lulzette/ansible-pet
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: lulzette:cb73a2e76ffc0e2b008cb0b23ed7f3a2ace822b5
Branches Tags
lulzette:master
...
compare: lulzette:70b01d503ebd31d4dc82b89be1fd711424fc8cc3
Branches Tags
lulzette:master

5 Commits
cb73a2e76f ... 70b01d503e

Author SHA1 Message Date
lulzette
70b01d503e fix readme 2021-02-26 18:50:22 +03:00
lulzette
8dda3242c2 Merge branch 'master' of ssh://lulzette.ru:3111/lulzette/ansible-pet 2021-02-26 18:50:15 +03:00
lulzette
3e7d207e2d fix README.md 2021-02-26 18:46:56 +03:00
lulzette
b34327bd2c deps for pma 2021-02-26 18:46:28 +03:00
lulzette
ca222e999d fast fix 'cause of no ssl + pma installation 2021-02-26 18:42:30 +03:00
8 changed files with 60 additions and 42 deletions
Show Stats Expand all files Collapse all files

22
1/roles/nginx/files/sites-enabled/cloud.conf
View File

@ -1,19 +1,19 @@
server { server {
listen 80; listen 80;
listen 443 ssl http2; # listen 443 ssl http2;
server_name cloud.{{domain}}; server_name cloud.{{domain}};
index index.php; index index.php;
ssl_certificate /etc/letsencrypt/live/cloud.{{domain}}/fullchain.pem; # managed by Certbot # ssl_certificate /etc/letsencrypt/live/cloud.{{domain}}/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/cloud.{{domain}}/privkey.pem; # managed by Certbot # ssl_certificate_key /etc/letsencrypt/live/cloud.{{domain}}/privkey.pem; # managed by Certbot
add_header X-Content-Type-Options nosniff; # add_header X-Content-Type-Options nosniff;
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; # add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-XSS-Protection "1; mode=block"; # add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none; # add_header X-Robots-Tag none;
add_header X-Download-Options noopen; # add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none; # add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer; # add_header Referrer-Policy no-referrer;
add_header X-Frame-Options SAMEORIGIN; # add_header X-Frame-Options SAMEORIGIN;
access_log /var/log/nginx/access.nextcloud.log main; access_log /var/log/nginx/access.nextcloud.log main;
root /var/www/nextcloud/; root /var/www/nextcloud/;

10
1/roles/nginx/files/sites-enabled/default_server.conf
View File

@ -1,10 +1,10 @@
server { server {
listen 80 default_server; listen 80 default_server;
listen 443 ssl default_server; # managed by Certbot # listen 443 ssl default_server; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/xz777.ru/fullchain.pem; # managed by Certbot # ssl_certificate /etc/letsencrypt/live/xz777.ru/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/xz777.ru/privkey.pem; # managed by Certbot # ssl_certificate_key /etc/letsencrypt/live/xz777.ru/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot # include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot # ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
access_log /var/log/nginx/ip_access.log verbose_llz; access_log /var/log/nginx/ip_access.log verbose_llz;

18
1/roles/nginx/files/sites-enabled/pma.conf
View File

@ -1,17 +1,17 @@
server { server {
listen 80; listen 80;
listen 443 ssl http2; # listen 443 ssl http2;
server_name pma.{{domain}}; server_name pma.{{domain}};
ssl_certificate /etc/letsencrypt/live/pma.{{domain}}/fullchain.pem; # managed by Certbot # ssl_certificate /etc/letsencrypt/live/pma.{{domain}}/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/pma.{{domain}}/privkey.pem; # managed by Certbot # ssl_certificate_key /etc/letsencrypt/live/pma.{{domain}}/privkey.pem; # managed by Certbot
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; # add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff; # add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block"; # add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none; # add_header X-Robots-Tag none;
add_header X-Download-Options noopen; # add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none; # add_header X-Permitted-Cross-Domain-Policies none;
root /var/www/pma; root /var/www/pma;

12
1/roles/nginx/files/sites-enabled/root.conf
View File

@ -1,12 +1,12 @@
server { server {
listen 80; listen 80;
listen 443 ssl http2; # listen 443 ssl http2;
server_name {{domain}}; server_name {{domain}};
ssl_certificate /etc/letsencrypt/live/{{domain}}/fullchain.pem; # managed by Certbot # ssl_certificate /etc/letsencrypt/live/{{domain}}/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/{{domain}}/privkey.pem; # managed by Certbot # ssl_certificate_key /etc/letsencrypt/live/{{domain}}/privkey.pem; # managed by Certbot
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; # add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff; # add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block"; # add_header X-XSS-Protection "1; mode=block";
root /var/www/root; root /var/www/root;
index index.html index.php; index index.html index.php;

18
1/roles/nginx/files/sites-enabled/wiki.conf
View File

@ -1,17 +1,17 @@
server { server {
listen 80; listen 80;
listen 443 ssl http2; # listen 443 ssl http2;
server_name wiki.{{domain}}; server_name wiki.{{domain}};
ssl_certificate /etc/letsencrypt/live/wiki.{{domain}}/fullchain.pem; # managed by Certbot # ssl_certificate /etc/letsencrypt/live/wiki.{{domain}}/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/wiki.{{domain}}/privkey.pem; # managed by Certbot # ssl_certificate_key /etc/letsencrypt/live/wiki.{{domain}}/privkey.pem; # managed by Certbot
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; # add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff; # add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block"; # add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none; # add_header X-Robots-Tag none;
add_header X-Download-Options noopen; # add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none; # add_header X-Permitted-Cross-Domain-Policies none;
root /var/www; root /var/www;

2
1/roles/php/tasks/main.yml
View File

@ -1,5 +1,5 @@
--- ---
- name: Install php-fpm package and deps - name: Install php-fpm package and deps
apt: apt:
name: ['php-fpm', 'php-imagick', 'php-memcached', 'php-zip', 'php-mysql', 'php-gd', 'php-mbstring'] name: ['php-fpm', 'php-imagick', 'php-memcached', 'php-zip', 'php-mysql', 'php-gd', 'php-mbstring', 'php-xml']
state: present state: present

18
1/roles/webapps/tasks/main.yml Normal file
View File

@ -0,0 +1,18 @@
---
- name: install unzip
apt:
name: unzip
state: latest
- name: Download and unpack phpmyadmin
ansible.builtin.unarchive:
src: https://files.phpmyadmin.net/phpMyAdmin/5.1.0/phpMyAdmin-5.1.0-all-languages.zip
dest: /var/www/pma
remote_src: yes
owner: www-data
- name: move pma to pma dir
copy:
src: /var/www/pma/phpMyAdmin-5.1.0-all-languages/
dest: /var/www/pma/
remote_src: True

2
README.md
View File

@ -16,7 +16,7 @@ Web:
- [ ] Установить nextcloud - [ ] Установить nextcloud
- [ ] Установить mediawiki - [ ] Установить mediawiki
- [ ] Установить phpmyadmin - [x] Установить phpmyadmin
- [ ] Разместить файлы about (root) сайта - [ ] Разместить файлы about (root) сайта
Дополнительно Дополнительно