-
Christian Heusel authoredUp until now the captcha has depended on the exact output of the pacman version command which could lead to multiple problematic scenarios: a) User uses testing repos (user pacman newer) b) Server is not instantly updated (user pacman newer) c) User system is not updated (user pacman older) Circumvent this problem by switching to a time based captcha instead. Signed-off-by:Christian Heusel <christian@heusel.eu>
Christian Heusel authoredUp until now the captcha has depended on the exact output of the pacman version command which could lead to multiple problematic scenarios: a) User uses testing repos (user pacman newer) b) Server is not instantly updated (user pacman newer) c) User system is not updated (user pacman older) Circumvent this problem by switching to a time based captcha instead. Signed-off-by:
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
main.yml 4.77 KiB
- name: Run maintenance mode
include_role:
name: maintenance
vars:
service_name: "wiki"
service_domain: "{{ archwiki_domain }}"
service_alternate_domains: []
service_nginx_conf: "{{ archwiki_nginx_conf }}"
when: maintenance is defined
- name: Create ssl cert
include_role:
name: certificate
vars:
domains: ["{{ archwiki_domain }}"]
when: 'archwiki_domain is defined'
- name: Install packages
pacman: name=git,php-intl state=present
- name: Make archwiki user
user: name="{{ archwiki_user }}" shell=/bin/false home="{{ archwiki_dir }}" createhome=no
register: user_created
- name: Fix home permissions
file: state=directory owner="{{ archwiki_user }}" group="{{ archwiki_user }}" mode=0751 path="{{ archwiki_dir }}"
- name: Fix cache permissions
file: state=directory owner="{{ archwiki_user }}" group="{{ archwiki_user }}" mode=0750 path="{{ archwiki_dir }}/cache"
- name: Fix sessions permissions
file: state=directory owner="{{ archwiki_user }}" group="{{ archwiki_user }}" mode=0750 path="{{ archwiki_dir }}/sessions"
- name: Fix uploads permissions
file: state=directory owner="{{ archwiki_user }}" group="{{ archwiki_user }}" mode=0755 path="{{ archwiki_dir }}/uploads"
- name: Set up nginx
template: src=nginx.d.conf.j2 dest="{{ archwiki_nginx_conf }}" owner=root group=root mode=644
notify:
- Reload nginx
when: maintenance is not defined
tags: ['nginx']
- name: Configure robots.txt
copy: src=robots.txt dest="{{ archwiki_dir }}/robots.txt" owner=root group=root mode=0644
- name: Make nginx log dir
file: path=/var/log/nginx/{{ archwiki_domain }} state=directory owner=root group=root mode=0755
- name: Make debug log dir
file: path=/var/log/archwiki state=directory owner={{ archwiki_user }} group=root mode=0700
- name: Clone archwiki repo
git: repo={{ archwiki_repository }} dest="{{ archwiki_dir }}/public" version={{ archwiki_version }}
become: true
become_user: "{{ archwiki_user }}"
notify:
- Run wiki updatescript
# archwiki updates often break magic words in mails, leaving them
# unexpanded until the archwiki-runjobs-wait service is restarted
- Restart archwiki-runjobs-wait
# purge the nginx cache and MediaWiki file cache to make sure clients get updated assets
# as well as freshly rendered pages using the new assets
- Purge nginx cache
- Invalidate MediaWiki file cache
- name: Configure archwiki
template: src=LocalSettings.php.j2 dest="{{ archwiki_dir }}/public/LocalSettings.php" owner="{{ archwiki_user }}" group="{{ archwiki_user }}" mode=0640
register: config
no_log: true