Migrate Engelsystem from ThinkCCCluster to Chaosknoten

inventories/chaosknoten/host_vars/engelsystem.yaml

@@ -1,4 +1,4 @@
-docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'z9/configs/engelsystem/compose.yaml.j2') }}"
+docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/engelsystem/compose.yaml.j2') }}"
 docker_compose__configuration_files: []
 
 certbot__version_spec: ""
@@ -9,4 +9,4 @@ certbot__certificate_domains:
 nginx__version_spec: ""
 nginx__configurations:
   - name: aes.ccchh.net
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/engelsystem/nginx/aes.ccchh.net.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/engelsystem/nginx/aes.ccchh.net.conf') }}"

inventories/chaosknoten/hosts.yaml

@@ -5,6 +5,7 @@ all:
         cloud:
         pad:
         keycloak:
+        engelsystem:
     debian_12:
       hosts:
         cloud:
@@ -25,11 +26,16 @@ all:
           ansible_host: keycloak-intern.hamburg.ccc.de
           ansible_user: chaos
           ansible_ssh_common_args: -J ssh://public-reverse-proxy.hamburg.ccc.de:42666
+        engelsystem:
+          ansible_host: aes-intern.hamburg.ccc.de
+          ansible_user: chaos
+          ansible_ssh_common_args: -J ssh://public-reverse-proxy.hamburg.ccc.de:42666
     docker_compose_hosts:
       hosts:
         cloud:
         pad:
         keycloak:
+        engelsystem:
     nextcloud_hosts:
       hosts:
         cloud:
@@ -39,6 +45,7 @@ all:
         pad:
         public-reverse-proxy:
         keycloak:
+        engelsystem:
     public_reverse_proxy_hosts:
       hosts:
         public-reverse-proxy:

inventories/z9/hosts.yaml

@@ -29,9 +29,6 @@ all:
         mailserver-endpoint:
           ansible_host: mailserver-endpoint.ccchh.net
           ansible_user: chaos
-        engelsystem:
-          ansible_host: engelsystem.z9.ccchh.net
-          ansible_user: chaos
     debian_12:
       hosts:
         public-reverse-proxy:
@@ -44,7 +41,6 @@ all:
         zigbee2mqtt:
         light:
         wiki:
-        engelsystem:
     public_reverse_proxy_hosts:
       hosts:
         public-reverse-proxy:
@@ -55,15 +51,11 @@ all:
         esphome:
         zigbee2mqtt:
         wiki:
-        engelsystem:
     ssh_server_config_hosts:
       hosts:
         public-reverse-proxy:
         wiki:
         mailserver-endpoint:
-    docker_compose_hosts:
-      hosts:
-        engelsystem:
     esphome_hosts:
       hosts:
         esphome:

playbooks/files/chaosknoten/configs/engelsystem/nginx/aes.ccchh.net.conf

@@ -7,7 +7,7 @@ server {
     # $remote_port to the client address and client port, when using proxy
     # protocol.
     # First set our proxy protocol proxy as trusted.
-    set_real_ip_from 10.31.206.14;
+    set_real_ip_from 172.31.17.140;
     # Then tell the realip_module to get the addreses from the proxy protocol
     # header.
     real_ip_header proxy_protocol;

playbooks/files/chaosknoten/configs/public-reverse-proxy/nginx/acme_challenge.conf

@@ -3,6 +3,7 @@ map $host $upstream_acme_challenge_host {
     pad.hamburg.ccc.de pad-intern.hamburg.ccc.de:31820;
     id.hamburg.ccc.de 172.31.17.144:31820;
     keycloak-admin.hamburg.ccc.de 172.31.17.144:31820;
+    aes.ccchh.net 172.31.17.145:31820;
     default "";
 }
 

playbooks/files/chaosknoten/configs/public-reverse-proxy/nginx/nginx.conf

@@ -22,6 +22,7 @@ stream {
         pad.hamburg.ccc.de pad-intern.hamburg.ccc.de:8443;
         id.hamburg.ccc.de 172.31.17.144:8443;
         keycloak-admin.hamburg.ccc.de 172.31.17.144:8444;
+        aes.ccchh.net 172.31.17.145:8443;
     }
 
     server {