ungleich-public/__ungleich_nextcloud
6
0
Fork 0
Code Issues 1 Pull requests Projects Releases Wiki Activity

Update type for non cloud.ungleich.ch domains

Browse source
This commit is contained in:
Nico Schottelius 2018-12-05 13:29:09 +01:00
parent 43fd762d9c
commit f2b210f4df
2 changed files with 26 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
files/nextcloud.nginx
View file

@ -2,19 +2,12 @@ upstream php-handler {
server unix:/run/php/php7.0-fpm.sock; server unix:/run/php/php7.0-fpm.sock;
} }
server {
listen [::]:80;
server_name cloud.ungleich.ch;
# enforce https
return 301 https://$server_name$request_uri;
}
server { server {
listen [::]:443 ssl; listen [::]:443 ssl;
server_name cloud.ungleich.ch; server_name DOMAIN;
ssl_certificate /etc/ssl/certs/star.ungleich.ch.crt; ssl_certificate /etc/letsencrypt/live/DOMAIN/fullchain.pem;
ssl_certificate_key /etc/ssl/private/star.ungleich.ch.key; ssl_certificate_key /etc/letsencrypt/live/DOMAIN/privkey.pem;
# Add headers to serve security related headers # Add headers to serve security related headers
# Before enabling Strict-Transport-Security headers please read into this # Before enabling Strict-Transport-Security headers please read into this

28
manifest
View file

@ -1,6 +1,7 @@
#!/bin/sh #!/bin/sh
# #
# 2017 ungleich GmbH (cdist at ungleich.ch) # 2017 ungleich GmbH (cdist at ungleich.ch)
# 2018 ungleich glarus ag (cdist at ungleich.ch)
# #
# This file is part of cdist. # This file is part of cdist.
# #
@ -43,6 +44,8 @@ db_user=$(cat "$__object/parameter/db-user")
db_name=$(cat "$__object/parameter/db-name") db_name=$(cat "$__object/parameter/db-name")
domain=$(cat "$__object/parameter/domain") domain=$(cat "$__object/parameter/domain")
tmpdir="$__object/files"
mkdir "$tmpdir"
__apt_key_uri dotdeb --uri https://www.dotdeb.org/dotdeb.gpg __apt_key_uri dotdeb --uri https://www.dotdeb.org/dotdeb.gpg
require="__apt_key_uri/dotdeb" __apt_source dotdeb --uri http://packages.dotdeb.org \ require="__apt_key_uri/dotdeb" __apt_source dotdeb --uri http://packages.dotdeb.org \
@ -64,19 +67,34 @@ __package curl --state=present
# Configure packages # Configure packages
## PHP 7 ## PHP 7
require="__package/php7.0-fpm" __file /etc/php/7.0/fpm/pool.d/www.conf \ require="__package/php7.0-fpm" __file /etc/php/7.0/fpm/pool.d/www.conf \
--owner root --group root --mode 644 --source "$__type/files/fpm.conf" --owner root --group root --mode 644 --source "$__type/files/fpm.conf"
## Nginx ## Nginx
require="__package/nginx" __file /etc/nginx/sites-enabled/nextcloud --owner www-data \ ### HTTP only server to allow access
--group www-data --mode 755 --source "$__type/files/nextcloud.nginx" __ungleich_http_server_ssl_redirect_letsencrypt --webroot /var/www/html/ "$domain"
### Get the certificates
require="__ungleich_http_server_ssl_redirect_letsencrypt/$domain" \
__letsencrypt_cert --admin-email technik@ungleich.ch \
--webroot /var/www/html/ \
--renew-hook "service nginx reload" \
--domain "$domain" --automatic-renewal \
"$domain"
### The SSL configuration
sed "s/DOMAIN/$domain/" "$__type/files/nextcloud.nginx" > "$tmpdir/nginx"
require="__letsencrypt_cert/$domain __package/nginx" __file /etc/nginx/sites-enabled/nextcloud \
--owner www-data \
--group www-data \
--mode 755 \
--source "$tmpdir/nginx"
## Postgres ## Postgres
require="__package/postgresql" __postgres_role "${db_user}" --password "${db_pass}"\ require="__package/postgresql" __postgres_role "${db_user}" --password "${db_pass}" \
--login --createdb --login --createdb
require="__package/postgresql __postgres_role/${db_user}" __postgres_database "${db_name}"\ require="__package/postgresql __postgres_role/${db_user}" __postgres_database "${db_name}"\