deploy it (fixes #3)

This commit is contained in:
Felix 2020-02-14 01:34:38 +01:00
parent 7108652194
commit ef90fd6f1e
2 changed files with 6 additions and 5 deletions

View file

@ -1,5 +1,6 @@
--- ---
- hosts: all - hosts: all
become: yes
# Install python if required # Install python if required
# https://www.josharcher.uk/code/ansible-python-connection-failure-ubuntu-server-1604/ # https://www.josharcher.uk/code/ansible-python-connection-failure-ubuntu-server-1604/
@ -37,14 +38,16 @@
- name: build the dev docker image - name: build the dev docker image
local_action: shell cd .. && sudo docker build . -f docker/Dockerfile -t joinpeertube:latest local_action: shell cd .. && sudo docker build . -f docker/Dockerfile -t joinpeertube:latest
register: image_build register: image_build
become: no
- name: find hash of the new docker image - name: find hash of the new docker image
set_fact: set_fact:
image_hash: "{{ image_build.stdout | regex_search('(?<=Successfully built )[0-9a-f]{12}') }}" image_hash: "{{ image_build.stdout | regex_search('(?<=Successfully built )[0-9a-f]{12}') }}"
# this does not use become so that the output file is written as non-root user and is easy to delete later # this does not use become so that the output file is written as non-root user and is easy to delete later
- name: save dev docker image to file - name: save dev docker image to file
local_action: shell sudo docker save joinpeertube:latest > joinpeertube-latest.tar local_action: shell sudo docker save joinpeertube:latest > joinpeertube-latest.tar
become: no
- name: copy dev docker image to server - name: copy dev docker image to server
copy: src=joinpeertube-latest.tar dest=/joinpeertube/joinpeertube-latest.tar copy: src=joinpeertube-latest.tar dest=/joinpeertube/joinpeertube-latest.tar
@ -56,13 +59,13 @@
load_path: /joinpeertube/joinpeertube-latest.tar load_path: /joinpeertube/joinpeertube-latest.tar
source: load source: load
force_source: yes force_source: yes
register: image_import
- name: delete remote image file - name: delete remote image file
file: path=/joinpeertube/joinpeertube-latest.tar state=absent file: path=/joinpeertube/joinpeertube-latest.tar state=absent
- name: delete local image file - name: delete local image file
local_action: file path=joinpeertube-latest.tar state=absent local_action: shell sudo rm joinpeertube-latest.tar
become: no
- name: enable and start docker service - name: enable and start docker service
systemd: systemd:
@ -74,7 +77,6 @@
docker_compose: docker_compose:
project_src: /joinpeertube/ project_src: /joinpeertube/
state: present state: present
pull: yes
- name: reload nginx with new config - name: reload nginx with new config
shell: nginx -s reload shell: nginx -s reload

View file

@ -22,7 +22,6 @@ server {
ssl_prefer_server_ciphers on; ssl_prefer_server_ciphers on;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256'; ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
ssl_session_timeout 10m; ssl_session_timeout 10m;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off; ssl_session_tickets off;
ssl_stapling on; ssl_stapling on;
ssl_stapling_verify on; ssl_stapling_verify on;