split the reverse_proxy role to implement a separate reverse proxy for stream

DNS
Jean-Marie Mineau 3 years ago
parent 292d6cbafb
commit 7208a8ccbd

@ -0,0 +1,8 @@
#!/usr/bin/env ansible-playbook
---
# Reverse proxy
- hosts: proxy
roles:
- install_nginx
- reverse_proxy_stream

@ -0,0 +1,5 @@
---
reverse_proxy_stream:
- {from_port: 53, type: "udp", to: "dns-histausse.fil.sand.auro.re:53"}
- {from_port: 53, type: "tcp", to: "dns-histausse.fil.sand.auro.re:53"}

@ -0,0 +1,10 @@
---
- name: Install NGINX
apt:
update_cache: true
name: nginx
state: latest
register: apt_result
retries: 3
until: apt_result is succeeded

@ -1,13 +1,4 @@
---
- name: Install NGINX
apt:
update_cache: true
name: nginx
state: latest
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Install certbot
apt:
update_cache: true

@ -0,0 +1,5 @@
---
- name: Reload nginx
systemd:
name: nginx
state: reloaded

@ -0,0 +1,34 @@
---
- name: Ensure the stream proxy conf available directory exists
file:
path: /etc/nginx/stream-available
state: directory
- name: Ensure the stream proxy conf enabled directory exists
file:
path: /etc/nginx/stream-enabled
state: directory
- name: Include the stream proxy configuration files
blockinfile:
path: /etc/nginx/nginx.conf
block: |
stream {
include /etc/nginx/stream-enabled/*;
}
- name: Copy reverse proxy stream
template:
src: "nginx/stream-available/reverse_proxy"
dest: "/etc/nginx/stream-available/stream_{{ item.type }}_{{ item.from_port }}"
loop: "{{ reverse_proxy_stream }}"
- name: Activate stream
file:
src: "/etc/nginx/stream-available/stream_{{ item.type }}_{{ item.from_port }}"
dest: "/etc/nginx/stream-enabled/stream_{{ item.type }}_{{ item.from_port }}"
state: link
force: yes
loop: "{{ reverse_proxy_stream }}"
notify: Reload nginx

@ -0,0 +1,12 @@
{{ ansible_managed | comment }}
server {
{% if item.type == "udp" %}
listen {{ item.from_port }} udp;
{% else %}
listen {{ item.from_port }};
{% endif %}
proxy_pass {{ item.to }};
}

@ -4,4 +4,5 @@
# Reverse proxy
- hosts: proxy
roles:
- reverse_proxy
- install_nginx
- reverse_proxy_http

Loading…
Cancel
Save