testing
This commit is contained in:
parent
299b4d123c
commit
061cb5fc29
@ -5,6 +5,7 @@
|
|||||||
- host_vars/bitwarden.yml
|
- host_vars/bitwarden.yml
|
||||||
roles:
|
roles:
|
||||||
- base
|
- base
|
||||||
|
- nginx
|
||||||
- docker
|
- docker
|
||||||
- traefik
|
- traefik
|
||||||
- bitwarden
|
- bitwarden
|
||||||
|
|||||||
@ -2,6 +2,9 @@
|
|||||||
allow_reboot: false
|
allow_reboot: false
|
||||||
manage_network: false
|
manage_network: false
|
||||||
|
|
||||||
|
# nginx proxy
|
||||||
|
proxy: helloworld
|
||||||
|
|
||||||
# docker
|
# docker
|
||||||
docker_users:
|
docker_users:
|
||||||
- vagrant
|
- vagrant
|
||||||
@ -13,6 +16,9 @@ traefik_domain: traefik.vm.krislamo.org
|
|||||||
traefik_auth: admin:$apr1$T1l.BCFz$Jyg8msXYEAUi3LLH39I9d1 # admin:admin
|
traefik_auth: admin:$apr1$T1l.BCFz$Jyg8msXYEAUi3LLH39I9d1 # admin:admin
|
||||||
#traefik_acme_email: realemail@example.com # Let's Encrypt settings
|
#traefik_acme_email: realemail@example.com # Let's Encrypt settings
|
||||||
#traefik_production: true
|
#traefik_production: true
|
||||||
|
traefik_ports:
|
||||||
|
- "8000:80"
|
||||||
|
- "4430:443"
|
||||||
|
|
||||||
# bitwarden
|
# bitwarden
|
||||||
# Get Installation ID & Key at https://bitwarden.com/host/
|
# Get Installation ID & Key at https://bitwarden.com/host/
|
||||||
|
|||||||
@ -0,0 +1,17 @@
|
|||||||
|
- name: Install nginx
|
||||||
|
apt:
|
||||||
|
name: nginx
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- name: Install nginx configuration
|
||||||
|
template:
|
||||||
|
src: nginx.conf.j2
|
||||||
|
dest: /etc/nginx/nginx.conf
|
||||||
|
mode: '0644'
|
||||||
|
register: nginx_conf
|
||||||
|
|
||||||
|
- name: Reload nginx
|
||||||
|
service:
|
||||||
|
name: nginx
|
||||||
|
state: reloaded
|
||||||
|
enabled: true
|
||||||
45
roles/nginx/templates/nginx.conf.j2
Normal file
45
roles/nginx/templates/nginx.conf.j2
Normal file
@ -0,0 +1,45 @@
|
|||||||
|
user www-data;
|
||||||
|
worker_processes auto;
|
||||||
|
pid /run/nginx.pid;
|
||||||
|
include /etc/nginx/modules-enabled/*.conf;
|
||||||
|
|
||||||
|
events {
|
||||||
|
worker_connections 1024;
|
||||||
|
}
|
||||||
|
|
||||||
|
http {
|
||||||
|
include /etc/nginx/mime.types;
|
||||||
|
default_type application/octet-stream;
|
||||||
|
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||||
|
'$status $body_bytes_sent "$http_referer" '
|
||||||
|
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||||
|
|
||||||
|
access_log /var/log/nginx/access.log main;
|
||||||
|
sendfile on;
|
||||||
|
#tcp_nopush on;
|
||||||
|
keepalive_timeout 65;
|
||||||
|
#gzip on;
|
||||||
|
|
||||||
|
include /etc/nginx/conf.d/*.conf;
|
||||||
|
}
|
||||||
|
|
||||||
|
## tcp LB and SSL passthrough for backend ##
|
||||||
|
stream {
|
||||||
|
upstream traefik {
|
||||||
|
server 127.0.0.1:4430 max_fails=3 fail_timeout=10s;
|
||||||
|
}
|
||||||
|
|
||||||
|
log_format basic '$remote_addr [$time_local] '
|
||||||
|
'$protocol $status $bytes_sent $bytes_received '
|
||||||
|
'$session_time "$upstream_addr" '
|
||||||
|
'"$upstream_bytes_sent" "$upstream_bytes_received" "$upstream_connect_time"';
|
||||||
|
|
||||||
|
access_log /var/log/nginx/traefik_access.log basic;
|
||||||
|
error_log /var/log/nginx/traefik_error.log;
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen 443;
|
||||||
|
proxy_pass traefik;
|
||||||
|
proxy_next_upstream on;
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Reference in New Issue
Block a user