[re2o-front] Use generic nginx role

Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-05-13 20:06:55 +02:00 · 2021-05-13 20:06:55 +02:00 · 7ea444f02e
parent fb317587d6
commit 7ea444f02e
4 changed files with 48 additions and 17 deletions
--- a/group_vars/re2o_front.yml
+++ b/group_vars/re2o_front.yml
@ -0,0 +1,34 @@
+---
+glob_re2o_front:
+  server_names:
+    - "{{ query('ldap', 'ip', 're2o', 'adm') | ipv4 | first }}"
+    - "[{{ query('ldap', 'ip', 're2o', 'adm') | ipv6 | first }}]"
+    - re2o.adm.crans.org
+    - intranet.adm.crans.org
+    - re2o.crans.org
+    - intranet.crans.org
+
+loc_nginx:
+  service_name: re2o
+  ssl: []
+  servers:
+    - ssl: false
+      server_name: "{{ re2o_front.server_names }}"
+      locations:
+        - filter: "/static"
+          params:
+            - "alias /var/www/re2o/static_files/"
+        - filter: "/javascript"
+          params:
+            - "alias /usr/share/javascript/"
+        - filter: "/media"
+          params:
+            - "alias /var/www/re2o/media/"
+        - filter: "/"
+          params:
+            - "uwsgi_pass re2o"
+            - "include /etc/nginx/uwsgi_params"
+  upstreams:
+    - name: re2o
+      server: unix:///var/run/uwsgi/app/re2o/re2o.sock
+  default_server: intranet.crans.org
--- a/5
+++ b/5
@ -100,6 +100,7 @@ django_cas
 galene
 jitsi
 mailman
+re2o_front
 reverseproxy
 roundcube
 thelounge
@ -133,6 +134,10 @@ re2o.cachan-adm.crans.org
 [re2o:children]
 radius

+[re2o_front]
+re2o.adm.crans.org
+re2o.cachan-adm.crans.org
+
 [reverseproxy]
 hodaur.adm.crans.org
 sputnik.adm.crans.org
--- a/plays/re2o.yml
+++ b/plays/re2o.yml
@ -2,9 +2,14 @@
 ---
 - hosts: re2o
  vars:
-    re2o: "{{ glob_re2o | combine(loc_re2o) }}"
+    re2o: "{{ glob_re2o | default({}) | combine(loc_re2o | default({})) }}"
  roles:
    - re2o

- hosts: re2o.adm.crans.org
-  roles: ["re2o-front"]
+- hosts: re2o_front
+  vars:
+    re2o_front: "{{ glob_re2o_front | default({}) | combine(loc_re2o_front | default({})) }}"
+    nginx: "{{ glob_nginx | default({}) | combine(loc_nginx | default({})) }}"
+  roles:
+    - nginx
+    - re2o-front
--- a/roles/re2o-front/tasks/main.yml
+++ b/roles/re2o-front/tasks/main.yml
@ -11,34 +11,21 @@
  retries: 3
  until: apt_result is succeeded

- name: Install NGINX and uWSGI
+- name: Install uWSGI
  apt:
    update_cache: true
    name:
-      - nginx
      - uwsgi
      - uwsgi-plugin-python3
  register: apt_result
  retries: 3
  until: apt_result is succeeded

- name: Copy re2o NGINX site
-  template:
-    src: "nginx/sites-available/re2o.j2"
-    dest: "/etc/nginx/sites-available/re2o"
-
 - name: Copy re2o uWSGI app
  template:
    src: "uwsgi/apps-available/re2o.ini.j2"
    dest: "/etc/uwsgi/apps-available/re2o.ini"

- name: Activate re2o NGINX site
-  file:
-    src: "../sites-available/re2o"
-    dest: "/etc/nginx/sites-enabled/re2o"
-    state: link
-  notify: Reload NGINX
-
 - name: Activate re2o uWSGI app
  file:
    src: "../apps-available/re2o.ini"