Commit Graph

170 Commits

Author SHA1 Message Date
4c6e45f93b
host_vars/web08: WordPress 4.8 2017-06-12 18:29:46 +03:00
02d63d7701
host_vars/web08: WordPress 4.7.5 2017-05-28 09:34:21 +03:00
39afca4bb2
host_vars/web08: WordPress 4.7.4 2017-04-22 15:31:19 +03:00
a6034fda0c
host_vars/web08: WordPress 4.7.3 2017-03-06 22:54:05 +02:00
5b63395d9f
host_vars/web08: WordPress 4.7.2 2017-01-27 10:43:09 +02:00
12cbf9386c
host_vars/web08: WordPress 4.7.1 2017-01-12 08:38:14 +02:00
2ac931731a
host_vars/web08: WordPress 4.7 2016-12-08 00:23:10 +02:00
8df5d5ed0f
host_vars/web08: Remove mjanja.co.ke as it is expired 2016-10-17 11:08:33 -04:00
651c01a29b
Set use_letsencrypt to true for nginx role
The variable name is misleading as this really does is install the
certbot client and its dependencies, and we generally want this to
always happen. If a host doesn't want it, they can override it in
their host vars.

Perhaps I should rename this variable to "bootstrap_letsencrypt" or
something so it is more accurate.
2016-10-09 11:59:21 +03:00
850342a175
host_vars/web08: Add vhost for picturingjordan.com 2016-09-13 16:51:42 +03:00
d4ffc28d62
host_vars/web08: WordPress 4.6→4.6.1 2016-09-07 20:13:12 +03:00
aa8735e0ea
roles/nginx: Use explicity booleans for tests instead of "yes" and "no"
Better to be explict with booleans rather than being confused when
you mix up yes and "yes" with Ansible/Python testing of conditionals.
2016-08-17 12:55:14 +03:00
de704a917f
roles/nginx: use boolean for use_letsencrypt instead of string "yes"
This is very confusing when you forget about how Ansible/Python is
testing conditionals. Let's use actual booleans so it's more clear.
2016-08-17 12:42:48 +03:00
437dbf470e
host_vars/web08: All vhosts to WordPress 4.6 2016-08-17 00:08:03 +03:00
7589136453
host_vars/web08: Update one blog to WordPress 4.6 RC2 2016-08-11 09:06:46 +03:00
24e54c0580
host_vars/web08: Set "use_letsencrypt" for this host 2016-06-28 10:33:57 +03:00
da784467e1
host_vars/web08: Specify use_letsencrypt: 'yes' for vhosts 2016-06-27 19:11:06 +03:00
283cecf2a2
host_vars/web08: Use mariadb_databases instead of wordpress_blogs to enumerate databases 2016-06-27 18:08:38 +03:00
386482494d
Remove web07 2016-06-27 17:58:28 +03:00
715e9ed2e5
host_vars/web08: Add timezone variable 2016-06-27 10:30:31 +03:00
91f97577c8
Add web08 2016-06-26 13:56:56 +03:00
03dc8610e9
host_vars/web07: Update WordPress to 4.5.3 2016-06-22 23:35:32 +02:00
064d277d03
host_vars/web07: Wordpress 4.5.2 2016-05-08 19:24:19 +03:00
38a972e085
host_vars/web07: WordPress 4.5 → 4.5.1 2016-04-27 10:38:50 +03:00
0ff8fb0c05
Remove web06 host 2016-04-26 13:30:19 +03:00
336ff4c2e5
Add web07
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2016-04-24 19:04:55 +03:00
fc66f8c354
host_vars/web06: Update WordPress to 4.5 2016-04-13 08:25:04 +03:00
b9a9d415f1
host_vars/web06: Add vars for new Piwik database
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2016-03-11 19:09:55 +02:00
237bf50ac7
host_vars/web06: Update to WordPress 4.4.2
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2016-02-04 18:17:19 +02:00
2da8876caa
host_vars/web06: Update to WordPress 4.4.1
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2016-01-07 12:37:36 +02:00
43a7039dc9
roles/nginx: Remove "enable_https" config logic
Everything is HTTPS now, whether self-signed or otherwise, so it
doesn't make sense to have a config switch for this.

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-12-10 00:38:53 +02:00
940b2720da
Rename nginx_* variables underneath nginx_vhosts
It's just deduplication, since it's already obvious that the dict
is for nginx-related vars:

    - nginx_domain_name→domain_name
    - nginx_domain_aliases→domain_aliases
    - nginx_enable_https→enable_https
    - nginx_enable_hsts→enable_hsts

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-12-10 00:25:44 +02:00
41547defb9
Finish moving logic and variables from nginx_tls_vhosts to nginx_vhosts
Everything is TLS now (whether self-signed or not), so it's pointless
to distinguish.

