diff --git a/playbooks/prod_web.yml b/playbooks/prod_web.yml
index 62cf41f..f61f88f 100755
--- a/playbooks/prod_web.yml
+++ b/playbooks/prod_web.yml
@@ -3,12 +3,6 @@
# Webservers
---
- hosts: web1.desu.ltd
- vars_files:
- - vars/apache.yml
- - vars/php-fpm.yml
- - vars/desultd-apache.yml
- - vars/desultd-certbot.yml
- - vars/desultd-nextcloud.yml
module_defaults:
docker_container:
state: started
@@ -117,9 +111,6 @@
loop_control:
loop_var: task
tags: [ always ]
- - name: configure nextcloud cronjob
- cron: user=www-data name=nextcloud minute=*/5 job="php -f /var/www/nc.desu.ltd/cron.php"
- tags: [ nextcloud, cron ]
roles:
- role: backup
vars:
diff --git a/playbooks/vars/apache.yml b/playbooks/vars/apache.yml
deleted file mode 100644
index 97a618b..0000000
--- a/playbooks/vars/apache.yml
+++ /dev/null
@@ -1,25 +0,0 @@
-# vim:ft=ansible:
-apache_remove_default_vhost: yes
-apache_packages_state: latest
-apache_mods_enabled:
- - headers.load
- - http2.load
- - mpm_worker.load
- - proxy.load
- - proxy_fcgi.load
- - proxy_http.load
- - rewrite.load
- - socache_shmcb.load
- - ssl.load
-apache_mods_disabled:
- - mpm_event.load
- - mpm_prefork.load
- - php7.4.load
-apache_global_vhost_settings: |
- DirectoryIndex index.php index.html
- Protocols h2 http/1.1
- SSLSessionCache shmcb:/run/apache2/socache
- SSLSessionCacheTimeout 300
-
- SetHandler "proxy:fcgi://127.0.0.1:9000"
-
diff --git a/playbooks/vars/desultd-apache.yml b/playbooks/vars/desultd-apache.yml
deleted file mode 100644
index 5ac9fb7..0000000
--- a/playbooks/vars/desultd-apache.yml
+++ /dev/null
@@ -1,77 +0,0 @@
-# vim:ft=ansible:
-apache_global_vhost_settings: |
- DirectoryIndex index.php index.html
- Protocols h2 http/1.1
-
- SetHandler "proxy:fcgi://127.0.0.1:9000"
-
-apache_vhosts:
- # desu.ltd
- - servername: desu.ltd
- extra_parameters: |
- Redirect permanent / https://desu.ltd/
- - servername: git.desu.ltd
- extra_parameters: |
- Redirect permanent / https://git.desu.ltd/
- - servername: nc.desu.ltd
- extra_parameters: |
- Redirect permanent / https://nc.desu.ltd/
- # 9iron.club
- - servername: 9iron.club
- extra_parameters: |
- Redirect permanent / https://9iron.club/
- - servername: www.9iron.club
- extra_parameters: |
- Redirect permanent / https://9iron.club/
- - servername: srv.9iron.club
- extra_parameters: |
- Redirect permanent / https://srv.9iron.club/
-apache_vhosts_ssl:
- # desu.ltd
- - servername: desu.ltd
- extra_parameters: |
- ProxyPreserveHost On
- ProxyRequests Off
- ProxyPass / http://127.0.0.1:8002/ nocanon retry=1
- certificate_file: /etc/letsencrypt/live/srv.9iron.club/fullchain.pem
- certificate_key_file: /etc/letsencrypt/live/srv.9iron.club/privkey.pem
- certificate_chain_file: /etc/letsencrypt/live/srv.9iron.club/chain.pem
- - servername: git.desu.ltd
- extra_parameters: |
- ProxyPreserveHost On
- ProxyRequests Off
- ProxyPass / http://127.0.0.1:3000/ nocanon retry=1
- certificate_file: /etc/letsencrypt/live/srv.9iron.club/fullchain.pem
- certificate_key_file: /etc/letsencrypt/live/srv.9iron.club/privkey.pem
- certificate_chain_file: /etc/letsencrypt/live/srv.9iron.club/chain.pem
- - servername: nc.desu.ltd
- extra_parameters: |
- Header always set Strict-Transport-Security "max-age=31536000"
- documentroot: /var/www/nc.desu.ltd
