Stuff
This commit is contained in:
parent
0577550b2a
commit
b19703b7cf
5 changed files with 182 additions and 9 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -12,3 +12,4 @@ Homestead.yaml
|
||||||
npm-debug.log
|
npm-debug.log
|
||||||
yarn-error.log
|
yarn-error.log
|
||||||
storage/cache
|
storage/cache
|
||||||
|
resources/ansible/*
|
||||||
|
|
|
@ -36,7 +36,6 @@ FLUSH PRIVILEGES;
|
||||||
```
|
```
|
||||||
|
|
||||||
```
|
```
|
||||||
CREATE USER 'kuvia'@'%' IDENTIFIED WITH mysql_native_password BY 'QA8jS9T.H;8RB<A4';
|
|
||||||
GRANT ALL ON kuvia.* TO 'kuvia'@'%';
|
GRANT ALL ON kuvia.* TO 'kuvia'@'%';
|
||||||
|
|
||||||
```
|
```
|
||||||
|
@ -77,7 +76,6 @@ server {
|
||||||
location ~ /\.ht {
|
location ~ /\.ht {
|
||||||
deny all;
|
deny all;
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
8
resources/ansible/hosts.yml
Normal file
8
resources/ansible/hosts.yml
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
all:
|
||||||
|
children:
|
||||||
|
web:
|
||||||
|
hosts:
|
||||||
|
www1.fra.kuvia.cloud:
|
||||||
|
mysql:
|
||||||
|
hosts:
|
||||||
|
www1.fra.kuvia.cloud:
|
172
resources/ansible/playbook.yml
Normal file
172
resources/ansible/playbook.yml
Normal file
|
@ -0,0 +1,172 @@
|
||||||
|
---
|
||||||
|
# file: webservers.yml
|
||||||
|
- hosts: all
|
||||||
|
tasks:
|
||||||
|
- name: Update all packages to their latest version
|
||||||
|
apt:
|
||||||
|
name: "*"
|
||||||
|
state: latest
|
||||||
|
update_cache: yes
|
||||||
|
- community.general.ufw:
|
||||||
|
rule: limit
|
||||||
|
port: ssh
|
||||||
|
proto: tcp
|
||||||
|
- name: Allow all access from RFC1918 networks to this host
|
||||||
|
community.general.ufw:
|
||||||
|
rule: allow
|
||||||
|
src: '10.114.0.0/20'
|
||||||
|
- name: Allow everything and enable UFW
|
||||||
|
community.general.ufw:
|
||||||
|
state: enabled
|
||||||
|
policy: deny
|
||||||
|
- hosts: mysql
|
||||||
|
tasks:
|
||||||
|
- name: Install mysql-server
|
||||||
|
apt:
|
||||||
|
name: mysql-server
|
||||||
|
state: present
|
||||||
|
- name: Install python3-pip
|
||||||
|
apt:
|
||||||
|
name: python3-pip
|
||||||
|
state: present
|
||||||
|
- name: Install PyMySQL python package
|
||||||
|
pip:
|
||||||
|
name: PyMySQL
|
||||||
|
- name: Create database user with name 'kuvia' and password 'kuvia!2020@geheim' with all database privileges
|
||||||
|
community.mysql.mysql_user:
|
||||||
|
name: kuvia
|
||||||
|
password: kuvia!2020@geheim
|
||||||
|
host: "%"
|
||||||
|
priv: 'kuvia.*:ALL'
|
||||||
|
state: present
|
||||||
|
login_unix_socket: /var/run/mysqld/mysqld.sock
|
||||||
|
- name: Create a new database with name 'kuvia'
|
||||||
|
community.mysql.mysql_db:
|
||||||
|
name: kuvia
|
||||||
|
state: present
|
||||||
|
login_unix_socket: /var/run/mysqld/mysqld.sock
|
||||||
|
- name: Set Bindung for mysql
|
||||||
|
ansible.builtin.replace:
|
||||||
|
path: /etc/mysql/mysql.conf.d/mysqld.cnf
|
||||||
|
regexp: '^bind-address\s*=.*$'
|
||||||
|
replace: 'bind-address = 0.0.0.0'
|
||||||
|
- name: Restart mysql
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
state: restarted
|
||||||
|
daemon_reload: yes
|
||||||
|
name: mysql
|
||||||
|
- hosts: web
|
||||||
|
tasks:
|
||||||
|
- name: Install nginx
|
||||||
|
apt:
|
||||||
|
name: nginx
|
||||||
|
state: present
|
||||||
|
- name: Install git
|
||||||
|
apt:
|
||||||
|
name: git
|
||||||
|
state: present
|
||||||
|
- name: Install php-fpm
|
||||||
|
apt:
|
||||||
|
name: php-fpm
|
||||||
|
state: present
|
||||||
|
- name: Install php-cli
|
||||||
|
apt:
|
||||||
|
name: php-cli
|
||||||
|
state: present
|
||||||
|
- name: Install php-simplexml
|
||||||
|
apt:
|
||||||
|
name: php-simplexml
|
||||||
|
state: present
|
||||||
|
- name: Install php-mbstring
|
||||||
|
apt:
|
||||||
|
name: php-mbstring
|
||||||
|
state: present
|
||||||
|
- name: Install php-gd
|
||||||
|
apt:
|
||||||
|
name: php-gd
|
||||||
|
state: present
|
||||||
|
- name: Install php-mysql
|
||||||
|
apt:
|
||||||
|
name: php-mysql
|
||||||
|
state: present
|
||||||
|
