Moved var nginx_system_user to global vars

dehydrated
Felix Stupp 4 years ago
parent 34b867994c
commit b1a93849a1
Signed by: zocker
GPG Key ID: 93E1BD26F6B02FB7

@ -113,6 +113,7 @@ global_log_directory: "/var/log"
global_nfs_port: "2049" # for version 4 global_nfs_port: "2049" # for version 4
global_nfs_directory: "{{ global_webservers_directory }}/nfs" global_nfs_directory: "{{ global_webservers_directory }}/nfs"
global_nginx_system_user: www-data
global_nginx_service_name: "nginx.service" global_nginx_service_name: "nginx.service"
global_pamd: "/etc/pam.d" global_pamd: "/etc/pam.d"

@ -1,7 +1,5 @@
--- ---
nginx_system_user: www-data
nginx_installation_directory: "/etc/nginx" nginx_installation_directory: "/etc/nginx"
nginx_upstreams_directory: "{{ nginx_installation_directory }}/upstreams" nginx_upstreams_directory: "{{ nginx_installation_directory }}/upstreams"
nginx_sites_directory: "{{ nginx_installation_directory }}/sites" nginx_sites_directory: "{{ nginx_installation_directory }}/sites"

@ -1,4 +1,4 @@
user {{ nginx_system_user }} {{ nginx_system_user }}; user {{ global_nginx_system_user }} {{ global_nginx_system_user }};
worker_processes auto; worker_processes auto;
pid /run/nginx.pid; pid /run/nginx.pid;
include {{ nginx_installation_directory }}/modules-enabled/*.conf; include {{ nginx_installation_directory }}/modules-enabled/*.conf;

@ -4,8 +4,8 @@
template: template:
src: mail_proxy.conf src: mail_proxy.conf
dest: "{{ nginx_streams_directory }}/{{ domain }}:{{ port }}" dest: "{{ nginx_streams_directory }}/{{ domain }}:{{ port }}"
owner: "{{ nginx_system_user }}" owner: "{{ global_nginx_system_user }}"
group: "{{ nginx_system_user }}" group: "{{ global_nginx_system_user }}"
mode: "u=rw,g=r,o=r" mode: "u=rw,g=r,o=r"
- name: Allow {{ protocol }} in firewall - name: Allow {{ protocol }} in firewall

@ -5,7 +5,7 @@
path: "{{ socket_directory }}" path: "{{ socket_directory }}"
state: directory state: directory
owner: "{{ system_user }}" owner: "{{ system_user }}"
group: "{{ nginx_system_user }}" group: "{{ global_nginx_system_user }}"
mode: "u=rwx,g=rx,o=" mode: "u=rwx,g=rx,o="
- name: Check if src is a directory - name: Check if src is a directory
@ -13,7 +13,7 @@
path: "{{ src }}" path: "{{ src }}"
state: directory state: directory
owner: "{{ system_user }}" owner: "{{ system_user }}"
group: "{{ nginx_system_user }}" group: "{{ global_nginx_system_user }}"
mode: "u=rwx,g=rx,o=" mode: "u=rwx,g=rx,o="
- name: Configure pool in php-fpm - name: Configure pool in php-fpm

@ -1,11 +1,11 @@
[{{ pool_name }}] [{{ pool_name }}]
user = {{ system_user }} user = {{ system_user }}
group = {{ nginx_system_user }} group = {{ global_nginx_system_user }}
listen = {{ socket }} listen = {{ socket }}
listen.owner = {{ system_user }} listen.owner = {{ system_user }}
listen.group = {{ nginx_system_user }} listen.group = {{ global_nginx_system_user }}
listen.mode = 0660 listen.mode = 0660
pm = dynamic pm = dynamic

@ -40,7 +40,7 @@
state: directory state: directory
path: "{{ socket_directory }}" path: "{{ socket_directory }}"
owner: "{{ system_user }}" owner: "{{ system_user }}"
group: "{{ nginx_system_user }}" group: "{{ global_nginx_system_user }}"
mode: "u=rwx,g=rx,o=" mode: "u=rwx,g=rx,o="
- name: Register socket for firefox sync server - name: Register socket for firefox sync server

@ -4,7 +4,7 @@ Description=firefox sync server socket at {{ domain }}
[Socket] [Socket]
ListenStream={{ socket_path }} ListenStream={{ socket_path }}
SocketUser={{ system_user }} SocketUser={{ system_user }}
SocketGroup={{ nginx_system_user }} SocketGroup={{ global_nginx_system_user }}
SocketMode=0660 SocketMode=0660
[Install] [Install]

@ -21,7 +21,7 @@
path: "{{ user_directory }}" path: "{{ user_directory }}"
state: directory state: directory
owner: "{{ gitea_system_user }}" owner: "{{ gitea_system_user }}"
group: "{{ nginx_system_user }}" group: "{{ global_nginx_system_user }}"
mode: "u=rwx,g=rx,o=" mode: "u=rwx,g=rx,o="
- name: Configure installation directory - name: Configure installation directory

@ -6,7 +6,7 @@ dependencies:
- role: misc/system_user - role: misc/system_user
# system_user # system_user
# user_directory # user_directory
user_directory_group: "{{ nginx_system_user }}" user_directory_group: "{{ global_nginx_system_user }}"
- role: misc/backup_files - role: misc/backup_files
# domain # domain
backup_directory: "{{ nextcloud_data_directory }}" backup_directory: "{{ nextcloud_data_directory }}"

@ -6,14 +6,14 @@ dependencies:
- role: misc/system_user - role: misc/system_user
# system_user # system_user
# user_directory # user_directory
user_directory_group: "{{ nginx_system_user }}" user_directory_group: "{{ global_nginx_system_user }}"
- role: mysql/database - role: mysql/database
# database_user # database_user
- role: git_auto_update - role: git_auto_update
# repo # repo
dest: "{{ installation_directory }}" dest: "{{ installation_directory }}"
owner: "{{ system_user }}" owner: "{{ system_user }}"
group: "{{ nginx_system_user }}" group: "{{ global_nginx_system_user }}"
mode: "u=rwx,g=rx,o=" mode: "u=rwx,g=rx,o="
repo_name: "{{ domain }}" repo_name: "{{ domain }}"
reload_command: "systemctl restart {{ phpfpm_package }}" reload_command: "systemctl restart {{ phpfpm_package }}"

@ -6,5 +6,5 @@ dependencies:
name: "{{ domain }}" name: "{{ domain }}"
dest: "{{ root_directory }}" dest: "{{ root_directory }}"
owner: root owner: root
group: "{{ nginx_system_user }}" group: "{{ global_nginx_system_user }}"
mode: "u=rwx,g=rx,o=" mode: "u=rwx,g=rx,o="

@ -7,13 +7,13 @@ dependencies:
- role: misc/system_user - role: misc/system_user
# system_user # system_user
# user_directory # user_directory
user_directory_group: "{{ nginx_system_user }}" user_directory_group: "{{ global_nginx_system_user }}"
- role: git_auto_update - role: git_auto_update
# repo # repo
repo_name: "{{ domain }}" repo_name: "{{ domain }}"
dest: "{{ installation_directory }}" dest: "{{ installation_directory }}"
owner: "{{ system_user }}" owner: "{{ system_user }}"
group: "{{ nginx_system_user }}" group: "{{ global_nginx_system_user }}"
mode: "u=rwx,g=rx,o=" mode: "u=rwx,g=rx,o="
reload_command: "true" reload_command: "true"
- role: mysql/database - role: mysql/database

@ -5,7 +5,7 @@
src: config.php src: config.php
dest: "{{ installation_directory }}/config.php" dest: "{{ installation_directory }}/config.php"
owner: "{{ system_user }}" owner: "{{ system_user }}"
group: "{{ nginx_system_user }}" group: "{{ global_nginx_system_user }}"
mode: "u=rw,g=r,o=" mode: "u=rw,g=r,o="
notify: "restart {{ domain }}" notify: "restart {{ domain }}"

Loading…
Cancel
Save