diff --git a/.gitignore b/.gitignore index 87790c3..698946d 100755 --- a/.gitignore +++ b/.gitignore @@ -1,7 +1,6 @@ **/*.enc newkey_out hosts -prox-deploy-service.yml !**/ansible_resources/* diff --git a/services/service_git/prox-deploy-service.yml b/services/service_git/prox-deploy-service.yml new file mode 100644 index 0000000..99df855 --- /dev/null +++ b/services/service_git/prox-deploy-service.yml @@ -0,0 +1,22 @@ +- hosts: + - "{{ proxy_server_hostname }}" + # - "{{ proxy_server_hostname }}"-defaultport + become: 'yes' + vars: + ansible_become_method: doas + tasks: + # Ensure NGinx site reverse proxy configuration is updated + - name: Ensure all NGinx site configurations are updated + template: + src: proxy_resources/etc/nginx/sites-available/git.domain + dest: "/etc/nginx/sites-available/git.{{ domain_name }}" + - name: Ensure NGinx site reverse proxy configuration is enabled + ansible.builtin.file: + src: "/etc/nginx/sites-available/git.{{ domain_name }}" + dest: "/etc/nginx/sites-enabled/git.{{ domain_name }}" + state: link + + - name: Debug Finish message + debug: + msg: Ansible playbook has finished! + diff --git a/services/service_invidious/prox-deploy-service.yml b/services/service_invidious/prox-deploy-service.yml new file mode 100644 index 0000000..e1939c3 --- /dev/null +++ b/services/service_invidious/prox-deploy-service.yml @@ -0,0 +1,22 @@ +- hosts: + - "{{ proxy_server_hostname }}" + # - "{{ proxy_server_hostname }}"-defaultport + become: 'yes' + vars: + ansible_become_method: doas + tasks: + # Ensure NGinx site reverse proxy configuration is updated + - name: Ensure all NGinx site configurations are updated + template: + src: proxy_resources/etc/nginx/sites-available/invidious.domain + dest: "/etc/nginx/sites-available/invidious.{{ domain_name }}" + - name: Ensure NGinx site reverse proxy configuration is enabled + ansible.builtin.file: + src: "/etc/nginx/sites-available/invidious.{{ domain_name }}" + dest: "/etc/nginx/sites-enabled/invidious.{{ domain_name }}" + state: link + + - name: Debug Finish message + debug: + msg: Ansible playbook has finished! + diff --git a/services/service_kimai/prox-deploy-service.yml b/services/service_kimai/prox-deploy-service.yml new file mode 100644 index 0000000..e9a2b62 --- /dev/null +++ b/services/service_kimai/prox-deploy-service.yml @@ -0,0 +1,22 @@ +- hosts: + - "{{ proxy_server_hostname }}" + # - "{{ proxy_server_hostname }}"-defaultport + become: 'yes' + vars: + ansible_become_method: doas + tasks: + # Ensure NGinx site reverse proxy configuration is updated + - name: Ensure all NGinx site configurations are updated + template: + src: proxy_resources/etc/nginx/sites-available/kimai.domain + dest: "/etc/nginx/sites-available/kimai.{{ domain_name }}" + - name: Ensure NGinx site reverse proxy configuration is enabled + ansible.builtin.file: + src: "/etc/nginx/sites-available/kimai.{{ domain_name }}" + dest: "/etc/nginx/sites-enabled/kimai.{{ domain_name }}" + state: link + + - name: Debug Finish message + debug: + msg: Ansible playbook has finished! + diff --git a/services/service_mail/prox-deploy-service.yml b/services/service_mail/prox-deploy-service.yml new file mode 100755 index 0000000..a66de49 --- /dev/null +++ b/services/service_mail/prox-deploy-service.yml @@ -0,0 +1,41 @@ +- hosts: + - "{{ proxy_server_hostname }}" + # - "{{ proxy_server_hostname }}"-defaultport + become: 'yes' + vars: + ansible_become_method: doas + tasks: + - name: Temporarily disable doas pass prompt as doas persist does not work within scripts + replace: + path: /etc/doas.conf + regexp: 'persist' + replace: 'nopass' + + - name: Copy haproxy reverse proxy configuration to proxy + ansible.builtin.template: + src: "proxy_resources/etc/haproxy/haproxy.cfg" + dest: "/etc/haproxy/haproxy.cfg" + owner: root + group: root + - name: Enable HAProxy + ansible.builtin.systemd: + name: haproxy + state: started + + - name: Fetch SSL certificates + become: yes + synchronize: + src: /etc/letsencrypt/ + dest: "data/certbot/certs" + mode: pull + rsync_path: doas rsync + + - name: Switch back to doas persist + replace: + path: /etc/doas.conf + regexp: 'nopass' + replace: 'persist' + + - name: Debug Finish message + debug: + msg: Ansible playbook has finished! diff --git a/services/service_nextcloud/prox-deploy-service.yml b/services/service_nextcloud/prox-deploy-service.yml new file mode 100644 index 0000000..9132e28 --- /dev/null +++ b/services/service_nextcloud/prox-deploy-service.yml @@ -0,0 +1,22 @@ +- hosts: + - "{{ proxy_server_hostname }}" + # - "{{ proxy_server_hostname }}"-defaultport + become: 'yes' + vars: + ansible_become_method: doas + tasks: + # Ensure NGinx site reverse proxy configuration is updated + - name: Ensure all NGinx site configurations are updated + template: + src: proxy_resources/etc/nginx/sites-available/nextcloud.domain + dest: "/etc/nginx/sites-available/nextcloud.{{ domain_name }}" + - name: Ensure NGinx site reverse proxy configuration is enabled + ansible.builtin.file: + src: "/etc/nginx/sites-available/nextcloud.{{ domain_name }}" + dest: "/etc/nginx/sites-enabled/nextcloud.{{ domain_name }}" + state: link + + - name: Debug Finish message + debug: + msg: Ansible playbook has finished! + diff --git a/services/service_searxng/prox-deploy-service.yml b/services/service_searxng/prox-deploy-service.yml new file mode 100644 index 0000000..fc25a52 --- /dev/null +++ b/services/service_searxng/prox-deploy-service.yml @@ -0,0 +1,22 @@ +- hosts: + - "{{ proxy_server_hostname }}" + # - "{{ proxy_server_hostname }}"-defaultport + become: 'yes' + vars: + ansible_become_method: doas + tasks: + # Ensure NGinx site reverse proxy configuration is updated + - name: Ensure all NGinx site configurations are updated + template: + src: proxy_resources/etc/nginx/sites-available/searxng.domain + dest: "/etc/nginx/sites-available/searxng.{{ domain_name }}" + - name: Ensure NGinx site reverse proxy configuration is enabled + ansible.builtin.file: + src: "/etc/nginx/sites-available/searxng.{{ domain_name }}" + dest: "/etc/nginx/sites-enabled/searxng.{{ domain_name }}" + state: link + + - name: Debug Finish message + debug: + msg: Ansible playbook has finished! +