Bootstrap caddy http sync role
This commit is contained in:
Wilfried OLLIVIER
commit
4164ebb829
7 changed files with 162 additions and 0 deletions
13
LICENCE
Normal file
13
LICENCE
Normal file
|
|
@ -0,0 +1,13 @@
|
||||||
|
DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
|
||||||
|
Version 2, December 2004
|
||||||
|
|
||||||
|
Copyright (C) 2019 Wilfried OLLIVIER <wollivier@fdn.fr>
|
||||||
|
|
||||||
|
Everyone is permitted to copy and distribute verbatim or modified
|
||||||
|
copies of this license document, and changing it is allowed as long
|
||||||
|
as the name is changed.
|
||||||
|
|
||||||
|
DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
|
||||||
|
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
|
||||||
|
|
||||||
|
0. You just DO WHAT THE FUCK YOU WANT TO.
|
||||||
37
README.md
Normal file
37
README.md
Normal file
|
|
@ -0,0 +1,37 @@
|
||||||
|
galaxy-caddy.http.sync
|
||||||
|
======================
|
||||||
|
|
||||||
|
Push config file and sync code source of a basic html site
|
||||||
|
|
||||||
|
Requirements
|
||||||
|
------------
|
||||||
|
|
||||||
|
Caddy webserver up and running
|
||||||
|
|
||||||
|
Role Variables
|
||||||
|
--------------
|
||||||
|
|
||||||
|
- vhost_url: vhost url
|
||||||
|
- vhost_name: name of the vhost
|
||||||
|
- caddy_home: path to caddy home directory
|
||||||
|
- caddy_logs: path to caddy logs directory
|
||||||
|
- caddy_conf: path to caddy config directory
|
||||||
|
- caddy_confd: path to caddy confd directory
|
||||||
|
- caddy_logs: path to caddy vhost log directory
|
||||||
|
- caddy_www: path to caddy www dir
|
||||||
|
- custom_errors: yes/no - use custom errors or not
|
||||||
|
- www_redirect: yes/no - redirect www. to .
|
||||||
|
|
||||||
|
Dependencies
|
||||||
|
------------
|
||||||
|
|
||||||
|
galaxy-caddy
|
||||||
|
|
||||||
|
Example Playbook
|
||||||
|
----------------
|
||||||
|
|
||||||
|
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
|
||||||
|
|
||||||
|
- hosts: servers
|
||||||
|
roles:
|
||||||
|
- { role: galaxy-caddy.http.sync, custom_errors: no, vhost_name: test, vhost_url: test.test, syncpath: path/to/some/directory }
|
||||||
12
defaults/main.yml
Normal file
12
defaults/main.yml
Normal file
|
|
@ -0,0 +1,12 @@
|
||||||
|
---
|
||||||
|
# defaults file for galaxy-caddy.http.sync
|
||||||
|
|
||||||
|
caddy_home: /srv/caddy
|
||||||
|
caddy_logs: /srv/caddy/logs
|
||||||
|
caddy_conf: /etc/caddy
|
||||||
|
caddy_confd: /etc/caddy/conf.d
|
||||||
|
caddy_www: /var/www/caddy
|
||||||
|
|
||||||
|
www_redirect: no
|
||||||
|
|
||||||
|
custom_errors: no
|
||||||
13
handlers/main.yml
Normal file
13
handlers/main.yml
Normal file
|
|
@ -0,0 +1,13 @@
|
||||||
|
---
|
||||||
|
# handlers file for galaxy-caddy.http.sync
|
||||||
|
|
||||||
|
- name: start caddy
|
||||||
|
service: name=caddy
|
||||||
|
state=started
|
||||||
|
enabled=yes
|
||||||
|
daemon_reload=yes
|
||||||
|
|
||||||
|
- name: restart caddy
