From c66b5ca2e76bd76f6d3f6d67582206c22bcd6dc3 Mon Sep 17 00:00:00 2001
From: L3D <l3d@c3woc.de>
Date: Thu, 9 Nov 2023 19:35:25 +0100
Subject: [PATCH 1/2] update modules

---
 collections/ansible_collections/community/general | 2 +-
 roles/robertdebock.dovecot                        | 2 +-
 roles/robertdebock.fail2ban                       | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/collections/ansible_collections/community/general b/collections/ansible_collections/community/general
index ab0b85d..48e860b 160000
--- a/collections/ansible_collections/community/general
+++ b/collections/ansible_collections/community/general
@@ -1 +1 @@
-Subproject commit ab0b85d7d2196e36c00cf4316c55582bad3b53f3
+Subproject commit 48e860be2033dc96127127d4355311301a6b31fa
diff --git a/roles/robertdebock.dovecot b/roles/robertdebock.dovecot
index b7f46a2..1f8a3b6 160000
--- a/roles/robertdebock.dovecot
+++ b/roles/robertdebock.dovecot
@@ -1 +1 @@
-Subproject commit b7f46a2fe10d1924433e72d934ca8de6bb4589b9
+Subproject commit 1f8a3b6ee4ff2d6267bddbcd70bdf84642541eb3
diff --git a/roles/robertdebock.fail2ban b/roles/robertdebock.fail2ban
index 7c8482c..62a1594 160000
--- a/roles/robertdebock.fail2ban
+++ b/roles/robertdebock.fail2ban
@@ -1 +1 @@
-Subproject commit 7c8482cfb6d3ed16e0eb70f87cb91947e03514d6
+Subproject commit 62a159418601b628e33267467fdf031b88006b62

From 17ac10bfd40caa6cb701b72a99a8f8a9e9e5192f Mon Sep 17 00:00:00 2001
From: L3D <l3d@c3woc.de>
Date: Thu, 9 Nov 2023 19:52:23 +0100
Subject: [PATCH 2/2] addding grafana.l3d.ch

---
 host_vars/services.l3d.space/vars.yml         |  2 ++
 .../files/nginx/sites/grafana.l3d.ch_tls.conf | 20 +++++++++++++++++++
 .../nginx/sites/www.grafana.l3d.ch_tls.conf   | 14 +++++++++++++
 3 files changed, 36 insertions(+)
 create mode 100644 templates/files/nginx/sites/grafana.l3d.ch_tls.conf
 create mode 100644 templates/files/nginx/sites/www.grafana.l3d.ch_tls.conf

diff --git a/host_vars/services.l3d.space/vars.yml b/host_vars/services.l3d.space/vars.yml
index fbe25ce..9b6723b 100644
--- a/host_vars/services.l3d.space/vars.yml
+++ b/host_vars/services.l3d.space/vars.yml
@@ -4,6 +4,8 @@ acme_domain_unwant_list: []
 
 nginx_sites:
   - name: 'etebase.l3d.ch'
+  - name: 'grafana.l3d.ch'
+  - name: 'www.grafana.l3d.ch'
 
 acme_notification_email: "{{ _acme_notification_email }}"
 
diff --git a/templates/files/nginx/sites/grafana.l3d.ch_tls.conf b/templates/files/nginx/sites/grafana.l3d.ch_tls.conf
new file mode 100644
index 0000000..d76bb40
--- /dev/null
+++ b/templates/files/nginx/sites/grafana.l3d.ch_tls.conf
@@ -0,0 +1,20 @@
+server {
+        listen 443 ssl http2;
+        listen [::]:443 ssl http2;
+
+        server_name grafana.l3d.ch;
+
+        include snippets/tls_parameters_{{ site.name }}.snippet.conf;
+        include snippets/tls_certificate_{{ site.name }}.snippet.conf;
+        include snippets/logging_{{ site.name }}.snippet.conf;
+
+        location / {
+             auth_basic "Monitoring oder so";
+             auth_basic_user_file /etc/nginx/auth/grafana.l3d.space.htpasswd;
+             proxy_pass http://localhost:3000;
+             proxy_set_header Host $host;
+             proxy_set_header X-Real-IP $remote_addr;
+             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+             proxy_set_header X-Forwarded-Proto $scheme;
+        }
+}
diff --git a/templates/files/nginx/sites/www.grafana.l3d.ch_tls.conf b/templates/files/nginx/sites/www.grafana.l3d.ch_tls.conf
new file mode 100644
index 0000000..bf7a7fc
--- /dev/null
+++ b/templates/files/nginx/sites/www.grafana.l3d.ch_tls.conf
@@ -0,0 +1,14 @@
+server {
+        listen 443 ssl http2;
+        listen [::]:443 ssl http2;
+
+        server_name www.grafana.l3d.ch;
+
+        include snippets/tls_parameters_{{ site.name }}.snippet.conf;
+        include snippets/tls_certificate_{{ site.name }}.snippet.conf;
+        include snippets/logging_{{ site.name }}.snippet.conf;
+
+        location / {
+                return 308 https://grafana.l3d.ch/;
+        }
+}