From 4d2f9f6a0e8a5b201d1b0bd55dfe9cf1f76ab2dc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Er=C3=A8be?= <romain.gerard@erebe.eu>
Date: Fri, 26 Aug 2016 22:40:35 +0200
Subject: [PATCH] Add deploy script

Former-commit-id: d64e8a40ac9c622f1dd1aaebb744da2f7230207f
Former-commit-id: 7b266eef62ed54141789b01c155d407ed0ba87c4 [formerly 7b2eda2cb4e3e6279bed8f03b5f35c77afd94a3f [formerly 7b2eda2cb4e3e6279bed8f03b5f35c77afd94a3f [formerly 7b2eda2cb4e3e6279bed8f03b5f35c77afd94a3f [formerly 08b74a015fac636104626a090397079e59fa1de4]]]]
Former-commit-id: d00851b46c56e3e8beb8e8e1835521369ee14f4c
Former-commit-id: 716c5a760e7dc77ee204c2dab4e5f8d80a42bab3
Former-commit-id: 5fcc8ab51a743a11f5cab51b0be53d8626bdee2c
Former-commit-id: 5b74c97b7345dc6660dc0af35a4e461471b4e348 [formerly 3f8e5216cd9fc3e7d1acb2f057d4e049daf277d4]
Former-commit-id: 3e38e32a85d9675e5b436846ea04f0fbc2ff6fe4
---
 deploy/config/wstunnel.nginx   | 79 ++++++++++++++++++++++++++++++++++
 deploy/config/wstunnel.service | 13 ++++++
 deploy/server.yml              | 60 ++++++++++++++++++++++++++
 3 files changed, 152 insertions(+)
 create mode 100644 deploy/config/wstunnel.nginx
 create mode 100644 deploy/config/wstunnel.service
 create mode 100755 deploy/server.yml

diff --git a/deploy/config/wstunnel.nginx b/deploy/config/wstunnel.nginx
new file mode 100644
index 0000000..81ee87a
--- /dev/null
+++ b/deploy/config/wstunnel.nginx
@@ -0,0 +1,79 @@
+# You may add here your
+# server {
+#	...
+# }
+# statements for each of your virtual hosts to this file
+
+##
+# You should look at the following URL's in order to grasp a solid understanding
+# of Nginx configuration files in order to fully unleash the power of Nginx.
+# http://wiki.nginx.org/Pitfalls
+# http://wiki.nginx.org/QuickStart
+# http://wiki.nginx.org/Configuration
+#
+# Generally, you will want to move this file somewhere, and start with a clean
+# file but keep this around for reference. Or just disable in sites-enabled.
+#
+# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
+##
+
+server {
+	listen   *:443 ssl;
+	listen   [::]:443 ssl;
+	server_name erebe.eu;
+	server_name 195.154.67.145;
+
+
+    location / {
+	proxy_read_timeout 1800s;
+	proxy_pass http://127.0.0.1:{{ listen_port }};
+	proxy_http_version 1.1;
+	proxy_set_header Upgrade $http_upgrade;
+	proxy_set_header Connection "upgrade";
+	proxy_set_header        Host            $host;
+	proxy_set_header        X-Real-IP       $remote_addr;
+	proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
+	proxy_set_header        X-Forwarded-Proto $scheme;
+    }
+
+}
+
+
+# another virtual host using mix of IP-, name-, and port-based configuration
+#
+#server {
+#	listen 8000;
+#	listen somename:8080;
+#	server_name somename alias another.alias;
+#	root html;
+#	index index.html index.htm;
+#
+#	location / {
+#		try_files $uri $uri/ =404;
+#	}
+#}
+
+
+# HTTPS server
+#
+#server {
+#	listen 443;
+#	server_name localhost;
+#
+#	root html;
+#	index index.html index.htm;
+#
+#	ssl on;
+#	ssl_certificate cert.pem;
+#	ssl_certificate_key cert.key;
+#
+#	ssl_session_timeout 5m;
+#
+#	ssl_protocols SSLv3 TLSv1;
+#	ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
+#	ssl_prefer_server_ciphers on;
+#
+#	location / {
+#		try_files $uri $uri/ =404;
+#	}
+#}
diff --git a/deploy/config/wstunnel.service b/deploy/config/wstunnel.service
new file mode 100644
index 0000000..0ca3202
--- /dev/null
+++ b/deploy/config/wstunnel.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=wstunnel server
+Wants=network.target
+After=network.target
+
+[Service]
+Type=simple
+User=wstunnel
+ExecStart=/usr/local/bin/wstunnel --server ws://127.0.0.1:{{ listen_port }} -r 127.0.0.1:22
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
diff --git a/deploy/server.yml b/deploy/server.yml
new file mode 100755
index 0000000..f02248b
--- /dev/null
+++ b/deploy/server.yml
@@ -0,0 +1,60 @@
+- hosts: server
+  remote_user: root
+
+  vars:
+    # Username
+    user: wstunnel
+    listen_port: 9999
+
+  tasks:
+    - name: Create user {{ user }}
+      user: name={{ user }}
+            comment="{{ user }} user"
+            shell=/bin/false
+            createhome=no
+
+    - name: Install wstunnel app
+      copy: src=config/wstunnel
+            dest=/usr/local/bin/
+            owner=wstunnel
+            group=wstunnel
+            mode=u+rwx
+
+    ################################
+    # NGINX
+    ################################
+    - name: Add nginx config
+      template: src=config/wstunnel.nginx
+                dest=/etc/nginx/sites-available/
+      notify: reload nginx
+
+    - name: Symlink nginx config
+      file: src=/etc/nginx/sites-available/wstunnel.nginx
+            dest=/etc/nginx/sites-enabled/default
+            state=link
+
+    - name: Nginx started
+      service: name=nginx state=started enabled=true
+
+
+    ################################
+    # SYSTEMD
+    ################################
+    - name: Copy systemd service
+      template: src=config/wstunnel.service
+                dest=/usr/lib/systemd/system/
+      notify: reload wstunnel
+    
+    - name: reload systemd
+      command: systemctl daemon-reload
+
+    - name: wstunnel started
+      service: name=wstunnel state=started enabled=true
+
+
+  handlers:
+    - name: reload nginx
+      service: name=nginx state=reloaded enabled=true
+
+    - name: reload wstunnel
+      service: name=wstunnel state=restarted enabled=true