- certificate_file: /etc/letsencrypt/live/srv.9iron.club/fullchain.pem
- certificate_key_file: /etc/letsencrypt/live/srv.9iron.club/privkey.pem
- certificate_chain_file: /etc/letsencrypt/live/srv.9iron.club/chain.pem
- # 9iron.club
- - servername: www.9iron.club
- extra_parameters: |
- Redirect permanent / https://9iron.club/
- certificate_file: /etc/letsencrypt/live/srv.9iron.club/fullchain.pem
- certificate_key_file: /etc/letsencrypt/live/srv.9iron.club/privkey.pem
- certificate_chain_file: /etc/letsencrypt/live/srv.9iron.club/chain.pem
- - servername: 9iron.club
- extra_parameters: |
- ProxyPreserveHost On
- ProxyRequests Off
- ProxyPass / http://127.0.0.1:8001/ nocanon retry=1
- certificate_file: /etc/letsencrypt/live/srv.9iron.club/fullchain.pem
- certificate_key_file: /etc/letsencrypt/live/srv.9iron.club/privkey.pem
- certificate_chain_file: /etc/letsencrypt/live/srv.9iron.club/chain.pem
- - servername: srv.9iron.club
- extra_parameters: |
-
- Options +Indexes
-
- documentroot: /var/www/srv.9iron.club
- certificate_file: /etc/letsencrypt/live/srv.9iron.club/fullchain.pem
- certificate_key_file: /etc/letsencrypt/live/srv.9iron.club/privkey.pem
- certificate_chain_file: /etc/letsencrypt/live/srv.9iron.club/chain.pem
diff --git a/playbooks/vars/desultd-certbot.yml b/playbooks/vars/desultd-certbot.yml
deleted file mode 100644
index f7d9d5e..0000000
--- a/playbooks/vars/desultd-certbot.yml
+++ /dev/null
@@ -1,15 +0,0 @@
-# vim:ft=ansible:
-certbot_admin_email: rehashedsalt@cock.li
-certbot_create_if_missing: yes
-certbot_create_method: standalone
-certbot_create_standalone_stop_services:
- - apache2
-certbot_certs:
- - domains:
- - srv.9iron.club
- - www.9iron.club
- - 9iron.club
- - desu.ltd
- - git.desu.ltd
- - nc.desu.ltd
- - web1.desu.ltd
diff --git a/playbooks/vars/desultd-nextcloud.yml b/playbooks/vars/desultd-nextcloud.yml
deleted file mode 100644
index d303324..0000000
--- a/playbooks/vars/desultd-nextcloud.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-# vim:ft=ansible:
-nextcloud_installation_dir: /var/www/nc.desu.ltd
-nextcloud_data_dir: /srv/desu.ltd/nc
-nextcloud_admin_user: admin
-nextcloud_admin_pass: "{{ secret_nextcloud_admin_pass }}"
-nextcloud_version: 19
-nextcloud_urls:
- - http://nc.desu.ltd:80
- - https://nc.desu.ltd:443
-nextcloud_config:
- system:
- trusted_domains:
- "{{ nextcloud_urls | map('urlsplit', 'hostname') | list }}"
-nextcloud_database:
- backend: pgsql
- name: nextcloud-desultd
- user: nextcloud-desultd
- pass: "{{ secret_nextcloud_db_pass }}"
- host: 192.168.164.156
- port: 5432
diff --git a/playbooks/vars/php-fpm.yml b/playbooks/vars/php-fpm.yml
deleted file mode 100644
index 8f6c140..0000000
--- a/playbooks/vars/php-fpm.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/usr/bin/env ansible-playbook
-# vim:ft=ansible:
-# Defaults for a simple php-fpm setup
-php_enable_php_fpm: yes
-php_memory_limit: 512M
-php_packages_extra:
- - libapache2-mod-php
- - php-zip # For Nextcloud
- - php-intl
- - php-imagick
- - php-redis
- - php-bcmath
- - php-gmp
- - php-pgsql # For general DB stuff
-# Nextcloud recommended opcache settings
-php_opcache_max_accelerated_files: 10000
-php_opcache_memory_consumption: 128
-php_opcache_revalidate_freq: 2