vps test
This commit is contained in:
gwen
parent
38e80f4d0b
commit
a879e225bd
10 changed files with 40 additions and 41 deletions
2
.gitignore
vendored
2
.gitignore
vendored
|
|
@ -1 +1 @@
|
|||
host_vars
|
||||
.venv
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
ansible-playbook -i inventory.yml install.yml
|
||||
ansible-playbook -i $(which rougail) install.yml
|
||||
|
|
|
|||
20
install.yml
20
install.yml
|
|
@ -26,7 +26,7 @@
|
|||
|
||||
- name: Créer le répertoire pour le site web
|
||||
file:
|
||||
path: "/var/www/{{ domain_name }}"
|
||||
path: "/var/www/{{ intranet.nginx.domain_name }}"
|
||||
state: directory
|
||||
owner: www-data
|
||||
group: www-data
|
||||
|
|
@ -52,28 +52,28 @@
|
|||
|
||||
- name: Créer le fichier htpasswd avec le premier utilisateur
|
||||
command: >
|
||||
htpasswd -bc {{ htpasswd_file }} {{ users[0].username }} {{ users[0].password }}
|
||||
htpasswd -bc {{ intranet.nginx.htpasswd_file }} {{ intranet.nginx.users[0].username }} {{ intranet.nginx.users[0].password }}
|
||||
args:
|
||||
creates: "{{ htpasswd_file }}" # Ne recrée pas le fichier s'il existe déjà
|
||||
creates: "{{ intranet.nginx.htpasswd_file }}" # Ne recrée pas le fichier s'il existe déjà
|
||||
|
||||
- name: Ajouter les utilisateurs suivants au fichier htpasswd
|
||||
command: >
|
||||
htpasswd -b {{ htpasswd_file }} {{ item.username }} {{ item.password }}
|
||||
loop: "{{ users[1:] }}" # Ignore le premier utilisateur déjà ajouté
|
||||
when: users | length > 1 # Exécute uniquement s'il y a plus d'un utilisateur
|
||||
htpasswd -b {{ intranet.nginx.htpasswd_file }} {{ item.username }} {{ item.password }}
|
||||
loop: "{{ intranet.nginx.users[1:] }}" # Ignore le premier utilisateur déjà ajouté
|
||||
when: intranet.nginx.users | length > 1 # Exécute uniquement s'il y a plus d'un utilisateur
|
||||
|
||||
- name: Configurer le site Nginx avec authentification (HTTP)
|
||||
template:
|
||||
src: nginx_site_http.conf.j2
|
||||
dest: "/etc/nginx/sites-available/{{ domain_name }}"
|
||||
dest: "/etc/nginx/sites-available/{{ intranet.nginx.domain_name }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
|
||||
- name: Activer le site Nginx
|
||||
file:
|
||||
src: "/etc/nginx/sites-available/{{ domain_name }}"
|
||||
dest: "/etc/nginx/sites-enabled/{{ domain_name }}"
|
||||
src: "/etc/nginx/sites-available/{{ intranet.nginx.domain_name }}"
|
||||
dest: "/etc/nginx/sites-enabled/{{ intranet.nginx.domain_name }}"
|
||||
state: link
|
||||
|
||||
- name: Tester la configuration Nginx
|
||||
|
|
@ -97,7 +97,7 @@
|
|||
|
||||
- name: Obtenir un certificat SSL avec Certbot
|
||||
command: >
|
||||
certbot --nginx -d {{ domain_name }} --non-interactive --agree-tos --email {{ email }} --redirect
|
||||
certbot --nginx -d {{ intranet.nginx.domain_name }} --non-interactive --agree-tos --email {{ intranet.nginx.email }} --redirect
|
||||
notify: Redémarrer Nginx
|
||||
|
||||
handlers:
|
||||
|
|
|
|||
1
install_rougail_lib.sh
Executable file
1
install_rougail_lib.sh
Executable file
|
|
@ -0,0 +1 @@
|
|||
pip install -r requirements.txt --extra-index-url https://test.pypi.org/simple/
|
||||
|
|
@ -1,8 +0,0 @@
|
|||
all:
|
||||
hosts:
|
||||
intranet.whirlingai.fr:
|
||||
ansible_python_interpreter: /usr/bin/python3
|
||||
vars:
|
||||
ansible_user: root
|
||||
ansible_ssh_private_key_file: ./host_vars/forge.gwhirlingai.fr.key
|
||||
|
||||
|
|
@ -1,13 +1,13 @@
|
|||
server {
|
||||
listen 80;
|
||||
server_name {{ domain_name }};
|
||||
server_name {{ intranet.nginx.domain_name }};
|
||||
|
||||
root /var/www/{{ domain_name }};
|
||||
root /var/www/{{ intranet.nginx.domain_name }};
|
||||
index index.html;
|
||||
|
||||
location / {
|
||||
auth_basic "Accès restreint";
|
||||
auth_basic_user_file {{ htpasswd_file }};
|
||||
auth_basic_user_file {{ intranet.nginx.htpasswd_file }};
|
||||
try_files $uri $uri/ =404;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
17
requirements.txt
Normal file
17
requirements.txt
Normal file
|
|
@ -0,0 +1,17 @@
|
|||
rougail==1.2.0a63
|
||||
rougail-cli==0.2.0a42
|
||||
rougail-output-ansible==0.2.0a24
|
||||
rougail-output-display==0.2.0a30
|
||||
rougail-output-doc==0.2.0a46
|
||||
rougail-output-formatter==0.1.0a24
|
||||
rougail-output-json==0.2.0a18
|
||||
rougail-output-table==0.1.0a2
|
||||
rougail-structural-bitwarden==0.1.0a6
|
||||
rougail-user-data-ansible==0.1.0a5
|
||||
rougail-user-data-bitwarden==0.1.0a30
|
||||
rougail-user-data-commandline==0.1.0a5
|
||||
rougail-user-data-environment==0.1.0a18
|
||||
rougail-user-data-questionary==0.1.0a4
|
||||
rougail-user-data-yaml==0.2.0a19
|
||||
tiramisu==5.2.0a26
|
||||
tiramisu-cmdline-parser==0.7.0a5
|
||||
|
|
@ -1,2 +1 @@
|
|||
rougail -m structure.yml -u yaml -yf userdata.yml -s intranet
|
||||
|
||||
rougail -m structure.yml -u yaml -yf userdata.yml -s intranet -xn hosts -xd 0 hosts.yml
|
||||
|
|
|
|||
|
|
@ -1,8 +0,0 @@
|
|||
domain_name: "tototest.fr"
|
||||
htpasswd_file: "/etc/nginx/.htpasswd"
|
||||
email: "gwenael.remond@protonmail.com"
|
||||
users:
|
||||
- username: "gwen"
|
||||
password: "blabla"
|
||||
- username: "student"
|
||||
password: "blibli"
|
||||
14
userdata.yml
14
userdata.yml
|
|
@ -2,15 +2,13 @@
|
|||
|
||||
intranet:
|
||||
vps:
|
||||
domain_name: tutu.fr
|
||||
# ssh_key: ./host_vars/forge.gwhirlingai.fr.key
|
||||
|
||||
domain_name: defder.fr
|
||||
ssh_key: ./multipass-ssh-key
|
||||
|
||||
nginx:
|
||||
|
||||
domain_name: tototiti.fr
|
||||
|
||||
email: gwenael.remond@protonmail.com
|
||||
|
||||
|
||||
email: gwenael.remond@free.fr
|
||||
|
||||
users:
|
||||
- username: foo
|
||||
password: SoSecr31
|
||||
|
|
|
|||
Loading…
Reference in a new issue