mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2024-05-05 15:16:26 +02:00
4112bdf9fd
yaml: truthy value should be one of [false, true] (truthy) yaml: wrong indentation: expected 4 but found 2 (indentation) yaml: too few spaces before comment (comments) yaml: missing starting space in comment (comments) yaml: too many blank lines (1 > 0) (empty-lines) yaml: too many spaces after colon (colons) yaml: comment not indented like content (comments-indentation) yaml: no new line character at the end of file (new-line-at-end-of-file) load-failure: Failed to load or parse file parser-error: couldn't resolve module/action 'hosts'. This often indicates a misspelling, missing collection, or incorrect module path.
86 lines
2.9 KiB
YAML
86 lines
2.9 KiB
YAML
---
|
|
- name: run maintenance mode
|
|
include_role:
|
|
name: maintenance
|
|
vars:
|
|
service_name: "Bugtracker"
|
|
service_domain: "{{ flyspray_domain }}"
|
|
service_alternate_domains: []
|
|
service_nginx_conf: "{{ flyspray_nginx_conf }}"
|
|
when: maintenance is defined
|
|
|
|
- name: install git
|
|
pacman: name=git state=present
|
|
|
|
- name: make flyspray user
|
|
user: name="{{ flyspray_user }}" shell=/bin/false home="{{ flyspray_dir }}" createhome=no
|
|
register: user_created
|
|
|
|
- name: fix home permissions
|
|
file: state=directory owner="{{ flyspray_user }}" group="{{ flyspray_user }}" path="{{ flyspray_dir }}" mode=0750
|
|
|
|
- name: set up nginx
|
|
template: src=nginx.d.conf.j2 dest="{{ flyspray_nginx_conf }}" owner=root group=root mode=644
|
|
notify:
|
|
- reload nginx
|
|
when: maintenance is not defined
|
|
tags: ['nginx']
|
|
|
|
- name: make nginx log dir
|
|
file: path=/var/log/nginx/{{ flyspray_domain }} state=directory owner=root group=root mode=0755
|
|
|
|
- name: create setup dir with write permissions
|
|
file: state=directory owner="{{ flyspray_user }}" group="{{ flyspray_user }}" path="{{ flyspray_dir }}/setup" mode=755
|
|
when: falset user_created.changed
|
|
|
|
- name: clone flyspray repo
|
|
git:
|
|
repo: https://git.archlinux.org/vhosts/bugs.archlinux.org.git
|
|
version: "{{ flyspray_commit }}"
|
|
dest: "{{ flyspray_dir }}"
|
|
become: true
|
|
become_user: "{{ flyspray_user }}"
|
|
register: release
|
|
|
|
- name: take away setup dir write permissions
|
|
file: state=directory owner="{{ flyspray_user }}" group="{{ flyspray_user }}" path="{{ flyspray_dir }}/setup" mode=000
|
|
|
|
- name: configure flyspray
|
|
template: src=flyspray.conf.php.j2 dest=/srv/http/flyspray/flyspray.conf.php owner="{{ flyspray_user }}" group="{{ flyspray_user }}" mode=0660
|
|
register: config
|
|
no_log: true
|
|
|
|
- name: create flyspray db
|
|
mysql_db: name="{{ flyspray_db }}" login_host="{{ flyspray_db_host }}" login_password="{{ vault_mariadb_users.root }}"
|
|
register: db_created
|
|
|
|
- name: create flyspray db user
|
|
mysql_user: name={{ flyspray_db_user }} password={{ vault_flyspray_db_password }}
|
|
login_host="{{ flyspray_db_host }}" login_password="{{ vault_mariadb_users.root }}"
|
|
priv="{{ flyspray_db }}.*:ALL"
|
|
no_log: true
|
|
|
|
- name: configure php-fpm
|
|
template:
|
|
src=php-fpm.conf.j2 dest="/etc/php7/php-fpm.d/{{ flyspray_user }}.conf"
|
|
owner=root group=root mode=0644
|
|
notify:
|
|
- restart php-fpm7@flyspray
|
|
|
|
- name: install fail2ban register ban filter
|
|
template: src=fail2ban.filter.j2 dest=/etc/fail2ban/filter.d/nginx-flyspray-register.local owner=root group=root mode=0644
|
|
notify:
|
|
- restart fail2ban
|
|
tags:
|
|
- fail2ban
|
|
|
|
- name: install fail2ban register ban jail
|
|
template: src=fail2ban.jail.j2 dest=/etc/fail2ban/jail.d/nginx-flyspray-register.local owner=root group=root mode=0644
|
|
notify:
|
|
- restart fail2ban
|
|
tags:
|
|
- fail2ban
|
|
|
|
- name: start and enable systemd socket
|
|
service: name=php-fpm7@flyspray.socket state=started enabled=true
|