[ansible] Fixup accounts
by Nicolas Chauvet
commit 37b3c7a222577a5b1f50c03c945f2e2a80fcef29
Author: Nicolas Chauvet <kwizart(a)gmail.com>
Date: Fri Jul 22 16:32:02 2016 +0200
Fixup accounts
playbooks/include/proxies-rewrites.yml | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/playbooks/include/proxies-rewrites.yml b/playbooks/include/proxies-rewrites.yml
index 67be69c..41cf042 100644
--- a/playbooks/include/proxies-rewrites.yml
+++ b/playbooks/include/proxies-rewrites.yml
@@ -16,7 +16,7 @@
- role: httpd/domainrewrite
destname: admin
website: admin.rpmfusion.org
- target: https://admin.rpmfusion.org/account
+ target: https://admin.rpmfusion.org/accounts
- role: httpd/domainrewrite
destname: apache-status
7 years, 9 months
[ansible] Fixup .cert suffix
by Nicolas Chauvet
commit eac474cbcad34cd9d62995d75d870ae7c835031d
Author: Nicolas Chauvet <kwizart(a)gmail.com>
Date: Fri Jul 22 16:01:30 2016 +0200
Fixup .cert suffix
playbooks/include/proxies-websites.yml | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
---
diff --git a/playbooks/include/proxies-websites.yml b/playbooks/include/proxies-websites.yml
index 322e345..fc362c9 100644
--- a/playbooks/include/proxies-websites.yml
+++ b/playbooks/include/proxies-websites.yml
@@ -56,7 +56,7 @@
name: admin.rpmfusion.org
sslonly: true
cert_name: admin.rpmfusion.org
- SSLCertificateChainFile : admin.rpmfusion.org-intermediate
+ SSLCertificateChainFile : admin.rpmfusion.org-intermediate.cert
- role: httpd/website
name: bugzilla.rpmfusion.org
@@ -94,6 +94,6 @@
name: pkgs.rpmfusion.org
sslonly: false
cert_name: pkgs.rpmfusion.org
- SSLCertificateChainFile : pkgs.rpmfusion.org-intermediate
+ SSLCertificateChainFile : pkgs.rpmfusion.org-intermediate.cert
7 years, 9 months
[ansible] Add letencrypts intermediate certificates
by Nicolas Chauvet
commit 5c31ad552fa6fdc650e53215815e3760a5d796f8
Author: Nicolas Chauvet <kwizart(a)gmail.com>
Date: Fri Jul 22 15:48:47 2016 +0200
Add letencrypts intermediate certificates
playbooks/include/proxies-websites.yml | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
---
diff --git a/playbooks/include/proxies-websites.yml b/playbooks/include/proxies-websites.yml
