Traduction du rôle webserver
This commit is contained in:
parent
9c2b34bf61
commit
37f6b5ea0a
24
i18n/en.yml
24
i18n/en.yml
|
@ -42,3 +42,27 @@ common-users-setup-sudo: Give admin powers to new user
|
||||||
common-users-setup-key: Authorize associated SSH key
|
common-users-setup-key: Authorize associated SSH key
|
||||||
common-users-setup-onion: Generate a personal onion
|
common-users-setup-onion: Generate a personal onion
|
||||||
common-users-setup-irc: Welcome the user on IRC
|
common-users-setup-irc: Welcome the user on IRC
|
||||||
|
common-users-tor-wait: Wait for onions to be generated
|
||||||
|
#### roles/webserver
|
||||||
|
# roles/webserver/handlers/main.yml
|
||||||
|
webserver-reload-nginx: Restart web server
|
||||||
|
# roles/webserver/tasks/certbot.yml
|
||||||
|
webserver-certbot-main: Generate main certificate
|
||||||
|
webserver-certbot-users: Generate user certificates
|
||||||
|
# roles/webserver/tasks/nginx.yml
|
||||||
|
webserver-default-config: Generate config for default site
|
||||||
|
webserver-default-symlink: Enable config for default site
|
||||||
|
webserver-tls-config: Configure webserver TLS settings
|
||||||
|
webserver-personal-pages: Setup personal pages
|
||||||
|
webserver-bucket-size: Configure webserver for long domain names (onions)
|
||||||
|
# roles/webserver/tasks/onions_perso.yml
|
||||||
|
webserver-onion-hostname: Read personal onion
|
||||||
|
webserver-onion-config: Configure personal onion page
|
||||||
|
webserver-onion-symlink: Enable personal onion page config
|
||||||
|
# roles/webserver/tasks/packages.yml
|
||||||
|
webserver-pkg: Setup packages for the webserver
|
||||||
|
# roles/webserver/tasks/pages_perso.yml
|
||||||
|
webserver-perso-config: Configure personal pages for webserver
|
||||||
|
webserver-perso-symlink: Enable personal pages config
|
||||||
|
webserver-perso-publichtml: Create public_html folder in skel
|
||||||
|
webserver-perso-onions: Prepare personal pages on onions
|
||||||
|
|
33
i18n/fr.yml
33
i18n/fr.yml
|
@ -37,8 +37,31 @@ common-peering-remote-known: Déclarer la clé du pair sur le compte peer
|
||||||
common-users-tor-reload: Redémarrer tor pour générer les nouveaux onions
|
common-users-tor-reload: Redémarrer tor pour générer les nouveaux onions
|
||||||
common-users-tor-wait: Attendre que les onions soient générés
|
common-users-tor-wait: Attendre que les onions soient générés
|
||||||
# roles/.common/tasks/users/setup_user.yml
|
# roles/.common/tasks/users/setup_user.yml
|
||||||
common-users-setup-account: Create account for new user
|
common-users-setup-account: Créer le nouveau compte
|
||||||
common-users-setup-sudo: Give admin powers to new user
|
common-users-setup-sudo: Donner les droits d'admin au nouveau compte
|
||||||
common-users-setup-key: Authorize associated SSH key
|
common-users-setup-key: Autoriser la clé SSH associée
|
||||||
common-users-setup-onion: Generate a personal onion
|
common-users-setup-onion: Générer un onion perso
|
||||||
common-users-setup-irc: Welcome the user on IRC
|
common-users-setup-irc: Accueillir l'utilisateurice sur IRC
|
||||||
|
#### roles/webserver
|
||||||
|
# roles/webserver/handlers/main.yml
|
||||||
|
webserver-reload-nginx: Redémarrer le serveur web
|
||||||
|
# roles/webserver/tasks/certbot.yml
|
||||||
