Anpassungen für Alias-Domains

This commit is contained in:
phil 2021-10-14 16:09:47 +02:00
parent 118e5bc42f
commit c611852b77
9 changed files with 28 additions and 15 deletions

View file

@ -13,7 +13,7 @@ nextcloud_php_memory_limit: 512M
nextcloud_php_upload_limit: 512M
nextcloud_trusted_domains: ['localhost', '{{ instance.domain }}']
nextcloud_trusted_proxies: ['10.42.7.1']
nextcloud_version: nextcloud-21.0.3
nextcloud_version: nextcloud-22.2.0
nextcloud_mail_from: noreply
nextcloud_mail_domain: postfach.senselab.org
nextcloud_smtp_auth_type: LOGIN

View file

@ -11,10 +11,11 @@
lineinfile:
path: /etc/dehydrated/domains.txt
insertafter: "^# nextcloud"
line: "{{ instance.alias }}"
line: "{{ item }}"
when: instance.alias is defined
register: dehydrated
delegate_to: "{{ gateway_host }}"
loop: "{{ instance.alias }}"
- name: "gateway: {{ instance.domain }}: Zertifikat erstellen"
command: dehydrated --cron -g

View file

@ -2,13 +2,18 @@
- import_tasks: version.yml
tags: version
- import_tasks: gateway.yml
tags: gateway
- import_tasks: database.yml
tags: database
- import_tasks: php.yml
tags: php
- import_tasks: apache.yml
tags: apache
- name: "Nextcloud installieren"
include_tasks: nextcloud.yml
when: nc_is_installed.stat.exists == False
tags: nextcloud
- import_tasks: nextcloud_configuration.yml
tags: configuration

View file

@ -1,5 +1,4 @@
---
#todo: Auch auf instances.alias anwenden
- name: "configuration: {{ instance.domain }}: trusted domains einrichten"
command: 'php {{ nextcloud_install_path }}/occ config:system:set trusted_domains {{ item.0 }} --value "{{ item.1 }}"'
become: true

View file

@ -6,7 +6,7 @@
- name: "packages: Datenbank-Pakete installieren"
apt:
pkg:
- python-pymysql
- python3-pymysql
update_cache: yes
cache_valid_time: 3600
delegate_to: "{{ database_host }}"

View file

@ -20,4 +20,4 @@
path: "{{ redis_config_file }}"
regexp: '^databases 16$'
line: 'databases {{ instances_number }}'
when: instances_number <= 16
when: instances_number|int <= 16

View file

@ -1 +1,5 @@
ServerAlias {{ instance.alias }}
{% if instance.alias is defined %}
{% for alias in instance.alias %}
ServerAlias {{ alias }}
{% endfor %}
{% endif %}

View file

@ -1,10 +1,10 @@
server {
listen 80;
server_name {{ instance.domain }};
{% if instance.alias is defined %}
server_name {{ instance.domain }};
server_name {{ instance.alias }};
{% else %}
server_name {{ instance.domain }};
{% for alias in instance.alias %}
server_name {{ alias }};
{% endfor %}
{% endif %}
include snippets/letsencrypt.conf;
location / { return 301 https://$http_host$request_uri; }
@ -31,11 +31,12 @@ server {
}
{% if instance.alias is defined %}
{% for alias in instance.alias %}
server {
listen 443 ssl http2;
server_name {{ instance.alias }};
ssl_certificate /var/lib/dehydrated/certs/{{ instance.alias }}/fullchain.pem;
ssl_certificate_key /var/lib/dehydrated/certs/{{ instance.alias }}/privkey.pem;
server_name {{ alias }};
ssl_certificate /var/lib/dehydrated/certs/{{ alias }}/fullchain.pem;
ssl_certificate_key /var/lib/dehydrated/certs/{{ alias }}/privkey.pem;
include /etc/nginx/proxy_params;
add_header Referrer-Policy $referrerpolicy;
add_header Strict-Transport-Security $sts;
@ -50,4 +51,5 @@ server {
proxy_pass http://{{ inventory_hostname }}:80;
}
}
{% endif %}
{% endfor %}
{% endif %}

View file

@ -10,6 +10,8 @@ instances:
user: bufas
database: nc_bufas
- domain: nextcloud.systemausfall.org
alias: speicher.roko.li
alias:
- cloud.rostocker-institut.org
- speicher.roko.li
user: nextcloud
database: nc_nextcloud