Migrate Wiki from ThinkCCCluster to Chaosknoten

Also do the redirect for DNS cache stuff like with aes.
This commit is contained in:
June 2023-08-11 01:59:34 +02:00 committed by julian
parent d256082221
commit d16da59fd7
8 changed files with 12 additions and 10 deletions

View file

@ -1,7 +1,7 @@
nginx__version_spec: ""
nginx__configurations:
- name: wiki.ccchh.net
content: "{{ lookup('ansible.builtin.file', 'z9/configs/wiki/nginx/wiki.ccchh.net.conf') }}"
content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/wiki/nginx/wiki.ccchh.net.conf') }}"
certbot__version_spec: ""
certbot__acme_account_email_address: j+letsencrypt-ccchh@jsts.xyz

View file

@ -6,6 +6,7 @@ all:
pad:
keycloak:
engelsystem:
wiki:
debian_12:
hosts:
cloud:
@ -30,6 +31,10 @@ all:
ansible_host: aes-intern.hamburg.ccc.de
ansible_user: chaos
ansible_ssh_common_args: -J ssh://public-reverse-proxy.hamburg.ccc.de:42666
wiki:
ansible_host: wiki-intern.hamburg.ccc.de
ansible_user: chaos
ansible_ssh_common_args: -J ssh://public-reverse-proxy.hamburg.ccc.de:42666
docker_compose_hosts:
hosts:
cloud:
@ -46,9 +51,11 @@ all:
public-reverse-proxy:
keycloak:
engelsystem:
wiki:
public_reverse_proxy_hosts:
hosts:
public-reverse-proxy:
ssh_server_config_hosts:
hosts:
keycloak:
wiki:

View file

@ -17,9 +17,6 @@ all:
audio:
ansible_host: audio.z9.ccchh.net
ansible_user: chaos
wiki:
ansible_host: wiki.z9.ccchh.net
ansible_user: chaos
authoritative-dns:
ansible_host: authoritative-dns.z9.ccchh.net
ansible_user: chaos
@ -40,7 +37,6 @@ all:
esphome:
zigbee2mqtt:
light:
wiki:
public_reverse_proxy_hosts:
hosts:
public-reverse-proxy:
@ -50,11 +46,9 @@ all:
hosts:
esphome:
zigbee2mqtt:
wiki:
ssh_server_config_hosts:
hosts:
public-reverse-proxy:
wiki:
mailserver-endpoint:
esphome_hosts:
hosts:

View file

@ -4,6 +4,7 @@ map $host $upstream_acme_challenge_host {
id.hamburg.ccc.de 172.31.17.144:31820;
keycloak-admin.hamburg.ccc.de 172.31.17.144:31820;
aes.ccchh.net 172.31.17.145:31820;
wiki.ccchh.net 172.31.17.146:31820;
default "";
}

View file

@ -23,6 +23,7 @@ stream {
id.hamburg.ccc.de 172.31.17.144:8443;
keycloak-admin.hamburg.ccc.de 172.31.17.144:8444;
aes.ccchh.net 172.31.17.145:8443;
wiki.ccchh.net 172.31.17.146:8443;
}
server {

View file

@ -7,7 +7,7 @@ server {
# $remote_port to the client address and client port, when using proxy
# protocol.
# First set our proxy protocol proxy as trusted.
set_real_ip_from 10.31.206.11;
set_real_ip_from 172.31.17.140;
# Then tell the realip_module to get the addreses from the proxy protocol
# header.
real_ip_header proxy_protocol;

View file

@ -6,7 +6,6 @@ map $host $upstream_acme_challenge_host {
thinkcccore1.ccchh.net 10.31.242.4;
thinkcccore2.ccchh.net 10.31.242.5;
thinkcccore3.ccchh.net 10.31.242.6;
wiki.ccchh.net 10.31.206.13:31820;
zigbee2mqtt.ccchh.net 10.31.208.25:31820;
esphome.ccchh.net 10.31.208.24:31820;
proxmox-backup-server.ccchh.net 10.31.208.28;

View file

@ -17,11 +17,11 @@ events {
stream {
map $ssl_preread_server_name $first_jump {
aes.ccchh.net 212.12.48.125:443;
wiki.ccchh.net 212.12.48.125:443;
default 127.0.0.1:9443;
}
map $ssl_preread_server_name $address {
wiki.ccchh.net 10.31.206.13:8443;
default 127.0.0.1:8443;
}