#!/usr/bin/env ansible-playbook --- # Deploy reverse proxy # Frontdaur is the backup of bakdaur (keepalived) - hosts: bakdaur.adm.crans.org,frontdaur.adm.crans.org vars: certbot: dns_rfc2136_name: certbot_challenge. dns_rfc2136_secret: "{{ vault_certbot_dns_secret }}" mail: root@crans.org certname: crans.org domains: "crans.org, *.crans.org, crans.fr, *.crans.fr, crans.eu, *.crans.eu" bind: masters: "{{ lookup('re2oapi', 'get_role', 'dns-authoritary-master')[0] }}" nginx: ssl: cert: /etc/letsencrypt/live/crans.org/fullchain.pem cert_key: /etc/letsencrypt/live/crans.org/privkey.pem trusted_cert: /etc/letsencrypt/live/crans.org/chain.pem redirect_dnames: - crans.eu - crans.fr reverseproxy_sites: # Services web Crans - {from: lutim.crans.org, to: 10.231.136.69} - {from: zero.crans.org, to: 10.231.136.76} - {from: pad.crans.org, to: "10.231.136.76:9001"} - {from: ethercalc.crans.org, to: "10.231.136.203:8000"} - {from: mediadrop.crans.org, to: 10.231.136.106} - {from: videos.crans.org, to: 10.231.136.106} - {from: video.crans.org, to: 10.231.136.106} - {from: roundcube.crans.org, to: 10.231.136.105} - {from: phabricator.crans.org, to: 10.231.136.123} - {from: trackerusercontent.crans.org, to: 10.231.136.123} - {from: cas.crans.org, to: 10.231.136.18} - {from: auth.crans.org, to: 10.231.136.18} - {from: login.crans.org, to: 10.231.136.18} - {from: webmail.crans.org, to: 10.231.136.107} - {from: horde.crans.org, to: 10.231.136.107} - {from: owncloud.crans.org, to: 10.231.136.26} - {from: ftps.crans.org, to: 10.231.136.98} - {from: wiki.crans.org, to: 10.231.136.204} - {from: calendrier.crans.org, to: 10.231.136.204} - {from: www.crans.org, to: 10.231.136.46} - {from: doc.crans.org, to: 10.231.136.46} - {from: limesurvey.crans.org, to: 10.231.136.253} - {from: perso.crans.org, to: 10.231.136.1} - {from: webnews.crans.org, to: 10.231.136.63} - {from: re2o.crans.org, to: 10.231.136.9} - {from: intranet.crans.org, to: 10.231.136.9} - {from: autoconfig.crans.org, to: 10.231.136.46}