]>
Commit | Line | Data |
---|---|---|
7a9e5112 | 1 | --- |
2 | - hosts: jloup-home | |
3 | ||
4 | tasks: | |
5 | - include_vars: vars.yml | |
6 | ||
7 | - name: install myservice systemd unit file | |
8 | template: src=cryptoportfolio-app.j2 dest=/etc/systemd/system/cryptoportfolio-app.service | |
9 | become: yes | |
10 | ||
11 | - name: stop cryptoportfolio-app | |
12 | systemd: state=stopped name=cryptoportfolio-app | |
13 | become: yes | |
14 | ||
15 | - name: Creates cryptoportfolio-app directory | |
16 | file: path=/var/cryptoportfolio-app state=directory owner={{ app_user }} | |
17 | become: yes | |
18 | ||
19 | - name: Set log file. | |
20 | file: path=/var/cryptoportfolio-app/app.log owner={{ app_user }} state=touch | |
21 | become: yes | |
22 | ||
23 | - name: Copy server app binary from github 'https://github.com/jloup/dist/releases/download/crypto-v{{ version }}/cryptoportfolio-linux-{{ linux_arch }}'. | |
24 | get_url: | |
25 | url: "https://github.com/jloup/dist/releases/download/crypto-v{{ version }}/cryptoportfolio-linux-{{ linux_arch }}" | |
26 | dest: /usr/bin/cryptoportfolio-app | |
27 | owner: "{{ app_user }}" | |
28 | mode: "u=rwx,g=r,o=r" | |
29 | become: yes | |
30 | ||
31 | - name: Copy server app configuration file. | |
32 | template: | |
33 | src: conf.toml.j2 | |
34 | dest: /var/cryptoportfolio-app/conf.toml | |
35 | owner: "{{ app_user }}" | |
36 | become: yes | |
37 | ||
38 | - name: Create webapp directory. | |
39 | file: path=/var/cryptoportfolio-app/static state=directory owner={{ app_user }} | |
40 | become: yes | |
41 | ||
42 | - name: Copy webapp files from github 'https://github.com/jloup/dist/releases/download/crypto-v{{ version }}/webapp.tar.gz'. | |
43 | unarchive: | |
44 | src: "https://github.com/jloup/dist/releases/download/crypto-v{{ version }}/webapp.tar.gz" | |
45 | dest: /var/cryptoportfolio-app/static | |
46 | remote_src: yes | |
47 | owner: "{{ app_user }}" | |
48 | mode: "u=rwx,g=r,o=r" | |
49 | become: yes | |
50 | ||
51 | - import_role: | |
52 | name: nginx | |
53 | become: yes | |
54 | vars: | |
55 | nginx_vhosts: | |
56 | - listen: "443 ssl" | |
57 | server_name: "{{ app_domain }}" | |
58 | filename: "{{ app_domain }}.443.conf" | |
59 | extra_parameters: | | |
60 | ssl_certificate /etc/letsencrypt/live/{{ app_domain }}/fullchain.pem; | |
61 | ssl_certificate_key /etc/letsencrypt/live/{{ app_domain }}/privkey.pem; | |
62 | location / { | |
63 | proxy_pass "http://127.0.0.1:8080"; | |
64 | } | |
65 | ||
66 | - listen: "80" | |
67 | server_name: "{{ app_domain }}" | |
68 | filename: "{{ app_domain}}.80.conf" | |
69 | return: "301 https://{{ app_domain }}$request_uri" | |
70 | ||
71 | - import_role: | |
72 | name: certbot | |
73 | become: yes | |
74 | vars: | |
75 | certbot_admin_email: jeanloup.jamet@gmail.com | |
76 | certbot_create_if_missing: yes | |
77 | certbot_create_standalone_stop_services: [] | |
78 | certbot_create_method: standalone | |
79 | certbot_certs: | |
80 | - domains: | |
81 | - "{{ app_domain }}" | |
82 | ||
83 | - name: Create postgres user. | |
84 | user: name=postgres | |
85 | ||
86 | - name: Add cryptoportfolio database. | |
87 | postgresql_db: name={{ postgres_database }} | |
88 | become: yes | |
89 | become_user: postgres | |
90 | vars: | |
91 | ansible_ssh_pipelining: true | |
92 | ||
93 | - name: Add cryptoportfolio user. | |
94 | postgresql_user: user={{ postgres_user }} db={{ postgres_database }} password={{ postgres_password }} | |
95 | become: yes | |
96 | become_user: postgres | |
97 | vars: | |
98 | ansible_ssh_pipelining: true | |
99 | ||
100 | - file: path=/www/{{ app_user }} state=directory owner={{ app_user }} | |
101 | become: yes | |
102 | ||
103 | - name: start cryptoportfolio-app | |
104 | systemd: state=started name=cryptoportfolio-app daemon_reload=yes | |
105 | become: yes |