98 lines
2.4 KiB
YAML
98 lines
2.4 KiB
YAML
# SPDX-FileCopyrightText: 2023 Aravinth Manivannan <realaravinth@batsense.net>
|
|
#
|
|
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
#---
|
|
- name: Base configuration
|
|
ansible.builtin.import_playbook: base.yml
|
|
|
|
- name: Install and configure postgres
|
|
hosts: mcaptcha_hosts
|
|
become: yes
|
|
vars_files:
|
|
- vars/mcaptcha/vars.yml
|
|
- vars/mcaptcha/db-common.yml
|
|
- vars/mcaptcha/postgresql.yml
|
|
tasks:
|
|
- ansible.builtin.include_role:
|
|
name: geerlingguy.postgresql
|
|
when:
|
|
database_type == "postgres"
|
|
|
|
- name: Install and configure mariadb
|
|
hosts: mcaptcha_hosts
|
|
become: yes
|
|
vars_files:
|
|
- vars/mcaptcha/vars.yml
|
|
- vars/mcaptcha/db-common.yml
|
|
- vars/mcaptcha/mariadb.yml.yml
|
|
tasks:
|
|
- ansible.builtin.include_role:
|
|
name: geerlingguy.mysql
|
|
when:
|
|
database_type == "mariadb"
|
|
|
|
- name: Install and configure cache
|
|
hosts: mcaptcha_hosts
|
|
become: yes
|
|
vars_files:
|
|
- vars/mcaptcha/vars.yml
|
|
tasks:
|
|
- name: conditionally install redis cache
|
|
ansible.builtin.include_role:
|
|
name: cache
|
|
when: cache_type == "redis"
|
|
|
|
- name: Install mCaptcha binary
|
|
hosts: mcaptcha_hosts
|
|
remote_user: atm
|
|
vars_files:
|
|
- vars/mcaptcha/vars.yml
|
|
- vars/mcaptcha/db-common.yml
|
|
- vars/mcaptcha/mcaptcha.yml
|
|
roles:
|
|
- mcaptcha
|
|
tasks:
|
|
- name: restart mcaptcha
|
|
debug:
|
|
msg: "mCaptcha successfully deployed to {{ mcaptcha_server_hostname }}"
|
|
notify: restart mcaptcha
|
|
|
|
- name: Install git, zip, nginx, wget, curl & other utils
|
|
become: true
|
|
ansible.builtin.apt:
|
|
update_cache: true
|
|
cache_valid_time: 3600
|
|
pkg:
|
|
- nginx
|
|
- ufw
|
|
|
|
- name: Copy nginx vhost
|
|
become: true
|
|
ansible.builtin.template:
|
|
src: ./templates/mcaptcha/nginx.vhost.j2
|
|
dest: "/etc/nginx/sites-available/{{ mcaptcha_server_hostname }}"
|
|
owner: root
|
|
group: root
|
|
force: true
|
|
mode: "0644"
|
|
|
|
- name: Copy nginx vhost
|
|
become: true
|
|
ansible.builtin.file:
|
|
src: "/etc/nginx/sites-available/{{ mcaptcha_server_hostname }}"
|
|
dest: "/etc/nginx/sites-enabled/{{ mcaptcha_server_hostname }}"
|
|
state: link
|
|
|
|
- name: Restart nginx
|
|
become: true
|
|
ansible.builtin.service:
|
|
name: nginx
|
|
state: restarted
|
|
|
|
- name: Allow port 80 and enable UFW
|
|
become: true
|
|
community.general.ufw:
|
|
state: enabled
|
|
rule: allow
|
|
proto: tcp
|
|
port: "80"
|