From c7293cd6eae1ea56fd0ecb879fd698a100bd61c0 Mon Sep 17 00:00:00 2001 From: Matej Focko Date: Fri, 12 Jul 2024 21:06:00 +0200 Subject: [PATCH] chore: move out the server roles Signed-off-by: Matej Focko --- roles/{server => }/certbot/tasks/install.yml | 0 roles/{server => }/certbot/tasks/main.yml | 0 roles/{server => }/certbot/templates/cloudflare.ini | 0 roles/{server => }/cups/tasks/install.yml | 0 roles/{server => }/cups/tasks/main.yml | 0 roles/{server => }/ddns/files/ddns.service | 0 roles/{server => }/ddns/files/ddns.timer | 0 roles/{server => }/ddns/tasks/main.yml | 0 roles/{server => }/ddns/templates/inadyn.conf | 0 roles/{server => }/nginx/defaults/main.yml | 4 ++-- roles/{server => }/nginx/files/nginx.conf | 0 roles/{server => }/nginx/files/proxy.conf | 0 roles/{server => }/nginx/tasks/install.yml | 0 roles/{server => }/nginx/tasks/main.yml | 4 ++-- roles/{server => }/nginx/templates/http.conf | 4 ++-- roles/{server => }/nginx/templates/me.conf | 0 roles/{server => }/nginx/templates/reverse_proxy.conf | 0 roles/{server => }/nginx/templates/ssl.conf | 4 ++-- 18 files changed, 8 insertions(+), 8 deletions(-) rename roles/{server => }/certbot/tasks/install.yml (100%) rename roles/{server => }/certbot/tasks/main.yml (100%) rename roles/{server => }/certbot/templates/cloudflare.ini (100%) rename roles/{server => }/cups/tasks/install.yml (100%) rename roles/{server => }/cups/tasks/main.yml (100%) rename roles/{server => }/ddns/files/ddns.service (100%) rename roles/{server => }/ddns/files/ddns.timer (100%) rename roles/{server => }/ddns/tasks/main.yml (100%) rename roles/{server => }/ddns/templates/inadyn.conf (100%) rename roles/{server => }/nginx/defaults/main.yml (81%) rename roles/{server => }/nginx/files/nginx.conf (100%) rename roles/{server => }/nginx/files/proxy.conf (100%) rename roles/{server => }/nginx/tasks/install.yml (100%) rename roles/{server => }/nginx/tasks/main.yml (93%) rename roles/{server => }/nginx/templates/http.conf (91%) rename roles/{server => }/nginx/templates/me.conf (100%) rename roles/{server => }/nginx/templates/reverse_proxy.conf (100%) rename roles/{server => }/nginx/templates/ssl.conf (64%) diff --git a/roles/server/certbot/tasks/install.yml b/roles/certbot/tasks/install.yml similarity index 100% rename from roles/server/certbot/tasks/install.yml rename to roles/certbot/tasks/install.yml diff --git a/roles/server/certbot/tasks/main.yml b/roles/certbot/tasks/main.yml similarity index 100% rename from roles/server/certbot/tasks/main.yml rename to roles/certbot/tasks/main.yml diff --git a/roles/server/certbot/templates/cloudflare.ini b/roles/certbot/templates/cloudflare.ini similarity index 100% rename from roles/server/certbot/templates/cloudflare.ini rename to roles/certbot/templates/cloudflare.ini diff --git a/roles/server/cups/tasks/install.yml b/roles/cups/tasks/install.yml similarity index 100% rename from roles/server/cups/tasks/install.yml rename to roles/cups/tasks/install.yml diff --git a/roles/server/cups/tasks/main.yml b/roles/cups/tasks/main.yml similarity index 100% rename from roles/server/cups/tasks/main.yml rename to roles/cups/tasks/main.yml diff --git a/roles/server/ddns/files/ddns.service b/roles/ddns/files/ddns.service similarity index 100% rename from roles/server/ddns/files/ddns.service rename to roles/ddns/files/ddns.service diff --git a/roles/server/ddns/files/ddns.timer b/roles/ddns/files/ddns.timer similarity index 100% rename from roles/server/ddns/files/ddns.timer rename to roles/ddns/files/ddns.timer diff --git a/roles/server/ddns/tasks/main.yml b/roles/ddns/tasks/main.yml similarity index 100% rename from roles/server/ddns/tasks/main.yml rename to roles/ddns/tasks/main.yml diff --git a/roles/server/ddns/templates/inadyn.conf b/roles/ddns/templates/inadyn.conf similarity index 100% rename from roles/server/ddns/templates/inadyn.conf rename to roles/ddns/templates/inadyn.conf diff --git a/roles/server/nginx/defaults/main.yml b/roles/nginx/defaults/main.yml similarity index 81% rename from roles/server/nginx/defaults/main.yml