mirror of
https://github.com/DO1JLR/ansible_playbook_servers.git
synced 2024-09-14 19:53:56 +02:00
update nginx config
This commit is contained in:
parent
00ddfabd9a
commit
a15f1a8e52
10 changed files with 82 additions and 77 deletions
|
@ -1,48 +1,41 @@
|
||||||
---
|
---
|
||||||
postgres_users_no_log: false
|
postgres_users_no_log: false
|
||||||
users:
|
local_users:
|
||||||
l3d:
|
|
||||||
- l3d@pinkie.l3d.yt
|
|
||||||
- l3d@mobile.l3d.yt
|
|
||||||
- l3d@backup.l3d.yt
|
|
||||||
- l3d@derpy.l3d.yt
|
|
||||||
- l3d@backup-rsa.l3d.yt
|
|
||||||
- l3d@business.wingcon.com
|
|
||||||
webwaffel:
|
webwaffel:
|
||||||
- l3d@pinkie.l3d.yt
|
- l3d@pinkie.l3d.yt
|
||||||
- l3d@mobile.l3d.yt
|
- l3d@mobile.l3d.yt
|
||||||
- l3d@backup.l3d.yt
|
- l3d@backup.l3d.yt
|
||||||
- l3d@derpy.l3d.yt
|
- l3d@derpy.l3d.yt
|
||||||
- l3d@backup-rsa.l3d.yt
|
- l3d@backup-rsa.l3d.yt
|
||||||
- l3d@business.wingcon.com
|
- l3d@bsns.l3d
|
||||||
webwaffelpodcast:
|
webwaffelpodcast:
|
||||||
- l3d@pinkie.l3d.yt
|
- l3d@pinkie.l3d.yt
|
||||||
- l3d@mobile.l3d.yt
|
- l3d@mobile.l3d.yt
|
||||||
- l3d@backup.l3d.yt
|
- l3d@backup.l3d.yt
|
||||||
- l3d@derpy.l3d.yt
|
- l3d@derpy.l3d.yt
|
||||||
- l3d@backup-rsa.l3d.yt
|
- l3d@backup-rsa.l3d.yt
|
||||||
- l3d@business.wingcon.com
|
- l3d@bsns.l3d
|
||||||
files:
|
files:
|
||||||
- l3d@pinkie.l3d.yt
|
- l3d@pinkie.l3d.yt
|
||||||
- l3d@mobile.l3d.yt
|
- l3d@mobile.l3d.yt
|
||||||
- l3d@backup.l3d.yt
|
- l3d@backup.l3d.yt
|
||||||
- l3d@derpy.l3d.yt
|
- l3d@derpy.l3d.yt
|
||||||
- l3d@backup-rsa.l3d.yt
|
- l3d@backup-rsa.l3d.yt
|
||||||
- l3d@business.wingcon.com
|
- l3d@bsns.l3d
|
||||||
preview:
|
preview:
|
||||||
- l3d@pinkie.l3d.yt
|
- l3d@pinkie.l3d.yt
|
||||||
- l3d@mobile.l3d.yt
|
- l3d@mobile.l3d.yt
|
||||||
- l3d@backup.l3d.yt
|
- l3d@backup.l3d.yt
|
||||||
- l3d@derpy.l3d.yt
|
- l3d@derpy.l3d.yt
|
||||||
- l3d@backup-rsa.l3d.yt
|
- l3d@backup-rsa.l3d.yt
|
||||||
- l3d@business.wingcon.com
|
- l3d@bsns.l3d
|
||||||
see:
|
see:
|
||||||
- l3d@pinkie.l3d.yt
|
- l3d@pinkie.l3d.yt
|
||||||
- l3d@mobile.l3d.yt
|
- l3d@mobile.l3d.yt
|
||||||
- l3d@backup.l3d.yt
|
- l3d@backup.l3d.yt
|
||||||
- l3d@derpy.l3d.yt
|
- l3d@derpy.l3d.yt
|
||||||
- l3d@backup-rsa.l3d.yt
|
- l3d@backup-rsa.l3d.yt
|
||||||
- l3d@business.wingcon.com
|
- l3d@bsns.l3d
|
||||||
|
|
||||||
sshd__allowed_users:
|
sshd__allowed_users:
|
||||||
- "root"
|
- "root"
|
||||||
|
@ -66,12 +59,12 @@ sshd__allowed_groups:
|
||||||
- "preview"
|
- "preview"
|
||||||
- 'see'
|
- 'see'
|
||||||
|
|
||||||
accounts:
|
local_accounts:
|
||||||
- 'l3d'
|
- 'l3d'
|
||||||
- 'webwaffel'
|
- 'webwaffel'
|
||||||
- 'webwaffelpodcast'
|
- 'webwaffelpodcast'
|
||||||
- "files"
|
- 'files'
|
||||||
- "preview"
|
- 'preview'
|
||||||
- 'see'
|
- 'see'
|
||||||
|
|
||||||
acme_domain_unwant_list: []
|
acme_domain_unwant_list: []
|
||||||
|
|
2
site.yml
2
site.yml
|
@ -18,7 +18,7 @@
|
||||||
- name: user specific roles for all hosts
|
- name: user specific roles for all hosts
|
||||||
hosts: all
|
hosts: all
|
||||||
roles:
|
roles:
|
||||||
- {role: do1jlr.admin_base, tags: [default, dotfiles]}
|
- {role: do1jlr.admin_base, tags: [default, init, users, accounts, dotfiles]}
|
||||||
- {role: dotfiles, tags: [default, dotfiles]}
|
- {role: dotfiles, tags: [default, dotfiles]}
|
||||||
- {role: geerlingguy.firewall, tags: [default, firewall], become: true}
|
- {role: geerlingguy.firewall, tags: [default, firewall], become: true}
|
||||||
- {role: robertdebock.fail2ban, tags: [default, fail2ban], become: true}
|
- {role: robertdebock.fail2ban, tags: [default, fail2ban], become: true}
|
||||||
|
|
|
@ -14,6 +14,7 @@ server {
