diff options
| author | Matthieu Saulnier <fantom@fedoraproject.org> | 2018-11-03 23:40:13 +0100 |
|---|---|---|
| committer | Matthieu Saulnier <fantom@fedoraproject.org> | 2018-11-03 23:40:13 +0100 |
| commit | 0130c771a5476893cdb468a518fcd616ed86ef88 (patch) | |
| tree | ce1e800fc3de2ce6343c5921d8757acebb33bec1 /roles | |
| parent | d2a53027387e16f5c01a5210a1e998e1fad6851a (diff) | |
| download | playbooks-ansible-0130c771a5476893cdb468a518fcd616ed86ef88.tar.gz playbooks-ansible-0130c771a5476893cdb468a518fcd616ed86ef88.tar.xz playbooks-ansible-0130c771a5476893cdb468a518fcd616ed86ef88.zip | |
Fix reverseproxy template
Diffstat (limited to 'roles')
| -rw-r--r-- | roles/reverseproxy/tasks/main.yml | 1 | ||||
| -rw-r--r-- | roles/reverseproxy/templates/Caddyfile.j2 | 58 | ||||
| -rw-r--r-- | roles/reverseproxy/vars/main.yml | 56 |
3 files changed, 36 insertions, 79 deletions
diff --git a/roles/reverseproxy/tasks/main.yml b/roles/reverseproxy/tasks/main.yml index dd880d6..32cb299 100644 --- a/roles/reverseproxy/tasks/main.yml +++ b/roles/reverseproxy/tasks/main.yml @@ -1,3 +1,4 @@ +- include_vars: email.yml - import_tasks: dirs.yml - import_tasks: config.yml - import_tasks: fw.yml diff --git a/roles/reverseproxy/templates/Caddyfile.j2 b/roles/reverseproxy/templates/Caddyfile.j2 index 86ce98c..753c63d 100644 --- a/roles/reverseproxy/templates/Caddyfile.j2 +++ b/roles/reverseproxy/templates/Caddyfile.j2 @@ -1,77 +1,63 @@ -{% for item in {{ ansible_hostname }}.static %} -"{{ item }}" { - tls "{{ email }}" +{% for item in domainhttps %} +{{ item }} { + tls {{ email }} gzip - log "{{ item }}_access.log" { + log {{ item }}_access.log { rotate_size 1 rotate_keep 10 } - errors "{{ item }}_error.log" { + errors {{ item }}_error.log { rotate_size 1 rotate_keep 10 } } {% endfor %} -{% for item in {{ ansible_hostname }}.redir %} -"{{ item.1 }}" { - tls "{{ email }}" - gzip - log "{{ item.1 }}_access.log" { - rotate_size 1 - rotate_keep 10 - } - errors "{{ item.1 }}_error.log" { - rotate_size 1 - rotate_keep 10 - } - redir https://"{{ item.2 }}"{uri} -} {% if outdoor is defined %} -{% for item in public.static %} -"{{ item }}" { - tls "{{ email }}" +{% for item in publicstatic %} +{{ item }} { + tls {{ email }} gzip - log "{{ item }}_access.log" { + log {{ item }}_access.log { rotate_size 1 rotate_keep 10 } - errors "{{ item }}_error.log" { + errors {{ item }}_error.log { rotate_size 1 rotate_keep 10 } } {% endfor %} -{% for item in public.redir %} -"{{ item.1 }}" { - tls "{{ email }}" +{% for item in publicredir %} +{{ item }} { + tls {{ email }} gzip - log "{{ item.1 }}_access.log" { + log {{ item }}_access.log { rotate_size 1 rotate_keep 10 } - errors "{{ item.1 }}_error.log" { + errors {{ item }}_error.log { rotate_size 1 rotate_keep 10 } - redir https://"{{ item.2 }}"{uri} + redir https://{{ redirection }}{uri} } {% endfor %} -{% for item in public.reverse %} -"{{ item }}" { - tls "{{ email }}" +{% for item in publicreverse %} +{{ item }} { + tls {{ email }} gzip - log "{{ item }}_access.log" { + log {{ item }}_access.log { rotate_size 1 rotate_keep 10 } - errors "{{ item }}_error.log" { + errors {{ item }}_error.log { rotate_size 1 rotate_keep 10 } - proxy / https://"{{ backendhost }}":"{{ backendport }}" { + proxy / https://{{ backendhost }}:{{ backendport }} { transparent insecure_skip_verify max_fails 60 diff --git a/roles/reverseproxy/vars/main.yml b/roles/reverseproxy/vars/main.yml index a321469..226ee88 100644 --- a/roles/reverseproxy/vars/main.yml +++ b/roles/reverseproxy/vars/main.yml @@ -1,45 +1,15 @@ -include_vars: email.yml - backendhost: 82.247.103.117 backendport: 4433 - -public: - - static: - - "{{ ansible_hostname }}.casperlefantom.net" - - jaysfoodventure.com - - redir: - - [ 'www.casperlefantom.net', 'casperlefantom.net' ] - - [ 'blog.casperlefantom.net', 'casperlefantom.net' ] - - reverse: - - casperlefantom.net - - search.casperlefantom.net - - dl.casperlefantom.net - - cirrus.casperlefantom.net - -manchester: - - static: - - admin.casperlefantom.net - - nsa.casperlefantom.net - - ns1.casperlefantom.net - - ntp1.casperlefantom.net - - imap.casperlefantom.net - - ssl.casperlefantom.net - - mail.casperlefantom.net - - smtp.casperlefantom.net - - voip.casperlefantom.net - - jabber.casperlefantom.net - - conference.casperlefantom.net - - manchester.admin.casperlefantom.net - - redir: - - [ 'mirror.casperlefantom.net', 'mirror.casperlefantom.net:4433' ] - - [ 'nsa.admin.casperlefantom.net', 'nsa.admin.casperlefantom.net:4433' ] - - [ 'bt1.admin.casperlefantom.net', 'bt1.admin.casperlefantom.net:4433' ] - -sd-129211: - - static: - - ns4.casperlefantom.net - - nsd.casperlefantom.net - - ntp4.casperlefantom.net - - redir: - - [ 'nsd.admin.casperlefantom.net', 'nsd.admin.casperlefantom.net:4433' ] - - [ 'bt2.admin.casperlefantom.net', 'bt2.admin.casperlefantom.net:4433' ] +redirection: casperlefantom.net + +publicstatic: + - "{{ ansible_hostname }}.casperlefantom.net" + - jaysfoodventure.com +publicredir: + - www.casperlefantom.net + - blog.casperlefantom.net +publicreverse: + - casperlefantom.net + - search.casperlefantom.net + - dl.casperlefantom.net + - cirrus.casperlefantom.net |