Commit Graph

158 Commits

Author SHA1 Message Date
de704a917f
roles/nginx: use boolean for use_letsencrypt instead of string "yes"
This is very confusing when you forget about how Ansible/Python is
testing conditionals. Let's use actual booleans so it's more clear.
2016-08-17 12:42:48 +03:00
437dbf470e
host_vars/web08: All vhosts to WordPress 4.6 2016-08-17 00:08:03 +03:00
7589136453
host_vars/web08: Update one blog to WordPress 4.6 RC2 2016-08-11 09:06:46 +03:00
24e54c0580
host_vars/web08: Set "use_letsencrypt" for this host 2016-06-28 10:33:57 +03:00
da784467e1
host_vars/web08: Specify use_letsencrypt: 'yes' for vhosts 2016-06-27 19:11:06 +03:00
283cecf2a2
host_vars/web08: Use mariadb_databases instead of wordpress_blogs to enumerate databases 2016-06-27 18:08:38 +03:00
386482494d
Remove web07 2016-06-27 17:58:28 +03:00
715e9ed2e5
host_vars/web08: Add timezone variable 2016-06-27 10:30:31 +03:00
91f97577c8
Add web08 2016-06-26 13:56:56 +03:00
03dc8610e9
host_vars/web07: Update WordPress to 4.5.3 2016-06-22 23:35:32 +02:00
064d277d03
host_vars/web07: Wordpress 4.5.2 2016-05-08 19:24:19 +03:00
38a972e085
host_vars/web07: WordPress 4.5 → 4.5.1 2016-04-27 10:38:50 +03:00
0ff8fb0c05
Remove web06 host 2016-04-26 13:30:19 +03:00
336ff4c2e5
Add web07
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2016-04-24 19:04:55 +03:00
fc66f8c354
host_vars/web06: Update WordPress to 4.5 2016-04-13 08:25:04 +03:00
b9a9d415f1
host_vars/web06: Add vars for new Piwik database
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2016-03-11 19:09:55 +02:00
237bf50ac7
host_vars/web06: Update to WordPress 4.4.2
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2016-02-04 18:17:19 +02:00
2da8876caa
host_vars/web06: Update to WordPress 4.4.1
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2016-01-07 12:37:36 +02:00
43a7039dc9
roles/nginx: Remove "enable_https" config logic
Everything is HTTPS now, whether self-signed or otherwise, so it
doesn't make sense to have a config switch for this.

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-12-10 00:38:53 +02:00
940b2720da
Rename nginx_* variables underneath nginx_vhosts
It's just deduplication, since it's already obvious that the dict
is for nginx-related vars:

    - nginx_domain_name→domain_name
    - nginx_domain_aliases→domain_aliases
    - nginx_enable_https→enable_https
    - nginx_enable_hsts→enable_hsts

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-12-10 00:25:44 +02:00
41547defb9
Finish moving logic and variables from nginx_tls_vhosts to nginx_vhosts
Everything is TLS now (whether self-signed or not), so it's pointless
to distinguish.

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-12-10 00:14:47 +02:00
a8005404f1
roles/nginx: Use more consistent naming for per-host nginx options
The `enable_https` option in host_vars becomes `nginx_enable_https`
to be more consistent with other nginx options used in host_vars.

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-12-09 23:21:19 +02:00
1701937006
host_vars/web06: Update to WordPress 4.4
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-12-09 11:00:51 +02:00
178d633794
host_vars/web06: Add HSTS to englishbulgaria.net
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-12-08 22:42:41 +02:00
a9cabe693b
host_vars/web06: Add englishbulgaria.net
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-12-08 17:47:41 +02:00
c0431d4247 Switch HTTPS vhosts to Let's Encrypt certificates
For now I generated the certs manually, but in the future the play-
book should run the letsencrypt-auto client for us!

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-11-07 20:53:39 +03:00
cb67d6aa40
Rename 'use_https' to 'enable_https'
To be consistent with other similar variables.

