Add dokuwiki role
For an Alpine Linux VM.
This commit is contained in:
parent
4420846817
commit
02f778604c
|
|
@ -12,4 +12,4 @@ query_filters:
|
|||
- tenant: 'fri-it'
|
||||
- role: 'compute-node'
|
||||
- role: 'storage-node'
|
||||
- role: 'switch'
|
||||
- role: 'server'
|
||||
|
|
|
|||
11
roles/dokuwiki/files/default.conf
Normal file
11
roles/dokuwiki/files/default.conf
Normal file
|
|
@ -0,0 +1,11 @@
|
|||
# Handle .well-known for all domains.
|
||||
server {
|
||||
listen 80 default_server;
|
||||
listen [::]:80 default_server;
|
||||
location /.well-known/ {
|
||||
alias /srv/http/.well-known/;
|
||||
}
|
||||
location / {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
}
|
||||
33
roles/dokuwiki/files/userstyle.css
Normal file
33
roles/dokuwiki/files/userstyle.css
Normal file
|
|
@ -0,0 +1,33 @@
|
|||
a.interwiki,
|
||||
a.urlextern,
|
||||
a.windows {
|
||||
padding-left: 0 !important;
|
||||
background: none !important;
|
||||
}
|
||||
|
||||
.dokuwiki div.page {
|
||||
padding: 2em 2.5em;
|
||||
}
|
||||
|
||||
.page h2,
|
||||
.page h3,
|
||||
.page h4 {
|
||||
margin: 1em 0 0.5em;
|
||||
}
|
||||
|
||||
.page p, .page ol, .page ul {
|
||||
line-height: 1.5em;
|
||||
margin: 0 0 0.5em;
|
||||
}
|
||||
|
||||
.page code,
|
||||
.page pre {
|
||||
font-size: 0.9em;
|
||||
}
|
||||
|
||||
.page pre {
|
||||
border-color: #eee;
|
||||
box-shadow: none;
|
||||
margin: 0 1em 0.5em;
|
||||
padding: 0.25em 0.5em;
|
||||
}
|
||||
5
roles/dokuwiki/handlers/main.yml
Normal file
5
roles/dokuwiki/handlers/main.yml
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
- name: reload nginx
|
||||
service:
|
||||
name: nginx
|
||||
state: reloaded
|
||||
when: "'handler' not in ansible_skip_tags"
|
||||
69
roles/dokuwiki/tasks/main.yml
Normal file
69
roles/dokuwiki/tasks/main.yml
Normal file
|
|
@ -0,0 +1,69 @@
|
|||
- name: Set dokuwiki version
|
||||
set_fact:
|
||||
dokuwiki_version: 2023-04-04a
|
||||
|
||||
- name: Enable community package repo
|
||||
lineinfile:
|
||||
path: /etc/apk/repositories
|
||||
regexp: '^# *(http.*/v[^/]*/community)'
|
||||
line: '\1'
|
||||
backrefs: yes
|
||||
register: result
|
||||
|
||||
- name: Update package cache
|
||||
package:
|
||||
update_cache: true
|
||||
when: result.changed
|
||||
|
||||
- name: Set up nginx
|
||||
import_tasks: nginx.yml
|
||||
|
||||
- name: Set up PHP
|
||||
import_tasks: php.yml
|
||||
|
||||
- name: Install packages
|
||||
package:
|
||||
name: php-openssl,php-session,php-xml
|
||||
|
||||
- name: Get current dokuwiki version if any
|
||||
lineinfile:
|
||||
path: /srv/http/doku.fri.uni-lj.si/VERSION
|
||||
search_string: '{{ dokuwiki_version }}'
|
||||
state: absent
|
||||
check_mode: true
|
||||
changed_when: false
|
||||
register: current_version
|
||||
|
||||
- name: Install or upgrade dokuwiki
|
||||
when: 'current_version.found|default(0) == 0'
|
||||
block:
|
||||
- name: Download dokuwiki tarball
|
||||
get_url:
|
||||
url: 'https://download.dokuwiki.org/src/dokuwiki/dokuwiki-{{ dokuwiki_version }}.tgz'
|
||||
dest: /var/tmp/
|
||||
|
||||
- name: Unpack tarball
|
||||
command: 'tar xvf dokuwiki-{{ dokuwiki_version }}.tgz'
|
||||
args:
|
||||
chdir: /var/tmp
|
||||
|
||||
- name: Copy dokuwiki files
|
||||
copy:
|
||||
dest: /srv/http/doku.fri.uni-lj.si/
|
||||
src: '/var/tmp/dokuwiki-{{ dokuwiki_version }}/'
|
||||
remote_src: true
|
||||
owner: nginx
|
||||
group: nginx
|
||||
|
||||
- name: Copy user style overrides
|
||||
copy:
|
||||
dest: /srv/http/doku.fri.uni-lj.si/conf/
|
||||
src: userstyle.css
|
||||
owner: nginx
|
||||
group: nginx
|
||||
|
||||
- name: Create nginx site
|
||||
template:
|
||||
dest: /etc/nginx/http.d/doku.fri.uni-lj.si.conf
|
||||
src: doku.fri.uni-lj.si.conf.j2
|
||||
notify: reload nginx
|
||||
42
roles/dokuwiki/tasks/nginx.yml
Normal file
42
roles/dokuwiki/tasks/nginx.yml
Normal file
|
|
