diff --git a/inventories/chaosknoten/host_vars/www2.yaml b/inventories/chaosknoten/host_vars/www2.yaml deleted file mode 100644 index a8a9ce8..0000000 --- a/inventories/chaosknoten/host_vars/www2.yaml +++ /dev/null @@ -1,5 +0,0 @@ -nginx__version_spec: "" -nginx__configurations: - - name: diday.org - content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/www2/nginx/diday.org.conf') }}" - diff --git a/inventories/chaosknoten/hosts.yaml b/inventories/chaosknoten/hosts.yaml index 7bf4544..e7f0559 100644 --- a/inventories/chaosknoten/hosts.yaml +++ b/inventories/chaosknoten/hosts.yaml @@ -86,14 +86,6 @@ all: ansible_host: acmedns.hosts.hamburg.ccc.de ansible_user: chaos ansible_ssh_common_args: -J ssh://chaos@router.hamburg.ccc.de - www2: - ansible_host: www2.hosts.hamburg.ccc.de - ansible_user: chaos - ansible_ssh_common_args: -J ssh://chaos@router.hamburg.ccc.de - www3: - ansible_host: www3.hosts.hamburg.ccc.de - ansible_user: chaos - ansible_ssh_common_args: -J ssh://chaos@router.hamburg.ccc.de hypervisors: hosts: chaosknoten: @@ -121,8 +113,6 @@ base_config_hosts: renovate: spaceapiccc: mjolnir: - www2: - www3: systemd_networkd_hosts: hosts: router: @@ -168,8 +158,6 @@ nginx_hosts: ntfy: sunders: spaceapiccc: - www2: - www3: public_reverse_proxy_hosts: hosts: public-reverse-proxy: @@ -212,8 +200,6 @@ alloy_hosts: router: sunders: spaceapiccc: - www2: - www3: infrastructure_authorized_keys_hosts: hosts: ccchoir: @@ -235,8 +221,6 @@ infrastructure_authorized_keys_hosts: renovate: spaceapiccc: mjolnir: - www2: - www3: wiki_hosts: hosts: eh22-wiki: @@ -269,8 +253,6 @@ ansible_pull_hosts: ntfy: spaceapiccc: mjolnir: - # www2: - # www3: msmtp_hosts: hosts: renovate_hosts: diff --git a/resources/chaosknoten/www2/nginx/diday.org.conf b/resources/chaosknoten/www2/nginx/diday.org.conf deleted file mode 100644 index 8cc655c..0000000 --- a/resources/chaosknoten/www2/nginx/diday.org.conf +++ /dev/null @@ -1,80 +0,0 @@ -server { - listen 443 ssl; - listen [::]:443 ssl; - http2 on; - - server_name diday.org; - - # use our router as resolver - resolver 10.31.208.1; - - # configure the ngx_http_realip_module to set $remote_addr and $remote_port to the - # information passed through from public-reverse-proxy.hamburg.ccc.de via proxy-protocol - set_real_ip_from 2a00:14b0:4200:3000:125::1; - real_ip_header proxy_protocol; - - # configure tls trustchain - ssl_certificate /dev/null; - ssl_certificate_key /dev/null; - ssl_trusted_certificate /dev/null; - - # - # configure site - # - root /var/www/diday.org; - error_page 404 /404.html; - index index.html; - add_header Referrer-Policy "strict-origin-when-cross-origin" always; - - # return a redirect based on the map loaded from the webroot - if ($did_redirect_target ~ ^301:(.*)$) { - return 301 $1; - } - if ($did_redirect_target ~ ^302:(.*)$) { - return 302 $1; - } - - # deny access to the redirects config file - location = /nginx-redirects.conf { - deny all; - return 404; - } - - # dynamically redirect the user to the language they prefer - location = / { - set $lang "de"; - if ($http_accept_language ~* "^en") { - set $lang "en"; - } - return 302 /$lang/; - } - - # configure decap-cms content-type and caching rules - location = /admin/cms.js { - expires -1; - add_header Cache-Control "no-store"; - } - location = /admin/config.yml { - expires -1; - add_header Cache-Control "no-store"; - types { } - default_type text/yaml; - } - - # configure asset caching - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff2?)$ { - expires 1y; - add_header Cache-Control "public, immutable"; - } - - # we are using the Astro Image Pipeline, therefore DecapCMS can't access image previews - location /admin/src/ { - log_not_found off; - return 404; - } - - location / { - try_files $uri $uri/ =404; - } -} -