Removed bugs and implemented new server config structure

2024-11-22 04:31:13 +01:00 · 2023-12-12 12:32:35 +01:00 · 2023-12-12 12:32:35 +01:00 · b1e71e3875
commit b1e71e3875
parent cac9e6e1c8
25 changed files with 66 additions and 39 deletions
--- a/group_vars/all
+++ b/group_vars/all
@ -73,3 +73,8 @@ redirect_domain_mappings:
 - { source: "peertube.{{top_domain}}", target: "videos.{{top_domain}}" }
 - { source: "funkwhale.{{top_domain}}", target: "music.{{top_domain}}" }
 - { source: "pixelfed.{{top_domain}}", target: "pictures.{{top_domain}}" }
 nginx_configuration_directory:  "/etc/nginx/conf.d/"
 nginx_servers_directory:        "{{nginx_configuration_directory}}servers/"
 nginx_maps_directory:           "{{nginx_configuration_directory}}maps/"
 nginx_upstreams_directory:      "{{nginx_configuration_directory}}upstreams/"
--- a/playbook-common.yml
+++ b/playbook-common.yml
@ -6,7 +6,7 @@
  tasks:
  roles:
    - role: update
-      when: execute_updates | default(false) | bool
+      when: execute_updates | bool
 - name: setup standard wireguard
  hosts: wireguard_server
--- a/roles/docker-attendize/tasks/main.yml
+++ b/roles/docker-attendize/tasks/main.yml
@ -8,13 +8,13 @@
 - name: configure {{domain}}.conf
  template: 
    src: roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 
-    dest: /etc/nginx/conf.d/{{domain}}.conf
+    dest: "{{nginx_servers_directory}}{{domain}}.conf"
  notify: restart nginx
 #- name: configure {{ mail_interface_domain }}.conf
 #  template: 
 #    src: roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 
-#    dest: /etc/nginx/conf.d/{{ mail_interface_domain }}.conf
+#    dest: {{nginx_servers_directory}}{{ mail_interface_domain }}.conf
 #  vars:
 #    http_port: "{{ mail_interface_http_port }}"
 #    domain:    "{{ mail_interface_domain }}"
--- a/roles/docker-bigbluebutton/files/websocket_upgrade.conf
+++ b/roles/docker-bigbluebutton/files/websocket_upgrade.conf
@ -0,0 +1,11 @@
 # Context: https://chat.openai.com/share/9b3c0e79-15bc-4780-aa88-f0dd149bdaac
 map $http_upgrade $connection_upgrade {
    default upgrade;
    '' close;
 }
 map $remote_addr $endpoint_addr {
    "~:"    [::1];
    default    127.0.0.1;
 }
--- a/roles/docker-bigbluebutton/tasks/main.yml
+++ b/roles/docker-bigbluebutton/tasks/main.yml
@ -3,7 +3,15 @@
  include_tasks: certbot-matomo.yml
 - name: configure {{domain}}.conf
-  template: src=templates/nginx-proxy.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
+  template: 
    src:  "nginx-proxy.conf.j2"
    dest: "{{nginx_servers_directory}}{{domain}}.conf"
  notify: restart nginx
 - name: configure websocket_upgrade.conf
  copy: 
    src:  "websocket_upgrade.conf"
    dest: "{{nginx_maps_directory}}websocket_upgrade.conf"
  notify: restart nginx
 - name: pull docker repository
--- a/roles/docker-bigbluebutton/templates/nginx-proxy.conf.j2
+++ b/roles/docker-bigbluebutton/templates/nginx-proxy.conf.j2
@ -1,12 +1,3 @@
 map $http_upgrade $connection_upgrade {
    default upgrade;
    '' close;
 }
 map $remote_addr $endpoint_addr {
    "~:"    [::1];
    default    127.0.0.1;
 }
 server {
  listen 443 ssl http2 default_server;
  listen [::]:443 ssl http2 default_server;
--- a/roles/docker-mastodon/tasks/create-domains.yml
+++ b/roles/docker-mastodon/tasks/create-domains.yml
