Add nginx role for static websites

This commit is contained in:
Kris Lamoureux 2020-09-20 20:33:03 -04:00
parent be6d1437bd
commit 8d029827e9
Signed by: kris
GPG Key ID: 3EDA9C3441EDA925
7 changed files with 77 additions and 0 deletions

21
dev/host_vars/nginx.yml Normal file
View File

@ -0,0 +1,21 @@
# base
allow_reboot: false
manage_network: false
# docker
docker_user: vagrant
# traefik
traefik_version: latest
traefik_dashboard: true
traefik_domain: traefik.vm.krislamo.org
traefik_auth: admin:$apr1$T1l.BCFz$Jyg8msXYEAUi3LLH39I9d1 # admin:admin
#traefik_acme_email: realemail@example.com # Let's Encrypt settings
#traefik_production: true
# nginx
nginx_domain: nginx.vm.krislamo.org
nginx_name: staticsite
nginx_repo_url: https://git.krislamo.org/kris/example-website/
nginx_auth: admin:$apr1$T1l.BCFz$Jyg8msXYEAUi3LLH39I9d1 # admin:admin
nginx_version: latest

10
dev/nginx.yml Normal file
View File

@ -0,0 +1,10 @@
- name: Install nginx server (docker)
hosts: all
become: true
vars_files:
- host_vars/nginx.yml
roles:
- base
- docker
- traefik
- nginx

View File

@ -23,3 +23,4 @@
- gitea - gitea
- jenkins - jenkins
- prometheus - prometheus
- nginx

1
roles/.gitignore vendored
View File

@ -8,6 +8,7 @@
!jenkins*/ !jenkins*/
!libvirt*/ !libvirt*/
!nextcloud*/ !nextcloud*/
!nginx*/
!prometheus*/ !prometheus*/
!traefik*/ !traefik*/
!wordpress*/ !wordpress*/

View File

@ -0,0 +1,6 @@
nginx_name: "{{ nginx_domain }}"
nginx_repo_branch: master
nginx_repo_dest: "{{ nginx_root }}/repository"
nginx_repo_key: "{{ nginx_root }}/id_rsa"
nginx_root: /opt/nginx/{{ nginx_name }}
nginx_html: "{{ nginx_root }}/html"

View File

@ -0,0 +1,37 @@
- name: Create nginx root
file:
path: "{{ nginx_root }}"
state: directory
- name: Generate deploy keys
openssh_keypair:
path: "{{ nginx_repo_key }}"
state: present
- name: Clone static website files
git:
repo: "{{ nginx_repo_url }}"
dest: "{{ nginx_html }}"
version: "{{ nginx_repo_branch }}"
key_file: "{{ nginx_repo_key }}"
separate_git_dir: "{{ nginx_repo_dest }}"
- name: Start nginx container
docker_container:
name: "{{ nginx_name }}"
image: nginx:{{ nginx_version }}
state: started
restart_policy: always
networks_cli_compatible: true
networks:
- name: traefik
volumes:
- "{{ nginx_html }}:/usr/share/nginx/html:ro"
labels:
traefik.http.routers.nginx.rule: "Host(`{{ nginx_domain }}`)"
traefik.http.middlewares.nginxauth.basicauth.users: "{{ nginx_auth }}"
traefik.http.routers.nginx.entrypoints: websecure
traefik.http.routers.nginx.tls.certresolver: letsencrypt
traefik.http.routers.nginx.middlewares: "securehttps@file,nginxauth"
traefik.docker.network: traefik
traefik.enable: "true"

View File

@ -8,6 +8,7 @@ HOST[2]="git.${DOMAIN}"
HOST[3]="jenkins.${DOMAIN}" HOST[3]="jenkins.${DOMAIN}"
HOST[4]="prom.${DOMAIN}" HOST[4]="prom.${DOMAIN}"
HOST[5]="grafana.${DOMAIN}" HOST[5]="grafana.${DOMAIN}"
HOST[6]="nginx.${DOMAIN}"
# Get Vagrantbox guest IP # Get Vagrantbox guest IP
VAGRANT_OUTPUT=$(vagrant ssh -c "hostname -I | cut -d' ' -f2" 2>/dev/null) VAGRANT_OUTPUT=$(vagrant ssh -c "hostname -I | cut -d' ' -f2" 2>/dev/null)