commit 8908026390ee4ce27999f3077e12616de5842f62
parent cefca2db51a630b9df6237ece3f0fb94948ee381
Author: Leah (ctucx) <leah@ctu.cx>
Date: Fri, 26 Feb 2021 21:50:38 +0100
parent cefca2db51a630b9df6237ece3f0fb94948ee381
Author: Leah (ctucx) <leah@ctu.cx>
Date: Fri, 26 Feb 2021 21:50:38 +0100
roles/ctucx-gallery: init
12 files changed, 295 insertions(+), 0 deletions(-)
A
|
63
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
diff --git a/roles/ctucx-gallery/meta/main.yml b/roles/ctucx-gallery/meta/main.yml @@ -0,0 +1,4 @@ +--- + +dependencies: + - role: nginx
diff --git a/roles/ctucx-gallery/tasks/checks.yml b/roles/ctucx-gallery/tasks/checks.yml @@ -0,0 +1,63 @@ +--- + +- fail: msg="Option 'services.ctucxGallery.user' has to be set!" + when: + - services.ctucxGallery.user is not defined + +- fail: msg="Option 'services.ctucxGallery.sourceDir' has to be set!" + when: + - services.ctucxGallery.sourceDir is not defined + +- fail: msg="Option 'services.ctucxGallery.targetDir' has to be set!" + when: + - services.ctucxGallery.targetDir is not defined + +- fail: msg="Option 'services.ctucxGallery.site.name' has to be set!" + when: + - services.ctucxGallery.site.name is not defined + +- fail: msg="Option 'services.ctucxGallery.site.author' has to be set!" + when: + - services.ctucxGallery.site.author is not defined + +- fail: msg="Option 'services.ctucxGallery.site.description' has to be set!" + when: + - services.ctucxGallery.site.description is not defined + +- fail: msg="Option 'services.ctucxGallery.site.tags' has to be set!" + when: + - services.ctucxGallery.site.tags is not defined + +- fail: msg="Nginx role has to be enabled when using nginx options!" + when: + - services.ctucxGallery.nginx.enable is true + - services.nginx.enable is false + +- fail: msg="Option 'services.ctucxGallery.nginx.domain' has to be set when using nginx!" + when: + - services.ctucxGallery.nginx.enable is defined + - services.ctucxGallery.nginx.enable is true + - services.ctucxGallery.nginx.domain is not defined + +- fail: msg="Option 'services.ctucxGallery.nginx.sslOnly' has to be set when using nginx!" + when: + - services.ctucxGallery.nginx.enable is defined + - services.ctucxGallery.nginx.enable is true + - services.ctucxGallery.nginx.sslOnly is not defined + +- fail: msg="Option 'services.ctucxGallery.nginx.ssl.cert' has to be set when using nginx with ssl!" + when: + - services.ctucxGallery.nginx.enable is defined + - services.ctucxGallery.nginx.enable is true + - services.ctucxGallery.nginx.ssl.enable is defined + - services.ctucxGallery.nginx.ssl.enable is true + - services.ctucxGallery.nginx.ssl.cert is not defined + +- fail: msg="Option 'services.ctucxGallery.nginx.ssl.privkey' has to be set when using nginx with ssl!" + when: + - services.ctucxGallery.nginx.enable is defined + - services.ctucxGallery.nginx.enable is true + - services.ctucxGallery.nginx.ssl.enable is defined + - services.ctucxGallery.nginx.ssl.enable is true + - services.ctucxGallery.nginx.ssl.privkey is not defined +
