aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'clarkzjw.cc/config/bia/ansible')
-rw-r--r--clarkzjw.cc/config/bia/ansible/roles/bsd_init/defaults/main.yaml0
-rw-r--r--clarkzjw.cc/config/bia/ansible/roles/cgit/tasks/main.yaml65
-rw-r--r--clarkzjw.cc/config/bia/ansible/roles/cgit/templates/cgit.conf.j217
3 files changed, 62 insertions, 20 deletions
diff --git a/clarkzjw.cc/config/bia/ansible/roles/bsd_init/defaults/main.yaml b/clarkzjw.cc/config/bia/ansible/roles/bsd_init/defaults/main.yaml
deleted file mode 100644
index e69de29..0000000
--- a/clarkzjw.cc/config/bia/ansible/roles/bsd_init/defaults/main.yaml
+++ /dev/null
diff --git a/clarkzjw.cc/config/bia/ansible/roles/cgit/tasks/main.yaml b/clarkzjw.cc/config/bia/ansible/roles/cgit/tasks/main.yaml
index 375bd8f..51f17eb 100644
--- a/clarkzjw.cc/config/bia/ansible/roles/cgit/tasks/main.yaml
+++ b/clarkzjw.cc/config/bia/ansible/roles/cgit/tasks/main.yaml
@@ -3,10 +3,16 @@
3 state: present 3 state: present
4 name: 4 name:
5 - cgit 5 - cgit
6 - git
6 - nginx 7 - nginx
7 - fcgiwrap 8 - fcgiwrap
8 - security/py-certbot-nginx 9 - security/py-certbot-nginx
9 - py39-virtualenv 10 - py39-virtualenv
11 - py39-docutils
12 - py39-markdown
13 - py39-pygments
14 - python39
15 - gitolite
10 16
11- name: Create git directory 17- name: Create git directory
12 file: 18 file:
@@ -22,23 +28,74 @@
22 state: directory 28 state: directory
23 recurse: yes 29 recurse: yes
24 30
25- name: Render nginx config file 31- name: Render Nginx config files
26 template: 32 template:
27 src: nginx.conf.j2 33 src: nginx.conf.j2
28 dest: "/usr/local/etc/nginx/nginx.conf" 34 dest: "/usr/local/etc/nginx/nginx.conf"
29 mode: 0644 35 mode: 0644
30 36
31- name: Render nginx config file 37- name: Rendier cgit nginx config
32 template: 38 template:
33 src: cgit.conf.j2 39 src: cgit.conf.j2
34 dest: "/usr/local/etc/nginx/conf.d/cgit.conf" 40 dest: "/usr/local/etc/nginx/conf.d/cgit.conf"
35 mode: 0644 41 mode: 0644
36 42
43- name: Enable SysRC values
44 community.general.sysrc:
45 name: sshd_enable
46 state: present
47 value: "YES"
48
49- name: Enable SysRC values
50 community.general.sysrc:
51 name: nginx_enable
52 state: present
53 value: "YES"
54
55- name: Enable SysRC values
56 community.general.sysrc:
57 name: fcgiwrap_enable
58 state: present
59 value: "YES"
60
61- name: Enable SysRC values
62 community.general.sysrc:
63 name: fcgiwrap_user
64 state: present
65 value: "www"
66
67- name: Enable SysRC values
68 community.general.sysrc:
69 name: fcgiwrap_group
70 state: present
71 value: "www"
72
73- name: Enable SysRC values
74 community.general.sysrc:
75 name: fcgiwrap_socket_owner
76 state: present
77 value: "www"
78
79- name: Enable SysRC values
80 community.general.sysrc:
81 name: fcgiwrap_socket_group
82 state: present
83 value: "www"
84
85- name: Create git group
86 group:
87 name: git
88 state: present
89
90- name: Add git user
91 user:
92 name: git
93 group: git
94 home: /opt/git
95
37# TODO 96# TODO
38# create certbot https certificate 97# create certbot https certificate
39# test nginx conf 98# test nginx conf
40# reload nginx conf 99# reload nginx conf
41# create git user
42# gitolite config 100# gitolite config
43# create virtualenv
44# cgit filters 101# cgit filters
diff --git a/clarkzjw.cc/config/bia/ansible/roles/cgit/templates/cgit.conf.j2 b/clarkzjw.cc/config/bia/ansible/roles/cgit/templates/cgit.conf.j2
index 625075d..9504e29 100644
--- a/clarkzjw.cc/config/bia/ansible/roles/cgit/templates/cgit.conf.j2
+++ b/clarkzjw.cc/config/bia/ansible/roles/cgit/templates/cgit.conf.j2
@@ -17,20 +17,5 @@ server {
17 root /usr/local/www/nginx-dist; 17 root /usr/local/www/nginx-dist;
18 } 18 }
19 19
20 listen 443 ssl; # managed by Certbot 20 listen 80;
21 ssl_certificate /usr/local/etc/letsencrypt/live/{{ lookup('env', 'CGIT_DOMAIN') }}/fullchain.pem; # managed by Certbot
22 ssl_certificate_key /usr/local/etc/letsencrypt/live/{{ lookup('env', 'CGIT_DOMAIN') }}/privkey.pem; # managed by Certbot
23 include /usr/local/etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
24 ssl_dhparam /usr/local/etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
25}
26
27
28server {
29 if ($host = {{ lookup('env', 'CGIT_DOMAIN') }}) {
30 return 301 https://$host$request_uri;
31 } # managed by Certbot
32
33 listen 80;
34 server_name {{ lookup('env', 'CGIT_DOMAIN') }};
35 return 404; # managed by Certbot
36} 21}
Powered by cgit v1.2.3 (git 2.41.0)