@ -2,5 +2,7 @@
  include_tasks: certbot-matomo.yml
 - name: configure {{domain}}.conf
-  template: src=templates/mastodon.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
+  template: 
    src:  "mastodon.conf.j2" 
    dest: "{{nginx_servers_directory}}{{domain}}.conf"
  notify: restart nginx
--- a/roles/docker-mastodon/templates/mastodon.conf.j2
+++ b/roles/docker-mastodon/templates/mastodon.conf.j2
@ -8,7 +8,7 @@ server {
  {% include 'roles/letsencrypt/templates/ssl_header.j2' %}
-  {% if nginx_matomo_tracking | default(False) %}
+  {% if nginx_matomo_tracking | bool %}
    {% include 'roles/nginx-matomo-tracking/templates/matomo-tracking.conf.j2' %}
  {% endif %}
--- a/roles/docker-mybb/vars/main.yml
+++ b/roles/docker-mybb/vars/main.yml
@ -2,5 +2,5 @@
 docker_compose_instance_directory: "{{path_docker_compose_instances}}mybb/"
 docker_compose_instance_confd_directory: "{{docker_compose_instance_directory}}conf.d/"
 docker_compose_instance_confd_defaultconf_file: "{{docker_compose_instance_confd_directory}}default.conf"
-target_mount_conf_d_directory: "/etc/nginx/conf.d/"
+target_mount_conf_d_directory: "{{nginx_servers_directory}}"
 source_domain: "mybb.{{top_domain}}"
--- a/roles/docker-nextcloud/tasks/main.yml
+++ b/roles/docker-nextcloud/tasks/main.yml
@ -5,7 +5,7 @@
 - name: configure {{domain}}.conf
  template: 
    src:  "templates/nextcloud.conf.j2" 
-    dest: "/etc/nginx/conf.d/{{domain}}.conf"
+    dest: "{{nginx_servers_directory}}{{domain}}.conf"
  notify: restart nginx
 - name: "create {{path_docker_volumes}}nextcloud/"
--- a/roles/docker-nextcloud/templates/nextcloud.conf.j2
+++ b/roles/docker-nextcloud/templates/nextcloud.conf.j2
@ -4,7 +4,7 @@ server
  {% include 'roles/letsencrypt/templates/ssl_header.j2' %}
-  {% if nginx_matomo_tracking | default(False) %}
+  {% if nginx_matomo_tracking | bool %}
    {% include 'roles/nginx-matomo-tracking/templates/matomo-tracking.conf.j2' %}
  {% endif %}
--- a/roles/docker-peertube/tasks/create-domains.yml
+++ b/roles/docker-peertube/tasks/create-domains.yml
@ -2,5 +2,7 @@
  include_tasks: certbot-matomo.yml
 - name: configure {{domain}}.conf
-  template: src=templates/peertube.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
+  template: 
    src:  "templates/peertube.conf.j2"
    dest: "{{nginx_servers_directory}}{{domain}}.conf"
  notify: restart nginx
--- a/roles/docker-peertube/templates/peertube.conf.j2
+++ b/roles/docker-peertube/templates/peertube.conf.j2
@ -3,7 +3,7 @@ server {
  {% include 'roles/letsencrypt/templates/ssl_header.j2' %}
-  {% if nginx_matomo_tracking | default(False) %}
+  {% if nginx_matomo_tracking | bool %}
    {% include 'roles/nginx-matomo-tracking/templates/matomo-tracking.conf.j2' %}
  {% endif %}
--- a/roles/health-nginx/files/health-nginx.py
+++ b/roles/health-nginx/files/health-nginx.py
@ -4,7 +4,7 @@ import sys
 import re
 # Define the path to the nginx configuration directory
-config_path = '/etc/nginx/conf.d/'
+config_path = '{{nginx_servers_directory}}'
 # Initialize the error counter
 error_counter = 0
--- a/roles/letsencrypt/tasks/main.yml
+++ b/roles/letsencrypt/tasks/main.yml
@ -1,5 +1,5 @@
 - name: create nginx letsencrypt config file
-  template: src=letsencrypt.conf.j2 dest=/etc/nginx/conf.d/letsencrypt.conf
+  template: src=letsencrypt.conf.j2 dest={{nginx_servers_directory}}letsencrypt.conf
  notify: restart nginx
 - name: flush nginx service
--- a/roles/nginx-docker-reverse-proxy/templates/domain.conf.j2
+++ b/roles/nginx-docker-reverse-proxy/templates/domain.conf.j2
@ -3,7 +3,7 @@ server
  server_name {{domain}};
  # Include Matomo Tracking Code
-  {% if nginx_matomo_tracking | default(False) %}
+  {% if nginx_matomo_tracking | bool %}
    {% include 'roles/nginx-matomo-tracking/templates/matomo-tracking.conf.j2' %}
  {% endif %}
--- a/roles/nginx-domain-redirect/tasks/main.yml
+++ b/roles/nginx-domain-redirect/tasks/main.yml
@ -7,6 +7,6 @@
  vars:
    domain: "{{item.source}}"
    target_domain: "{{item.target}}"
-  template: src=redirect.domain.nginx.conf.j2 dest=/etc/nginx/conf.d/{{ domain }}.conf
+  template: src=redirect.domain.nginx.conf.j2 dest={{nginx_servers_directory}}{{ domain }}.conf
  loop: "{{domain_mappings}}"
  notify: restart nginx
--- a/roles/nginx-homepage/tasks/main.yml
+++ b/roles/nginx-homepage/tasks/main.yml
@ -3,7 +3,9 @@
  include_tasks: certbot-matomo.yml
 - name: configure {{domain}}.conf
-  template: src=homepage.nginx.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
+  template: 
    src:  "homepage.nginx.conf.j2" 
    dest: "{{nginx_servers_directory}}{{domain}}.conf"
  notify: restart nginx
 - name: nginx-homepage repo git
--- a/roles/nginx-homepage/templates/homepage.nginx.conf.j2
+++ b/roles/nginx-homepage/templates/homepage.nginx.conf.j2
@ -5,7 +5,7 @@ server
  {% include 'roles/letsencrypt/templates/ssl_header.j2' %}
-  {% if nginx_matomo_tracking | default(False) %}
+  {% if nginx_matomo_tracking | bool %}
    {% include 'roles/nginx-matomo-tracking/templates/matomo-tracking.conf.j2' %}
  {% endif %}
--- a/roles/nginx-www-redirect/README.md
+++ b/roles/nginx-www-redirect/README.md
@ -1,13 +1,13 @@
 # README.md for nginx-www-redirect Role
 ## Overview
-The `nginx-www-redirect` role is designed to automate the process of setting up redirects from `www.domain.tld` to `domain.tld` for all domains and subdomains configured within the `/etc/nginx/conf.d/` directory. This role dynamically identifies configuration files following the pattern `*domain.tld.conf` and creates corresponding redirection rules.
+The `nginx-www-redirect` role is designed to automate the process of setting up redirects from `www.domain.tld` to `domain.tld` for all domains and subdomains configured within the `{{nginx_servers_directory}}` directory. This role dynamically identifies configuration files following the pattern `*domain.tld.conf` and creates corresponding redirection rules.
 ## Role Description
 This role performs several key tasks:
-1. **Find Configuration Files**: Locates all `.conf` files in the `/etc/nginx/conf.d/` directory that match the `*.*.conf` pattern, ensuring that only domain and subdomain configurations are selected.
+1. **Find Configuration Files**: Locates all `.conf` files in the `{{nginx_servers_directory}}` directory that match the `*.*.conf` pattern, ensuring that only domain and subdomain configurations are selected.
-2. **Filter Domain Names**: Processes each configuration file, extracting the domain names and removing both the `.conf` extension and the `/etc/nginx/conf.d/` path.
+2. **Filter Domain Names**: Processes each configuration file, extracting the domain names and removing both the `.conf` extension and the `{{nginx_servers_directory}}` path.
 3. **Prepare Redirect Domain Mappings**: Transforms the filtered domain names into a source-target mapping format, where `source` is `www.domain.tld` and `target` is `domain.tld`.
@ -25,7 +25,7 @@ Example playbook:
 ## Requirements
 - Ansible environment set up and configured to run roles.
- Access to the `/etc/nginx/conf.d/` directory on the target hosts.
+- Access to the `{{nginx_servers_directory}}` directory on the target hosts.
 - The `nginx-domain-redirect` role must be present and properly configured to handle the redirection mappings.
 ## Notes
--- a/roles/nginx-www-redirect/tasks/main.yml
+++ b/roles/nginx-www-redirect/tasks/main.yml
@ -1,15 +1,15 @@
 ---
 - name: Find all .conf
  ansible.builtin.find:
-    paths: "/etc/nginx/conf.d/"
+    paths: "{{nginx_servers_directory}}"
    patterns: '*.*.conf'
  register: conf_files
 - name: Filter domain names and remove .conf extension and path
  set_fact:
-    filtered_domains: "{{ conf_files.files | map(attribute='path') | map('regex_search', domain_regex) | select('string') | map('regex_replace', '^/etc/nginx/conf.d/', '') | map('regex_replace', '.conf$', '') | list }}"
+    filtered_domains: "{{ conf_files.files | map(attribute='path') | map('regex_search', domain_regex) | select('string') | map('regex_replace', '^{{nginx_servers_directory}}', '') | map('regex_replace', '.conf$', '') | list }}"
  vars:
-    domain_regex: '^/etc/nginx/conf.d/(?!www\.)[^/]+\.conf$'
+    domain_regex: '^{{nginx_servers_directory}}(?!www\.)[^/]+\.conf$'
 - name: The domains for which a www. redirect will be implemented
  debug:
--- a/roles/nginx/tasks/main.yml
+++ b/roles/nginx/tasks/main.yml
@ -3,11 +3,15 @@
  pacman: name=nginx state=present
  notify: restart nginx
- name: set /etc/nginx/conf.d
+- name: Ensure nginx configuration directories are present
  file:
-    path: /etc/nginx/conf.d
+    path: "{{ item }}"
    state: directory
-    mode: 0755
+    mode: '0755'
  loop:
    - "{{nginx_servers_directory}}"
    - "{{nginx_maps_directory}}"
    - "{{nginx_upstreams_directory}}"
 - name: create nginx config file
  template: src=nginx.conf.j2 dest=/etc/nginx/nginx.conf
--- a/roles/nginx/templates/nginx.conf.j2
+++ b/roles/nginx/templates/nginx.conf.j2
@ -31,5 +31,7 @@ http
  gzip_types application/atom+xml application/javascript application/xml+rss application/x-javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy text/javascript text/xml;
  types_hash_max_size 4096;
-  include conf.d/*.conf;
+  include {{nginx_upstreams_directory}}*.conf;
  include {{nginx_maps_directory}}*.conf;
  include {{nginx_servers_directory}}*.conf;
 }
--- a/tasks/create-domain-conf.yml
+++ b/tasks/create-domain-conf.yml
@ -1,5 +1,5 @@
 - name: configure {{domain}}.conf
  template: 
    src:  "roles/nginx-docker-reverse-proxy/templates/domain.conf.j2" 
-    dest: "/etc/nginx/conf.d/{{domain}}.conf"
+    dest: "{{nginx_servers_directory}}{{domain}}.conf"
  notify: restart nginx
--- a/tasks/implement-matomo-tracking.yml
+++ b/tasks/implement-matomo-tracking.yml
@ -1,4 +1,4 @@
 - name: Activate NGINX matomo tracking
  include_role:
    name: nginx-matomo-tracking
-  when: nginx_matomo_tracking and domain is defined
+  when: nginx_matomo_tracking | bool and domain is defined