loc_certbot:
  - dns_rfc2136_server: '172.16.10.147'
    dns_rfc2136_name: certbot_challenge.
    dns_rfc2136_secret: "{{ vault.certbot_dns_secret }}"
    mail: root@crans.org
    certname: crans.org
    domains: "crans.org, *.crans.org, crans.fr, *.crans.fr, crans.eu, *.crans.eu"

loc_nginx:
  servers: []
  ssl:
    - name: crans.org
      cert: /etc/letsencrypt/live/crans.org/fullchain.pem
      cert_key: /etc/letsencrypt/live/crans.org/privkey.pem
      trusted_cert: /etc/letsencrypt/live/crans.org/chain.pem


glob_reverseproxy:
  redirect_dnames:
    - crans.eu
    - crans.fr

  reverseproxy_sites:
    # Services web Crans
    - {from: re2o.crans.org, to: 172.16.10.156}
    - {from: intranet.crans.org, to: 172.16.10.156}
    - {from: grafana.crans.org, to: "172.16.10.121:3000"}
    - {from: ftps.crans.org, to: 172.16.10.30}
    - {from: webmail.crans.org, to: 172.16.10.108}
    - {from: webirc.crans.org, to: "172.16.10.31:9000"}
    - {from: horde.crans.org, to: 172.16.10.108}
    - {from: framadate.crans.org, to: 172.16.10.109}
    - {from: cas.crans.org, to: 172.16.10.120}
    - {from: phabricator.crans.org, to: 172.16.10.116}
    - {from: trackerusercontent.crans.org, to: 172.16.10.116}
    - {from: wiki.crans.org, to: 172.16.10.161}
    - {from: pad.crans.org, to: "172.16.10.130:9001"}
    - {from: zero.crans.org, to: 172.16.10.130}
    - {from: ethercalc.crans.org, to: "172.16.10.133:8000"}
    - {from: roundcube.crans.org, to: 172.16.10.107}
    - {from: hedgedoc.crans.org, to: "172.16.10.128:3000"}
    - {from: owncloud.crans.org, to: 172.16.10.136}
    - {from: linx.crans.org, to: "172.16.10.119:8080"}
    - {from: belenios.crans.org, to: 172.16.10.111}
    # - {from: mailman.crans.org, to: 10.231.136.180}

    # Zamok
    - {from: perso.crans.org, to: 172.16.10.31}
    - {from: med.crans.org, to: 172.16.10.31}
    - {from: amap.crans.org, to: 172.16.10.31}
    - {from: pot-vieux.crans.org, to: 172.16.10.31}
    - {from: bonvivens.crans.org, to: 172.16.10.31}

  redirect_sites:
    - {from: crans.org, to: www.crans.org}

    # Aliases or legacy support
    - {from: clubs.crans.org, to: perso.crans.org}
    - {from: task.crans.org, to: phabricator.crans.org}
    - {from: adopteunpingouin.crans.org, to: install-party.crans.org}
    - {from: i-p.crans.org, to: install-party.crans.org}

    # To the wiki
    - {from: wikipedia.crans.org, to: wiki.crans.org}
    - {from: television.crans.org, to: wiki.crans.org/CransTv}
    - {from: tv.crans.org, to: wiki.crans.org/CransTv}

    # ENS Cachan
    - {from: crans.ens-cachan.fr, to: www.crans.org}
    - {from: install-party.ens-cachan.fr, to: install-party.crans.org}

  static_sites:
    - www.crans.org
    - install-party.crans.org
    - autoconfig.crans.org