Activer les onions pour les pages perso
This commit is contained in:
parent
f951ce7597
commit
702fc92bab
|
@ -0,0 +1,3 @@
|
||||||
|
HiddenServiceDir /var/lib/tor/{{ item.name }}
|
||||||
|
HiddenServiceVersion 3
|
||||||
|
HiddenServicePort 80 127.0.0.1:80
|
|
@ -26,4 +26,6 @@
|
||||||
src: ../files/letsencrypt_cli.ini
|
src: ../files/letsencrypt_cli.ini
|
||||||
dest: /etc/letsencrypt/cli.ini
|
dest: /etc/letsencrypt/cli.ini
|
||||||
|
|
||||||
|
- include: tor.yml
|
||||||
|
|
||||||
- include: users.yml
|
- include: users.yml
|
||||||
|
|
|
@ -19,3 +19,8 @@
|
||||||
user: "{{ item.name }}"
|
user: "{{ item.name }}"
|
||||||
state: present
|
state: present
|
||||||
key: "{{ item.key }}"
|
key: "{{ item.key }}"
|
||||||
|
|
||||||
|
- name: Génerer un onion pour l'utilisateurice
|
||||||
|
template:
|
||||||
|
src: ../files/onion.conf.j2
|
||||||
|
dest: "/etc/tor/onions/{{ item.name }}.conf"
|
||||||
|
|
|
@ -0,0 +1,14 @@
|
||||||
|
- name: Tor charge les onions depuis /etc/tor/onions/
|
||||||
|
lineinfile:
|
||||||
|
path: /etc/tor/torrc
|
||||||
|
line: "%include /etc/tor/onions"
|
||||||
|
state: present
|
||||||
|
notify: reload tor
|
||||||
|
|
||||||
|
- name: On crée le dossier pour les onions
|
||||||
|
file:
|
||||||
|
path: /etc/tor/onions
|
||||||
|
state: directory
|
||||||
|
owner: debian-tor
|
||||||
|
group: debian-tor
|
||||||
|
mode: '0740'
|
|
@ -1,2 +1,12 @@
|
||||||
- include_tasks: setup_user.yml
|
- include_tasks: setup_user.yml
|
||||||
loop: "{{ users }}"
|
loop: "{{ users }}"
|
||||||
|
|
||||||
|
- name: Redémarrer le démon tor pour générer les onions
|
||||||
|
service:
|
||||||
|
name: tor
|
||||||
|
state: restarted
|
||||||
|
|
||||||
|
- name: Attendre que les onion perso soient générés
|
||||||
|
wait_for:
|
||||||
|
path: "/var/lib/tor/{{ item.name }}/hostname"
|
||||||
|
loop: "{{ users }}"
|
||||||
|
|
|
@ -0,0 +1,12 @@
|
||||||
|
server {
|
||||||
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
|
|
||||||
|
server_name {{ web_onion.stdout }};
|
||||||
|
root /home/{{ item.name }}/public_html;
|
||||||
|
index index.html;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
try_files $uri $uri/ =404;
|
||||||
|
}
|
||||||
|
}
|
|
@ -22,20 +22,12 @@
|
||||||
dest: /etc/nginx/conf.d/ssl.conf
|
dest: /etc/nginx/conf.d/ssl.conf
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
|
|
||||||
- name: Prepare symlink for user sites
|
- name: Déployer les pages perso
|
||||||
file:
|
include: pages_perso.yml
|
||||||
src: /etc/nginx/sites-available/users-site.conf
|
|
||||||
dest: /etc/nginx/sites-enabled/users-site.conf
|
|
||||||
force: yes
|
|
||||||
follow: no
|
|
||||||
state: link
|
|
||||||
|
|
||||||
- name: Deploy config for user sites on subdomains
|
- name: Configurer nginx pour les noms de domaine longs
|
||||||
template:
|
lineinfile:
|
||||||
src: ../files/users.conf.j2
|
path: /etc/nginx/nginx.conf
|
||||||
dest: /etc/nginx/sites-available/users-site.conf
|
line: "server_names_hash_bucket_size 128;"
|
||||||
|
insertafter: "^http {"
|
||||||
- name: Add public_html to /etc/skel
|
notify: reload nginx
|
||||||
file:
|
|
||||||
path: /etc/skel/public_html
|
|
||||||
state: directory
|
|
||||||
|
|
|
@ -0,0 +1,15 @@
|
||||||
|
- name: Récupérer le hostname en onion
|
||||||
|
command: "cat /var/lib/tor/{{ item.name }}/hostname"
|
||||||
|
register: web_onion
|
||||||
|
|
||||||
|
- name: Configurer l'onion pour les pages perso de l'utilisateurice
|
||||||
|
template:
|
||||||
|
src: ../files/onion.conf.j2
|
||||||
|
dest: "/etc/nginx/sites-available/{{ item.name }}.onion.conf"
|
||||||
|
notify: reload nginx
|
||||||
|
|
||||||
|
- name: Activer la configuration nginx
|
||||||
|
file:
|
||||||
|
src: "/etc/nginx/sites-available/{{ item.name }}.onion.conf"
|
||||||
|
dest: "/etc/nginx/sites-enabled/{{ item.name }}.onion.conf"
|
||||||
|
state: link
|
|
@ -0,0 +1,21 @@
|
||||||
|
- name: Créer les liens symboliques pour la config des sites
|
||||||
|
file:
|
||||||
|
src: /etc/nginx/sites-available/users-site.conf
|
||||||
|
dest: /etc/nginx/sites-enabled/users-site.conf
|
||||||
|
force: yes
|
||||||
|
follow: no
|
||||||
|
state: link
|
||||||
|
|
||||||
|
- name: Configurer les pages perso pour nginx
|
||||||
|
template:
|
||||||
|
src: ../files/users.conf.j2
|
||||||
|
dest: /etc/nginx/sites-available/users-site.conf
|
||||||
|
|
||||||
|
- name: Ajouter un dossier public_html dans le squelette
|
||||||
|
file:
|
||||||
|
path: /etc/skel/public_html
|
||||||
|
state: directory
|
||||||
|
|
||||||
|
- name: Configurer les pages perso en onion
|
||||||
|
include: onions_perso.yml
|
||||||
|
loop: "{{ users }}"
|
Loading…
Reference in New Issue