From d73361a1fd4036fee020ec568350d78d5aff26a7 Mon Sep 17 00:00:00 2001 From: Bernhard Tittelbach Date: Sun, 2 Nov 2025 03:10:32 +0100 Subject: [PATCH] vex2: fixes and tmpfiles.d --- ansible/roles/web/r3status/defaults/main.yml | 2 +- ansible/roles/web/r3status/tasks/main.yml | 11 +++++++++-- ansible/roles/web/r3status/templates/nginx.j2 | 2 +- ansible/roles/web/r3status/templates/tmpfiles.j2 | 3 +++ ansible/roles/web/realraumat/templates/www.realraum.at.j2 | 10 +++++++++- 5 files changed, 23 insertions(+), 5 deletions(-) create mode 100644 ansible/roles/web/r3status/templates/tmpfiles.j2 diff --git a/ansible/roles/web/r3status/defaults/main.yml b/ansible/roles/web/r3status/defaults/main.yml index 29ac966..ceee79f 100644 --- a/ansible/roles/web/r3status/defaults/main.yml +++ b/ansible/roles/web/r3status/defaults/main.yml @@ -1,3 +1,3 @@ --- r3status_spaceapi_path: /dev/shm/spaceapi -r3status_ics_path: /dev/shm/ics +r3status_ics_path: /dev/shm/ics \ No newline at end of file diff --git a/ansible/roles/web/r3status/tasks/main.yml b/ansible/roles/web/r3status/tasks/main.yml index 77837a2..62c3101 100644 --- a/ansible/roles/web/r3status/tasks/main.yml +++ b/ansible/roles/web/r3status/tasks/main.yml @@ -18,6 +18,15 @@ dest: /usr/local/bin/cache_realraum_imported_calendar.sh mode: 0755 +- name: install tmpfiles config + template: + src: tmpfiles.j2 + dest: /etc/tmpfiles.d/r3cache.conf + mode: 0644 + +- name: run systemd-tmpfiles to create cache directories + ansible.builtin.command: systemd-tmpfiles --create r3cache.conf + - name: copy grical caching services loop: - cache_realraum_imported_calendar.timer @@ -53,8 +62,6 @@ content: | no-agent-forwarding,no-port-forwarding,no-pty,no-X11-forwarding,no-user-rc,command="/usr/local/bin/ssh-spaceapi-update.py" {{ r3status_spaceapi_update_user_ssh_key }} -### TODO: grical downloader script - - name: create status web-root directory file: path: /srv/r3status/www diff --git a/ansible/roles/web/r3status/templates/nginx.j2 b/ansible/roles/web/r3status/templates/nginx.j2 index 76fe826..6b05eb7 100644 --- a/ansible/roles/web/r3status/templates/nginx.j2 +++ b/ansible/roles/web/r3status/templates/nginx.j2 @@ -21,7 +21,7 @@ server { add_header Cache-Control "no-cache"; } - location ^/ics/(.*)$ { + location ~ ^/ics/(.*)$ { alias {{ r3status_ics_path }}/$1; add_header Access-Control-Allow-Origin "*"; add_header Pragma "no-cache"; diff --git a/ansible/roles/web/r3status/templates/tmpfiles.j2 b/ansible/roles/web/r3status/templates/tmpfiles.j2 new file mode 100644 index 0000000..2600822 --- /dev/null +++ b/ansible/roles/web/r3status/templates/tmpfiles.j2 @@ -0,0 +1,3 @@ +d /dev/shm/wget 0755 spaceapi spaceapi +d /dev/shm/ics 0755 spaceapi spaceapi +d /dev/shm/spaceapi 0755 spaceapi spaceapi diff --git a/ansible/roles/web/realraumat/templates/www.realraum.at.j2 b/ansible/roles/web/realraumat/templates/www.realraum.at.j2 index 0c18db3..6a19f8e 100644 --- a/ansible/roles/web/realraumat/templates/www.realraum.at.j2 +++ b/ansible/roles/web/realraumat/templates/www.realraum.at.j2 @@ -17,7 +17,6 @@ server { root /srv/realraumat/www/; access_log off; - error_log /var/log/nginx/realraum.at/error.log notice; # rewrite_log on; @@ -36,14 +35,23 @@ server { } location = /status.json { + add_header Access-Control-Allow-Origin "*"; + add_header Pragma "no-cache"; + add_header Cache-Control "no-cache"; return 302 https://status.realraum.at/spaceapi.json; # planned: 301 } location = /shmcache/status.json { + add_header Access-Control-Allow-Origin "*"; + add_header Pragma "no-cache"; + add_header Cache-Control "no-cache"; return 302 https://status.realraum.at/spaceapi.json; # planned: 301 } location ~ ^/shmcache/(.*)$ { + add_header Access-Control-Allow-Origin "*"; + add_header Pragma "no-cache"; + add_header Cache-Control "no-cache"; return 302 https://status.realraum.at/ics/$1; # planned: 301 } -- 1.7.10.4