Disroot-Ansible
/
grav
10
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

first commit

This commit is contained in:
meaz 2023-05-19 22:18:34 +02:00
commit f0d2aa6158
Signed by: meaz
GPG Key ID: CD7A47B2F1ED43B4
17 changed files with 693 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
.vagrant
*.log

19
LICENSE Normal file
View File

@ -0,0 +1,19 @@
MIT License Copyright (c) 2021 "Stichting Disroot.org"
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is furnished
to do so, subject to the following conditions:
The above copyright notice and this permission notice (including the next
paragraph) shall be included in all copies or substantial portions of the
Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS
OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF
OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

13
Playbooks/grav.yml Normal file
View File

@ -0,0 +1,13 @@
---
- hosts: grav
roles:
- nginx
- php-fpm
- grav
vars_files:
- ../defaults/main.yml
#- ../defaults/disroot.yml

28
README.md Normal file
View File

@ -0,0 +1,28 @@
# Grav - Ansible Role
This role covers deployment, configuration and software updates of Grav. This role is released under MIT Licence and we give no warranty for this piece of software. Currently supported OS - Debian.
The role allows to install grav's modules.
You can deploy test instance using `Vagrantfile` attached to the role.
`vagrant up`
`ansible-playbook -b Playbooks/grav.yml`
Then you can then access your website from your computer on `https://192.168.33.15:443`
You can also add `192.168.33.15 mywebsite.lan` to `/etc/hosts` on your computer. Then you can access your website from your computer on `https://mywebsite.lan`
## Disroot website and Howto
If you want to deploy Disroot website and Howto, go to `Playbooks/grav.yml` and uncomment `#- ../defaults/disroot.yml`.
Then, run the role again `ansible-playbook -b Playbooks/grav.yml`.
Edit `/etc/hosts` on your computer on add:
```
192.168.33.15 howto.disroot.lan
192.168.33.15 disroot.lan
```
You can now access Disroot website from your computer on `https://disroot.lan` and Howto website on `https://howto.disroot.lan`

20
Vagrantfile vendored Normal file
View File

@ -0,0 +1,20 @@
# -*- mode: ruby -*-
# vi: set ft=ruby :
# All Vagrant configuration is done below. The "2" in Vagrant.configure
# configures the configuration version (we support older styles for
# backwards compatibility). Please don't change it unless you know what
# you're doing.
Vagrant.configure("2") do |config|
#config.ssh.insert_key = false
config.vm.define "grav" do |grav|
grav.vm.box = "generic/debian11"
grav.vm.provider :libvirt do |libvirt|
libvirt.memory = 256
end
grav.vm.network "forwarded_port", guest: 80, host: 8888, host_ip: "192.168.33.15"
grav.vm.network "forwarded_port", guest: 443, host: 4443, host_ip: "192.168.33.15"
grav.vm.network "private_network", ip: "192.168.33.15"
config.vm.provision "shell", inline: "apt install acl"
end
end

