{# code: language=ansible-jinja #} # THIS FILE IS MANAGED BY ANSIBLE {% for env in proxy_environments %} # BEGIN Environment: {{ env }} cloud.{{ proxy_vars[env].app01.base_domain }} { tls {{ tls_email }} { dns njalla {{ njalla_api_token }} } header { Strict-Transport-Security "max-age=31536000; includeSubDomains" -Server } {% if env == 'production' %} reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080 {% else %} @local { remote_ip {{ proxy_trusted_subnets | join(' ') }} } handle @local { reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080 } respond 403 {% endif %} } ipfs-gateway.{{ proxy_vars[env].app01.base_domain }}, *.ipfs.ipfs-gateway.{{ proxy_vars[env].app01.base_domain }}, *.ipns.ipfs-gateway.{{ proxy_vars[env].app01.base_domain }} { tls {{ tls_email }} { dns njalla {{ njalla_api_token }} } header { Strict-Transport-Security "max-age=31536000; includeSubDomains" -Server } {% if env == 'production' %} reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080 {% else %} @local { remote_ip {{ proxy_trusted_subnets | join(' ') }} } handle @local { reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080 } respond 403 {% endif %} } ipfs.local.{{ proxy_vars[env].app01.base_domain }} { tls {{ tls_email }} { dns njalla {{ njalla_api_token }} } header { Strict-Transport-Security "max-age=31536000; includeSubDomains" -Server } @local { remote_ip {{ proxy_trusted_subnets | join(' ') }} } handle @local { reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080 } respond 403 } meet.{{ proxy_vars[env].app01.base_domain }} { tls {{ tls_email }} { dns njalla {{ njalla_api_token }} } header { Strict-Transport-Security "max-age=31536000; includeSubDomains" -Server } {% if env == 'production' %} reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080 {% else %} @local { remote_ip {{ proxy_trusted_subnets | join(' ') }} } handle @local { reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080 } respond 403 {% endif %} } xmr.local.{{ proxy_vars[env].app01.base_domain }} { tls {{ tls_email }} { dns njalla {{ njalla_api_token }} } header { Strict-Transport-Security "max-age=31536000; includeSubDomains" -Server } @local { remote_ip {{ proxy_trusted_subnets | join(' ') }} } handle @local { reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080 } respond 403 } # END Environment: {{ env }} {% endfor %}