move system
This commit is contained in:
Michael Rennecke
parent
be03cabfa2
commit
4f3f2e3622
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
|
||||
- hosts: git.0rpheus.net
|
||||
- hosts: mail.0rpheus.net
|
||||
roles:
|
||||
- haproxy
|
||||
45
hosts.yaml
45
hosts.yaml
|
|
@ -2,40 +2,43 @@
|
|||
|
||||
all:
|
||||
hosts:
|
||||
git.0rpheus.net:
|
||||
mail.0rpheus.net:
|
||||
|
||||
vars:
|
||||
ansible_become: true
|
||||
ansible_become: false
|
||||
|
||||
|
||||
haproxy_domains:
|
||||
# <Domain>: <Backend>
|
||||
smokeping.0rpheus.net: smokeping
|
||||
seafile.0rpheus.net: odroid
|
||||
tt-rss.0rpheus.net: odroid
|
||||
mail.0rpheus.net: apache
|
||||
blog.0rpheus.net: apache
|
||||
git.0rpheus.net: gogs
|
||||
|
||||
# haproxy backends
|
||||
haproxy_backends:
|
||||
seafile.0rpheus.net:
|
||||
server_defs:
|
||||
- "odroid 169.254.1.3:80 check"
|
||||
|
||||
smokeping.0rpheus.net:
|
||||
server_defs:
|
||||
- "odroid 169.254.1.3:1080 check"
|
||||
|
||||
tt-rss.0rpheus.net:
|
||||
apache:
|
||||
server_defs:
|
||||
- "odroid 169.254.1.3:80 check"
|
||||
- "apache 127.0.0.1:8080 check"
|
||||
|
||||
odroid:
|
||||
server_defs:
|
||||
- "odroid 172.30.30.2:80 check"
|
||||
|
||||
smokeping:
|
||||
server_defs:
|
||||
- "odroid-docker 172.30.30.2:1080 check"
|
||||
|
||||
post.0rpheus.net:
|
||||
server_defs:
|
||||
- "docker 127.0.0.1:4000 check"
|
||||
|
||||
blog.0rpheus.net:
|
||||
gogs:
|
||||
server_defs:
|
||||
- "lighttpd 127.0.0.1:2020 check"
|
||||
- "gogs-web-1 127.0.0.1:3000 check"
|
||||
|
||||
git.0rpheus.net:
|
||||
server_defs:
|
||||
- "gogs 127.0.0.1:3000 check"
|
||||
|
||||
ox.0rpheus.net:
|
||||
server_defs:
|
||||
- "docker 127.0.0.1:81 check"
|
||||
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -34,8 +34,3 @@ do
|
|||
done
|
||||
|
||||
systemctl reload haproxy
|
||||
|
||||
# update jabber
|
||||
cat /etc/letsencrypt/live/jabber.0rpheus.net/fullchain.pem > /etc/prosody/certs/jabber.0rpheus.net.crt
|
||||
cat /etc/letsencrypt/live/jabber.0rpheus.net/privkey.pem > /etc/prosody/certs/jabber.0rpheus.net.key
|
||||
systemctl restart prosody.service
|
||||
|
|
|
|||
|
|
@ -20,10 +20,14 @@
|
|||
system: yes
|
||||
create_home: no
|
||||
|
||||
- name: create config dir
|
||||
- name: create directories
|
||||
file:
|
||||
path: /etc/haproxy/
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
with_items:
|
||||
- /etc/haproxy/
|
||||
- /etc/haproxy/certs/
|
||||
- /var/lib/haproxy/
|
||||
|
||||
- name: copy errorcodes
|
||||
copy:
|
||||
|
|
|
|||
|
|
@ -1,3 +1,3 @@
|
|||
{% for domain in haproxy_backends %}
|
||||
{% for domain in haproxy_domains %}
|
||||
{{ domain }}
|
||||
{% endfor %}
|
||||
|
|
|
|||
|
|
@ -54,7 +54,7 @@ defaults
|
|||
|
||||
frontend http
|
||||
bind *:80 name http
|
||||
bind *:443 name https ssl crt /etc/haproxy/certs/default.pem crt /etc/haproxy/certs/ ecdhe secp384r1 alpn h2,http/1.1 npn h2,http/1.1
|
||||
bind *:443 name https ssl crt /etc/haproxy/certs/mail.0rpheus.net.pem crt /etc/haproxy/certs/ ecdhe secp384r1 alpn h2,http/1.1 npn h2,http/1.1
|
||||
|
||||
compression algo gzip
|
||||
compression type text/html text/plain text/javascript application/javascript application/xml text/css
|
||||
|
|
|
|||
|
|
@ -1,3 +1,3 @@
|
|||
{% for domain in haproxy_backends %}
|
||||
{{- domain }} {{ domain }}
|
||||
{% for domain in haproxy_domains %}
|
||||
{{- domain }} {{ haproxy_domains[domain] }}
|
||||
{% endfor %}
|
||||
|
|
|
|||
Loading…
Reference in New Issue