blob: b56c58173b2db19a24c213b82fdca976252a9dd8 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
---
- hosts: jloup-home
tasks:
- include_vars: vars.yml
- name: install myservice systemd unit file
template: src=cryptoportfolio-app.j2 dest=/etc/systemd/system/cryptoportfolio-app.service
become: yes
- name: stop cryptoportfolio-app
systemd: state=stopped name=cryptoportfolio-app
become: yes
- name: Creates cryptoportfolio-app directory
file: path=/var/cryptoportfolio-app state=directory owner={{ app_user }}
become: yes
- name: Set log file.
file: path=/var/cryptoportfolio-app/app.log owner={{ app_user }} state=touch
become: yes
- name: Copy server app binary from github 'https://github.com/jloup/dist/releases/download/crypto-v{{ version }}/cryptoportfolio-linux-{{ linux_arch }}'.
get_url:
url: "https://github.com/jloup/dist/releases/download/crypto-v{{ version }}/cryptoportfolio-linux-{{ linux_arch }}"
dest: /usr/bin/cryptoportfolio-app
owner: "{{ app_user }}"
mode: "u=rwx,g=r,o=r"
become: yes
- name: Copy server app configuration file.
template:
src: conf.toml.j2
dest: /var/cryptoportfolio-app/conf.toml
owner: "{{ app_user }}"
become: yes
- name: Create webapp directory.
file: path=/var/cryptoportfolio-app/static state=directory owner={{ app_user }}
become: yes
- name: Copy webapp files from github 'https://github.com/jloup/dist/releases/download/crypto-v{{ version }}/webapp.tar.gz'.
unarchive:
src: "https://github.com/jloup/dist/releases/download/crypto-v{{ version }}/webapp.tar.gz"
dest: /var/cryptoportfolio-app/static
remote_src: yes
owner: "{{ app_user }}"
mode: "u=rwx,g=r,o=r"
become: yes
- import_role:
name: nginx
become: yes
vars:
nginx_vhosts:
- listen: "443 ssl"
server_name: "{{ app_domain }}"
filename: "{{ app_domain }}.443.conf"
extra_parameters: |
ssl_certificate /etc/letsencrypt/live/{{ app_domain }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ app_domain }}/privkey.pem;
location / {
proxy_pass "http://127.0.0.1:8080";
}
- listen: "80"
server_name: "{{ app_domain }}"
filename: "{{ app_domain}}.80.conf"
return: "301 https://{{ app_domain }}$request_uri"
- import_role:
name: certbot
become: yes
vars:
certbot_admin_email: jeanloup.jamet@gmail.com
certbot_create_if_missing: yes
certbot_create_standalone_stop_services: []
certbot_create_method: standalone
certbot_certs:
- domains:
- "{{ app_domain }}"
- name: Create postgres user.
user: name=postgres
- name: Add cryptoportfolio database.
postgresql_db: name={{ postgres_database }}
become: yes
become_user: postgres
vars:
ansible_ssh_pipelining: true
- name: Add cryptoportfolio user.
postgresql_user: user={{ postgres_user }} db={{ postgres_database }} password={{ postgres_password }}
become: yes
become_user: postgres
vars:
ansible_ssh_pipelining: true
- file: path=/www/{{ app_user }} state=directory owner={{ app_user }}
become: yes
- name: start cryptoportfolio-app
systemd: state=started name=cryptoportfolio-app daemon_reload=yes
become: yes
|