From d58a356e71682364c5fded31351d2402b73de2ad Mon Sep 17 00:00:00 2001 From: Otthorn Date: Thu, 7 Feb 2019 13:37:03 +0100 Subject: [PATCH 1/2] Ansible rule for Riot --- riot.yml | 6 ++++ roles/riot/README.md | 3 ++ roles/riot/handlers/main.yml | 6 ++++ roles/riot/tasks/main.yml | 52 ++++++++++++++++++++++++++++++ roles/riot/templates/nginx-riot.j2 | 20 ++++++++++++ 5 files changed, 87 insertions(+) create mode 100644 riot.yml create mode 100644 roles/riot/README.md create mode 100644 roles/riot/handlers/main.yml create mode 100644 roles/riot/tasks/main.yml create mode 100644 roles/riot/templates/nginx-riot.j2 diff --git a/riot.yml b/riot.yml new file mode 100644 index 0000000..b415100 --- /dev/null +++ b/riot.yml @@ -0,0 +1,6 @@ +--- +# Install Riot on Riot containers +- hosts: riot.adm.auro.re + roles: + - riot + diff --git a/roles/riot/README.md b/roles/riot/README.md new file mode 100644 index 0000000..b7ac39c --- /dev/null +++ b/roles/riot/README.md @@ -0,0 +1,3 @@ +# Rôle Riot + +Rôle simple pour riot. diff --git a/roles/riot/handlers/main.yml b/roles/riot/handlers/main.yml new file mode 100644 index 0000000..4307d64 --- /dev/null +++ b/roles/riot/handlers/main.yml @@ -0,0 +1,6 @@ +--- +# Reload the NGINX service +- name: Reload NGINX service + service: + name: nginx + state: reloaded diff --git a/roles/riot/tasks/main.yml b/roles/riot/tasks/main.yml new file mode 100644 index 0000000..3ef264c --- /dev/null +++ b/roles/riot/tasks/main.yml @@ -0,0 +1,52 @@ +--- +# Install transport https +- name: Install transport-https + apt: + name: apt-transport-https + update_cache: yes + +# Add the repository into source list +- name: configure riot repository + apt_repository: + repo: "deb https://riot.im/packages/debian/ {{ ansible_distribution_release }} main" + +# Add the key +- name: configure the apt key + apt_key: + url: https://riot.im/packages/debian/repo-key.asc + id: E019645248E8F4A1 + +# Install riot +- name: install the riot package + apt: + name: riot-web + update_cache: yes + +# Install nginx +- name: install nginx + apt: + name: nginx + +# Configure nginx +- name: configure nginx + template: + src: nginx-riot.j2 + dest: /etc/nginx/sites-available/riot + mode: 0644 + notify: Reload NGINX service + +# Desactive useless nginx sites +- name: Deactivate the default NGINX site + file: + path: /etc/nginx/sites-enabled/default + state: absent + notify: Reload NGINX service + +# Activate sites +- name: Activate sites + file: + src: /etc/nginx/sites-available/riot + dest: /etc/nginx/sites-enabled/riot + state: link + notify: Reload NGINX service + diff --git a/roles/riot/templates/nginx-riot.j2 b/roles/riot/templates/nginx-riot.j2 new file mode 100644 index 0000000..5db4b66 --- /dev/null +++ b/roles/riot/templates/nginx-riot.j2 @@ -0,0 +1,20 @@ +# /etc/nginx/sites-availible/riot +# Ce fichier est géré par ansible +server { + listen 80; + listen [::]:80; + + root /opt/Riot/resources/webapp/; + index index.html; + + access_log /var/log/nginx/riot-access.log; + error_log /var/log/nginx/riot-errors.log; + + add_header X-Content-Type-Options nosniff; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Frame-Options "SAMEORIGIN" always; + + location / { + try_files $uri $uri/ =404; + } +} From 79266d2476efb1ccd1a1e01b2bda42283f1b8f31 Mon Sep 17 00:00:00 2001 From: Alexandre Iooss Date: Thu, 7 Feb 2019 13:04:46 +0100 Subject: [PATCH 2/2] Uniformize --- roles/riot/tasks/main.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/riot/tasks/main.yml b/roles/riot/tasks/main.yml index 3ef264c..7433226 100644 --- a/roles/riot/tasks/main.yml +++ b/roles/riot/tasks/main.yml @@ -1,34 +1,34 @@ --- -# Install transport https -- name: Install transport-https +# Install HTTPS support for APT +- name: Install apt-transport-https apt: name: apt-transport-https update_cache: yes # Add the repository into source list -- name: configure riot repository +- name: Configure riot repository apt_repository: repo: "deb https://riot.im/packages/debian/ {{ ansible_distribution_release }} main" # Add the key -- name: configure the apt key +- name: Configure the apt key apt_key: url: https://riot.im/packages/debian/repo-key.asc id: E019645248E8F4A1 # Install riot -- name: install the riot package +- name: Install riot-web apt: name: riot-web update_cache: yes # Install nginx -- name: install nginx +- name: Install nginx apt: name: nginx # Configure nginx -- name: configure nginx +- name: Configure nginx template: src: nginx-riot.j2 dest: /etc/nginx/sites-available/riot