add a tmp rp

This commit is contained in:
histausse 2021-07-28 02:22:54 +02:00
parent d7dc1cd6b6
commit 35ed78089f
Signed by: histausse
GPG key ID: 67486F107F62E9E9
3 changed files with 62 additions and 0 deletions

View file

@ -0,0 +1,5 @@
---
- name: Reload nginx
systemd:
name: nginx
state: reloaded

View file

@ -53,3 +53,34 @@
register: apt_result register: apt_result
retries: 3 retries: 3
until: apt_result is succeeded until: apt_result is succeeded
# --- DRAFT ---
- name: Install nginx
apt:
name: nginx
state: latest
update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Generate self signed cert
include_role:
name: generate_self_signed_certificate
vars:
server_hostname: "{{ matrix_server_name }}"
- name: Copy reverse proxy sites
template:
src: "nginx/config_synapse"
dest: "/etc/nginx/sites-available/synapse"
notify: Reload nginx
- name: Activate sites
file:
src: "/etc/nginx/sites-available/synapse"
dest: "/etc/nginx/sites-enabled/synapse"
state: link
force: yes
notify: Reload nginx

View file

@ -0,0 +1,26 @@
{{ ansible_managed | comment }}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
# For the federation port
listen 8448 ssl http2 default_server;
listen [::]:8448 ssl http2 default_server;
server_name {{ matrix_server_name }};
ssl_certificate /var/certificates/{{ matrix_server_name }}_cert.pem;
ssl_certificate_key /var/certificates/{{ matrix_server_name }}_privkey.pem;
location ~* ^(\/_matrix|\/_synapse\/client) {
proxy_pass http://localhost:8008;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
# Nginx by default only allows file uploads up to 1M in size
# Increase client_max_body_size to match max_upload_size defined in homeserver.yaml
client_max_body_size {{ matrix_max_upload_size }};
}
}