Add nginx proxy server

.gitignore

@@ -8,5 +8,6 @@
 !dockerbox.yml
 !hypervisor.yml
 !minecraft.yml
+!proxy.yml
 !unifi.yml
 /environments/

proxy.yml

@@ -0,0 +1,11 @@
+- name: Install Proxy Server
+  hosts: proxyhosts
+  become: true
+  roles:
+    - base
+    - jenkins
+    - postgresql
+    - proxy
+    - docker
+    - gitea
+    - bitwarden

roles/base/files/buster-backports.list

@@ -1 +0,0 @@
-deb http://deb.debian.org/debian buster-backports main

roles/bitwarden/tasks/main.yml

@@ -70,6 +70,7 @@
     path: "{{ bitwarden_root }}/bwdata/config.yml"
     line: "- {{ bitwarden_realips }}"
     insertafter: "^real_ips"
+  notify: rebuild_bitwarden
 
 - name: Install Bitwarden systemd service
   template:

roles/jenkins/files/ansible.list

@@ -1 +0,0 @@
-deb http://ppa.launchpad.net/ansible/ansible/ubuntu trusty main

roles/jenkins/tasks/agent.yml

@@ -1,8 +1,3 @@
-- name: Install GnuPG
-  apt:
-    name: gnupg
-    state: present
-
 - name: Create Jenkins user
   user:
     name: "{{ jenkins_user }}"
@@ -25,16 +20,6 @@
     validate: "visudo -cf %s"
     mode: 0440
 
-- name: Install Ansible source
-  copy:
-    src: ansible.list
-    dest: /etc/apt/sources.list.d/ansible.list
-
-- name: Add Ansible source key
-  apt_key:
-    keyserver: keyserver.ubuntu.com
-    id: 93C4A3FD7BB9C367
-
 - name: Install Ansible
   apt:
     name: ansible

roles/postgresql/defaults/main.yml

@@ -1,2 +1,5 @@
 postgresql_config: /etc/postgresql/13/main/pg_hba.conf
 postgresql_listen: "*"
+postgresql_trust:
+  - "172.16.0.0/12"
+  - "192.168.0.0/16"

roles/postgresql/tasks/main.yml

@@ -3,15 +3,16 @@
     name: postgresql
     state: present
 
-- name: Trust connections to PostgreSQL from Docker
+- name: Trust connections to PostgreSQL
   postgresql_pg_hba:
     dest: "{{ postgresql_config }}"
     contype: host
     databases: all
     users: all
-    address: "172.16.0.0/12"
+    address: "{{ item }}"
     method: trust
   register: postgresql_hba
+  loop: "{{ postgresql_trust }}"
 
 - name: Change PostgreSQL listen addresses
   postgresql_set:
@@ -33,9 +34,10 @@
     state: restarted
   when: postgresql_config.changed
 
-- name: Allow database connections from Docker
+- name: Allow database connections
   ufw:
     rule: allow
     port: "5432"
     proto: tcp
-    src: "172.16.0.0/12"
+    src: "{{ item }}"
+  loop: "{{ postgresql_trust }}"