90 lines
2.9 KiB
Markdown
90 lines
2.9 KiB
Markdown
|
|
# Install Nextcloud and Gitea
|
|
|
|
This guide will assist you to quickly configure ansible project, for deployment of Nexcloud (NC) and Gitea(GT).
|
|
|
|
**During deployment of applications following actions will be done**
|
|
|
|
* Docker / Docker compose will be installed.
|
|
* Installation of NC
|
|
* Configuration of NC
|
|
* Installation of GT
|
|
* Configuration of GT
|
|
* OS hardening will be done (Devsec and fail2ban configs).
|
|
* Nginx setup
|
|
* Reverse proxy setup
|
|
* Lets encrypt setuo
|
|
* Opening of upstreams on nginx
|
|
|
|
|
|
#### Steps to configure and execute playbook
|
|
|
|
1. Change Internal IP address in following files
|
|
* Go to roles -> next-cloud -> defaults -> main.yml, Provide internal ip address of VPS at following field
|
|
````
|
|
service:
|
|
ip: 192.168.0.0
|
|
port: 9080
|
|
````
|
|
* Go to roles -> git-tea -> defaults -> main.yml
|
|
````
|
|
internal_ip: 192.168.0.0
|
|
````
|
|
* Go to playbooks -> nginx-playbook.yml
|
|
````
|
|
nginx_revproxy_sites:
|
|
drive.smarticlelabs.com:
|
|
domains:
|
|
- drive.smarticlelabs.com
|
|
upstreams:
|
|
- { backend_address: 192.168.0.0, backend_port: 9080 }
|
|
````
|
|
````
|
|
source.smarticlelabs.com:
|
|
domains:
|
|
- source.smarticlelabs.com
|
|
upstreams:
|
|
- { backend_address: 10.0.0.2, backend_port: 3000 }
|
|
````
|
|
2. Now you need to provide domain and sub domain
|
|
* Go to playbooks -> nginx-playbook.yml
|
|
````
|
|
nginx_revproxy_sites:
|
|
subdomain.yourdomain.com:
|
|
domains:
|
|
- subdoamin.yourdomain.com
|
|
````
|
|
````
|
|
subdomaintwo.yourdomain.com:
|
|
domains:
|
|
- subdomaintwo.yourdomain.com
|
|
````
|
|
* Go to roles -> next-cloud -> defaults -> main.yml
|
|
````
|
|
next_cloud_domain: https://subdoamin.yourdomain.com
|
|
````
|
|
* Go to roles -> git-tea -> defaults -> main.yml
|
|
````
|
|
app:
|
|
domain: subdomaintwo.yourdomain.com
|
|
name : SmarticleLabs
|
|
mode : prod
|
|
disable_ssh : false
|
|
http_port : 3000
|
|
root_url : https://subdomaintwo.yourdomain.com
|
|
````
|
|
3. Now you need to provide your VPS external/public ip and ssh key path in inventory, So to do that
|
|
* Navigate to inventory -> inventory.ini file
|
|
* provide external/public ip
|
|
* provide path to your ssh public key
|
|
|
|
4. Finally you need to run following playbooks in suggested order
|
|
* $ansible-playbook -i inventory/inventory.ini playbooks/docker-playbook.yml
|
|
* $ansible-playbook -i inventory/inventory.ini playbooks/next-cloud-playbook.yml
|
|
* $ansible-playbook -i inventory/inventory.ini playbooks/git-tea-playbook.yml
|
|
* $ansible-playbook -i inventory/inventory.ini playbooks/os-hardening.yml
|
|
* $ansible-playbook -i inventory/inventory.ini playbooks/nginx-playbook.yml
|
|
|
|
5. And you are done ;-) Wait for few mins, let `nginx-playbook` issue ssl certificate and register against your domain.
|
|
|