Added RequestTracker (DEV) container
Signed-off-by: Jim Martens <github@2martens.de>
This commit is contained in:
parent
b242cfdd26
commit
a3247a6aff
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
dependencies:
|
||||
- role: docker
|
||||
- role: apache
|
||||
- role: letsencrypt
|
|
@ -0,0 +1,38 @@
|
|||
---
|
||||
- name: add rt http site
|
||||
template:
|
||||
src: etc/apache2/sites-available/ansible_domain.conf.j2
|
||||
dest: /etc/apache2/sites-available/{{ rt_domain }}.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
force: no
|
||||
register: rt_http
|
||||
- name: disable default site and enable rt site
|
||||
block:
|
||||
- name: disable default site
|
||||
command:
|
||||
cmd: a2dissite 000-default.conf
|
||||
removes: /etc/apache2/sites-enabled/000-default.conf
|
||||
- name: enable rt site
|
||||
command:
|
||||
cmd: a2ensite {{ rt_domain }}.conf
|
||||
creates: /etc/apache2/sites-enabled/{{ rt_domain }}.conf
|
||||
- name: run certbot
|
||||
command:
|
||||
cmd: certbot --apache --non-interactive --keep-until-expiring --no-eff-email --email {{ admin_mail }} --redirect --renew-with-new-domains --agree-tos -d {{ collabora_domain }}
|
||||
when: ansible_domain != 'dev' and rt_http.changed
|
||||
- include: ssl-dev.yml
|
||||
when: ansible_domain == 'dev'
|
||||
- name: add rt https site
|
||||
template:
|
||||
src: etc/apache2/sites-available/ansible_domain-le-ssl.conf.j2
|
||||
dest: /etc/apache2/sites-available/{{ rt_domain }}-le-ssl.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
- name: enable rt https site
|
||||
command:
|
||||
cmd: a2ensite {{ rt_domain }}-le-ssl.conf
|
||||
creates: /etc/apache2/sites-enabled/{{ rt_domain }}-le-ssl.conf
|
||||
notify: restart apache
|
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
- include: rt.yml
|
||||
- include: apache.yml
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
- name: create rt directory
|
||||
file:
|
||||
state: directory
|
||||
path: /etc/rt
|
||||
- name: copy docker compose file for rt
|
||||
template:
|
||||
src: etc/rt/docker-compose.yml.j2
|
||||
dest: /etc/rt/docker-compose.yml
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
- name: start rt docker container
|
||||
docker_compose:
|
||||
project_src: /etc/rt
|
|
@ -0,0 +1,27 @@
|
|||
---
|
||||
- name: Ensure python OpenSSL dependencies are installed.
|
||||
pip:
|
||||
name: pyOpenSSL
|
||||
state: present
|
||||
|
||||
- name: Ensure directory exists for local self-signed TLS certs.
|
||||
file:
|
||||
path: /etc/letsencrypt/live/{{ rt_domain }}
|
||||
state: directory
|
||||
|
||||
- name: Generate an OpenSSL private key.
|
||||
openssl_privatekey:
|
||||
path: /etc/letsencrypt/live/{{ rt_domain }}/privkey.pem
|
||||
|
||||
- name: Generate an OpenSSL CSR.
|
||||
openssl_csr:
|
||||
path: /etc/ssl/private/{{ rt_domain }}.csr
|
||||
privatekey_path: /etc/letsencrypt/live/{{ rt_domain }}/privkey.pem
|
||||
common_name: "{{ rt_domain }}"
|
||||
|
||||
- name: Generate a Self Signed OpenSSL certificate.
|
||||
openssl_certificate:
|
||||
path: /etc/letsencrypt/live/{{ rt_domain }}/fullchain.pem
|
||||
privatekey_path: /etc/letsencrypt/live/{{ rt_domain }}/privkey.pem
|
||||
csr_path: /etc/ssl/private/{{ rt_domain }}.csr
|
||||
provider: selfsigned
|
|
@ -0,0 +1,23 @@
|
|||
<IfModule mod_ssl.c>
|
||||
<VirtualHost *:443>
|
||||
ServerName {{ rt_domain }}
|
||||
ServerAdmin {{ admin_mail }}
|
||||
ErrorLog ${APACHE_LOG_DIR}/error.log
|
||||
CustomLog ${APACHE_LOG_DIR}/access.log combined
|
||||
|
||||
SSLCertificateFile /etc/letsencrypt/live/{{ rt_domain }}/fullchain.pem
|
||||
SSLCertificateKeyFile /etc/letsencrypt/live/{{ rt_domain }}/privkey.pem
|
||||
Include /etc/letsencrypt/options-ssl-apache.conf
|
||||
|
||||
# Encoded slashes need to be allowed
|
||||
AllowEncodedSlashes NoDecode
|
||||
|
||||
# keep the host
|
||||
ProxyPreserveHost On
|
||||
RequestHeader set X-Forwarded-Proto "https"
|
||||
RequestHeader set X-Forwarded-Host "{{ rt_domain }}"
|
||||
ProxyPass / http://127.0.0.1:8082/
|
||||
ProxyPassReverse / http://127.0.0.1:8082/
|
||||
|
||||
</VirtualHost>
|
||||
</IfModule>
|
|
@ -0,0 +1,6 @@
|
|||
<VirtualHost *:80>
|
||||
ServerName {{ rt_domain }}
|
||||
ServerAdmin {{ admin_mail }}
|
||||
ErrorLog ${APACHE_LOG_DIR}/error.log
|
||||
CustomLog ${APACHE_LOG_DIR}/access.log combined
|
||||
</VirtualHost>
|
|
@ -0,0 +1,15 @@
|
|||
version: '2'
|
||||
|
||||
services:
|
||||
rt:
|
||||
image: netsandbox/request-tracker:latest
|
||||
|
||||
ports:
|
||||
- "8082:80"
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
restart: always
|
||||
environment:
|
||||
- RT_WEB_PORT=8082
|
||||
- LC_ALL=C.UTF-8
|
||||
- LANG=C.UTF-8
|
|
@ -0,0 +1,11 @@
|
|||
---
|
||||
- name: Set up RT
|
||||
hosts: vps
|
||||
vars_files:
|
||||
- general_vars.yml
|
||||
- rt_vars.yml
|
||||
remote_user: "{{ ssh_user }}"
|
||||
become: yes
|
||||
become_user: root
|
||||
roles:
|
||||
- rt
|
|
@ -0,0 +1,2 @@
|
|||
---
|
||||
rt_domain: best-practical.com
|
Loading…
Reference in New Issue