651c01a29b
Set use_letsencrypt to true for nginx role
...
The variable name is misleading as this really does is install the
certbot client and its dependencies, and we generally want this to
always happen. If a host doesn't want it, they can override it in
their host vars.
Perhaps I should rename this variable to "bootstrap_letsencrypt" or
something so it is more accurate.
2016-10-09 11:59:21 +03:00
850342a175
host_vars/web08: Add vhost for picturingjordan.com
2016-09-13 16:51:42 +03:00
d4ffc28d62
host_vars/web08: WordPress 4.6→4.6.1
2016-09-07 20:13:12 +03:00
aa8735e0ea
roles/nginx: Use explicity booleans for tests instead of "yes" and "no"
...
Better to be explict with booleans rather than being confused when
you mix up yes and "yes" with Ansible/Python testing of conditionals.
2016-08-17 12:55:14 +03:00
de704a917f
roles/nginx: use boolean for use_letsencrypt instead of string "yes"
...
This is very confusing when you forget about how Ansible/Python is
testing conditionals. Let's use actual booleans so it's more clear.
2016-08-17 12:42:48 +03:00
437dbf470e
host_vars/web08: All vhosts to WordPress 4.6
2016-08-17 00:08:03 +03:00
7589136453
host_vars/web08: Update one blog to WordPress 4.6 RC2
2016-08-11 09:06:46 +03:00
24e54c0580
host_vars/web08: Set "use_letsencrypt" for this host
2016-06-28 10:33:57 +03:00
da784467e1
host_vars/web08: Specify use_letsencrypt: 'yes' for vhosts
2016-06-27 19:11:06 +03:00
283cecf2a2
host_vars/web08: Use mariadb_databases instead of wordpress_blogs to enumerate databases
2016-06-27 18:08:38 +03:00
386482494d
Remove web07
2016-06-27 17:58:28 +03:00
715e9ed2e5
host_vars/web08: Add timezone variable
2016-06-27 10:30:31 +03:00
91f97577c8
Add web08
2016-06-26 13:56:56 +03:00
03dc8610e9
host_vars/web07: Update WordPress to 4.5.3
2016-06-22 23:35:32 +02:00
064d277d03
host_vars/web07: Wordpress 4.5.2
2016-05-08 19:24:19 +03:00
38a972e085
host_vars/web07: WordPress 4.5 → 4.5.1
2016-04-27 10:38:50 +03:00
0ff8fb0c05
Remove web06 host
2016-04-26 13:30:19 +03:00
336ff4c2e5
Add web07
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2016-04-24 19:04:55 +03:00
fc66f8c354
host_vars/web06: Update WordPress to 4.5
2016-04-13 08:25:04 +03:00
b9a9d415f1
host_vars/web06: Add vars for new Piwik database
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2016-03-11 19:09:55 +02:00
237bf50ac7
host_vars/web06: Update to WordPress 4.4.2
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2016-02-04 18:17:19 +02:00
2da8876caa
host_vars/web06: Update to WordPress 4.4.1
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2016-01-07 12:37:36 +02:00
43a7039dc9
roles/nginx: Remove "enable_https" config logic
...
Everything is HTTPS now, whether self-signed or otherwise, so it
doesn't make sense to have a config switch for this.
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-12-10 00:38:53 +02:00
940b2720da
Rename nginx_* variables underneath nginx_vhosts
...
It's just deduplication, since it's already obvious that the dict
is for nginx-related vars:
- nginx_domain_name→domain_name
- nginx_domain_aliases→domain_aliases
- nginx_enable_https→enable_https
- nginx_enable_hsts→enable_hsts
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-12-10 00:25:44 +02:00
41547defb9
Finish moving logic and variables from nginx_tls_vhosts to nginx_vhosts
...
Everything is TLS now (whether self-signed or not), so it's pointless
to distinguish.
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-12-10 00:14:47 +02:00
a8005404f1
roles/nginx: Use more consistent naming for per-host nginx options
...
The `enable_https` option in host_vars becomes `nginx_enable_https`
to be more consistent with other nginx options used in host_vars.
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-12-09 23:21:19 +02:00
1701937006
host_vars/web06: Update to WordPress 4.4
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-12-09 11:00:51 +02:00
178d633794
host_vars/web06: Add HSTS to englishbulgaria.net
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-12-08 22:42:41 +02:00
a9cabe693b
host_vars/web06: Add englishbulgaria.net
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-12-08 17:47:41 +02:00
c0431d4247
Switch HTTPS vhosts to Let's Encrypt certificates
...
