Ansible playbook for base and initial configuration of web server hosting my personal websites.
Go to file
Alan Orth 934db06887 roles/nginx: Add HTTP Strict Transport Security headers to PHP block
nginx blocks inherit headers set in blocks above them UNLESS the
current level also sets headers[0]. This was causing PHP requests
to not have STS headers because of the FastCGI cache header which
is set in that block.

[0] http://nginx.org/en/docs/http/ngx_http_headers_module.html

Fixes GitHub #7.

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-03-19 09:30:26 +03:00
group_vars Update tls cipher suite with latest string from Mozilla TLS guide 2014-10-25 12:36:19 +03:00
host_vars host_vars/web05: Re-organize variables for wordpress_version logic 2015-02-19 18:42:47 +03:00
roles roles/nginx: Add HTTP Strict Transport Security headers to PHP block 2015-03-19 09:30:26 +03:00
vars vars/Ubuntu.yml: Add variables for provisioning user 2015-03-16 13:47:54 +03:00
.gitignore Add top-level .gitignore 2014-08-25 15:15:55 +03:00
README.md roles/nginx: Adjust Cache-Control headers 2014-11-07 00:29:53 +03:00
site.yml Add site yml file 2014-08-25 13:21:00 +03:00
web.yml Remove references to provisioning.yml 2015-02-26 16:53:48 +03:00

Ansible Playbook

Ansible playbook for base and initial configuration of web server hosting my personal websites. After successful execution of this playbook, however, there is still some manual work to import databases, copy site content, etc.

Assumptions

Before you can run this, a few things are assumed:

  • You have a clean, minimal Ubuntu 14.04 host up and running
  • You have a user account with password-less SSH access to the machine
  • You have sudo privileges on the remote host
  • You have created a hosts file with something like:
[web]
web01

Use

Once you've satisfied the the above assumptions, you can execute:

ansible-playbook web.yml -i hosts -K

Testing in a VM (KVM)

A simple way to test locally in a virtual machine using libvirt + KVM:

sudo virt-install -n web01 -r 1024 --vcpus 2 -l http://ubuntu.mirror.ac.ke/ubuntu/dists/trusty/main/installer-amd64/ --os-type=linux --os-variant=ubuntusaucy --disk /home/aorth/software/vms/web01.qcow2,device=disk,bus=virtio,format=qcow2,size=40 --vnc --cpuset=1,2 -x "auto=true priority=critical url=http://blah.com/~aorth/preseed/public/ubuntu-14.04.cfg"

This boots from a network Ubuntu mirror, then uses a preseed to automate the OS installation.

Testing in Vagrant

Not as simple as on GNU/Linux with KVM, but still easy:

vagrant init ubuntu/trusty64

Then uncomment the following line in your Vagrantfile:

# Create a public network, which generally matched to bridged network.
# Bridged networks make the machine appear as another physical device on
# your network.
config.vm.network "public_network"

And finally, bring the machine up:

vagrant up