From 8c951f6a1975ce93b0f522ede8c575139076f883 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Fri, 21 Feb 2025 09:28:01 +0100 Subject: [PATCH] Implemented role to recieve certs & do modification routines. Also optimized nextcloud --- roles/docker-attendize/tasks/main.yml | 7 ++++--- .../docker-mastodon/tasks/create-domains.yml | 6 +++--- roles/docker-matrix-compose/tasks/main.yml | 6 +++--- roles/docker-mybb/tasks/setup-domain.yml | 4 ++-- roles/docker-nextcloud/tasks/main.yml | 7 ++++--- .../docker-peertube/tasks/create-domains.yml | 6 +++--- roles/nginx-domain-setup/README.md | 2 +- roles/nginx-domain-setup/tasks/main.yml | 20 ++++--------------- .../tasks/main.yml | 7 +++++++ .../README.md | 0 .../meta/main.yml | 0 .../tasks/main.yml | 0 roles/nginx-redirect-domain/tasks/main.yml | 2 +- roles/nginx-serve-files/tasks/main.yml | 11 ++++------ roles/nginx-serve-html/tasks/main.yml | 11 ++++------ 15 files changed, 40 insertions(+), 49 deletions(-) create mode 100644 roles/nginx-https-get-cert-modify-all/tasks/main.yml rename roles/{nginx-https-recieve-certificate => nginx-https-get-cert}/README.md (100%) rename roles/{nginx-https-recieve-certificate => nginx-https-get-cert}/meta/main.yml (100%) rename roles/{nginx-https-recieve-certificate => nginx-https-get-cert}/tasks/main.yml (100%) diff --git a/roles/docker-attendize/tasks/main.yml b/roles/docker-attendize/tasks/main.yml index 3d555a5f..198eaba1 100644 --- a/roles/docker-attendize/tasks/main.yml +++ b/roles/docker-attendize/tasks/main.yml @@ -3,11 +3,12 @@ include_role: name: docker-central-database -- name: "include tasks to receive attendize certbot certificate" - include_role: - name: nginx-https-recieve-certificate +- name: "include role for {{application_id}} to recieve certs & do modification routines" + include_role: + name: nginx-https-get-cert-modify-all vars: domain: "{{ item }}" + http: "{{ ports.localhost.http[application_id] }}" loop: - "{{ domains.mailu }}" - "{{ domain }}" diff --git a/roles/docker-mastodon/tasks/create-domains.yml b/roles/docker-mastodon/tasks/create-domains.yml index 18a1e39f..e0729656 100644 --- a/roles/docker-mastodon/tasks/create-domains.yml +++ b/roles/docker-mastodon/tasks/create-domains.yml @@ -1,6 +1,6 @@ -- name: "include role receive certbot certificate" - include_role: - name: nginx-https-recieve-certificate +- name: "include role for {{application_id}} to recieve certs & do modification routines" + include_role: + name: nginx-https-get-cert-modify-all - name: configure {{domain}}.conf template: diff --git a/roles/docker-matrix-compose/tasks/main.yml b/roles/docker-matrix-compose/tasks/main.yml index b653dd1f..e54ff35a 100644 --- a/roles/docker-matrix-compose/tasks/main.yml +++ b/roles/docker-matrix-compose/tasks/main.yml @@ -3,9 +3,9 @@ include_role: name: docker-central-database -- name: "include role receive certbot certificate" - include_role: - name: nginx-https-recieve-certificate +- name: "include role for {{application_id}} to recieve certs & do modification routines" + include_role: + name: nginx-https-get-cert-modify-all vars: domain: "{{domains.matrix_synapse}}" http_port: "{{ports.localhost.http.matrix_synapse}}" diff --git a/roles/docker-mybb/tasks/setup-domain.yml b/roles/docker-mybb/tasks/setup-domain.yml index d4a30887..83296202 100644 --- a/roles/docker-mybb/tasks/setup-domain.yml +++ b/roles/docker-mybb/tasks/setup-domain.yml @@ -1,8 +1,8 @@ -# Recieves https certificate and setup proxy with domain replace +{# Recieves https certificate and setup proxy with domain replace #} - name: "include role receive certbot certificate" include_role: - name: nginx-https-recieve-certificate + name: nginx-https-get-cert vars: domain: "{{domains[application_id]}}" diff --git a/roles/docker-nextcloud/tasks/main.yml b/roles/docker-nextcloud/tasks/main.yml index 7ad19ce5..ef0ccd43 100644 --- a/roles/docker-nextcloud/tasks/main.yml +++ b/roles/docker-nextcloud/tasks/main.yml @@ -3,11 +3,12 @@ include_role: name: docker-central-database -- name: "include role receive certbot certificate" - include_role: - name: nginx-https-recieve-certificate +- name: "include role for {{application_id}} to recieve certs & do modification routines" + include_role: + name: nginx-https-get-cert-modify-all vars: domain: "{{domains[application_id]}}" + http: "{{ ports.localhost.http[application_id] }}" - name: create nextcloud nginx proxy configuration file template: diff --git a/roles/docker-peertube/tasks/create-domains.yml b/roles/docker-peertube/tasks/create-domains.yml index 7c2afbc0..255d618b 100644 --- a/roles/docker-peertube/tasks/create-domains.yml +++ b/roles/docker-peertube/tasks/create-domains.yml @@ -1,6 +1,6 @@ -- name: "include role receive certbot certificate" - include_role: - name: nginx-https-recieve-certificate +- name: "include role for {{application_id}} to recieve certs & do modification routines" + include_role: + name: nginx-https-get-cert-modify-all - name: configure {{domain}}.conf