Nástroje používateľa
server:ansible:start
Rozdiely
Tu môžete vidieť rozdiely medzi vybranou verziou a aktuálnou verziou danej stránky.
| Next revision | Previous revision | ||
|
server:ansible:start [2018/03/02 14:55] Stanislav Nízky vytvorené |
server:ansible:start [2018/03/02 15:35] (aktuálne) Stanislav Nízky |
||
|---|---|---|---|
| Riadok 7: | Riadok 7: | ||
| Roly sú množinou taskov, spolu vykonávajúcich konkrétnu zložitejšiu úlohu. Napríklad vyrobenie virtualhostu pre Omegu, pozostáva z vytvorenia uživateľa, vytvorenia databázy a užívateľov, vytvorenie domovského adresára a nastavenie web servera. | Roly sú množinou taskov, spolu vykonávajúcich konkrétnu zložitejšiu úlohu. Napríklad vyrobenie virtualhostu pre Omegu, pozostáva z vytvorenia uživateľa, vytvorenia databázy a užívateľov, vytvorenie domovského adresára a nastavenie web servera. | ||
| + | ==== Rola gentoo_config ==== | ||
| + | Obsahuje zatiaľ naplnenie package.mask suboru kôli chybe v mariadb 10.30. Budú sa pridávať napríklad python targety a spoločné nastavenia všetkých gentoo serverov. | ||
| + | |||
| + | ==== Rola le_haproxy ==== | ||
| + | Nastavuje vytváranie Let's Encrypt certifikátov. Pre každý certifikát obsahuje zoznam FQDN, pre ktoré bude vytvorený aj poradové číslo kľúča (z troch, default 1) pre prípad kompromitovania. To znamená podporu pre viac kľúčov avizovaných prehliadaču. Vyrába nastavenia na vzdialenom serveri ale nespúšťa samotnú požiadavku k LE. | ||
| + | |||
| + | ==== Rola nagios_prepare ==== | ||
| + | Nakopíruje skripty a SSH kľúče pre sledovanie cez Nagios. | ||
| + | |||
| + | ==== Rola scripts_prepare ==== | ||
| + | Kopíruje zálohovacie skripty a napríklad aj skript na kontrolu zraniteľnosti Spectre. | ||
| + | |||
| + | ==== Rola omega_virtual ==== | ||
| + | Podľa typu virtualhostu vyrobí systémový účet a skupinu, vytvorí domáci adresár, nakopíruje zálohovacie nastavenia, php volacie skripty, testera. Nastaví apache a ak treba tak aj PHP-FPM. Vyrobí databázu a prístup k nej. Dorobím aj vytvorenie rsync prístupov. | ||
| + | |||
| + | === Nastavenie vars === | ||
| + | Podľa operačného systému sa includuje súbor vo vars adresári (napr. Debian.yml). Tu sa dajú zmeniť premenné pre lokalitu adresárov apache-u a.p. | ||
| + | V group_vars a host_vars adresároch (globálnych) sa nachádzajú všetky nastavenia. | ||
| + | Ukážka: | ||
| + | <file yaml virtuals.yml> | ||
| + | --- | ||
| + | |||
| + | # Virtualhosts for Biont(Alcor) | ||
| + | # apache pass for vr4d.com NKV9zZwjErLJgpmC | ||
| + | |||
| + | virtuals: | ||
| + | - name: www.vr4d.com | ||
| + | comment: Obchod s 3D scanovanymi objektmi | ||
| + | user_name: vr4d-www | ||
| + | group_name: vr4d-www | ||
| + | uid: 1072 | ||
| + | gid: 1072 | ||
| + | user_pass: hs228F4dV2gYV9TH | ||
| + | shell: /bin/bash | ||
| + | homedir: /data/www/vr4d.www | ||
| + | customer_code: com_vr4d | ||
| + | VirtualType: www-fpm | ||
| + | ServerName: www.vr4d.com | ||
| + | ServerAlias: | ||
| + | - vr4d.com | ||
| + | FPM_Port: 9004 | ||
| + | PHP_extra_params: [ | ||
| + | "php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f stano@727.sk", | ||
| + | "php_flag[display_errors] = on", | ||
| + | "php_admin_value[error_log] = /data/www/vr4d.www/log/fpm-error.log", | ||
| + | "php_admin_flag[log_errors] = on", | ||
| + | "php_admin_value[memory_limit] = 512M", | ||
| + | "php_admin_value[upload_max_filesize] = 128M", | ||
| + | "php_admin_value[post_max_size] = 128M" | ||
| + | ] | ||
| + | |||
| + | - name: test.vr4d.com | ||
| + | comment: Obchod s 3D scanovanymi objektmi | ||
| + | user_name: vr4d-test | ||
| + | group_name: vr4d-test | ||
| + | uid: 1076 | ||
| + | gid: 1076 | ||
| + | user_pass: ECmrjBVWR9hu6cDm | ||
| + | shell: /bin/bash | ||
| + | homedir: /data/www/vr4d.test | ||
| + | customer_code: com_vr4d | ||
| + | VirtualType: www-fpm | ||
| + | ServerName: test.vr4d.com | ||
| + | ServerAlias: | ||
| + | - ntest.vr4d.com | ||
| + | - dev.vr4d.com | ||
| + | FPM_Port: 9005 | ||
| + | PHP_extra_params: [ | ||
| + | "php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f stano@727.sk", | ||
| + | "php_flag[display_errors] = on", | ||
| + | "php_admin_value[error_log] = /data/www/vr4d.test/log/fpm-error.log", | ||
| + | "php_admin_flag[log_errors] = on", | ||
| + | "php_admin_value[memory_limit] = 512M", | ||
| + | "php_admin_value[upload_max_filesize] = 128M", | ||
| + | "php_admin_value[post_max_size] = 128M" | ||
| + | ] | ||
| + | |||
| + | - name: omega.vr4d.com | ||
| + | comment: Externa Omega pre vr4d.com | ||
| + | user_name: vr4d-omega | ||
| + | group_name: vr4d-omega | ||
| + | uid: 1073 | ||
| + | gid: 1073 | ||
| + | user_pass: WBCbj2ahKD7Xp3Ry | ||
| + | homedir: /data/www/vr4d.omega | ||
| + | customer_code: com_vr4d | ||
| + | VirtualType: omega | ||
| + | ServerName: omega.vr4d.com | ||
| + | # ServerAlias: [] | ||
| + | ServerAlias: | ||
| + | - vromega.medic.sk | ||
| + | - casting.727.sk | ||
| + | - omega.vr4d.local | ||
| + | |||
| + | - name: www.vr4dreams.com | ||
| + | comment: Obchod s 3D scanovanymi objektmi - civil verzia | ||
| + | user_name: vr4dreams-www | ||
| + | group_name: vr4dreams-www | ||
| + | uid: 1074 | ||
| + | gid: 1074 | ||
| + | user_pass: TLAHW4ESJc6pnKKA | ||
| + | homedir: /data/www/vr4dreams.www | ||
| + | customer_code: com_vr4d | ||
| + | VirtualType: www | ||
| + | ServerName: www.vr4dreams.com | ||
| + | ServerAlias: | ||
| + | - vr4dreams.com | ||
| + | - vr4dream.com | ||
| + | - www.vr4dream.com | ||
| + | - vr3dimension.com | ||
| + | - www.vr3dimension.com | ||
| + | |||
| + | - name: omega.vr4dreams.com | ||
| + | comment: Externa Omega pre vr4dream.com | ||
| + | user_name: vr4dreams-omega | ||
| + | group_name: vr4dreams-omega | ||
| + | uid: 1075 | ||
| + | gid: 1075 | ||
| + | user_pass: kK4J8Bg4GDVZ6smV | ||
| + | homedir: /data/www/vr4dreams.omega | ||
| + | customer_code: com_vr4d | ||
| + | VirtualType: omega | ||
| + | ServerName: omega.vr4dreams.com | ||
| + | ServerAlias: | ||
| + | - omega.v4dream.com | ||
| + | |||
| + | - name: www.hoba.sk | ||
| + | comment: Hokejovy klub Bratislava | ||
| + | user_name: hoba-www | ||
| + | group_name: hoba-www | ||
| + | uid: 1080 | ||
| + | gid: 1080 | ||
| + | user_pass: aQ7pxHbZXNPJcz6E | ||
| + | homedir: /data/www/hoba.sk.www | ||
| + | customer_code: sk_hoba | ||
| + | VirtualType: www-fpm | ||
| + | ServerName: www.hoba.sk | ||
| + | ServerAlias: | ||
| + | - hoba.sk | ||
| + | - test2.hoba.sk | ||
| + | FPM_Port: 9003 | ||
| + | PHP_extra_params: [ | ||
| + | "php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f stano@727.sk", | ||
| + | "php_flag[display_errors] = on", | ||
| + | "php_admin_value[error_log] = /data/www/hoba.sk.www/log/fpm-error.log", | ||
| + | "php_admin_flag[log_errors] = on", | ||
| + | "php_admin_value[memory_limit] = 512M", | ||
| + | "php_admin_value[upload_max_filesize] = 128M", | ||
| + | "php_admin_value[post_max_size] = 128M" | ||
| + | ] | ||
| + | |||
| + | - name: modula.727.sk | ||
| + | comment: Roboticky simulator pre Modulu | ||
| + | user_name: modula-www | ||
| + | group_name: modula-www | ||
| + | uid: 1081 | ||
| + | gid: 1081 | ||
| + | user_pass: h7gfl3cxox4hk0nr | ||
| + | homedir: /data/www/727.sk.modula | ||
| + | customer_code: sk_modula | ||
| + | VirtualType: www-fpm | ||
| + | ServerName: modula.727.sk | ||
| + | ServerAlias: [] | ||
| + | FPM_Port: 9006 | ||
| + | PHP_extra_params: [ | ||
| + | "php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f michal.stens@gmail.com", | ||
| + | "php_flag[display_errors] = on", | ||
| + | "php_admin_value[error_log] = /data/www/727.sk.modula/log/fpm-error.log", | ||
| + | "php_admin_flag[log_errors] = on", | ||
| + | "php_admin_value[memory_limit] = 128M", | ||
| + | "php_admin_value[upload_max_filesize] = 64M", | ||
| + | "php_admin_value[post_max_size] = 64M" | ||
| + | ] | ||
| + | |||
| + | - name: www.medic.sk | ||
| + | comment: Firemny portal pre vsetky mutacie (somega, garsius, medic) | ||
| + | user_name: medic-www | ||
| + | group_name: medic-www | ||
| + | uid: 1082 | ||
| + | gid: 1082 | ||
| + | user_pass: h7gfl3cxox4hk0nr | ||
| + | homedir: /data/www/medic.sk.www | ||
| + | customer_code: sk_medic_www | ||
| + | VirtualType: www-fpm | ||
| + | ServerName: www.medic.sk | ||
| + | ServerAlias: | ||
| + | - medic.sk | ||
| + | - www.systemomega.com | ||
| + | - systemomega.com | ||
| + | - www.garsius.com | ||
| + | - garsius.com | ||
| + | FPM_Port: 9007 | ||
| + | PHP_extra_params: [ | ||
| + | "php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f michal.stens@gmail.com", | ||
| + | "php_flag[display_errors] = on", | ||
| + | "php_admin_value[error_log] = /data/www/727.sk.modula/log/fpm-error.log", | ||
| + | "php_admin_flag[log_errors] = on", | ||
| + | "php_admin_value[memory_limit] = 128M", | ||
| + | "php_admin_value[upload_max_filesize] = 64M", | ||
| + | "php_admin_value[post_max_size] = 64M" | ||
| + | ] | ||
| + | |||
| + | database_users: | ||
| + | # webovy uzivatel pre [www.]vr4d.com Produkcny | ||
| + | - db_user: "vr4d_com_www" | ||
| + | db_pass: "Frozen!Hawk" | ||
| + | db_name: "vr4d_com_www" | ||
| + | |||
| + | # webovy uzivatel pre [test|dev].vr4d.com Testovaci | ||
| + | - db_user: "vr4d_com_test" | ||
| + | db_pass: "Invisible!Sorcerer" | ||
| + | db_name: "vr4d_com_test" | ||
| + | |||
| + | # user pre www.hoba.sk | ||
| + | - db_user: "hoba-www" | ||
| + | db_pass: "3S87cDcXAG9Mpp5c" | ||
| + | db_name: "hoba-www" | ||
| + | |||
| + | databases: | ||
| + | # db pre Produkcny web www.vr4d.com | ||
| + | - db_name: "vr4d_com_www" | ||
| + | collation: "utf8_slovak_ci" | ||
| + | encoding: "utf8" | ||
| + | # db pre Testovaci web test.vr4d.com | ||
| + | - db_name: "vr4d_com_test" | ||
| + | collation: "utf8_slovak_ci" | ||
| + | encoding: "utf8" | ||
| + | |||
| + | # db pre www.hoba.sk | ||
| + | - db_name: "hoba-www" | ||
| + | collation: "utf8_slovak_ci" | ||
| + | encoding: "utf8" | ||
| + | |||
| + | |||
| + | # ex: set tabstop=4 shiftwidth=4 : # | ||
| + | </file> | ||
server/ansible/start.1519998934.txt.gz · Posledná úprava: 2018/03/02 14:55 od Stanislav Nízky
Nástoje stránky
