refactored docker and nginx roles, to make them more modular

2024-09-20 00:13:09 +02:00 · 2023-12-06 17:59:57 +01:00 · 2023-12-06 17:59:57 +01:00 · ed40ee1f42
commit ed40ee1f42
parent 994b61dd1a
24 changed files with 58 additions and 135 deletions
--- a/playbook-servers.yml
+++ b/playbook-servers.yml
@ -55,6 +55,7 @@
  roles:
  - role: docker-wordpress
    vars:
+      domains: "{{wordpress_domains}}"
      http_port: 8003

 - name: setup mediawiki hosts
@ -161,7 +162,7 @@
  roles:
   -  role: docker-joomla
      vars:
-        domain: "joomla.{{top_domain}}"
+        domain: "{{joomla_domains}}"
        http_port: 8014

 - name: setup attendize
--- a/roles/docker-akaunting/tasks/main.yml
+++ b/roles/docker-akaunting/tasks/main.yml
@ -1,10 +1,6 @@
 ---
- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
- name: configure {{domain}}.conf
-  template: src=roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml

 - name: register directory
  stat:
--- a/roles/docker-baserow/tasks/main.yml
+++ b/roles/docker-baserow/tasks/main.yml
@ -1,10 +1,6 @@
 ---
- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
- name: configure {{domain}}.conf
-  template: src=roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml

 - name: "create {{docker_compose_instance_directory}}"
  file:
--- a/roles/docker-bigbluebutton/tasks/main.yml
+++ b/roles/docker-bigbluebutton/tasks/main.yml
@ -1,6 +1,6 @@
 ---
- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
+- name: "include task certbot-matomo.yml"
+  include_tasks: certbot-matomo.yml

 - name: configure {{domain}}.conf
  template: src=templates/nginx-proxy.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
--- a/roles/docker-elk/tasks/main.yml
+++ b/roles/docker-elk/tasks/main.yml
@ -1,11 +1,7 @@
 ---

- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
- name: configure {{domain}}.conf
-  template: src=roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml

 - name: create elasticsearch-sysctl.conf
  copy:
--- a/roles/docker-funkwhale/tasks/main.yml
+++ b/roles/docker-funkwhale/tasks/main.yml
@ -1,10 +1,6 @@
 ---
- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
- name: configure {{domain}}.conf
-  template: src=roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml

 - name: "create {{docker_compose_instance_directory}}"
  file:
--- a/roles/docker-gitea/tasks/main.yml
+++ b/roles/docker-gitea/tasks/main.yml
@ -1,10 +1,6 @@
 ---
- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
- name: configure {{domain}} https
-  template: src=roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml

 - name: "create {{docker_compose_instance_directory}}"
  file:
--- a/roles/docker-jenkins/tasks/main.yml
+++ b/roles/docker-jenkins/tasks/main.yml
@ -1,9 +1,5 @@
- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
- name: configure {{domain}}.conf
-  template: src=roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml

 - name: "docker jenkins"
  docker_compose:
--- a/roles/docker-joomla/tasks/main.yml
+++ b/roles/docker-joomla/tasks/main.yml
@ -1,10 +1,9 @@
 ---
- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
- name: configure {{domain}}.conf
-  template: src=roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml
+  loop: "{{ domains }}"
+  loop_control:
+    loop_var: domain

 - name: "create {{docker_compose_instance_directory}}"
  file:
--- a/roles/docker-listmonk/tasks/main.yml
+++ b/roles/docker-listmonk/tasks/main.yml
@ -1,12 +1,6 @@
 ---
- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
- name: configure {{domain}}.conf
-  template: 
-    src:  "roles/nginx-docker-reverse-proxy/templates/domain.conf.j2"
-    dest: "/etc/nginx/conf.d/{{domain}}.conf"
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml

 - name: "create {{docker_compose_instance_directory}}"
  file:
--- a/roles/docker-mailu/tasks/main.yml
+++ b/roles/docker-mailu/tasks/main.yml
@ -1,13 +1,8 @@
 ---
-
- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
- name: configure {{domain}}.conf
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml
  vars:
    client_max_body_size: "31M"
-  template: src=roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
-  notify: restart nginx

 - name: "create {{path_docker_compose_files}}mailu"
  file:
--- a/roles/docker-mastodon/tasks/main.yml
+++ b/roles/docker-mastodon/tasks/main.yml
@ -1,6 +1,6 @@
 ---
- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
+- name: "include task certbot-matomo.yml"
+  include_tasks: certbot-matomo.yml

 - name: configure {{domain}}.conf
  template: src=templates/mastodon.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
--- a/roles/docker-matomo/tasks/main.yml
+++ b/roles/docker-matomo/tasks/main.yml
@ -1,12 +1,6 @@
 ---
- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
- name: configure {{domain}}.conf
-  template: 
-    src:  "roles/nginx-docker-reverse-proxy/templates/domain.conf.j2"
-    dest: "/etc/nginx/conf.d/{{domain}}.conf"
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml

 - name: "create {{docker_compose_instance_directory}}"
  file:
--- a/roles/docker-mediawiki/tasks/main.yml
+++ b/roles/docker-mediawiki/tasks/main.yml
@ -1,9 +1,5 @@
- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
- name: configure {{domain}}.conf
-  template: src=roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml

 - name: "docker mediawiki"
  docker_compose:
--- a/roles/docker-nextcloud/tasks/main.yml
+++ b/roles/docker-nextcloud/tasks/main.yml
@ -1,6 +1,6 @@
 ---
- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
+- name: "include task certbot-matomo.yml"
+  include_tasks: certbot-matomo.yml

 - name: configure {{domain}}.conf
  template: 
--- a/roles/docker-peertube/tasks/main.yml
+++ b/roles/docker-peertube/tasks/main.yml
@ -1,10 +1,6 @@
 ---
- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
- name: configure {{domain}}.conf
-  template: src=templates/peertube.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
-  notify: restart nginx
+- name: "include task certbot-matomo.yml"
+  include_tasks: certbot-matomo.yml

 - name: "create {{docker_compose_instance_directory}}"
  file:
--- a/roles/docker-pixelfed/tasks/main.yml
+++ b/roles/docker-pixelfed/tasks/main.yml
@ -1,10 +1,6 @@
 ---
- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
- name: configure {{domain}}.conf
-  template: src=roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml

 - name: "create {{docker_compose_instance_directory}}"
  file:
--- a/roles/docker-roulette-wheel/tasks/main.yml
+++ b/roles/docker-roulette-wheel/tasks/main.yml
@ -1,10 +1,6 @@
 ---
- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
- name: configure {{domain}}.conf
-  template: src=roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml

 - name: "create {{docker_compose_instance_directory}}"
  file:
--- a/roles/docker-wordpress/tasks/create-wordpress-nginx.yml
+++ b/roles/docker-wordpress/tasks/create-wordpress-nginx.yml
@ -1,10 +0,0 @@
- name: Activate NGINX matomo tracking for {{domain}}
-  include_role:
-    name: nginx-matomo-tracking
-  when: nginx_matomo_tracking_active
-
- name: configure wordpress nginx configurations
-  vars:
-    client_max_body_size: "{{wordpress_max_upload_size}}"
-  template: src=roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{ domain }}.conf
-  notify: restart nginx
--- a/roles/docker-wordpress/tasks/main.yml
+++ b/roles/docker-wordpress/tasks/main.yml
@ -1,19 +1,12 @@
 ---
- name: "include task receive certbot certificate"
-  include_tasks: recieve-certbot-certificate.yml
-  vars:
-    domain: "{{ item }}"
-  loop: "{{ wordpress_domains }}"
-  loop_control:
-    loop_var: item

- name: "include task create wordpress nginx"
-  include_tasks: create-wordpress-nginx.yml
-  vars:
-    domain: "{{ item }}"
-  loop: "{{ wordpress_domains }}"
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml
+  loop: "{{ domains }}"
  loop_control:
-    loop_var: item
+    loop_var: domain
+  vars:
+    client_max_body_size: "{{wordpress_max_upload_size}}"

 - name: "create {{docker_compose_instance_directory}}"
  file:
--- a/roles/docker-yourls/tasks/main.yml
+++ b/roles/docker-yourls/tasks/main.yml
@ -1,12 +1,6 @@
 ---
- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
- name: configure {{domain}}.conf
-  template: 
-    src:  "roles/nginx-docker-reverse-proxy/templates/domain.conf.j2"
-    dest: "/etc/nginx/conf.d/{{domain}}.conf"
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml

 - name: "create {{docker_compose_instance_directory}}"
  file:
--- a/roles/nginx-homepage/tasks/main.yml
+++ b/roles/nginx-homepage/tasks/main.yml
@ -1,10 +1,11 @@
+---
+- name: "include task certbot-matomo.yml"
+  include_tasks: certbot-matomo.yml
+
 - name: configure {{domain}}.conf
  template: src=homepage.nginx.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
  notify: restart nginx

- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
 - name: nginx-homepage repo git
  git:
    repo: "{{nginx_homepage_repository_address}}"
--- a/tasks/certbot-matomo.yml
+++ b/tasks/certbot-matomo.yml
@ -0,0 +1,5 @@
+- name: "include task receive certbot certificate"
+  include_tasks: recieve-certbot-certificate.yml
+
+- name: "include task implement-matomo-tracking.yml"
+  include_tasks: implement-matomo-tracking.yml
--- a/tasks/nginx-docker-proxy-domain.yml
+++ b/tasks/nginx-docker-proxy-domain.yml
@ -1,8 +1,5 @@
- name: "include task receive certbot certificate"
-  include_tasks: recieve-certbot-certificate.yml
-
- name: "include task implement-matomo-tracking.yml"
-  include_tasks: implement-matomo-tracking.yml
+- name: "include task certbot-matomo.yml"
+  include_tasks: certbot-matomo.yml

 - name: "include task create-domain-conf.yml"
  include_tasks: create-domain-conf.yml