Add froxlor support
This commit is contained in:
parent
453c8d6b7a
commit
bbaf313bc2
|
@ -1 +1,20 @@
|
|||
nginx_disable_ssl: false
|
||||
|
||||
lxc_item_redirect:
|
||||
listen: 80
|
||||
redirect: "https://$host$request_uri"
|
||||
server_name:
|
||||
- "{{ loop_domain }}"
|
||||
remove_error_pages: True
|
||||
disable_referer: False
|
||||
letsencrypt: true
|
||||
|
||||
lxc_item_proxy:
|
||||
listen: 443
|
||||
ssl: true
|
||||
server_name:
|
||||
- "{{ loop_domain }}"
|
||||
remove_error_pages: True
|
||||
disable_referer: False
|
||||
letsencrypt: true
|
||||
proxy: "http://[2a01:e0a:21a:17a7::1]:80"
|
||||
|
|
|
@ -0,0 +1,94 @@
|
|||
---
|
||||
- debug:
|
||||
var: loop_domain
|
||||
tags:
|
||||
- froxlor
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor
|
||||
- not loop_domain in know_froxlor_domain
|
||||
|
||||
- name: Set var
|
||||
ansible.builtin.set_fact:
|
||||
item: "{{ lxc_item_redirect }}"
|
||||
tags:
|
||||
- froxlor
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor
|
||||
- not loop_domain in know_froxlor_domain
|
||||
|
||||
|
||||
- name: "Add redirect Vhost"
|
||||
template:
|
||||
src: "vhosts/redirect.j2"
|
||||
dest: "/etc/nginx/sites-available/froxlor_{{ loop_domain }}-80.conf"
|
||||
notify:
|
||||
- Reload Nginx
|
||||
tags:
|
||||
- froxlor
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor
|
||||
- not loop_domain in know_froxlor_domain
|
||||
|
||||
- name: "Enable redirect vhost"
|
||||
file:
|
||||
src: "/etc/nginx/sites-available/froxlor_{{ loop_domain }}-80.conf"
|
||||
dest: "/etc/nginx/sites-enabled/froxlor_{{ loop_domain }}-80.conf"
|
||||
state: link
|
||||
tags:
|
||||
- froxlor
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor
|
||||
- not loop_domain in know_froxlor_domain
|
||||
notify:
|
||||
- Reload Nginx
|
||||
|
||||
|
||||
- name: "Create certificate"
|
||||
shell: "certbot certonly --non-interactive --webroot --email {{ nginx_letsencrypt_email }} --agree-tos --webroot-path=/var/www/letsencrypt -d {{ loop_domain }} --expand --key-type ecdsa --elliptic-curve secp384r1;"
|
||||
tags:
|
||||
- froxlor
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor
|
||||
- not loop_domain in know_froxlor_domain
|
||||
|
||||
- name: Set var
|
||||
ansible.builtin.set_fact:
|
||||
item: "{{ lxc_item_proxy }}"
|
||||
tags:
|
||||
- froxlor
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor
|
||||
- not loop_domain in know_froxlor_domain
|
||||
|
||||
- name: "Add proxy vhost"
|
||||
template:
|
||||
src: "vhosts/proxy.j2"
|
||||
dest: "/etc/nginx/sites-available/froxlor_{{ loop_domain }}-443.conf"
|
||||
notify:
|
||||
- Reload Nginx
|
||||
tags:
|
||||
- froxlor
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor
|
||||
- not loop_domain in know_froxlor_domain
|
||||
|
||||
- name: "Enable proxy vhost"
|
||||
file:
|
||||
src: "/etc/nginx/sites-available/froxlor_{{ loop_domain }}-443.conf"
|
||||
dest: "/etc/nginx/sites-enabled/froxlor_{{ loop_domain }}-443.conf"
|
||||
state: link
|
||||
tags:
|
||||
- froxlor
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor
|
||||
- not loop_domain in know_froxlor_domain
|
||||
notify:
|
||||
- Reload Nginx
|
|
@ -0,0 +1,61 @@
|
|||
---
|
||||
- name: "Remove symlink proxy"
|
||||
file:
|
||||
state: absent
|
||||
path: "/etc/nginx/sites-enabled/froxlor_{{ loop_domain }}-443.conf"
|
||||
tags:
|
||||
- froxlor
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor
|
||||
- loop_domain not in domains
|
||||
notify:
|
||||
- Reload Nginx
|
||||
|
||||
- name: "Remove symlink redirect"
|
||||
file:
|
||||
state: absent
|
||||
path: "/etc/nginx/sites-enabled/froxlor_{{ loop_domain }}-80.conf"
|
||||
tags:
|
||||
- froxlor
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor
|
||||
- loop_domain not in domains
|
||||
notify:
|
||||
- Reload Nginx
|
||||
|
||||
- name: "Remove website proxy conf"
|
||||
file:
|
||||
state: absent
|
||||