|
||||||
|
service: name=caddy
|
||||||
|
state=restarted
|
||||||
|
enabled=yes
|
||||||
20
meta/main.yml
Normal file
20
meta/main.yml
Normal file
|
|
@ -0,0 +1,20 @@
|
||||||
|
galaxy_info:
|
||||||
|
author: Wilfried OLLIVIER
|
||||||
|
description: Push caddy config file and sync code
|
||||||
|
company: none
|
||||||
|
|
||||||
|
license: WTFPL
|
||||||
|
|
||||||
|
min_ansible_version: 2.4
|
||||||
|
|
||||||
|
platforms:
|
||||||
|
- name: Debian
|
||||||
|
versions:
|
||||||
|
- Stretch
|
||||||
|
|
||||||
|
galaxy_tags:
|
||||||
|
- caddy
|
||||||
|
- webserver
|
||||||
|
- http
|
||||||
|
|
||||||
|
dependencies: []
|
||||||
25
tasks/main.yml
Normal file
25
tasks/main.yml
Normal file
|
|
@ -0,0 +1,25 @@
|
||||||
|
---
|
||||||
|
# tasks file for galaxy-caddy.http.sync
|
||||||
|
|
||||||
|
- name: Push caddy config file
|
||||||
|
template:
|
||||||
|
src: http.caddy.j2
|
||||||
|
dest: "{{ caddy_confd }}/{{ vhost_name }}.caddy"
|
||||||
|
notify: restart caddy
|
||||||
|
|
||||||
|
- name: Ensure caddy log dir
|
||||||
|
file:
|
||||||
|
path: "{{ caddy_logs }}/{{ vhost_name }}"
|
||||||
|
state: directory
|
||||||
|
owner: caddy
|
||||||
|
|
||||||
|
- name: Ensure vhost www dir
|
||||||
|
file: path={{ caddy_www }}/{{ vhost_name }}
|
||||||
|
state=directory
|
||||||
|
owner=caddy
|
||||||
|
group=caddy
|
||||||
|
|
||||||
|
- name: Synchronize
|
||||||
|
synchronize: src={{ syncpath }}
|
||||||
|
dest={{ caddy_www }}/{{ vhost_name }}
|
||||||
|
delete=yes
|
||||||
42
templates/http.caddy.j2
Normal file
42
templates/http.caddy.j2
Normal file
|
|
@ -0,0 +1,42 @@
|
||||||
|
{{ vhost_url }} {
|
||||||
|
|
||||||
|
header / {
|
||||||
|
# Enable HTTP Strict Transport Security (HSTS) to force clients to always
|
||||||
|
# connect via HTTPS (do not use if only testing)
|
||||||
|
Strict-Transport-Security "max-age=31536000;"
|
||||||
|
# Enable cross-site filter (XSS) and tell browser to block detected attacks
|
||||||
|
X-XSS-Protection "1; mode=block"
|
||||||
|
# Prevent some browsers from MIME-sniffing a response away from the declared Content-Type
|
||||||
|
X-Content-Type-Options "nosniff"
|
||||||
|
# Disallow the site to be rendered within a frame (clickjacking protection)
|
||||||
|
X-Frame-Options "DENY"
|
||||||
|
}
|
||||||
|
|
||||||
|
log {{ caddy_logs }}/{{ vhost_name }}/access.log {
|
||||||
|
rotate_size 100
|
||||||
|
rotate_age 30
|
||||||
|
rotate_keep 10
|
||||||
|
}
|
||||||
|
|
||||||
|
root {{ caddy_www }}/{{ vhost_name }}
|
||||||
|
|
||||||
|
gzip {
|
||||||
|
ext .jpg
|
||||||
|
level 9
|
||||||
|
}
|
||||||
|
|
||||||
|
{% if custom_errors %}
|
||||||
|
errors {
|
||||||
|
404 404.html # Not Found
|
||||||
|
}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
{% if www_redirect %}
|
||||||
|
www.{{ vhost_url }} {
|
||||||
|
|
||||||
|
redir https://{{ vhost_url }}
|
||||||
|
|
||||||
|
}
|
||||||
|
{% endif %}
|
||||||
Loading…
Add table
Reference in a new issue