57 lines
1.7 KiB
YAML
Executable file
57 lines
1.7 KiB
YAML
Executable file
#!/usr/bin/env ansible-playbook
|
|
---
|
|
# Deploy Docker hosts
|
|
- hosts: docker-ovh.adm.auro.re,docker-worker1-aurore.adm.auro.re,gitea.adm.auro.re,drone.adm.auro.re
|
|
roles:
|
|
- docker
|
|
|
|
# Deploy Passbolt
|
|
- hosts: passbolt.adm.auro.re
|
|
roles:
|
|
- passbolt
|
|
|
|
# Deploy reverse proxy
|
|
- hosts: proxy*.adm.auro.re
|
|
vars:
|
|
certbot:
|
|
dns_rfc2136_name: certbot_challenge.
|
|
dns_rfc2136_secret: "{{ vault_certbot_dns_secret }}"
|
|
mail: tech.aurore@lists.crans.org
|
|
certname: auro.re
|
|
domains: "auro.re, *.auro.re, aurores.net, *.aurores.net, fede-aurore.net, *.fede-aurore.net"
|
|
dns_masters_ipv4:
|
|
- "92.222.211.196"
|
|
nginx:
|
|
ssl:
|
|
cert: /etc/letsencrypt/live/auro.re/fullchain.pem
|
|
cert_key: /etc/letsencrypt/live/auro.re/privkey.pem
|
|
trusted_cert: /etc/letsencrypt/live/auro.re/chain.pem
|
|
|
|
redirect_dnames:
|
|
- aurores.net
|
|
- fede-aurore.net
|
|
|
|
reverseproxy_sites:
|
|
- {from: re2o.auro.re, to: 10.128.0.10}
|
|
- {from: intranet.auro.re, to: 10.128.0.10}
|
|
|
|
- {from: phabricator.auro.re, to: 10.128.0.50}
|
|
- {from: wiki.auro.re, to: 10.128.0.51}
|
|
- {from: www.auro.re, to: 10.128.0.52}
|
|
|
|
- {from: drone.auro.re, to: "10.128.0.64:8000"}
|
|
|
|
- {from: re2o-test.auro.re, to: 10.128.0.100}
|
|
|
|
- {from: riot.auro.re, to: "10.128.0.150:8080"}
|
|
- {from: codimd.auro.re, to: "10.128.0.150:8081"}
|
|
- {from: grafana.auro.re, to: "10.128.0.150:8082"}
|
|
- {from: privatebin.auro.re, to: "10.128.0.150:8083"}
|
|
- {from: pad.auro.re, to: "10.128.0.150:8084"}
|
|
- {from: cas.auro.re, to: "10.128.0.150:8085"}
|
|
|
|
redirect_sites:
|
|
- {from: auro.re, to: www.auro.re}
|
|
roles:
|
|
- certbot
|
|
- nginx_reverseproxy
|