Migrate Wiki from ThinkCCCluster to Chaosknoten

Also do the redirect for DNS cache stuff like with aes.
This commit is contained in:
June 2023-08-11 01:59:34 +02:00 committed by julian
parent d256082221
commit d16da59fd7
8 changed files with 12 additions and 10 deletions

View file

@ -1,7 +1,7 @@
nginx__version_spec: "" nginx__version_spec: ""
nginx__configurations: nginx__configurations:
- name: wiki.ccchh.net - name: wiki.ccchh.net
content: "{{ lookup('ansible.builtin.file', 'z9/configs/wiki/nginx/wiki.ccchh.net.conf') }}" content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/wiki/nginx/wiki.ccchh.net.conf') }}"
certbot__version_spec: "" certbot__version_spec: ""
certbot__acme_account_email_address: j+letsencrypt-ccchh@jsts.xyz certbot__acme_account_email_address: j+letsencrypt-ccchh@jsts.xyz

View file

@ -6,6 +6,7 @@ all:
pad: pad:
keycloak: keycloak:
engelsystem: engelsystem:
wiki:
debian_12: debian_12:
hosts: hosts:
cloud: cloud:
@ -30,6 +31,10 @@ all:
ansible_host: aes-intern.hamburg.ccc.de ansible_host: aes-intern.hamburg.ccc.de
ansible_user: chaos ansible_user: chaos
ansible_ssh_common_args: -J ssh://public-reverse-proxy.hamburg.ccc.de:42666 ansible_ssh_common_args: -J ssh://public-reverse-proxy.hamburg.ccc.de:42666
wiki:
ansible_host: wiki-intern.hamburg.ccc.de
ansible_user: chaos
ansible_ssh_common_args: -J ssh://public-reverse-proxy.hamburg.ccc.de:42666
docker_compose_hosts: docker_compose_hosts:
hosts: hosts:
cloud: cloud:
@ -46,9 +51,11 @@ all:
public-reverse-proxy: public-reverse-proxy:
keycloak: keycloak:
engelsystem: engelsystem:
wiki:
public_reverse_proxy_hosts: public_reverse_proxy_hosts:
hosts: hosts:
public-reverse-proxy: public-reverse-proxy:
ssh_server_config_hosts: ssh_server_config_hosts:
hosts: hosts:
keycloak: keycloak:
wiki:

View file

@ -17,9 +17,6 @@ all:
audio: audio:
ansible_host: audio.z9.ccchh.net ansible_host: audio.z9.ccchh.net
ansible_user: chaos ansible_user: chaos
wiki:
ansible_host: wiki.z9.ccchh.net
ansible_user: chaos
authoritative-dns: authoritative-dns:
ansible_host: authoritative-dns.z9.ccchh.net ansible_host: authoritative-dns.z9.ccchh.net
ansible_user: chaos ansible_user: chaos
@ -40,7 +37,6 @@ all:
esphome: esphome:
zigbee2mqtt: zigbee2mqtt:
light: light:
wiki:
public_reverse_proxy_hosts: public_reverse_proxy_hosts:
hosts: hosts:
public-reverse-proxy: public-reverse-proxy:
@ -50,11 +46,9 @@ all:
hosts: hosts:
esphome: esphome:
zigbee2mqtt: zigbee2mqtt:
wiki:
ssh_server_config_hosts: ssh_server_config_hosts:
hosts: hosts:
public-reverse-proxy: public-reverse-proxy:
wiki:
mailserver-endpoint: mailserver-endpoint:
esphome_hosts: esphome_hosts:
hosts: hosts:

View file

@ -4,6 +4,7 @@ map $host $upstream_acme_challenge_host {
id.hamburg.ccc.de 172.31.17.144:31820; id.hamburg.ccc.de 172.31.17.144:31820;
keycloak-admin.hamburg.ccc.de 172.31.17.144:31820; keycloak-admin.hamburg.ccc.de 172.31.17.144:31820;
aes.ccchh.net 172.31.17.145:31820; aes.ccchh.net 172.31.17.145:31820;
wiki.ccchh.net 172.31.17.146:31820;
default ""; default "";
} }

View file

@ -23,6 +23,7 @@ stream {
id.hamburg.ccc.de 172.31.17.144:8443; id.hamburg.ccc.de 172.31.17.144:8443;
keycloak-admin.hamburg.ccc.de 172.31.17.144:8444; keycloak-admin.hamburg.ccc.de 172.31.17.144:8444;
aes.ccchh.net 172.31.17.145:8443; aes.ccchh.net 172.31.17.145:8443;
wiki.ccchh.net 172.31.17.146:8443;
} }
server { server {

View file

@ -7,7 +7,7 @@ server {
# $remote_port to the client address and client port, when using proxy # $remote_port to the client address and client port, when using proxy
# protocol. # protocol.
# First set our proxy protocol proxy as trusted. # First set our proxy protocol proxy as trusted.
set_real_ip_from 10.31.206.11; set_real_ip_from 172.31.17.140;
# Then tell the realip_module to get the addreses from the proxy protocol # Then tell the realip_module to get the addreses from the proxy protocol
# header. # header.
real_ip_header proxy_protocol; real_ip_header proxy_protocol;

View file

@ -6,7 +6,6 @@ map $host $upstream_acme_challenge_host {
thinkcccore1.ccchh.net 10.31.242.4; thinkcccore1.ccchh.net 10.31.242.4;
thinkcccore2.ccchh.net 10.31.242.5; thinkcccore2.ccchh.net 10.31.242.5;
thinkcccore3.ccchh.net 10.31.242.6; thinkcccore3.ccchh.net 10.31.242.6;
wiki.ccchh.net 10.31.206.13:31820;
zigbee2mqtt.ccchh.net 10.31.208.25:31820; zigbee2mqtt.ccchh.net 10.31.208.25:31820;
esphome.ccchh.net 10.31.208.24:31820; esphome.ccchh.net 10.31.208.24:31820;
proxmox-backup-server.ccchh.net 10.31.208.28; proxmox-backup-server.ccchh.net 10.31.208.28;

View file

@ -17,11 +17,11 @@ events {
stream { stream {
map $ssl_preread_server_name $first_jump { map $ssl_preread_server_name $first_jump {
aes.ccchh.net 212.12.48.125:443; aes.ccchh.net 212.12.48.125:443;
wiki.ccchh.net 212.12.48.125:443;
default 127.0.0.1:9443; default 127.0.0.1:9443;
} }
map $ssl_preread_server_name $address { map $ssl_preread_server_name $address {
wiki.ccchh.net 10.31.206.13:8443;
default 127.0.0.1:8443; default 127.0.0.1:8443;
} }