template: diff --git a/roles/nginx-domain-setup/README.md b/roles/nginx-domain-setup/README.md index ea8ffe3f..b08af5b4 100644 --- a/roles/nginx-domain-setup/README.md +++ b/roles/nginx-domain-setup/README.md @@ -3,7 +3,7 @@ This role streamlines your Nginx configuration by performing several essential tasks: - **Modify Nginx configuration** with the `nginx-modifier-all` role. -- **Request and receive HTTPS certificates** using the `nginx-https-recieve-certificate` role. +- **Request and receive HTTPS certificates** using the `nginx-https-get-cert` role. - **Deploy a domain configuration file** from a Jinja2 template. - **Optionally secure your domain** with OAuth2 via the `docker-oauth2-proxy` role if enabled. diff --git a/roles/nginx-domain-setup/tasks/main.yml b/roles/nginx-domain-setup/tasks/main.yml index b43ae2dc..f2156236 100644 --- a/roles/nginx-domain-setup/tasks/main.yml +++ b/roles/nginx-domain-setup/tasks/main.yml @@ -1,19 +1,7 @@ -- name: "include role nginx-modifier-all for {{domain}}" - include_role: - name: nginx-modifier-all - -- name: "Relevant variables for role: {{ role_path | basename }}" - debug: - msg: - domain: "{{domain}}" - domains: "{{domains}}" - applications: "{{applications}}" - when: enable_debug | bool - -- name: "include role nginx-https-recieve-certificate for {{domain}}" - include_role: - name: nginx-https-recieve-certificate - +- name: "include role for {{domain}} to recieve certificates and do the modification routines" + include_role: + name: nginx-https-get-cert-modify-all + - name: "copy nginx domain configuration to {{configuration_destination}}" template: src: "roles/nginx-docker-reverse-proxy/templates/domain.conf.j2" diff --git a/roles/nginx-https-get-cert-modify-all/tasks/main.yml b/roles/nginx-https-get-cert-modify-all/tasks/main.yml new file mode 100644 index 00000000..9b9a2fba --- /dev/null +++ b/roles/nginx-https-get-cert-modify-all/tasks/main.yml @@ -0,0 +1,7 @@ +- name: "include role nginx-modifier-all for {{domain}}" + include_role: + name: nginx-modifier-all + +- name: "include role nginx-https-get-cert for {{domain}}" + include_role: + name: nginx-https-get-cert \ No newline at end of file diff --git a/roles/nginx-https-recieve-certificate/README.md b/roles/nginx-https-get-cert/README.md similarity index 100% rename from roles/nginx-https-recieve-certificate/README.md rename to roles/nginx-https-get-cert/README.md diff --git a/roles/nginx-https-recieve-certificate/meta/main.yml b/roles/nginx-https-get-cert/meta/main.yml similarity index 100% rename from roles/nginx-https-recieve-certificate/meta/main.yml rename to roles/nginx-https-get-cert/meta/main.yml diff --git a/roles/nginx-https-recieve-certificate/tasks/main.yml b/roles/nginx-https-get-cert/tasks/main.yml similarity index 100% rename from roles/nginx-https-recieve-certificate/tasks/main.yml rename to roles/nginx-https-get-cert/tasks/main.yml diff --git a/roles/nginx-redirect-domain/tasks/main.yml b/roles/nginx-redirect-domain/tasks/main.yml index 2da1b769..59e2b19a 100644 --- a/roles/nginx-redirect-domain/tasks/main.yml +++ b/roles/nginx-redirect-domain/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: "include task receive certbot certificate" include_role: - name: nginx-https-recieve-certificate + name: nginx-https-get-cert vars: domain: "{{item.source}}" loop: "{{domain_mappings}}" diff --git a/roles/nginx-serve-files/tasks/main.yml b/roles/nginx-serve-files/tasks/main.yml index 29906f5d..fa102637 100644 --- a/roles/nginx-serve-files/tasks/main.yml +++ b/roles/nginx-serve-files/tasks/main.yml @@ -1,13 +1,10 @@ --- -- name: "include role nginx-modifier-all for {{domains[application_id]}}" - include_role: - name: nginx-modifier-all - -- name: "include role nginx-https-recieve-certificate for {{domains[application_id]}}" - include_role: - name: nginx-https-recieve-certificate +- name: "include role for {{application_id}} to recieve certs & do modification routines" + include_role: + name: nginx-https-get-cert-modify-all vars: domain: "{{domains[application_id]}}" + http: "{{ ports.localhost.http[application_id] }}" - name: "generate {{domains[application_id]}}.conf" template: diff --git a/roles/nginx-serve-html/tasks/main.yml b/roles/nginx-serve-html/tasks/main.yml index 523f65da..15df8002 100644 --- a/roles/nginx-serve-html/tasks/main.yml +++ b/roles/nginx-serve-html/tasks/main.yml @@ -1,13 +1,10 @@ --- -- name: "include role nginx-modifier-all for {{domains[application_id]}}" - include_role: - name: nginx-modifier-all - -- name: "include role nginx-https-recieve-certificate for {{domains[application_id]}}" - include_role: - name: nginx-https-recieve-certificate +- name: "include role for {{application_id}} to recieve certs & do modification routines" + include_role: + name: nginx-https-get-cert-modify-all vars: domain: "{{domains[application_id]}}" + http: "{{ ports.localhost.http[application_id] }}" - name: "generate {{domains[application_id]}}.conf" template: