Verified Commit b2c4b622 authored by Giancarlo Razzolini's avatar Giancarlo Razzolini
Browse files

roles/security-tracker: Work on the security-tracker role almost complete.

parent 1bc0b279
$ANSIBLE_VAULT;1.1;AES256
33636363346639663930653961373863633738393731383733613866663933343264306530343464
6539346430383061636562623230373766396362383861300a373563653633636131656332343465
33653863336639666664353963373066656639373666353032643839393264333739366463666531
6466333030336438620a333538613564303335616266643539303630666365396565643232333939
63643632623333356434636533656138626136333034393537646136323663306138613730383138
63636565616639386334616532623233333131666564633933386232393963353066363938393432
66303439373639636666356430363635343436363037623631386136336437343836353863383163
39303931623637646131396331313835393161653465653131366434636465616537636565643261
3330
[Unit]
Description=Security Tracker update service
[Service]
Type=oneshot
User=security
Group=security
WorkingDirectory=/srv/http/security-tracker
ExecStart=/usr/bin/make update
[Install]
WantedBy=multi-user.target
[Unit]
Description=Security Tracker update timer
[Timer]
OnUnitActiveSec=1h
OnBootSec=15min
RandomizedDelaySec=10min
[Install]
WantedBy=timers.target
---
- name: daemon reload
command: systemctl daemon-reload
...@@ -38,3 +38,23 @@ ...@@ -38,3 +38,23 @@
- name: make nginx log dir - name: make nginx log dir
file: path=/var/log/nginx/{{ security_tracker_domain }} state=directory owner=http group=log mode=755 file: path=/var/log/nginx/{{ security_tracker_domain }} state=directory owner=http group=log mode=755
- name: copy security-tracker units
copy: src="{{ item }}" dest="/etc/systemd/system/{{ item }}" owner=root group=root mode=0644
with_items:
- security-tracker-update.timer
- security-tracker-update.service
notify:
- daemon reload
- name: configure security-tracker
template: src=20-user.local.conf.j2 dest={{ security_tracker_dir }}/config/20-user.local.conf owner=security group=security mode=0640
- name: deploy security-tracker
template: src=security-tracker.ini.j2 dest=/etc/uwsgi/vassals/security-tracker.ini owner=security group=http mode=0644
- name: start and enable security-tracker units
service: name="{{ item }}" enabled=yes state=started
with_items:
- security-tracker-update.timer
- security-tracker-update.service
[flask]
secret_key = '{{ security_tracker.secret_key }}'
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment