X-Git-Url: https://git.cyclocoop.org/?a=blobdiff_plain;f=creation_nouveau_site.yml;fp=creation_nouveau_site.yml;h=89338c1d09f693efde6e7ca0aa90ad0eb565af28;hb=5f7ed8e1233e5b2bb33ac343113d3fa5bfe77ec3;hp=0d36702d65196a09b5afb468b419f279f3c55f8f;hpb=0e7e1f059f943f6617400cc32d155d73b4b4b9a3;p=lhc%2Fansible.git diff --git a/creation_nouveau_site.yml b/creation_nouveau_site.yml index 0d36702..89338c1 100644 --- a/creation_nouveau_site.yml +++ b/creation_nouveau_site.yml @@ -13,7 +13,7 @@ vars_prompt: - name: SITE - prompt: 'quel type de site?(ex: nuage, www, wiki, paheko)' + prompt: 'quel type de site?(ex: nuage, www, wiki, paheko ou gestion)' private: false default: "nuage" @@ -69,9 +69,51 @@ - name: Inclure la configuration d'un site web basique ansible.builtin.include_tasks: tasks/config_www.yml + - name: Inclure la configuration nginx + ansible.builtin.include_tasks: tasks/config_nginx.yml + vars: + template_site: "{{ SITE }}" + when: besoin_https == 'non' + +# scenario pre-install nginx sans ssl +# test installed=false or needupgrade:true +# test installed=true et needupgrade:false +# puis certbot à la fin +# puis template nginx ssl pour test manuel + + - name: Bloc permettant de générer les certificats SSL + when: besoin_https == 'oui' + block: + - name: Inclure la configuration nginx http + ansible.builtin.include_tasks: tasks/config_nginx.yml + vars: + template_site: 'http' + + - name: Générer un certififat avec certbot # noqa : command-instead-of-module + become: true + ansible.builtin.command: 'certbot certonly -n --nginx -d {{ SITE }}.{{ DOMAIN }}.{{ TLD }}' + register: certbot_log + ignore_errors: true + changed_when: false + + - name: Afficher les logs certbot + ansible.builtin.debug: + var: certbot_log + when: certbot_log is defined + + - name: Activer la conf ssl dans nginx + ansible.builtin.set_fact: + ssl_ready: true + when: certbot_log is defined + + - name: Inclure la configuration nginx avec ssl + ansible.builtin.include_tasks: tasks/config_nginx.yml + vars: + template_site: "{{ SITE }}" + - name: Inclure la configuration d'un pool PHP ansible.builtin.include_tasks: tasks/config_pool_php.yml - when: config_php == 'oui' or SITE == 'paheko' or SITE == 'nuage' + when: config_php == 'oui' or SITE == 'paheko' or SITE == 'gestion' or SITE == 'nuage' - name: Inclure la configuration nextcloud si besoin ansible.builtin.include_tasks: tasks/config_nuage.yml @@ -79,36 +121,9 @@ - name: Inclure la configuration paheko si besoin ansible.builtin.include_tasks: tasks/config_paheko.yml - when: SITE == 'paheko' - - # MAJ borgmatic conf -## Mettre à jour la conf de borgmatic pour intégrer les dossiers du nouveau nuage dans 'source_directories' - - # vim /etc/borgmatic/config.yaml - - # - /home/sites/data/${TLD}/${DOMAIN}/${SITE}/config - # - /home/sites/data/${TLD}/${DOMAIN}/${SITE}/data - - # - name: Bloc permettant de générer les certificats SSL - # when: besoin_https == 'oui' - # block: - # - name: Inclure la configuration nginx http - # ansible.builtin.include_tasks: tasks/config_nginx.yml - # vars: - # template_site: 'http' - - # - name: Générer un certififat avec certbot # noqa : command-instead-of-module - # become: true - # ansible.builtin.command: 'certbot certonly -i nginx -d {{ SITE }}.{{ DOMAIN }}.{{ TLD }}' - # register: certbot_log - # changed_when: false - - # - name: Afficher les logs certbot - # ansible.builtin.debug: - # var: certbot_log - # when: certbot_log is defined - - # - name: Inclure la configuration nginx - # ansible.builtin.include_tasks: tasks/config_nginx.yml - # vars: - # template_site: "{{ SITE }}" \ No newline at end of file + when: SITE == 'paheko' or SITE == 'gestion' + + - name: Inclure le configuration du backup + ansible.builtin.include_tasks: tasks/config_backup.yml + +# SFTP key