Ansible playbook for base and initial configuration of web server hosting my personal websites.
Go to file
Alan Orth 8bee2d7a72
Revert "roles/nginx: Only run Let's Encrypt checks once a day"
This reverts commit a38d822fad.

The docs definitely recommend twice a day. From a note on certbot's
installation page:

> if you're setting up a cron or systemd job, we recommend running
> it twice per day (it won't do anything until your certificates
> are due for renewal or revoked, but running it regularly would
> give your site a chance of staying online in case a Let's
> Encrypt-initiated revocation happened for some reason). Please
> select a random minute within the hour for your renewal tasks.

See: https://certbot.eff.org/#ubuntuxenial-nginx
2016-08-17 11:30:10 +03:00
group_vars group_vars/all: Update TLS cipher suite to latest Mozilla "Intermediate" recommendations 2016-03-08 12:45:58 +02:00
host_vars host_vars/web08: All vhosts to WordPress 4.6 2016-08-17 00:08:03 +03:00
misc-plays Add miscellaneous playbook to change the provisioning user's password 2015-06-01 14:27:58 +03:00
roles Revert "roles/nginx: Only run Let's Encrypt checks once a day" 2016-08-17 11:30:10 +03:00
vars Allow Debian hosts to run Ubuntu stuff 2015-08-23 00:02:39 +03:00
.gitignore .gitignore: Ignore Vagrant directory 2015-05-24 23:00:48 +03:00
LICENSE Add copy of GPLv3 license 2015-05-08 15:59:15 +03:00
README.md README.md: Clarify requirements note to add Ubuntu 16.04 2016-06-25 21:45:24 +03:00
site.yml Add site yml file 2014-08-25 13:21:00 +03:00
web.yml Rename php5-fpm role to php-fpm 2016-04-22 11:25:35 +03:00

Ansible Playbook

Ansible playbook for base and initial configuration of the web server hosting my personal websites. After successful execution of this playbook, however, there is still some manual work to import databases, copy site content, etc.

Assumptions

Before you can run this, a few things are assumed:

  • You have a clean, minimal Debian 8 / Ubuntu 16.04 host up and running
  • You have a user account with password-less SSH access to the machine
  • You have sudo privileges on the remote host
  • You have created a hosts file with something like:
[web]
web01

Use

Once you've satisfied the the above assumptions, you can execute:

$ ansible-playbook web.yml -i hosts --ask-become-pass

License

Copyright (C) 2014 - 2016 Alan Orth

The contents of this repository are free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.