stargate-cluster/vm-ansible
stargate-cluster/vm-ansible
1
0
Fork 0
Code Pull Requests Releases Activity

prepare for mastodon
Some checks reported errors
continuous-integration/drone/push Build was killed
Details

Browse Source
This commit is contained in:
Torma Kristóf 2022-11-23 15:17:59 +01:00
parent 21f0843995
commit 85e0b9f978
8 changed files with 55 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.drone.yml
View File

@ -26,6 +26,8 @@ steps:
environment: environment:
ANSIBLE_HOST_KEY_CHECKING: "False" ANSIBLE_HOST_KEY_CHECKING: "False"
ANSIBLE_PRIVATE_KEY_FILE: "/drone/src/id_rsa" ANSIBLE_PRIVATE_KEY_FILE: "/drone/src/id_rsa"
ARTIFACTORY_APT_PASSWORD:
from_secret: ARTIFACTORY_APT_PASSWORD
settings: settings:
playbook: nightly.yaml playbook: nightly.yaml
galaxy: requirements.yaml galaxy: requirements.yaml
@ -37,6 +39,8 @@ steps:
environment: environment:
ANSIBLE_HOST_KEY_CHECKING: "False" ANSIBLE_HOST_KEY_CHECKING: "False"
ANSIBLE_PRIVATE_KEY_FILE: "/drone/src/id_rsa" ANSIBLE_PRIVATE_KEY_FILE: "/drone/src/id_rsa"
ARTIFACTORY_APT_PASSWORD:
from_secret: ARTIFACTORY_APT_PASSWORD
settings: settings:
playbook: nightly.yaml playbook: nightly.yaml
galaxy: requirements.yaml galaxy: requirements.yaml

8
host_vars/mastodon.yaml
View File

@ -2,7 +2,11 @@
ansible_host: mastodon.intra.tormakris.dev ansible_host: mastodon.intra.tormakris.dev
webserver: webserver:
- domain: "mastodon.tormakristof.eu" - domain: "mastodon.tormakristof.eu"
port: 8080 port: 3000
bigrequests: false bigrequests: true
https: false https: false
additionallocations:
- location: "/api/v1/streaming"
https: false
port: 4000
... ...

8
host_vars/matrix.yaml
View File

@ -3,10 +3,14 @@ ansible_host: matrix.intra.tormakris.dev
webserver: webserver:
- domain: "matrix.tormakristof.eu" - domain: "matrix.tormakristof.eu"
port: 8080 port: 8080
bigrequests: false bigrequests: true
https: false https: false
- domain: "chat.tormakristof.eu" - domain: "chat.tormakristof.eu"
port: 8181 port: 8181
bigrequests: false bigrequests: true
https: false https: false
firewall:
- port: "9000"
proto: tcp
interface: "eth0"
... ...

18
roles/common/tasks/apt.yaml
View File

@ -1,4 +1,21 @@
--- ---
- name: "Use custom Ubuntu mirror"
replace:
path: /etc/apt/sources.list
regexp: 'http://hu.archive.ubuntu.com'
replace: 'https://tormakris.jfrog.io/artifactory/ubuntu-mirror'
backup: yes
- name: "Get JFrog password from local environment variable"
ansible.builtin.set_fact:
artifactory_password: "{{ lookup('env', 'ARTIFACTORY_APT_PASSWORD') }}"
delegate_to: localhost
- name: "Render JFrog credentials configuration"
template:
src: jrog.conf.template
dest: /etc/apt/auth.conf.d/jfrog.conf
- name: "Remove Ubuntu bloatware" - name: "Remove Ubuntu bloatware"
apt: apt:
state: absent state: absent
@ -35,4 +52,5 @@
- tcpdump - tcpdump
- xxd - xxd
- git - git
- ncdu
... ...

3
roles/common/templates/jfrog.conf.template Normal file
View File

@ -0,0 +1,3 @@
machine tormakris.jfrog.io
login apt
password {{ artifactory_password }}

4
roles/webgateway/templates/nginx.conf
View File

@ -132,6 +132,10 @@ http {
location /.well-known{ location /.well-known{
try_files $uri $uri/ =404; try_files $uri $uri/ =404;
} }
location /.well-known/webfinger {
return 301 https://mastodon.tormakristof.eu$request_uri;
}
} }
server { server {

5
roles/webgateway/vars/main.yaml
View File

@ -4,8 +4,8 @@ proxy:
- {domain: drone.kmlabz.com, ip: drone.intra.tormakris.dev, bigrequests: false} - {domain: drone.kmlabz.com, ip: drone.intra.tormakris.dev, bigrequests: false}
- {domain: git.kmlabz.com, ip: git.intra.tormakris.dev, bigrequests: false} - {domain: git.kmlabz.com, ip: git.intra.tormakris.dev, bigrequests: false}
- {domain: guacamole.tormakristof.eu, ip: guacamole.intra.tormakris.dev, bigrequests: false} - {domain: guacamole.tormakristof.eu, ip: guacamole.intra.tormakris.dev, bigrequests: false}
- {domain: matrix.tormakristof.eu, ip: matrix.intra.tormakris.dev, bigrequests: false} - {domain: matrix.tormakristof.eu, ip: matrix.intra.tormakris.dev, bigrequests: true}
- {domain: chat.tormakristof.eu, ip: matrix.intra.tormakris.dev, bigrequests: false} - {domain: chat.tormakristof.eu, ip: matrix.intra.tormakris.dev, bigrequests: true}
- {domain: nexus.kmlabz.com, ip: nexus.intra.tormakris.dev, bigrequests: true} - {domain: nexus.kmlabz.com, ip: nexus.intra.tormakris.dev, bigrequests: true}
- {domain: registry.kmlabz.com, ip: nexus.intra.tormakris.dev, bigrequests: true} - {domain: registry.kmlabz.com, ip: nexus.intra.tormakris.dev, bigrequests: true}
- {domain: swagger.kmlabz.com, ip: swagger.intra.tormakris.dev, bigrequests: false} - {domain: swagger.kmlabz.com, ip: swagger.intra.tormakris.dev, bigrequests: false}
@ -15,6 +15,7 @@ proxy:
- {domain: sharepoint.tormakristof.eu, ip: sharepoint.intra.tormakris.dev, bigrequests: true} - {domain: sharepoint.tormakristof.eu, ip: sharepoint.intra.tormakris.dev, bigrequests: true}
- {domain: onedrive.tormakristof.eu, ip: sharepoint.intra.tormakris.dev, bigrequests: true} - {domain: onedrive.tormakristof.eu, ip: sharepoint.intra.tormakris.dev, bigrequests: true}
- {domain: yt.tormakristof.eu, ip: ytmirror.intra.tormakris.dev, bigrequests: true} - {domain: yt.tormakristof.eu, ip: ytmirror.intra.tormakris.dev, bigrequests: true}
- {domain: mastodon.tormakristof.eu, ip: mastodon.intra.tormakris.dev, bigrequests: true}
static: static:
[] []

11
roles/webserver/templates/nginx.conf
View File

@ -88,6 +88,17 @@ http {
allow 192.168.69.0/24; allow 192.168.69.0/24;
deny all; deny all;
} }
{%- if server.additionallocations is defined %}
{%- for location in server.additionallocations %}
location {{location.location}}{
{% if location.https %}
proxy_pass https://127.0.0.1:{{ location.port }};
{% else %}
proxy_pass http://127.0.0.1:{{ location.port }};
{% endif %}
}
{%- endfor %}
{%- endif %}
} }
{% endfor %} {% endfor %}