Merge branch 'master' into debian

2019-10-07 20:45:02 +02:00 · 2019-10-07 20:45:02 +02:00 · 84b90ee8fb
commit 84b90ee8fb
parent cabcb2d461 6564876252
5 changed files with 107 additions and 22 deletions
--- a/group_vars/all/all_vault
+++ b/group_vars/all/all_vault
@ -1,19 +1,28 @@
 $ANSIBLE_VAULT;1.1;AES256
-66373932613336323337303165393131656639616164393765646533343937346638343235623665
-3764663835643766636165386231633538323730303865350a373730356638316331643332386236
-65346662623063613933663233376239333664396431333264366464386632333936653130353431
-6538366132316333310a393537373862363439346565613566636330613934363136373131353161
-30313339343332396132666234646130666661356236333937343730386539656562343538656265
-35366237646264393466353835383439616264623737366230303833353033616163326635396539
-62363761313663326131363334323761336531353564323565373132393134383664353061396166
-65396530313165353164636239383038316137616437333962613662653535343938646637336233
-31393162623762643038323139313464393965613539353331646134653463306137653661303539
-31356235656231303261306465393836326362343262613134373566393035396165313235623265
-37333162313535653838353633626665623030663663386362663037323230393438333832376238
-31383734653733636337616639323161316535363636663236346234323833303662346230626565
-65633730363937646237643035366535393063653962346536616361666232336466663233313063
-64363864336237343739653065663730353031363130396134393337346465396164386161303938
-61303334323939616437313763663164323937386266666530373732613962366130326435613563
-62326332646561363365376363616431623330373561623761383336303835323765383831353064
-32643235316130333039616538326533636466346439616261616139326262396631386239653138
-6165613133656637633766643434376566393134643731343534
+36373932323731323261306130393236616639363063616661653562343033663365373235353732
+3665333739623264646665663832346436616539666238300a346230633632646664346162333930
+65613032346632626364336339646139393331646439383438353937323036653435316433396239
+6266646263306466610a373263663063373761353865323138323336343564323437373863343836
+33616533356436643262646139386661313130393762313530666162363162623631663464363532
+39346235303662366632616164333266643866326236663336333261646633643761316461646562
+33306236353038313734616436623330313937626433623665393063663530363435656134663263
+62356465616265356439306139393430363738633061646466363431623735336461626165346636
+31386438346538346330656265636663656134363664353432626565393935333366373738656139
+64623133356161366135363335323235396138373736396235356437643131626263646435643839
+61396662323731623765626265363230396533376532323763313838373834643833363130656232
+36366439393736636433353862303262376432313162323237393061653139316437623235393065
+64623334343266373663646633653539363936323338356562336464666330376435343338383831
+62366361303232343965616461376339386663666663666135323236313836326338653739306264
+35376630333565653865623037306137336636353562366563303264643564366430346430303561
+61663564666662663132383433396439653266366637313737363131666236396431326365343162
+66363061643761656364643166366437366164346430343639396261353065356430346464613566
+34363165373039383762656533626363633261633334376230656464323131323135666330313738
+39336339363332393862336638626236343237643039656334316664326565376264343262666439
+34323566333339346563393261373730363935383731383666343933353137646235623132636265
+39343733613063393131373161343961623239316533306430316262656234643963626139323933
+66653338303163393639323663613561363436373333313530643433656639663531666662326361
+36346663613532383861666330356366643263393564643363653366343066646639393463613165
+31663163333563336662376331386564356661613261323138373562333764303037326465363164
+39333461663362653833633731393164346437333964623230313463323464323461323030373532
+34383337623263346433363438303334393262333836316234393339376332626164316339376239
+666530303630336333303237343534616431
--- a/group_vars/server
+++ b/group_vars/server
@ -1,6 +1,6 @@
 systemd_mounts: 
    diskstation_git:
-        share: 192.168.1.10:/volume2/git
+        share: diskstation.ducamps.win:/volume2/git
        mount: /mnt/diskstation/git
        type: nfs
        options:
@ -14,6 +14,24 @@ systemd_mounts:
            - uid=1024
            - guid=100
        automount: true    
+    diskstation_home:
+        share: //diskstation.ducamps.win/homes/admin
+        mount: /mnt/diskstation/home
+        type: cifs
+        options:
+            - credentials=/etc/creds/.diskstation_credentials
+            - uid=1024
+            - gid=100
+        automount: true        
+    diskstation_photo:
+        share: //diskstation.ducamps.win/photo
+        mount: /mnt/diskstation/photo
+        type: cifs
+        options:
+            - credentials=/etc/creds/.diskstation_credentials
+            - uid=1024
+            - gid=100
+        automount: true
    diskstation_music:
        share: //diskstation.ducamps.win/music
        mount: /mnt/diskstation/music
@ -27,6 +45,9 @@ systemd_mounts_enabled:
    - diskstation_git
    - diskstation_music
    - backup_disk 
+    - diskstation_photo
+    - diskstation_home
+

