diff --git a/hosts b/hosts index e4c8504..3578c85 100644 --- a/hosts +++ b/hosts @@ -2,6 +2,5 @@ gw11.regensburg.freifunk.net gw21.regensburg.freifunk.net gw31.regensburg.freifunk.net -confluence.regensburg.freifunk.net stats.ffrgb ansible_host=10.90.224.100 unms.ffrgb ansible_host=10.90.224.101 diff --git a/roles/confluence/files/confluence.service b/roles/confluence/files/confluence.service deleted file mode 100644 index 6e87004..0000000 --- a/roles/confluence/files/confluence.service +++ /dev/null @@ -1,13 +0,0 @@ -[Unit] -Description=Confluence Team Collaboration Software -After=network.target postgresql.service - -[Service] -Type=forking -User=confluence -PIDFile=/opt/atlassian/confluence/work/catalina.pid -ExecStart=/opt/atlassian/confluence/bin/start-confluence.sh -ExecStop=/opt/atlassian/confluence/bin/stop-confluence.sh - -[Install] -WantedBy=multi-user.target diff --git a/roles/confluence/handlers/main.yml b/roles/confluence/handlers/main.yml deleted file mode 100644 index 49dca8c..0000000 --- a/roles/confluence/handlers/main.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- - -- name: Restart nginx - service: name=nginx state=restarted - -- name: Reload systemd - command: systemctl daemon-reload - -- name: Run acertmgr - command: /opt/acertmgr/acertmgr.py diff --git a/roles/confluence/meta/main.yml b/roles/confluence/meta/main.yml deleted file mode 100644 index 8fcf724..0000000 --- a/roles/confluence/meta/main.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- - -dependencies: -- { role: acertmgr } -- { role: nginx, nginx_ssl: True } diff --git a/roles/confluence/tasks/main.yml b/roles/confluence/tasks/main.yml deleted file mode 100644 index 77fd713..0000000 --- a/roles/confluence/tasks/main.yml +++ /dev/null @@ -1,40 +0,0 @@ ---- - -- name: Install packages - apt: name={{ item }} - with_items: - - postgresql - - python-psycopg2 - -- name: Install systemd unit - copy: src=confluence.service dest=/lib/systemd/system/confluence.service - notify: Reload systemd - -- name: Configure PostgreSQL database - postgresql_db: name={{ confluence_dbname }} - become: true - become_user: postgres - -- name: Configure PostgreSQL user - postgresql_user: db={{ confluence_dbname }} name={{ confluence_dbuser }} password={{ confluence_dbpass }} priv=ALL state=present - become: true - become_user: postgres - -- name: Ensure certificates are available - command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ confluence_domain }}.key -out /etc/nginx/ssl/{{ confluence_domain }}.crt -days 730 -subj "/CN={{ confluence_domain }}" creates=/etc/nginx/ssl/{{ confluence_domain }}.crt - notify: Restart nginx - -- name: Configure certificate manager for confluence - template: src=certs.j2 dest=/etc/acme/domains.d/{{ confluence_domain }}.conf - notify: Run acertmgr - -- name: Configure vhost - template: src=vhost.j2 dest=/etc/nginx/sites-available/confluence - notify: Restart nginx - -- name: Enable vhost - file: src=/etc/nginx/sites-available/confluence dest=/etc/nginx/sites-enabled/confluence state=link - notify: Restart nginx - -- name: Start PostgreSQL - service: name=postgresql state=started enabled=yes diff --git a/roles/confluence/templates/certs.j2 b/roles/confluence/templates/certs.j2 deleted file mode 100644 index dd7d596..0000000 --- a/roles/confluence/templates/certs.j2 +++ /dev/null @@ -1,15 +0,0 @@ ---- - -{{ confluence_domain }}: -- path: /etc/nginx/ssl/{{ confluence_domain }}.key - user: root - group: root - perm: '400' - format: key - action: '/usr/sbin/service nginx restart' -- path: /etc/nginx/ssl/{{ confluence_domain }}.crt - user: root - group: root - perm: '400' - format: crt,ca - action: '/usr/sbin/service nginx restart' diff --git a/roles/confluence/templates/vhost.j2 b/roles/confluence/templates/vhost.j2 deleted file mode 100644 index 00243c8..0000000 --- a/roles/confluence/templates/vhost.j2 +++ /dev/null @@ -1,43 +0,0 @@ -# {{ ansible_managed }} - -server { - listen 80; - listen [::]:80; - - server_name {{ confluence_domain }}; - - location /.well-known/acme-challenge { - default_type "text/plain"; - alias /var/www/acme-challenge; - } - - location / { - return 301 https://{{ confluence_domain }}$request_uri; - } -} - -server { - listen 443 ssl http2; - listen [::]:443 ssl http2; - - server_name {{ confluence_domain }}; - - ssl_certificate_key /etc/nginx/ssl/{{ confluence_domain }}.key; - ssl_certificate /etc/nginx/ssl/{{ confluence_domain }}.crt; - - location / { - proxy_set_header X-Forwarded-Host $host; - proxy_set_header X-Forwarded-Server $host; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_pass http://localhost:8090/; - } - location /synchrony { - proxy_set_header X-Forwarded-Host $host; - proxy_set_header X-Forwarded-Server $host; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_pass http://localhost:8091/synchrony; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; - } -} diff --git a/site.yml b/site.yml index 954d5bb..d8056ab 100644 --- a/site.yml +++ b/site.yml @@ -26,11 +26,6 @@ - yanic - web-gw -- name: Setup confluence server - hosts: confluence.regensburg.freifunk.net - roles: - - confluence - - name: Setup stats server hosts: stats.ffrgb roles: