From bb8c43479f430a140fd9c3ee95c062f8b1a5568c Mon Sep 17 00:00:00 2001 From: Chris Hammer Date: Mon, 2 Dec 2024 16:17:47 -0500 Subject: [PATCH] add dpaste.thezengarden.net; update cert refs; generic updates --- defaults/main/proxy_site_defs.yml | 12 ++++++------ defaults/main/proxy_sites.yml | 32 +++++++++++++++++-------------- meta/main.yml | 6 +++--- tasks/main.yml | 7 ------- tests/inventory | 2 -- tests/test.yml | 5 ----- vars/main.yml | 2 -- 7 files changed, 27 insertions(+), 39 deletions(-) delete mode 100644 tests/inventory delete mode 100644 tests/test.yml delete mode 100644 vars/main.yml diff --git a/defaults/main/proxy_site_defs.yml b/defaults/main/proxy_site_defs.yml index fc1ae36..90a1e0d 100644 --- a/defaults/main/proxy_site_defs.yml +++ b/defaults/main/proxy_site_defs.yml @@ -39,12 +39,12 @@ proxy_site_ssl_directory : /etc/nginx/ssl - proxy_site_ssl_certificate : "{{ proxy_site_ssl_directory }}/thezengarden.net/fullchain26.pem" - proxy_site_ssl_certificate_key : "{{ proxy_site_ssl_directory }}/thezengarden.net/privkey26.pem" - proxy_site_ssl_certificate_ch : "{{ proxy_site_ssl_directory }}/chris-hammer.com/fullchain15.pem" - proxy_site_ssl_certificate_key_ch : "{{ proxy_site_ssl_directory }}/chris-hammer.com/privkey15.pem" - proxy_site_ssl_certificate_cht : "{{ proxy_site_ssl_directory }}/christian-hammer.com/fullchain24.pem" - proxy_site_ssl_certificate_key_cht : "{{ proxy_site_ssl_directory }}/christian-hammer.com/privkey24.pem" + proxy_site_ssl_certificate : "{{ proxy_site_ssl_directory }}/thezengarden.net/fullchain27.pem" + proxy_site_ssl_certificate_key : "{{ proxy_site_ssl_directory }}/thezengarden.net/privkey27.pem" + proxy_site_ssl_certificate_ch : "{{ proxy_site_ssl_directory }}/chris-hammer.com/fullchain16.pem" + proxy_site_ssl_certificate_key_ch : "{{ proxy_site_ssl_directory }}/chris-hammer.com/privkey16.pem" + proxy_site_ssl_certificate_cht : "{{ proxy_site_ssl_directory }}/christian-hammer.com/fullchain25.pem" + proxy_site_ssl_certificate_key_cht : "{{ proxy_site_ssl_directory }}/christian-hammer.com/privkey25.pem" proxy_site_ssl_protocols : TLSv1.2 proxy_site_ssl_ciphers : ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256 diff --git a/defaults/main/proxy_sites.yml b/defaults/main/proxy_sites.yml index fe41fb2..d220d1d 100644 --- a/defaults/main/proxy_sites.yml +++ b/defaults/main/proxy_sites.yml @@ -1,11 +1,11 @@ --- proxy_sites: - wiki.thezengarden.net: - proto : http - dest : docker.thezengarden.net - port : 8081 - max_upload : "{{ proxy_default_max_upload }}" + # wiki.thezengarden.net: + # proto : http + # dest : docker.thezengarden.net + # port : 8081 + # max_upload : "{{ proxy_default_max_upload }}" git.thezengarden.net: @@ -35,6 +35,11 @@ proxy_sites: port : 7777 max_upload : "{{ proxy_default_max_upload }}" + dpaste.thezengarden.net: + proto : http + dest : podman.thezengarden.net + port : 8888 + max_upload : "{{ proxy_default_max_upload }}" ipam.thezengarden.net: proto : http @@ -131,10 +136,10 @@ proxy_sites: max_upload : "{{ proxy_default_max_upload }}" - pw-old.thezengarden.net: - proto : http - dest : docker.thezengarden.net - port : 8001 + # pw-old.thezengarden.net: + # proto : http + # dest : docker.thezengarden.net + # port : 8001 pw.thezengarden.net: @@ -198,10 +203,10 @@ proxy_sites: port : 443 - sso.thezengarden.net: - proto : https - dest : docker.thezengarden.net - port : 9443 + # sso.thezengarden.net: + # proto : https + # dest : docker.thezengarden.net + # port : 9443 stor1.thezengarden.net: @@ -220,7 +225,6 @@ proxy_sites: proto: https dest: proxmox_nodes upstream_servers: - - zg-vm1.thezengarden.net:8006 - zg-vm2.thezengarden.net:8006 - zg-vm3.thezengarden.net:8006 - zg-vm4.thezengarden.net:8006 diff --git a/meta/main.yml b/meta/main.yml index 23bb4ef..32fe41e 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -16,7 +16,7 @@ galaxy_info: # - CC-BY license: GPLv2 - min_ansible_version: 2.4 + min_ansible_version: "2.10" # If this a Container Enabled role, provide the minimum Ansible Container version. # min_ansible_container_version: @@ -36,9 +36,9 @@ galaxy_info: # https://galaxy.ansible.com/api/v1/platforms/ # platforms: - - name: Debian + - name: EL versions: - - 10 + - all # - name: Fedora # versions: # - all diff --git a/tasks/main.yml b/tasks/main.yml index 784d307..d5b5bdc 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -5,7 +5,6 @@ state: present tags: always - - name: Enable nginx at boot time ansible.builtin.service: name: nginx @@ -13,14 +12,12 @@ tags: always when: ansible_virtualization_type != "docker" - - name: Clean conf.d ansible.builtin.file: path: "{{ proxy_site_conf_dir }}" state: absent tags: ['clean_deploy', 'never'] - - name: Create conf.d directory ansible.builtin.file: path: "{{ proxy_site_conf_dir }}" @@ -28,7 +25,6 @@ mode: "0755" tags: always - - name: Create log directory ansible.builtin.file: path: "{{ proxy_site_log_path }}" @@ -36,7 +32,6 @@ mode: "0755" tags: always - ## TODO: fix the perms on ssl certs!!@*&!@^&* - name: Clone ssl certs @@ -48,7 +43,6 @@ tags: always notify: restart nginx - - name: Write configuration file(s) ansible.builtin.template: src: proxy_site.j2 @@ -59,7 +53,6 @@ tags: always notify: restart nginx - - name: Start nginx ansible.builtin.service: name: nginx diff --git a/tests/inventory b/tests/inventory deleted file mode 100644 index 878877b..0000000 --- a/tests/inventory +++ /dev/null @@ -1,2 +0,0 @@ -localhost - diff --git a/tests/test.yml b/tests/test.yml deleted file mode 100644 index 10127ce..0000000 --- a/tests/test.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- hosts: localhost - remote_user: root - roles: - - zen_rev_proxy \ No newline at end of file diff --git a/vars/main.yml b/vars/main.yml deleted file mode 100644 index f1e403f..0000000 --- a/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# vars file for zen_rev_proxy \ No newline at end of file