diff --git a/host_vars/bitwarden.yaml b/host_vars/bitwarden.yaml index cb31585..6bc1aeb 100644 --- a/host_vars/bitwarden.yaml +++ b/host_vars/bitwarden.yaml @@ -1,3 +1,8 @@ --- ansible_host: bitwarden.intra.tormakris.dev +webserver: + - domain: "bitwarden.tormakristof.eu" + port: 8080 + bigrequests: false + https: true ... diff --git a/host_vars/matrix.yaml b/host_vars/matrix.yaml index b5b7065..4078321 100644 --- a/host_vars/matrix.yaml +++ b/host_vars/matrix.yaml @@ -1,10 +1,12 @@ --- ansible_host: matrix.intra.tormakris.dev webserver: - - domain: "_" + - domain: "matrix.tormakristof.eu" port: 8080 bigrequests: false + https: false - domain: "chat.tormakristof.eu" port: 8181 bigrequests: false + https: false ... diff --git a/host_vars/monitoring.yaml b/host_vars/monitoring.yaml index ee32868..055f9aa 100644 --- a/host_vars/monitoring.yaml +++ b/host_vars/monitoring.yaml @@ -4,10 +4,13 @@ webserver: - domain: "prometheus.tormakristof.eu" port: 8080 bigrequests: false + https: false - domain: "grafana.tormakristof.eu" port: 8181 bigrequests: false + https: false - domain: "alertmanager.tormakristof.eu" port: 8181 bigrequests: false + https: false ... diff --git a/host_vars/nextcloud.yaml b/host_vars/nextcloud.yaml index a31ef20..fe57eca 100644 --- a/host_vars/nextcloud.yaml +++ b/host_vars/nextcloud.yaml @@ -4,4 +4,5 @@ webserver: - domain: "nextcloud.tormakristof.eu" port: 8080 bigrequests: true + https: false ... diff --git a/host_vars/nexus.yaml b/host_vars/nexus.yaml index 81943e2..eb63068 100644 --- a/host_vars/nexus.yaml +++ b/host_vars/nexus.yaml @@ -4,7 +4,9 @@ webserver: - domain: "nexus.kmlabz.com" port: 8080 bigrequests: true + https: false - domain: "registry.kmlabz.com" port: 4269 bigrequests: true + https: false ... diff --git a/roles/webserver/defaults/main.yaml b/roles/webserver/defaults/main.yaml index 8c663ae..1231c95 100644 --- a/roles/webserver/defaults/main.yaml +++ b/roles/webserver/defaults/main.yaml @@ -2,4 +2,5 @@ webserver: - domain: "_" port: 8080 bigrequests: false + https: false ... diff --git a/roles/webserver/templates/nginx.conf b/roles/webserver/templates/nginx.conf index ac52bc4..a9680c6 100644 --- a/roles/webserver/templates/nginx.conf +++ b/roles/webserver/templates/nginx.conf @@ -62,7 +62,7 @@ http { return 301 https://$host$request_uri; } - {% for server in webserver %} + {%- for server in webserver %} server { listen 443 ssl http2; listen [::]:443 ssl http2; @@ -73,9 +73,13 @@ http { client_max_body_size 8G; {%- endif %} location /{ + {%- if server.https %} + proxy_pass https://127.0.0.1:{{ server.port }}; + {%- else %} proxy_pass http://127.0.0.1:{{ server.port }}; + {%- endif %} } } - {% endfor %} + {%- endfor %} }