Role pdns-admin: make dns prefix configurable; add lets encrypt snippet to nginx template
This commit is contained in:
parent
91e8a2ff3d
commit
d194d6e936
2 changed files with 6 additions and 2 deletions
|
@ -4,3 +4,5 @@ server_type: "mesh-service"
|
||||||
magic: 67
|
magic: 67
|
||||||
|
|
||||||
nodejs_major_version: "10"
|
nodejs_major_version: "10"
|
||||||
|
|
||||||
|
http_dns_prefix: "dns-int"
|
||||||
|
|
|
@ -1,20 +1,22 @@
|
||||||
server {
|
server {
|
||||||
listen 80;
|
listen 80;
|
||||||
listen [::]:80;
|
listen [::]:80;
|
||||||
server_name dns-int.{{ http_domain_external }} dns-int.{{ http_domain_internal }};
|
server_name {{ http_dns_prefix }}.{{ http_domain_external }} {{ http_dns_prefix }}.{{ http_domain_internal }};
|
||||||
return 301 https://$http_host$request_uri;
|
return 301 https://$http_host$request_uri;
|
||||||
}
|
}
|
||||||
|
|
||||||
server {
|
server {
|
||||||
listen 443 ssl http2;
|
listen 443 ssl http2;
|
||||||
listen [::]:443 ssl http2;
|
listen [::]:443 ssl http2;
|
||||||
server_name dns-int.{{ http_domain_external }} dns-int.{{ http_domain_internal }};
|
server_name {{ http_dns_prefix }}.{{ http_domain_external }} {{ http_dns_prefix }}.{{ http_domain_internal }};
|
||||||
index index.html index.htm;
|
index index.html index.htm;
|
||||||
|
|
||||||
ssl_certificate /etc/nginx/ssl/{{ inventory_hostname_short }}.{{ http_domain_external }}/fullchain.pem;
|
ssl_certificate /etc/nginx/ssl/{{ inventory_hostname_short }}.{{ http_domain_external }}/fullchain.pem;
|
||||||
ssl_certificate_key /etc/nginx/ssl/{{ inventory_hostname_short }}.{{ http_domain_external }}/privkey.pem;
|
ssl_certificate_key /etc/nginx/ssl/{{ inventory_hostname_short }}.{{ http_domain_external }}/privkey.pem;
|
||||||
ssl_prefer_server_ciphers on;
|
ssl_prefer_server_ciphers on;
|
||||||
|
|
||||||
|
include /etc/nginx/snippets/letsencrypt-acme-challenge.conf;
|
||||||
|
|
||||||
client_max_body_size 10m;
|
client_max_body_size 10m;
|
||||||
client_body_buffer_size 128k;
|
client_body_buffer_size 128k;
|
||||||
proxy_redirect off;
|
proxy_redirect off;
|
||||||
|
|
Loading…
Reference in a new issue