70 lines
1.9 KiB
YAML
Executable File
70 lines
1.9 KiB
YAML
Executable File
- hosts: local
|
|
connection: local
|
|
roles:
|
|
- basis
|
|
- backup
|
|
- java
|
|
- nginx
|
|
- gocd
|
|
- checkmk
|
|
|
|
|
|
vars:
|
|
users_local: [] #some local users only specific to this node!
|
|
users: "{{ users_local + users_admin }}"
|
|
|
|
fail2ban_activate_modules:
|
|
- sshd
|
|
- nginx
|
|
|
|
mount_points:
|
|
- path: "{{ gocd_artifact_location }}"
|
|
dev: /dev/sdb
|
|
|
|
gocd_admin_user: gocd_admin
|
|
gocd_admin_pass: VeryCoolAdminPassword!
|
|
gocd_artifact_location: "{{ cloud_storage }}/gocd-artifacts"
|
|
gocd_website:
|
|
domain: "build.{{ domain_external }}"
|
|
letsencrypt: true
|
|
state: present
|
|
owner: jenkins
|
|
port: 80
|
|
root_setup: false
|
|
index: noindex
|
|
root: noroot
|
|
options:
|
|
access_log: "/var/log/nginx/build.{{ domain_external }}-access.log"
|
|
error_log: "/var/log/nginx/build.{{ domain_external }}-error.log"
|
|
pre_options: |
|
|
# Required for GoCD websocket agents
|
|
map $http_upgrade $connection_upgrade {
|
|
default upgrade;
|
|
'' close;
|
|
}
|
|
locations:
|
|
- location: '/'
|
|
options: |
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
proxy_pass http://localhost:8153/;
|
|
client_max_body_size 10000m;
|
|
|
|
# Websites
|
|
web_sites:
|
|
- "{{ gocd_website }}"
|
|
|
|
# Backup
|
|
backup_targets:
|
|
file:
|
|
- "{{ gocd_artifact_location }}"
|
|
- "/etc/letsencrypt"
|
|
|
|
vars_files:
|
|
- "group_vars/{{ ansible_local.preferences.ansible.environment }}.yml"
|