 credentials_files:
    1:
@ -71,6 +92,7 @@ certbot_certs:
    - git.{{domain.name}}
    - supysonic.{{domain.name}}
    - syno.{{domain.name}}
+    - file.{{domain.name}}


 nginx_vhosts:
@ -162,6 +184,22 @@ nginx_vhosts:
          add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
          proxy_pass http://localhost:8001;
        }
+    - listen: "443 ssl"
+      server_name: "file.{{domain.name}}"
+      filename: "cloudcommander.conf"
+      state: "present"
+      template: "{{ nginx_vhost_template }}"
+      extra_parameters: |
+        include /etc/nginx/conf.d/{{domain.name}}.ssl;
+        location / { 
+          proxy_set_header Host $host;
+          proxy_set_header X-Real-IP $remote_addr;
+          proxy_set_header X-Forwarded-Host $host:$server_port;
+          proxy_set_header X-Forwarded-Server $host;
+          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+          add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+          proxy_pass http://localhost:8000;
+        }

 nginx_realIP_Proxy: 192.168.1.10/24

@ -214,3 +252,5 @@ gitea_ssh_port: 22
 gitea_SQl_target_file: /mnt/diskstation/git/backup/mysql/last/gitea.sql

 supysonic_db_password: "{{ vault_mysql_supysonic }}"
+
+docker_users: "{{user.name}}" 
--- a/host_vars/arch3
+++ b/host_vars/arch3
@ -4,3 +4,37 @@ gitea_http_domain: arch3
 gitea_root_url: http://arch3:3000

 chainetv_repo_branch: dev
+
+certbot_create_if_missing: false
+
+nginx_vhosts:
+    - listen: "80"
+      server_name: "_"
+      filename: "default.conf"
+      state: "present"
+      template: "{{ nginx_vhost_template }}"
+      extra_parameters: |
+        error_page   500 502 503 504  /50x.html;
+        location = /50x.html {
+            root   /usr/share/nginx/html;
+        }
+           location / {
+           index index.php index.html index.htm ;
+           default_type text/html;
+
+        }
+        location =/ {
+             rewrite ^ /starter;
+        }
+
+        location ~ \.php$ {
+           # try_files $uri =404;
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_read_timeout 800;
+            fastcgi_index index.php;
+            include fastcgi_params;
+        }
+        include /etc/nginx/conf.d/*.default;
+   
--- a/host_vars/pi2
+++ b/host_vars/pi2
@ -1,3 +1,4 @@
 ttrss_url_path: "https://www.{{domain.name}}/tt-rss"
 gitea_http_domain: git.{{domain.name}}
 gitea_root_url: https://git.{{domain.name}}
+certbot_force: false
--- a/server.yml
+++ b/server.yml
@ -18,6 +18,7 @@
  - {role: nginx, become: yes }  
  - {role: ansible-role-certbot, become: yes} ##need to have a external connection on 80
  - {role: mariadb, become: yes }
+  - cloud-commander
  - php
  - tt-rss
  - gitea