deploy it (fixes #3)
This commit is contained in:
parent
7108652194
commit
ef90fd6f1e
2 changed files with 6 additions and 5 deletions
|
@ -1,5 +1,6 @@
|
||||||
---
|
---
|
||||||
- hosts: all
|
- hosts: all
|
||||||
|
become: yes
|
||||||
|
|
||||||
# Install python if required
|
# Install python if required
|
||||||
# https://www.josharcher.uk/code/ansible-python-connection-failure-ubuntu-server-1604/
|
# https://www.josharcher.uk/code/ansible-python-connection-failure-ubuntu-server-1604/
|
||||||
|
@ -37,14 +38,16 @@
|
||||||
- name: build the dev docker image
|
- name: build the dev docker image
|
||||||
local_action: shell cd .. && sudo docker build . -f docker/Dockerfile -t joinpeertube:latest
|
local_action: shell cd .. && sudo docker build . -f docker/Dockerfile -t joinpeertube:latest
|
||||||
register: image_build
|
register: image_build
|
||||||
|
become: no
|
||||||
|
|
||||||
- name: find hash of the new docker image
|
- name: find hash of the new docker image
|
||||||
set_fact:
|
set_fact:
|
||||||
image_hash: "{{ image_build.stdout | regex_search('(?<=Successfully built )[0-9a-f]{12}') }}"
|
image_hash: "{{ image_build.stdout | regex_search('(?<=Successfully built )[0-9a-f]{12}') }}"
|
||||||
|
|
||||||
# this does not use become so that the output file is written as non-root user and is easy to delete later
|
# this does not use become so that the output file is written as non-root user and is easy to delete later
|
||||||
- name: save dev docker image to file
|
- name: save dev docker image to file
|
||||||
local_action: shell sudo docker save joinpeertube:latest > joinpeertube-latest.tar
|
local_action: shell sudo docker save joinpeertube:latest > joinpeertube-latest.tar
|
||||||
|
become: no
|
||||||
|
|
||||||
- name: copy dev docker image to server
|
- name: copy dev docker image to server
|
||||||
copy: src=joinpeertube-latest.tar dest=/joinpeertube/joinpeertube-latest.tar
|
copy: src=joinpeertube-latest.tar dest=/joinpeertube/joinpeertube-latest.tar
|
||||||
|
@ -56,13 +59,13 @@
|
||||||
load_path: /joinpeertube/joinpeertube-latest.tar
|
load_path: /joinpeertube/joinpeertube-latest.tar
|
||||||
source: load
|
source: load
|
||||||
force_source: yes
|
force_source: yes
|
||||||
register: image_import
|
|
||||||
|
|
||||||
- name: delete remote image file
|
- name: delete remote image file
|
||||||
file: path=/joinpeertube/joinpeertube-latest.tar state=absent
|
file: path=/joinpeertube/joinpeertube-latest.tar state=absent
|
||||||
|
|
||||||
- name: delete local image file
|
- name: delete local image file
|
||||||
local_action: file path=joinpeertube-latest.tar state=absent
|
local_action: shell sudo rm joinpeertube-latest.tar
|
||||||
|
become: no
|
||||||
|
|
||||||
- name: enable and start docker service
|
- name: enable and start docker service
|
||||||
systemd:
|
systemd:
|
||||||
|
@ -74,7 +77,6 @@
|
||||||
docker_compose:
|
docker_compose:
|
||||||
project_src: /joinpeertube/
|
project_src: /joinpeertube/
|
||||||
state: present
|
state: present
|
||||||
pull: yes
|
|
||||||
|
|
||||||
- name: reload nginx with new config
|
- name: reload nginx with new config
|
||||||
shell: nginx -s reload
|
shell: nginx -s reload
|
||||||
|
|
|
@ -22,7 +22,6 @@ server {
|
||||||
ssl_prefer_server_ciphers on;
|
ssl_prefer_server_ciphers on;
|
||||||
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
|
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
|
||||||
ssl_session_timeout 10m;
|
ssl_session_timeout 10m;
|
||||||
ssl_session_cache shared:SSL:10m;
|
|
||||||
ssl_session_tickets off;
|
ssl_session_tickets off;
|
||||||
ssl_stapling on;
|
ssl_stapling on;
|
||||||
ssl_stapling_verify on;
|
ssl_stapling_verify on;
|
||||||
|
|
Loading…
Reference in a new issue