125
defaults/disroot.yml Normal file
View File

@ -0,0 +1,125 @@
---
# Repos
## site_hostname: the main name of your website root, where you'll download pages, theme, etc.
## folder_name: whatever you want as a name for your repo/folder
## type: can be pages or theme. "pages" means that this repo will the main website, not a sub folder like theme
## repo: the url of your git repo.
## modules: list of modules you want to install with gpm. If no modules is to be set, add [], otherwise it throws an error
grav_already_modules_installed: 'false' # set to true after 1st installation
grav_website_repo:
- site_hostname: disroot.lan
repo: 'https://git.disroot.org/Disroot/Website.git'
modules:
- name: themer
- name: form
- name: language-selector
config: 'true'
site_name: "Disroot"
theme_name: "disroot"
- site_hostname: howto.disroot.lan
site_name: "Disroot Howto"
repo: 'https://git.disroot.org/Disroot/Howto.git'
modules:
- name: themer
- name: simplesearch
- name: relatedpages
- name: breadcrumbs
- name: page-toc
- name: language-selector
config: 'true'
- name: tagcloud
site_name: "Disroot Howto"
theme_name: "grav-theme-howto"
grav_website_theme:
- site_hostname: disroot.lan
theme_name: disroot
repo: 'https://git.disroot.org/Disroot-themes/grav-theme-disroot.git'
- site_hostname: howto.disroot.lan
theme_name: grav-theme-howto
repo: 'https://git.disroot.org/Disroot-themes/grav-theme-howto.git'
- site_hostname: disroot.lan
theme_name: disrootblog
repo: 'https://git.disroot.org/Disroot-themes/grav-theme-disrootblog.git'
grav_website_specific_pages:
- site_hostname: disroot.lan
folder_name: changelog
repo: 'https://git.disroot.org/Disroot/CHANGELOG.git'
symlink_from_path: "CHANGELOG"
symlink_to_path: "changelog/_main/fullbar.en.md"
- site_hostname: disroot.lan
folder_name: pp
repo: 'https://git.disroot.org/Disroot/Disroot-Privacy-Policy.git'
symlink_from_path:
symlink_to_path: "privacy_policy/_pp"
- site_hostname: disroot.lan
folder_name: tos
symlink_from_path:
symlink_to_path: "tos/_tos"
repo: 'https://git.disroot.org/Disroot/Disroot-ToS.git'
# Modules vars
## language-selector vars
grav_language_selector_enabled: 'true'
grav_language_selector_button: 'name'
grav_language_selector_select: 'name'
#NGINX SETUP
nginx_default_vhost_ssl: 'disroot.lan'
nginx_default_vhost: 'disroot.lan'
nginx_HSTS_policy: 'true'
nginx_vhosts:
- name: 'disroot.lan'
template: 'grav'
proto: 'https'
listen: '443'
root: 'disroot.lan/site'
index: 'index.php'
ssl_name: 'disroot.lan'
use_access_log: 'false'
use_error_log: 'true'
nginx_error_log_level: 'warn'
header_robot: 'none'
nginx_HSTS_policy: 'none'
header_xframe: 'none'
header_referrer: 'none'
secure_site: 'none'
upstream_params:
- 'fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;'
- 'fastcgi_index index.php;'
- 'include /etc/nginx/fastcgi_params;'
- 'fastcgi_pass unix:{{ pool_listen }};'
state: 'enable'
letsencrypt: 'false'
selfsigned: 'true'
- name: 'howto.disroot.lan'
template: 'grav'
proto: 'https'
listen: '443'
root: 'howto.disroot.lan/site'
index: 'index.php'
ssl_name: 'howto.disroot.lan'
use_access_log: 'false'
use_error_log: 'true'
nginx_error_log_level: 'warn'
header_robot: 'none'
nginx_HSTS_policy: 'none'
header_xframe: 'none'
header_referrer: 'none'
secure_site: 'none'
upstream_params:
- 'fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;'
- 'fastcgi_index index.php;'
- 'include /etc/nginx/fastcgi_params;'
- 'fastcgi_pass unix:{{ pool_listen }};'
state: 'enable'
letsencrypt: 'false'
selfsigned: 'true'

