forked from tilde-fr/infra
Activer les onions pour les pages perso
This commit is contained in:
parent
f951ce7597
commit
702fc92bab
|
@ -0,0 +1,3 @@
|
|||
HiddenServiceDir /var/lib/tor/{{ item.name }}
|
||||
HiddenServiceVersion 3
|
||||
HiddenServicePort 80 127.0.0.1:80
|
|
@ -26,4 +26,6 @@
|
|||
src: ../files/letsencrypt_cli.ini
|
||||
dest: /etc/letsencrypt/cli.ini
|
||||
|
||||
- include: tor.yml
|
||||
|
||||
- include: users.yml
|
||||
|
|
|
@ -19,3 +19,8 @@
|
|||
user: "{{ item.name }}"
|
||||
state: present
|
||||
key: "{{ item.key }}"
|
||||
|
||||
- name: Génerer un onion pour l'utilisateurice
|
||||
template:
|
||||
src: ../files/onion.conf.j2
|
||||
dest: "/etc/tor/onions/{{ item.name }}.conf"
|
||||
|
|
|
@ -0,0 +1,14 @@
|
|||
- name: Tor charge les onions depuis /etc/tor/onions/
|
||||
lineinfile:
|
||||
path: /etc/tor/torrc
|
||||
line: "%include /etc/tor/onions"
|
||||
state: present
|
||||
notify: reload tor
|
||||
|
||||
- name: On crée le dossier pour les onions
|
||||
file:
|
||||
path: /etc/tor/onions
|
||||
state: directory
|
||||
owner: debian-tor
|
||||
group: debian-tor
|
||||
mode: '0740'
|
|
@ -1,2 +1,12 @@
|
|||
- include_tasks: setup_user.yml
|
||||
loop: "{{ users }}"
|
||||
|
||||
- name: Redémarrer le démon tor pour générer les onions
|
||||
service:
|
||||
name: tor
|
||||
state: restarted
|
||||
|
||||
- name: Attendre que les onion perso soient générés
|
||||
wait_for:
|
||||
path: "/var/lib/tor/{{ item.name }}/hostname"
|
||||
loop: "{{ users }}"
|
||||
|
|
|
@ -0,0 +1,12 @@
|
|||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
|
||||
server_name {{ web_onion.stdout }};
|
||||
root /home/{{ item.name }}/public_html;
|
||||
index index.html;
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/ =404;
|
||||
}
|
||||
}
|
|
@ -22,20 +22,12 @@
|
|||
dest: /etc/nginx/conf.d/ssl.conf
|
||||
notify: reload nginx
|
||||
|
||||
- name: Prepare symlink for user sites
|
||||
file:
|
||||
src: /etc/nginx/sites-available/users-site.conf
|
||||
dest: /etc/nginx/sites-enabled/users-site.conf
|
||||
force: yes
|
||||
follow: no
|
||||
state: link
|
||||
- name: Déployer les pages perso
|
||||
include: pages_perso.yml
|
||||
|
||||
- name: Deploy config for user sites on subdomains
|
||||
template:
|
||||
src: ../files/users.conf.j2
|
||||
dest: /etc/nginx/sites-available/users-site.conf
|
||||
|
||||
- name: Add public_html to /etc/skel
|
||||
file:
|
||||
path: /etc/skel/public_html
|
||||
state: directory
|
||||
- name: Configurer nginx pour les noms de domaine longs
|
||||
lineinfile:
|
||||
path: /etc/nginx/nginx.conf
|
||||
line: "server_names_hash_bucket_size 128;"
|
||||
insertafter: "^http {"
|
||||
notify: reload nginx
|
||||
|
|
|
@ -0,0 +1,15 @@
|
|||
- name: Récupérer le hostname en onion
|
||||
command: "cat /var/lib/tor/{{ item.name }}/hostname"
|
||||
register: web_onion
|
||||
|
||||
- name: Configurer l'onion pour les pages perso de l'utilisateurice
|
||||
template:
|
||||
src: ../files/onion.conf.j2
|
||||
dest: "/etc/nginx/sites-available/{{ item.name }}.onion.conf"
|
||||
notify: reload nginx
|
||||
|
||||
- name: Activer la configuration nginx
|
||||
file:
|
||||
src: "/etc/nginx/sites-available/{{ item.name }}.onion.conf"
|
||||
dest: "/etc/nginx/sites-enabled/{{ item.name }}.onion.conf"
|
||||
state: link
|
|
@ -0,0 +1,21 @@
|
|||
- name: Créer les liens symboliques pour la config des sites
|
||||
file:
|
||||
src: /etc/nginx/sites-available/users-site.conf
|
||||
dest: /etc/nginx/sites-enabled/users-site.conf
|
||||
force: yes
|
||||
follow: no
|
||||
state: link
|
||||
|
||||
- name: Configurer les pages perso pour nginx
|
||||
template:
|
||||
src: ../files/users.conf.j2
|
||||
dest: /etc/nginx/sites-available/users-site.conf
|
||||
|
||||
- name: Ajouter un dossier public_html dans le squelette
|
||||
file:
|
||||
path: /etc/skel/public_html
|
||||
state: directory
|
||||
|
||||
- name: Configurer les pages perso en onion
|
||||
include: onions_perso.yml
|
||||
loop: "{{ users }}"
|
Loading…
Reference in New Issue