99 lines
2.6 KiB
YAML
99 lines
2.6 KiB
YAML
---
|
|
postfix:
|
|
primary: false
|
|
secondary: true
|
|
public: true
|
|
dkim: true
|
|
titanic: false
|
|
|
|
to_backup:
|
|
- {
|
|
name: "var",
|
|
path: "/var",
|
|
auth_users: "backupcrans",
|
|
secrets_file: "/etc/rsyncd.secrets",
|
|
hosts_allow: ["zephir.adm.crans.org", "10.231.136.6", "172.31.0.1"],
|
|
}
|
|
- {
|
|
name: "slash",
|
|
path: "/",
|
|
auth_users: "backupcrans",
|
|
secrets_file: "/etc/rsyncd.secrets",
|
|
hosts_allow: ["zephir.adm.crans.org", "10.231.136.6", "172.31.0.1"],
|
|
}
|
|
|
|
loc_slapd:
|
|
ip: "{{ query('ldap', 'ip', 'sputnik', 'adm') | ipv4 | first }}"
|
|
replica: true
|
|
replica_rid: 4
|
|
|
|
loc_moinmoin:
|
|
main: false
|
|
|
|
loc_certbot:
|
|
- dns_rfc2136_server: '172.16.10.147'
|
|
dns_rfc2136_name: certbot_adm_challenge.
|
|
dns_rfc2136_secret: "{{ vault.certbot_adm_dns_secret }}"
|
|
mail: root@crans.org
|
|
certname: adm.crans.org
|
|
domains: "*.adm.crans.org"
|
|
- dns_rfc2136_server: '172.16.10.147'
|
|
dns_rfc2136_name: certbot_challenge.
|
|
dns_rfc2136_secret: "{{ vault.certbot_dns_secret }}"
|
|
mail: root@crans.org
|
|
certname: crans.org
|
|
domains: "*.crans.org"
|
|
|
|
loc_nginx:
|
|
service_name: wiki
|
|
ssl:
|
|
- name: adm.crans.org
|
|
cert: /etc/letsencrypt/live/adm.crans.org/fullchain.pem
|
|
cert_key: /etc/letsencrypt/live/adm.crans.org/privkey.pem
|
|
trusted_cert: /etc/letsencrypt/live/adm.crans.org/chain.pem
|
|
- name: crans.org
|
|
cert: /etc/letsencrypt/live/crans.org/fullchain.pem
|
|
cert_key: /etc/letsencrypt/live/crans.org/privkey.pem
|
|
trusted_cert: /etc/letsencrypt/live/crans.org/chain.pem
|
|
servers:
|
|
- server_name:
|
|
- "wiki2.crans.org"
|
|
ssl : "crans.org"
|
|
access_log: "/var/log/nginx/wiki.log combined"
|
|
error_log: "/var/log/nginx/wiki.error.log"
|
|
additional_params:
|
|
- "rewrite ^/$ $scheme://wiki2.crans.org/PageAccueil"
|
|
- "client_max_body_size 15M"
|
|
|
|
locations:
|
|
- filter: "/wiki"
|
|
params:
|
|
- "alias /var/local/wiki/htdocs/"
|
|
|
|
- filter: "/robots.txt"
|
|
params:
|
|
- "alias /var/local/wiki/robots.txt"
|
|
|
|
- filter: "/favicon.ico"
|
|
params:
|
|
- "alias /var/local/wiki/favicon.ico"
|
|
|
|
- filter: "/www-sitemap.xml"
|
|
params:
|
|
- "alias /var/local/wiki/www-sitemap.xml"
|
|
|
|
- filter: "/"
|
|
params:
|
|
- "uwsgi_pass unix:///var/run/uwsgi/app/moinmoin/socket"
|
|
- "include uwsgi_params"
|
|
|
|
loc_reverseproxy:
|
|
reverseproxy_sites:
|
|
- {from: status.crans.org, to: "127.0.0.1:8080"}
|
|
- {from: git2.crans.org, to: "127.0.0.1:3000"}
|
|
- {from: git2.adm.crans.org, to: "127.0.0.1:3000", ssl: adm.crans.org}
|
|
|
|
redirect_sites: []
|
|
|
|
static_sites: []
|