From 8c318157e36b33d1471d819bfc78956ed0dded46 Mon Sep 17 00:00:00 2001 From: shockrah Date: Wed, 15 Dec 2021 00:52:41 -0800 Subject: [PATCH] + Certbot certificate installation + Pushing out all website content + Pushing out nginx configs + Resume nginx config --- .../beta/base-site-conf/resume.shockrah.xyz | 14 +++++++ playbooks/beta/certbot.yml | 19 ++++++++++ playbooks/beta/local-website-pushes.yml | 38 +++++++++++++++++++ playbooks/beta/setup-nginx-confs.yml | 17 ++++++--- 4 files changed, 83 insertions(+), 5 deletions(-) create mode 100644 playbooks/beta/base-site-conf/resume.shockrah.xyz create mode 100644 playbooks/beta/certbot.yml create mode 100644 playbooks/beta/local-website-pushes.yml diff --git a/playbooks/beta/base-site-conf/resume.shockrah.xyz b/playbooks/beta/base-site-conf/resume.shockrah.xyz new file mode 100644 index 0000000..3bb831e --- /dev/null +++ b/playbooks/beta/base-site-conf/resume.shockrah.xyz @@ -0,0 +1,14 @@ +# This file basically contains the base configuration for freechat.shockrah.xyz +# This is to be installed before running certbot against it as this only sets us +# up for correct HTTP(not TLS) based connections + +server { + root /var/www/resume.shockrah.xyz; + index index.html; + server_name resume.shockrah.xyz; + + location / { + try_files $uri $uri/ =404; + } +} + diff --git a/playbooks/beta/certbot.yml b/playbooks/beta/certbot.yml new file mode 100644 index 0000000..5f968d1 --- /dev/null +++ b/playbooks/beta/certbot.yml @@ -0,0 +1,19 @@ +# It is important to keep in mind that these websites are to be served under +# either port 80 or port 443. The reasoning for allowing port 80 connections +# is because the content here is not sensitive and I'm 100% sure I'm going +# to get traffic from glow-friends so there + +--- +- hosts: beta + remote_user: ubuntu + become: yes + become_method: sudo + tasks: + - name: Install New Certificate for all sites + command: > + certbot -n --nginx -m "{{CERT_EMAIL}}" --agree-tos + --domains "{{item}}" + loop: + - freechat.shockrah.xyz + - shockrah.xyz + - resume.shockrah.xyz diff --git a/playbooks/beta/local-website-pushes.yml b/playbooks/beta/local-website-pushes.yml new file mode 100644 index 0000000..3dc3d47 --- /dev/null +++ b/playbooks/beta/local-website-pushes.yml @@ -0,0 +1,38 @@ +# This will take care of pushing out all local website content onto +# the remote host server ready to be configured for HTTPS +--- +- hosts: web + remote_user: web + tasks: + - name: Clean out freechat content + file: + path: /var/www/freechat + state: absent + + - name: Push freechat chat content + copy: + src: "{{FC_LOCAL_DOCS}}/public" + dest: /var/www/ + + - name: Pull up freechat public directory + command: mv /var/www/public /var/www/freechat + + - name: Push out resume public content + copy: + src: "{{RESUME_LOCAL_PUBLIC}}/public" + dest: /var/www/ + + - name: Pull up resume content + command: mv /var/www/public /var/www/resume.shockrah.xyz + + - name: Push blog content + copy: + src: "{{BLOG_LOCAL_PUBLIC}}/public" + dest: /var/www/ + + - name: Pull up blog content + command: mv /var/www/public /var/www/shockrah.xyz + + + + diff --git a/playbooks/beta/setup-nginx-confs.yml b/playbooks/beta/setup-nginx-confs.yml index 2d47525..7feaf83 100644 --- a/playbooks/beta/setup-nginx-confs.yml +++ b/playbooks/beta/setup-nginx-confs.yml @@ -4,19 +4,26 @@ become: yes become_method: sudo tasks: - - name: Push into sites-available + - name: Push Nginx Site Configs into available site listings copy: src: "{{item}}" dest: /etc/nginx/sites-available/ loop: - base-site-conf/freechat.shockrah.xyz + - base-site-conf/resume.shockrah.xyz + - base-site-conf/shockrah.xyz - - name: Enable Freechat Docs site in Nginx + - name: Enable Static Sites in Nginx file: - src: /etc/nginx/sites-available/freechat.shockrah.xyz - dest: /etc/nginx/sites-enabled/freechat.shockrah.xyz + src: "/etc/nginx/sites-available/{{item}}" + dest: "/etc/nginx/sites-enabled/{{item}}" state: link - - name: Restart Nginx service + loop: + - freechat.shockrah.xyz + - resume.shockrah.xyz + - shockrah.xyz + + - name: Restart Nginx Service service: name: nginx state: restarted