summaryrefslogtreecommitdiffstats
path: root/roles/media/tasks
diff options
context:
space:
mode:
authorSacha Chua <sacha@sachachua.com>2023-10-17 11:58:42 -0400
committerSacha Chua <sacha@sachachua.com>2023-10-17 11:58:42 -0400
commitebba562c95e2f50c5cbac1706fd62457cf9d5eaa (patch)
treee58e27f223957fdf3b996328ce56af224d8f732a /roles/media/tasks
parent6f128bfc6c0172e05fc581a7150258d4dc978031 (diff)
downloademacsconf-ansible-ebba562c95e2f50c5cbac1706fd62457cf9d5eaa.tar.xz
emacsconf-ansible-ebba562c95e2f50c5cbac1706fd62457cf9d5eaa.zip
media server updates
Diffstat (limited to 'roles/media/tasks')
-rw-r--r--roles/media/tasks/main.yml37
1 files changed, 27 insertions, 10 deletions
diff --git a/roles/media/tasks/main.yml b/roles/media/tasks/main.yml
index 44374f5..8cd854d 100644
--- a/roles/media/tasks/main.yml
+++ b/roles/media/tasks/main.yml
@@ -9,43 +9,60 @@
name: python3-passlib
- name: Ensure web path exists
file:
- path: /var/www/{{ host_name }}/{{ emacsconf_year }}/backstage
+ path: /var/www/{{ media_server_name }}/{{ emacsconf_year }}/backstage
state: directory
+- name: Create group
+ group:
+ name: "{{ emacsconf_group }}"
+ state: present
+- name: Create user
+ user:
+ name: "{{ emacsconf_user }}"
+ group: "{{ emacsconf_group }}"
+ state: present
- name: Change ownership and permissions
file:
- path: /var/www/{{ host_name }}/{{ emacsconf_year }}
+ path: /var/www/{{ media_server_name }}/{{ emacsconf_year }}
owner: "{{ emacsconf_user }}"
group: "{{ emacsconf_group }}"
mode: "u=rwX,g=rwX,o=rX"
recurse: true
+- name: Add public key for authorized access
+ ansible.posix.authorized_key:
+ user: "{{ emacsconf_user }}"
+ state: present
+ key: '{{ item }}'
+ with_file:
+ - ../../base/files/keys/sachac
+ - ../../base/files/keys/orga
- name: Create htpasswd entry
htpasswd:
create: yes
name: "{{ emacsconf_backstage_user }}"
password: "{{ emacsconf_backstage_password }}"
- path: /etc/nginx/sites-available/{{ host_name }}-{{ emacsconf_year }}-htpasswd
+ path: /etc/nginx/sites-available/{{ media_server_name }}-{{ emacsconf_year }}-htpasswd
- name: Create Nginx include
template:
src: nginx-include
- dest: /etc/nginx/sites-available/{{ host_name }}-{{ emacsconf_year }}-include
+ dest: /etc/nginx/sites-available/{{ media_server_name }}-{{ emacsconf_year }}-include
- name: Create main configuration if needed
template:
src: nginx-site-config
- dest: /etc/nginx/sites-available/{{ host_name }}
+ dest: /etc/nginx/sites-available/{{ media_server_name }}
force: no
- name: Make sure main configuration is enabled
file:
- src: /etc/nginx/sites-available/{{ host_name }}
- dest: /etc/nginx/sites-enabled/{{ host_name }}
+ src: /etc/nginx/sites-available/{{ media_server_name }}
+ dest: /etc/nginx/sites-enabled/{{ media_server_name }}
owner: "{{ emacsconf_user }}"
group: "{{ emacsconf_group }}"
force: no
state: link
- name: Include it in the main configuration
lineinfile:
- path: /etc/nginx/sites-available/{{ host_name }}
- regexp: "{{ host_name }}-{{ emacsconf_year }}-include"
- line: " include sites-available/{{ host_name }}-{{ emacsconf_year }}-include;"
+ path: /etc/nginx/sites-available/{{ media_server_name }}
+ regexp: "{{ media_server_name }}-{{ emacsconf_year }}-include"
+ line: " include sites-available/{{ media_server_name }}-{{ emacsconf_year }}-include;"
insertafter: root
- name: Reload configuration
service: