diff --git a/pillar/webserver/sites.sls b/pillar/webserver/sites.sls --- a/pillar/webserver/sites.sls +++ b/pillar/webserver/sites.sls @@ -85,6 +85,7 @@ - .be/dereckson # Directly managed by Nasqueron + - .org/nasqueron/api - .org/nasqueron/docs # ------------------------------------------------------------- diff --git a/roles/webserver-content/init.sls b/roles/webserver-content/init.sls --- a/roles/webserver-content/init.sls +++ b/roles/webserver-content/init.sls @@ -10,5 +10,6 @@ - .be/dereckson - .com/paysannerebelle - .org/eglide + - .org/nasqueron/api - .org/nasqueron/docs - .org/nasqueron/social diff --git a/roles/webserver-legacy/nginx/config.sls b/roles/webserver-content/org/nasqueron/api.sls copy from roles/webserver-legacy/nginx/config.sls copy to roles/webserver-content/org/nasqueron/api.sls --- a/roles/webserver-legacy/nginx/config.sls +++ b/roles/webserver-content/org/nasqueron/api.sls @@ -1,21 +1,25 @@ # ------------------------------------------------------------- -# Salt — Sites to provision on the legacy web server +# Salt — Provision api.nasqueron.org website # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Project: Nasqueron # License: Trivial work, not eligible to copyright # ------------------------------------------------------------- -{% from "map.jinja" import dirs with context %} +{% if salt['node.has_web_content'](".org/nasqueron/api") %} # ------------------------------------------------------------- -# includes folder -# -# :: general configuration -# :: application-specific code -# ------------------------------------------------------------- +# Base part from rOPS +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -{{ dirs.etc }}/nginx/includes: +/var/wwwroot/nasqueron.org/api: file.recurse: - - source: salt://roles/webserver-legacy/nginx/files/includes + - source: salt://wwwroot/nasqueron.org/api + - exclude_pat: E@.git + - include_empty: True + - clean: False - dir_mode: 755 - file_mode: 644 + - user: deploy + - group: web + +{% endif %} diff --git a/roles/webserver-legacy/nginx/config.sls b/roles/webserver-legacy/nginx/config.sls --- a/roles/webserver-legacy/nginx/config.sls +++ b/roles/webserver-legacy/nginx/config.sls @@ -19,3 +19,13 @@ - source: salt://roles/webserver-legacy/nginx/files/includes - dir_mode: 755 - file_mode: 644 + +# ------------------------------------------------------------- +# vhosts folder +# ------------------------------------------------------------- + +{{ dirs.etc }}/nginx/vhosts: + file.recurse: + - source: salt://roles/webserver-legacy/nginx/files/vhosts + - dir_mode: 755 + - file_mode: 644 diff --git a/roles/webserver-legacy/nginx/files/vhosts/nasqueron.org/api.conf b/roles/webserver-legacy/nginx/files/vhosts/nasqueron.org/api.conf new file mode 100644 --- /dev/null +++ b/roles/webserver-legacy/nginx/files/vhosts/nasqueron.org/api.conf @@ -0,0 +1,38 @@ +# ------------------------------------------------------------- +# Webserver +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Project: Nasqueron +# Site: api.nasqueron.org +# License: Trivial work, not eligible to copyright +# Source file: roles/webserver-legacy/nginx/files/vhosts/nasqueron.org/api.conf +# ------------------------------------------------------------- +# +# +# This file is managed by our rOPS SaltStack repository. +# +# Changes to this file may cause incorrect behavior +# and will be lost if the state is redeployed. +# + +server { + listen 80; + listen [::]:80; + server_name api.nasqueron.org; + + return 301 https://api.nasqueron.org$request_uri; +} + +server { + server_name api.nasqueron.org; + + include includes/tls; + ssl_certificate /usr/local/etc/letsencrypt/live/api.nasqueron.org/fullchain.pem; + ssl_certificate_key /usr/local/etc/letsencrypt/live/api.nasqueron.org/privkey.pem; + + error_log /var/log/www/nasqueron.org/api-error.log; + access_log /var/log/www/nasqueron.org/api-access.log; + + root /var/wwwroot/nasqueron.org/api; + + include includes/letsencrypt; +}