mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2024-11-25 14:11:03 +01:00
Compare commits
2 Commits
108c9f7c0f
...
4d0db1fcc9
Author | SHA1 | Date | |
---|---|---|---|
4d0db1fcc9 | |||
75c27f9a42 |
@ -32,6 +32,7 @@ path_docker_volumes: "{{path_administrator_home}}volume
|
||||
path_docker_compose_instances: "{{path_administrator_home}}docker-compose/"
|
||||
|
||||
# Runtime Variables
|
||||
activate_all_timers (bool): false # Activates all timers, independend if the handlers had been triggered
|
||||
nginx_matomo_tracking_active: false # Activates matomo tracking on all html pages
|
||||
activate_all_timers: false # Activates all timers, independend if the handlers had been triggered
|
||||
nginx_matomo_tracking: false # Activates matomo tracking on all html pages
|
||||
nginx_www_redirect: true # Implements an redirect from all www. domains to the main domain
|
||||
execute_updates: true # Executes updates
|
@ -6,7 +6,7 @@
|
||||
tasks:
|
||||
roles:
|
||||
- role: update
|
||||
when: execute_updates is true
|
||||
when: execute_updates | default(false) | bool
|
||||
|
||||
- name: setup standard wireguard
|
||||
hosts: wireguard_server
|
||||
|
@ -12,22 +12,6 @@
|
||||
- cleanup-disc-space
|
||||
- health-btrfs
|
||||
|
||||
# Native Webserver Roles
|
||||
- name: setup nginx-homepages
|
||||
hosts: homepage
|
||||
become: true
|
||||
roles:
|
||||
- role: nginx-homepage
|
||||
vars:
|
||||
domain: "{{top_domain}}"
|
||||
- name: setup redirect hosts
|
||||
hosts: redirect
|
||||
become: true
|
||||
roles:
|
||||
- role: nginx-domain-redirect
|
||||
vars:
|
||||
domain_mappings: "{{redirect_domain_mappings}}"
|
||||
|
||||
# Docker Roles
|
||||
- name: setup nextcloud hosts
|
||||
hosts: nextcloud_server
|
||||
@ -220,3 +204,27 @@
|
||||
vars:
|
||||
domain: akaunting.{{top_domain}}
|
||||
http_port: 8080
|
||||
|
||||
# Native Webserver Roles
|
||||
- name: setup nginx-homepages
|
||||
hosts: homepage
|
||||
become: true
|
||||
roles:
|
||||
- role: nginx-homepage
|
||||
vars:
|
||||
domain: "{{top_domain}}"
|
||||
|
||||
- name: setup redirect hosts
|
||||
hosts: redirect
|
||||
become: true
|
||||
roles:
|
||||
- role: nginx-domain-redirect
|
||||
vars:
|
||||
domain_mappings: "{{redirect_domain_mappings}}"
|
||||
|
||||
- name: setup www redirect
|
||||
hosts: all
|
||||
become: true
|
||||
roles:
|
||||
- role: nginx-www-redirect
|
||||
when: nginx_www_redirect | bool
|
||||
|
@ -8,7 +8,7 @@ server {
|
||||
|
||||
{% include 'roles/letsencrypt/templates/ssl_header.j2' %}
|
||||
|
||||
{% if nginx_matomo_tracking_active | default(False) %}
|
||||
{% if nginx_matomo_tracking | default(False) %}
|
||||
{% include 'roles/nginx-matomo-tracking/templates/matomo-tracking.conf.j2' %}
|
||||
{% endif %}
|
||||
|
||||
|
@ -4,7 +4,7 @@ server
|
||||
|
||||
{% include 'roles/letsencrypt/templates/ssl_header.j2' %}
|
||||
|
||||
{% if nginx_matomo_tracking_active | default(False) %}
|
||||
{% if nginx_matomo_tracking | default(False) %}
|
||||
{% include 'roles/nginx-matomo-tracking/templates/matomo-tracking.conf.j2' %}
|
||||
{% endif %}
|
||||
|
||||
|
@ -8,7 +8,7 @@ server {
|
||||
|
||||
{% include 'roles/letsencrypt/templates/ssl_header.j2' %}
|
||||
|
||||
{% if nginx_matomo_tracking_active | default(False) %}
|
||||
{% if nginx_matomo_tracking | default(False) %}
|
||||
{% include 'roles/nginx-matomo-tracking/templates/matomo-tracking.conf.j2' %}
|
||||
