m5p3nc3r/ansible-playbooks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add apptabulous website

Browse Source 
Fixup reverse-proxy conf
The server_name is sensitive to where in the block it is defined

Signed-off-by: Matt Spencer matthew@thespencers.me.uk
This commit is contained in:
Matthew Spencer
2025-02-28 11:34:56 +00:00
parent 788a7f1e5a
commit 76da1f2b6d
2 changed files with 35 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
apptabulous/reverseproxy/conf.d/reverse_proxy.conf
View File

@@ -6,18 +6,17 @@ map $request_uri $block_uri {
/etc 1; /etc 1;
} }
# Webserver # m5p3nc3r webserver
server { server {
listen 80; listen 80;
listen [::]:80; listen [::]:80;
listen 443 ssl; listen 443 ssl;
listen [::]:443 ssl; listen [::]:443 ssl;
server_name m5p3nc3r.co.uk www.m5p3nc3r.co.uk;
ssl_certificate /etc/letsencrypt/live/apptabulous.co.uk/fullchain.pem; ssl_certificate /etc/letsencrypt/live/apptabulous.co.uk/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/apptabulous.co.uk/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/apptabulous.co.uk/privkey.pem;
server_name apptabulous.co.uk www.apptabulous.co.uk;
if ($block_uri = 1) { if ($block_uri = 1) {
return 403; return 403;
} }
@@ -27,12 +26,34 @@ server {
} }
} }
# apptabulous webserver
server {
listen 80;
listen [::]:80;
listen 443 ssl;
listen [::]:443 ssl;
server_name apptabulous.co.uk www.apptabulous.co.uk;
ssl_certificate /etc/letsencrypt/live/apptabulous.co.uk/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/apptabulous.co.uk/privkey.pem;
if ($block_uri = 1) {
return 403;
}
location / {
proxy_pass http://rpi4-2:3001;
}
}
# Container registry # Container registry
server { server {
listen 80; listen 80;
listen [::]:80; listen [::]:80;
listen 443 ssl; listen 443 ssl;
listen [::]:443 ssl; listen [::]:443 ssl;
server_name hub.apptabulous.co.uk;
ssl_certificate /etc/letsencrypt/live/apptabulous.co.uk/fullchain.pem; ssl_certificate /etc/letsencrypt/live/apptabulous.co.uk/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/apptabulous.co.uk/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/apptabulous.co.uk/privkey.pem;
@@ -43,8 +64,6 @@ server {
# required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486) # required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486)
chunked_transfer_encoding on; chunked_transfer_encoding on;
server_name hub.apptabulous.co.uk;
location / { location / {
proxy_pass http://rpi4-2:5000; proxy_pass http://rpi4-2:5000;
} }
@@ -56,12 +75,11 @@ server {
listen [::]:80; listen [::]:80;
listen 443 ssl; listen 443 ssl;
listen [::]:443 ssl; listen [::]:443 ssl;
server_name watchtower.apptabulous.co.uk;
ssl_certificate /etc/letsencrypt/live/apptabulous.co.uk/fullchain.pem; ssl_certificate /etc/letsencrypt/live/apptabulous.co.uk/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/apptabulous.co.uk/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/apptabulous.co.uk/privkey.pem;
server_name watchtower.apptabulous.co.uk;
location / { location / {
proxy_pass http://rpi4-2:8080; proxy_pass http://rpi4-2:8080;
} }

11
frontend.yaml
View File

@@ -83,7 +83,7 @@
username: "{{ secrets.GITHUB_ACTOR }}" username: "{{ secrets.GITHUB_ACTOR }}"
password: "{{ secrets.GITHUB_TOKEN }}" password: "{{ secrets.GITHUB_TOKEN }}"
- name: Start website - name: Start m5p3nc3r website
community.docker.docker_container: community.docker.docker_container:
name: website name: website
image: ghcr.io/m5p3nc3r/website:main image: ghcr.io/m5p3nc3r/website:main
@@ -94,6 +94,15 @@
- "3000:3000" - "3000:3000"
state: started state: started
- name: Start Apptabulous website
community.docker.docker_container:
name: apptabulous_website
image: ghcr.io/m5p3nc3r/apptabulous_website:main
restart_policy: always
ports:
- "3001:3000"
state: started
- name: Start watchtower - name: Start watchtower
community.docker.docker_container: community.docker.docker_container:
name: watchtower name: watchtower