Skip to content

Latest commit

 

History

History
63 lines (50 loc) · 3.83 KB

README.md

File metadata and controls

63 lines (50 loc) · 3.83 KB

Ansible-DigitalOcean Playbooks

This is an Ansible playbook used for managing my website www.antonioalaniz.com. This was tested against Ubuntu 16.04 (Xenial) using Vagrant and pushed live to DigitalOcean.

Playbooks

  • provision.yml: Updates the apt repo and installs Python2
  • setup-vagrant.yml: Creates a non-root user and group, elevates sudo permissions, allows passwordless sudo. These tasks are also available in the common-vagrant role listed below
  • dev-deploy.yml and live-deploy.yml: installs pelican, nginx, sets up firewall rules for live and development machines
  • dev-update-blog.yml and live-update-blog.yml: deletes and re-installs the blogs to update new entries. This playbook does not perform the the common-vagrant, pelican-nginx, ansible-nginx and wtanaka.certbot roles.

Roles

These playbooks utilize the following roles:

  • ansible-ufw: closes the firewall and allows only the access_ports listed in the variables below
  • common-vagrant: a series of common tasks to set up the Vagrant environment for testing
  • pelican-nginx: a role for setting up Pelican to work with nginx
  • pelican-vagrant: adds Pelican to a Vagrant or live Digitalocean droplet
  • wtanaka.certbot: a role by Wesley Tanaka that automates letsencrypt certificate generation

Variables

  • home_dir: home directory for the non-root user
  • pelican_env: directory where virtualenv is installed
  • pelican_themes: location of pelican themes to be installed
  • web_root: /var/www/antonioalaniz.com
  • blog_repo: https://github.com/talaniz/antonioalaniz.com.git
  • nginx: location of nginx
  • blog_template_dir: location of the blog template in `{{pelican_themes}}``
  • files_dir: directory containing all files to be copied to the remote machine
  • templates_dir: directory containing all templates to be copied
  • domain: website domain (ex. antonioalaniz.com)
  • www_domain: domain with www added (ex. www.antonioalaniz.com)
  • access_ports: ports to be opened on the firewall
  • ssh_port: port to connect to the remote machine via ssh
  • email: an email address to be used to generate certifications (dev only)
  • ssl_cert: location letsencrypt generates the ssl certificate--/etc/letsencrypt/live/{{www_domain}}/fullchain.pem
  • ssl_cert_key: location letsencrypt generates the ssl certificate /etc/letsencrypt/live/{{domain}}/privkey.pem
  • letsencrypt_email: an email address to be used to generate certifications (live only)
  • letsencrypt_webroot: location of web root for letsencrypt to generate cert
  • letsencrypt_fake_key: If set to true (dev only), the letsencrypt role will copy fake pem files instead of generating a certificate
  • letsencrypt_renew_by_default: option to renew letsencrypt certificates
  • letsencrypt_domains: domains letsencrypt will use to generate certificates
  • google_analytics: Google Analytics ID to use for tracking

Installation

  1. Clone the repository: git clone https://github.com/talaniz/ansible-pelican.git
  2. Install requirements: pip install -r requirements.txt
  3. Create a variables file and populate the variables above
  4. Install roles: mkdir roles && cd roles, then clone/install roles--
  5. Use the Vagrantfile to create the virtual environment: vagrant up
  6. Run the dev-deploy.yml file: ansible-playbook playbooks/dev-deploy.yml

To Do:

  • Clean up files and templates to only include used files (some included for development)