diff --git a/inventories/chaosknoten/host_vars/hackertours.yaml b/inventories/chaosknoten/host_vars/tickets.yaml similarity index 65% rename from inventories/chaosknoten/host_vars/hackertours.yaml rename to inventories/chaosknoten/host_vars/tickets.yaml index 6b6a0e5..e160a55 100644 --- a/inventories/chaosknoten/host_vars/hackertours.yaml +++ b/inventories/chaosknoten/host_vars/tickets.yaml @@ -1,16 +1,16 @@ -docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/hackertours/compose.yaml.j2') }}" +docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/tickets/compose.yaml.j2') }}" docker_compose__configuration_files: - name: pretix.cfg - content: "{{ lookup('ansible.builtin.template', 'templates/chaosknoten/configs/hackertours/pretix.cfg.j2') }}" + content: "{{ lookup('ansible.builtin.template', 'templates/chaosknoten/configs/tickets/pretix.cfg.j2') }}" certbot__version_spec: "" certbot__acme_account_email_address: le-admin@hamburg.ccc.de certbot__certificate_domains: - - "hackertours.hamburg.ccc.de" + - "tickets.hamburg.ccc.de" certbot__new_cert_commands: - "systemctl reload nginx.service" nginx__version_spec: "" nginx__configurations: - - name: hackertours.hamburg.ccc.de - content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/hackertours/nginx/hackertours.hamburg.ccc.de.conf') }}" + - name: tickets.hamburg.ccc.de + content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/tickets/nginx/tickets.hamburg.ccc.de.conf') }}" diff --git a/inventories/chaosknoten/hosts.yaml b/inventories/chaosknoten/hosts.yaml index d6f2dcc..06fb108 100644 --- a/inventories/chaosknoten/hosts.yaml +++ b/inventories/chaosknoten/hosts.yaml @@ -16,8 +16,8 @@ all: ansible_port: 42666 ansible_user: chaos ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de:42666 - hackertours: - ansible_host: hackertours-intern.hamburg.ccc.de + tickets: + ansible_host: tickets-intern.hamburg.ccc.de ansible_port: 42666 ansible_user: chaos ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de:42666 @@ -64,7 +64,7 @@ all: hosts: ccchoir: grafana: - hackertours: + tickets: keycloak: lists: onlyoffice: @@ -78,7 +78,7 @@ all: hosts: ccchoir: grafana: - hackertours: + tickets: keycloak: lists: mumble: @@ -99,7 +99,7 @@ all: hosts: ccchoir: grafana: - hackertours: + tickets: keycloak: lists: mumble: @@ -112,7 +112,7 @@ all: hosts: ccchoir: grafana: - hackertours: + tickets: cloud: keycloak: onlyoffice: diff --git a/playbooks/files/chaosknoten/configs/public-reverse-proxy/nginx/acme_challenge.conf b/playbooks/files/chaosknoten/configs/public-reverse-proxy/nginx/acme_challenge.conf index 925e4f3..f27b0bb 100644 --- a/playbooks/files/chaosknoten/configs/public-reverse-proxy/nginx/acme_challenge.conf +++ b/playbooks/files/chaosknoten/configs/public-reverse-proxy/nginx/acme_challenge.conf @@ -24,6 +24,7 @@ map $host $upstream_acme_challenge_host { wiki.ccchh.net 172.31.17.146:31820; wiki.hamburg.ccc.de 172.31.17.146:31820; www.hamburg.ccc.de 172.31.17.151:31820; + tickets.hamburg.ccc.de 172.31.17.148:31820; zammad.hamburg.ccc.de 172.31.17.152:31820; eh03.easterhegg.eu 172.31.17.151:31820; eh05.easterhegg.eu 172.31.17.151:31820; diff --git a/playbooks/files/chaosknoten/configs/public-reverse-proxy/nginx/nginx.conf b/playbooks/files/chaosknoten/configs/public-reverse-proxy/nginx/nginx.conf index 26fab2c..7980d05 100644 --- a/playbooks/files/chaosknoten/configs/public-reverse-proxy/nginx/nginx.conf +++ b/playbooks/files/chaosknoten/configs/public-reverse-proxy/nginx/nginx.conf @@ -40,6 +40,7 @@ stream { hamburg.ccc.de 172.31.17.151:8443; staging.hamburg.ccc.de 172.31.17.151:8443; spaceapi.hamburg.ccc.de 172.31.17.151:8443; + tickets.hamburg.ccc.de 172.31.17.148:8443; zammad.hamburg.ccc.de 172.31.17.152:8443; c3cat.de 172.31.17.151:8443; git.hamburg.ccc.de 172.31.17.154:8443; diff --git a/playbooks/files/chaosknoten/configs/hackertours/nginx/hackertours.hamburg.ccc.de.conf b/playbooks/files/chaosknoten/configs/tickets/nginx/tickets.hamburg.ccc.de.conf