From 3dbcb8f2c56f359a738065ec5d0323b8b90e8c1d Mon Sep 17 00:00:00 2001 From: Julian Labus Date: Wed, 13 Feb 2019 11:40:25 +0100 Subject: [PATCH] Roles: add service-nginx-openlayers --- inventory/group_vars/ffmwu-monitoring | 1 + roles/service-nginx-openlayers/README.md | 18 ++++++++ .../handlers/main.yml | 5 +++ roles/service-nginx-openlayers/meta/main.yml | 3 ++ roles/service-nginx-openlayers/tasks/main.yml | 42 +++++++++++++++++++ .../templates/openlayers_vhost.conf.j2 | 30 +++++++++++++ roles/service-nginx-openlayers/vars/main.yml | 7 ++++ 7 files changed, 106 insertions(+) create mode 100644 roles/service-nginx-openlayers/README.md create mode 100644 roles/service-nginx-openlayers/handlers/main.yml create mode 100644 roles/service-nginx-openlayers/meta/main.yml create mode 100644 roles/service-nginx-openlayers/tasks/main.yml create mode 100644 roles/service-nginx-openlayers/templates/openlayers_vhost.conf.j2 create mode 100644 roles/service-nginx-openlayers/vars/main.yml diff --git a/inventory/group_vars/ffmwu-monitoring b/inventory/group_vars/ffmwu-monitoring index 148fb6d..b174d08 100644 --- a/inventory/group_vars/ffmwu-monitoring +++ b/inventory/group_vars/ffmwu-monitoring @@ -12,6 +12,7 @@ http_meshviewer_prefix: map http_grafana_prefix: stats http_lookingglass_prefix: lg http_prometheus_prefix: prom +http_openlayers_prefix: ol prometheus_conf_main: prometheus/prometheus.yml.j2 diff --git a/roles/service-nginx-openlayers/README.md b/roles/service-nginx-openlayers/README.md new file mode 100644 index 0000000..1b26d06 --- /dev/null +++ b/roles/service-nginx-openlayers/README.md @@ -0,0 +1,18 @@ +# Ansible role service-nginx-openlayers + +Diese Ansible role installert OpenLayers und konfiguriert den nginx vHosts. + +- schreibt openlayers.conf +- legt OpenLayers Verzeichnis an +- installert OpenLayers + +## Benötigte Variablen + +- Variable `openlayers_src` (Rollen Variable) +- Variable `openlayers_path` (Rollen Variable) +- Variable `openlayers_version` (Rollen Variable) +- Variable `http_openlayers_external` (Rollen Variable) +- Variable `http_openlayers_internal` (Rollen Variable) +- Variable `http_openlayers_prefix` # string: Subdomain +- Variable `http_domain_external` # string: Externe Freifunk MWU Domain +- Variable `http_domain_internal` # string: Interne Freifunk MWU Domain diff --git a/roles/service-nginx-openlayers/handlers/main.yml b/roles/service-nginx-openlayers/handlers/main.yml new file mode 100644 index 0000000..1aec9c3 --- /dev/null +++ b/roles/service-nginx-openlayers/handlers/main.yml @@ -0,0 +1,5 @@ +--- +- name: restart nginx + systemd: + name: nginx + state: restarted diff --git a/roles/service-nginx-openlayers/meta/main.yml b/roles/service-nginx-openlayers/meta/main.yml new file mode 100644 index 0000000..814b458 --- /dev/null +++ b/roles/service-nginx-openlayers/meta/main.yml @@ -0,0 +1,3 @@ +--- +dependencies: + - { role: service-nginx } diff --git a/roles/service-nginx-openlayers/tasks/main.yml b/roles/service-nginx-openlayers/tasks/main.yml new file mode 100644 index 0000000..cded914 --- /dev/null +++ b/roles/service-nginx-openlayers/tasks/main.yml @@ -0,0 +1,42 @@ +--- +- name: create directory + file: + path: "{{ openlayers_path }}" + state: directory + mode: 0755 + owner: www-data + group: www-data + +- name: download and extract + unarchive: + creates: "{{ openlayers_path }}/{{ openlayers_version }}" + src: "{{ openlayers_src }}" + dest: "{{ openlayers_path }}" + remote_src: yes + owner: www-data + group: www-data + +- name: create symlinks + file: + src: "{{ openlayers_version }}/{{ item }}" + dest: "{{ openlayers_path }}/{{ item }}" + state: link + loop: + - build + - css + +- name: write vhost + template: + src: openlayers_vhost.conf.j2 + dest: /etc/nginx/conf.d/openlayers.conf + owner: root + group: root + mode: 0644 + notify: restart nginx + +- name: fix permissions + file: + path: "{{ openlayers_path }}" + owner: www-data + group: www-data + recurse: yes diff --git a/roles/service-nginx-openlayers/templates/openlayers_vhost.conf.j2 b/roles/service-nginx-openlayers/templates/openlayers_vhost.conf.j2 new file mode 100644 index 0000000..251500d --- /dev/null +++ b/roles/service-nginx-openlayers/templates/openlayers_vhost.conf.j2 @@ -0,0 +1,30 @@ +server { + listen 80; + listen [::]:80; + server_name {{ http_openlayers_external }} {{ http_openlayers_internal }}; + + include /etc/nginx/snippets/gzip.conf; + include /etc/nginx/snippets/letsencrypt-acme-challenge.conf; + + root {{ openlayers_path }}; + location / { + autoindex on; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name {{ http_openlayers_external }} {{ http_openlayers_internal }}; + + ssl_certificate /etc/nginx/ssl/{{ inventory_hostname_short }}.{{ http_domain_external }}/fullchain.pem; + ssl_certificate_key /etc/nginx/ssl/{{ inventory_hostname_short }}.{{ http_domain_external }}/privkey.pem; + + include /etc/nginx/snippets/gzip.conf; + include /etc/nginx/snippets/letsencrypt-acme-challenge.conf; + + root {{ openlayers_path }}; + location / { + autoindex on; + } +} diff --git a/roles/service-nginx-openlayers/vars/main.yml b/roles/service-nginx-openlayers/vars/main.yml new file mode 100644 index 0000000..d8d33c6 --- /dev/null +++ b/roles/service-nginx-openlayers/vars/main.yml @@ -0,0 +1,7 @@ +--- +http_openlayers_external: "{{ http_openlayers_prefix }}.{{ http_domain_external }}" +http_openlayers_internal: "{{ http_openlayers_prefix }}.{{ http_domain_internal }}" + +openlayers_version: "v5.3.0" +openlayers_path: "/var/www/{{ http_openlayers_external }}" +openlayers_src: "https://github.com/openlayers/openlayers/releases/download/{{ openlayers_version }}/{{ openlayers_version }}.zip"