Rename reverse-proxy
This commit is contained in:
Gašper Fele-Žorž
parent
d686ade847
commit
95a82ed764
7 changed files with 0 additions and 1253 deletions
|
|
@ -1,16 +0,0 @@
|
|||
- name: Enable testing repository
|
||||
lineinfile:
|
||||
path: /etc/apk/repositories
|
||||
line: "@testing http://dl-cdn.alpinelinux.org/alpine/edge/testing"
|
||||
|
||||
- name: Create config file
|
||||
template:
|
||||
src: mod-auth-openidc.conf
|
||||
dest: /etc/apache2/conf.d/mod-auth-openidc.conf
|
||||
|
||||
- name: Install Apache OIDC module
|
||||
apk:
|
||||
name: apache-mod-auth-openidc@testing
|
||||
state: latest
|
||||
update_cache: true
|
||||
|
||||
File diff suppressed because it is too large
Load diff
|
|
@ -1,20 +0,0 @@
|
|||
- name: Install standard expected packages
|
||||
package:
|
||||
name: acl,php,php-apache2,php-session,php-iconv
|
||||
|
||||
- name: Get installed packages
|
||||
package_facts:
|
||||
|
||||
- name: Set PHP version
|
||||
set_fact:
|
||||
php_version: "{{ ansible_facts.packages | select('match', '^php[0-9]+$') | first | replace('php', '') }}"
|
||||
|
||||
- name: Set PHP settings
|
||||
lineinfile:
|
||||
path: '/etc/php{{ php_version }}/php.ini'
|
||||
regexp: '^{{ item.key }}\s*='
|
||||
line: '{{ item.key }} = {{ item.value }}'
|
||||
loop:
|
||||
- key: upload_max_filesize
|
||||
value: 200M
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
Set up a basic nginx reverse proxy.
|
||||
|
||||
NetBox config context should contain a proxy_pass property with the server address.
|
||||
|
||||
Custom error page can be placed in /srv/http/error/index.html.
|
||||
|
|
@ -1,2 +0,0 @@
|
|||
dependencies:
|
||||
- role: nginx
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
- name: Set up nginx site
|
||||
template:
|
||||
dest: '/etc/nginx/http.d/{{ inventory_hostname }}.conf'
|
||||
src: 'nginx.conf.j2'
|
||||
notify: reload nginx
|
||||
|
|
@ -1,31 +0,0 @@
|
|||
server {
|
||||
server_name {{ ([dns_name] + tls_domains|default([])) | join(" ") }};
|
||||
|
||||
listen [::]:443 ssl ipv6only=off;
|
||||
ssl_certificate /etc/letsencrypt/live/{{ dns_name }}/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/{{ dns_name }}/privkey.pem;
|
||||
|
||||
error_page 500 501 502 503 504 505 506 507 508 510 511 /error/;
|
||||
|
||||
location / {
|
||||
proxy_pass {{ proxy_pass }};
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
|
||||
proxy_connect_timeout 30s;
|
||||
proxy_read_timeout 800s;
|
||||
proxy_request_buffering off;
|
||||
proxy_max_temp_file_size 0;
|
||||
client_max_body_size 200M;
|
||||
|
||||
# TODO maybe
|
||||
#proxy_ssl_verify on;
|
||||
#proxy_ssl_trusted_certificate /etc/ssl/certs/ca-certificates.crt;
|
||||
}
|
||||
|
||||
location /error/ {
|
||||
root /srv/http;
|
||||
try_files $uri $uri/index.html =503;
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue