diff --git a/host-holmium.yml b/host-holmium.yml index a6620c7..6cd608e 100644 --- a/host-holmium.yml +++ b/host-holmium.yml @@ -9,9 +9,6 @@ - role: nginx_https_ingress vars: ingress: - - server: kant - hosts: - - name: spaceapi.n39.eu - server: krypton hosts: - name: entities.svc.n39.eu @@ -31,6 +28,7 @@ - name: uptime.n39.eu - name: grafana.n39.eu - name: inventory.n39.eu + - name: spaceapi.n39.eu - server: radon hosts: - name: nodered.n39.eu diff --git a/host-pottwal.yml b/host-pottwal.yml index a09d591..e1f265f 100644 --- a/host-pottwal.yml +++ b/host-pottwal.yml @@ -24,6 +24,7 @@ - name: uptime.n39.eu - name: "{{ grafana_domain_name }}" - name: "{{ homebox_domain_name }}" + - name: spaceapi.n39.eu - role: penguineer.dehydrated_cron - role: dd24_dyndns_cron # variables are set in the inventory @@ -513,9 +514,27 @@ proxy_port: "{{ homebox_host_port }}" proxy_preserve_host: "On" + - name: Setup proxy site spaceapi.n39.eu + template: + src: templates/pottwal/spaceapi-apache-site.j2 + dest: /etc/apache2/sites-available/spaceapi.n39.eu.conf + mode: "0644" + vars: + site_name: "spaceapi.n39.eu" + proxy_preserve_host: "On" + notify: Restart apache2 + tags: + - dev + handlers: - name: Restart prosody community.docker.docker_container: name: prosody state: started restart: yes + + - name: Restart apache2 + service: + name: apache2 + state: restarted + diff --git a/templates/pottwal/spaceapi-apache-site.j2 b/templates/pottwal/spaceapi-apache-site.j2 new file mode 100644 index 0000000..5d6961d --- /dev/null +++ b/templates/pottwal/spaceapi-apache-site.j2 @@ -0,0 +1,53 @@ +{% if 'address' in ansible_default_ipv6 %} + +{% else %} + +{% endif %} + ServerAdmin {{ server_admin }} + ServerName {{ site_name }} + ServerAlias {{ site_name }} + ErrorLog /var/log/apache2/{{ site_name }}-error.log + CustomLog /var/log/apache2/{{ site_name }}-access.log common + + Alias /.well-known/acme-challenge {{ dehydrated_wellknown_dir }} + + + RewriteEngine On + RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/ + RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] + + + + + + +{% if 'address' in ansible_default_ipv6 %} + +{% else %} + +{% endif %} + ServerAdmin {{ server_admin }} + ServerName {{ site_name }} + ServerAlias {{ site_name }} + + ErrorLog /var/log/apache2/{{ site_name }}-error.log + CustomLog /var/log/apache2/{{ site_name }}-access.log common + + SSLEngine on + SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown + SSLCertificateFile {{dehydrated_certs_dir}}/{{ site_name }}/cert.pem + SSLCertificateKeyFile {{dehydrated_certs_dir}}/{{ site_name }}/privkey.pem + SSLCertificateChainFile {{dehydrated_certs_dir}}/{{ site_name }}/chain.pem + + AllowEncodedSlashes NoDecode + RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME} + RequestHeader set "X-Forwarded-SSL" expr=%{HTTPS} + ProxyPreserveHost {{ proxy_preserve_host | default("Off") }} + + ProxyPass /json http://172.23.48.7/spaceapi + ProxyPass /text http://172.23.48.7/state.txt + ProxyPass /state.png http://172.23.48.7/state.png + + + +