ansible/roles/hedgedoc/tasks/main.yml

64 lines
1.8 KiB
YAML
Raw Permalink Normal View History

2018-04-09 21:28:36 +02:00
---
- name: Install packages
2020-11-13 18:29:32 +01:00
apt:
name:
- docker-compose
2018-04-09 21:28:36 +02:00
- name: Create hedgedoc group
group: name=hedgedoc
- name: Create hedgedoc user
user:
name: hedgedoc
home: /opt/hedgedoc
shell: /bin/bash
group: hedgedoc
groups: docker
- name: Configure hedgedoc container
template: src=docker-compose.yml.j2 dest=/opt/hedgedoc/docker-compose.yml
notify: Restart hedgedoc
2018-04-09 21:28:36 +02:00
- name: Ensure certificates are available
command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ hedgedoc_domain }}.key -out /etc/nginx/ssl/{{ hedgedoc_domain }}.crt -days 730 -subj "/CN={{ hedgedoc_domain }}" creates=/etc/nginx/ssl/{{ hedgedoc_domain }}.crt
2018-04-09 21:28:36 +02:00
notify: Restart nginx
- name: Configure certificate manager for hedgedoc
template: src=certs.j2 dest=/etc/acertmgr/{{ hedgedoc_domain }}.conf
notify: Run acertmgr
2018-04-09 21:28:36 +02:00
- name: Configure vhost
template: src=vhost.j2 dest=/etc/nginx/sites-available/hedgedoc
2018-04-09 21:28:36 +02:00
notify: Restart nginx
- name: Enable vhost
file: src=/etc/nginx/sites-available/hedgedoc dest=/etc/nginx/sites-enabled/hedgedoc state=link
2018-04-09 21:28:36 +02:00
notify: Restart nginx
- name: Systemd unit for hedgedoc
template: src=hedgedoc.service.j2 dest=/etc/systemd/system/hedgedoc.service
2018-04-09 21:28:36 +02:00
notify:
- Reload systemd
- Restart hedgedoc
2018-04-09 21:28:36 +02:00
- name: Systemd unit for hedgedoc-reload
template: src=hedgedoc-reload.{{ item }}.j2 dest=/etc/systemd/system/hedgedoc-reload.{{ item }}
with_items:
- "service"
- "timer"
notify:
- Reload systemd
- Restart hedgedoc-reload
- name: Start the hedgedoc service
service: name=hedgedoc state=started enabled=yes
2022-06-06 20:35:14 +02:00
- name: Enable auto update timer
service: name=hedgedoc-reload.timer state=started enabled=yes
2022-06-06 20:35:14 +02:00
- name: Enable monitoring
include_role: name=icinga-monitor tasks_from=http
vars:
vhost: "{{ hedgedoc_domain }}"