From ba11593f07221878778bc12d9d08f1e0ba92508a Mon Sep 17 00:00:00 2001 From: staticsafe Date: Sun, 26 Nov 2017 22:47:13 -0500 Subject: [PATCH] We now use ansible_nodename so we don't need group_vars/all.sample --- group_vars/all.sample | 3 --- roles/mastodon-config/templates/.env.production.sample | 2 +- roles/mastodon-nginx/tasks/main.yml | 8 ++++---- roles/mastodon-nginx/templates/mastodon-nginx.conf | 8 ++++---- 4 files changed, 9 insertions(+), 12 deletions(-) delete mode 100644 group_vars/all.sample diff --git a/group_vars/all.sample b/group_vars/all.sample deleted file mode 100644 index b40da68..0000000 --- a/group_vars/all.sample +++ /dev/null @@ -1,3 +0,0 @@ -# COPY THIS TO 'all' and SET THIS TO YOUR OWN INSTANCE DOMAIN/SUBDOMAIN -# BEFORE RUNNING PLAYBOOK -mastodon_hostname: diff --git a/roles/mastodon-config/templates/.env.production.sample b/roles/mastodon-config/templates/.env.production.sample index 9b83d34..eefccd0 100644 --- a/roles/mastodon-config/templates/.env.production.sample +++ b/roles/mastodon-config/templates/.env.production.sample @@ -16,7 +16,7 @@ DB_PASS= DB_PORT=5432 # Your instance's domain (Don't modify this, we get this from a variable) -LOCAL_DOMAIN={{ mastodon_hostname }} +LOCAL_DOMAIN={{ ansible_nodename }} # We have HTTPS enabled LOCAL_HTTPS=true diff --git a/roles/mastodon-nginx/tasks/main.yml b/roles/mastodon-nginx/tasks/main.yml index e28cf73..4fdd2fe 100644 --- a/roles/mastodon-nginx/tasks/main.yml +++ b/roles/mastodon-nginx/tasks/main.yml @@ -10,7 +10,7 @@ - name: Stop nginx for now service: name=nginx state=stopped - name: Generate Let's Encrypt TLS certificate for Mastodon instance - shell: letsencrypt certonly -n --agree-tos --standalone -d {{ mastodon_hostname }} --email "webmaster@{{ mastodon_hostname }}" + shell: letsencrypt certonly -n --agree-tos --standalone -d {{ ansible_nodename }} --email "webmaster@{{ ansible_nodename }}" - name: Remove default nginx config in sites-enabled file: path: /etc/nginx/sites-enabled/default @@ -18,11 +18,11 @@ - name: Copy Mastodon nginx vhost template to sites-available template: src: mastodon-nginx.conf - dest: /etc/nginx/sites-available/{{ mastodon_hostname }}.conf + dest: /etc/nginx/sites-available/{{ ansible_nodename }}.conf - name: Enable Mastodon nginx vhost template file: - src: /etc/nginx/sites-available/{{ mastodon_hostname }}.conf - dest: /etc/nginx/sites-enabled/{{ mastodon_hostname }}.conf + src: /etc/nginx/sites-available/{{ ansible_nodename }}.conf + dest: /etc/nginx/sites-enabled/{{ ansible_nodename }}.conf state: link - name: Start nginx service: name=nginx state=started diff --git a/roles/mastodon-nginx/templates/mastodon-nginx.conf b/roles/mastodon-nginx/templates/mastodon-nginx.conf index ea8f3a5..a28cdfd 100644 --- a/roles/mastodon-nginx/templates/mastodon-nginx.conf +++ b/roles/mastodon-nginx/templates/mastodon-nginx.conf @@ -6,7 +6,7 @@ map $http_upgrade $connection_upgrade { server { listen 80; listen [::]:80; - server_name {{ mastodon_hostname }}; + server_name {{ ansible_nodename }}; # Useful for Let's Encrypt location /.well-known/acme-challenge/ { allow all; } location / { return 301 https://$host$request_uri; } @@ -15,15 +15,15 @@ server { server { listen 443 ssl http2; listen [::]:443 ssl http2; - server_name {{ mastodon_hostname }}; + server_name {{ ansible_nodename }}; ssl_protocols TLSv1.2; ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; - ssl_certificate /etc/letsencrypt/live/{{ mastodon_hostname }}/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/{{ mastodon_hostname }}/privkey.pem; + ssl_certificate /etc/letsencrypt/live/{{ ansible_nodename }}/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/{{ ansible_nodename }}/privkey.pem; keepalive_timeout 70; sendfile on;