similarity index 76% rename from playbooks/files/chaosknoten/configs/hackertours/nginx/hackertours.hamburg.ccc.de.conf rename to playbooks/files/chaosknoten/configs/tickets/nginx/tickets.hamburg.ccc.de.conf index 7f64e64..eb3b3a7 100644 --- a/playbooks/files/chaosknoten/configs/hackertours/nginx/hackertours.hamburg.ccc.de.conf +++ b/playbooks/files/chaosknoten/configs/tickets/nginx/tickets.hamburg.ccc.de.conf @@ -12,12 +12,12 @@ server { # header. real_ip_header proxy_protocol; - server_name hackertours.hamburg.ccc.de; + server_name tickets.hamburg.ccc.de; - ssl_certificate /etc/letsencrypt/live/hackertours.hamburg.ccc.de/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/hackertours.hamburg.ccc.de/privkey.pem; + ssl_certificate /etc/letsencrypt/live/tickets.hamburg.ccc.de/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/tickets.hamburg.ccc.de/privkey.pem; # verify chain of trust of OCSP response using Root CA and Intermediate certs - ssl_trusted_certificate /etc/letsencrypt/live/hackertours.hamburg.ccc.de/chain.pem; + ssl_trusted_certificate /etc/letsencrypt/live/tickets.hamburg.ccc.de/chain.pem; # HSTS (ngx_http_headers_module is required) (63072000 seconds) add_header Strict-Transport-Security "max-age=63072000" always; @@ -36,13 +36,6 @@ server { # Also provide "_hidden" for by, since it's not relevant. proxy_set_header Forwarded "for=$remote_addr;proto=https;host=$host;by=_hidden"; - location = / { - proxy_pass http://127.0.0.1:8888/; - } - location ~ ^/(apple-touch-icon.png|assets|css|de|en|js|posts|tours)(.*)$ { - proxy_pass http://127.0.0.1:8888/$1$2; - } - location / { proxy_pass http://127.0.0.1:8345/; } diff --git a/playbooks/templates/chaosknoten/configs/hackertours/compose.yaml.j2 b/playbooks/templates/chaosknoten/configs/tickets/compose.yaml.j2 similarity index 79% rename from playbooks/templates/chaosknoten/configs/hackertours/compose.yaml.j2 rename to playbooks/templates/chaosknoten/configs/tickets/compose.yaml.j2 index 7566bab..1f9d99d 100644 --- a/playbooks/templates/chaosknoten/configs/hackertours/compose.yaml.j2 +++ b/playbooks/templates/chaosknoten/configs/tickets/compose.yaml.j2 @@ -4,7 +4,7 @@ services: image: docker.io/library/postgres:15-alpine environment: - "POSTGRES_USER=pretix" - - "POSTGRES_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/hackertours/DB_PASSWORD", create=false, missing="error") }}" + - "POSTGRES_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/tickets/DB_PASSWORD", create=false, missing="error") }}" - "POSTGRES_DB=pretix" volumes: - database:/var/lib/postgresql/data @@ -37,14 +37,6 @@ services: backend: frontend: - web: - image: git.hamburg.ccc.de/ccchh/hackertours/hackertours:latest - ports: - - "8888:80" - restart: unless-stopped - networks: - frontend: - volumes: database: {} pretix: {} diff --git a/playbooks/templates/chaosknoten/configs/hackertours/pretix.cfg.j2 b/playbooks/templates/chaosknoten/configs/tickets/pretix.cfg.j2 similarity index 66% rename from playbooks/templates/chaosknoten/configs/hackertours/pretix.cfg.j2 rename to playbooks/templates/chaosknoten/configs/tickets/pretix.cfg.j2 index a585cb9..3f4af83 100644 --- a/playbooks/templates/chaosknoten/configs/hackertours/pretix.cfg.j2 +++ b/playbooks/templates/chaosknoten/configs/tickets/pretix.cfg.j2 @@ -1,6 +1,6 @@ [pretix] -instance_name=CCCHH Hackertours -url=https://hackertours.hamburg.ccc.de +instance_name=CCCHH Tickets +url=https://tickets.hamburg.ccc.de currency=EUR datadir=/data trust_x_forwarded_for=on @@ -10,11 +10,11 @@ trust_x_forwarded_proto=on backend=postgresql name=pretix user=pretix -password={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/hackertours/DB_PASSWORD", create=false, missing="error") }} +password={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/tickets/DB_PASSWORD", create=false, missing="error") }} host=database [mail] -from=ticket@hackertours.hamburg.ccc.de +from=tickets@hamburg.ccc.de host=cow-intern.hamburg.ccc.de [redis]