Commit 5054193c authored by Florian Pritz's avatar Florian Pritz
Browse files

Add kanbord



Signed-off-by: Florian Pritz's avatarFlorian Pritz <bluewind@xinu.at>
parent 79d28122
$ANSIBLE_VAULT;1.1;AES256
35353936623030636232393539393164396365376130343161636139613764316664373330613937
3933613364346461356462363364373634313837663730650a663039376662633337386465333531
62313138613939353961386639323132643763346536626435653638356261376237616161616432
3135646239633537390a366534376333346238323466656365633730323731376630383562616264
34636232636435313039623134653862366630343733373035396139363933323839396566616535
61356234356163643366343464303163633761333339623865366165376237383164363235323439
316335636134333430366536383031646434
......@@ -30,3 +30,4 @@
- { role: flyspray, tags: ["flyspray"] }
- { role: mailman, mailman_domain: "lists.archlinux.org", tags: ["mailman"] }
- { role: patchwork, tags: ["patchwork"] }
- { role: kanboard, tags: ["kanboard"] }
---
kanboard_dir: "/srv/http/kanboard"
kanboard_domain: "kanboard.archlinux.org"
kanboard_db_user: "kanboard"
kanboard_db: "kanboard"
---
- name: restart php-fpm@kanboard
service: name=php-fpm@kanboard state=restarted
---
- name: install packages
pacman: name=git,php-composer state=present
- name: make kanboard user
user: name=kanboard shell=/bin/false home="{{ kanboard_dir }}" createhome=no
- name: clone kanboard git repo
git: repo=https://github.com/kanboard/kanboard.git dest="{{kanboard_dir}}" version=stable
- name: install nginx config
template: src=nginx.d.conf.j2 dest=/etc/nginx/nginx.d/kanboard.conf owner=root group=root mode=644
notify:
- reload nginx
- name: make nginx log dir
file: path=/var/log/nginx/{{ kanboard_domain }} state=directory owner=root group=root mode=0755
- name: make dirs for webuser
file: path="{{kanboard_dir}}/{{item}}" owner=kanboard mode=700 state=directory
with_items:
- data
- .composer
- vendor
- name: install composer dependencies
composer: command="install" working_dir="{{kanboard_dir}}"
become: true
become_user: kanboard
- name: create kanboard db user
postgresql_user: name={{ kanboard_db_user }} password={{ kanboard_db_password }}
become: yes
become_user: postgres
become_method: su
- name: create kanboard db
postgresql_db: db="{{kanboard_db}}"
become: yes
become_user: postgres
become_method: su
- name: install kanboard config
template: src=config.php.j2 dest="{{kanboard_dir}}/config.php" owner=root group=kanboard mode=640
- name: configure php-fpm
template:
src=php-fpm.conf.j2 dest="/etc/php/php-fpm.d/kanboard.conf"
owner=root group=root mode=0644
notify:
- restart php-fpm@kanboard
- name: start and enable systemd socket
service: name=php-fpm@kanboard.socket state=running enabled=true
<?php
define('DB_DRIVER', 'postgres');
define('DB_USERNAME', '{{kanboard_db_user}}');
define('DB_PASSWORD', '{{kanboard_db_password}}');
define('DB_HOSTNAME', 'localhost');
define('DB_NAME', '{{kanboard_db}}');
upstream kanboard {
server unix:///run/php-fpm/kanboard.socket;
}
server {
listen 80;
listen [::]:80;
server_name {{ kanboard_domain }};
access_log /var/log/nginx/{{ kanboard_domain }}/access.log;
error_log /var/log/nginx/{{ kanboard_domain }}/error.log;
include snippets/letsencrypt.conf;
location / {
rewrite ^(.*) https://$server_name$1 permanent;
}
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name {{ kanboard_domain }};
access_log /var/log/nginx/{{ kanboard_domain }}/access.log;
error_log /var/log/nginx/{{ kanboard_domain }}/error.log;
ssl_certificate /etc/letsencrypt/live/{{ kanboard_domain }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ kanboard_domain }}/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/{{ kanboard_domain }}/chain.pem;
root {{ kanboard_dir }};
location /data {
deny all;
}
location ~ \.php$ {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_pass kanboard;
}
}
[global]
error_log = syslog
daemonize = no
[kanboard]
listen = /run/php-fpm/kanboard.socket
listen.owner = kanboard
listen.group = http
listen.mode = 0660
pm = dynamic
pm.max_children = 20
pm.start_servers = 1
pm.min_spare_servers = 1
pm.max_spare_servers = 3
pm.max_requests = 2000
php_admin_value[open_basedir] = {{ kanboard_dir }}:/tmp
php_admin_value[opcache.memory_consumption] = 128
php_admin_value[opcache.interned_strings_buffer] = 8
php_admin_value[opcache.max_accelerated_files] = 200
php_admin_value[opcache.revalidate_freq] = 60
php_admin_value[opcache.fast_shutdown] = 1
php_admin_value[disable_functions] = passthru, exec, proc_open, shell_exec, system, popen
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment