From 66546f05f0d337eedf95102ed80a6ca6e211f854 Mon Sep 17 00:00:00 2001 From: Eric Hocking Date: Fri, 18 Oct 2019 12:33:15 -0400 Subject: [PATCH] add centos ansible file --- peertube-centos.yml | 133 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 133 insertions(+) create mode 100644 peertube-centos.yml diff --git a/peertube-centos.yml b/peertube-centos.yml new file mode 100644 index 0000000..9478812 --- /dev/null +++ b/peertube-centos.yml @@ -0,0 +1,133 @@ +--- +- hosts: all + + # Install python if required + # https://www.josharcher.uk/code/ansible-python-connection-failure-ubuntu-server-1604/ + gather_facts: False + pre_tasks: + - name: install python for Ansible + raw: test -e /usr/bin/python || (yum -y update && yum install -y python-minimal python-setuptools) + args: + executable: /bin/bash + register: output + changed_when: output.stdout != "" + - setup: # gather facts + + tasks: + - name: Install epel-release + yum: + name: epel-release + state: latest + + - name: Install yum utils + yum: + name: yum-utils + state: latest + + - name: Install device-mapper-persistent-data + yum: + name: device-mapper-persistent-data + state: latest + + - name: Install lvm2 + yum: + name: lvm2 + state: latest + + - name: Add Docker repo + get_url: + url: https://download.docker.com/linux/centos/docker-ce.repo + dest: /etc/yum.repos.d/docer-ce.repo + become: yes + + - name: Install Docker + package: + name: docker-ce + state: latest + become: yes + + - name: Start Docker service + service: + name: docker + state: started + enabled: yes + become: yes + + - name: Install Python PIP + yum: + name: python-pip + state: latest + become: yes + + - name: Install Docker Compose + command: "pip install docker-compose" + + - name: Install certbot + yum: + name: certbot + state: latest + + - name: create peertube folder + file: path={{item.path}} state=directory + with_items: + - { path: '/peertube/volumes/' } + - { path: '/peertube/volumes/certbot/' } + - { path: '/peertube/volumes/config/' } + + - name: add all template files + template: src={{item.src}} dest={{item.dest}} + with_items: + - { src: 'templates/docker-compose.yml', dest: '/peertube/docker-compose.yml' } + - { src: 'templates/env', dest: '/peertube/.env' } + - { src: 'templates/nginx.conf', dest: '/peertube/nginx.conf' } + vars: + postgres_password: "{{ lookup('password', 'passwords/{{ inventory_hostname }}/postgres chars=ascii_letters,digits') }}" + + - name: set env file permissions + file: + path: "/peertube/.env" + state: touch + mode: 0600 + access_time: preserve + modification_time: preserve + + - name: add peertube config + get_url: + url: https://github.com/Chocobozzz/PeerTube/blob/develop/support/docker/production/config/production.yaml + dest: /peertube/volumes/config/production.yaml + mode: 0644 + force: no + + - name: request letsencrypt certificates + command: certbot certonly --standalone --agree-tos -d '{{ domain }}' -m '{{ letsencrypt_contact_email }}' + args: + creates: '/etc/letsencrypt/live/{{domain}}/privkey.pem' + + - name: enable and start docker service + systemd: + name: docker + enabled: yes + state: started + + - name: start docker-compose + docker_compose: + project_src: /peertube/ + state: present + pull: yes + + - name: renew certbot certificates + cron: + special_time=daily + name=certbot-renew + user=root + job="certbot certonly --webroot --webroot-path=/peertube/volumes/certbot/ -d '{{ domain }}' --deploy-hook 'docker-compose -f /peertube/docker-compose.yml exec nginx nginx -s reload'" + + - name: fetch root password + shell: "docker-compose -f /peertube/docker-compose.yml logs peertube | grep 'User password' | awk 'NF{ print $NF }'" + register: password + changed_when: False + + - name: print root password + debug: + msg: "The admin login is user=root, password={{ password.stdout }}" + when: password.stdout != ""