175 lines
4.7 KiB
YAML
175 lines
4.7 KiB
YAML
---
|
|
- name: Install needed packages
|
|
ansible.builtin.package:
|
|
state: present
|
|
name:
|
|
- s3cmd
|
|
tags:
|
|
- fedora-web
|
|
- fedora-web/main
|
|
|
|
- name: Load s3 credentials
|
|
ansible.builtin.include_vars:
|
|
file: "{{ private }}/files/websites/s3_fedoraproject_{{ env_short }}.yml"
|
|
ignore_errors: true
|
|
tags:
|
|
- fedora-web
|
|
- fedora-web/main
|
|
|
|
- name: Copy in the sync-fedora-web-v3 cronjob
|
|
ansible.builtin.template:
|
|
src: cron-sync-fedora-web-v3
|
|
dest: /etc/cron.d/sync-fedora-web
|
|
tags:
|
|
- fedora-web
|
|
- fedora-web/main
|
|
when:
|
|
- fedoraproject_s3_bucket_name is defined
|
|
|
|
- name: Create fedoraproject-sync script
|
|
ansible.builtin.template:
|
|
src: fedoraproject-sync
|
|
dest: /usr/local/sbin/fedoraproject-sync
|
|
mode: "0700"
|
|
tags:
|
|
- fedora-web
|
|
- fedora-web/main
|
|
when:
|
|
- fedoraproject_s3_bucket_name is defined
|
|
|
|
- name: Make directory for the config files for {{website}} we are about to copy
|
|
ansible.builtin.file: path=/etc/httpd/conf.d/{{website}} state=directory owner=root group=root mode=0755
|
|
tags:
|
|
- fedora-web
|
|
- fedora-web/main
|
|
- fedora-web/hotspot
|
|
- fedora-web/google-site-verification
|
|
|
|
- name: Copy some config files for {{website}}
|
|
ansible.builtin.copy: >
|
|
src={{item}} dest=/etc/httpd/conf.d/{{website}}/{{item}}
|
|
owner=root group=root mode=0644
|
|
with_items:
|
|
- fedora-web.conf
|
|
- cache.conf
|
|
- persona.conf
|
|
- hotspot.conf
|
|
- expires.conf
|
|
- deflate.conf
|
|
- mattdm-google-validate.conf
|
|
- matrix.conf
|
|
- flathub-verified.conf
|
|
notify:
|
|
- Reload proxyhttpd
|
|
tags:
|
|
- fedora-web
|
|
- fedora-web/main
|
|
- fedora-web/hotspot
|
|
- fedora-web/google-site-verification
|
|
|
|
- name: And one template (for {{website}})
|
|
ansible.builtin.template: >
|
|
src={{item}} dest=/etc/httpd/conf.d/{{website}}/{{item}}
|
|
owner=root group=root mode=0644
|
|
with_items:
|
|
- 'sponsor.conf'
|
|
notify:
|
|
- Reload proxyhttpd
|
|
tags:
|
|
- fedora-web
|
|
- fedora-web/main
|
|
|
|
- name: Create a directory for hotspot
|
|
ansible.builtin.file: path=/srv/web state=directory owner=root group=root mode=0755
|
|
tags:
|
|
- fedora-web
|
|
- fedora-web/main
|
|
- fedora-web/hotspot
|
|
|
|
- name: Create a file for hotspot
|
|
ansible.builtin.copy: dest=/srv/web/hotspot.txt content="OK"
|
|
owner=root group=root mode=0644
|
|
setype=httpd_sys_content_t
|
|
tags:
|
|
- fedora-web
|
|
- fedora-web/main
|
|
- fedora-web/hotspot
|
|
|
|
# create google validation for mattdm. See https://pagure.io/fedora-websites/issue/729
|
|
|
|
- name: Create a file for google validation
|
|
ansible.builtin.copy: dest=/srv/web/google4ddeb43aa58b0de1.html src=google4ddeb43aa58b0de1.html
|
|
owner=root group=root mode=0644
|
|
setype=httpd_sys_content_t
|
|
tags:
|
|
- fedora-web
|
|
- fedora-web/main
|
|
- fedora-web/google-site-verification
|
|
|
|
- name: And, copy over a template for browserid
|
|
ansible.builtin.template: >
|
|
src=browserid.fedoraproject.org dest=/srv/web/browserid.fedoraproject.org
|
|
owner=root group=root mode=0644
|
|
notify:
|
|
- Reload proxyhttpd
|
|
tags:
|
|
- fedora-web
|
|
- fedora-web/main
|
|
|
|
# TODO -- turn these into redirects in playbooks/groups/proxies-redirect.yml
|
|
- name: Copy over some miscellaneous redirects (for stg)
|
|
ansible.builtin.copy: >
|
|
src=redirects.conf.stg dest=/etc/httpd/conf.d/{{website}}/redirects.conf
|
|
owner=root group=root mode=0644
|
|
when: env == "staging"
|
|
notify:
|
|
- Reload proxyhttpd
|
|
tags:
|
|
- fedora-web
|
|
- fedora-web/main
|
|
|
|
# TODO -- turn these into redirects in playbooks/groups/proxies-redirect.yml
|
|
- name: Copy over some miscellaneous redirects (for prod)
|
|
ansible.builtin.copy: >
|
|
src=redirects.conf.prod dest=/etc/httpd/conf.d/{{website}}/redirects.conf
|
|
owner=root group=root mode=0644
|
|
when: env != "staging"
|
|
notify:
|
|
- Reload proxyhttpd
|
|
tags:
|
|
- fedora-web
|
|
- fedora-web/main
|
|
|
|
# setup some well-known files for matrix
|
|
|
|
- name: Create a file for matrix clients
|
|
ansible.builtin.copy: dest=/srv/web/.well-known-matrix-client-fedoraproject-org src=.well-known-matrix-client-fedoraproject-org
|
|
owner=root group=root mode=0644
|
|
setype=httpd_sys_content_t
|
|
tags:
|
|
- fedora-web
|
|
- fedora-web/main
|
|
- fedora-web/matrix
|
|
|
|
- name: Create a file for matrix servers
|
|
ansible.builtin.copy: dest=/srv/web/.well-known-matrix-server-fedoraproject-org src=.well-known-matrix-server-fedoraproject-org
|
|
owner=root group=root mode=0644
|
|
setype=httpd_sys_content_t
|
|
tags:
|
|
- fedora-web
|
|
- fedora-web/main
|
|
- fedora-web/matrix
|
|
|
|
# setup well-known for flathub verification
|
|
- name: Create a file for flathub verification
|
|
ansible.builtin.copy:
|
|
dest: /srv/web/.well-known-org.flathub.VerifiedApps.txt
|
|
src: .well-known-org.flathub.VerifiedApps.txt
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
setype: httpd_sys_content_t
|
|
tags:
|
|
- fedora-web
|
|
- fedora-web/main
|
|
- fedora-web/flathub
|