Commit 5367dc55 authored by Pietsch, Martin's avatar Pietsch, Martin
Browse files

Merge branch 'devel' into stable

parents 87a98da7 0a6b6733
......@@ -29,9 +29,44 @@ Variables
* list of index files
* default: ["index.html"]
* www_user:
* description:
* The username for the www directory and the service.
* default: www
* www_group:
* description:
* The groupname for the www directory and the service.
* default: www
* www_ssl_priv_key:
* description:
* The SSL private key for the service.
* default: ""
* www_ssl_cert:
* description:
* The SSL certificate for the service.
* default: ""
* www_ssl_ca_cert:
* description:
* The SSL CA certificate for the service.
* default: ""
Processes
=========
main
----
1. create www group
2. create www user
configure
---------
1. create and configure www directory
2. configure SSL if www_ssl_priv_key and www_ssl_cert are set
License
=======
......
---
www_root_directory: "/var/www"
www_user: "www"
www_group: "www"
www_ssl_priv_key: ""
www_ssl_cert: ""
www_ssl_ca_cert: ""
www_mimetypes: []
www_list_directory: false
www_index_files: ["index.html"]
galaxy_info:
author: your name
description: your role description
company: your company (optional)
author: Martin Pietsch <martin.pietsch@tu-dresden.de>
company: TU Dresden
description: This role is the top level package of all www categorised software and does not provide a special software product.
role_name: package_www
# If the issue tracker for your role is not on github, uncomment the
# next line and provide a value
......@@ -14,7 +15,7 @@ galaxy_info:
# - GPL-3.0-only
# - Apache-2.0
# - CC-BY-4.0
license: license (GPL-2.0-or-later, MIT, etc)
license: BSD-3-Clause
min_ansible_version: 2.9
......@@ -27,10 +28,10 @@ galaxy_info:
# To view available platforms and versions (or releases), visit:
# https://galaxy.ansible.com/api/v1/platforms/
#
# platforms:
# - name: Fedora
# versions:
# - all
platforms:
- name: Linux/UNIX
versions:
- all
# - 25
# - name: SomePlatform
# versions:
......@@ -50,4 +51,4 @@ galaxy_info:
dependencies: []
# List your role dependencies here, one per line. Be sure to remove the '[]' above,
# if you add dependencies to this list.
\ No newline at end of file
*********************************
Vagrant driver installation guide
*********************************
Requirements
============
* Vagrant
* Virtualbox, Parallels, VMware Fusion, VMware Workstation or VMware Desktop
Install
=======
Please refer to the `Virtual environment`_ documentation for installation best
practices. If not using a virtual environment, please consider passing the
widely recommended `'--user' flag`_ when invoking ``pip``.
.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site
.. code-block:: bash
$ pip install 'molecule_vagrant'
---
- name: Converge
hosts: all
tasks:
- name: "test install package.www"
sdm.oor.call_role:
name: "package.www"
- name: "test configure package.www"
sdm.oor.call_role:
name: "package.www"
tasks: "configure"
---
dependency:
name: galaxy
enabled: False
driver:
name: podman
platforms:
- name: instance
image: docker.io/alpine:latest
command: "/sbin/init"
pre_build_image: yes
provisioner:
name: ansible
config_options:
defaults:
callback_whitelist: sdm.oor.sdmoor
stdout_callback: sdm.oor.sdmdefault
strategy: sdm.oor.sdmlinear
vars_plugins_enabled: sdm.common.sdm_host_group_vars
deprecation_warnings: False
remote_tmp: /tmp
playbooks:
create: create.yml
converge: converge.yml
destroy: destroy.yml
prepare: prepare.yml
verifier:
name: ansible
lint: |
set -e
yamllint .
ansible-lint -x sdm.oor.call_tasks .
---
- name: Prepare
hosts: all
gather_facts: False
tasks:
- name: install python"
raw: apk add python3
---
# This is an example playbook to execute Ansible tests.
- name: Verify
hosts: all
gather_facts: false
tasks:
- name: Example assertion
assert:
that: true
---
- name: "create www directory"
ansible.builtin.file:
path: "{{ www_root_directory }}"
state: directory
owner: "{{ www_user }}"
group: "{{ www_group }}"
mode: 0755
- name: "configure SSL"
block:
- name: "get stat of SSL private directory"
ansible.builtin.stat:
path: "{{ '%s/ssl/private' | format(system_config_directory) }"
register: _stat_sslprivdir
- name: "install SSL private key"
ansible.builtin.copy:
src: "{{ www_ssl_priv_key }}"
dst: "{{ '%s/ssl/private/%s' | format(system_config_directory, www_ssl_priv_key) }}"
mode: 0640
owner: "{{ _stat_sslprivdir.stat.pw_name }}"
group: "{{ _stat_sslprivdir.stat.gr_name }}"
- name: "get stat of SSL private directory"
ansible.builtin.stat:
path: "{{ '%s/ssl/certs' | format(system_config_directory) }}"
register: _stat_sslcertsdir
- name: "install SSL certificate"
ansible.builtin.copy:
src: "{{ www_ssl_cert }}"
dst: "{{ '%s/ssl/certs/%s' | format(system_config_directory, www_ssl_cert) }}"
mode: 0644
owner: "{{ _stat_sslcertdir.stat.pw_name }}"
group: "{{ _stat_sslcertdir.stat.gr_name }}"
- name: "install SSL CA certificate"
ansible.builtin.copy:
src: "{{ www_ssl_ca_cert }}"
dst: "{{ '%s/ssl/certs/%s' | format(system_config_directory, www_ssl_ca_cert) }}"
mode: 0644
owner: "{{ _stat_sslcertdir.stat.pw_name }}"
group: "{{ _stat_sslcertdir.stat.gr_name }}"
when: (www_ssl_ca_cert | length) > 0
when: (www_ssl_priv_key | length) > 0 and (www_ssl_cert | length) > 0
notify:
- "reload service"
- name: "execute inherited configure"
sdm.oor.call_tasks:
from: configure
super: True
---
- name: "execute inherited main"
sdm.oor.call_tasks:
from: "main"
super: True
- name: "create www group"
ansible.builtin.group:
name: "{{ www_group }}"
system: True
- name: "create www user"
ansible.builtin.user:
name: "{{ www_user }}"
comment: "www user"
create_home: False
group: "{{ www_group }}"
home: "{{ www_root_directory }}"
shell: "/usr/sbin/nologin"
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment