add dpaste.thezengarden.net; update cert refs; generic updates
This commit is contained in:
parent
53a8741923
commit
bb8c43479f
@ -39,12 +39,12 @@
|
||||
|
||||
|
||||
proxy_site_ssl_directory : /etc/nginx/ssl
|
||||
proxy_site_ssl_certificate : "{{ proxy_site_ssl_directory }}/thezengarden.net/fullchain26.pem"
|
||||
proxy_site_ssl_certificate_key : "{{ proxy_site_ssl_directory }}/thezengarden.net/privkey26.pem"
|
||||
proxy_site_ssl_certificate_ch : "{{ proxy_site_ssl_directory }}/chris-hammer.com/fullchain15.pem"
|
||||
proxy_site_ssl_certificate_key_ch : "{{ proxy_site_ssl_directory }}/chris-hammer.com/privkey15.pem"
|
||||
proxy_site_ssl_certificate_cht : "{{ proxy_site_ssl_directory }}/christian-hammer.com/fullchain24.pem"
|
||||
proxy_site_ssl_certificate_key_cht : "{{ proxy_site_ssl_directory }}/christian-hammer.com/privkey24.pem"
|
||||
proxy_site_ssl_certificate : "{{ proxy_site_ssl_directory }}/thezengarden.net/fullchain27.pem"
|
||||
proxy_site_ssl_certificate_key : "{{ proxy_site_ssl_directory }}/thezengarden.net/privkey27.pem"
|
||||
proxy_site_ssl_certificate_ch : "{{ proxy_site_ssl_directory }}/chris-hammer.com/fullchain16.pem"
|
||||
proxy_site_ssl_certificate_key_ch : "{{ proxy_site_ssl_directory }}/chris-hammer.com/privkey16.pem"
|
||||
proxy_site_ssl_certificate_cht : "{{ proxy_site_ssl_directory }}/christian-hammer.com/fullchain25.pem"
|
||||
proxy_site_ssl_certificate_key_cht : "{{ proxy_site_ssl_directory }}/christian-hammer.com/privkey25.pem"
|
||||
proxy_site_ssl_protocols : TLSv1.2
|
||||
proxy_site_ssl_ciphers : ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256
|
||||
|
||||
|
||||
@ -1,11 +1,11 @@
|
||||
---
|
||||
|
||||
proxy_sites:
|
||||
wiki.thezengarden.net:
|
||||
proto : http
|
||||
dest : docker.thezengarden.net
|
||||
port : 8081
|
||||
max_upload : "{{ proxy_default_max_upload }}"
|
||||
# wiki.thezengarden.net:
|
||||
# proto : http
|
||||
# dest : docker.thezengarden.net
|
||||
# port : 8081
|
||||
# max_upload : "{{ proxy_default_max_upload }}"
|
||||
|
||||
|
||||
git.thezengarden.net:
|
||||
@ -35,6 +35,11 @@ proxy_sites:
|
||||
port : 7777
|
||||
max_upload : "{{ proxy_default_max_upload }}"
|
||||
|
||||
dpaste.thezengarden.net:
|
||||
proto : http
|
||||
dest : podman.thezengarden.net
|
||||
port : 8888
|
||||
max_upload : "{{ proxy_default_max_upload }}"
|
||||
|
||||
ipam.thezengarden.net:
|
||||
proto : http
|
||||
@ -131,10 +136,10 @@ proxy_sites:
|
||||
max_upload : "{{ proxy_default_max_upload }}"
|
||||
|
||||
|
||||
pw-old.thezengarden.net:
|
||||
proto : http
|
||||
dest : docker.thezengarden.net
|
||||
port : 8001
|
||||
# pw-old.thezengarden.net:
|
||||
# proto : http
|
||||
# dest : docker.thezengarden.net
|
||||
# port : 8001
|
||||
|
||||
|
||||
pw.thezengarden.net:
|
||||
@ -198,10 +203,10 @@ proxy_sites:
|
||||
port : 443
|
||||
|
||||
|
||||
sso.thezengarden.net:
|
||||
proto : https
|
||||
dest : docker.thezengarden.net
|
||||
port : 9443
|
||||
# sso.thezengarden.net:
|
||||
# proto : https
|
||||
# dest : docker.thezengarden.net
|
||||
# port : 9443
|
||||
|
||||
|
||||
stor1.thezengarden.net:
|
||||
@ -220,7 +225,6 @@ proxy_sites:
|
||||
proto: https
|
||||
dest: proxmox_nodes
|
||||
upstream_servers:
|
||||
- zg-vm1.thezengarden.net:8006
|
||||
- zg-vm2.thezengarden.net:8006
|
||||
- zg-vm3.thezengarden.net:8006
|
||||
- zg-vm4.thezengarden.net:8006
|
||||
|
||||
@ -16,7 +16,7 @@ galaxy_info:
|
||||
# - CC-BY
|
||||
license: GPLv2
|
||||
|
||||
min_ansible_version: 2.4
|
||||
min_ansible_version: "2.10"