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-12-10 00:14:47 +02:00
a8005404f1
roles/nginx: Use more consistent naming for per-host nginx options
The `enable_https` option in host_vars becomes `nginx_enable_https`
to be more consistent with other nginx options used in host_vars.

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-12-09 23:21:19 +02:00
1701937006
host_vars/web06: Update to WordPress 4.4
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-12-09 11:00:51 +02:00
178d633794
host_vars/web06: Add HSTS to englishbulgaria.net
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-12-08 22:42:41 +02:00
a9cabe693b
host_vars/web06: Add englishbulgaria.net
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-12-08 17:47:41 +02:00
c0431d4247 Switch HTTPS vhosts to Let's Encrypt certificates
For now I generated the certs manually, but in the future the play-
book should run the letsencrypt-auto client for us!

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-11-07 20:53:39 +03:00
cb67d6aa40
Rename 'use_https' to 'enable_https'
To be consistent with other similar variables.

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-09-27 00:34:40 +03:00
7cb3adf11c
host_vars/web06: Move HSTS variable to host_vars
Moved out of role defaults, as it is really a per-vhost thing.

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-09-27 00:31:01 +03:00
110981d9c3
host_vars/web06: Update to WordPress 4.3.1
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-09-16 10:32:14 +03:00
5a92694d5b host_vars/web06: Remove list of ssh users
Only allow access by the provisioning user.

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-09-02 12:25:24 +03:00
4b18f91438
Remove host_vars/web05
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-09-01 11:17:24 +03:00
90d7f239c0
Add web06
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-08-31 22:51:17 +03:00
c535cce6a5
host_vars/web05: Upgrade to WordPress 4.3
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-08-19 22:54:55 +03:00
45bf41dc35
host_vars/web05: Update TLS cert for mjanja.ch
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-08-17 12:37:22 +03:00
18cca7c203
host_vars/web05: Renew TLS cert for alaninkenya.org
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-08-15 12:41:45 +03:00
b904f65cb1
host_vars/web05: Update WordPress to 4.2.4
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-08-04 18:44:30 +03:00
e052650443
host_vars/web05: Update to WordPress 4.2.3
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-07-25 12:31:20 +03:00
75cda0a066
host_vars: Delete old hosts
web01, web02, and web04 are no longer used.

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-06-07 12:44:05 +03:00
b701e9641c
host_vars/web05: Override apt_mirror
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-06-04 21:59:13 +03:00
00ad866655
host_vars/web05: WordPress 4.2.1 -> 4.2.2
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-05-07 10:16:47 +03:00
48daa37462
host_vars/web05: Update WordPress to 4.2.1
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-04-28 12:06:06 +03:00
be22b70ec3
host_vars/web05: Update WordPress from 4.1.2 -> 4.2
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-04-24 22:06:24 +03:00
25de66d605
host_vars/web05: WordPress 4.1.1 -> 4.1.2
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-04-23 23:12:20 +03:00
d8b6222527
host_vars/web05: Re-organize variables for wordpress_version logic
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-02-19 18:42:47 +03:00
55b1362f54
host_vars/web05: Bump WordPress version to 4.1
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-01-04 00:43:53 +03:00
1073b8e1b6
host_vars/web05: Add mosh ports to iptables
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-11-21 00:29:08 +01:00
b71269e6cb
host_vars/web05: Add TLS keys back
The other method wasn't as clever as I had thought, as I couldn't
get it to work again!

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-10-27 21:19:53 +03:00
b89e51d270
host_vars/web05: Remove TLS keys from host_vars
Now they live in one file, vars/tls_keys.yml.

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-10-11 15:43:17 +03:00
7ad41df199
Add host_var file for web05
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-10-11 15:03:56 +03:00
06543b10d5
host_vars/web04: Re-generate alaninkenya TLS chain
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-10-05 15:58:05 +03:00
c6ce4e6630
Add host_vars for web04
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-10-05 13:25:42 +03:00
ba751625d6
host_vars/web02: Remove anchor from chained TLS cert
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-09-15 22:00:26 +03:00
3c4aa85319
host_vars/web02: Update TLS certs for alaninkenya.org
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-09-14 23:54:00 +03:00
8362af0a02
Add web02
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-09-14 22:26:34 +03:00
b6d4f090ec
host_vars/web01: Update WordPress version and vhosts
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-09-06 20:49:41 +03:00
ef4a9edbd7
Add host_vars/web01
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-08-28 22:08:05 +03:00
8e1c2c5518
Remove host_vars/.gitignore
I'll just use ansible-vault and encrypt it instead.  If I had more
host_vars this would suck, as you can't grep the vars there...

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-08-28 21:37:37 +03:00
0006cd7fc5
Ignore contents of host_vars
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-08-17 00:49:04 +03:00