Compare commits
11 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| e36173b079 | |||
| 575eaea422 | |||
| 8ea91004f8 | |||
| 6844d05974 | |||
| d8371a0973 | |||
| 4621000ce1 | |||
| f030228008 | |||
| d953531bf8 | |||
| 7c6851eabc | |||
| 6dd2d19fc8 | |||
| e8c0745257 |
@ -21,11 +21,11 @@ services:
|
||||
image: nextcloud
|
||||
restart: always
|
||||
ports:
|
||||
- 8080:80
|
||||
- 5678:80
|
||||
links:
|
||||
- db
|
||||
volumes:
|
||||
- nextcloud:/var/www/html
|
||||
- ./nextcloud:/var/www/html
|
||||
environment:
|
||||
- MYSQL_PASSWORD=root
|
||||
- MYSQL_DATABASE=nextcloud
|
||||
|
||||
100
roles/docker-nextcloud/files/proxy
Normal file
100
roles/docker-nextcloud/files/proxy
Normal file
@ -0,0 +1,100 @@
|
||||
##
|
||||
# You should look at the following URL's in order to grasp a solid understanding
|
||||
# of Nginx configuration files in order to fully unleash the power of Nginx.
|
||||
# https://www.nginx.com/resources/wiki/start/
|
||||
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
|
||||
# https://wiki.debian.org/Nginx/DirectoryStructure
|
||||
#
|
||||
# In most cases, administrators will remove this file from sites-enabled/ and
|
||||
# leave it as reference inside of sites-available where it will continue to be
|
||||
# updated by the nginx packaging team.
|
||||
#
|
||||
# This file will automatically load configuration files provided by other
|
||||
# applications, such as Drupal or Wordpress. These applications will be made
|
||||
# available underneath a path with that package name, such as /drupal8.
|
||||
#
|
||||
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
|
||||
##
|
||||
|
||||
# Default server configuration
|
||||
#
|
||||
server {
|
||||
listen 8080 default_server;
|
||||
listen [::]:8080 default_server;
|
||||
|
||||
location / {
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_pass http://localhost:5678;
|
||||
proxy_connect_timeout 900;
|
||||
proxy_send_timeout 900;
|
||||
proxy_read_timeout 900;
