aboutsummaryrefslogtreecommitdiff
path: root/gerboweb/deploy/setup_webserver.yml
diff options
context:
space:
mode:
Diffstat (limited to 'gerboweb/deploy/setup_webserver.yml')
-rw-r--r--gerboweb/deploy/setup_webserver.yml79
1 files changed, 0 insertions, 79 deletions
diff --git a/gerboweb/deploy/setup_webserver.yml b/gerboweb/deploy/setup_webserver.yml
deleted file mode 100644
index 4711ad0..0000000
--- a/gerboweb/deploy/setup_webserver.yml
+++ /dev/null
@@ -1,79 +0,0 @@
-- name: Copy first stage nginx config
- copy:
- src: nginx_nossl.conf
- dest: /etc/nginx/nginx.conf
-
-- name: Add nginx user to uwsgi group for access to uwsgi socket
- user:
- name: nginx
- groups: uwsgi
- append: yes
-
-- name: Create subdomain content dirs
- file:
- path: /var/www/{{item}}
- state: directory
- owner: nginx
- group: nginx
- mode: 0550
- loop:
- - git.jaseg.de
- - blog.jaseg.de
- - kochbuch.jaseg.net
- - tracespace.jaseg.net
- - openjscad.jaseg.net
- - automation.jaseg.de
-
-- name: Copy uwsgi systemd socket config
- copy:
- src: uwsgi-app@.socket
- dest: /etc/systemd/system/
-
-- name: Copy uwsgi systemd service config
- copy:
- src: uwsgi-app@.service
- dest: /etc/systemd/system/
-
-- name: Set SELinux to permissive mode # FIXME this is to let nginx talk to uwsgi
- selinux:
- state: permissive
- policy: targeted
-
-- name: Enable and launch nginx systemd service
- systemd:
- name: nginx.service
- enabled: yes
- state: restarted
-
-- name: Create subdomain letsencrypt certificates
- command: certbot --nginx certonly -d {{item}} -n --agree-tos --email {{item}}-letsencrypt@jaseg.de
- args:
- creates: /etc/letsencrypt/live/{{item}}/fullchain.pem
- loop:
- - git.jaseg.net
- - git.jaseg.de
- - blog.jaseg.net
- - blog.jaseg.de
- - kochbuch.jaseg.net
- - gerbolyze.jaseg.net
- - tracespace.jaseg.net
- - openjscad.jaseg.net
- - pogojig.jaseg.net
- - automation.jaseg.de
- - dyndns.jaseg.de
-
-- name: Copy final nginx config
- copy:
- src: nginx.conf
- dest: /etc/nginx/nginx.conf
-
-- name: Restart nginx to load new cert
- systemd:
- name: nginx.service
- state: restarted
-
-- name: Enable certbot renewal timer
- systemd:
- name: certbot-renew.timer
- enabled: yes
-
generated by cgit (git 2.34.1) at 2024-05-10 03:37:32 +0000