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
autoindex off;
|
autoindex off;
|
||||||
|
add_header X-Served-By "teapot CYBER 4.0 (with blockchain)";
|
||||||
try_files $uri $uri/ =418;
|
try_files $uri $uri/ =418;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -21,16 +22,19 @@ server {
|
||||||
autoindex on;
|
autoindex on;
|
||||||
autoindex_exact_size off;
|
autoindex_exact_size off;
|
||||||
autoindex_localtime on;
|
autoindex_localtime on;
|
||||||
|
add_header X-Served-By "teapot CYBER 4.0 (with blockchain)";
|
||||||
}
|
}
|
||||||
|
|
||||||
location /fff/ {
|
location /fff/ {
|
||||||
autoindex on;
|
autoindex on;
|
||||||
autoindex_exact_size off;
|
autoindex_exact_size off;
|
||||||
autoindex_localtime on;
|
autoindex_localtime on;
|
||||||
|
add_header X-Served-By "teapot CYBER 4.0 (with blockchain)";
|
||||||
}
|
}
|
||||||
|
|
||||||
location = /hidden/ {
|
location = /hidden/ {
|
||||||
autoindex off;
|
autoindex off;
|
||||||
|
add_header X-Served-By "teapot CYBER 4.0 (with blockchain)";
|
||||||
return 418;
|
return 418;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -38,5 +42,6 @@ server {
|
||||||
autoindex on;
|
autoindex on;
|
||||||
autoindex_exact_size off;
|
autoindex_exact_size off;
|
||||||
autoindex_localtime on;
|
autoindex_localtime on;
|
||||||
|
add_header X-Served-By "teapot CYBER 4.0 (with blockchain)";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,14 +1,15 @@
|
||||||
server {
|
server {
|
||||||
listen 443 ssl http2;
|
listen 443 ssl http2;
|
||||||
listen [::]:443 ssl http2;
|
listen [::]:443 ssl http2;
|
||||||
|
|
||||||
server_name l3d.ch;
|
server_name l3d.ch;
|
||||||
|
|
||||||
include snippets/tls_parameters_{{ site.name }}.snippet.conf;
|
include snippets/tls_parameters_{{ site.name }}.snippet.conf;
|
||||||
include snippets/tls_certificate_{{ site.name }}.snippet.conf;
|
include snippets/tls_certificate_{{ site.name }}.snippet.conf;
|
||||||
include snippets/logging_{{ site.name }}.snippet.conf;
|
include snippets/logging_{{ site.name }}.snippet.conf;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
return 418;
|
add_header X-Served-By "teapot CYBER 4.0 (with blockchain)";
|
||||||
}
|
return 418;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,14 +1,15 @@
|
||||||
server {
|
server {
|
||||||
listen 443 ssl http2;
|
listen 443 ssl http2;
|
||||||
listen [::]:443 ssl http2;
|
listen [::]:443 ssl http2;
|
||||||
|
|
||||||
server_name l3d.me;
|
server_name l3d.me;
|
||||||
|
|
||||||
include snippets/tls_parameters_{{ site.name }}.snippet.conf;
|
include snippets/tls_parameters_{{ site.name }}.snippet.conf;
|
||||||
include snippets/tls_certificate_{{ site.name }}.snippet.conf;
|
include snippets/tls_certificate_{{ site.name }}.snippet.conf;
|
||||||
include snippets/logging_{{ site.name }}.snippet.conf;
|
include snippets/logging_{{ site.name }}.snippet.conf;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
return 418;
|
add_header X-Served-By "teapot CYBER 4.0 (with blockchain)";
|
||||||
}
|
return 418;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,14 +1,15 @@
|
||||||
server {
|
server {
|
||||||
listen 443 ssl http2;
|
listen 443 ssl http2;
|
||||||
listen [::]:443 ssl http2;
|
listen [::]:443 ssl http2;
|
||||||
|
|
||||||
server_name l3d.space;
|
server_name l3d.space;
|
||||||
|
|
||||||
include snippets/tls_parameters_{{ site.name }}.snippet.conf;
|
include snippets/tls_parameters_{{ site.name }}.snippet.conf;
|
||||||
include snippets/tls_certificate_{{ site.name }}.snippet.conf;
|
include snippets/tls_certificate_{{ site.name }}.snippet.conf;
|
||||||
include snippets/logging_{{ site.name }}.snippet.conf;
|
include snippets/logging_{{ site.name }}.snippet.conf;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
return 418;
|
add_header X-Served-By "teapot CYBER 4.0 (with blockchain)";
|
||||||
}
|
return 418;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,19 +1,21 @@
|
||||||
server {
|
server {
|
||||||
listen 443 ssl http2;
|
listen 443 ssl http2;
|
||||||
listen [::]:443 ssl http2;
|
listen [::]:443 ssl http2;
|
||||||
|
|
||||||
server_name mail.l3d.space;
|
server_name mail.l3d.space;
|
||||||
|
|
||||||
include snippets/tls_parameters_{{ site.name }}.snippet.conf;
|
include snippets/tls_parameters_{{ site.name }}.snippet.conf;
|
||||||
include snippets/tls_certificate_{{ site.name }}.snippet.conf;
|
include snippets/tls_certificate_{{ site.name }}.snippet.conf;
|
||||||
include snippets/logging_{{ site.name }}.snippet.conf;
|
include snippets/logging_{{ site.name }}.snippet.conf;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
return 418;
|
add_header X-Served-By "teapot CYBER 4.0 (with blockchain)";
|
||||||
}
|
return 418;
|
||||||
location /rspamd/ {
|
}
|
||||||
proxy_pass http://localhost:11334/;
|
location /rspamd/ {
|
||||||
proxy_set_header Host $host;
|
add_header X-Served-By "teapot CYBER 4.0 (with blockchain)";
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
proxy_pass http://localhost:11334/;
|
||||||
}
|
proxy_set_header Host $host;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,14 +1,15 @@
|
||||||
server {
|
server {
|
||||||
listen 443 ssl http2;
|
listen 443 ssl http2;
|
||||||
listen [::]:443 ssl http2;
|
listen [::]:443 ssl http2;
|
||||||
|
|
||||||
server_name waffel.shop;
|
server_name waffel.shop;
|
||||||
|
|
||||||
include snippets/tls_parameters_{{ site.name }}.snippet.conf;
|
include snippets/tls_parameters_{{ site.name }}.snippet.conf;
|
||||||
include snippets/tls_certificate_{{ site.name }}.snippet.conf;
|
include snippets/tls_certificate_{{ site.name }}.snippet.conf;
|
||||||
include snippets/logging_{{ site.name }}.snippet.conf;
|
include snippets/logging_{{ site.name }}.snippet.conf;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
return 418;
|
add_header X-Served-By "teapot CYBER 4.0 (with blockchain)";
|
||||||
}
|
return 418;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,14 +1,15 @@
|
||||||
server {
|
server {
|
||||||
listen 443 ssl http2;
|
listen 443 ssl http2;
|
||||||
listen [::]:443 ssl http2;
|
listen [::]:443 ssl http2;
|
||||||
|
|
||||||
server_name waffelpate.de;
|
server_name waffelpate.de;
|
||||||
|
|
||||||
include snippets/tls_parameters_{{ site.name }}.snippet.conf;
|
include snippets/tls_parameters_{{ site.name }}.snippet.conf;
|
||||||
include snippets/tls_certificate_{{ site.name }}.snippet.conf;
|
include snippets/tls_certificate_{{ site.name }}.snippet.conf;
|
||||||
include snippets/logging_{{ site.name }}.snippet.conf;
|
include snippets/logging_{{ site.name }}.snippet.conf;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
return 418;
|
add_header X-Served-By "teapot CYBER 4.0 (with blockchain)";
|
||||||
}
|
return 418;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -11,7 +11,7 @@ server {
|
||||||
root /srv/www/xn--see-br-0xa.se;
|
root /srv/www/xn--see-br-0xa.se;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
add_header X-Served-By "CYBER Teapod 2.0";
|
add_header X-Served-By "teapot CYBER 4.0 (with blockchain)";
|
||||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
|
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
|
||||||
charset utf-8;
|
charset utf-8;
|
||||||
try_files $uri $uri/ =404;
|
try_files $uri $uri/ =404;
|
||||||
|
|
Loading…
Reference in a new issue