iac/ansible/mcaptcha.yml

# SPDX-FileCopyrightText: 2023 Aravinth Manivannan <realaravinth@batsense.net>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
#---
- name: Base configuration
  ansible.builtin.import_playbook: base.yml

- name: Install and configure postgres
  hosts: mcaptcha_hosts
  become: yes
  vars_files:
    - vars/mcaptcha/vars.yml
    - vars/mcaptcha/postgresql.yml
  tasks:
    - ansible.builtin.include_role:
        name: geerlingguy.postgresql
      when:
        database_type == "postgres"

- name: Install and configure mariadb
  hosts: mcaptcha_hosts
  become: yes
  vars_files:
    - vars/mcaptcha/vars.yml
    - vars/mcaptcha/mariadb.yml.yml
  tasks:
    - ansible.builtin.include_role:
        name: geerlingguy.mysql
      when:
        database_type == "mariadb"

- name: Install and configure cache
  hosts: mcaptcha_hosts
  become: yes
  vars_files:
    - vars/mcaptcha/vars.yml
  tasks:
    - name: conditionally install redis cache
      ansible.builtin.include_role:
        name: cache
      when: cache_type == "redis"

- name: Install mCaptcha binary
  hosts: mcaptcha_hosts
  vars_files:
    - vars/mcaptcha/vars.yml
  roles:
    - mcaptcha
  tasks:
    - name: restart mcaptcha
      debug:
        msg: "mCaptcha successfully deployed to {{ mcaptcha_server_hostname }}"
      notify: restart mcaptcha

    - name: Install git, zip, nginx, wget, curl & other utils
      become: true
      ansible.builtin.apt:
        update_cache: true
        cache_valid_time: 3600
        pkg:
          - nginx
          - ufw

    - name: Copy nginx vhost
      become: true
      ansible.builtin.template:
        src: ./templates/mcaptcha/nginx.vhost.j2
        dest: "/etc/nginx/sites-available/{{ mcaptcha_server_hostname }}"
        owner: root
        group: root
        force: true
        mode: "0644"

    - name: Copy nginx vhost
      become: true
      ansible.builtin.file:
        src: "/etc/nginx/sites-available/{{ mcaptcha_server_hostname }}"
        dest: "/etc/nginx/sites-enabled/{{ mcaptcha_server_hostname }}"
        state: link

    - name: Restart nginx
      become: true
      ansible.builtin.service:
        name: nginx
        state: restarted

    - name: Allow port 80 and enable UFW
      become: true
      community.general.ufw:
        state: enabled
        rule: allow
        proto: tcp
        port: "80"
feat: optionally redis, mariadb and postgres and proxy mcaptcha w nginx 2023-12-09 02:56:13 +05:30			`# SPDX-FileCopyrightText: 2023 Aravinth Manivannan <realaravinth@batsense.net>`
			`#`
			`# SPDX-License-Identifier: AGPL-3.0-or-later`
			`#---`
			`- name: Base configuration`
			`ansible.builtin.import_playbook: base.yml`

			`- name: Install and configure postgres`
			`hosts: mcaptcha_hosts`
			`become: yes`
			`vars_files:`
			`- vars/mcaptcha/vars.yml`
			`- vars/mcaptcha/postgresql.yml`
			`tasks:`
			`- ansible.builtin.include_role:`
			`name: geerlingguy.postgresql`
			`when:`
			`database_type == "postgres"`

			`- name: Install and configure mariadb`
			`hosts: mcaptcha_hosts`
			`become: yes`
			`vars_files:`
			`- vars/mcaptcha/vars.yml`
			`- vars/mcaptcha/mariadb.yml.yml`
			`tasks:`
			`- ansible.builtin.include_role:`
			`name: geerlingguy.mysql`
			`when:`
			`database_type == "mariadb"`

			`- name: Install and configure cache`
			`hosts: mcaptcha_hosts`
			`become: yes`
			`vars_files:`
			`- vars/mcaptcha/vars.yml`
			`tasks:`
			`- name: conditionally install redis cache`
			`ansible.builtin.include_role:`
			`name: cache`
			`when: cache_type == "redis"`

			`- name: Install mCaptcha binary`
			`hosts: mcaptcha_hosts`
			`vars_files:`
			`- vars/mcaptcha/vars.yml`
			`roles:`
			`- mcaptcha`
			`tasks:`
			`- name: restart mcaptcha`
			`debug:`
			`msg: "mCaptcha successfully deployed to {{ mcaptcha_server_hostname }}"`
			`notify: restart mcaptcha`

			`- name: Install git, zip, nginx, wget, curl & other utils`
			`become: true`
			`ansible.builtin.apt:`
			`update_cache: true`
			`cache_valid_time: 3600`
			`pkg:`
			`- nginx`
			`- ufw`

			`- name: Copy nginx vhost`
			`become: true`
			`ansible.builtin.template:`
			`src: ./templates/mcaptcha/nginx.vhost.j2`
			`dest: "/etc/nginx/sites-available/{{ mcaptcha_server_hostname }}"`
			`owner: root`
			`group: root`
			`force: true`
			`mode: "0644"`

			`- name: Copy nginx vhost`
			`become: true`
			`ansible.builtin.file:`
			`src: "/etc/nginx/sites-available/{{ mcaptcha_server_hostname }}"`
			`dest: "/etc/nginx/sites-enabled/{{ mcaptcha_server_hostname }}"`
			`state: link`

			`- name: Restart nginx`
			`become: true`
			`ansible.builtin.service:`
			`name: nginx`
			`state: restarted`

			`- name: Allow port 80 and enable UFW`
			`become: true`
			`community.general.ufw:`
			`state: enabled`
			`rule: allow`
			`proto: tcp`
			`port: "80"`