diff --git a/roles/ctucx-gallery/tasks/configure.yml b/roles/ctucx-gallery/tasks/configure.yml @@ -0,0 +1,20 @@ +--- + +- name: "Generate file: /etc/ctucx-gallery.conf" + template: + src: gallery.conf.j2 + dest: /etc/ctucx-gallery.conf + +- name: "Generate file: /etc/systemd/system/ctucx-gallery.service" + template: + src: systemd.service.j2 + dest: /etc/systemd/system/ctucx-gallery.service + when: + - ansible_service_mgr == "systemd" + +- name: "Generate file: /etc/systemd/system/ctucx-gallery.timer" + template: + src: systemd.timer.j2 + dest: /etc/systemd/system/ctucx-gallery.timer + when: + - ansible_service_mgr == "systemd"
diff --git a/roles/ctucx-gallery/tasks/install.yml b/roles/ctucx-gallery/tasks/install.yml @@ -0,0 +1,15 @@ +--- + +- name: "[Alpine] Install package: gallery" + apk: + name: gallery + state: present + when: + - ansible_distribution == "Alpine" + +- name: "[Archlinux] Install package: ctucx-gallery" + pacman: + name: ctucx-gallery + state: present + when: + - ansible_distribution == "Archlinux"
diff --git a/roles/ctucx-gallery/tasks/main.yml b/roles/ctucx-gallery/tasks/main.yml @@ -0,0 +1,35 @@ +--- + +- import_tasks: checks.yml + when: + - services.ctucxGallery.enable is defined + - services.ctucxGallery.enable is true + +- import_tasks: install.yml + when: + - services.ctucxGallery.enable is defined + - services.ctucxGallery.enable is true + +- import_tasks: configure.yml + when: + - services.ctucxGallery.enable is defined + - services.ctucxGallery.enable is true + +- import_tasks: start.yml + when: + - services.ctucxGallery.enable is defined + - services.ctucxGallery.enable is true + +- import_tasks: nginx.yml + when: + - services.ctucxGallery.enable is defined + - services.ctucxGallery.enable is true + - services.ctucxGallery.nginx.enable is defined + - services.ctucxGallery.nginx.enable is true + +- import_tasks: remove.yml + when: + - services.ctucxGallery.enable is defined + - services.ctucxGallery.enable is false + +- meta: flush_handlers
diff --git a/roles/ctucx-gallery/tasks/nginx.yml b/roles/ctucx-gallery/tasks/nginx.yml @@ -0,0 +1,10 @@ +--- + +- name: "[nginx] Create vhost" + template: + src: nginx-vhost.conf.j2 + dest: /etc/nginx/conf.d/ctucx-gallery.conf + mode: 0644 + owner: "{{ services.nginx.user | default('http') }}" + group: "{{ services.nginx.group | default('http') }}" + notify: "Restart nginx"
diff --git a/roles/ctucx-gallery/tasks/remove.yml b/roles/ctucx-gallery/tasks/remove.yml @@ -0,0 +1,38 @@ +--- + +- name: "[OpenRC] Disable and stop service: vnstatd" + service: + name: vnstatd + enabled: no + state: stopped + when: + - ansible_service_mgr == "openrc" + +- name: "[systemd] Disable and stop service: vnstat" + systemd: + name: vnstat + enabled: no + state: stopped + when: + - ansible_service_mgr == "systemd" + + +- name: "[Alpine] Remove package: vnstatd" + apk: + name: vnstatd + state: absent + when: + - ansible_distribution == "Alpine" + +- name: "[Archlinux] Remove package: vnstat" + pacman: + name: vnstat + state: absent + when: + - ansible_distribution == "Archlinux" + + +- name: "Remove file: /etc/vnstat.conf" + file: + path: /etc/vnstat.conf + state: absent+ \ No newline at end of file
diff --git a/roles/ctucx-gallery/tasks/start.yml b/roles/ctucx-gallery/tasks/start.yml @@ -0,0 +1,18 @@ +--- + +- name: "[cron] Create crontab entry for: ctucx-gallery" + cron: + name: "ctucx-gallery regenerate" + special_time: hourly + user: "{{ services.ctucxGallery.user }}" + job: "/usr/bin/ctucx-gallery /etc/ctucx-gallery.conf" + when: + - ansible_service_mgr != "systemd" + +- name: "[systemd] Enable and start systemd-timer: ctucx-gallery" + systemd: + name: ctucx-gallery.timer + enabled: yes + state: started + when: + - ansible_service_mgr == "systemd"+ \ No newline at end of file
