roles/caddy: added stub

roles/website: added
2023-08-23 11:01:30 -04:00 · 2023-08-23 11:01:30 -04:00 · 00446943d7
commit 00446943d7
parent 52de6b7b70
8 changed files with 115 additions and 0 deletions
--- a/group_vars/bastion/vars.yml
+++ b/group_vars/bastion/vars.yml
@ -7,5 +7,6 @@
  - "sshd"
  - "ddclient"
  - "caddy"
+  - "website"
  - "nameserver"
  - "mailserver"
--- a/roles/caddy/defaults/main.yml
+++ b/roles/caddy/defaults/main.yml
@ -0,0 +1,7 @@
+---
+
+# these are defaults
+# override these in group/host vars
+
+# web root directory
+website_path: /srv/http
--- a/roles/caddy/tasks/main.yml
+++ b/roles/caddy/tasks/main.yml
@ -0,0 +1,17 @@
+---
+
+- name: Install Caddy packages
+  community.general.pacman:
+    name: caddy
+    state: present
+
+- name: Configure Caddy
+  template:
+    src: Caddyfile.j2
+    dest: /etc/caddy/Caddyfile
+
+- name: Enable Caddy service
+  service:
+    name: caddy
+    state: started
+    enabled: yes
--- a/roles/caddy/templates/Caddyfile.j2
+++ b/roles/caddy/templates/Caddyfile.j2
@ -0,0 +1,6 @@
+{% if website in servcices %}
+www.{{ domain }} {
+	root * {{ website_path }}
+	file_server
+}
+{% endif %}
--- a/roles/website/defaults/main.yml
+++ b/roles/website/defaults/main.yml
@ -0,0 +1,13 @@
+---
+
+# these are defaults
+# override these in group/host vars
+
+# this user takes care of building the website
+# caddy will serve it
+website_username: ianitor
+
+site_repo: https://git.dogeystamp.com/dogeystamp/wb5
+
+# site gets deployed here
+website_path: /srv/http
--- a/roles/website/tasks/main.yml
+++ b/roles/website/tasks/main.yml
@ -0,0 +1,59 @@
+- name: Create website deployment user
+  user:
+    name: "{{ website_username }}"
+
+- name: Install required packages
+  community.general.pacman:
+    name: 
+      - git
+      - make
+      - moreutils
+      - lowdown
+      - rsync
+    state: present
+
+- name: Fetch site source
+  git:
+    dest: "/home/{{ website_username }}/website"
+    repo: "{{ site_repo }}"
+  register: site_source
+  become_user: "{{ website_username }}"
+
+- name: Make site directory in web root
+  file:
+    group: caddy
+    owner: "{{ website_username }}"
+    path: "{{ website_path }}"
+    state: directory
+  register: site_folder
+
+- name: Deploy source to web root
+  make:
+    chdir: "/home/{{ website_username }}/website"
+    target: deploy
+    params:
+      OUTPUT: "{{ website_path }}"
+  when: site_source.changed or site_folder.changed
+  become_user: "{{ website_username }}"
+
+- name: Send deployment script
+  template:
+    src: deploy.sh.j2
+    dest: "/home/{{ website_username }}/deploy.sh"
+    mode: 0700
+    owner: "{{ website_username }}"
+
+- name: Tell cron to mail to root
+  cron:
+    user: "{{ website_username }}"
+    name: MAILTO
+    env: yes
+    job: root
+
+- name: Cronjob to deploy source
+  cron:
+    user: "{{ website_username }}"
+    name: "Update and deploy website source"
+    minute: 0
+    hour: "*/1"
+    job: "chronic /home/{{ website_username }}/deploy.sh"
--- a/roles/website/templates/deploy.sh.j2
+++ b/roles/website/templates/deploy.sh.j2
@ -0,0 +1,7 @@
+#!/bin/sh
+# website deployment script
+
+set -e
+
+git -C /home/{{ web_username }}/website pull
+make -C /home/{{ web_username }}/website build
--- a/run.yml
+++ b/run.yml
@ -67,3 +67,8 @@
      dotfile_users:
        - "{{ ansible_user }}"
        - "{{ username }}"
+
+    - role: services/website
+      tags:
+        - website
+      when: website in services