mgutzeit/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: removed ddns from nginx role

Browse source 
Soll nicht mehr im Internet stehen
This commit is contained in:
mgutzeit 2025-04-22 19:20:58 +02:00
parent 316ccb4f56
commit 901f10be6a
2 changed files with 1 additions and 52 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
group_vars/all/containers.yml
View file

@ -1,6 +1,7 @@
--- ---
no_nginx: # es wird kein nginx template nach /etc/nginx/ kopiert no_nginx: # es wird kein nginx template nach /etc/nginx/ kopiert
- jellyfin - jellyfin
- ddns
docker: docker:
containers: containers:
@ -9,7 +10,6 @@ docker:
image: qmcgaw/ddns-updater:latest image: qmcgaw/ddns-updater:latest
port: 7080 port: 7080
user: 1200 user: 1200
url: ddns.mgutzeit.de
forgejo: forgejo:
name: GIT_forgejo name: GIT_forgejo
image: codeberg.org/forgejo/forgejo:9 image: codeberg.org/forgejo/forgejo:9

51
roles/nginx/templates/ddns.j2
View file

@ -1,51 +0,0 @@
server {
server_name {{ docker.containers.ddns.url }};
index index.php;
location / {
proxy_pass http://localhost:{{ docker.containers.ddns.port }}/; # set this to the nextcloud port set in doccker-compose file
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 0;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
access_log /var/log/nginx/ddns.access.log;
error_log /var/log/nginx/ddns.error.log;
}
location = /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/{{ docker.containers.ddns.url }}/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/{{ docker.containers.ddns.url }}/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
if ($allowed_country = no) {
return 444;
}
}
server {
if ($host = {{ docker.containers.ddns.url }}) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name {{ docker.containers.ddns.url }};
return 404; # managed by Certbot
}