ctucx.git: ansible-configs

My personal ansible roles and playbooks [deprecated in favor of nixos]

commit 5f79fe2035f9ca3f920960e41646614dc3638b8c
parent 42c5f0a9514bff99f9bb24671f2eb4d4048690a3
Author: Leah (ctucx) <leah@ctu.cx>
Date: Fri, 26 Feb 2021 14:13:50 +0100

roles/nginx: user as option
17 files changed, 53 insertions(+), 53 deletions(-)
diff --git a/roles/cgit/tasks/nginx.yml b/roles/cgit/tasks/nginx.yml
@@ -2,7 +2,7 @@
 
 - name: Adding user nginx to group git
   user:
-    name: nginx
+    user: "{{ services.nginx.user | default('http') }}"
     groups: git
     append: yes
 

@@ -11,6 +11,6 @@
     src: nginx-vhost.conf.j2
     dest: /etc/nginx/conf.d/cgit.conf
     mode: 0644
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
   notify: "Restart nginx"
diff --git a/roles/fritzboxExporter/tasks/nginx.yml b/roles/fritzboxExporter/tasks/nginx.yml
@@ -5,6 +5,6 @@
     src: nginx-vhost.conf.j2
     dest: /etc/nginx/conf.d/fritzbox-exporter.conf
     mode: 0644
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
   notify: Restart nginx 
\ No newline at end of file
diff --git a/roles/frps/tasks/nginx.yml b/roles/frps/tasks/nginx.yml
@@ -5,6 +5,6 @@
     src: nginx-vhost.conf.j2
     dest: /etc/nginx/conf.d/frps.conf
     mode: 0644
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
   notify: "Restart nginx" 
\ No newline at end of file
diff --git a/roles/grafana/tasks/nginx.yml b/roles/grafana/tasks/nginx.yml
@@ -5,6 +5,6 @@
     src: nginx-vhost.conf.j2
     dest: /etc/nginx/conf.d/grafana.conf
     mode: 0644
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
   notify: "Restart nginx" 
\ No newline at end of file
diff --git a/roles/influxdb/tasks/nginx.yml b/roles/influxdb/tasks/nginx.yml
@@ -5,8 +5,8 @@
     content: "{{ services.influxdb.nginx.basicAuthFileContent }}"
     dest: /etc/nginx/passwd/influxdb
     mode: 0600
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
   when:
     - services.influxdb.nginx.basicAuthFileContent is defined
 

@@ -15,6 +15,6 @@
     src: nginx-vhost.conf.j2
     dest: /etc/nginx/conf.d/influxdb.conf
     mode: 0644
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
   notify: "Restart nginx" 
\ No newline at end of file
diff --git a/roles/nginx/tasks/configure.yml b/roles/nginx/tasks/configure.yml
@@ -2,7 +2,7 @@
 
 - name: adding user nginx to group acme-redirect
   user:
-    name: nginx
+    name: "{{ services.nginx.user | default('http') }}"
     groups: acme-redirect
     append: yes
   when: 

@@ -12,32 +12,32 @@
   get_url:
     url: https://ssl-config.mozilla.org/ffdhe2048.txt
     dest: /etc/nginx/dhparam
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
   notify: "Restart nginx"
 
 - name: "Create file: /etc/nginx/nginx.conf"
   template:
     src: nginx.conf.j2
     dest: /etc/nginx/nginx.conf
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
   notify: "Restart nginx"
 
 - name: "Create file: /etc/nginx/ssl.conf"
   copy:
     src: ssl_settings.conf
     dest: /etc/nginx/ssl.conf
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
   notify: "Restart nginx"
 
 - name: "Create file: /etc/nginx/proxy.conf"
   copy:
     src: proxy_settings.conf
     dest: /etc/nginx/proxy.conf
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
     mode: 0755
   notify: "Restart nginx"
 

@@ -45,8 +45,8 @@
   copy:
     src: php_fastcgi_params
     dest: /etc/nginx/php_fastcgi_params
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
     mode: 0755
   notify: "Restart nginx"
 

@@ -54,13 +54,13 @@
   file:
     path:  /etc/nginx/passwd
     state: directory
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
     mode:  0700
 
