ctucx.git: ansible-configs

configuration/lollo: add rest-server

diff --git a/configuration/lollo.yml b/configuration/lollo.yml
@@ -198,6 +198,9 @@ services:
       syncthing.lollo.ctu.cx:
         renewTasks:
           - systemctl restart nginx
+      restic.lollo.ctu.cx:
+        renewTasks:
+          - systemctl restart nginx
       home.ctu.cx:
         extraDnsNames: 
           - legacy.home.ctu.cx

@@ -714,3 +717,17 @@ services:
         enable: true
         cert: "/var/lib/acme-redirect/live/home.ctu.cx/fullchain"
         privkey: "/var/lib/acme-redirect/live/home.ctu.cx/privkey"
+
+  rest_server:
+    enable: true
+    port: 8060
+    user: leah
+    nginx:
+      enable: true
+      domain: "restic.lollo.ctu.cx"
+      password: "{{ lookup('diskcache', 'passwordstore', 'Server/lollo/rest-server.htpasswd returnall=true') }}"
+      sslOnly: true
+      ssl:
+        enable: true
+        cert: "/var/lib/acme-redirect/live/restic.lollo.ctu.cx/fullchain"
+        privkey: "/var/lib/acme-redirect/live/restic.lollo.ctu.cx/privkey"

diff --git a/playbook.yml b/playbook.yml
@@ -151,6 +151,8 @@
       tags: [ influxdb, smarthome ]
     - role: smartied
       tags: [ smartied, smarthome ]
+    - role: rest-server
+      tags: [ backup, rest-server, restic ]
 
 - hosts: stasicontainer
   name:  Install stasicontainer