Add unifi role
And server.
This commit is contained in:
parent
73555d2fd7
commit
e95603fda9
10
roles/unifi/handlers/main.yml
Normal file
10
roles/unifi/handlers/main.yml
Normal file
|
|
@ -0,0 +1,10 @@
|
||||||
|
- name: reload nginx
|
||||||
|
service:
|
||||||
|
name: nginx
|
||||||
|
state: reloaded
|
||||||
|
when: "'handler' not in ansible_skip_tags"
|
||||||
|
|
||||||
|
- name: update package cache
|
||||||
|
package:
|
||||||
|
update_cache: yes
|
||||||
|
when: "'handler' not in ansible_skip_tags"
|
||||||
35
roles/unifi/tasks/main.yml
Normal file
35
roles/unifi/tasks/main.yml
Normal file
|
|
@ -0,0 +1,35 @@
|
||||||
|
- name: Add MongoDB repository
|
||||||
|
deb822_repository:
|
||||||
|
name: mongodb
|
||||||
|
uris: http://repo.mongodb.org/apt/debian
|
||||||
|
suites: '{{ ansible_distribution_release }}/mongodb-org/{{ mongodb_version }}'
|
||||||
|
components: main
|
||||||
|
architectures: amd64
|
||||||
|
signed_by: https://www.mongodb.org/static/pgp/server-{{ mongodb_version }}.asc
|
||||||
|
|
||||||
|
- name: Add Unifi repository
|
||||||
|
deb822_repository:
|
||||||
|
name: unifi
|
||||||
|
uris: https://www.ui.com/downloads/unifi/debian
|
||||||
|
suites: stable
|
||||||
|
components: ubiquiti
|
||||||
|
architectures: amd64
|
||||||
|
signed_by: https://dl.ui.com/unifi/unifi-repo.gpg
|
||||||
|
|
||||||
|
- name: Install unifi
|
||||||
|
package:
|
||||||
|
name: unifi
|
||||||
|
update_cache: yes
|
||||||
|
|
||||||
|
- name: Set up nginx site
|
||||||
|
template:
|
||||||
|
dest: '/etc/nginx/sites-available/unifi.conf'
|
||||||
|
src: 'nginx.conf.j2'
|
||||||
|
notify: reload nginx
|
||||||
|
|
||||||
|
- name: Enable nginx site
|
||||||
|
file:
|
||||||
|
dest: /etc/nginx/sites-enabled/unifi.conf
|
||||||
|
src: /etc/nginx/sites-available/unifi.conf
|
||||||
|
state: link
|
||||||
|
notify: reload nginx
|
||||||
21
roles/unifi/templates/nginx.conf.j2
Normal file
21
roles/unifi/templates/nginx.conf.j2
Normal file
|
|
@ -0,0 +1,21 @@
|
||||||
|
server {
|
||||||
|
listen 443 ssl;
|
||||||
|
listen [::]:443 ssl;
|
||||||
|
server_name {{ dns_name }};
|
||||||
|
|
||||||
|
ssl_certificate /etc/letsencrypt/live/{{ dns_name }}/fullchain.pem;
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/{{ dns_name }}/privkey.pem;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
proxy_pass https://localhost:8443;
|
||||||
|
proxy_buffering off;
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
|
||||||
|
|
||||||
|
# for websockets
|
||||||
|
proxy_set_header Connection "Upgrade";
|
||||||
|
proxy_set_header Upgrade $http_upgrade;
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Reference in a new issue