diff --git a/roles/easyredmine/files/maintenance.html_ b/roles/easyredmine/files/maintenance.html_
new file mode 100644
index 0000000..2d1168c
--- /dev/null
+++ b/roles/easyredmine/files/maintenance.html_
@@ -0,0 +1,141 @@
+
+
+
+
+
+Redmine Maintenance
+
+
+
+
+Redmine is down for maintenance
+Play snake while you wait.
+
+
+
+
diff --git a/roles/easyredmine/tasks/redmine.yml b/roles/easyredmine/tasks/redmine.yml
index d525ed6..2e5a1f2 100644
--- a/roles/easyredmine/tasks/redmine.yml
+++ b/roles/easyredmine/tasks/redmine.yml
@@ -84,9 +84,24 @@
become: yes
- name: install custom login background image
- copy: dest='{{ redmine_root_dir }}/public/assets/{{ easyredmine_login_bg_img }}'
+ copy: dest='{{ item }}'
src='{{ easyredmine_login_bg_img }}'
owner='{{ redmine_owner }}'
+ with_items:
+ - '{{ redmine_root_dir }}/public/plugin_assets/easy_extensions/images/login-bg.jpg'
+ - '{{ redmine_root_dir }}/public/assets/{{ easyredmine_login_bg_img }}'
+ become: yes
+
+- name: create maintenance dir
+ file: path='/usr/share/nginx/html/easyredmine'
+ state=directory
+ owner='{{ redmine_owner }}'
+ mode=0755
+ become: yes
+- name: install maintenance.html
+ copy: dest=/usr/share/nginx/html/easyredmine/maintenance.html_
+ src=maintenance.html_
+ owner='{{ redmine_owner }}'
become: yes
- name: restrict config permissions
diff --git a/roles/easyredmine/templates/easyredmine.conf.j2 b/roles/easyredmine/templates/easyredmine.conf.j2
index 7be148c..9eda3d9 100644
--- a/roles/easyredmine/templates/easyredmine.conf.j2
+++ b/roles/easyredmine/templates/easyredmine.conf.j2
@@ -1,20 +1,49 @@
server {
listen 80;
- {% if is_production_vm %}
+ {%- if is_production_vm %}
server_name redmine.apidb.org;
- {% else %}
+ {%- else %}
server_name {{ ansible_fqdn }};
- {% endif %}
+ {%- endif %}
return 301 https://$host$request_uri;
}
server {
listen 443;
- {% if is_production_vm %}
+ {%- if is_production_vm %}
server_name redmine.apidb.org;
- {% else %}
+ {%- else %}
server_name {{ ansible_fqdn }};
- {% endif %}
+ {%- endif %}
+
+ ssl on;
+ ssl_certificate /etc/pki/tls/certs/{{ ansible_fqdn }}.pem;
+ ssl_certificate_key /etc/pki/tls/certs/{{ ansible_fqdn }}.pem;
+
+ # take site offline for maintenance with
+ # sudo cp /usr/share/nginx/html/easyredmine/maintenance.html_ /usr/share/nginx/html/easyredmine/maintenance.html
+ if (-f /usr/share/nginx/html/easyredmine/maintenance.html) {
+ return 503;
+ }
+ error_page 503 @maintenance;
+ location @maintenance {
+ root /usr/share/nginx/html;
+ rewrite ^(.*)$ /easyredmine/maintenance.html break;
+ }
+
+ root {{ redmine_root_dir }}/public;
+ passenger_enabled on;
+ client_max_body_size 50M;
+}
+
+# alt. name for inspecting site during public downtime
+server {
+ listen 443;
+ {%- if is_production_vm %}
+ server_name maint.redmine.apidb.org;
+ {%- else %}
+ server_name maint.{{ ansible_fqdn }};
+ {%- endif %}
ssl on;
ssl_certificate /etc/pki/tls/certs/{{ ansible_fqdn }}.pem;