2023-12-29 18:07:08 +00:00
|
|
|
{# code: language=ansible-jinja #}
|
2023-12-23 16:52:27 +00:00
|
|
|
# THIS FILE IS MANAGED BY ANSIBLE
|
|
|
|
|
2023-12-31 17:37:20 +00:00
|
|
|
{% for env in proxy_environments %}
|
2023-12-31 17:20:28 +00:00
|
|
|
# BEGIN Environment: {{ env }}
|
2024-09-12 19:09:49 +00:00
|
|
|
{% if 'nextcloud' in proxy_vars[env].app01.apps_include %}
|
2023-12-22 20:57:19 +00:00
|
|
|
|
2024-02-04 17:03:15 +00:00
|
|
|
cloud.{{ proxy_vars[env].app01.base_domain }} {
|
2023-12-22 20:57:19 +00:00
|
|
|
tls {{ tls_email }} {
|
|
|
|
dns njalla {{ njalla_api_token }}
|
|
|
|
}
|
|
|
|
|
|
|
|
header {
|
2024-02-10 14:30:17 +00:00
|
|
|
Strict-Transport-Security "max-age=31536000; includeSubDomains"
|
2023-12-22 20:57:19 +00:00
|
|
|
-Server
|
|
|
|
}
|
|
|
|
|
2023-12-31 17:37:20 +00:00
|
|
|
{% if env == 'production' %}
|
|
|
|
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
|
|
|
|
{% else %}
|
2023-12-22 20:57:19 +00:00
|
|
|
@local {
|
|
|
|
remote_ip {{ proxy_trusted_subnets | join(' ') }}
|
|
|
|
}
|
|
|
|
|
|
|
|
handle @local {
|
|
|
|
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
|
|
|
|
}
|
|
|
|
|
|
|
|
respond 403
|
2023-12-31 17:37:20 +00:00
|
|
|
{% endif %}
|
2023-12-22 20:57:19 +00:00
|
|
|
}
|
2024-09-12 19:09:49 +00:00
|
|
|
{% endif %}
|
|
|
|
{% if 'ipfs' in proxy_vars[env].app01.apps_include %}
|
2023-12-22 20:57:19 +00:00
|
|
|
|
2024-02-04 17:03:15 +00:00
|
|
|
ipfs-gateway.{{ proxy_vars[env].app01.base_domain }},
|
|
|
|
*.ipfs.ipfs-gateway.{{ proxy_vars[env].app01.base_domain }},
|
|
|
|
*.ipns.ipfs-gateway.{{ proxy_vars[env].app01.base_domain }} {
|
2023-12-22 20:57:19 +00:00
|
|
|
tls {{ tls_email }} {
|
|
|
|
dns njalla {{ njalla_api_token }}
|
|
|
|
}
|
|
|
|
|
|
|
|
header {
|
2024-02-10 14:30:17 +00:00
|
|
|
Strict-Transport-Security "max-age=31536000; includeSubDomains"
|
2023-12-22 20:57:19 +00:00
|
|
|
-Server
|
|
|
|
}
|
|
|
|
|
2023-12-31 17:34:36 +00:00
|
|
|
{% if env == 'production' %}
|
2023-12-22 20:57:19 +00:00
|
|
|
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
|
2023-12-31 17:34:36 +00:00
|
|
|
{% else %}
|
|
|
|
@local {
|
|
|
|
remote_ip {{ proxy_trusted_subnets | join(' ') }}
|
|
|
|
}
|
|
|
|
|
|
|
|
handle @local {
|
|
|
|
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
|
|
|
|
}
|
|
|
|
|
|
|
|
respond 403
|
|
|
|
{% endif %}
|
2023-12-22 20:57:19 +00:00
|
|
|
}
|
|
|
|
|
2024-02-04 17:03:15 +00:00
|
|
|
ipfs.local.{{ proxy_vars[env].app01.base_domain }} {
|
2023-12-22 20:57:19 +00:00
|
|
|
tls {{ tls_email }} {
|
|
|
|
dns njalla {{ njalla_api_token }}
|
|
|
|
}
|
|
|
|
|
|
|
|
header {
|
2024-02-10 14:30:17 +00:00
|
|
|
Strict-Transport-Security "max-age=31536000; includeSubDomains"
|
2023-12-22 20:57:19 +00:00
|
|
|
-Server
|
|
|
|
}
|
|
|
|
|
|
|
|
@local {
|
|
|
|
