privatebin #183
|
@ -31,7 +31,7 @@ Exemple de playbook
|
|||
- all
|
||||
vars:
|
||||
# Supplanter ici les variables du rôle
|
||||
domains: ['votre-vrai-domaine.org']
|
||||
privatebin_domains: ['votre-vrai-domaine.org']
|
||||
service: 'mon-privatebin'
|
||||
|
||||
roles:
|
||||
|
|
|
@ -31,7 +31,7 @@ Example Playbook
|
|||
- all
|
||||
vars:
|
||||
# Overwrite the role variable here
|
||||
domains: ['your-real-domain.org']
|
||||
privatebin_domains: ['your-real-domain.org']
|
||||
service: 'my-privatebin'
|
||||
|
||||
roles:
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
# defaults file for vars
|
||||
system_dep: "['apt-transport-https', 'git', 'certbot', 'acl', 'apache2', 'libapache2-mpm-itk', 'libapache2-mod-php', 'php-gd']"
|
||||
git_url: 'https://github.com/PrivateBin/PrivateBin'
|
||||
git_version: '1.5.1'
|
||||
domains: ['example.domain.org']
|
||||
certbot_admin_email: 'mgauthier@evolix.ca'
|
||||
privatebin_system_dep: "['apt-transport-https', 'git', 'certbot', 'acl', 'apache2', 'libapache2-mpm-itk', 'libapache2-mod-php', 'php-gd']"
|
||||
privatebin_git_url: 'https://github.com/PrivateBin/PrivateBin'
|
||||
privatebin_git_version: '1.5.1'
|
||||
privatebin_domains: ['example.domain.net']
|
||||
privatebin_certbot_admin_email: 'security@example.net'
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
|
||||
- name: Install main system dependencies
|
||||
apt:
|
||||
name: "{{ system_dep }}"
|
||||
name: "{{ privatebin_system_dep }}"
|
||||
update_cache: yes
|
||||
|
||||
- name: Add UNIX account
|
||||
|
@ -13,9 +13,9 @@
|
|||
|
||||
- name: Clone privatebin repo (git)
|
||||
git:
|
||||
repo: "{{ git_url }}"
|
||||
repo: "{{ privatebin_git_url }}"
|
||||
dest: "~/PrivateBin/"
|
||||
version: "{{ git_version | default(omit) }}"
|
||||
version: "{{ privatebin_git_version | default(omit) }}"
|
||||
update: yes
|
||||
force: true
|
||||
umask: '0022'
|
||||
|
@ -37,7 +37,7 @@
|
|||
|
||||
- name: Check if SSL certificate is present and register result
|
||||
stat:
|
||||
path: "/etc/letsencrypt/live/{{ domains |first }}/fullchain.pem"
|
||||
path: "/etc/letsencrypt/live/{{ privatebin_domains |first }}/fullchain.pem"
|
||||
register: ssl
|
||||
|
||||
- name: Generate certificate only if required (first time)
|
||||
|
@ -58,7 +58,7 @@
|
|||
state: directory
|
||||
mode: '0755'
|
||||
- name: Generate certificate with certbot
|
||||
shell: certbot certonly --webroot --webroot-path /var/lib/letsencrypt --non-interactive --agree-tos --email {{ certbot_admin_email }} -d {{ domains |first }}
|
||||
shell: certbot certonly --webroot --webroot-path /var/lib/letsencrypt --non-interactive --agree-tos --email {{ privatebin_certbot_admin_email }} -d {{ privatebin_domains |first }}
|
||||
- name: Create the ssl dir if needed
|
||||
file:
|
||||
path: /etc/apache2/ssl
|
||||
|
@ -72,7 +72,7 @@
|
|||
|
||||
- name: (Re)check if SSL certificate is present and register result
|
||||
stat:
|
||||
path: "/etc/letsencrypt/live/{{ domains |first }}/fullchain.pem"
|
||||
path: "/etc/letsencrypt/live/{{ privatebin_domains |first }}/fullchain.pem"
|
||||
register: ssl
|
||||
|
||||
- name: (Re)template conf file for apache vhost with SSL
|
||||
|
|
|
@ -10,9 +10,9 @@
|
|||
|
||||
- name: Update privatebin repo (git)
|
||||
git:
|
||||
repo: "{{ git_url }}"
|
||||
repo: "{{ privatebin_git_url }}"
|
||||
dest: "~/PrivateBin/"
|
||||
version: "{{ git_version }}"
|
||||
version: "{{ privatebin_git_version }}"
|
||||
update: yes
|
||||
force: true
|
||||
become_user: "{{ service }}"
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
SSLEngine On
|
||||
SSLCertificateFile /etc/letsencrypt/live/{{ domains |first }}/fullchain.pem
|
||||
SSLCertificateKeyFile /etc/letsencrypt/live/{{ domains |first }}/privkey.pem
|
||||
SSLCertificateFile /etc/letsencrypt/live/{{ privatebin_domains |first }}/fullchain.pem
|
||||
SSLCertificateKeyFile /etc/letsencrypt/live/{{ privatebin_domains |first }}/privkey.pem
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
<VirtualHost *:80>
|
||||
ServerName {{ domains |first }}
|
||||
ServerName {{ privatebin_domains |first }}
|
||||
|
||||
{% if ssl.stat.exists %}
|
||||
RewriteEngine On
|
||||
|
@ -12,7 +12,7 @@
|
|||
|
||||
{% if ssl.stat.exists %}
|
||||
<VirtualHost *:443>
|
||||
ServerName {{ domains |first }}
|
||||
ServerName {{ privatebin_domains |first }}
|
||||
|
||||
DocumentRoot /home/{{ service }}/PrivateBin
|
||||
|
||||
|
|
Loading…
Reference in a new issue