|
webserver-certbot-main: Générer le certificat principal
|
||||||
|
webserver-certbot-users: Générer les certificats perso
|
||||||
|
# roles/webserver/tasks/nginx.yml
|
||||||
|
webserver-default-config: Générer la configuration du site par défaut
|
||||||
|
webserver-default-symlink: Activer la config du site par défaut
|
||||||
|
webserver-tls-config: Paramétrer TLS pour le serveur web
|
||||||
|
webserver-personal-pages: Mettre en place les pages perso
|
||||||
|
webserver-bucket-size: Configurer le serveur web pour les longs domaines (.onion)
|
||||||
|
# roles/webserver/tasks/onions_perso.yml
|
||||||
|
webserver-onion-hostname: Récupérer l'onion perso
|
||||||
|
webserver-onion-config: Configurer les pages perso en onion
|
||||||
|
webserver-onion-symlink: Activer la configuration des pages perso en onion
|
||||||
|
# roles/webserver/tasks/packages.yml
|
||||||
|
webserver-pkg: Installer les paquets pour le serveur web
|
||||||
|
# roles/webserver/tasks/pages_perso.yml
|
||||||
|
webserver-perso-config: Configurer les pages perso
|
||||||
|
webserver-perso-symlink: Activer la configuration des pages perso
|
||||||
|
webserver-perso-publichtml: Créer le dossier public_html dans /etc/skel
|
||||||
|
webserver-perso-onions: Préparer les pages perso en onion
|
||||||
|
|
|
@ -1,2 +1,2 @@
|
||||||
- name: reload nginx
|
- name: webserver-reload-nginx
|
||||||
service: name=nginx state=restarted
|
service: name=nginx state=restarted
|
||||||
|
|
|
@ -1,9 +1,9 @@
|
||||||
- name: Generate main certificate
|
- name: webserver-certbot-main
|
||||||
command:
|
command:
|
||||||
creates: /etc/letsencrypt/live/{{ hostname }}/fullchain.pem
|
creates: /etc/letsencrypt/live/{{ hostname }}/fullchain.pem
|
||||||
cmd: certbot certonly --non-interactive --agree-tos --webroot -w /var/www/html -d {{ hostname }} -d www.{{ hostname }}
|
cmd: certbot certonly --non-interactive --agree-tos --webroot -w /var/www/html -d {{ hostname }} -d www.{{ hostname }}
|
||||||
|
|
||||||
- name: Generate user certificates
|
- name: webserver-certbot-users
|
||||||
command:
|
command:
|
||||||
creates: "/etc/letsencrypt/live/{{ item.name }}.{{ hostname }}/fullchain.pem"
|
creates: "/etc/letsencrypt/live/{{ item.name }}.{{ hostname }}/fullchain.pem"
|
||||||
cmd: "certbot certonly --non-interactive --agree-tos --webroot -w /var/www/html -d {{ item.name }}.{{ hostname }}"
|
cmd: "certbot certonly --non-interactive --agree-tos --webroot -w /var/www/html -d {{ item.name }}.{{ hostname }}"
|
||||||
|
|
|
@ -1,27 +1,27 @@
|
||||||
- name: Deploy default site configuration
|
- name: webserver-default-config
|
||||||
template:
|
template:
|
||||||
src: ../files/default-site.conf.j2
|
src: ../files/default-site.conf.j2
|
||||||
dest: /etc/nginx/sites-available/default-site.conf
|
dest: /etc/nginx/sites-available/default-site.conf
|
||||||
notify: reload nginx
|
notify: reload-nginx
|
||||||
|
|
||||||
- name: Prepare symlink for default site
|
- name: webserver-default-symlink
|
||||||
file:
|
file:
|
||||||
src: /etc/nginx/sites-available/default-site.conf
|
src: /etc/nginx/sites-available/default-site.conf
|
||||||
dest: /etc/nginx/sites-enabled/default-site.conf
|
dest: /etc/nginx/sites-enabled/default-site.conf
|
||||||
state: link
|
state: link
|
||||||
|
|
||||||
- name: Deploy TLS config