remote_ip {{ proxy_trusted_subnets | join(' ') }}
|
|
|
|
}
|
|
|
|
|
|
|
|
handle @local {
|
|
|
|
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
|
|
|
|
}
|
|
|
|
|
|
|
|
respond 403
|
|
|
|
}
|
2024-09-12 19:09:49 +00:00
|
|
|
{% endif %}
|
|
|
|
{% if 'joplin' in proxy_vars[env].app01.apps_include %}
|
2023-12-22 20:57:19 +00:00
|
|
|
|
2024-03-02 21:36:05 +00:00
|
|
|
joplin.{{ proxy_vars[env].app01.base_domain }} {
|
|
|
|
tls {{ tls_email }} {
|
|
|
|
dns njalla {{ njalla_api_token }}
|
|
|
|
}
|
|
|
|
|
|
|
|
header {
|
|
|
|
Strict-Transport-Security "max-age=31536000; includeSubDomains"
|
|
|
|
-Server
|
|
|
|
}
|
|
|
|
|
|
|
|
{% if env == 'production' %}
|
|
|
|
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
|
|
|
|
{% else %}
|
|
|
|
@local {
|
|
|
|
remote_ip {{ proxy_trusted_subnets | join(' ') }}
|
|
|
|
}
|
|
|
|
|
|
|
|
handle @local {
|
|
|
|
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
|
|
|
|
}
|
|
|
|
|
|
|
|
respond 403
|
|
|
|
{% endif %}
|
|
|
|
}
|
2024-09-12 19:09:49 +00:00
|
|
|
{% endif %}
|
|
|
|
{% if 'jitsi' in proxy_vars[env].app01.apps_include %}
|
2024-03-02 21:36:05 +00:00
|
|
|
|
2024-02-10 21:36:48 +00:00
|
|
|
meet.{{ proxy_vars[env].app01.base_domain }} {
|
|
|
|
tls {{ tls_email }} {
|
|
|
|
dns njalla {{ njalla_api_token }}
|
|
|
|
}
|
|
|
|
|
|
|
|
header {
|
|
|
|
Strict-Transport-Security "max-age=31536000; includeSubDomains"
|
|
|
|
-Server
|
|
|
|
}
|
|
|
|
|
|
|
|
{% if env == 'production' %}
|
|
|
|
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
|
|
|
|
{% else %}
|
|
|
|
@local {
|
|
|
|
remote_ip {{ proxy_trusted_subnets | join(' ') }}
|
|
|
|
}
|
|
|
|
|
|
|
|
handle @local {
|
|
|
|
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
|
|
|
|
}
|
|
|
|
|
|
|
|
respond 403
|
|
|
|
{% endif %}
|
|
|
|
}
|
2024-09-12 19:09:49 +00:00
|
|
|
{% endif %}
|
|
|
|
{% if 'monerod' in proxy_vars[env].app01.apps_include %}
|
2024-02-10 21:36:48 +00:00
|
|
|
|
2024-02-04 17:03:15 +00:00
|
|
|
xmr.local.{{ proxy_vars[env].app01.base_domain }} {
|
2023-12-27 18:26:29 +00:00
|
|
|
tls {{ tls_email }} {
|
|
|
|
dns njalla {{ njalla_api_token }}
|
|
|
|
}
|
2023-12-22 20:57:19 +00:00
|
|
|
|
|
|
|
header {
|
2024-02-10 14:30:17 +00:00
|
|
|
Strict-Transport-Security "max-age=31536000; includeSubDomains"
|
2023-12-22 20:57:19 +00:00
|
|
|
-Server
|
|
|
|
}
|
|
|
|
|
2023-12-31 17:34:36 +00:00
|
|
|
@local {
|
|
|
|
remote_ip {{ proxy_trusted_subnets | join(' ') }}
|
|
|
|
}
|
|
|
|
|
|
|
|
handle @local {
|
|
|
|
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
|
|
|
|
}
|
|
|
|
|
|
|
|
respond 403
|
2023-12-22 20:57:19 +00:00
|
|
|
}
|
2024-09-12 19:09:49 +00:00
|
|
|
{% endif %}
|
2023-12-22 20:57:19 +00:00
|
|
|
|
2023-12-31 17:20:28 +00:00
|
|
|
# END Environment: {{ env }}
|
2023-12-22 20:57:19 +00:00
|
|
|
{% endfor %}
|