diff options
-rw-r--r-- | ansible/letest.hz | 5 | ||||
-rw-r--r-- | ansible/letest.yml | 17 | ||||
-rw-r--r-- | ansible/roles/letest/files/vmhost | 10 | ||||
-rw-r--r-- | ansible/roles/letest/files/vmhost-tls | 14 | ||||
-rw-r--r-- | ansible/roles/letest/tasks/main.yml | 37 |
5 files changed, 83 insertions, 0 deletions
diff --git a/ansible/letest.hz b/ansible/letest.hz new file mode 100644 index 0000000..919af09 --- /dev/null +++ b/ansible/letest.hz @@ -0,0 +1,5 @@ +defaults: + type: cx11 + image: debian-10 +hosts: + - name: letest diff --git a/ansible/letest.yml b/ansible/letest.yml new file mode 100644 index 0000000..853325a --- /dev/null +++ b/ansible/letest.yml @@ -0,0 +1,17 @@ +- hosts: letest + remote_user: root + roles: +# - sane_debian_system +# - comfortable-debian-system +# - self-updating-system + - letest + vars: + hostname: letest + debian_codename: buster + debian_mirror: deb.debian.org + + unix_users: + - username: liw + comment: Lars Wirzenius + authorized_keys: | + {{ liw_ssh_pub }} diff --git a/ansible/roles/letest/files/vmhost b/ansible/roles/letest/files/vmhost new file mode 100644 index 0000000..dea35c0 --- /dev/null +++ b/ansible/roles/letest/files/vmhost @@ -0,0 +1,10 @@ +<VirtualHost *:80> + ServerName letest-letest.vm.liw.fi + ServerAdmin liw@liw.fi + DocumentRoot /srv/http/letest + ErrorLog /var/log/apache2/letest/error.log + CustomLog /var/log/apache2/letest/access.log combined + <Directory /srv/http/letest> + Require all granted + </Directory> +</VirtualHost> diff --git a/ansible/roles/letest/files/vmhost-tls b/ansible/roles/letest/files/vmhost-tls new file mode 100644 index 0000000..4dd19e1 --- /dev/null +++ b/ansible/roles/letest/files/vmhost-tls @@ -0,0 +1,14 @@ +<VirtualHost _default_:443> + ServerName letest-letest.vm.liw.fi + ServerAdmin liw@liw.fi + DocumentRoot /srv/http/letest + ErrorLog /var/log/apache2/letest/error.log + CustomLog /var/log/apache2/letest/access.log combined + <Directory /srv/http/letest> + Require all granted + </Directory> + + SSLEngine on + SSLCertificateFile "/etc/letsencrypt/live/cert1/fullchain.pem" + SSLCertificateKeyFile "/etc/letsencrypt/live/cert1/privkey.pem" +</VirtualHost> diff --git a/ansible/roles/letest/tasks/main.yml b/ansible/roles/letest/tasks/main.yml new file mode 100644 index 0000000..d36db3b --- /dev/null +++ b/ansible/roles/letest/tasks/main.yml @@ -0,0 +1,37 @@ +- apt: + name: + - apache2 + - certbot +- file: + state: directory + path: /srv/http/letest +- file: + state: directory + path: /var/log/apache2/letest +- copy: + content: | + letest + dest: /srv/http/letest/index.html +- copy: + src: vmhost + dest: /etc/apache2/sites-available/letest.conf +- copy: + src: vmhost-tls + dest: /etc/apache2/sites-available/letest-tls.conf +- shell: | + a2ensite --quiet letest + systemctl restart apache2 + a2enmod --quiet ssl + if ! [ -e /etc/letencrypt/live ]; then + certbot certonly \ + --webroot \ + --webroot-path /srv/http/letest \ + --noninteractive \ + --email liw@liw.fi \ + --agree-tos \ + --expand \ + --cert-name cert1 \ + -d letest-letest.vm.liw.fi + fi + a2ensite --quiet letest-tls + systemctl restart apache2 |