nginx mit redirect auf wiki

inventories/chaosknoten/host_vars/mumble.yaml

@@ -10,4 +10,4 @@ certbot__http_01_port: 80
 nginx__version_spec: ""
 nginx__configurations:
   - name: mumble.hamburg.ccc.de
-    content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/lists/nginx/mumble.hamburg.ccc.de.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/mumble/nginx/mumble.hamburg.ccc.de.conf') }}"

inventories/chaosknoten/hosts.yaml

@@ -68,6 +68,7 @@ all:
         hackertours:
         keycloak:
         lists:
+        mumble:
         onlyoffice:
         pad:
         public-reverse-proxy:

playbooks/files/chaosknoten/configs/mumble/nginx/mumble.hamburg.ccc.de.conf

@@ -0,0 +1,24 @@
+server {
+	root /var/www/html;
+    server_name mumble.hamburg.ccc.de; # managed by Certbot
+
+    listen [::]:443 ssl ipv6only=on; # managed by Certbot
+    listen 443 ssl; # managed by Certbot
+
+    ssl_certificate /etc/letsencrypt/live/mumble.hamburg.ccc.de/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/mumble.hamburg.ccc.de/privkey.pem; # managed by Certbot
+    # verify chain of trust of OCSP response using Root CA and Intermediate certs
+    ssl_trusted_certificate /etc/letsencrypt/live/mumble.hamburg.ccc.de/chain.pem;
+
+    # HSTS (ngx_http_headers_module is required) (63072000 seconds)
+    add_header Strict-Transport-Security "max-age=63072000" always;
+
+    location /static {
+        alias /opt/mailman/web/static;
+        autoindex off;
+    }
+
+    location / {
+          return 302 https://wiki.hamburg.ccc.de/infrastructure:services:mumble;
+    }
+}