forked from FF-RGB/ansible
remove confluence
This commit is contained in:
parent
1af46b5e28
commit
cd6386d58b
1
hosts
1
hosts
@ -2,6 +2,5 @@
|
||||
gw11.regensburg.freifunk.net
|
||||
gw21.regensburg.freifunk.net
|
||||
gw31.regensburg.freifunk.net
|
||||
confluence.regensburg.freifunk.net
|
||||
stats.ffrgb ansible_host=10.90.224.100
|
||||
unms.ffrgb ansible_host=10.90.224.101
|
||||
|
||||
@ -1,13 +0,0 @@
|
||||
[Unit]
|
||||
Description=Confluence Team Collaboration Software
|
||||
After=network.target postgresql.service
|
||||
|
||||
[Service]
|
||||
Type=forking
|
||||
User=confluence
|
||||
PIDFile=/opt/atlassian/confluence/work/catalina.pid
|
||||
ExecStart=/opt/atlassian/confluence/bin/start-confluence.sh
|
||||
ExecStop=/opt/atlassian/confluence/bin/stop-confluence.sh
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
@ -1,10 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Restart nginx
|
||||
service: name=nginx state=restarted
|
||||
|
||||
- name: Reload systemd
|
||||
command: systemctl daemon-reload
|
||||
|
||||
- name: Run acertmgr
|
||||
command: /opt/acertmgr/acertmgr.py
|
||||
@ -1,5 +0,0 @@
|
||||
---
|
||||
|
||||
dependencies:
|
||||
- { role: acertmgr }
|
||||
- { role: nginx, nginx_ssl: True }
|
||||
@ -1,40 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Install packages
|
||||
apt: name={{ item }}
|
||||
with_items:
|
||||
- postgresql
|
||||
- python-psycopg2
|
||||
|
||||
- name: Install systemd unit
|
||||
copy: src=confluence.service dest=/lib/systemd/system/confluence.service
|
||||
notify: Reload systemd
|
||||
|
||||
- name: Configure PostgreSQL database
|
||||
postgresql_db: name={{ confluence_dbname }}
|
||||
become: true
|
||||
become_user: postgres
|
||||
|
||||
- name: Configure PostgreSQL user
|
||||
postgresql_user: db={{ confluence_dbname }} name={{ confluence_dbuser }} password={{ confluence_dbpass }} priv=ALL state=present
|
||||
become: true
|
||||
become_user: postgres
|
||||
|
||||
- name: Ensure certificates are available
|
||||
command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ confluence_domain }}.key -out /etc/nginx/ssl/{{ confluence_domain }}.crt -days 730 -subj "/CN={{ confluence_domain }}" creates=/etc/nginx/ssl/{{ confluence_domain }}.crt
|
||||
notify: Restart nginx
|
||||
|
||||
- name: Configure certificate manager for confluence
|
||||
template: src=certs.j2 dest=/etc/acme/domains.d/{{ confluence_domain }}.conf
|
||||
notify: Run acertmgr
|
||||
|
||||
- name: Configure vhost
|
||||
template: src=vhost.j2 dest=/etc/nginx/sites-available/confluence
|
||||
notify: Restart nginx
|
||||
|
||||
- name: Enable vhost
|
||||
file: src=/etc/nginx/sites-available/confluence dest=/etc/nginx/sites-enabled/confluence state=link
|
||||
notify: Restart nginx
|
||||
|
||||
- name: Start PostgreSQL
|
||||
service: name=postgresql state=started enabled=yes
|
||||
@ -1,15 +0,0 @@
|
||||
---
|
||||
|
||||
{{ confluence_domain }}:
|
||||
- path: /etc/nginx/ssl/{{ confluence_domain }}.key
|
||||
user: root
|
||||
group: root
|
||||
perm: '400'
|
||||
format: key
|
||||
action: '/usr/sbin/service nginx restart'
|
||||
- path: /etc/nginx/ssl/{{ confluence_domain }}.crt
|
||||
user: root
|
||||
group: root
|
||||
perm: '400'
|
||||
format: crt,ca
|
||||
action: '/usr/sbin/service nginx restart'
|
||||
@ -1,43 +0,0 @@
|
||||
# {{ ansible_managed }}
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
|
||||
server_name {{ confluence_domain }};
|
||||
|
||||
location /.well-known/acme-challenge {
|
||||
default_type "text/plain";
|
||||
alias /var/www/acme-challenge;
|
||||
}
|
||||
|
||||
location / {
|
||||
return 301 https://{{ confluence_domain }}$request_uri;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
|
||||
server_name {{ confluence_domain }};
|
||||
|
||||
ssl_certificate_key /etc/nginx/ssl/{{ confluence_domain }}.key;
|
||||
ssl_certificate /etc/nginx/ssl/{{ confluence_domain }}.crt;
|
||||
|
||||
location / {
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
proxy_set_header X-Forwarded-Server $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_pass http://localhost:8090/;
|
||||
}
|
||||
location /synchrony {
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
proxy_set_header X-Forwarded-Server $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_pass http://localhost:8091/synchrony;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "Upgrade";
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user