112
defaults/main.yml Normal file
View File

@ -0,0 +1,112 @@
---
grav_pkg:
- dialog
- ca-certificates
- apt-transport-https
- composer
grav_tmp_dir: '/tmp/vagrant'
grav_path: '/var/www'
grav_user: 'www-data'
grav_group: 'www-data'
grav_version: '1.7.41.1'
grav_download_url: 'https://github.com/getgrav/grav/releases/download/{{ grav_version }}/grav-v{{ grav_version }}.zip'
# Repos
## site_hostname: the main name of your website root, where you'll download pages, theme, etc.
## folder_name: whatever you want as a name for your repo/folder
## type: can be pages or theme. "pages" means that this repo will the main website, not a sub folder like theme
## repo: the url of your git repo.
## modules: list of modules you want to install with gpm. If no modules is to be set, add [], otherwise it throws an error
grav_modules_already_installed: 'false' # set to true after 1st installation
# If you have a git repo with your pages you can set it with the following:
grav_website_repo:
- site_hostname: mywebsite.lan
#repo:
modules:
- name: themer
- name: language-selector
config: 'true'
site_name: "My Website"
theme_name: quark # the default is quark
# If you have a repo with a theme you can set it with the following:
grav_website_theme:
# - site_hostname:
# theme_name:
# repo:
# If you have other repos, for exemple specific pages, you can set those with the following:
grav_website_specific_pages:
# - site_hostname:
# folder_name:
# repo:
# symlink_from_path:
# symlink_to_path:
# Modules vars
## language-selector vars
grav_language_selector_enabled: 'true'
grav_language_selector_button: 'name'
grav_language_selector_select: 'name'
# PHP Vars
php_version: '8.0'
php_etc_path: '/etc/php'
install_php: 'true'
pool_listen: '/var/run/php/php{{ php_version }}-fpm.sock'
php_pkgs:
- php{{ php_version }}-cli
- php{{ php_version }}-curl
- php{{ php_version }}-curl
- php{{ php_version }}-dom
- php{{ php_version }}-gd
- php{{ php_version }}-mbstring
- php{{ php_version }}-simplexml
- php{{ php_version }}-xml
- php{{ php_version }}-zip
- php{{ php_version }}-fpm
- php{{ php_version }}-apcu
- php{{ php_version }}-opcache
- php{{ php_version }}-yaml
#NGINX SETUP
## Needed for self signed
ssl_src_path: '/etc/letsencrypt/live'
nginx_gen_dh: 'true'
nginx_dh_length: 2048
nginx_default_vhost_ssl: 'mywebsite.lan'
nginx_default_vhost: 'mywebsite.lan'
nginx_HSTS_policy: 'true'
nginx_vhosts:
- name: 'mywebsite.lan'
template: 'grav'
proto: 'https'
listen: '443'
root: 'mywebsite.lan/site'
index: 'index.php'
ssl_name: 'mywebsite.lan'
use_access_log: 'false'
use_error_log: 'true'
nginx_error_log_level: 'warn'
header_robot: 'none'
nginx_HSTS_policy: 'none'
header_xframe: 'none'
header_referrer: 'none'
secure_site: 'none'
upstream_params:
- 'fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;'
- 'fastcgi_index index.php;'
- 'include /etc/nginx/fastcgi_params;'
- 'fastcgi_pass unix:{{ pool_listen }};'
state: 'enable'
letsencrypt: 'false'
selfsigned: 'true'

13
tasks/configure.yml Normal file
View File

@ -0,0 +1,13 @@
---
- name: '[Config] - Deploy Grav system config file'
template:
src: 'user/config/system.yaml.j2'
dest: '{{ grav_path }}/{{ item.site_hostname }}/site/user/config/system.yaml'
loop: "{{ grav_website_repo }}"
- name: '[Config] - Deploy Grav site config file'
template:
src: 'user/config/site.yaml.j2'
dest: '{{ grav_path }}/{{ item.site_hostname }}/site/user/config/site.yaml'
loop: "{{ grav_website_repo }}"

33
tasks/install.yml Normal file
View File

@ -0,0 +1,33 @@
---
- name: '[Install] - Create tmp dir'
file:
path: '{{ grav_tmp_dir }}'
state: directory
owner: '{{ grav_user }}'
group: '{{ grav_group }}'
- name: '[Install] - Download and unarchive release'
unarchive:
src: '{{ grav_download_url }}'
dest: '{{ grav_tmp_dir }}'
remote_src: yes
owner: '{{ grav_user }}'
group: '{{ grav_group }}'
- name: '[Install] - Create Websites dir'
file:
path: '{{ grav_path }}/{{ item.site_hostname }}'
state: directory
owner: '{{ grav_user }}'
group: '{{ grav_group }}'
loop: "{{ grav_website_repo }}"
- name: '[Install] - Copy grav to websites dirs'
copy:
remote_src: true
src: '{{ grav_tmp_dir }}/grav/'
dest: '{{ grav_path }}/{{ item.site_hostname }}/site'
owner: '{{ grav_user }}'
group: '{{ grav_group }}'
loop: "{{ grav_website_repo }}"

6
tasks/installdeps.yml Normal file
View File

@ -0,0 +1,6 @@
---
- name: '[INSTALLDEPS] - Install dependencies'
apt:
name: "{{ grav_pkg }}"
update_cache: yes

23
tasks/main.yml Normal file
View File

@ -0,0 +1,23 @@
---
- name: "[GRAV]- Install dependencies"
include_tasks: installdeps.yml
- name: "[GRAV] - Install grav"
include_tasks: install.yml
- name: "[GRAV] - Configure"
include_tasks: configure.yml
- name: "[GRAV] - Install modules"
include_tasks: modules.yml
- name: "[GRAV] - Deploy Website repos"
include_tasks: website_repos.yml
when: item.repo is defined
loop: "{{ grav_website_repo }}"
- name: "[GRAV] - Deploy Website sub repos"
include_tasks: sub_repos.yml
when: item.repo is defined
loop: "{{ grav_website_repo }}"

34
tasks/modules.yml Normal file
View File

@ -0,0 +1,34 @@
---
- name: "[Modules] - Install modules"
shell:
cmd: 'yes | bin/gpm install {{ item.1.name }}'
chdir: '{{ grav_path }}/{{ item.0.site_hostname }}/site'
become: yes
become_user: "{{ grav_user }}"
loop: "{{ grav_website_repo|subelements('modules', skip_missing=True) }}"
when: grav_modules_already_installed == 'false'
- name: "[Modules] - Create plugins dir"
file:
path: '{{ grav_path }}/{{ item.site_hostname }}/site/user/config/plugins/'
state: directory
owner: '{{ grav_user }}'
group: '{{ grav_group }}'
loop: "{{ grav_website_repo }}"
- name: "[Modules] - Deploy modules config"
template:
src: 'user/plugins/{{ item.1.name }}/{{ item.1.name }}.yaml.j2'
dest: '{{ grav_path }}/{{ item.0.site_hostname }}/site/user/config/plugins/{{ item.1.name }}.yaml'
loop: "{{ grav_website_repo|subelements('modules', skip_missing=True) }}"
when: item.1.config is defined and grav_modules_already_installed == 'false'
- name: "[Modules] - Update installed modules"
shell:
cmd: 'yes | bin/gpm update {{ item.1.name }}'
chdir: '{{ grav_path }}/{{ item.0.site_hostname }}/site'
become: yes
become_user: "{{ grav_user }}"
loop: "{{ grav_website_repo|subelements('modules', skip_missing=True) }}"
when: grav_modules_already_installed == 'true'

38
tasks/sub_repos.yml Normal file
View File

@ -0,0 +1,38 @@
---
- name: "[Sub Repos] - Git clone Website theme repos"
git:
repo: "{{ item.repo }}"
dest: "{{ grav_path }}/{{ item.site_hostname }}/{{ item.site_hostname }}-{{ item.theme_name }}"
force: yes
become: yes
become_user: "{{ grav_user }}"
loop: "{{ grav_website_theme }}"
- name: "[Sub Repos] - Symlink theme path"
file:
src: "{{ grav_path }}/{{ item.site_hostname }}/{{ item.site_hostname }}-{{ item.theme_name }}"
dest: "{{ grav_path }}/{{ item.site_hostname }}/site/user/themes/{{ item.theme_name }}"
state: link
owner: "{{ grav_user }}"
group: "{{ grav_group }}"
loop: "{{ grav_website_theme }}"
- name: "[Sub Repos] - Git clone Website specific pages repos"
git:
repo: "{{ item.repo }}"
dest: "{{ grav_path }}/{{ item.site_hostname }}/{{ item.site_hostname }}-{{ item.folder_name }}"
force: yes
become: yes
become_user: "{{ grav_user }}"
loop: "{{ grav_website_specific_pages }}"
- name: "[Sub Repos] - Symlink specific pages path"
file:
src: "{{ grav_path }}/{{ item.site_hostname }}/{{ item.site_hostname }}-{{ item.folder_name }}/{{ item.symlink_from_path }}"
dest: "{{ grav_path }}/{{ item.site_hostname }}/site/user/pages/{{ item.symlink_to_path }}"
state: link
owner: "{{ grav_user }}"
group: "{{ grav_group }}"
loop: "{{ grav_website_specific_pages }}"

37
tasks/website_repos.yml Normal file
View File

@ -0,0 +1,37 @@
---
- name: '[Repos] - Remove the default 02.typography folder from new installation'
file:
path: '{{ grav_path }}/{{ item.site_hostname }}/site/user/pages/02.typography/'
state: absent
loop: "{{ grav_website_repo }}"
- name: '[Repos] - Remove the default 01.home/default.md file from new installation'
file:
path: '{{ grav_path }}/{{ item.site_hostname }}/site/user/pages/01.home/default.md'
state: absent
loop: "{{ grav_website_repo }}"
- name: "[Repos] - Git clone Website repos"
git:
repo: "{{ item.repo }}"
dest: "{{ grav_path }}/{{ item.site_hostname }}/{{ item.site_hostname }}-pages"
force: yes
become: yes
become_user: "{{ grav_user }}"
loop: "{{ grav_website_repo }}"
- name: "[Repos] - Remove pages dir"
file:
path: "{{ grav_path }}/{{ item.site_hostname }}/site/user/pages"
state: absent
loop: "{{ grav_website_repo }}"
- name: "[Repos] - Symlink pages path"
file:
src: "{{ grav_path }}/{{ item.site_hostname }}/{{ item.site_hostname }}-pages/pages"
dest: "{{ grav_path }}/{{ item.site_hostname }}/site/user/pages"
state: link
owner: "{{ grav_user }}"
group: "{{ grav_group }}"
loop: "{{ grav_website_repo }}"

