fix some stuff, comment other stuff

2 years ago · 898cfa69dc
parent 2667d5affc
commit 898cfa69dc
4 changed files with 30 additions and 26 deletions
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -2,14 +2,13 @@
 - name: Install NGINX
  apt:
    update_cache: true
-    name: "{{ item }}"
+    name: 
+      - nginx
+      - 'python3-cryptography'
    state: latest
  register: apt_result
  retries: 3
  until: apt_result is succeeded
-  loop:
-    - nginx
-    - "python3-cryptography"

 - name: Copy snippets
  template:
@ -62,6 +61,7 @@
  template:
    src: nginx.conf
    dest: /etc/nginx/nginx.conf
+  notify: Reload nginx

 # TODO: << Manage reverse proxy >>
 - name: Create the SSL reverse proxy conf
@ -71,11 +71,12 @@
    force: no

 # Manage each http site
- name: Copy reverse proxy sites
+- name: Copy Http Servers
  template:
    src: http_server.j2
    dest: "/etc/nginx/sites-available/{{ item.key }}"
  loop: "{{ http_sites | dict2items}}"
+  notify: Reload nginx

 - name: Use the dummy certificate
  file:
@ -100,3 +101,4 @@
    state: link
    force: yes
  loop: "{{ http_sites | dict2items}}"
+  notify: Reload nginx
--- a/templates/folder.js
+++ b/templates/folder.js
@ -0,0 +1,2 @@
+root {{ location.value.folder }};
+try_files $uri $uri.html $uri/index.html 404;
--- a/templates/http_server.j2
+++ b/templates/http_server.j2
@ -24,8 +24,8 @@ server {
 server {
    # listen port + ssl
    {# <- TODO: Allow other ports -> -#}
-    listen 443 ssl http2;
-    listen [::]:443 ssl http2;
+    listen 127.0.0.1:8443 ssl http2;
+    # listen [::]:443 ssl http2;
    ssl_certificate /etc/nginx/certs/{{ item.key }}.crt;
    ssl_certificate_key /etc/nginx/certs/{{ item.key }}.key;
    {# <- TODO: Allow other ports -> #}
--- a/templates/nginx.conf
+++ b/templates/nginx.conf
@ -39,23 +39,23 @@ stream {
    include /etc/nginx/stream_rp.conf;

    # Proxy request from the back end address
-    map $ssl_preread_server_name $name_from_back {
-        acme-v02.api.letsencrypt.org    acme;
-        r3.o.lencr.org                  r3;
-        default            self-back;
-    }
-    upstream acme {
-        server acme-v02.api.letsencrypt.org:443;
-    }
-    upstream r3 {
-        server r3.o.lencr.org:443;
-    }
-    upstream self-back {
-        server 127.0.0.1:9443;
-    }
-    server {
-        listen 192.168.10.1:443;
-        proxy_pass $name_from_back;
-        ssl_preread on;
-    }
+#    map $ssl_preread_server_name $name_from_back {
+#        acme-v02.api.letsencrypt.org    acme;
+#        r3.o.lencr.org                  r3;
+#        default            self-back;
+#    }
+#    upstream acme {
+#        server acme-v02.api.letsencrypt.org:443;
+#    }
+#    upstream r3 {
+#        server r3.o.lencr.org:443;
+#    }
+#    upstream self-back {
+#        server 127.0.0.1:9443;
+#    }
+#    server {
+#        listen 192.168.10.1:443;
+#        proxy_pass $name_from_back;
+#        ssl_preread on;
+#    }
 }