blob: 48541d8592f14b2080d90ccad70b4582427ea54c (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
|
---
- name: Basic Setup
hosts: glt-stream
roles:
- role: apt-repo/base
- role: core/base
- role: core/sshd
- role: core/zsh
- role: core/ntp
- role: apt-repo/spreadspace
- role: acmetool/base
- role: nginx/base
- name: storage/lvm/volume
lvm_volume:
vg: "{{ host_name }}"
lv: www
size: 10G
fs: ext4
dest: /srv/www
post_tasks:
- name: create base directory for static www content
file:
path: /srv/www/stream
state: directory
- name: configure default vhost stream.linuxtage.at
vars:
nginx_vhost:
default: yes
name: stream
template: static-files-with-acme
acme: yes
hostnames:
- stream.linuxtage.at
extra_directives: |-
add_header Access-Control-Allow-Headers "origin,range,accept-encoding,referer";
add_header Access-Control-Allow-Methods "GET,HEAD,OPTIONS";
add_header Access-Control-Allow-Origin "*";
add_header Access-Control-Expose-Headers "Server,range,Content-Length,Content-Range,Date";
locations:
'/':
root: /srv/www/stream
index: index.html
'/preped':
root: /srv/www/stream
autoindex: {}
include_role:
name: nginx/vhost
- name: install golang
apt:
name: go
state: present
- name: create base directory for stats
file:
path: /srv/www/stats
state: directory
- name: add user for stats
user:
name: stats
system: yes
home: /srv/www/stats
- name: create data and gocache directories for stats
loop:
- data
- .gocache
file:
path: "/srv/www/stats/{{ item }}"
state: directory
group: stats
mode: 0775
- name: install stats collector script
copy:
src: "{{ global_files_dir }}/glt/stream-stats.go"
dest: /srv/www/stats/stream-stats.go
- name: install systemd unit for stats collector
copy:
content: |
[Unit]
Description=GLT21 Stream Stats Collector
[Service]
Type=simple
Environment="GOCACHE=/srv/www/stats/.gocache"
ExecStart=/usr/bin/go run /srv/www/stats/stream-stats.go 127.0.0.1:4200 /srv/www/stats/data/glt21.json
NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
ProtectSystem=strict
ReadWritePaths=/srv/www/stats/data /srv/www/stats/.gocache
ProtectHome=yes
ProtectKernelTunables=yes
ProtectControlGroups=yes
RestrictRealtime=yes
RestrictAddressFamilies=AF_INET
[Install]
WantedBy=multi-user.target
dest: /etc/systemd/system/stream-stats.service
- name: make sure stats collector service unit is enabled and started
systemd:
name: stream-stats.service
daemon_reload: yes
enabled: yes
state: started
|