20
templates/user/config/site.yaml.j2 Normal file
View File

@ -0,0 +1,20 @@
title: {{ item.site_name }}
default_lang: en
author:
name: Disroot
email: info@disroot.org
taxonomies:
- category
- tag
metadata:
description: 'Disroot is a platform providing online services based on principles of freedom, privacy, federation and decentralization.'
summary:
enabled: true
format: short
size: 300
delimiter: '==='
blog:
route: /blog
header:
title: 'Dis`root´'
description: '1. <span>To tear up the roots of, or by the roots; hence, to tear from a foundation; to uproot.</span>'

163
templates/user/config/system.yaml.j2 Normal file
View File

@ -0,0 +1,163 @@
absolute_urls: false
param_sep: ':'
wrapped_site: false
reverse_proxy_setup: true
force_ssl: false
force_lowercase_urls: true
username_regex: '^[a-z0-9_-]{3,16}$'
pwd_regex: '(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,}'
intl_enabled: true
languages:
supported:
- en
- es
- fr
- it
- de
- ru
include_default_lang: true
pages_fallback_only: false
translations: true
translations_fallback: true
session_store_active: true
http_accept_language: true
override_locale: false
home:
alias: '/home'
hide_in_urls: false
pages:
theme: {{ item.theme_name }}
order:
by: default
dir: asc
list:
count: 20
dateformat:
default: 'd-m-Y H:i'
short: 'jS M Y'
long: 'jS M Y'
publish_dates: true
process:
markdown: true
twig: false
twig_first: false
never_cache_twig: false
events:
page: true
twig: true
markdown:
extra: true
auto_line_breaks: true
auto_url_links: true
escape_markup: false
special_chars:
'>': gt
'<': lt
types:
- txt
- xml
- html
- htm
- json
- rss
- atom
expires: 604800
last_modified: false
etag: false
vary_accept_encoding: false
redirect_default_route: false
redirect_default_code: '301'
redirect_trailing_slash: false
ignore_files:
- .DS_Store
ignore_folders:
- .git
- .idea
ignore_hidden: true
url_taxonomy_filters: true
frontmatter:
process_twig: false
ignore_fields:
- form
- forms
cache:
enabled: true
check:
method: file
driver: auto
prefix: g
clear_images_by_default: true
cli_compatibility: false
lifetime: 604800
gzip: false
allow_webserver_gzip: false
twig:
cache: true
debug: true
auto_reload: true
autoescape: false
undefined_functions: true
undefined_filters: true
umask_fix: false
assets:
css_pipeline: false
css_pipeline_include_externals: true
css_pipeline_before_excludes: true
css_minify: true
css_minify_windows: false
css_rewrite: true
js_pipeline: false
js_pipeline_include_externals: true
js_pipeline_before_excludes: true
js_minify: true
enable_asset_timestamp: false
collections:
jquery: 'system://assets/jquery/jquery-2.x.min.js'
errors:
display: 0
log: true
debugger:
enabled: false
shutdown:
close_connection: true
twig: true
images:
default_image_quality: 85
cache_all: false
cache_perms: '0755'
debug: false
auto_fix_orientation: false
media:
enable_media_timestamp: false
auto_metadata_exif: false
upload_limit: 8388608
session:
enabled: true
initialize: true
timeout: 1800
name: grav-site
secure: false
httponly: true
split: true
gpm:
releases: stable
method: auto
verify_peer: true
official_gpm_only: true
strict_mode:
yaml_compat: true
twig_compat: true
blueprint_compat: true

7
templates/user/plugins/language-selector/language-selector.yaml.j2 Normal file
View File

@ -0,0 +1,7 @@
---
enabled: {{ grav_language_selector_enabled }}
built_in_css: true
untranslated_pages_behavior: none
button_display: {{ grav_language_selector_button }}
select_display: {{ grav_language_selector_select }}