ansible-playbooks

another attempt to have everything organized ...
git clone https://git.e1e0.net/ansible-playbooks.git
Log | Files | Refs | README | LICENSE
commit a1c5095f6036b93c76967793e0812660b2cba394
parent 141a29ed743598379db79cc9b96f204b7eb09e42
Author: Paco Esteban <paco@e1e0.net>
Date:   Tue,  7 Jan 2020 20:26:12 +0100

new web server

Diffstat:

Mhosts | 5++++-


Mwebsite.yml | 98++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-


2 files changed, 101 insertions(+), 2 deletions(-)

diff --git a/hosts b/hosts
@@ -1,6 +1,9 @@
-[web]
+[oldUtils]
 r2.e1e0.net
 
+[web]
+w1.e1e0.net
+
 [mail]
 mail01.e1e0.net
 
diff --git a/website.yml b/website.yml
@@ -1,10 +1,106 @@
 ---
-- name: Install shitty stuff
+- name: Prepare firewall and shitty stuff
   hosts: web
   remote_user: paco
   become: yes
   become_method: doas
   roles:
     - motd-figlet
+    - pf
   vars:
     - motd_figlet_group: wheel
+    - pf_tcp_ports_allowed:
+      - "http"
+      - "https"
+      - "gopher"
+      - 5000
+      - 5222
+      - 5269
+      - 5281
+      - 53589
+
+- name: Set up httpd server
+  hosts: web
+  remote_user: paco
+  become: yes
+  become_method: doas
+  roles:
+    - httpd
+  vars:
+    - motd_figlet_group: wheel
+    - https_servers:
+      - server_name: "w1.e1e0.net"
+        server_aliases:
+          - "test.e1e0.net"
+        server_owner: "paco"
+        root: "/htdocs/w1.e1e0.net"
+        locations:
+          - name: "/*"
+            options:
+            - "block return 301 \"https://e1e0.net/\""
+      - server_name: "e1e0.net"
+        server_aliases:
+          - "www.e1e0.net"
+        server_owner: "paco"
+        root: "/htdocs/e1e0.net"
+        locations:
+          - name: "/paste/*"
+            options:
+            - "root \"/pastes\""
+            - "request strip 1"
+            - "default type text/plain"
+          - name: "/repo/*"
+            options:
+            - "root \"/repo\""
+            - "request strip 1"
+            - "directory auto index"
+          - name: "/gh-contrib"
+            options:
+            - "block return 301 \"https://github.com/pulls?q=is%3Apr+author%3Apacoesteban+is%3Apublic\""
+          - name: "/openbsd-contrib"
+            options:
+            - "block return 301 \"https://marc.info/?l=openbsd-ports-cvs&w=2&r=1&s=Paco+Esteban&q=b\""
+      - server_name: "git.e1e0.net"
+        server_owner: "paco"
+        root: "/htdocs/git.e1e0.net"
+        httpd_options:
+          - "directory { index index.html }"
+        locations:
+          - name: "/*.git*"
+            options:
+            - "root \"/var/git/public\""
+      - server_name: "onna.be"
+        server_aliases:
+          - "www.onna.be"
+        server_owner: "paco"
+        root: "/htdocs/onna.be"
+        locations:
+          - name: "/gh-contrib"
+            options:
+            - "block return 301 \"https://github.com/pulls?q=is%3Apr+author%3Apacoesteban+is%3Apublic\""
+          - name: "/openbsd-contrib"
+            options:
+            - "block return 301 \"https://marc.info/?l=openbsd-ports-cvs&w=2&r=1&s=Paco+Esteban&q=b\""
+          - name: "/*"
+            options:
+            - "block return 301 \"https://e1e0.net$REQUEST_URI\""
+      - server_name: "git.onna.be"
+        server_owner: "paco"
+        root: "/htdocs/git.e1e0.net"
+        httpd_options:
+          - "directory { index index.html }"
+        locations:
+          - name: "/*.git*"
+            options:
+            - "root \"/var/git/public\""
+          - name: "/*"
+            options:
+            - "block return 301 \"https://git.e1e0.net$REQUEST_URI\""
+
+- name: Set up gopher server
+  hosts: web
+  remote_user: paco
+  become: yes
+  become_method: doas
+  roles:
+    - gopher