remove nginx integration
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Robert Kaussow 2019-07-18 23:34:13 +02:00
parent 9b49e0c892
commit 90e20c350c
5 changed files with 0 additions and 108 deletions

View File

@ -67,23 +67,6 @@ droneci_gitea_skip_verify: False
# droneci_gitea_oauth_client_id: 1111-222-33333-44444 # defaults to not set
# droneci_gitea_oauth_client_secret: 1234abcd5678efgh # defaults to not set
droneci_tls_cert_path: droneci.pem
droneci_tls_key_path: droneci.pem
droneci_tls_cert_source: mycert.pem
droneci_tls_key_source: mykey.pem
droneci_nginx_vhost_enabled: False
droneci_nginx_tls_enabled: True
droneci_nginx_server: myinventoryname
droneci_nginx_vhost_dir: /etc/nginx/sites-available
droneci_nginx_vhost_symlink: /etc/nginx/sites-enabled
droneci_nginx_iptables_enabled: False
droneci_server_name: droneci.example.com
droneci_server_ip: 127.0.0.1
droneci_server_http_port: 8080
droneci_server_proxy_port: "{{ droneci_server_http_port }}"
droneci_server_proxy_protocol: http
# droneci_admin: # defaults to not set
# droneci_http_proxy: # defaults to not set
# droneci_https_proxy: # defaults to not set

View File

@ -7,11 +7,3 @@
listen: __drone_restart
become: True
become_user: root
- name: Reload nginx
systemd:
state: reloaded
name: nginx
listen: __nginx_reload
become: True
become_user: root

View File

@ -1,5 +1,4 @@
---
- import_tasks: prepare.yml
- import_tasks: setup.yml
- import_tasks: nginx.yml
- import_tasks: post.yml

View File

@ -1,40 +0,0 @@
---
- block:
- name: Copy certs and private key to nginx proxy
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "{{ item.mode }}"
with_items:
- { src: "{{ droneci_tls_key_source }}", dest: '/etc/pki/tls/private/{{ droneci_tls_key_path | basename }}', mode: '0600' }
- { src: "{{ droneci_tls_cert_source }}", dest: '/etc/pki/tls/certs/{{ droneci_tls_cert_path | basename }}', mode: '0750' }
loop_control:
label: "{{ item.dest }}"
delegate_to: "{{ droneci_nginx_server }}"
become: True
become_user: root
when: droneci_nginx_tls_enabled | bool
tags: tls_renewal
- block:
- name: Add vhost configuration file
template:
src: nginx/vhost.j2
dest: "{{ droneci_nginx_vhost_dir }}/droneci"
owner: root
group: root
mode: 0640
notify: __nginx_reload
- name: Enable droneci vhost
file:
src: "{{ droneci_nginx_vhost_dir }}/droneci"
dest: "{{ droneci_nginx_vhost_symlink }}/droneci"
owner: root
group: root
state: link
notify: __nginx_reload
when: droneci_nginx_vhost_symlink is defined
delegate_to: "{{ droneci_nginx_server }}"
become: True
become_user: root

View File

@ -1,42 +0,0 @@
#jinja2: lstrip_blocks: True
# {{ ansible_managed }}
upstream backend_drone {
server {{ droneci_server_ip }}:{{ droneci_server_proxy_port }};
}
server {
listen 80;
server_name {{ droneci_server_name | urlsplit('hostname') }};
{% if droneci_nginx_tls_enabled %}
return 301 https://$server_name$request_uri;
{% else %}
location / {
proxy_pass {{ droneci_server_proxy_protocol }}://backend_drone;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
{% endif %}
}
{% if droneci_nginx_tls_enabled %}
server {
listen 443 ssl;
server_name {{ droneci_server_name | urlsplit('hostname') }};
location / {
proxy_pass {{ droneci_server_proxy_protocol }}://backend_drone;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
ssl_certificate /etc/pki/tls/certs/{{ droneci_tls_key_path | basename }};
ssl_certificate_key /etc/pki/tls/private/{{ droneci_tls_key_path | basename }};
}
{% endif %}