{% endif %}
|
||||
|
||||
|
@ -3,7 +3,7 @@ server
|
||||
server_name {{domain}};
|
||||
|
||||
# Include Matomo Tracking Code
|
||||
{% if nginx_matomo_tracking_active | default(False) %}
|
||||
{% if nginx_matomo_tracking | default(False) %}
|
||||
{% include 'roles/nginx-matomo-tracking/templates/matomo-tracking.conf.j2' %}
|
||||
{% endif %}
|
||||
|
||||
|
@ -5,7 +5,7 @@ server
|
||||
|
||||
{% include 'roles/letsencrypt/templates/ssl_header.j2' %}
|
||||
|
||||
{% if nginx_matomo_tracking_active | default(False) %}
|
||||
{% if nginx_matomo_tracking | default(False) %}
|
||||
{% include 'roles/nginx-matomo-tracking/templates/matomo-tracking.conf.j2' %}
|
||||
{% endif %}
|
||||
|
||||
|
37
roles/nginx-www-redirect/README.md
Normal file
37
roles/nginx-www-redirect/README.md
Normal file
@ -0,0 +1,37 @@
|
||||
# README.md for nginx-www-redirect Role
|
||||
|
||||
## Overview
|
||||
The `nginx-www-redirect` role is designed to automate the process of setting up redirects from `www.domain.tld` to `domain.tld` for all domains and subdomains configured within the `/etc/nginx/conf.d/` directory. This role dynamically identifies configuration files following the pattern `*domain.tld.conf` and creates corresponding redirection rules.
|
||||
|
||||
## Role Description
|
||||
This role performs several key tasks:
|
||||
1. **Find Configuration Files**: Locates all `.conf` files in the `/etc/nginx/conf.d/` directory that match the `*.*.conf` pattern, ensuring that only domain and subdomain configurations are selected.
|
||||
|
||||
2. **Filter Domain Names**: Processes each configuration file, extracting the domain names and removing both the `.conf` extension and the `/etc/nginx/conf.d/` path.
|
||||
|
||||
3. **Prepare Redirect Domain Mappings**: Transforms the filtered domain names into a source-target mapping format, where `source` is `www.domain.tld` and `target` is `domain.tld`.
|
||||
|
||||
4. **Include nginx-domain-redirect Role**: Applies the redirection configuration using the `nginx-domain-redirect` role with the dynamically generated domain mappings.
|
||||
|
||||
## Usage
|
||||
To use this role, include it in your playbook and ensure that the `nginx-domain-redirect` role is available in your Ansible environment. No additional configuration is required as the role is designed to dynamically identify and process the domain configurations.
|
||||
|
||||
Example playbook:
|
||||
```yaml
|
||||
- hosts: web-servers
|
||||
roles:
|
||||
- nginx-www-redirect
|
||||
```
|
||||
|
||||
## Requirements
|
||||
- Ansible environment set up and configured to run roles.
|
||||
- Access to the `/etc/nginx/conf.d/` directory on the target hosts.
|
||||
- The `nginx-domain-redirect` role must be present and properly configured to handle the redirection mappings.
|
||||
|
||||
## Notes
|
||||
- This role is designed to work in environments where domain and subdomain configurations follow the naming pattern `*domain.tld.conf`.
|
||||
- It automatically excludes any configurations that begin with `www.`, preventing duplicate redirects.
|
||||
|
||||
---
|
||||
|
||||
This `nginx-www-redirect` role was crafted with insights and guidance provided by ChatGPT, an advanced AI language model from OpenAI. The development process, including the discussions with ChatGPT that shaped this role, can be [here](https://chat.openai.com/share/a68e3574-f543-467d-aea7-0895f0e00bbb) explored in detail.
