Add DokuWiki role
It deploys without issue, naisu
This commit is contained in:
parent
b2c402b97e
commit
9ad7a4b5ec
5
ec2.yml
5
ec2.yml
@ -31,6 +31,11 @@
|
||||
redirect_from: "assburgers.club"
|
||||
redirect_to: "www.assburgers.club"
|
||||
redirect_webroot: "/var/www/redirect"
|
||||
- role: dokuwiki
|
||||
vars:
|
||||
dokuwiki_tgz: "https://download.dokuwiki.org/src/dokuwiki/dokuwiki-stable.tgz"
|
||||
dokuwiki_url: "wiki.assburgers.club"
|
||||
dokuwiki_webroot: "/var/www/dokuwiki"
|
||||
- role: nextcloud
|
||||
vars:
|
||||
nextcloud_mysql_password: !vault |
|
||||
|
4
roles/dokuwiki/meta/main.yml
Normal file
4
roles/dokuwiki/meta/main.yml
Normal file
@ -0,0 +1,4 @@
|
||||
---
|
||||
allow_duplicates: no
|
||||
dependencies:
|
||||
- role: apache-php
|
77
roles/dokuwiki/tasks/main.yml
Normal file
77
roles/dokuwiki/tasks/main.yml
Normal file
@ -0,0 +1,77 @@
|
||||
#!/usr/bin/ansible-playbook
|
||||
# vim:ft=ansible:
|
||||
---
|
||||
- name: Install, configure, and start Dokuwiki
|
||||
block:
|
||||
- name: Set up Apache
|
||||
block:
|
||||
- name: Create webroot
|
||||
file:
|
||||
path: "{{ dokuwiki_webroot }}"
|
||||
mode: "0755"
|
||||
recurse: yes
|
||||
state: directory
|
||||
- name: Check for existing installation
|
||||
stat:
|
||||
path: "{{ dokuwiki_webroot }}/index.html"
|
||||
register: stat_webroot_index
|
||||
- name: Install Dokuwiki
|
||||
block:
|
||||
- name: Download Dokuwiki
|
||||
get_url:
|
||||
dest: /var/www/dokuwiki.tgz
|
||||
url: "{{ dokuwiki_tgz }}"
|
||||
- name: Extract Dokuwiki
|
||||
unarchive:
|
||||
src: /var/www/dokuwiki.tgz
|
||||
remote_src: yes
|
||||
dest: "{{ dokuwiki_webroot }}"
|
||||
extra_opts: [--strip-components=1]
|
||||
- name: Create data directory
|
||||
file:
|
||||
path: "/var/dokuwiki"
|
||||
state: directory
|
||||
mode: 0700
|
||||
owner: www-data
|
||||
group: www-data
|
||||
- name: Chown webroot
|
||||
file:
|
||||
path: "{{ dokuwiki_webroot }}"
|
||||
state: directory
|
||||
recurse: yes
|
||||
owner: www-data
|
||||
group: www-data
|
||||
- name: Cleanup
|
||||
file:
|
||||
path: /var/www/dokuwiki.tgz
|
||||
state: absent
|
||||
when: not stat_webroot_index.stat.exists
|
||||
- name: Register certificates
|
||||
block:
|
||||
# Note: We copy over some insecure configs now
|
||||
# Reason being there's no way for the https role to handle every site's
|
||||
# configuration on its own. If it doesn't have to update the key, it
|
||||
# won't reload Apache and our site will never actually see https downtime
|
||||
- name: Configure insecure virtual host configs
|
||||
template:
|
||||
src: apache2-vhost.conf
|
||||
dest: "/etc/apache2/sites-enabled/{{ dokuwiki_url }}.conf"
|
||||
- name: Generate certificate
|
||||
include_role:
|
||||
name: https
|
||||
vars:
|
||||
website_url: "{{ dokuwiki_url }}"
|
||||
website_webroot: "{{ dokuwiki_webroot }}"
|
||||
- name: Secure Apache
|
||||
block:
|
||||
# If we copied over http-only configs before, they get oblooterated now
|
||||
- name: Copy over virtual host configs
|
||||
template:
|
||||
src: apache2-vhost-ssl.conf
|
||||
dest: "/etc/apache2/sites-enabled/{{ dokuwiki_url }}.conf"
|
||||
- name: Reload Apache
|
||||
service:
|
||||
name: apache2
|
||||
state: reloaded
|
||||
enabled: true
|
||||
become: yes
|
33
roles/dokuwiki/templates/apache2-vhost-ssl.conf
Normal file
33
roles/dokuwiki/templates/apache2-vhost-ssl.conf
Normal file
@ -0,0 +1,33 @@
|
||||
# Configuration for {{ dokuwiki_url }}
|
||||
# vim:ft=apache:
|
||||
|
||||
# Accept connections from non-SNI clients
|
||||
SSLStrictSNIVHostCheck off
|
||||
|
||||
# Website configuration
|
||||
<VirtualHost *:80>
|
||||
ServerName {{ dokuwiki_url }}
|
||||
Redirect permanent / https://{{ dokuwiki_url }}
|
||||
</VirtualHost>
|
||||
<VirtualHost *:443>
|
||||
SSLEngine on
|
||||
SSLCertificateFile /etc/pki/cert/crt/{{ dokuwiki_url }}.crt
|
||||
SSLCertificateKeyFile /etc/pki/cert/private/{{ dokuwiki_url }}.key
|
||||
SSLCertificateChainFile /etc/pki/cert/crt/{{ dokuwiki_url}}-fullchain.crt
|
||||
<FilesMatch "\.(cgi|shtml|phtml|php)$">\
|
||||
SSLOptions +StdEnvVars
|
||||
</FilesMatch>
|
||||
<Directory /usr/lib/cgi-bin>
|
||||
SSLOptions +StdEnvVars
|
||||
</Directory>
|
||||
ServerName {{ dokuwiki_url }}
|
||||
DocumentRoot {{ dokuwiki_webroot }}
|
||||
<Directory "{{ dokuwiki_webroot }}">
|
||||
Require all granted
|
||||
AllowOverride All
|
||||
Options MultiViews FollowSymlinks
|
||||
</Directory>
|
||||
<IfModule mod_headers.c>
|
||||
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
|
||||
</IfModule>
|
||||
</VirtualHost>
|
13
roles/dokuwiki/templates/apache2-vhost.conf
Normal file
13
roles/dokuwiki/templates/apache2-vhost.conf
Normal file
@ -0,0 +1,13 @@
|
||||
# Configuration for {{ dokuwiki_url }}
|
||||
# vim:ft=apache:
|
||||
|
||||
# Website configuration
|
||||
<VirtualHost *:80>
|
||||
ServerName {{ dokuwiki_url }}
|
||||
DocumentRoot {{ dokuwiki_webroot }}
|
||||
<Directory "{{ dokuwiki_webroot }}">
|
||||
Require all granted
|
||||
AllowOverride All
|
||||
Options MultiViews FollowSymlinks
|
||||
</Directory>
|
||||
</VirtualHost>
|
Loading…
Reference in New Issue
Block a user