mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2024-05-05 10:36:03 +02:00
4112bdf9fd
yaml: truthy value should be one of [false, true] (truthy) yaml: wrong indentation: expected 4 but found 2 (indentation) yaml: too few spaces before comment (comments) yaml: missing starting space in comment (comments) yaml: too many blank lines (1 > 0) (empty-lines) yaml: too many spaces after colon (colons) yaml: comment not indented like content (comments-indentation) yaml: no new line character at the end of file (new-line-at-end-of-file) load-failure: Failed to load or parse file parser-error: couldn't resolve module/action 'hosts'. This often indicates a misspelling, missing collection, or incorrect module path.
131 lines
4.5 KiB
YAML
131 lines
4.5 KiB
YAML
---
|
|
- name: run maintenance mode
|
|
include_role:
|
|
name: maintenance
|
|
vars:
|
|
service_name: "wiki"
|
|
service_domain: "{{ archwiki_domain }}"
|
|
service_alternate_domains: []
|
|
service_nginx_conf: "{{ archwiki_nginx_conf }}"
|
|
when: maintenance is defined
|
|
|
|
- name: create ssl cert
|
|
include_role:
|
|
name: certificate
|
|
vars:
|
|
domains: ["{{ archwiki_domain }}"]
|
|
when: 'archwiki_domain is defined'
|
|
|
|
- name: install packages
|
|
pacman: name=git,php-intl state=present
|
|
|
|
- name: make archwiki user
|
|
user: name="{{ archwiki_user }}" shell=/bin/false home="{{ archwiki_dir }}" createhome=no
|
|
register: user_created
|
|
|
|
- name: fix home permissions
|
|
file: state=directory owner="{{ archwiki_user }}" group="{{ archwiki_user }}" mode=0751 path="{{ archwiki_dir }}"
|
|
|
|
- name: fix cache permissions
|
|
file: state=directory owner="{{ archwiki_user }}" group="{{ archwiki_user }}" mode=0750 path="{{ archwiki_dir }}/cache"
|
|
|
|
- name: fix sessions permissions
|
|
file: state=directory owner="{{ archwiki_user }}" group="{{ archwiki_user }}" mode=0750 path="{{ archwiki_dir }}/sessions"
|
|
|
|
- name: fix uploads permissions
|
|
file: state=directory owner="{{ archwiki_user }}" group="{{ archwiki_user }}" mode=0755 path="{{ archwiki_dir }}/uploads"
|
|
|
|
- name: set up nginx
|
|
template: src=nginx.d.conf.j2 dest="{{ archwiki_nginx_conf }}" owner=root group=root mode=644
|
|
notify:
|
|
- reload nginx
|
|
when: maintenance is not defined
|
|
tags: ['nginx']
|
|
|
|
- name: remove old fastcgi cache directory
|
|
file: path=/etc/nginx/wikicache state=absent
|
|
|
|
- name: configure robots.txt
|
|
copy: src=robots.txt dest="{{ archwiki_dir }}/robots.txt" owner=root group=root mode=0644
|
|
|
|
- name: make nginx log dir
|
|
file: path=/var/log/nginx/{{ archwiki_domain }} state=directory owner=root group=root mode=0755
|
|
|
|
- name: make debug log dir
|
|
file: path=/var/log/archwiki state=directory owner={{ archwiki_user }} group=root mode=0700
|
|
|
|
- name: clone archwiki repo
|
|
git: repo={{ archwiki_repository }} dest="{{ archwiki_dir }}/public" version={{ archwiki_version }}
|
|
become: true
|
|
become_user: "{{ archwiki_user }}"
|
|
notify:
|
|
- run wiki updatescript
|
|
# purge the nginx cache to make sure clients get the updated assets
|
|
- purge nginx cache
|
|
|
|
- name: configure archwiki
|
|
template: src=LocalSettings.php.j2 dest="{{ archwiki_dir }}/public/LocalSettings.php" owner="{{ archwiki_user }}" group="{{ archwiki_user }}" mode=0640
|
|
register: config
|
|
no_log: true
|
|
|
|
- name: create archwiki db
|
|
mysql_db: name="{{ archwiki_db }}" login_host="{{ archwiki_db_host }}" login_password="{{ vault_mariadb_users.root }}"
|
|
register: db_created
|
|
|
|
- name: create archwiki db user
|
|
mysql_user: name={{ archwiki_db_user }} password={{ vault_archwiki_db_password }}
|
|
login_host="{{ archwiki_db_host }}" login_password="{{ vault_mariadb_users.root }}"
|
|
priv="{{ archwiki_db }}.*:ALL"
|
|
no_log: true
|
|
|
|
- name: configure php-fpm
|
|
template:
|
|
src=php-fpm.conf.j2 dest="/etc/php/php-fpm.d/{{ archwiki_user }}.conf"
|
|
owner=root group=root mode=0644
|
|
notify:
|
|
- restart php-fpm@{{ archwiki_user }}
|
|
|
|
- name: install archwiki memcached service
|
|
template: src="archwiki-memcached.service.j2" dest="/etc/systemd/system/archwiki-memcached.service" owner=root group=root mode=0644
|
|
|
|
- name: start and enable systemd socket
|
|
service: name=php-fpm@{{ archwiki_user }}.socket state=started enabled=true
|
|
|
|
- name: install systemd services/timers
|
|
template: src="{{ item }}.j2" dest="/etc/systemd/system/{{ item }}" owner=root group=root mode=0644
|
|
loop:
|
|
- archwiki-runjobs.service
|
|
- archwiki-runjobs-wait.service
|
|
- archwiki-runjobs.timer
|
|
- archwiki-prune-cache.service
|
|
- archwiki-prune-cache.timer
|
|
- archwiki-question-updater.service
|
|
- archwiki-memcached.service
|
|
|
|
- name: start and enable archwiki timers and services
|
|
systemd:
|
|
name: "{{ item }}"
|
|
enabled: true
|
|
state: started
|
|
daemon_reload: true
|
|
with_items:
|
|
- archwiki-runjobs.timer
|
|
- archwiki-prune-cache.timer
|
|
- archwiki-runjobs-wait.service
|
|
- archwiki-memcached.service
|
|
|
|
- name: create question answer file
|
|
systemd:
|
|
name: archwiki-question-updater.service
|
|
state: started
|
|
daemon_reload: true
|
|
|
|
- name: ensure question answer file exists and set permissions
|
|
file: state=file path="{{ archwiki_question_answer_file }}" owner=root group=root mode=0644
|
|
|
|
- name: create pacman.d hooks dir
|
|
file: state=directory owner=root group=root mode=0755 path=/etc/pacman.d/hooks
|
|
|
|
- name: install archwiki question updater hook
|
|
template: src=archwiki-question-updater.hook.j2 dest=/etc/pacman.d/hooks/archwiki-question-updater.hook owner=root group=root mode=0644
|