path: "/etc/nginx/sites-available/froxlor_{{ loop_domain }}-443.conf"
|
||||
tags:
|
||||
- froxlor
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor
|
||||
- loop_domain not in domains
|
||||
|
||||
- name: "Remove website redirect conf"
|
||||
file:
|
||||
state: absent
|
||||
path: "/etc/nginx/sites-available/froxlor_{{ loop_domain }}-80.conf"
|
||||
tags:
|
||||
- froxlor
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor
|
||||
- loop_domain not in domains
|
||||
|
||||
- name: "Revoke Let's Encrypt cert"
|
||||
shell: "certbot revoke --delete-after-revoke --cert-path /etc/letsencrypt/live/{{ loop_domain }}/cert.pem"
|
||||
ignore_errors: yes
|
||||
tags:
|
||||
- froxlor
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor
|
||||
- loop_domain not in domains
|
||||
notify:
|
||||
- Reload Nginx
|
||||
|
|
@ -0,0 +1,110 @@
|
|||
---
|
||||
- name: Check if froxlor_domain.json exist
|
||||
stat:
|
||||
path: /etc/nginx/froxlor_domain.json
|
||||
register: stat_result
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor == True
|
||||
tags:
|
||||
- froxlor
|
||||
|
||||
- name: Make file if not exist
|
||||
ansible.builtin.copy:
|
||||
content: "[]"
|
||||
dest: /etc/nginx/froxlor_domain.json
|
||||
when:
|
||||
- not stat_result.stat.exists
|
||||
- use_froxlor is defined
|
||||
- use_froxlor == True
|
||||
tags:
|
||||
- froxlor
|
||||
|
||||
- name: "Get all domains"
|
||||
ansible.builtin.uri:
|
||||
url: "{{ froxlor_url }}/api.php"
|
||||
method: "POST"
|
||||
headers:
|
||||
Content-Type: "application/json"
|
||||
Authorization: "Basic {{ froxlor_token }}"
|
||||
body: '{"command":"SubDomains.listing"}'
|
||||
status_code: 200
|
||||
body_format: "json"
|
||||
register: froxlor_domains
|
||||
delegate_to: localhost
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor == True
|
||||
tags:
|
||||
- froxlor
|
||||
|
||||
- debug:
|
||||
var: froxlor_domains["json"]["data"]
|
||||
verbosity: 2
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor == True
|
||||
tags:
|
||||
- froxlor
|
||||
|
||||
- name: Get know domain
|
||||
set_fact:
|
||||
know_froxlor_domain: "{{ lookup('file','/etc/nginx/froxlor_domain.json') | from_json }}"
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor == True
|
||||
tags:
|
||||
- froxlor
|
||||
|
||||
- name: Create a domain list
|
||||
set_fact:
|
||||
domains: []
|
||||
delegate_to: localhost
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor == True
|
||||
tags:
|
||||
- froxlor
|
||||
|
||||
- name: Append domain in domain list
|
||||
set_fact:
|
||||
domains: "{{ domains + [item['domain']] }}"
|
||||
delegate_to: localhost
|
||||
loop: "{{ froxlor_domains['json']['data']['list'] }}"
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor == True
|
||||
tags:
|
||||
- froxlor
|
||||
|
||||
- include_tasks: froxlor_configure_vhost.yml
|
||||
loop: "{{ domains }}"
|
||||
loop_control:
|
||||
loop_var: loop_domain
|
||||
tags:
|
||||
- froxlor
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor
|
||||
- not loop_domain in know_froxlor_domain
|
||||
|
||||
- include_tasks: froxlor_delete_vhost.yml
|
||||
loop: "{{ know_froxlor_domain }}"
|
||||
loop_control:
|
||||
loop_var: loop_domain
|
||||
tags:
|
||||
- froxlor
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor
|
||||
- loop_domain not in domains
|
||||
|
||||
- name: Copy using inline content
|
||||
ansible.builtin.copy:
|
||||
content: "{{ domains }}"
|
||||
dest: /etc/nginx/froxlor_domain.json
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor == True
|
||||
tags:
|
||||
- froxlor
|
|
@ -28,6 +28,13 @@
|
|||
- zabbix
|
||||
when: zabbix_webcheck is defined and zabbix_webcheck == True
|
||||
|
||||
- include_tasks: froxlor_vhost.yml
|
||||
tags:
|
||||
- froxlor
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor
|
||||
|
||||
- include_tasks: remove-vhost.yml
|
||||
tags:
|
||||
- resign
|
||||
|
|
Loading…
Reference in New Issue