Add deploy script

Former-commit-id: d64e8a40ac9c622f1dd1aaebb744da2f7230207f Former-commit-id: 7b266eef62ed54141789b01c155d407ed0ba87c4 [formerly 7b2eda2cb4e3e6279bed8f03b5f35c77afd94a3f [formerly 7b2eda2cb4e3e6279bed8f03b5f35c77afd94a3f [formerly 7b2eda2cb4e3e6279bed8f03b5f35c77afd94a3f [formerly 08b74a015fac636104626a090397079e59fa1de4]]]] Former-commit-id: d00851b46c56e3e8beb8e8e1835521369ee14f4c Former-commit-id: 716c5a760e7dc77ee204c2dab4e5f8d80a42bab3 Former-commit-id: 5fcc8ab51a743a11f5cab51b0be53d8626bdee2c Former-commit-id: 5b74c97b7345dc6660dc0af35a4e461471b4e348 [formerly 3f8e5216cd9fc3e7d1acb2f057d4e049daf277d4] Former-commit-id: 3e38e32a85d9675e5b436846ea04f0fbc2ff6fe4
2016-08-26 22:40:35 +02:00 · 2016-08-26 22:40:35 +02:00 · 4d2f9f6a0e
commit 4d2f9f6a0e
parent 49dd81d36a
3 changed files with 152 additions and 0 deletions
--- a/deploy/config/wstunnel.nginx
+++ b/deploy/config/wstunnel.nginx
@ -0,0 +1,79 @@
 # You may add here your
 # server {
 #	...
 # }
 # statements for each of your virtual hosts to this file
 ##
 # You should look at the following URL's in order to grasp a solid understanding
 # of Nginx configuration files in order to fully unleash the power of Nginx.
 # http://wiki.nginx.org/Pitfalls
 # http://wiki.nginx.org/QuickStart
 # http://wiki.nginx.org/Configuration
 #
 # Generally, you will want to move this file somewhere, and start with a clean
 # file but keep this around for reference. Or just disable in sites-enabled.
 #
 # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
 ##
 server {
 	listen   *:443 ssl;
 	listen   [::]:443 ssl;
 	server_name erebe.eu;
 	server_name 195.154.67.145;
    location / {
 	proxy_read_timeout 1800s;
 	proxy_pass http://127.0.0.1:{{ listen_port }};
 	proxy_http_version 1.1;
 	proxy_set_header Upgrade $http_upgrade;
 	proxy_set_header Connection "upgrade";
 	proxy_set_header        Host            $host;
 	proxy_set_header        X-Real-IP       $remote_addr;
 	proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
 	proxy_set_header        X-Forwarded-Proto $scheme;
    }
 }
 # another virtual host using mix of IP-, name-, and port-based configuration
 #
 #server {
 #	listen 8000;
 #	listen somename:8080;
 #	server_name somename alias another.alias;
 #	root html;
 #	index index.html index.htm;
 #
 #	location / {
 #		try_files $uri $uri/ =404;
 #	}
 #}
 # HTTPS server
 #
 #server {
 #	listen 443;
 #	server_name localhost;
 #
 #	root html;
 #	index index.html index.htm;
 #
 #	ssl on;
 #	ssl_certificate cert.pem;
 #	ssl_certificate_key cert.key;
 #
 #	ssl_session_timeout 5m;
 #
 #	ssl_protocols SSLv3 TLSv1;
 #	ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
 #	ssl_prefer_server_ciphers on;
 #
 #	location / {
 #		try_files $uri $uri/ =404;
 #	}
 #}
--- a/deploy/config/wstunnel.service
+++ b/deploy/config/wstunnel.service
@ -0,0 +1,13 @@
 [Unit]
 Description=wstunnel server
 Wants=network.target
 After=network.target
 [Service]
 Type=simple
 User=wstunnel
 ExecStart=/usr/local/bin/wstunnel --server ws://127.0.0.1:{{ listen_port }} -r 127.0.0.1:22
 Restart=always
 [Install]
 WantedBy=multi-user.target
--- a/deploy/server.yml
+++ b/deploy/server.yml
@ -0,0 +1,60 @@
 - hosts: server
  remote_user: root
  vars:
    # Username
    user: wstunnel
    listen_port: 9999
  tasks:
    - name: Create user {{ user }}
      user: name={{ user }}
            comment="{{ user }} user"
            shell=/bin/false
            createhome=no
    - name: Install wstunnel app
      copy: src=config/wstunnel
            dest=/usr/local/bin/
            owner=wstunnel
            group=wstunnel
            mode=u+rwx
    ################################
    # NGINX
    ################################
    - name: Add nginx config
      template: src=config/wstunnel.nginx
                dest=/etc/nginx/sites-available/
      notify: reload nginx
    - name: Symlink nginx config
      file: src=/etc/nginx/sites-available/wstunnel.nginx
            dest=/etc/nginx/sites-enabled/default
            state=link
    - name: Nginx started
      service: name=nginx state=started enabled=true
    ################################
    # SYSTEMD
    ################################
    - name: Copy systemd service
      template: src=config/wstunnel.service
                dest=/usr/lib/systemd/system/
      notify: reload wstunnel
    - name: reload systemd
      command: systemctl daemon-reload
    - name: wstunnel started
      service: name=wstunnel state=started enabled=true
  handlers:
    - name: reload nginx
      service: name=nginx state=reloaded enabled=true
    - name: reload wstunnel
      service: name=wstunnel state=restarted enabled=true