Externalisation de la configuration du vhost du reverse proxy

This commit is contained in:
Navas 2022-07-20 13:16:55 +02:00
parent 8ec5abfc5e
commit 8ccf78e6c1
7 changed files with 2 additions and 36 deletions

View file

@ -3,8 +3,7 @@
## Services fournis ## Services fournis
- main.yml : Installation d'une instance matomo sur un serveur docker_host Installation d'une instance matomo sur un serveur docker_host
- configure_reverse_proxy.yml : Configuration d'un reverse proxy préalablement installé par le role reverse_proxy
## Variables ## Variables
@ -19,11 +18,6 @@ docker_matomo_image_version: x.y.z
docker_matomo_db_name: matomodb docker_matomo_db_name: matomodb
docker_matomo_db_user: user_proprietaire_bdd docker_matomo_db_user: user_proprietaire_bdd
docker_matomo_db_password: mdp_proprietaire_bdd docker_matomo_db_password: mdp_proprietaire_bdd
docker_matomo_rp_cert: LE
docker_matomo_rp_docker_host: machine.domaine.local
docker_matomo_rp_access_policy: OpenAccessPolicy
docker_matomo_rp_indexing: BlockCrawlerIndexing
docker_matomo_rp_waf: "On"
``` ```
| Option | Valeur par défaut | Description | | Option | Valeur par défaut | Description |
@ -35,11 +29,6 @@ docker_matomo_rp_waf: "On"
| docker_matomo_db_name | | Nom de la base de données | | docker_matomo_db_name | | Nom de la base de données |
| docker_matomo_db_user | | Nom du proprietaire_de la base | | docker_matomo_db_user | | Nom du proprietaire_de la base |
| docker_matomo_db_password | | MDP du proprietaire_de la base | | docker_matomo_db_password | | MDP du proprietaire_de la base |
| docker_matomo_rp_docker_host | | pour configure_reverse_proxy.yml: fqdn de la machine contenant le conteneur docker |
| docker_matomo_rp_cert | LE | Type de certificat pour le reverse proxy (LE = letsencrypt) |
| docker_matomo_rp_access_policy | | Modèle d'autorisation d'accès du reverse proxy |
| docker_matomo_rp_indexing | | Stratégie du reverse proxy vis à vis des robots |
| docker_matomo_rp_waf | | Activation websecurity du reverse proxy |

View file

@ -1 +1 @@
docker_matomo_rp_cert: LE

View file

@ -3,8 +3,3 @@
docker-compose up -d docker-compose up -d
args: args:
chdir: /opt/{{ docker_matomo_service_id }}/ chdir: /opt/{{ docker_matomo_service_id }}/
- name: reverse-proxy-reload
service:
name: apache2
state: reloaded

View file

@ -1,13 +0,0 @@
- name: prepare reverse_proxy
template:
src: "{{ item }}"
dest: /etc/apache2/vhosts.d/{{ docker_matomo_fqdn }}/
with_items:
- 0_vhost.conf
- 1_vhost_additional.conf
- 2_mds_exclusion.conf
notify: reverse-proxy-reload

View file

@ -1,2 +0,0 @@
# {{ ansible_managed }}
Use vhost_HTTPS_Generic {{ docker_matomo_fqdn }} {{ docker_matomo_rp_cert }} http {{ docker_matomo_rp_docker_host }} info {{ docker_matomo_rp_access_policy }} {{ docker_matomo_rp_indexing }} {{ docker_matomo_rp_waf }}

View file

@ -1 +0,0 @@
# {{ ansible_managed }}

View file

@ -1,2 +0,0 @@
# {{ ansible_managed }}