playbooks/ansible_playbook_servers
1
0
Fork 0
mirror of https://github.com/DO1JLR/ansible_playbook_servers.git synced 2024-09-14 19:53:56 +02:00
Code Releases Activity

add wtf preview

Browse source
This commit is contained in:
L3D 2021-02-18 23:59:46 +01:00
parent 9f53fdb82c
commit c577759dad
Signed by: l3d
GPG key ID: CD08445BFF4313D1
4 changed files with 50 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
host_vars/web01.l3d.space/vars.yml
View file

@ -22,6 +22,14 @@ users:
- l3d@derpy.l3d.yt - l3d@derpy.l3d.yt
- l3d@backup-rsa.l3d.yt - l3d@backup-rsa.l3d.yt
- l3d@business.wingcon.com - l3d@business.wingcon.com
wtfpreview:
- l3d@pinkie.l3d.yt
- l3d@mobile.l3d.yt
- l3d@backup.l3d.yt
- l3d@derpy.l3d.yt
- l3d@backup-rsa.l3d.yt
- l3d@business.wingcon.com
sshd__allowed_users: sshd__allowed_users:
- "root" - "root"
@ -30,6 +38,7 @@ sshd__allowed_users:
- "webwaffel" - "webwaffel"
- "webwaffelpodcast" - "webwaffelpodcast"
- "gitea" - "gitea"
- "wtfpreview"
sshd__allowed_groups: sshd__allowed_groups:
- "root" - "root"
@ -38,11 +47,13 @@ sshd__allowed_groups:
- "webwaffel" - "webwaffel"
- "webwaffelpodcast" - "webwaffelpodcast"
- "gitea" - "gitea"
- "wtfpreview"
accounts: accounts:
- l3d - 'l3d'
- webwaffel - 'webwaffel'
- webwaffelpodcast - 'webwaffelpodcast'
- 'wtfpreview'
nginx_sites: nginx_sites:
- name: 'c3woc.de' - name: 'c3woc.de'
@ -95,6 +106,10 @@ nginx_sites:
- name: 'wtf-kooperative.de' - name: 'wtf-kooperative.de'
- name: 'www.wtf-kooperative.de' - name: 'www.wtf-kooperative.de'
- name: 'cyber.yt' - name: 'cyber.yt'
- name: 'preview.wtf-kooperative.de'
webroot:
user: 'wtfpreview'
- name: 'www.preview.wtf-kooperative.de'
acme_notification_email: "{{ _acme_notification_email }}" acme_notification_email: "{{ _acme_notification_email }}"

4
site.yml
View file

@ -16,9 +16,9 @@
- name: user specific roles for all hosts - name: user specific roles for all hosts
hosts: all hosts: all
roles: roles:
- {role: users, tags: [default, init, users]} - {role: users, tags: [default, init, users, web]}
- {role: dotfiles, tags: [default, dotfiles]} - {role: dotfiles, tags: [default, dotfiles]}
- {role: ssh_auth, tags: [default, init, users]} - {role: ssh_auth, tags: [default, init, users, web]}
- {role: sshd, tags: [default, init, users]} - {role: sshd, tags: [default, init, users]}
- {role: geerlingguy.firewall, tags: [default, firewall], become: true} - {role: geerlingguy.firewall, tags: [default, firewall], become: true}
- {role: robertdebock.fail2ban, tags: [default, fail2ban], become: true} - {role: robertdebock.fail2ban, tags: [default, fail2ban], become: true}

16
templates/files/nginx/sites/preview.wtf-kooperative.de_tls.conf Normal file
View file

@ -0,0 +1,16 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name preview.wtf-kooperative.de;
include snippets/tls_parameters_{{ site.name }}.snippet.conf;
include snippets/tls_certificate_{{ site.name }}.snippet.conf;
include snippets/logging_{{ site.name }}.snippet.conf;
root /srv/www/preview.wtf-kooperative.de;
location / {
try_files $uri $uri/ =404;
}
}

14
templates/files/nginx/sites/www.preview.wtf-kooperative.de_tls.conf Normal file
View file

@ -0,0 +1,14 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name www.preview.wtf-kooperative.de;
include snippets/tls_parameters_{{ site.name }}.snippet.conf;
include snippets/tls_certificate_{{ site.name }}.snippet.conf;
include snippets/logging_{{ site.name }}.snippet.conf;
location / {
return 308 https://preview.wtf-kooperative.de$request_uri;
}
}