ansible/services_web.yml
2020-11-04 20:10:47 +01:00

57 lines
1.7 KiB
YAML
Executable file

#!/usr/bin/env ansible-playbook
---
# Deploy Docker hosts
- hosts: docker-ovh.adm.auro.re,docker-worker1-aurore.adm.auro.re,gitea.adm.auro.re,drone.adm.auro.re
roles:
- docker
# Deploy Passbolt
- hosts: passbolt.adm.auro.re
roles:
- passbolt
# Deploy reverse proxy
- hosts: proxy*.adm.auro.re
vars:
certbot:
dns_rfc2136_name: certbot_challenge.
dns_rfc2136_secret: "{{ vault_certbot_dns_secret }}"
mail: tech.aurore@lists.crans.org
certname: auro.re
domains: "auro.re, *.auro.re, aurores.net, *.aurores.net, fede-aurore.net, *.fede-aurore.net"
dns_masters_ipv4:
- "92.222.211.196"
nginx:
ssl:
cert: /etc/letsencrypt/live/auro.re/fullchain.pem
cert_key: /etc/letsencrypt/live/auro.re/privkey.pem
trusted_cert: /etc/letsencrypt/live/auro.re/chain.pem
redirect_dnames:
- aurores.net
- fede-aurore.net
reverseproxy_sites:
- {from: re2o.auro.re, to: 10.128.0.10}
- {from: intranet.auro.re, to: 10.128.0.10}
- {from: phabricator.auro.re, to: 10.128.0.50}
- {from: wiki.auro.re, to: 10.128.0.51}
- {from: www.auro.re, to: 10.128.0.52}
- {from: drone.auro.re, to: "10.128.0.64:8000"}
- {from: re2o-test.auro.re, to: 10.128.0.100}
- {from: riot.auro.re, to: "10.128.0.150:8080"}
- {from: codimd.auro.re, to: "10.128.0.150:8081"}
- {from: grafana.auro.re, to: "10.128.0.150:8082"}
- {from: privatebin.auro.re, to: "10.128.0.150:8083"}
- {from: pad.auro.re, to: "10.128.0.150:8084"}
- {from: cas.auro.re, to: "10.128.0.150:8085"}
redirect_sites:
- {from: auro.re, to: www.auro.re}
roles:
- certbot
- nginx_reverseproxy