Add deploy script

Former-commit-id: d64e8a40ac9c622f1dd1aaebb744da2f7230207f Former-commit-id: 7b266eef62ed54141789b01c155d407ed0ba87c4 [formerly 7b2eda2cb4e3e6279bed8f03b5f35c77afd94a3f [formerly 7b2eda2cb4e3e6279bed8f03b5f35c77afd94a3f [formerly 7b2eda2cb4e3e6279bed8f03b5f35c77afd94a3f [formerly 08b74a015fac636104626a090397079e59fa1de4]]]] Former-commit-id: d00851b46c56e3e8beb8e8e1835521369ee14f4c Former-commit-id: 716c5a760e7dc77ee204c2dab4e5f8d80a42bab3 Former-commit-id: 5fcc8ab51a743a11f5cab51b0be53d8626bdee2c Former-commit-id: 5b74c97b7345dc6660dc0af35a4e461471b4e348 [formerly 3f8e5216cd9fc3e7d1acb2f057d4e049daf277d4] Former-commit-id: 3e38e32a85d9675e5b436846ea04f0fbc2ff6fe4
2016-08-26 22:40:35 +02:00 · 2016-08-26 22:40:35 +02:00 · 4d2f9f6a0e
commit 4d2f9f6a0e
parent 49dd81d36a
3 changed files with 152 additions and 0 deletions
--- a/deploy/config/wstunnel.nginx
+++ b/deploy/config/wstunnel.nginx
@ -0,0 +1,79 @@
+# You may add here your
+# server {
+#	...
+# }
+# statements for each of your virtual hosts to this file
+
+##
+# You should look at the following URL's in order to grasp a solid understanding
+# of Nginx configuration files in order to fully unleash the power of Nginx.
+# http://wiki.nginx.org/Pitfalls
+# http://wiki.nginx.org/QuickStart
+# http://wiki.nginx.org/Configuration
+#
+# Generally, you will want to move this file somewhere, and start with a clean
+# file but keep this around for reference. Or just disable in sites-enabled.
+#
+# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
+##
+
+server {
+	listen   *:443 ssl;
+	listen   [::]:443 ssl;
+	server_name erebe.eu;
+	server_name 195.154.67.145;
+
+
+    location / {
+	proxy_read_timeout 1800s;
+	proxy_pass http://127.0.0.1:{{ listen_port }};
+	proxy_http_version 1.1;
+	proxy_set_header Upgrade $http_upgrade;
+	proxy_set_header Connection "upgrade";
+	proxy_set_header        Host            $host;
+	proxy_set_header        X-Real-IP       $remote_addr;
+	proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
+	proxy_set_header        X-Forwarded-Proto $scheme;
+    }
+
+}
+
+
+# another virtual host using mix of IP-, name-, and port-based configuration
+#
+#server {
+#	listen 8000;
+#	listen somename:8080;
+#	server_name somename alias another.alias;
+#	root html;
+#	index index.html index.htm;
+#
+#	location / {
+#		try_files $uri $uri/ =404;
+#	}
+#}
+
+
+# HTTPS server
+#
+#server {
+#	listen 443;
+#	server_name localhost;
+#
+#	root html;
+#	index index.html index.htm;
+#
+#	ssl on;
+#	ssl_certificate cert.pem;
+#	ssl_certificate_key cert.key;
+#
+#	ssl_session_timeout 5m;
+#
+#	ssl_protocols SSLv3 TLSv1;
+#	ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
+#	ssl_prefer_server_ciphers on;
+#
+#	location / {
+#		try_files $uri $uri/ =404;
+#	}
+#}
--- a/deploy/config/wstunnel.service
+++ b/deploy/config/wstunnel.service
@ -0,0 +1,13 @@
+[Unit]
+Description=wstunnel server
+Wants=network.target
+After=network.target
+
+[Service]
+Type=simple
+User=wstunnel
+ExecStart=/usr/local/bin/wstunnel --server ws://127.0.0.1:{{ listen_port }} -r 127.0.0.1:22
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
--- a/deploy/server.yml
+++ b/deploy/server.yml
@ -0,0 +1,60 @@
+- hosts: server
+  remote_user: root
+
+  vars:
+    # Username
+    user: wstunnel
+    listen_port: 9999
+
+  tasks:
+    - name: Create user {{ user }}
+      user: name={{ user }}
+            comment="{{ user }} user"
+            shell=/bin/false
+            createhome=no
+
+    - name: Install wstunnel app
+      copy: src=config/wstunnel
+            dest=/usr/local/bin/
+            owner=wstunnel
+            group=wstunnel
+            mode=u+rwx
+
+    ################################
+    # NGINX
+    ################################
+    - name: Add nginx config
+      template: src=config/wstunnel.nginx
+                dest=/etc/nginx/sites-available/
+      notify: reload nginx
+
+    - name: Symlink nginx config
+      file: src=/etc/nginx/sites-available/wstunnel.nginx
+            dest=/etc/nginx/sites-enabled/default
+            state=link
+
+    - name: Nginx started
+      service: name=nginx state=started enabled=true
+
+
+    ################################
+    # SYSTEMD
+    ################################
+    - name: Copy systemd service
+      template: src=config/wstunnel.service
+                dest=/usr/lib/systemd/system/
+      notify: reload wstunnel
+    
+    - name: reload systemd
+      command: systemctl daemon-reload
+
+    - name: wstunnel started
+      service: name=wstunnel state=started enabled=true
+
+
+  handlers:
+    - name: reload nginx
+      service: name=nginx state=reloaded enabled=true
+
+    - name: reload wstunnel
+      service: name=wstunnel state=restarted enabled=true