blob: de8e66badb8162e2236031951f5a05289f300f3e (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
---
- name: Basic Setup
hosts: sk-testvm
roles:
- role: apt-repo/base
- role: core/base
- role: core/sshd/base
- role: core/zsh
- role: core/ntp
- name: Payload Setup
hosts: sk-testvm
vars:
# cert_provider: acmetool
# cert_provider: static
cert_provider: selfsigned
roles:
- role: "x509/{{ cert_provider }}/base"
- role: nginx/base
post_tasks:
- name: make sure document root directories exist
loop:
- test
- default
file:
path: "/var/www/{{ item }}"
state: directory
- name: install index.html for default server
copy:
dest: /var/www/default/index.html
content: |
<html>
<head>
<title>No Such Site</title>
</head>
<body style="font-family: Helvetica, Arial, Sans-Serif; color: white; background: black;">
<div style="text-align: center; margin-top: 4em; margin-left:auto; margin-right:auto;">
<h2 style="">You have reached testvm.elev8.at, nothing to see here.</h2>
</div>
</body>
</html>
- name: install default vhost
vars:
nginx_vhost:
default: yes
name: nosuchsite
template: generic
tls:
certificate_provider: "{{ cert_provider }}"
hsts: no
hostnames:
- testvm.elev8.at
locations:
'/':
root: /var/www/default
index: index.html
# static_cert_config: "{{ static_cert_config__default }}"
selfsigned_cert_config:
cert:
organization_name: "elev8"
organizational_unit_name: "ansible"
key_usage:
- digitalSignature
- keyAgreement
key_usage_critical: yes
extended_key_usage:
- serverAuth
extended_key_usage_critical: yes
create_subject_key_identifier: yes
not_after: +1000w
include_role:
name: nginx/vhost
- name: install index.html for test server
copy:
dest: /var/www/test/index.html
content: |
<html>
<head>
<title>This is Test</title>
</head>
<body style="font-family: Helvetica, Arial, Sans-Serif; color: white; background: black;">
<div style="text-align: center; margin-top: 4em; margin-left:auto; margin-right:auto;">
<h2 style="">If you can read this the test was successful.</h2>
</div>
</body>
</html>
- name: install test vhost
vars:
nginx_vhost:
name: test
template: generic
tls:
certificate_provider: "{{ cert_provider }}"
hsts: no
hostnames:
- test.spreadspace.org
- test.spreadspace.com
- test.spreadspace.net
- test.spreadspace.systems
locations:
'/':
root: /var/www/test
index: index.html
# static_cert_config: "{{ static_cert_config__test }}"
selfsigned_cert_config:
cert:
organization_name: "spreadspace"
organizational_unit_name: "ansible"
key_usage:
- digitalSignature
- keyAgreement
key_usage_critical: yes
extended_key_usage:
- serverAuth
extended_key_usage_critical: yes
create_subject_key_identifier: yes
not_after: +100w
include_role:
name: nginx/vhost
|