- name: Install unzip
|
||||||
|
apt:
|
||||||
|
name: unzip
|
||||||
|
state: present
|
||||||
|
- name: Install php-zip
|
||||||
|
apt:
|
||||||
|
name: php-zip
|
||||||
|
state: present
|
||||||
|
- name: Check that the /bin/composer exists
|
||||||
|
stat:
|
||||||
|
path: /bin/composer
|
||||||
|
register: stat_result
|
||||||
|
- name: Download foo.conf
|
||||||
|
get_url:
|
||||||
|
url: https://getcomposer.org/installer
|
||||||
|
dest: /tmp/composer-setup.php
|
||||||
|
mode: '0440'
|
||||||
|
when: not stat_result.stat.exists
|
||||||
|
- name: Execute the command in remote shell; stdout goes to the specified file on the remote
|
||||||
|
ansible.builtin.shell: php /tmp/composer-setup.php --install-dir=/bin --filename=composer
|
||||||
|
when: not stat_result.stat.exists
|
||||||
|
- name: Git checkout
|
||||||
|
git:
|
||||||
|
repo: 'https://git.keks.cloud/kekskurse/kuvia.git'
|
||||||
|
dest: /var/www/kuvia
|
||||||
|
update: yes
|
||||||
|
- name: Change file ownership, group and permissions
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: /var/www/kuvia/storage
|
||||||
|
owner: www-data
|
||||||
|
group: www-data
|
||||||
|
recurse: yes
|
||||||
|
state: directory
|
||||||
|
- name: Download and installs all libs and dependencies outlined in the /var/www/kuvia
|
||||||
|
community.general.composer:
|
||||||
|
command: install
|
||||||
|
working_dir: /var/www/kuvia
|
||||||
|
environment:
|
||||||
|
- COMPOSER_ALLOW_SUPERUSER: 1
|
||||||
|
- name: Template a file to /etc/file.conf
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: env.j2
|
||||||
|
dest: /var/www/kuvia/.env
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0644'
|
||||||
|
- name: Artisan migration
|
||||||
|
ansible.builtin.shell: php artisan migrate --force
|
||||||
|
args:
|
||||||
|
chdir: /var/www/kuvia
|
||||||
|
become: yes
|
||||||
|
become_user: www-data
|
||||||
|
tags:
|
||||||
|
- debug
|
||||||
|
- name: Allow all access to tcp port 80
|
||||||
|
community.general.ufw:
|
||||||
|
rule: allow
|
||||||
|
port: '80'
|
||||||
|
proto: tcp
|
||||||
|
- name: Allow all access to tcp port 443
|
||||||
|
community.general.ufw:
|
||||||
|
rule: allow
|
||||||
|
port: '443'
|
||||||
|
proto: tcp
|
||||||
|
- name: Template a file to /etc/file.conf
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: nginx.j2
|
||||||
|
dest: /etc/nginx/sites-available/kuvia
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0644'
|
||||||
|
- name: Create a symbolic link
|
||||||
|
ansible.builtin.file:
|
||||||
|
src: /etc/nginx/sites-available/kuvia
|
||||||
|
dest: /etc/nginx/sites-enabled/kuvia
|
||||||
|
state: link
|
||||||
|
- name: Restart nginx
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
state: restarted
|
||||||
|
daemon_reload: no
|
||||||
|
name: nginx
|
|
@ -10,7 +10,7 @@
|
||||||
<!-- Add photos -->
|
<!-- Add photos -->
|
||||||
|
|
||||||
@foreach($images as $image)
|
@foreach($images as $image)
|
||||||
<img class="imageToReplace" src="/{{ $tenant->url }}/{{ $gallery->url }}/{{ $image->id }}/file?size=small" src-big="/{{ $tenant->url }}/{{ $gallery->url }}/{{ $image->id }}/file?size=big" data-thumb="/{{ $tenant->url }}/{{ $gallery->url }}/{{ $image->id }}/file?size=small">
|
<img class="imageToReplace" src="/{{ $tenant->url }}/{{ $gallery->url }}/{{ $image->id }}/file?size=small" data-thumb="/{{ $tenant->url }}/{{ $gallery->url }}/{{ $image->id }}/file?size=small">
|
||||||
@endforeach
|
@endforeach
|
||||||
|
|
||||||
</div>
|
</div>
|
||||||
|
@ -34,13 +34,7 @@
|
||||||
<script src="/js/photor.min.js"></script> <!-- 5 KB in gzip -->
|
<script src="/js/photor.min.js"></script> <!-- 5 KB in gzip -->
|
||||||
|
|
||||||
<script>
|
<script>
|
||||||
$(document).ready(function() {
|
|
||||||
$(".imageToReplace").each(function () {
|
|
||||||
$(this).attr("src", $(this).attr("src-big"));
|
|
||||||
});
|
|
||||||
$('.photor').photor();
|
|
||||||
|
|
||||||
});
|
|
||||||
</script>
|
</script>
|
||||||
|
|
||||||
</body>
|
</body>
|
||||||
|
|
Loading…
Reference in a new issue