|
- name: webserver-tls-config
|
||||||
copy:
|
copy:
|
||||||
src: ../files/ssl.conf
|
src: ../files/ssl.conf
|
||||||
dest: /etc/nginx/conf.d/ssl.conf
|
dest: /etc/nginx/conf.d/ssl.conf
|
||||||
notify: reload nginx
|
notify: reload-nginx
|
||||||
|
|
||||||
- name: Déployer les pages perso
|
- name: webserver-personal-pages
|
||||||
include: pages_perso.yml
|
include: pages_perso.yml
|
||||||
|
|
||||||
- name: Configurer nginx pour les noms de domaine longs
|
- name: webserver-bucket-size
|
||||||
lineinfile:
|
lineinfile:
|
||||||
path: /etc/nginx/nginx.conf
|
path: /etc/nginx/nginx.conf
|
||||||
line: "server_names_hash_bucket_size 128;"
|
line: "server_names_hash_bucket_size 128;"
|
||||||
insertafter: "^http {"
|
insertafter: "^http {"
|
||||||
notify: reload nginx
|
notify: reload-nginx
|
||||||
|
|
|
@ -1,14 +1,14 @@
|
||||||
- name: Récupérer le hostname en onion
|
- name: webserver-onion-hostname
|
||||||
command: "cat /var/lib/tor/{{ item.name }}/hostname"
|
command: "cat /var/lib/tor/{{ item.name }}/hostname"
|
||||||
register: web_onion
|
register: web_onion
|
||||||
|
|
||||||
- name: Configurer l'onion pour les pages perso de l'utilisateurice
|
- name: webserver-onion-config
|
||||||
template:
|
template:
|
||||||
src: ../files/onion.conf.j2
|
src: ../files/onion.conf.j2
|
||||||
dest: "/etc/nginx/sites-available/{{ item.name }}.onion.conf"
|
dest: "/etc/nginx/sites-available/{{ item.name }}.onion.conf"
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
|
|
||||||
- name: Activer la configuration nginx
|
- name: webserver-onion-symlink
|
||||||
file:
|
file:
|
||||||
src: "/etc/nginx/sites-available/{{ item.name }}.onion.conf"
|
src: "/etc/nginx/sites-available/{{ item.name }}.onion.conf"
|
||||||
dest: "/etc/nginx/sites-enabled/{{ item.name }}.onion.conf"
|
dest: "/etc/nginx/sites-enabled/{{ item.name }}.onion.conf"
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
- name: Installer les paquets pour le serveur web
|
- name: webserver-pkg
|
||||||
apt:
|
apt:
|
||||||
name:
|
name:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
|
@ -1,19 +1,19 @@
|
||||||
- name: Configurer les pages perso pour nginx
|
- name: webserver-perso-config
|
||||||
template:
|
template:
|
||||||
src: ../files/users.conf.j2
|
src: ../files/users.conf.j2
|
||||||
dest: /etc/nginx/sites-available/users-site.conf
|
dest: /etc/nginx/sites-available/users-site.conf
|
||||||
|
|
||||||
- name: Créer les liens symboliques pour la config des sites
|
- name: webserver-perso-symlink
|
||||||
file:
|
file:
|
||||||
src: /etc/nginx/sites-available/users-site.conf
|
src: /etc/nginx/sites-available/users-site.conf
|
||||||
dest: /etc/nginx/sites-enabled/users-site.conf
|
dest: /etc/nginx/sites-enabled/users-site.conf
|
||||||
state: link
|
state: link
|
||||||
|
|
||||||
- name: Ajouter un dossier public_html dans le squelette
|
- name: webserver-perso-publichtml
|
||||||
file:
|
file:
|
||||||
path: /etc/skel/public_html
|
path: /etc/skel/public_html
|
||||||
state: directory
|
state: directory
|
||||||
|
|
||||||
- name: Configurer les pages perso en onion
|
- name: webserver-perso-onions
|
||||||
include: onions_perso.yml
|
include: onions_perso.yml
|
||||||
loop: "{{ users }}"
|
loop: "{{ users }}"
|
||||||
|
|
Loading…
Reference in New Issue