For now I generated the certs manually, but in the future the play-
book should run the letsencrypt-auto client for us!
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-11-07 20:53:39 +03:00
cb67d6aa40
Rename 'use_https' to 'enable_https'
...
To be consistent with other similar variables.
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-09-27 00:34:40 +03:00
7cb3adf11c
host_vars/web06: Move HSTS variable to host_vars
...
Moved out of role defaults, as it is really a per-vhost thing.
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-09-27 00:31:01 +03:00
110981d9c3
host_vars/web06: Update to WordPress 4.3.1
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-09-16 10:32:14 +03:00
5a92694d5b
host_vars/web06: Remove list of ssh users
...
Only allow access by the provisioning user.
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-09-02 12:25:24 +03:00
4b18f91438
Remove host_vars/web05
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-09-01 11:17:24 +03:00
90d7f239c0
Add web06
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-08-31 22:51:17 +03:00
c535cce6a5
host_vars/web05: Upgrade to WordPress 4.3
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-08-19 22:54:55 +03:00
45bf41dc35
host_vars/web05: Update TLS cert for mjanja.ch
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-08-17 12:37:22 +03:00
18cca7c203
host_vars/web05: Renew TLS cert for alaninkenya.org
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-08-15 12:41:45 +03:00
b904f65cb1
host_vars/web05: Update WordPress to 4.2.4
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-08-04 18:44:30 +03:00
e052650443
host_vars/web05: Update to WordPress 4.2.3
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-07-25 12:31:20 +03:00
75cda0a066
host_vars: Delete old hosts
...
web01, web02, and web04 are no longer used.
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-06-07 12:44:05 +03:00
b701e9641c
host_vars/web05: Override apt_mirror
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-06-04 21:59:13 +03:00
00ad866655
host_vars/web05: WordPress 4.2.1 -> 4.2.2
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-05-07 10:16:47 +03:00
48daa37462
host_vars/web05: Update WordPress to 4.2.1
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-04-28 12:06:06 +03:00
be22b70ec3
host_vars/web05: Update WordPress from 4.1.2 -> 4.2
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-04-24 22:06:24 +03:00
25de66d605
host_vars/web05: WordPress 4.1.1 -> 4.1.2
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-04-23 23:12:20 +03:00
d8b6222527
host_vars/web05: Re-organize variables for wordpress_version logic
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-02-19 18:42:47 +03:00
55b1362f54
host_vars/web05: Bump WordPress version to 4.1
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-01-04 00:43:53 +03:00
1073b8e1b6
host_vars/web05: Add mosh ports to iptables
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-11-21 00:29:08 +01:00
b71269e6cb
host_vars/web05: Add TLS keys back
...
The other method wasn't as clever as I had thought, as I couldn't
get it to work again!
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-10-27 21:19:53 +03:00
b89e51d270
host_vars/web05: Remove TLS keys from host_vars
...
Now they live in one file, vars/tls_keys.yml.
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-10-11 15:43:17 +03:00
7ad41df199
Add host_var file for web05
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-10-11 15:03:56 +03:00
06543b10d5
host_vars/web04: Re-generate alaninkenya TLS chain
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-10-05 15:58:05 +03:00
c6ce4e6630
Add host_vars for web04
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-10-05 13:25:42 +03:00
ba751625d6
host_vars/web02: Remove anchor from chained TLS cert
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-09-15 22:00:26 +03:00
3c4aa85319
host_vars/web02: Update TLS certs for alaninkenya.org
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-09-14 23:54:00 +03:00
8362af0a02
Add web02
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-09-14 22:26:34 +03:00
b6d4f090ec
host_vars/web01: Update WordPress version and vhosts
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-09-06 20:49:41 +03:00
ef4a9edbd7
Add host_vars/web01
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-08-28 22:08:05 +03:00
8e1c2c5518
Remove host_vars/.gitignore
...
I'll just use ansible-vault and encrypt it instead. If I had more
host_vars this would suck, as you can't grep the vars there...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-08-28 21:37:37 +03:00
0006cd7fc5
Ignore contents of host_vars
...
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-08-17 00:49:04 +03:00