rename to roles/nginx/defaults/main.yml index 99cb0a1..0c72f6b 100644 --- a/roles/server/nginx/defaults/main.yml +++ b/roles/nginx/defaults/main.yml @@ -1,6 +1,6 @@ --- # Name of the certificate generated by Certbot -server_nginx_certname: None +nginx_certname: None # List of reverse proxies to be set up; objects of ‹domain›, ‹upstream› and # ‹protocol› for proxying, e.g.: @@ -8,4 +8,4 @@ server_nginx_certname: None # - domain: "cockpit" # upstream: "127.0.0.1:9090" # protocol: "https" -server_nginx_reverse_proxy: [] +nginx_reverse_proxy: [] diff --git a/roles/server/nginx/files/nginx.conf b/roles/nginx/files/nginx.conf similarity index 100% rename from roles/server/nginx/files/nginx.conf rename to roles/nginx/files/nginx.conf diff --git a/roles/server/nginx/files/proxy.conf b/roles/nginx/files/proxy.conf similarity index 100% rename from roles/server/nginx/files/proxy.conf rename to roles/nginx/files/proxy.conf diff --git a/roles/server/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml similarity index 100% rename from roles/server/nginx/tasks/install.yml rename to roles/nginx/tasks/install.yml diff --git a/roles/server/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml similarity index 93% rename from roles/server/nginx/tasks/main.yml rename to roles/nginx/tasks/main.yml index 62979bd..540fcac 100644 --- a/roles/server/nginx/tasks/main.yml +++ b/roles/nginx/tasks/main.yml @@ -61,7 +61,7 @@ proxy_domain: "{{ item.domain }}" proxy_upstream: "{{ item.upstream }}" proxy_protocol: "{{ item.protocol }}" - loop: "{{ server_nginx_reverse_proxy }}" + loop: "{{ nginx_reverse_proxy }}" # ‹httpd_can_network_relay› was not enough for the ubiquiti reverse proxy - name: Allow reverse proxy in SELinux @@ -69,7 +69,7 @@ name: httpd_can_network_connect state: true persistent: true - when: "ansible_facts.selinux.status == 'enabled' and server_nginx_reverse_proxy" + when: "ansible_facts.selinux.status == 'enabled' and nginx_reverse_proxy" - name: Enable nginx on firewall ansible.posix.firewalld: diff --git a/roles/server/nginx/templates/http.conf b/roles/nginx/templates/http.conf similarity index 91% rename from roles/server/nginx/templates/http.conf rename to roles/nginx/templates/http.conf index 2f5bbe7..6b02cb8 100644 --- a/roles/server/nginx/templates/http.conf +++ b/roles/nginx/templates/http.conf @@ -33,8 +33,8 @@ http { server_name {{ host_fqdn }}; root /usr/share/nginx/html; - ssl_certificate /etc/letsencrypt/live/{{ server_nginx_certname }}/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/{{ server_nginx_certname }}/privkey.pem; + ssl_certificate /etc/letsencrypt/live/{{ nginx_certname }}/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/{{ nginx_certname }}/privkey.pem; # Allow TLS version 1.2 only, which is a recommended default these days # by international information security standards. diff --git a/roles/server/nginx/templates/me.conf b/roles/nginx/templates/me.conf similarity index 100% rename from roles/server/nginx/templates/me.conf rename to roles/nginx/templates/me.conf diff --git a/roles/server/nginx/templates/reverse_proxy.conf b/roles/nginx/templates/reverse_proxy.conf similarity index 100% rename from roles/server/nginx/templates/reverse_proxy.conf rename to roles/nginx/templates/reverse_proxy.conf diff --git a/roles/server/nginx/templates/ssl.conf b/roles/nginx/templates/ssl.conf similarity index 64% rename from roles/server/nginx/templates/ssl.conf rename to roles/nginx/templates/ssl.conf index 14a399b..843e4ea 100644 --- a/roles/server/nginx/templates/ssl.conf +++ b/roles/nginx/templates/ssl.conf @@ -1,7 +1,7 @@ listen 443 ssl http2; -ssl_certificate /etc/letsencrypt/live/{{ server_nginx_certname }}/fullchain.pem; -ssl_certificate_key /etc/letsencrypt/live/{{ server_nginx_certname }}/privkey.pem; +ssl_certificate /etc/letsencrypt/live/{{ nginx_certname }}/fullchain.pem; +ssl_certificate_key /etc/letsencrypt/live/{{ nginx_certname }}/privkey.pem; # Allow TLS version 1.2 only, which is a recommended default these days # by international information security standards.