From bd7901775511af9a3296519d030227bc82ee3581 Mon Sep 17 00:00:00 2001 From: Michael Scherer Date: Thu, 6 Dec 2018 15:46:13 -0500 Subject: make the cgit role use LE --- playbooks/osci.theopensourceway.org.yml | 6 +++++- roles/cgit/meta/main.yml | 2 +- roles/cgit/tasks/main.yml | 18 ++++++++++++++---- roles/cgit/templates/vhost.conf | 22 +++------------------- 4 files changed, 23 insertions(+), 25 deletions(-) diff --git a/playbooks/osci.theopensourceway.org.yml b/playbooks/osci.theopensourceway.org.yml index 608cf3f..e736736 100644 --- a/playbooks/osci.theopensourceway.org.yml +++ b/playbooks/osci.theopensourceway.org.yml @@ -27,7 +27,11 @@ website_domain: www.theopensourceway.org #- deploy_website - mailman_lists + - mediawiki + +- hosts: osci.theopensourceway.org + roles: - role: cgit + website_domain: git.theopensourceway.org use_letsencrypt: True - - mediawiki diff --git a/roles/cgit/meta/main.yml b/roles/cgit/meta/main.yml index 222a408..8a64d27 100644 --- a/roles/cgit/meta/main.yml +++ b/roles/cgit/meta/main.yml @@ -1,3 +1,3 @@ --- dependencies: -- { role: httpd, custom_vhost: yes } +- role: httpd diff --git a/roles/cgit/tasks/main.yml b/roles/cgit/tasks/main.yml index f6ac30a..d7cb520 100644 --- a/roles/cgit/tasks/main.yml +++ b/roles/cgit/tasks/main.yml @@ -3,13 +3,23 @@ with_items: - cgit -- lineinfile: dest=/etc/cgitrc line=include=/etc/cgitrepos +- lineinfile: + dest: /etc/cgitrc + line: "include=/etc/cgitrepos" -- template: mode=0644 src=cgitrepos dest=/etc/cgitrepos +- template: + mode: 0644 + src: cgitrepos + dest: /etc/cgitrepos -- copy: mode=0644 src=cgit.httpd.conf dest=/etc/httpd/conf.d/cgit.conf +- copy: + mode: 0644 + src: cgit.httpd.conf + dest: /etc/httpd/conf.d/cgit.conf notify: restart httpd # TODO clean once the mess with domain name is solved -- template: src=vhost.conf dest=/etc/httpd/conf.d/git.theopensourceway.org.conf +- template: + src: vhost.conf + dest: /etc/httpd/conf.d/{{ website_domain }}.conf.d/cgit.conf notify: restart httpd diff --git a/roles/cgit/templates/vhost.conf b/roles/cgit/templates/vhost.conf index 1340966..504d4e3 100644 --- a/roles/cgit/templates/vhost.conf +++ b/roles/cgit/templates/vhost.conf @@ -1,21 +1,5 @@ # {{ ansible_managed }} -{% for i in '80', '443' %} - - {% if i == '443' %} - SSLCertificateKeyFile /etc/pki/tls/private/git.{{ ansible_domain }}.key - SSLCertificateFile /etc/pki/tls/certs/git.{{ ansible_domain }}.crt - SSLEngine on - {% else %} - Alias /.well-known/acme-challenge/ /var/www/letsencrypt/git.{{ ansible_domain }}/.well-known/acme-challenge/ +Alias /cgit-data /usr/share/cgit +ScriptAlias /cgit /var/www/cgi-bin/cgit - {% endif %} - - Alias /cgit-data /usr/share/cgit - ScriptAlias /cgit /var/www/cgi-bin/cgit - - RedirectMatch ^/$ /cgit/ - - ServerName git.{{ ansible_domain }} - - -{% endfor %} +RedirectMatch ^/$ /cgit/ -- cgit