ctucx.git: ansible-configs

oeffi-web: add role

diff --git a/roles/oeffi-web/tasks/main.yml b/roles/oeffi-web/tasks/main.yml
@@ -0,0 +1,25 @@
+---
+
+- name: Install oeffi-web
+  apk:
+   name: oeffi-web
+   state: present
+   update_cache: yes
+
+- service:
+   name: oeffi-web
+   enabled: yes
+   state: restarted
+
+- name: copy nginx-vhost for oeffi-web to destination host 
+  template: 
+    src: oeffi-web-vhost.conf.j2
+    dest: /etc/nginx/conf.d/oeffi-web.conf
+    mode: 0644
+    owner: nginx
+    group: nginx
+
+- name: restart nginx
+  service:
+    name: nginx
+    state: restarted

diff --git a/roles/oeffi-web/templates/oeffi-web-vhost.conf.j2 b/roles/oeffi-web/templates/oeffi-web-vhost.conf.j2
@@ -0,0 +1,18 @@
+server {
+	listen 443 ssl;
+	listen [::]:443 ssl;
+
+	ssl_certificate "{{oeffi_web.ssl_cert}}";
+	ssl_certificate_key "{{oeffi_web.ssl_privkey}}";
+	include /etc/nginx/ssl.conf;
+	
+	server_name {{oeffi_web.domain}};
+
+	location / {
+		proxy_pass http://127.0.0.1:5000;
+	}
+
+	location /assets {
+		root /usr/share/oeffi-web;
+	}
+}