WIP: intégration de forgehook pour la livraison continue (CD) #30
|
|
@ -9,7 +9,7 @@ peers:
|
|||
packages:
|
||||
debian: [ subversion, mercurial, htop, tmux, vim, emacs, mutt, weechat, elinks, rsync, dnsutils, make, g++, libssl-dev, mosh, gopher, sl ]
|
||||
rust: [ lsd ]
|
||||
custom: [ zola, ttbp ]
|
||||
custom: [ zola, ttbp, forgehook ]
|
||||
users:
|
||||
- name: tofu
|
||||
sudo: true
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@
|
|||
|
||||
- name: common-users-setup-irc
|
||||
irc:
|
||||
msg: "{{ irc_announce.msg | default('Bienvenue à ' ~ item.name ~ sur le serveur \\o/') }}"
|
||||
msg: "{{ irc_announce.msg | default('Bienvenue à ' ~ item.name ~ ' sur le serveur \\o/') }}"
|
||||
server: "{{ irc_announce.server | default('irc.tilde.chat') }}"
|
||||
port: "{{ irc_announce.port | default(6697) }}"
|
||||
channel: "{{ irc_announce.chan }}"
|
||||
|
|
|
|||
|
|
@ -0,0 +1,11 @@
|
|||
location /.well-known/forgehook {
|
||||
alias /opt/forgehook/source/public;
|
||||
index index.html index.php;
|
||||
try_files $uri $uri/ /index.php;
|
||||
|
||||
location ~ \.php$ {
|
||||
include fastcgi.conf;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_pass unix:/opt/forgehook/php.sock;
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,22 @@
|
|||
[forgehook]
|
||||
user = __forgehook
|
||||
group = __forgehook
|
||||
listen = /opt/forgehook/php.sock
|
||||
listen.owner = www-data
|
||||
listen.group = www-data
|
||||
pm = dynamic
|
||||
pm.max_children = 5
|
||||
pm.start_servers = 2
|
||||
pm.min_spare_servers = 1
|
||||
pm.max_spare_servers = 3
|
||||
|
||||
pm.max_requests = 30
|
||||
request_terminate_timeout = 10s
|
||||
|
||||
catch_workers_output = yes
|
||||
|
||||
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
|
||||
;php_flag[display_errors] = off
|
||||
php_admin_value[error_log] = /opt/forgehook/php.err.log
|
||||
php_admin_flag[log_errors] = on
|
||||
php_admin_value[memory_limit] = 32M
|
||||
|
|
@ -0,0 +1 @@
|
|||
../webserver/handlers/
|
||||
|
|
@ -0,0 +1,41 @@
|
|||
- name: custom-forgehook-user
|
||||
user:
|
||||
name: __forgehook
|
||||
state: present
|
||||
shell: /bin/bash
|
||||
system: no
|
||||
createhome: yes
|
||||
home: /opt/forgehook
|
||||
|
||||
- name: custom-forgehook-clone
|
||||
git:
|
||||
repo: https://tildegit.org/southerntofu/webhook
|
||||
dest: /opt/forgehook/source
|
||||
register: repo_update
|
||||
|
||||
- name: custom-forgehook-setup
|
||||
shell:
|
||||
chdir: /opt/forgehook/source
|
||||
cmd: bash setup.sh
|
||||
when: repo_update.changed
|
||||
|
||||
# TODO: Ici on présume très très fortement que webserver est activé et PHP installé -> mettre en place un vrai système d'interface entre rôles
|
||||
# TODO: Here we strongly assume webserver is enabled and PHP setup -> need a real interface/dependency system between roles
|
||||
|
||||
- name: custom-forgehook-phpconf
|
||||
copy:
|
||||
src: ../../files/forgehook/php.conf
|
||||
dest: /etc/php/7.3/fpm/pool.d/forgehook.conf
|
||||
notify: webserver-reload-php
|
||||
|
||||
- name: custom-forgehook-endpoint
|
||||
copy:
|
||||
remote_src: yes
|
||||
src: /opt/forgehook/source/endpoints/index.php
|
||||
dest: /opt/forgehook/source/public/index.php
|
||||
|
||||
- name: custom-forgehook-nginx
|
||||
copy:
|
||||
src: ../../files/forgehook/nginx.conf
|
||||
dest: /etc/nginx/conf.d/well-known/forgehook.conf
|
||||
notify: webserver-reload-nginx
|
||||
|
|
@ -1,14 +1,3 @@
|
|||
# Pour l'instant, il n'est pas possible d'avoir un paquet qui ne porte pas le nom de son binaire
|
||||
# parce qu'on vérifie que le binaire est installé
|
||||
# A terme, ça sera à chaque paquet de vérifier lui-même s'il est installé
|
||||
|
||||
# Vérifier quels paquets custom sont installés
|
||||
- stat:
|
||||
path: "/usr/local/bin/{{ item }}"
|
||||
loop: "{{ packages.custom }}"
|
||||
register: custom_exists
|
||||
|
||||
- name: "Installer les paquets custom activés dans la config"
|
||||
include: "{{ item.item }}/main.yml"
|
||||
loop: "{{ custom_exists.results | default([]) }}"
|
||||
when: not item.stat.exists
|
||||
include: "{{ item }}/main.yml"
|
||||
loop: "{{ packages.custom }}"
|
||||
|
|
|
|||
|
|
@ -2,6 +2,6 @@
|
|||
# Donc on copie un binaire que j'ai compilé avec amour
|
||||
- name: custom-zola-setup
|
||||
copy:
|
||||
src: ../../files/bin/zola
|
||||
src: ../../files/zola/zola
|
||||
dest: /usr/local/bin/zola
|
||||
mode: 0755
|
||||
|
|
|
|||
|
|
@ -31,6 +31,8 @@ server {
|
|||
#try_files $2 $2/ = 404;
|
||||
}
|
||||
|
||||
include /etc/nginx/conf.d/well-known/*.conf;
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/ =404;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,2 +1,5 @@
|
|||
- name: webserver-reload-nginx
|
||||
service: name=nginx state=restarted
|
||||
|
||||
- name: webserver-reload-php
|
||||
service: name=php7.3-fpm state=restarted
|
||||
|
|
|
|||
|
|
@ -16,6 +16,11 @@
|
|||
dest: /etc/nginx/conf.d/ssl.conf
|
||||
notify: webserver-reload-nginx
|
||||
|
||||
- name: TODO
|
||||
file:
|
||||
path: /etc/nginx/conf.d/well-known
|
||||
state: directory
|
||||
|
||||
- name: webserver-personal-pages
|
||||
include: pages_perso.yml
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue