|
notify: Run acertmgr
|
|
|
|
- name: Configure vhost
|
|
template: src=vhost.j2 dest=/etc/nginx/sites-available/drone
|
|
notify: Restart nginx
|
|
|
|
- name: Enable vhost
|
|
file: src=/etc/nginx/sites-available/drone dest=/etc/nginx/sites-enabled/drone state=link
|
|
notify: Restart nginx
|
|
|
|
- name: Install systemd unit
|
|
copy: src=drone.service dest=/lib/systemd/system/drone.service
|
|
notify:
|
|
- Reload systemd
|
|
- Restart drone
|
|
|
|
- name: Enable drone
|
|
service: name=drone enabled=yes
|