crans
/
ansible
mirror of http://gitlab.adm.crans.org/nounous/ansible.git
19
0
Fork 0
Code Issues Projects Releases Wiki Activity

[nginx/roundcube] Factorize configuration 

Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
certbot_on_virtu
Yohann D'ANELLO 2021-02-22 16:15:31 +01:00 committed by ynerant
parent 4c115a8b34
commit 8d8c212f49
6 changed files with 28 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
group_vars/roundcube.yml
View File

@ -1,4 +1,4 @@
roundcube_glob: glob_roundcube:
name: Crans name: Crans
imap_server: owl.adm.crans.org imap_server: owl.adm.crans.org
smtp_server: smtp.adm.crans.org smtp_server: smtp.adm.crans.org
@ -29,3 +29,4 @@ roundcube_glob:
elastic: https://www.crans.org/images/crans.svg elastic: https://www.crans.org/images/crans.svg
larry: https://www.crans.org/images/crans_banner.png larry: https://www.crans.org/images/crans_banner.png
classic: https://www.crans.org/images/crans_banner.png classic: https://www.crans.org/images/crans_banner.png

22
host_vars/roundcube.adm.crans.org.yml
View File

@ -2,3 +2,25 @@
interfaces: interfaces:
adm: eth0 adm: eth0
srv_nat: eth1 srv_nat: eth1
loc_nginx:
service_name: "roundcube"
ssl: []
servers:
- server_name:
- "roundcube.adm.crans.org"
default: true
root: "/var/lib/roundcube"
locations:
- filter: "~ \\.php$"
params:
- "include snippets/fastcgi-php.conf"
- "fastcgi_buffer_size 128k"
- "fastcgi_buffers 4 256k"
- "fastcgi_busy_buffers_size 256k"
- "fastcgi_pass unix:/var/run/php/php7.3-fpm.sock"
- "include fastcgi_params"
additional_params:
- "index index.php index.htm index.html"
- "try_files $uri $uri/ /index.php?q=$uri&$args"
- "client_max_body_size 10G"

1
hosts
View File

@ -90,6 +90,7 @@ charybde.adm.crans.org
[nginx:children] [nginx:children]
mailman mailman
reverseproxy reverseproxy
roundcube
thelounge thelounge
[ntp_server] [ntp_server]

4
plays/roundcube.yml
View File

@ -3,6 +3,8 @@
- hosts: roundcube - hosts: roundcube
vars: vars:
roundcube: '{{ roundcube_glob | default({}) | combine(roundcube_loc | default({})) }}' nginx: '{{ glob_nginx | default({}) | combine(loc_nginx | default({})) }}'
roundcube: '{{ glob_roundcube | default({}) | combine(loc_roundcube | default({})) }}'
roles: roles:
- roundcube - roundcube
- nginx

14
roles/roundcube/tasks/main.yml
View File

@ -4,7 +4,6 @@
update_cache: true update_cache: true
install_recommends: false install_recommends: false
name: name:
- nginx
- roundcube - roundcube
- roundcube-pgsql - roundcube-pgsql
- roundcube-plugins - roundcube-plugins
@ -52,19 +51,6 @@
loop: "{{ roundcube.plugins }}" loop: "{{ roundcube.plugins }}"
when: item.repo is defined when: item.repo is defined
- name: Copy NGINX site
template:
src: nginx/roundcube.j2
dest: /etc/nginx/sites-available/roundcube
notify: Restart nginx
- name: Activate NGINX site
file:
src: /etc/nginx/sites-available/roundcube
dest: /etc/nginx/sites-enabled/roundcube
state: link
notify: Restart nginx
- name: Indicate role in motd - name: Indicate role in motd
template: template:
src: update-motd.d/05-service.j2 src: update-motd.d/05-service.j2

28
roles/roundcube/templates/nginx/roundcube.j2
View File

@ -1,28 +0,0 @@
{{ ansible_header | comment }}
server {
listen roundcube.adm.crans.org:80;
listen [2a0c:700:0:2:6809:acff:fe67:47e6]:80;
server_name roundcube.adm.crans.org;
root /var/lib/roundcube;
index index.php index.htm index.html;
try_files $uri $uri/ /index.php?q=$uri&$args;
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
include fastcgi_params;
}
set_real_ip_from 10.231.136.0/24;
set_real_ip_from 2a0c:700:0:2::/64;
real_ip_header P-Real-Ip;
client_max_body_size 10G;
}