diff options
Diffstat (limited to 'roles/media')
| -rw-r--r-- | roles/media/defaults/main.yml | 1 | ||||
| -rw-r--r-- | roles/media/tasks/main.yml | 34 | ||||
| -rw-r--r-- | roles/media/templates/nginx-include | 20 |
3 files changed, 55 insertions, 0 deletions
diff --git a/roles/media/defaults/main.yml b/roles/media/defaults/main.yml new file mode 100644 index 0000000..0d8046d --- /dev/null +++ b/roles/media/defaults/main.yml @@ -0,0 +1 @@ +media_protect_root: false diff --git a/roles/media/tasks/main.yml b/roles/media/tasks/main.yml new file mode 100644 index 0000000..6eb3ab6 --- /dev/null +++ b/roles/media/tasks/main.yml @@ -0,0 +1,34 @@ +- name: Install package for setting htpasswd + package: + name: python3-passlib +- name: Ensure web path exists + file: + path: /var/www/{{ host_name }}/{{ emacsconf_year }}/backstage + state: directory +- name: Change ownership and permissions + file: + path: /var/www/{{ host_name }}/{{ emacsconf_year }} + owner: "{{ emacsconf_user }}" + group: "{{ emacsconf_group }}" + mode: "u=rwX,g=rwX,o=rX" + recurse: true +- name: Create htpasswd entry + htpasswd: + create: yes + name: "{{ emacsconf_backstage_user }}" + password: "{{ emacsconf_backstage_password }}" + path: /etc/nginx/sites-available/{{ host_name }}-{{ emacsconf_year }}-htpasswd +- name: Create Nginx include + template: + src: nginx-include + dest: /etc/nginx/sites-available/{{ host_name }}-{{ emacsconf_year }}-include +- name: Include it in the main configuration + lineinfile: + path: /etc/nginx/sites-available/{{ host_name }} + regexp: "{{ host_name }}-{{ emacsconf_year }}-include" + line: " include sites-available/{{ host_name }}-{{ emacsconf_year }}-include;" + insertafter: root +- name: Reload configuration + service: + name: nginx + state: reloaded diff --git a/roles/media/templates/nginx-include b/roles/media/templates/nginx-include new file mode 100644 index 0000000..3bfb58e --- /dev/null +++ b/roles/media/templates/nginx-include @@ -0,0 +1,20 @@ + location /{{ emacsconf_year }}/backstage { + auth_basic "Restricted"; + auth_basic_user_file /etc/nginx/sites-available/{{ host_name }}-{{ emacsconf_year }}-htpasswd; + autoindex on; + } + {% if media_protect_root %} + location /{{ emacsconf_year }} { + auth_basic "Restricted"; + auth_basic_user_file /etc/nginx/sites-available/{{ host_name }}-{{ emacsconf_year }}-htpasswd; + autoindex on; + } + {% endif %} + location /{{ emacsconf_year }}/emacsconf.ics { + auth_basic off; + } + {% for track in emacsconf_tracks %} + location /{{ emacsconf_year }}/emacsconf-{{ track.id }}.ics { + auth_basic off; + } + {% endfor %}
\ No newline at end of file |