From df477801d4da8aa81cb53ebb3b2b180fec8ff9f2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Torma=20Krist=C3=B3f?= Date: Sun, 17 Apr 2022 14:24:18 +0200 Subject: [PATCH] add redirect to nginx --- roles/webgateway/tasks/main.yaml | 5 +++++ roles/webgateway/templates/certbot.sh | 3 +++ roles/webgateway/templates/nginx.conf | 12 ++++++++++++ roles/webgateway/vars/main.yaml | 8 +++++--- 4 files changed, 25 insertions(+), 3 deletions(-) diff --git a/roles/webgateway/tasks/main.yaml b/roles/webgateway/tasks/main.yaml index 8743b55..1d02db5 100644 --- a/roles/webgateway/tasks/main.yaml +++ b/roles/webgateway/tasks/main.yaml @@ -42,6 +42,11 @@ cmd: certbot certonly --non-interactive --agree-tos -m tormakristof@tormakristof.eu --nginx -d {{item.domain}} with_items: "{{ static }}" +- name: Generate certificate for all static sites + command: + cmd: certbot certonly --non-interactive --agree-tos -m tormakristof@tormakristof.eu --nginx -d {{item.domain}} + with_items: "{{ redirect }}" + - name: "Generate certbot script" ansible.builtin.template: src: certbot.sh diff --git a/roles/webgateway/templates/certbot.sh b/roles/webgateway/templates/certbot.sh index c00ec81..30ea66e 100644 --- a/roles/webgateway/templates/certbot.sh +++ b/roles/webgateway/templates/certbot.sh @@ -6,3 +6,6 @@ certbot renew --nginx --cert-name {{ proxysite.domain }} {% for staticsite in static %} certbot renew --nginx --cert-name {{ staticsite.domain }} {% endfor %} +{% for redirectsite in redirect %} +certbot renew --nginx --cert-name {{ redirectsite.domain }} +{% endfor %} diff --git a/roles/webgateway/templates/nginx.conf b/roles/webgateway/templates/nginx.conf index 15c96af..7075287 100644 --- a/roles/webgateway/templates/nginx.conf +++ b/roles/webgateway/templates/nginx.conf @@ -92,4 +92,16 @@ http { } {% endfor %} + + {% for redirectsite in redirect %} + server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name {{ redirectsite.domain }}; + ssl_certificate /etc/letsencrypt/live/{{ redirectsite.domain }}/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/{{ redirectsite.domain }}/privkey.pem; + return 301 {{ redisrectsite.destination }}; + } + + {% endfor %} } diff --git a/roles/webgateway/vars/main.yaml b/roles/webgateway/vars/main.yaml index 36abf6d..10387e3 100644 --- a/roles/webgateway/vars/main.yaml +++ b/roles/webgateway/vars/main.yaml @@ -10,8 +10,10 @@ proxy: - {domain: swagger.kmlabz.com, ip: swagger.stargate.internal} static: - - {domain: tormakristof.eu, directory: /var/www/tormakristof.eu, repo: "https://git.kmlabz.com/kmlabz/homepage.git"} - - {domain: tormakris.dev, directory: /var/www/tormakristof.eu, repo: "https://git.kmlabz.com/kmlabz/homepage.git"} - - {domain: torma.xyz, directory: /var/www/tormakristof.eu, repo: "https://git.kmlabz.com/kmlabz/homepage.git"} - {domain: kmlabz.com, directory: /var/www/kmlabz.com, repo: "https://git.kmlabz.com/kmlabz/homepage.git"} + +redirect: + - {domain: tormakristof.eu, destination: "https://www.tormakristof.eu"} + - {domain: tormakris.dev, destination: "https://www.tormakristof.eu"} + - {domain: torma.xyz, destination: "https://www.tormakristof.eu"} ...