@ -0,0 +1,42 @@
|
|||
- name: Enable community package repo
|
||||
lineinfile:
|
||||
path: /etc/apk/repositories
|
||||
regexp: '^# *(http.*/v[^/]*/community)'
|
||||
line: '\1'
|
||||
backrefs: yes
|
||||
|
||||
- name: Install packages
|
||||
package:
|
||||
name: certbot,nginx
|
||||
|
||||
- name: Create HTTP server directories
|
||||
file:
|
||||
path: /srv/http/.well-known
|
||||
recurse: true
|
||||
state: directory
|
||||
owner: nginx
|
||||
group: nginx
|
||||
|
||||
- name: Set up default HTTP server
|
||||
copy:
|
||||
dest: /etc/nginx/http.d
|
||||
src: default.conf
|
||||
|
||||
- name: Enable nginx service
|
||||
service:
|
||||
name: nginx
|
||||
enabled: true
|
||||
state: started
|
||||
|
||||
- name: Get LE certificate
|
||||
command:
|
||||
cmd: certbot certonly --non-interactive --agree-tos --register-unsafely-without-email --webroot --webroot-path /srv/http -d doku.fri.uni-lj.si
|
||||
creates: '/etc/letsencrypt/renewal/doku.fri.uni-lj.si.conf'
|
||||
|
||||
- name: Enable certbot renewal
|
||||
cron:
|
||||
name: "certbot renew"
|
||||
job: "certbot renew --quiet"
|
||||
user: root
|
||||
hour: "2,14"
|
||||
minute: "18"
|
||||
45
roles/dokuwiki/tasks/php.yml
Normal file
45
roles/dokuwiki/tasks/php.yml
Normal file
|
|
@ -0,0 +1,45 @@
|
|||
- name: Install packages
|
||||
package:
|
||||
name: acl,php,php-fpm
|
||||
|
||||
- name: Find PHP package
|
||||
command: apk info -e php
|
||||
register: php_package
|
||||
changed_when: false
|
||||
|
||||
- name: Set PHP version
|
||||
set_fact:
|
||||
php_version: "{{ php_package.stdout | regex_search('[0-9.]+') }}"
|
||||
|
||||
- name: Set PHP-FPM settings
|
||||
lineinfile:
|
||||
path: '/etc/php{{ php_version }}/php-fpm.d/www.conf'
|
||||
regexp: '^;?{{ item.key }}\s*='
|
||||
line: '{{ item.key }} = {{ item.value }}'
|
||||
loop:
|
||||
- key: user
|
||||
value: nginx
|
||||
- key: group
|
||||
value: nginx
|
||||
- key: listen
|
||||
value: '/run/php-fpm.socket'
|
||||
- key: listen.acl_users
|
||||
value: nginx
|
||||
- key: listen.acl_groups
|
||||
value: nginx
|
||||
|
||||
- name: Set PHP settings
|
||||
lineinfile:
|
||||
path: '/etc/php{{ php_version }}/php.ini'
|
||||
regexp: '^{{ item.key }}\s*='
|
||||
line: '{{ item.key }} = {{ item.value }}'
|
||||
loop:
|
||||
- key: upload_max_filesize
|
||||
value: 200M
|
||||
notify: restart php-fpm
|
||||
|
||||
- name: Enable php-fpm service
|
||||
service:
|
||||
name: 'php-fpm{{ php_version }}'
|
||||
enabled: true
|
||||
state: started
|
||||
36
roles/dokuwiki/templates/doku.fri.uni-lj.si.conf.j2
Normal file
36
roles/dokuwiki/templates/doku.fri.uni-lj.si.conf.j2
Normal file
|
|
@ -0,0 +1,36 @@
|
|||
server {
|
||||
listen 443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
server_name doku.fri.uni-lj.si;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/doku.fri.uni-lj.si/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/doku.fri.uni-lj.si/privkey.pem;
|
||||
|
||||
client_max_body_size 100M;
|
||||
|
||||
root /srv/http/doku.fri.uni-lj.si;
|
||||
index index.php;
|
||||
|
||||
location ~ /(conf/|bin/|inc/|vendor/|install.php) { deny all; }
|
||||
location ~ ^/data/ { internal; }
|
||||
location ~ ^/lib.*\.(js|css|gif|png|ico|jpg|jpeg)$ { expires 365d; }
|
||||
|
||||
location / { try_files $uri $uri/ @dokuwiki; }
|
||||
|
||||
location @dokuwiki {
|
||||
rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
|
||||
rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
|
||||
rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
|
||||
rewrite ^/(.*) /doku.php?id=$1&$args last;
|
||||
}
|
||||
|
||||
location ~ \.php$ {
|
||||
try_files $uri $uri/ /doku.php;
|
||||
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_param REDIRECT_STATUS 200;
|
||||
fastcgi_param HTTPS on;
|
||||
fastcgi_pass unix:/run/php-fpm.socket;
|
||||
}
|
||||
}
|
||||
Loading…
Reference in a new issue