diff --git a/host_vars/web01.l3d.space/vars.yml b/host_vars/web01.l3d.space/vars.yml index f473f57..3bd9dfd 100644 --- a/host_vars/web01.l3d.space/vars.yml +++ b/host_vars/web01.l3d.space/vars.yml @@ -29,7 +29,13 @@ users: - l3d@derpy.l3d.yt - l3d@backup-rsa.l3d.yt - l3d@business.wingcon.com - + files: + - l3d@pinkie.l3d.yt + - l3d@mobile.l3d.yt + - l3d@backup.l3d.yt + - l3d@derpy.l3d.yt + - l3d@backup-rsa.l3d.yt + - l3d@business.wingcon.com sshd__allowed_users: - "root" @@ -112,6 +118,10 @@ nginx_sites: webroot: user: 'wtfpreview' - name: 'www.preview.wtf-kooperative.de' + - name: 'files.l3d.ch' + webroot: + user: 'files' + - name: 'www.files.l3d.ch' acme_notification_email: "{{ _acme_notification_email }}" diff --git a/templates/files/nginx/sites/files.l3d.ch_tls.conf b/templates/files/nginx/sites/files.l3d.ch_tls.conf new file mode 100644 index 0000000..49f4286 --- /dev/null +++ b/templates/files/nginx/sites/files.l3d.ch_tls.conf @@ -0,0 +1,16 @@ +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + server_name files.l3d.ch; + + include snippets/tls_parameters_{{ site.name }}.snippet.conf; + include snippets/tls_certificate_{{ site.name }}.snippet.conf; + include snippets/logging_{{ site.name }}.snippet.conf; + + root /srv/www/files.l3d.ch; + + location / { + try_files $uri $uri/ =418; + } +} diff --git a/templates/files/nginx/sites/www.files.l3d.ch_tls.conf b/templates/files/nginx/sites/www.files.l3d.ch_tls.conf new file mode 100644 index 0000000..dcaa769 --- /dev/null +++ b/templates/files/nginx/sites/www.files.l3d.ch_tls.conf @@ -0,0 +1,14 @@ +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + server_name www.files.l3d.ch; + + include snippets/tls_parameters_{{ site.name }}.snippet.conf; + include snippets/tls_certificate_{{ site.name }}.snippet.conf; + include snippets/logging_{{ site.name }}.snippet.conf; + + location / { + return 308 https://files.l3d.ch$request_uri; + } +}