Compare commits
2 Commits
1a699726b1
...
be810f09f5
Author | SHA1 | Date | |
---|---|---|---|
be810f09f5 | |||
b1c641c9f7 |
@ -25,9 +25,7 @@ all:
|
|||||||
hosts:
|
hosts:
|
||||||
web1.9iron.club:
|
web1.9iron.club:
|
||||||
web1.desu.ltd:
|
web1.desu.ltd:
|
||||||
app:
|
web2.desu.ltd:
|
||||||
hosts:
|
|
||||||
fedi1.9iron.club:
|
|
||||||
game:
|
game:
|
||||||
hosts:
|
hosts:
|
||||||
game1.thefuck.how:
|
game1.thefuck.how:
|
||||||
|
@ -20,7 +20,7 @@
|
|||||||
value: 192.168.164.156
|
value: 192.168.164.156
|
||||||
postgresql_hba_entries:
|
postgresql_hba_entries:
|
||||||
- { type: local, database: all, user: postgres, auth_method: peer }
|
- { type: local, database: all, user: postgres, auth_method: peer }
|
||||||
- { type: local, database: all, user: all, auth_method: peer }
|
- { type: local, database: all, user: all, auth_method: md5 }
|
||||||
- { type: host, database: all, user: all, address: '127.0.0.1/32', auth_method: md5 }
|
- { type: host, database: all, user: all, address: '127.0.0.1/32', auth_method: md5 }
|
||||||
- { type: host, database: all, user: all, address: '::1/128', auth_method: md5 }
|
- { type: host, database: all, user: all, address: '::1/128', auth_method: md5 }
|
||||||
# Used for internal access from other nodes
|
# Used for internal access from other nodes
|
||||||
@ -30,11 +30,15 @@
|
|||||||
password: "{{ secret_gitea_db_pass }}"
|
password: "{{ secret_gitea_db_pass }}"
|
||||||
- name: nextcloud-desultd
|
- name: nextcloud-desultd
|
||||||
password: "{{ secret_nextcloud_db_pass }}"
|
password: "{{ secret_nextcloud_db_pass }}"
|
||||||
|
- name: pleroma-cowfee
|
||||||
|
password: "{{ secret_pleroma_9iron_db_pass }}"
|
||||||
postgresql_databases:
|
postgresql_databases:
|
||||||
- name: gitea-desultd
|
- name: gitea-desultd
|
||||||
owner: gitea-desultd
|
owner: gitea-desultd
|
||||||
- name: nextcloud-desultd
|
- name: nextcloud-desultd
|
||||||
owner: nextcloud-desultd
|
owner: nextcloud-desultd
|
||||||
|
- name: pleroma-cowfee
|
||||||
|
owner: pleroma-cowfee
|
||||||
tags: [ db, psql ]
|
tags: [ db, psql ]
|
||||||
- hosts: psql1.9iron.club
|
- hosts: psql1.9iron.club
|
||||||
roles:
|
roles:
|
||||||
@ -51,7 +55,7 @@
|
|||||||
vars:
|
vars:
|
||||||
postgresql_hba_entries:
|
postgresql_hba_entries:
|
||||||
- { type: local, database: all, user: postgres, auth_method: peer }
|
- { type: local, database: all, user: postgres, auth_method: peer }
|
||||||
- { type: local, database: all, user: all, auth_method: peer }
|
- { type: local, database: all, user: all, auth_method: md5 }
|
||||||
- { type: host, database: all, user: all, address: '127.0.0.1/32', auth_method: md5 }
|
- { type: host, database: all, user: all, address: '127.0.0.1/32', auth_method: md5 }
|
||||||
- { type: host, database: all, user: all, address: '::1/128', auth_method: md5 }
|
- { type: host, database: all, user: all, address: '::1/128', auth_method: md5 }
|
||||||
- { type: host, database: all, user: all, address: '172.31.0.0/16', auth_method: md5 }
|
- { type: host, database: all, user: all, address: '172.31.0.0/16', auth_method: md5 }
|
||||||
|
@ -6,5 +6,4 @@ certbot_create_standalone_stop_services:
|
|||||||
- apache2
|
- apache2
|
||||||
certbot_certs:
|
certbot_certs:
|
||||||
- domains:
|
- domains:
|
||||||
- cowfee.moe
|
|
||||||
- matrix.9iron.club
|
- matrix.9iron.club
|
||||||
|
20
playbooks/vars/desultd-pleroma-apache.yml
Normal file
20
playbooks/vars/desultd-pleroma-apache.yml
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
# vim:ft=ansible:
|
||||||
|
apache_global_vhost_settings: |
|
||||||
