Ansible rule for Riot
This commit is contained in:
parent
74c0d481a8
commit
d58a356e71
5 changed files with 87 additions and 0 deletions
6
riot.yml
Normal file
6
riot.yml
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
# Install Riot on Riot containers
|
||||||
|
- hosts: riot.adm.auro.re
|
||||||
|
roles:
|
||||||
|
- riot
|
||||||
|
|
3
roles/riot/README.md
Normal file
3
roles/riot/README.md
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
# Rôle Riot
|
||||||
|
|
||||||
|
Rôle simple pour riot.
|
6
roles/riot/handlers/main.yml
Normal file
6
roles/riot/handlers/main.yml
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
# Reload the NGINX service
|
||||||
|
- name: Reload NGINX service
|
||||||
|
service:
|
||||||
|
name: nginx
|
||||||
|
state: reloaded
|
52
roles/riot/tasks/main.yml
Normal file
52
roles/riot/tasks/main.yml
Normal file
|
@ -0,0 +1,52 @@
|
||||||
|
---
|
||||||
|
# Install transport https
|
||||||
|
- name: Install transport-https
|
||||||
|
apt:
|
||||||
|
name: apt-transport-https
|
||||||
|
update_cache: yes
|
||||||
|
|
||||||
|
# Add the repository into source list
|
||||||
|
- name: configure riot repository
|
||||||
|
apt_repository:
|
||||||
|
repo: "deb https://riot.im/packages/debian/ {{ ansible_distribution_release }} main"
|
||||||
|
|
||||||
|
# Add the key
|
||||||
|
- name: configure the apt key
|
||||||
|
apt_key:
|
||||||
|
url: https://riot.im/packages/debian/repo-key.asc
|
||||||
|
id: E019645248E8F4A1
|
||||||
|
|
||||||
|
# Install riot
|
||||||
|
- name: install the riot package
|
||||||
|
apt:
|
||||||
|
name: riot-web
|
||||||
|
update_cache: yes
|
||||||
|
|
||||||
|
# Install nginx
|
||||||
|
- name: install nginx
|
||||||
|
apt:
|
||||||
|
name: nginx
|
||||||
|
|
||||||
|
# Configure nginx
|
||||||
|
- name: configure nginx
|
||||||
|
template:
|
||||||
|
src: nginx-riot.j2
|
||||||
|
dest: /etc/nginx/sites-available/riot
|
||||||
|
mode: 0644
|
||||||
|
notify: Reload NGINX service
|
||||||
|
|
||||||
|
# Desactive useless nginx sites
|
||||||
|
- name: Deactivate the default NGINX site
|
||||||
|
file:
|
||||||
|
path: /etc/nginx/sites-enabled/default
|
||||||
|
state: absent
|
||||||
|
notify: Reload NGINX service
|
||||||
|
|
||||||
|
# Activate sites
|
||||||
|
- name: Activate sites
|
||||||
|
file:
|
||||||
|
src: /etc/nginx/sites-available/riot
|
||||||
|
dest: /etc/nginx/sites-enabled/riot
|
||||||
|
state: link
|
||||||
|
notify: Reload NGINX service
|
||||||
|
|
20
roles/riot/templates/nginx-riot.j2
Normal file
20
roles/riot/templates/nginx-riot.j2
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
# /etc/nginx/sites-availible/riot
|
||||||
|
# Ce fichier est géré par ansible
|
||||||
|
server {
|
||||||
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
|
|
||||||
|
root /opt/Riot/resources/webapp/;
|
||||||
|
index index.html;
|
||||||
|
|
||||||
|
access_log /var/log/nginx/riot-access.log;
|
||||||
|
error_log /var/log/nginx/riot-errors.log;
|
||||||
|
|
||||||
|
add_header X-Content-Type-Options nosniff;
|
||||||
|
add_header X-XSS-Protection "1; mode=block";
|
||||||
|
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
try_files $uri $uri/ =404;
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in a new issue