ctucx.git: ansible-configs

My personal ansible roles and playbooks [deprecated in favor of nixos]

commit 8d2e009dab7b6a88ffd915b0090bca4fb388571f
parent 8829d332fb2ce0f3521b3779dd130e29c11e51b0
Author: Leah Thein <leah@toaster.fritz.box>
Date: Mon, 16 Nov 2020 17:12:07 +0100

start implement frps

3 files changed, 51 insertions(+), 0 deletions(-)
A
config-files/frps/confd
|
3
+++
A
roles/frps/tasks/main.yml
|
29
+++++++++++++++++++++++++++++
A
roles/frps/templates/oeffisearch-vhost.conf.j2
|
19
+++++++++++++++++++
diff --git a/config-files/frps/confd b/config-files/frps/confd
@@ -0,0 +1,3 @@
+# Configuration for /etc/init.d/chartsrv
+
+frps_opts="--token=foobar123 --bind_port=9000 --subdomain_host=frp.ctu.cx --vhost_http_port=8088"

diff --git a/roles/frps/tasks/main.yml b/roles/frps/tasks/main.yml
@@ -0,0 +1,29 @@
+---
+
+- name: Install frp
+  apk:
+   name: frp
+   state: present
+   update_cache: yes
+
+- copy:
+   src: config-files/frps/confd
+   dest: /etc/conf.d/frps
+
+- service:
+   name: frps
+   enabled: yes
+   state: restarted
+
+- name: copy nginx-vhost for frps to destination host 
+  template: 
+    src: frps-vhost.conf.j2
+    dest: /etc/nginx/conf.d/oeffisearch.conf
+    mode: 0644
+    owner: nginx
+    group: nginx
+
+- name: restart nginx
+  service:
+    name: nginx
+    state: restarted

diff --git a/roles/frps/templates/oeffisearch-vhost.conf.j2 b/roles/frps/templates/oeffisearch-vhost.conf.j2
@@ -0,0 +1,19 @@
+server {
+	listen 443 ssl;
+	listen [::]:443 ssl;
+
+	ssl_certificate "{{oeffisearch.ssl_cert}}";
+	ssl_certificate_key "{{oeffisearch.ssl_privkey}}";
+	include /etc/nginx/ssl.conf;
+	
+	server_name {{oeffisearch.domain}};
+
+	location / {
+		try_files $uri $uri/ @api;
+		root /usr/share/oeffisearch;
+	}
+
+	location @api {
+		proxy_pass http://127.0.0.1:8081;
+	}
+}