bubbles/homelab_flarum
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Merge pull request 'Made project more public-facing friendly' (#1) from develop into main

Browse Source 
Reviewed-on: #1
This commit is contained in:
bubbles 2024-03-11 07:56:20 -05:00
commit 13857d6dce
6 changed files with 66 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
README.md Normal file
View File

@ -0,0 +1,29 @@
# Cloudflare
Note: this project assumes the use of Cloudflare Tunnels with a tunnel already running.
# Terraform
[Terraform](./terraform) setup MUST be [run](./terraform/run.sh) first to generate TLS certificates
# Ansible
Set your ansible_user appropriately in [hosts.yml](hosts.yml)
Set your host [hosts.yml](hosts.yml) to your server name in ssh_config.
Example ssh config:
```
Host server1
HostName <host-ip-address>
IdentityFile <path-to-ssh-certs>
```
[Run Ansible](run.sh)
## Ansible-Vault
Required variables:
* flarum_db_pass: The password for the Flarum MySQL user.
* server1_become_pass: The sudo password for ansible_user.

2
hosts.yml
View File

@ -3,7 +3,5 @@ all:
hosts: hosts:
server1: server1:
ansible_become_pass: "{{ server1_become_pass }}" ansible_become_pass: "{{ server1_become_pass }}"
server2:
ansible_become_pass: "{{ server2_become_pass }}"
vars: vars:
ansible_user: zoe ansible_user: zoe

80
roles/flarum/tasks/main.yml
View File

@ -24,68 +24,22 @@
- name: Install PHP - name: Install PHP
become: yes become: yes
zypper: zypper:
name: php81 name: "{{ item }}"
state: latest
- name: Install PHP-FPM
become: yes
zypper:
name: php81-fpm
state: latest
- name: Install PHP OpenSSL
become: yes
zypper:
name: php81-openssl
state: latest
- name: Install PHP Phar
become: yes
zypper:
name: php81-phar
state: latest
- name: Install PHP iconv
become: yes
zypper:
name: php81-iconv
state: latest
- name: Install PHP mbstring
become: yes
zypper:
name: php81-mbstring
state: latest
- name: Install PHP PDO
become: yes
zypper:
name: php81-pdo
state: latest
- name: Install PHP FileInfo
become: yes
zypper:
name: php81-fileinfo
state: latest
- name: Install PHP DOM
become: yes
zypper:
name: php81-dom
state: latest
- name: Install PHP Curl
become: yes
zypper:
name: php81-curl
state: latest
- name: Install PHP GD
become: yes
zypper:
name: php81-gd
state: latest
- name: Install PHP pdo_mysql
become: yes
zypper:
name: php81-mysql
state: latest
- name: Install PHP tokenizer
become: yes
zypper:
name: php81-tokenizer
state: latest state: latest
loop:
- php81
- php81-fpm
- php81-openssl
- php81-phar
- php81-iconv
- php81-mbstring
- php81-pdo
- php81-fileinfo
- php81-dom
- php81-curl
- php81-gd
- php81-mysql
- php81-tokenizer
- name: Install Composer - name: Install Composer
become: yes become: yes
script: script:
@ -93,9 +47,9 @@
- name: Update sudoers - name: Update sudoers
become: yes become: yes
community.general.sudoers: community.general.sudoers:
name: zoe-do-as-flarum name: do-as-flarum
state: present state: present
user: zoe user: "{{ ansible_user }}"
runas: flarum runas: flarum
commands: ALL commands: ALL
- name: Create Flarum project - name: Create Flarum project

4
roles/flarum/tasks/setup_mariadb.yml
View File

@ -2,9 +2,9 @@
- name: Update sudoers - name: Update sudoers
become: yes become: yes
community.general.sudoers: community.general.sudoers:
name: zoe-do-as-mysql name: do-as-mysql
state: present state: present
user: zoe user: "{{ ansible_user }}"
runas: mysql runas: mysql
commands: ALL commands: ALL
- name: Install MariaDB Server - name: Install MariaDB Server

6
terraform/main.tf
View File

@ -26,13 +26,13 @@ resource "tls_private_key" "private_key" {
resource "acme_registration" "reg" { resource "acme_registration" "reg" {
account_key_pem = tls_private_key.private_key.private_key_pem account_key_pem = tls_private_key.private_key.private_key_pem
email_address = "admin@bubblesthebunny.com" email_address = var.acme_reg_email
} }
resource "acme_certificate" "certificate" { resource "acme_certificate" "certificate" {
account_key_pem = acme_registration.reg.account_key_pem account_key_pem = acme_registration.reg.account_key_pem
common_name = "bubblesthebunny.com" common_name = var.domain_name
subject_alternative_names = ["flarum.bubblesthebunny.com"] subject_alternative_names = [var.fqdn]
dns_challenge { dns_challenge {
provider = "cloudflare" provider = "cloudflare"

15
terraform/variables.tf
View File

@ -17,3 +17,18 @@ variable "cname_record" {
type = string type = string
description = "The CNAME record used by the Cloudflared tunnel" description = "The CNAME record used by the Cloudflared tunnel"
} }
variable "acme_reg_email" {
type = string
description = "The registration email for the TLS certificates"
}
variable "domain_name" {
type = string
description = "The domain name (common name) for the TLS certificates ex. example.com"
}
variable "fqdn" {
type = string
description = "The Fully Qualified Domain Name (alt name) ex. subdomain.example.com"
}