index 7c5e5e9..322e345 100644
--- a/playbooks/include/proxies-websites.yml
+++ b/playbooks/include/proxies-websites.yml
@@ -56,6 +56,7 @@
name: admin.rpmfusion.org
sslonly: true
cert_name: admin.rpmfusion.org
+ SSLCertificateChainFile : admin.rpmfusion.org-intermediate
- role: httpd/website
name: bugzilla.rpmfusion.org
@@ -93,4 +94,6 @@
name: pkgs.rpmfusion.org
sslonly: false
cert_name: pkgs.rpmfusion.org
+ SSLCertificateChainFile : pkgs.rpmfusion.org-intermediate
+
7 years, 9 months
[ansible] Update fallback intermediate cert file
by Nicolas Chauvet
commit bdd22154bc7e017c6e9bc60c3a195594d44cea81
Author: Nicolas Chauvet <kwizart(a)gmail.com>
Date: Fri Jul 22 15:44:20 2016 +0200
Update fallback intermediate cert file
group_vars/all | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
---
diff --git a/group_vars/all b/group_vars/all
index d8afde2..b4e24a4 100644
--- a/group_vars/all
+++ b/group_vars/all
@@ -153,6 +153,7 @@ ansible_base: /srv/web/infra
# for httpd/website
server_admin: root(a)rpmfusion.org
+SSLCertificateChainFile: wildcard-2016.rpmfusion.org.intermediate.cert
# This vars get shoved into /etc/system_identification by the base role.
# Groups and individual hosts should override them with specific info.
7 years, 9 months
[ansible] Add basic fedora-web/main site
by Nicolas Chauvet
commit 3cfbd6cba5b0df8e7f57a991267d3a75244c2edc
Author: Nicolas Chauvet <kwizart(a)gmail.com>
Date: Fri Jul 22 15:38:38 2016 +0200
Add basic fedora-web/main site
roles/fedora-web/main/files/cron-sync-fedora-web | 2 --
roles/fedora-web/main/tasks/main.yml | 7 +------
2 files changed, 1 insertions(+), 8 deletions(-)
---
diff --git a/roles/fedora-web/main/tasks/main.yml b/roles/fedora-web/main/tasks/main.yml
index d0c7cb3..68f59e5 100644
--- a/roles/fedora-web/main/tasks/main.yml
+++ b/roles/fedora-web/main/tasks/main.yml
@@ -1,9 +1,3 @@
-- name: Copy in the sync-fedora-web cronjob
- copy: src=cron-sync-fedora-web dest=/etc/cron.d/sync-fedora-web
- tags:
- - fedora-web
- - fedora-web/main
-
- name: Copy some config files for {{website}}
copy: >
src={{item}} dest=/etc/httpd/conf.d/{{website}}/{{item}}
@@ -31,6 +25,7 @@
- sponsor.conf
notify:
- reload httpd
+ when: sponsor is defined
tags:
- fedora-web
- fedora-web/main
7 years, 9 months
[ansible] Enable others proxy includes
by Nicolas Chauvet
commit 51882351bcbe5205aebef7dcf3059e4a22e48ea6
Author: Nicolas Chauvet <kwizart(a)gmail.com>
Date: Fri Jul 22 15:20:35 2016 +0200
Enable others proxy includes
playbooks/groups/pkgs.yml | 5 +++++
1 files changed, 5 insertions(+), 0 deletions(-)
---
diff --git a/playbooks/groups/pkgs.yml b/playbooks/groups/pkgs.yml
index a1a7971..11828d0 100644
--- a/playbooks/groups/pkgs.yml
+++ b/playbooks/groups/pkgs.yml
@@ -40,7 +40,12 @@
- include: "{{ handlers }}/restart_services.yml"
# setup minimal proxy includes
+- include: /srv/web/infra/ansible/playbooks/include/proxies-certificates.yml
+- include: /srv/web/infra/ansible/playbooks/include/proxies-websites.yml
- include: /srv/web/infra/ansible/playbooks/include/proxies-reverseproxy.yml
+- include: /srv/web/infra/ansible/playbooks/include/proxies-rewrites.yml
+- include: /srv/web/infra/ansible/playbooks/include/proxies-redirects.yml
+- include: /srv/web/infra/ansible/playbooks/include/proxies-fedora-web.yml
- name: setup fedmsg on pkgs
hosts: pkgs-stg:pkgs01.online.rpmfusion.net
7 years, 9 months
[ansible] Update sslonly for lists.rpmfusion.org
by Nicolas Chauvet
commit cbb5d10013080a73b49c7d29145a420c3b55b188
Author: Nicolas Chauvet <kwizart(a)gmail.com>
Date: Fri Jul 22 15:14:49 2016 +0200
Update sslonly for lists.rpmfusion.org
playbooks/include/proxies-websites.yml | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/playbooks/include/proxies-websites.yml b/playbooks/include/proxies-websites.yml
index b8e0c6a..7c5e5e9 100644
--- a/playbooks/include/proxies-websites.yml
+++ b/playbooks/include/proxies-websites.yml
@@ -84,7 +84,7 @@
- role: httpd/website
name: lists.rpmfusion.org
- #sslonly: true
+ sslonly: true
#cert_name: lists.rpmfusion.org
cert_name: "{{wildcard_cert_name}}"
7 years, 9 months
[ansible] Update server_admin
by Nicolas Chauvet
commit 49c36726017391f129718a78c1c1caa6b097a3f5
Author: Nicolas Chauvet <kwizart(a)gmail.com>
Date: Fri Jul 22 14:50:47 2016 +0200
Update server_admin
group_vars/all | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
---
diff --git a/group_vars/all b/group_vars/all
index 175201c..d8afde2 100644
--- a/group_vars/all
+++ b/group_vars/all
@@ -151,6 +151,9 @@ root_auth_users: ''
# default path for ansible-server
ansible_base: /srv/web/infra
+# for httpd/website
+server_admin: root(a)rpmfusion.org
+
# This vars get shoved into /etc/system_identification by the base role.
# Groups and individual hosts should override them with specific info.
# See http://infrastructure.fedoraproject.org/csi/security-policy/
7 years, 9 months