|
DirectoryIndex index.php index.html
|
||||||
|
Protocols h2 http/1.1
|
||||||
|
apache_vhosts:
|
||||||
|
- servername: cowfee.moe
|
||||||
|
extra_parameters: |
|
||||||
|
Redirect permanent / https://cowfee.moe/
|
||||||
|
apache_vhosts_ssl:
|
||||||
|
- servername: cowfee.moe
|
||||||
|
extra_parameters: |
|
||||||
|
ProxyPreserveHost On
|
||||||
|
ProxyRequests Off
|
||||||
|
ProxyPass / http://127.0.0.1:4000/ nocanon retry=1
|
||||||
|
ProxyPassReverse / https://127.0.0.1:4000/
|
||||||
|
RequestHeader set X_FORWARDED_PROTO 'https'
|
||||||
|
RequestHeader set X-Forwarded-Ssl on
|
||||||
|
certificate_file: /etc/letsencrypt/live/cowfee.moe/fullchain.pem
|
||||||
|
certificate_key_file: /etc/letsencrypt/live/cowfee.moe/privkey.pem
|
||||||
|
certificate_chain_file: /etc/letsencrypt/live/cowfee.moe/chain.pem
|
10
playbooks/vars/desultd-pleroma-certbot.yml
Normal file
10
playbooks/vars/desultd-pleroma-certbot.yml
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
# vim:ft=ansible:
|
||||||
|
certbot_admin_email: rehashedsalt@cock.li
|
||||||
|
certbot_create_if_missing: yes
|
||||||
|
certbot_create_method: standalone
|
||||||
|
certbot_create_standalone_stop_services:
|
||||||
|
- apache2
|
||||||
|
certbot_certs:
|
||||||
|
- domains:
|
||||||
|
- cowfee.moe
|
||||||
|
- web2.desu.ltd
|
@ -10,7 +10,7 @@ pleroma_secret_key_base: "{{ secret_pleroma_key_base }}"
|
|||||||
pleroma_secret_signing_salt: "{{ secret_pleroma_signing_salt }}"
|
pleroma_secret_signing_salt: "{{ secret_pleroma_signing_salt }}"
|
||||||
|
|
||||||
# DB config
|
# DB config
|
||||||
pleroma_db_host: 172.31.47.215
|
pleroma_db_host: 192.168.164.156
|
||||||
pleroma_db_name: pleroma
|
pleroma_db_name: pleroma-cowfee
|
||||||
pleroma_db_user: pleroma
|
pleroma_db_user: pleroma-cowfee
|
||||||
pleroma_db_pass: "{{ secret_pleroma_9iron_db_pass }}"
|
pleroma_db_pass: "{{ secret_pleroma_9iron_db_pass }}"
|
@ -105,20 +105,20 @@
|
|||||||
- gitea
|
- gitea
|
||||||
- php7.4-fpm
|
- php7.4-fpm
|
||||||
tags: [ motd ]
|
tags: [ motd ]
|
||||||
- role: certbot
|
- role: gitea
|
||||||
tags: [ web, certbot ]
|
tags: [ web, gitea ]
|
||||||
- role: php
|
- role: php
|
||||||
tags: [ web, php ]
|
tags: [ web, php ]
|
||||||
- role: apache
|
- role: apache
|
||||||
tags: [ web, apache ]
|
tags: [ web, apache ]
|
||||||
- role: gitea
|
- role: certbot
|
||||||
tags: [ web, gitea ]
|
tags: [ web, certbot ]
|
||||||
- hosts: fedi1.9iron.club
|
- hosts: web2.desu.ltd
|
||||||
vars_files:
|
vars_files:
|
||||||
- vars/apache.yml
|
- vars/apache.yml
|
||||||
- vars/9iron-pleroma.yml
|
- vars/desultd-pleroma.yml
|
||||||
- vars/9iron-pleroma-apache.yml
|
- vars/desultd-pleroma-apache.yml
|
||||||
- vars/9iron-pleroma-certbot.yml
|
- vars/desultd-pleroma-certbot.yml
|
||||||
roles:
|
roles:
|
||||||
- role: backup
|
- role: backup
|
||||||
vars:
|
vars:
|
||||||
@ -133,10 +133,12 @@
|
|||||||
- apache2
|
- apache2
|
||||||
- pleroma
|
- pleroma
|
||||||
tags: [ motd ]
|
tags: [ motd ]
|
||||||
- role: certbot
|
- role: pleroma
|
||||||
tags: [ web, certbot ]
|
tags: [ web, pleroma ]
|
||||||
- role: apache
|
- role: apache
|
||||||
tags: [ web, apache ]
|
tags: [ web, apache ]
|
||||||
|
- role: certbot
|
||||||
|
tags: [ web, certbot ]
|
||||||
- hosts: game1.thefuck.how
|
- hosts: game1.thefuck.how
|
||||||
vars_files:
|
vars_files:
|
||||||
- vars/apache.yml
|
- vars/apache.yml
|
||||||
|
@ -1 +1 @@
|
|||||||
Subproject commit 628f5611e47befa5903c37331beb06089253014a
|
Subproject commit 0ecda314bf1fdad22fbdd5cdc2e13f6bd76e36a1
|
Loading…
Reference in New Issue
Block a user