 - name: "Create directory: /etc/nginx/conf.d"
   file:
     path: /etc/nginx/conf.d
     state: directory
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
diff --git a/roles/nginx/tasks/vhosts.yml b/roles/nginx/tasks/vhosts.yml
@@ -4,15 +4,15 @@
   file:
     path: /etc/nginx/vhosts
     state: directory
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
 
 - name: Generate nginx vhosts
   template:
     src: vhost.conf.j2
     dest: /etc/nginx/vhosts/{{item.key}}.conf
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
     mode: 0644
   notify: "Restart nginx"
   register: deployed_nginx_vhosts
diff --git a/roles/nginx/templates/nginx.conf.j2 b/roles/nginx/templates/nginx.conf.j2
@@ -2,7 +2,7 @@
 # !!! This file is managed by Ansible !!!
 #
 
-user nginx;
+user {{ services.nginx.user | default('http') }};
 
 worker_processes auto;
 
diff --git a/roles/oeffi-web/tasks/nginx.yml b/roles/oeffi-web/tasks/nginx.yml
@@ -5,6 +5,6 @@
     src: nginx-vhost.conf.j2
     dest: /etc/nginx/conf.d/oeffi-web.conf
     mode: 0644
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
   notify: "Restart nginx" 
\ No newline at end of file
diff --git a/roles/oeffisearch/tasks/nginx.yml b/roles/oeffisearch/tasks/nginx.yml
@@ -5,6 +5,6 @@
     src: nginx-vhost.conf.j2
     dest: /etc/nginx/conf.d/oeffisearch.conf
     mode: 0644
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
   notify: "Restart nginx" 
\ No newline at end of file
diff --git a/roles/pleroma/tasks/nginx.yml b/roles/pleroma/tasks/nginx.yml
@@ -5,6 +5,6 @@
     src: nginx-vhost.conf.j2
     dest: /etc/nginx/conf.d/pleroma.conf
     mode: 0644
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
   notify: "Restart nginx" 
\ No newline at end of file
diff --git a/roles/prometheus/tasks/nginx.yml b/roles/prometheus/tasks/nginx.yml
@@ -5,6 +5,6 @@
     src: nginx-vhost.conf.j2
     dest: /etc/nginx/conf.d/prometheus.conf
     mode: 0644
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
   notify: "Restart nginx" 
\ No newline at end of file
diff --git a/roles/radicale/tasks/nginx.yml b/roles/radicale/tasks/nginx.yml
@@ -5,6 +5,6 @@
     src: nginx-vhost.conf.j2
     dest: /etc/nginx/conf.d/radicale.conf
     mode: 0644
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
   notify: "Restart nginx" 
\ No newline at end of file
diff --git a/roles/rest-server/tasks/nginx.yml b/roles/rest-server/tasks/nginx.yml
@@ -4,8 +4,8 @@
   copy:
     content: "{{ services.rest_server.nginx.password }}"
     dest: /etc/nginx/passwd/rest-server
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
     mode: 0700
   when:
     - services.rest_server.nginx.password is defined

@@ -16,6 +16,6 @@
     src: nginx-vhost.conf.j2
     dest: /etc/nginx/conf.d/rest-server.conf
     mode: 0644
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
   notify: "Restart nginx" 
\ No newline at end of file
diff --git a/roles/smartied/tasks/nginx.yml b/roles/smartied/tasks/nginx.yml
@@ -5,6 +5,6 @@
     src: nginx-vhost.conf.j2
     dest: /etc/nginx/conf.d/smartied.conf
     mode: 0644
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
   notify: "Restart nginx"
diff --git a/roles/synapse/tasks/nginx.yml b/roles/synapse/tasks/nginx.yml
@@ -5,6 +5,6 @@
     src: nginx-vhost.conf.j2
     dest: /etc/nginx/conf.d/synapse.conf
     mode: 0644
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
   notify: "Restart nginx" 
\ No newline at end of file
diff --git a/roles/syncthing/tasks/nginx.yml b/roles/syncthing/tasks/nginx.yml
@@ -5,6 +5,6 @@
     src: nginx-vhost.conf.j2
     dest: /etc/nginx/conf.d/syncthing.conf
     mode: 0644
-    owner: nginx
-    group: nginx
+    owner: "{{ services.nginx.user | default('http') }}"
+    group: "{{ services.nginx.group | default('http') }}"
   notify: "Restart nginx" 
\ No newline at end of file