forked from FF-RGB/ansible
remove confluence
This commit is contained in:
parent
1af46b5e28
commit
cd6386d58b
1
hosts
1
hosts
@ -2,6 +2,5 @@
|
|||||||
gw11.regensburg.freifunk.net
|
gw11.regensburg.freifunk.net
|
||||||
gw21.regensburg.freifunk.net
|
gw21.regensburg.freifunk.net
|
||||||
gw31.regensburg.freifunk.net
|
gw31.regensburg.freifunk.net
|
||||||
confluence.regensburg.freifunk.net
|
|
||||||
stats.ffrgb ansible_host=10.90.224.100
|
stats.ffrgb ansible_host=10.90.224.100
|
||||||
unms.ffrgb ansible_host=10.90.224.101
|
unms.ffrgb ansible_host=10.90.224.101
|
||||||
|
|||||||
@ -1,13 +0,0 @@
|
|||||||
[Unit]
|
|
||||||
Description=Confluence Team Collaboration Software
|
|
||||||
After=network.target postgresql.service
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=forking
|
|
||||||
User=confluence
|
|
||||||
PIDFile=/opt/atlassian/confluence/work/catalina.pid
|
|
||||||
ExecStart=/opt/atlassian/confluence/bin/start-confluence.sh
|
|
||||||
ExecStop=/opt/atlassian/confluence/bin/stop-confluence.sh
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
||||||
@ -1,10 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- name: Restart nginx
|
|
||||||
service: name=nginx state=restarted
|
|
||||||
|
|
||||||
- name: Reload systemd
|
|
||||||
command: systemctl daemon-reload
|
|
||||||
|
|
||||||
- name: Run acertmgr
|
|
||||||
command: /opt/acertmgr/acertmgr.py
|
|
||||||
@ -1,5 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
dependencies:
|
|
||||||
- { role: acertmgr }
|
|
||||||
- { role: nginx, nginx_ssl: True }
|
|
||||||
@ -1,40 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- name: Install packages
|
|
||||||
apt: name={{ item }}
|
|
||||||
with_items:
|
|
||||||
- postgresql
|
|
||||||
- python-psycopg2
|
|
||||||
|
|
||||||
- name: Install systemd unit
|
|
||||||
copy: src=confluence.service dest=/lib/systemd/system/confluence.service
|
|
||||||
notify: Reload systemd
|
|
||||||
|
|
||||||
- name: Configure PostgreSQL database
|
|
||||||
postgresql_db: name={{ confluence_dbname }}
|
|
||||||
become: true
|
|
||||||
become_user: postgres
|
|
||||||
|
|
||||||
- name: Configure PostgreSQL user
|
|
||||||
postgresql_user: db={{ confluence_dbname }} name={{ confluence_dbuser }} password={{ confluence_dbpass }} priv=ALL state=present
|
|
||||||
become: true
|
|
||||||
become_user: postgres
|
|
||||||
|
|
||||||
- name: Ensure certificates are available
|
|
||||||
command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ confluence_domain }}.key -out /etc/nginx/ssl/{{ confluence_domain }}.crt -days 730 -subj "/CN={{ confluence_domain }}" creates=/etc/nginx/ssl/{{ confluence_domain }}.crt
|
|
||||||
notify: Restart nginx
|
|
||||||
|
|
||||||
- name: Configure certificate manager for confluence
|
|
||||||
template: src=certs.j2 dest=/etc/acme/domains.d/{{ confluence_domain }}.conf
|
|
||||||
notify: Run acertmgr
|
|
||||||
|
|
||||||
- name: Configure vhost
|
|
||||||
template: src=vhost.j2 dest=/etc/nginx/sites-available/confluence
|
|
||||||
notify: Restart nginx
|
|
||||||
|
|
||||||
- name: Enable vhost
|
|
||||||
file: src=/etc/nginx/sites-available/confluence dest=/etc/nginx/sites-enabled/confluence state=link
|
|
||||||
notify: Restart nginx
|
|
||||||
|
|
||||||
- name: Start PostgreSQL
|
|
||||||
service: name=postgresql state=started enabled=yes
|
|
||||||
@ -1,15 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
{{ confluence_domain }}:
|
|
||||||
- path: /etc/nginx/ssl/{{ confluence_domain }}.key
|
|
||||||
user: root
|
|
||||||
group: root
|
|
||||||
perm: '400'
|
|
||||||
format: key
|
|
||||||
action: '/usr/sbin/service nginx restart'
|
|
||||||
- path: /etc/nginx/ssl/{{ confluence_domain }}.crt
|
|
||||||
user: root
|
|
||||||
group: root
|
|
||||||
perm: '400'
|
|
||||||
format: crt,ca
|
|
||||||
action: '/usr/sbin/service nginx restart'
|
|
||||||
@ -1,43 +0,0 @@
|
|||||||
# {{ ansible_managed }}
|
|
||||||
|
|
||||||
server {
|
|
||||||
listen 80;
|
|
||||||
listen [::]:80;
|
|
||||||
|
|
||||||
server_name {{ confluence_domain }};
|
|
||||||
|
|
||||||
location /.well-known/acme-challenge {
|
|
||||||
default_type "text/plain";
|
|
||||||
alias /var/www/acme-challenge;
|
|
||||||
}
|
|
||||||
|
|
||||||
location / {
|
|
||||||
return 301 https://{{ confluence_domain }}$request_uri;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
|
||||||
listen 443 ssl http2;
|
|
||||||
listen [::]:443 ssl http2;
|
|
||||||
|
|
||||||
server_name {{ confluence_domain }};
|
|
||||||
|
|
||||||
ssl_certificate_key /etc/nginx/ssl/{{ confluence_domain }}.key;
|
|
||||||
ssl_certificate /etc/nginx/ssl/{{ confluence_domain }}.crt;
|
|
||||||
|
|
||||||
location / {
|
|
||||||
proxy_set_header X-Forwarded-Host $host;
|
|
||||||
proxy_set_header X-Forwarded-Server $host;
|
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
||||||
proxy_pass http://localhost:8090/;
|
|
||||||
}
|
|
||||||
location /synchrony {
|
|
||||||
proxy_set_header X-Forwarded-Host $host;
|
|
||||||
proxy_set_header X-Forwarded-Server $host;
|
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
||||||
proxy_pass http://localhost:8091/synchrony;
|
|
||||||
proxy_http_version 1.1;
|
|
||||||
proxy_set_header Upgrade $http_upgrade;
|
|
||||||
proxy_set_header Connection "Upgrade";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
Loading…
Reference in New Issue
Block a user