Project

General

Profile

Statistics
| Branch: | Revision:

duckcorp-infra / ansible / playbooks / tenants / duckcorp / web / www.duckcorp.org.yml @ 7dcda2d6

History | View | Annotate | Download (2.23 KB)

1
---
2

    
3
- hosts: Toushirou
4
  vars:
5
    website_domain: www.duckcorp.org
6
    document_root: "{{ web.root }}/{{ website_domain }}/website/output"
7
    data_dir: "{{ inventory_dir }}/data/duckcorp/web/{{ website_domain }}"
8
  tasks:
9
    - name: "Install Nanoc and related dependencies"
10
      package:
11
        name:
12
          - nanoc
13
          - ruby-hamster
14
          - ruby-ref
15
          - ruby-rest-client
16
          - ruby-kramdown
17
          - ruby-activesupport
18
        state: present
19

    
20
    - name: "Create web directory"
21
      file:
22
        path: "{{ web.root }}/{{ website_domain }}"
23
        state: directory
24
        owner: root
25
        group: root
26
        mode: 0775
27

    
28
    - name: Install DuckCorp Website sources
29
      git:
30
        repo: https://vcs-git.duckcorp.org/duckcorp/duckcorp-website.git
31
        dest: "{{ web.root }}/{{ website_domain }}/website"
32
        update: "{{ lookup('env','UPGRADE') | bool | ternary('yes', 'no') }}"
33

    
34
    - name: "Create a user to run the update script"
35
      user:
36
        name: dc_website_gen
37
        home: "{{ web.root }}/{{ website_domain }}/website"
38
        create_home: no
39
        comment: DuckCorp Website generator
40

    
41
    # needed for 'crash.log'
42
    - name: "Ensure website generator user can write in its home"
43
      file:
44
        path: "{{ web.root }}/{{ website_domain }}/website"
45
        owner: dc_website_gen
46
        group: root
47
        mode: 0775
48

    
49
    - name: "Create vhost {{ website_domain }}"
50
      import_role:
51
        name: httpd
52
        tasks_from: vhost
53
      vars:
54
        server_aliases:
55
          - duckcorp.org
56
        use_letsencrypt: True
57
        force_tls: True
58
        document_root_group: dc_website_gen
59
        content_security_policy: "default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'"
60

    
61
    - name: "Install vhost specific configuration"
62
      template:
63
        src: "{{ data_dir }}/www.conf"
64
        dest: "{{ _vhost_confdir }}/"
65
        owner: root
66
        group: root
67
        mode: 0640
68
      notify: reload httpd
69

    
70
    - name: "Install DuckCorp Website crontab update job"
71
      cron:
72
        cron_file: dc_website
73
        user: dc_website_gen
74
        minute: 33
75
        name: "DuckCorp Website update"
76
        job: "cd {{ web.root }}/{{ website_domain }}/website && nanoc && nanoc prune --yes"
77