|
||||
|
||||
# If this a Container Enabled role, provide the minimum Ansible Container version.
|
||||
# min_ansible_container_version:
|
||||
@ -36,9 +36,9 @@ galaxy_info:
|
||||
# https://galaxy.ansible.com/api/v1/platforms/
|
||||
#
|
||||
platforms:
|
||||
- name: Debian
|
||||
- name: EL
|
||||
versions:
|
||||
- 10
|
||||
- all
|
||||
# - name: Fedora
|
||||
# versions:
|
||||
# - all
|
||||
|
||||
@ -5,7 +5,6 @@
|
||||
state: present
|
||||
tags: always
|
||||
|
||||
|
||||
- name: Enable nginx at boot time
|
||||
ansible.builtin.service:
|
||||
name: nginx
|
||||
@ -13,14 +12,12 @@
|
||||
tags: always
|
||||
when: ansible_virtualization_type != "docker"
|
||||
|
||||
|
||||
- name: Clean conf.d
|
||||
ansible.builtin.file:
|
||||
path: "{{ proxy_site_conf_dir }}"
|
||||
state: absent
|
||||
tags: ['clean_deploy', 'never']
|
||||
|
||||
|
||||
- name: Create conf.d directory
|
||||
ansible.builtin.file:
|
||||
path: "{{ proxy_site_conf_dir }}"
|
||||
@ -28,7 +25,6 @@
|
||||
mode: "0755"
|
||||
tags: always
|
||||
|
||||
|
||||
- name: Create log directory
|
||||
ansible.builtin.file:
|
||||
path: "{{ proxy_site_log_path }}"
|
||||
@ -36,7 +32,6 @@
|
||||
mode: "0755"
|
||||
tags: always
|
||||
|
||||
|
||||
## TODO: fix the perms on ssl certs!!@*&!@^&*
|
||||
|
||||
- name: Clone ssl certs
|
||||
@ -48,7 +43,6 @@
|
||||
tags: always
|
||||
notify: restart nginx
|
||||
|
||||
|
||||
- name: Write configuration file(s)
|
||||
ansible.builtin.template:
|
||||
src: proxy_site.j2
|
||||
@ -59,7 +53,6 @@
|
||||
tags: always
|
||||
notify: restart nginx
|
||||
|
||||
|
||||
- name: Start nginx
|
||||
ansible.builtin.service:
|
||||
name: nginx
|
||||
|
||||
@ -1,2 +0,0 @@
|
||||
localhost
|
||||
|
||||
@ -1,5 +0,0 @@
|
||||
---
|
||||
- hosts: localhost
|
||||
remote_user: root
|
||||
roles:
|
||||
- zen_rev_proxy
|
||||
@ -1,2 +0,0 @@
|
||||
---
|
||||
# vars file for zen_rev_proxy
|
||||
Loading…
x
Reference in New Issue
Block a user