diff --git a/riot.yml b/riot.yml new file mode 100644 index 0000000..b415100 --- /dev/null +++ b/riot.yml @@ -0,0 +1,6 @@ +--- +# Install Riot on Riot containers +- hosts: riot.adm.auro.re + roles: + - riot + diff --git a/roles/riot/README.md b/roles/riot/README.md new file mode 100644 index 0000000..b7ac39c --- /dev/null +++ b/roles/riot/README.md @@ -0,0 +1,3 @@ +# Rôle Riot + +Rôle simple pour riot. diff --git a/roles/riot/handlers/main.yml b/roles/riot/handlers/main.yml new file mode 100644 index 0000000..4307d64 --- /dev/null +++ b/roles/riot/handlers/main.yml @@ -0,0 +1,6 @@ +--- +# Reload the NGINX service +- name: Reload NGINX service + service: + name: nginx + state: reloaded diff --git a/roles/riot/tasks/main.yml b/roles/riot/tasks/main.yml new file mode 100644 index 0000000..3ef264c --- /dev/null +++ b/roles/riot/tasks/main.yml @@ -0,0 +1,52 @@ +--- +# Install transport https +- name: Install transport-https + apt: + name: apt-transport-https + update_cache: yes + +# Add the repository into source list +- name: configure riot repository + apt_repository: + repo: "deb https://riot.im/packages/debian/ {{ ansible_distribution_release }} main" + +# Add the key +- name: configure the apt key + apt_key: + url: https://riot.im/packages/debian/repo-key.asc + id: E019645248E8F4A1 + +# Install riot +- name: install the riot package + apt: + name: riot-web + update_cache: yes + +# Install nginx +- name: install nginx + apt: + name: nginx + +# Configure nginx +- name: configure nginx + template: + src: nginx-riot.j2 + dest: /etc/nginx/sites-available/riot + mode: 0644 + notify: Reload NGINX service + +# Desactive useless nginx sites +- name: Deactivate the default NGINX site + file: + path: /etc/nginx/sites-enabled/default + state: absent + notify: Reload NGINX service + +# Activate sites +- name: Activate sites + file: + src: /etc/nginx/sites-available/riot + dest: /etc/nginx/sites-enabled/riot + state: link + notify: Reload NGINX service + diff --git a/roles/riot/templates/nginx-riot.j2 b/roles/riot/templates/nginx-riot.j2 new file mode 100644 index 0000000..5db4b66 --- /dev/null +++ b/roles/riot/templates/nginx-riot.j2 @@ -0,0 +1,20 @@ +# /etc/nginx/sites-availible/riot +# Ce fichier est géré par ansible +server { + listen 80; + listen [::]:80; + + root /opt/Riot/resources/webapp/; + index index.html; + + access_log /var/log/nginx/riot-access.log; + error_log /var/log/nginx/riot-errors.log; + + add_header X-Content-Type-Options nosniff; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Frame-Options "SAMEORIGIN" always; + + location / { + try_files $uri $uri/ =404; + } +}