diff --git a/playbooks/vars/9iron-apache.yml b/playbooks/vars/9iron-apache.yml new file mode 100644 index 0000000..09d12ed --- /dev/null +++ b/playbooks/vars/9iron-apache.yml @@ -0,0 +1,30 @@ +# vim:ft=ansible: +apache_global_vhost_settings: | + DirectoryIndex index.php index.html + Protocols h2 http/1.1 + + SetHandler "proxy:fcgi://127.0.0.1:9000" + +apache_vhosts: + - servername: nc.9iron.club + extra_parameters: | + Redirect permanent / https://nc.9iron.club/ + - servername: git.9iron.club + extra_parameters: | + Redirect permanent / https://git.9iron.club/ +apache_vhosts_ssl: + - servername: git.9iron.club + extra_parameters: | + ProxyPreserveHost On + ProxyRequests Off + ProxyPass / http://127.0.0.1:3000/ nocanon retry=1 + certificate_file: /etc/letsencrypt/live/nc.9iron.club/fullchain.pem + certificate_key_file: /etc/letsencrypt/live/nc.9iron.club/privkey.pem + certificate_chain_file: /etc/letsencrypt/live/nc.9iron.club/chain.pem + - servername: nc.9iron.club + extra_parameters: | + Header always set Strict-Transport-Security "max-age=31536000" + documentroot: /var/www/nextcloud + certificate_file: /etc/letsencrypt/live/nc.9iron.club/fullchain.pem + certificate_key_file: /etc/letsencrypt/live/nc.9iron.club/privkey.pem + certificate_chain_file: /etc/letsencrypt/live/nc.9iron.club/chain.pem diff --git a/playbooks/vars/9iron-certbot.yml b/playbooks/vars/9iron-certbot.yml new file mode 100644 index 0000000..7241744 --- /dev/null +++ b/playbooks/vars/9iron-certbot.yml @@ -0,0 +1,10 @@ +# vim:ft=ansible: +certbot_admin_email: rehashedsalt@cock.li +certbot_create_if_missing: yes +certbot_create_method: standalone +certbot_create_standalone_stop_services: + - apache2 +certbot_certs: + - domains: + - nc.9iron.club + - git.9iron.club diff --git a/playbooks/vars/desultd-gitea.yml b/playbooks/vars/desultd-gitea.yml new file mode 100644 index 0000000..0fc170b --- /dev/null +++ b/playbooks/vars/desultd-gitea.yml @@ -0,0 +1,19 @@ +# vim:ft=ansible: +# Look and feel +gitea_app_name: "Git Desu" +# Core config +gitea_db_type: postgres +gitea_db_host: 192.168.164.156:5432 +gitea_db_name: gitea-desultd +gitea_db_user: gitea-desultd +gitea_db_password: "{{ secret_gitea_db_pass }}" +gitea_http_domain: git.desu.ltd +gitea_oauth2_enabled: no +gitea_repository_root: /srv/desu.ltd/git +gitea_require_signin: no +gitea_root_url: https://git.desu.ltd +gitea_shell: "/bin/bash" +gitea_ssh_domain: git.desu.ltd +gitea_ssh_port: 22 +gitea_start_ssh: no +gitea_user: git diff --git a/playbooks/web.yml b/playbooks/web.yml index 5d99367..eebdf46 100755 --- a/playbooks/web.yml +++ b/playbooks/web.yml @@ -12,6 +12,7 @@ - vars/php-fpm.yml - vars/desultd-apache.yml - vars/desultd-certbot.yml + - vars/desultd-gitea.yml - vars/desultd-nextcloud.yml roles: - role: backup