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-09-27 00:34:40 +03:00
7cb3adf11c
host_vars/web06: Move HSTS variable to host_vars
Moved out of role defaults, as it is really a per-vhost thing.

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-09-27 00:31:01 +03:00
110981d9c3
host_vars/web06: Update to WordPress 4.3.1
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-09-16 10:32:14 +03:00
5a92694d5b host_vars/web06: Remove list of ssh users
Only allow access by the provisioning user.

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-09-02 12:25:24 +03:00
4b18f91438
Remove host_vars/web05
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-09-01 11:17:24 +03:00
90d7f239c0
Add web06
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-08-31 22:51:17 +03:00
c535cce6a5
host_vars/web05: Upgrade to WordPress 4.3
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-08-19 22:54:55 +03:00
45bf41dc35
host_vars/web05: Update TLS cert for mjanja.ch
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-08-17 12:37:22 +03:00
18cca7c203
host_vars/web05: Renew TLS cert for alaninkenya.org
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-08-15 12:41:45 +03:00
b904f65cb1
host_vars/web05: Update WordPress to 4.2.4
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-08-04 18:44:30 +03:00
e052650443
host_vars/web05: Update to WordPress 4.2.3
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-07-25 12:31:20 +03:00
75cda0a066
host_vars: Delete old hosts
web01, web02, and web04 are no longer used.

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-06-07 12:44:05 +03:00
b701e9641c
host_vars/web05: Override apt_mirror
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-06-04 21:59:13 +03:00
00ad866655
host_vars/web05: WordPress 4.2.1 -> 4.2.2
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-05-07 10:16:47 +03:00
48daa37462
host_vars/web05: Update WordPress to 4.2.1
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-04-28 12:06:06 +03:00
be22b70ec3
host_vars/web05: Update WordPress from 4.1.2 -> 4.2
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-04-24 22:06:24 +03:00
25de66d605
host_vars/web05: WordPress 4.1.1 -> 4.1.2
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-04-23 23:12:20 +03:00
d8b6222527
host_vars/web05: Re-organize variables for wordpress_version logic
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-02-19 18:42:47 +03:00
55b1362f54
host_vars/web05: Bump WordPress version to 4.1
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-01-04 00:43:53 +03:00
1073b8e1b6
host_vars/web05: Add mosh ports to iptables
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-11-21 00:29:08 +01:00
b71269e6cb
host_vars/web05: Add TLS keys back
The other method wasn't as clever as I had thought, as I couldn't
get it to work again!

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-10-27 21:19:53 +03:00
b89e51d270
host_vars/web05: Remove TLS keys from host_vars
Now they live in one file, vars/tls_keys.yml.

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-10-11 15:43:17 +03:00
7ad41df199
Add host_var file for web05
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-10-11 15:03:56 +03:00
06543b10d5
host_vars/web04: Re-generate alaninkenya TLS chain
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-10-05 15:58:05 +03:00
c6ce4e6630
Add host_vars for web04
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-10-05 13:25:42 +03:00
ba751625d6
host_vars/web02: Remove anchor from chained TLS cert
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-09-15 22:00:26 +03:00
3c4aa85319
host_vars/web02: Update TLS certs for alaninkenya.org
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-09-14 23:54:00 +03:00
8362af0a02
Add web02
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-09-14 22:26:34 +03:00
b6d4f090ec
host_vars/web01: Update WordPress version and vhosts
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-09-06 20:49:41 +03:00
ef4a9edbd7
Add host_vars/web01
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-08-28 22:08:05 +03:00
8e1c2c5518
Remove host_vars/.gitignore
I'll just use ansible-vault and encrypt it instead.  If I had more
host_vars this would suck, as you can't grep the vars there...

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-08-28 21:37:37 +03:00
0006cd7fc5
Ignore contents of host_vars
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-08-17 00:49:04 +03:00