|
||||
}
|
||||
|
||||
# SSL configuration
|
||||
#
|
||||
# listen 443 ssl default_server;
|
||||
# listen [::]:443 ssl default_server;
|
||||
#
|
||||
# Note: You should disable gzip for SSL traffic.
|
||||
# See: https://bugs.debian.org/773332
|
||||
#
|
||||
# Read up on ssl_ciphers to ensure a secure configuration.
|
||||
# See: https://bugs.debian.org/765782
|
||||
#
|
||||
# Self signed certs generated by the ssl-cert package
|
||||
# Don't use them in a production server!
|
||||
#
|
||||
# include snippets/snakeoil.conf;
|
||||
|
||||
# root /var/www/html;
|
||||
|
||||
# Add index.php to the list if you are using PHP
|
||||
# index index.html index.htm index.nginx-debian.html;
|
||||
|
||||
# server_name _;
|
||||
|
||||
# location / {
|
||||
# First attempt to serve request as file, then
|
||||
# as directory, then fall back to displaying a 404.
|
||||
# try_files $uri $uri/ =404;
|
||||
# }
|
||||
|
||||
# pass PHP scripts to FastCGI server
|
||||
#
|
||||
#location ~ \.php$ {
|
||||
# include snippets/fastcgi-php.conf;
|
||||
#
|
||||
# # With php-fpm (or other unix sockets):
|
||||
# fastcgi_pass unix:/run/php/php7.3-fpm.sock;
|
||||
# # With php-cgi (or other tcp sockets):
|
||||
# fastcgi_pass 127.0.0.1:9000;
|
||||
#}
|
||||
|
||||
# deny access to .htaccess files, if Apache's document root
|
||||
# concurs with nginx's one
|
||||
#
|
||||
#location ~ /\.ht {
|
||||
# deny all;
|
||||
#}
|
||||
}
|
||||
|
||||
|
||||
# Virtual Host configuration for example.com
|
||||
#
|
||||
# You can move that to a different file under sites-available/ and symlink that
|
||||
# to sites-enabled/ to enable it.
|
||||
#
|
||||
#server {
|
||||
# listen 80;
|
||||
# listen [::]:80;
|
||||
#
|
||||
# server_name example.com;
|
||||
#
|
||||
# root /var/www/example.com;
|
||||
# index index.html;
|
||||
#
|
||||
# location / {
|
||||
# try_files $uri $uri/ =404;
|
||||
# }
|
||||
#}
|
||||
@ -2,27 +2,42 @@
|
||||
- name: Installation des paquets python-mysqldb mariadb-server
|
||||
apt:
|
||||
name:
|
||||
- python-mysqldb
|
||||
- mariadb-server
|
||||
- python3-mysqldb
|
||||
- mariadb-server
|
||||
- python3-passlib
|
||||
- python3-pymysql
|
||||
state: present
|
||||
|
||||
- name: python3 par defaut
|
||||
alternatives:
|
||||
link: /usr/bin/python
|
||||
name: python
|
||||
path: /usr/bin/python3
|
||||
priority: 10
|
||||
|
||||
- name: Create mysql database
|
||||
mysql_db:
|
||||
name: "{{ maria_dbname }}"
|
||||
state: present
|
||||
login_unix_socket: /var/run/mysqld_mysqld.sock
|
||||
login_unix_socket: /var/run/mysqld/mysqld.sock
|
||||
|
||||
- name: Creation de l'utilisateur mysql avec tous les privileges
|
||||
mysql_user:
|
||||
name: "{{ maria_dbuser }}"
|
||||
password: "{{ maria_dbpasswd }}"
|
||||
priv: "*.*:ALL,GRANT"
|
||||
priv: '*.*:ALL,GRANT'
|
||||
login_unix_socket: /var/run/mysqld/mysqld.sock
|
||||
with_items:
|
||||
- 127.0.0.1
|
||||
- "127.0.0.1"
|
||||
# - ::1
|
||||
# - localhost
|
||||
|
||||
- name: Copie du fichier my.cnf pour autorises toutes les adresses sur le port 3306
|
||||
copy : src=my.cnf dest=/etc/mysql/
|
||||
copy:
|
||||
src: my.cnf
|
||||
dest: /etc/mysql/
|
||||
|
||||
- name: Redemarrage du service mariadb
|
||||
shell: service mariadb restart
|
||||
service:
