From 944c8cde8249673566e2e5bf20699e6c58a93049 Mon Sep 17 00:00:00 2001 From: June Date: Wed, 17 Dec 2025 03:34:39 +0100 Subject: [PATCH] onlyoffice(host): move to new network and hostname --- inventories/chaosknoten/hosts.yaml | 4 ++-- .../onlyoffice/nginx/onlyoffice.hamburg.ccc.de.conf | 4 +++- .../public-reverse-proxy/nginx/acme_challenge.conf | 2 +- resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf | 2 +- 4 files changed, 7 insertions(+), 5 deletions(-) diff --git a/inventories/chaosknoten/hosts.yaml b/inventories/chaosknoten/hosts.yaml index dfa841e..1028deb 100644 --- a/inventories/chaosknoten/hosts.yaml +++ b/inventories/chaosknoten/hosts.yaml @@ -37,9 +37,9 @@ all: ansible_user: chaos ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de onlyoffice: - ansible_host: onlyoffice-intern.hamburg.ccc.de + ansible_host: onlyoffice.hosts.hamburg.ccc.de ansible_user: chaos - ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de + ansible_ssh_common_args: -J ssh://chaos@router.hamburg.ccc.de pad: ansible_host: pad.hosts.hamburg.ccc.de ansible_user: chaos diff --git a/resources/chaosknoten/onlyoffice/nginx/onlyoffice.hamburg.ccc.de.conf b/resources/chaosknoten/onlyoffice/nginx/onlyoffice.hamburg.ccc.de.conf index 2471525..8a9a486 100644 --- a/resources/chaosknoten/onlyoffice/nginx/onlyoffice.hamburg.ccc.de.conf +++ b/resources/chaosknoten/onlyoffice/nginx/onlyoffice.hamburg.ccc.de.conf @@ -3,11 +3,13 @@ server { # Listen on a custom port for the proxy protocol. listen 8443 ssl http2 proxy_protocol; + listen [::]:8443 ssl http2 proxy_protocol; # Make use of the ngx_http_realip_module to set the $remote_addr and # $remote_port to the client address and client port, when using proxy # protocol. # First set our proxy protocol proxy as trusted. - set_real_ip_from 172.31.17.140; + set_real_ip_from 2a00:14b0:4200:3000:125::1; + # Then tell the realip_module to get the addreses from the proxy protocol # header. real_ip_header proxy_protocol; diff --git a/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf b/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf index 4d6d4c0..409b5c6 100644 --- a/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf +++ b/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf @@ -20,7 +20,7 @@ map $host $upstream_acme_challenge_host { mas.hamburg.ccc.de 172.31.17.150:31820; element-admin.hamburg.ccc.de 172.31.17.151:31820; netbox.hamburg.ccc.de 172.31.17.167:31820; - onlyoffice.hamburg.ccc.de 172.31.17.147:31820; + onlyoffice.hamburg.ccc.de onlyoffice.hosts.hamburg.ccc.de:31820; pad.hamburg.ccc.de pad.hosts.hamburg.ccc.de:31820; pretalx.hamburg.ccc.de 172.31.17.157:31820; spaceapi.hamburg.ccc.de 172.31.17.151:31820; diff --git a/resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf b/resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf index de99d40..97e0e3c 100644 --- a/resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf +++ b/resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf @@ -29,7 +29,7 @@ stream { grafana.hamburg.ccc.de 172.31.17.145:8443; wiki.ccchh.net wiki.hosts.hamburg.ccc.de:8443; wiki.hamburg.ccc.de wiki.hosts.hamburg.ccc.de:8443; - onlyoffice.hamburg.ccc.de 172.31.17.147:8443; + onlyoffice.hamburg.ccc.de onlyoffice.hosts.hamburg.ccc.de:8443; hackertours.hamburg.ccc.de 172.31.17.151:8443; staging.hackertours.hamburg.ccc.de 172.31.17.151:8443; netbox.hamburg.ccc.de 172.31.17.167:8443;