From 4ef6627aa71a2c94a2ae7615d5e93d6689ac8b5a Mon Sep 17 00:00:00 2001 From: Sacha Chua Date: Tue, 10 Oct 2023 10:21:30 -0400 Subject: copy scripts --- roles/media/tasks/main.yml | 19 ++++++++++++++++ roles/media/templates/nginx-include | 44 ++++++++++++++++++------------------- 2 files changed, 41 insertions(+), 22 deletions(-) (limited to 'roles/media') diff --git a/roles/media/tasks/main.yml b/roles/media/tasks/main.yml index 6eb3ab6..44374f5 100644 --- a/roles/media/tasks/main.yml +++ b/roles/media/tasks/main.yml @@ -1,3 +1,9 @@ +- name: Set up packages + ansible.builtin.apt: + update_cache: true + pkg: + - nginx + state: present - name: Install package for setting htpasswd package: name: python3-passlib @@ -22,6 +28,19 @@ template: src: nginx-include dest: /etc/nginx/sites-available/{{ host_name }}-{{ emacsconf_year }}-include +- name: Create main configuration if needed + template: + src: nginx-site-config + dest: /etc/nginx/sites-available/{{ host_name }} + force: no +- name: Make sure main configuration is enabled + file: + src: /etc/nginx/sites-available/{{ host_name }} + dest: /etc/nginx/sites-enabled/{{ host_name }} + owner: "{{ emacsconf_user }}" + group: "{{ emacsconf_group }}" + force: no + state: link - name: Include it in the main configuration lineinfile: path: /etc/nginx/sites-available/{{ host_name }} diff --git a/roles/media/templates/nginx-include b/roles/media/templates/nginx-include index 03a7bfa..0f74c60 100644 --- a/roles/media/templates/nginx-include +++ b/roles/media/templates/nginx-include @@ -1,26 +1,14 @@ rewrite ^/current/bbb-open.html$ {{ bbb_open_url }} redirect; location /{{ emacsconf_year }}/backstage { -auth_basic "Restricted"; -auth_basic_user_file /etc/nginx/sites-available/{{ host_name }}-{{ emacsconf_year }}-htpasswd; -autoindex on; -rewrite ^/{{ emacsconf_year }}/backstage/current/pad/([^/]*)$ https://{{ etherpad_server_name }}/{{ emacsconf_year }}-$1 redirect; -rewrite ^/{{ emacsconf_year }}/backstage/current/room/([^/]*)$ https://{{ media_server_name }}/{{ emacsconf_year }}/backstage/assets/redirects/open/bbb-$1.html redirect; -rewrite ^/{{ emacsconf_year }}/backstage/current/([^/]*)/pad/?$ https://{{ etherpad_server_name }}/{{ emacsconf_year }}-$1 redirect; -rewrite ^/{{ emacsconf_year }}/backstage/current/([^/]*)/room/?$ https://{{ media_server_name }}/{{ emacsconf_year }}/backstage/assets/redirects/open/bbb-$1.html redirect; -} - {% if media_protect_root|bool %} - location /{{ emacsconf_year }} { - # TODO: Figure out how to make this properly controlled by the variable - # auth_basic "Restricted"; - # auth_basic_user_file /etc/nginx/sites-available/{{ host_name }}-{{ emacsconf_year }}-htpasswd; - autoindex on; - } - {% else %} - location /{{ emacsconf_year }} { - autoindex on; - } - {% endif %} - location /{{ emacsconf_year }}/{{ emacsconf_id }}.ics { + auth_basic "Restricted"; + auth_basic_user_file /etc/nginx/sites-available/{{ host_name }}-{{ emacsconf_year }}-htpasswd; + autoindex on; + rewrite ^/{{ emacsconf_year }}/backstage/current/pad/([^/]*)$ https://{{ etherpad_server_name }}/{{ emacsconf_year }}-$1 redirect; + rewrite ^/{{ emacsconf_year }}/backstage/current/room/([^/]*)$ https://{{ media_server_name }}/{{ emacsconf_year }}/backstage/assets/redirects/open/bbb-$1.html redirect; + rewrite ^/{{ emacsconf_year }}/backstage/current/([^/]*)/pad/?$ https://{{ etherpad_server_name }}/{{ emacsconf_year }}-$1 redirect; + rewrite ^/{{ emacsconf_year }}/backstage/current/([^/]*)/room/?$ https://{{ media_server_name }}/{{ emacsconf_year }}/backstage/assets/redirects/open/bbb-$1.html redirect; + } + location /{{ emacsconf_year }}/{{ emacsconf_id }}.ics { auth_basic off; } location /{{ emacsconf_year }}/schedules/ { @@ -30,4 +18,16 @@ rewrite ^/{{ emacsconf_year }}/backstage/current/([^/]*)/room/?$ https://{{ medi location /{{ emacsconf_year }}/{{ emacsconf_id }}-{{ track.id }}.ics { auth_basic off; } - {% endfor %} \ No newline at end of file + {% endfor %} +{% if media_protect_root == 'true' %} + location /{{ emacsconf_year }} { + # TODO: Figure out how to make this properly controlled by the variable + auth_basic_user_file /etc/nginx/sites-available/{{ host_name }}-{{ emacsconf_year }}-htpasswd; + auth_basic "Restricted"; + autoindex on; + } +{% else %} + location /{{ emacsconf_year }} { + autoindex on; + } +{% endif %} -- cgit v1.2.3