Configure our new roles
This commit is contained in:
parent
538164a83d
commit
e169fb873b
@ -1,4 +1,15 @@
|
||||
# vim:ft=ansible:
|
||||
|
||||
# For homebrew roles and such, mostly Ansible-related setup
|
||||
ansible_pull_repo: "https://git.9iron.club/salt/ansible"
|
||||
ansible_pull_commit: rewrite
|
||||
common_ansible_pubkey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDfXVgMHeD2wtCAIVoDYQ+R19vKfhmR2FgUTkHhAzE2156fB/+IMB+6Qc4X3aFRIcUp+Ls8Vm8JQ3d0jvbcGQkgbAjRExQa71XGBmhxJCxzlCLBoQzBmTSnryL09LExoMynzVgrso8TQP92vZBGJFI/lLGAaop2l9pu+3cgM3sRaK+A11lcRCrS25C3hqPQhKC44zjzOt7sIoaG6RqG3CQ8jhE35bthQdBySOZVDgDKfjDyPuDzVxiKjsuNm4Ojzm0QW5gq6GkLOg2B8OSQ1TGQgBHQu4b8zsKBOUOdbZb0JLM8NdpH1cMntC0QBofy3DzqR/CFaSaBzUx+dnkBH0/pjBOrhHzzqZGOJayfC1igYki67HqzFV5IjhAVa+c4S9L/zbFk0+YZYdgMoKNlMU2LgzrSEastuXHD7NUy3fMP4BZbqg37SjQzFRXoUp5+ctVs9tCoy/qvvjT3UVGcn312eJrRRfWrYagU2nWKGyqbTOpsuOJ5OLlhopy6eP9+yRM= ansible"
|
||||
|
||||
# For geerlingguy.apache
|
||||
apache_remove_default_vhost: yes
|
||||
apache_ssl_cipher_suite: AES256+EECDH:AES256+EDH
|
||||
apache_ssl_protocol: all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
|
||||
|
||||
# For geerlingguy.php
|
||||
## There is no circumstance in which I need PHP but DON'T need mod_php
|
||||
php_packages_extra: [ libapache2-mod-php ]
|
||||
|
14
site.yml
14
site.yml
@ -11,12 +11,20 @@
|
||||
# Database servers
|
||||
- hosts: db1.test.desu.ltd
|
||||
roles:
|
||||
- role: postgresql
|
||||
- role: geerlingguy.postgresql
|
||||
vars:
|
||||
postgresql_hba_entries:
|
||||
# Just allow all access on this block.
|
||||
# When rolling out to our new env, I'll allow by particular IP alone
|
||||
- { type: host, database: all, user: all, address: '192.168.0.0/16', auth_method: md5 }
|
||||
become: yes
|
||||
tags: [ db, psql ]
|
||||
# Webservers
|
||||
- hosts: web1.test.desu.ltd
|
||||
roles:
|
||||
- role: apache
|
||||
- role: geerlingguy.apache
|
||||
become: yes
|
||||
tags: [ web, apache ]
|
||||
- role: php
|
||||
- role: geerlingguy.php
|
||||
become: yes
|
||||
tags: [ web, php ]
|
||||
|
Loading…
Reference in New Issue
Block a user