-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathsite.yml
76 lines (73 loc) · 2.79 KB
/
site.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
---
- name: "Provision static web server"
hosts: production
become: true
become_user: root
vars:
update_apt_cache: true
nginx_use_letsencrypt: false
certbot_auto_renew: true
certbot_auto_renew_hour: "4"
certbot_auto_renew_minute: "33"
certbot_create_if_missing: true
certbot_create_method: standalone
certbot_admin_email: "{{ admin_email }}"
certbot_certs:
- domains:
- "python-jitsu.club"
- "www.python-jitsu.club"
- "airflow101.python-jitsu.club"
nginx_vhosts:
- listen: "443 ssl http2"
server_name: "python-jitsu.club"
server_name_redirect: "www.python-jitsu.club"
root: "/webapps/python-jitsu.club"
index: "index.html"
#error_page: ""
access_log: "/var/log/python-jitsu.club_access.log"
error_log: "/var/log/python-jitsu.club_error.log"
state: "present"
template: "{{ nginx_vhost_template }}"
filename: "python-jitsu.club.conf"
extra_parameters: |
add_header X-Clacks-Overhead "GNU Terry Pratchett";
add_header X-Drugs "YES";
ssl_certificate /etc/letsencrypt/live/python-jitsu.club/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/python-jitsu.club/privkey.pem;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
- listen: "80"
server_name: "python-jitsu.club www.python-jitsu.club"
return: "301 https://www.python-jitsu.club$request_uri"
filename: "python-jitsu.club.80.conf"
- listen: "443 ssl http2"
server_name: "airflow101.python-jitsu.club"
root: "/webapps/airflow101.python-jitsu.club"
index: "index.html"
#error_page: ""
access_log: "/var/log/airflow101.python-jitsu.club_access.log"
error_log: "/var/log/airflow101.python-jitsu.club_error.log"
state: "present"
template: "{{ nginx_vhost_template }}"
filename: "airflow101.python-jitsu.club.conf"
extra_parameters: |
add_header X-Clacks-Overhead "GNU Terry Pratchett";
add_header X-Drugs "YES";
ssl_certificate /etc/letsencrypt/live/python-jitsu.club/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/python-jitsu.club/privkey.pem;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
- listen: "80"
server_name: "airflow101.python-jitsu.club"
return: "301 https://airflow101.python-jitsu.club$request_uri"
filename: "airflow101.python-jitsu.club.80.conf"
roles:
#- base
- geerlingguy.certbot
- geerlingguy.nginx
- role: jitsu
vars:
domain_name: "python-jitsu.club"
- role: jitsu
vars:
domain_name: "airflow101.python-jitsu.club"