CCCHH/ansible-infra
CCCHH/ansible-infra
2
2
Fork 1
Code Issues 7 Pull requests 9 Wiki Activity Actions

dooris(host): use new dooris software
All checks were successful
/ Ansible Lint (push) Successful in 3m56s
Details

Browse source 
Also fix DNS record not properly working anymore.
This commit is contained in:
June 2026-05-18 18:00:30 +02:00
commit 1275d50bdf
Signed by: june
SSH key fingerprint: SHA256:o9EAq4Y9N9K0pBQeBTqhSDrND5E7oB+60ZNx0U1yPe0
3 changed files with 14 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

2
resources/chaosknoten/auth-dns/zones/ccchh.net.zone
View file

@ -52,7 +52,7 @@ hmdooris-ccu A 10.31.208.202
buba A 10.31.211.137 buba A 10.31.211.137
buba.z9 A 10.31.211.137 buba.z9 A 10.31.211.137
dooris AAAA 2a07:c481:1:d0::1c dooris AAAA 2a07:c481:1:d0::1c
_acme-challenge.dooris CNAME 37caae1f-b77f-4eb1-aa71-dc3f7ed24360.auth.acmedns.hamburg.ccc.de _acme-challenge.dooris CNAME 37caae1f-b77f-4eb1-aa71-dc3f7ed24360.auth.acmedns.hamburg.ccc.de.
waybackproxy A 10.31.208.99 waybackproxy A 10.31.208.99
yate A 10.31.208.12 yate A 10.31.208.12
staubiv2 A 10.31.210.233 staubiv2 A 10.31.210.233

24
resources/z9/dooris/docker_compose/compose.yaml.j2
View file

@ -2,21 +2,13 @@
services: services:
dooris: dooris:
image: git.hamburg.ccc.de/ccchh/hmdooris/hmdooris:latest image: git.hamburg.ccc.de/ccchh/dooris:latest
environment: environment:
HMDOORIS_ALLOWED_IPS: "2a07:c481:1:c8::/64 2a01:170:118b::/56 172.31.200.0/23 172.31.202.0/27" DOORIS_OPENID_ISSUER: https://id.hamburg.ccc.de/realms/ccchh/
HMDOORIS_CCUJACK_CERTIFICATE_PATH: false DOORIS_OPENID_CLIENT_ID: dooris
HMDOORIS_CCUJACK_PASSWORD: "{{ secret__dooris_ccujack_password }}" DOORIS_OPENID_CLIENT_SECRET: "{{ secret__dooris_client_secret }}"
HMDOORIS_CCUJACK_URL: https://hmdooris-ccu.ccchh.net:2122 DOORIS_BASE_URL: https://dooris.ccchh.net
HMDOORIS_CCUJACK_USERNAME: dooris DOORIS_CCUJACK_USER: "dooris"
HMDOORIS_CLIENT_ID: dooris DOORIS_CCUJACK_PASSWORD: "{{ secret__dooris_ccujack_password }}"
HMDOORIS_CLIENT_SECRET: "{{ secret__dooris_client_secret }}" network_mode: host
HMDOORIS_DISCOVERY_URL: https://id.hamburg.ccc.de/realms/ccchh/.well-known/openid-configuration
HMDOORIS_LISTEN: '0.0.0.0:3000'
HMDOORIS_REQUIRES_GROUP: /intern
HMDOORIS_URL: https://dooris.ccchh.net
PYTHONWARNINGS: "ignore:Unverified HTTPS request"
#DEBUG: true
ports:
- "127.0.0.1:3000:3000"
restart: unless-stopped restart: unless-stopped

6
resources/z9/dooris/nginx/dooris.ccchh.net.conf
View file

@ -32,6 +32,10 @@ server {
proxy_set_header Connection "upgrade"; proxy_set_header Connection "upgrade";
location / { location / {
proxy_pass http://127.0.0.1:3000/; proxy_pass http://127.0.0.1:8000/;
# Increase size to fix nginx error: "upstream sent too big header while reading response header from upstream"
proxy_buffer_size 64k;
proxy_busy_buffers_size 64k;
proxy_buffers 20 4k;
} }
} }