|
||||
name: mariadb
|
||||
state: restarted
|
||||
|
||||
@ -1,6 +1,5 @@
|
||||
# This file describes the network interfaces available on your system
|
||||
# and how to activate them. For more information, see interfaces(5).
|
||||
|
||||
# The loopback network interface
|
||||
#auto lo
|
||||
#iface lo inet loopback
|
||||
@ -22,8 +21,11 @@ allow-hotplug enp0s9
|
||||
iface enp0s9 inet static
|
||||
address 192.168.1.2
|
||||
netmask 255.255.255.0
|
||||
up route add -net 172.16.128.0/24 gw 192.168.1.2
|
||||
post-up /usr/sbin/ip route add 172.16.128.0/24 via 192.168.1.2
|
||||
post-up /usr/sbin/ip route add 172.16.0.0/24 via 192.168.1.1
|
||||
post-up /usr/sbin/ip route add 192.168.200.0/24 via 192.168.1.1
|
||||
|
||||
# up route add -net 172.16.128.0/24 gw 192.168.0.52
|
||||
# up route add default gw 192.168.1.1
|
||||
# post-up /bin/bash /root/iptables-vpn
|
||||
post-up /etc/init.d/ipsec restart
|
||||
post-up /etc/init.d/ipsec restart
|
||||
|
||||
@ -1,6 +1,5 @@
|
||||
# This file describes the network interfaces available on your system
|
||||
# and how to activate them. For more information, see interfaces(5).
|
||||
|
||||
# The loopback network interface
|
||||
#auto lo
|
||||
#iface lo inet loopback
|
||||
@ -22,7 +21,9 @@ allow-hotplug enp0s9
|
||||
iface enp0s9 inet static
|
||||
address 192.168.0.52
|
||||
netmask 255.255.255.0
|
||||
# up route add -net 192.168.1.0/24 gw 172.16.128.254
|
||||
up route add -net 192.168.1.0/24 gw 192.168.0.52
|
||||
post-up /usr/sbin/ip route add 192.168.1.0/24 via 172.16.128.254/24
|
||||
post-up /usr/sbin/ip route add 172.16.0.0/24 via 172.16.128.254/24
|
||||
|
||||
# up route add -net 192.168.1.0/24 gw 192.168.0.52
|
||||
# post-up /bin/bash /root/iptables-vpn
|
||||
post-up /etc/init.d/ipsec restart
|
||||
post-up /etc/init.d/ipsec restart
|
||||
|
||||
@ -9,3 +9,6 @@ iface lo inet loopback
|
||||
allow-hotplug enp0s3
|
||||
iface enp0s3 inet dhcp
|
||||
|
||||
allow-hotplug enp0s8
|
||||
iface enp0s8 inet dhcp
|
||||
|
||||
|
||||
@ -44,7 +44,7 @@ backend fermeweb
|
||||
#option httpchk HEAD / HTTP/1.0
|
||||
server s-lb-web1 192.168.101.1:80 check
|
||||
server s-lb-web2 192.168.101.2:80 check
|
||||
|
||||
# server s-lb-web3 192.168.101.2:80 check
|
||||
|
||||
listen stats
|
||||
bind *:8080
|
||||
|
||||
@ -4,7 +4,7 @@ apt-get update && apt-get upgrade -y
|
||||
# Install MySQL Server in a Non-Interactive mode. Default root password will be "root"
|
||||
echo "mysql-server mysql-server/root_password password root" | debconf-set-selections
|
||||
echo "mysql-server mysql-server/root_password_again password root" | debconf-set-selections
|
||||
apt-get -y install mariadb-server
|
||||
apt-get -y install mysql-server
|
||||
|
||||
|
||||
# Run the MySQL Secure Installation wizard
|
||||
|
||||
@ -25,6 +25,14 @@
|
||||
- {'regexp': "define\\('DB_USER', '(.)+'\\);", 'line': "define('DB_USER', '{{wp_mysql_user}}');"}
|
||||
- {'regexp': "define\\('DB_PASSWORD', '(.)+'\\);", 'line': "define('DB_PASSWORD', '{{wp_mysql_password}}');"}
|
||||
|
||||
|
||||
- name: Attributions des permissions
|
||||
file:
|
||||
path: /home/wordpress
|
||||
recurse: yes
|
||||
owner: 33
|
||||
group: 33
|
||||
|
||||
# - name: Fix permissions
|
||||
# shell: chown -R www-data /var/www/wordpress/*
|
||||
#
|
||||
|
||||
@ -7,7 +7,7 @@ conn tunnel #
|
||||
left=192.168.0.52
|
||||
leftsubnet=172.16.128.0/24
|
||||
right=192.168.0.51
|
||||
rightsubnet=192.168.0.0/16, 172.16.0.0/24
|
||||
rightsubnet=192.168.1.0/24, 192.168.200.0/24, 172.16.0.0/24
|
||||
ike=aes256-sha2_256-modp1024!
|
||||
esp=aes256-sha2_256!
|
||||
keyingtries=0
|
||||
@ -20,3 +20,4 @@ conn tunnel #
|
||||
auto=start
|
||||
keyexchange=ikev2
|
||||
type=tunnel
|
||||
#
|
||||
|
||||
@ -5,7 +5,7 @@ config setup
|
||||
conn %default
|
||||
conn tunnel #
|
||||
left=192.168.0.51
|
||||
leftsubnet=192.168.0.0/16, 172.16.0.0/24
|
||||
leftsubnet=192.168.1.0/24, 192.168.200.0/24, 172.16.0.0/24
|
||||
right=192.168.0.52
|
||||
rightsubnet=172.16.128.0/24
|
||||
ike=aes256-sha2_256-modp1024!
|
||||
@ -20,3 +20,4 @@ conn tunnel #
|
||||
auto=start
|
||||
keyexchange=ikev2
|
||||
type=tunnel
|
||||
#
|
||||
|
||||
Reference in New Issue
Block a user