Add lists.c3lingo.org

This commit is contained in:
Stefan Bethke 2024-06-16 16:39:19 +02:00
parent ec400ed7d6
commit f67483fa46
4 changed files with 31 additions and 1 deletions

View file

@ -5,6 +5,7 @@ certbot__version_spec: ""
certbot__acme_account_email_address: j+letsencrypt-ccchh@jsts.xyz
certbot__certificate_domains:
- "lists.hamburg.ccc.de"
- "lists.c3lingo.org"
certbot__new_cert_commands:
- "systemctl reload nginx.service"
@ -12,3 +13,5 @@ nginx__version_spec: ""
nginx__configurations:
- name: lists.hamburg.ccc.de
content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/lists/nginx/lists.hamburg.ccc.de.conf') }}"
- name: lists.c3lingo.org
content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/lists/nginx/lists.c3lingo.org.conf') }}"

View file

@ -40,6 +40,7 @@ services:
environment:
- DATABASE_TYPE=postgres
- DATABASE_URL=postgresql://mailman:wvQjbMRnwFuxGEPz@database/mailmandb
- "DJANGO_ALLOWED_HOSTS=lists.hamburg.ccc.de,lists.c3lingo.org"
- HYPERKITTY_API_KEY=ITfRjushI6FP0TLMnRpZxlfB2e17DN86
- SERVE_FROM_DOMAIN=lists.hamburg.ccc.de
- SECRET_KEY=ugfknEYBaFVc62R1jlIjnkizQaqr7tSt

View file

@ -0,0 +1,26 @@
server {
root /var/www/html;
server_name lists.c3lingo.org; # managed by Certbot
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/lists.c3lingo.org/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/lists.c3lingo.org/privkey.pem; # managed by Certbot
# verify chain of trust of OCSP response using Root CA and Intermediate certs
ssl_trusted_certificate /etc/letsencrypt/live/lists.c3lingo.org/chain.pem;
# HSTS (ngx_http_headers_module is required) (63072000 seconds)
add_header Strict-Transport-Security "max-age=63072000" always;
location /static {
alias /opt/mailman/web/static;
autoindex off;
}
location / {
uwsgi_pass localhost:8080;
include uwsgi_params;
uwsgi_read_timeout 300;
}
}

View file

@ -2,7 +2,7 @@ server {
root /var/www/html;
server_name lists.hamburg.ccc.de; # managed by Certbot
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/lists.hamburg.ccc.de/fullchain.pem; # managed by Certbot