|
31
roles/nginx-www-redirect/tasks/main.yml
Normal file
31
roles/nginx-www-redirect/tasks/main.yml
Normal file
@ -0,0 +1,31 @@
|
||||
---
|
||||
- name: Find all .conf
|
||||
ansible.builtin.find:
|
||||
paths: "/etc/nginx/conf.d/"
|
||||
patterns: '*.*.conf'
|
||||
register: conf_files
|
||||
|
||||
- name: Print conf_files domains
|
||||
debug:
|
||||
var: conf_files
|
||||
|
||||
- name: Filter domain names and remove .conf extension and path
|
||||
set_fact:
|
||||
filtered_domains: "{{ conf_files.files | map(attribute='path') | map('regex_search', domain_regex) | select('string') | map('regex_replace', '^/etc/nginx/conf.d/', '') | map('regex_replace', '.conf$', '') | list }}"
|
||||
vars:
|
||||
domain_regex: '^/etc/nginx/conf.d/(?!www\.)[^/]+\.conf$'
|
||||
|
||||
|
||||
- name: Print filtered domains
|
||||
debug:
|
||||
var: filtered_domains
|
||||
|
||||
- name: Prepare redirect domain mappings
|
||||
set_fact:
|
||||
redirect_domain_mappings: "{{ filtered_domains | map('regex_replace', '^(.*)$', '{ source: \"www.\\1\", target: \"\\1\" }') | map('from_yaml') | list }}"
|
||||
|
||||
- name: Include nginx-domain-redirect role with dynamic domain mappings
|
||||
include_role:
|
||||
name: nginx-domain-redirect
|
||||
vars:
|
||||
domain_mappings: "{{ redirect_domain_mappings }}"
|
@ -23,6 +23,15 @@ def run_command(command):
|
||||
process.stdout.close()
|
||||
|
||||
def git_pull(directory):
|
||||
"""
|
||||
Checks whether the Git repository in the specified directory is up to date and performs a git pull if necessary.
|
||||
|
||||
Args:
|
||||
directory (str): The path to the directory of the Git repository.
|
||||
|
||||
Returns:
|
||||
bool: True if a git pull was performed, otherwise False.
|
||||
"""
|
||||
os.chdir(directory)
|
||||
print(f"Checking if the git repository in {directory} is up to date.")
|
||||
local = subprocess.check_output("git rev-parse @", shell=True).decode().strip()
|
||||
@ -31,8 +40,10 @@ def git_pull(directory):
|
||||
if local != remote:
|
||||
print("Repository is not up to date. Performing git pull.")
|
||||
run_command("git pull")
|
||||
else:
|
||||
return True;
|
||||
|
||||
print("Repository is already up to date.")
|
||||
return False;
|
||||
|
||||
def get_image_digests(directory):
|
||||
compose_project = os.path.basename(directory)
|
||||
@ -94,6 +105,11 @@ def update_nextcloud():
|
||||
print("Start Nextcloud update procedure.")
|
||||
update_procedure("docker-compose exec -T -u www-data application /var/www/html/occ app:update --all")
|
||||
|
||||
def update_discourse(directory):
|
||||
os.chdir(directory)
|
||||
print("Start Discourse update procedure.")
|
||||
update_procedure("./launcher rebuild app")
|
||||
|
||||
# This procedure waits until the container is up
|
||||
def update_procedure(command):
|
||||
max_attempts = 3
|
||||
@ -129,9 +145,16 @@ if __name__ == "__main__":
|
||||
print(f"Checking for updates in: {dir_path}")
|
||||
|
||||
if os.path.isdir(os.path.join(dir_path, ".git")):
|
||||
git_pull(dir_path)
|
||||
git_repository_was_pulled = git_pull(dir_path)
|
||||
|
||||
# Discourse is an exception and uses own update command instead of docker compose
|
||||
if os.path.basename(dir_path) == "discourse":
|
||||
if git_repository_was_pulled:
|
||||
update_discourse(dir_path)
|
||||
else:
|
||||
print("Discourse update skipped. No changes in git repository.")
|
||||
else:
|
||||
update_docker(dir_path)
|
||||
|
||||
# Nextcloud needs additional update procedures
|
||||
if os.path.basename(dir_path) == "nextcloud":
|
||||
update_nextcloud()
|
||||
|
@ -1 +1 @@
|
||||
update_docker_script: "{{path_administrator_scripts}}/update-docker.py"
|
||||
update_docker_script: "{{path_administrator_scripts}}update-docker.py"
|
||||
|
@ -1,4 +1,4 @@
|
||||
- name: Activate NGINX matomo tracking
|
||||
include_role:
|
||||
name: nginx-matomo-tracking
|
||||
when: nginx_matomo_tracking_active and domain is defined
|
||||
when: nginx_matomo_tracking and domain is defined
|
Loading…
Reference in New Issue
Block a user