diff --git a/roles/ctucx-gallery/templates/gallery.conf.j2 b/roles/ctucx-gallery/templates/gallery.conf.j2 @@ -0,0 +1,18 @@ +SourceDir={{ services.ctucxGallery.sourceDir }} +TargetDir={{ services.ctucxGallery.targetDir }} + +[Site] +Author="{{ services.ctucxGallery.site.author }}" +Name="{{ services.ctucxGallery.site.name }}" +Description="{{ services.ctucxGallery.site.description }}" +Tags="{{ services.ctucxGallery.site.tags }}" +ShowOriginalsButton={{ services.ctucxGallery.site.showOriginalsButton | default("true") }} +SymlinkOriginals={{ services.ctucxGallery.site.symlinkOriginals | default("true") }} +EnableJS={{ services.ctucxGallery.site.enableJS | default("true") }} + +[Thumbnails] +MediumMaxWidth={{ services.ctucxGallery.thumbnails.mediumMaxWidth | default(1920) }} +MediumMaxHeight={{ services.ctucxGallery.thumbnails.mediumMaxHeight | default(1080) }} +ThumbMaxWidth={{ services.ctucxGallery.thumbnails.thumbMaxWidth | default(200) }} +ThumbMaxHeight={{ services.ctucxGallery.thumbnails.thumbMaxHeight | default(200) }} +ThumbQuality={{ services.ctucxGallery.thumbnails.thumbQuality | default(90) }}+ \ No newline at end of file
diff --git a/roles/ctucx-gallery/templates/nginx-vhost.conf.j2 b/roles/ctucx-gallery/templates/nginx-vhost.conf.j2 @@ -0,0 +1,45 @@ +# +# !!! This file is managed by Ansible !!! +# + +{% if services.ctucxGallery.nginx.sslOnly is not defined or services.ctucxGallery.nginx.sslOnly is false %} +server { + listen 80 ; + listen [::]:80; + + server_name {{ services.ctucxGallery.nginx.domain }}; + + root {{ services.ctucxGallery.targetDir }}; + + location ~* \.(html)$ { + add_header Last-Modified $date_gmt; + add_header Cache-Control 'private no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0'; + if_modified_since off; + expires off; + etag off; + } +} + +{% endif %} +{% if services.ctucxGallery.nginx.ssl.enable is true %} +server { + listen 443 ssl; + listen [::]:443 ssl; + + ssl_certificate "{{ services.ctucxGallery.nginx.ssl.cert }}"; + ssl_certificate_key "{{ services.ctucxGallery.nginx.ssl.privkey }}"; + include /etc/nginx/ssl.conf; + + server_name {{ services.ctucxGallery.nginx.domain }}; + + root {{ services.ctucxGallery.targetDir }}; + + location ~* \.(html)$ { + add_header Last-Modified $date_gmt; + add_header Cache-Control 'private no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0'; + if_modified_since off; + expires off; + etag off; + } +} +{% endif %}
diff --git a/roles/ctucx-gallery/templates/systemd.service.j2 b/roles/ctucx-gallery/templates/systemd.service.j2 @@ -0,0 +1,11 @@ +# +# !!! This file is managed by Ansible !!! +# + +[Unit] +Description=ctucx-gallery Service + +[Service] +Type=oneshot +ExecStart=/usr/bin/ctucx-gallery /etc/ctucx-gallery.conf +User={{ services.ctucxGallery.user }}
diff --git a/roles/ctucx-gallery/templates/systemd.timer.j2 b/roles/ctucx-gallery/templates/systemd.timer.j2 @@ -0,0 +1,14 @@ +# +# !!! This file is managed by Ansible !!! +# + +[Unit] +Description=ctucx-gallery Timer + +[Timer] +OnCalendar=hourly +Persistent=false +AccuracySec=5s + +[Install] +WantedBy=timers.target+ \ No newline at end of file