Skip to content
Snippets Groups Projects
Commit f44e2073 authored by Henry Fröcklin's avatar Henry Fröcklin
Browse files

Adding vlcpublib config.

parent 2e9b85d2
No related branches found
No related tags found
No related merge requests found
[Unit]
Description=gunicorn_vlcpublib daemon
Requires=gunicorn_vlcpublib.socket
After=network.target
[Service]
Type=notify
User=henfr13
Group=henfr13
WorkingDirectory=/home/henfr13/vlcpublib
Environment="SECRET_KEY"=/home/henfr13/vlcpublib/.VLCPUBLIB_SECRET_KEY
ExecStart=/home/henfr13/venv-django-vlcpublib/bin/gunicorn \
--access-logfile - \
--workers 3 \
--bind unix:/run/gunicorn_vlcpublib.sock \
vlcpublib.wsgi:application
[Install]
WantedBy=multi-user.target
[Unit]
Description=gunicorn socket
[Socket]
ListenStream=/run/gunicorn_vlcinv.sock
[Install]
WantedBy=sockets.target
\ No newline at end of file
access_log /var/log/nginx/vlcpublib.access.log;
error_log /var/log/nginx/vlcpublib.error.log;
server {
listen 80 ;
listen 443 ssl ;
listen [::]:443 ssl ;
charset utf-8 ;
ssl_certificate /etc/pki/tls/certs/letsencrypt-cert_chain-vlc.itn.liu.se.pem ;
ssl_certificate_key /etc/pki/tls/private/letsencrypt-vlc.itn.liu.se.key ;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3 ;
ssl_ciphers HIGH:!aNULL:!MD5 ;
allow all ;
server_name vlcpublib.itn.liu.se ;
location / {
#include proxy_params;
proxy_pass http://unix:/run/gunicorn_vlcpublib.sock;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /static {
autoindex on;
alias /var/www/vlcpublib/static/;
}
}
#Creates and enables systemd files for vlcinv application
class vlc::gunicorn_vlcpublib {
systemd::unit_file { 'gunicorn_vlcpublib.socket':
source => "puppet:///modules/${module_name}/gunicorn_vlcpublib.socket",
}
-> service { 'gunicorn_vlcpublib.socket':
enable => true,
}
-> systemd::unit_file { 'gunicorn_vlcpublib.service':
source => "puppet:///modules/${module_name}/gunicorn_vlcpublib.service",
}
-> service { 'gunicorn_vlcpublib.service':
ensure => 'running',
enable => true,
}
}
...@@ -10,10 +10,13 @@ class vlc { ...@@ -10,10 +10,13 @@ class vlc {
include vlc::python include vlc::python
include vlc::vlc include vlc::vlc
include vlc::vlcinv include vlc::vlcinv
include vlc::vlcpublib
include vlc::gunicorn_vlc include vlc::gunicorn_vlc
include vlc::gunicorn_vlcinv include vlc::gunicorn_vlcinv
include vlc::gunicorn_vlcpublib
include vlc::nginx_vlc include vlc::nginx_vlc
include vlc::nginx_vlcinv include vlc::nginx_vlcinv
include vlc::nginx_vlcpublib
include vlc::syncthing include vlc::syncthing
# Detta funkar för vpn på andra burkar # Detta funkar för vpn på andra burkar
......
#Certification #Certification
class vlc::nginx_cert { class vlc::nginx_cert {
$hostname = fact( 'networking.fqdn' ) $hostname = fact( 'networking.fqdn' )
$hostalias = ['vlcinv.itn.liu.se'] $hostalias = ['vlcinv.itn.liu.se', 'vlcpublib.itn.liu.se']
profiles::letsencrypt::cert { $hostname: profiles::letsencrypt::cert { $hostname:
common_name => $hostname, common_name => $hostname,
addn_domains => $hostalias, addn_domains => $hostalias,
......
#assign certificate and copies vlcpublib.conf to the right location
class vlc::nginx_vlcpublib () {
include vlc::nginx_cert
file { '/etc/nginx/conf.d/vlcpublib.conf':
ensure => 'file',
source => "puppet:///modules/${module_name}/vlcpublib.conf",
notify => Service['nginx'],
}
}
#Creates virtual environment, clones repo and installs python dependencies for vlcinv applications
class vlc::vlcpublib {
exec { 'creat_venv_vlcpublib':
command => 'python3.12 -m venv venv-django-vlcpublib',
path => ['/usr/bin', '/bin'],
cwd => '/home/henfr13',
user => 'henfr13',
creates => '/home/henfr13/venv-django-vlcpublib',
}
vcsrepo { '/home/henfr13/vlcpublib':
ensure => 'present',
provider => 'git',
source => 'git@gitlab.liu.se:henfr13/vlcpublib.git',
user => 'henfr13',
identity => '/home/henfr13/.ssh/henfr13-liu',
trust_server_cert => true,
}
exec { 'install_vlcpublib_requirements':
command => '/usr/local/bin/pip install -r /home/henfr13/vlcpublib/requirements.txt',
refreshonly => true,
}
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment