128 lines
2.7 KiB
Django/Jinja
128 lines
2.7 KiB
Django/Jinja
{# code: language=ansible-jinja #}
|
|
# THIS FILE IS MANAGED BY ANSIBLE
|
|
|
|
{% for env in proxy_environments %}
|
|
# BEGIN Environment: {{ env }}
|
|
|
|
cloud.{{ proxy_vars[env].app01.base_domain }} {
|
|
tls {{ tls_email }} {
|
|
dns njalla {{ njalla_api_token }}
|
|
}
|
|
|
|
header {
|
|
Strict-Transport-Security "max-age=31536000; includeSubDomains"
|
|
-Server
|
|
}
|
|
|
|
{% if env == 'production' %}
|
|
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
|
|
{% else %}
|
|
@local {
|
|
remote_ip {{ proxy_trusted_subnets | join(' ') }}
|
|
}
|
|
|
|
handle @local {
|
|
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
|
|
}
|
|
|
|
respond 403
|
|
{% endif %}
|
|
}
|
|
|
|
ipfs-gateway.{{ proxy_vars[env].app01.base_domain }},
|
|
*.ipfs.ipfs-gateway.{{ proxy_vars[env].app01.base_domain }},
|
|
*.ipns.ipfs-gateway.{{ proxy_vars[env].app01.base_domain }} {
|
|
tls {{ tls_email }} {
|
|
dns njalla {{ njalla_api_token }}
|
|
}
|
|
|
|
header {
|
|
Strict-Transport-Security "max-age=31536000; includeSubDomains"
|
|
-Server
|
|
}
|
|
|
|
{% if env == 'production' %}
|
|
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
|
|
{% else %}
|
|
@local {
|
|
remote_ip {{ proxy_trusted_subnets | join(' ') }}
|
|
}
|
|
|
|
handle @local {
|
|
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
|
|
}
|
|
|
|
respond 403
|
|
{% endif %}
|
|
}
|
|
|
|
ipfs.local.{{ proxy_vars[env].app01.base_domain }} {
|
|
tls {{ tls_email }} {
|
|
dns njalla {{ njalla_api_token }}
|
|
}
|
|
|
|
header {
|
|
Strict-Transport-Security "max-age=31536000; includeSubDomains"
|
|
-Server
|
|
}
|
|
|
|
@local {
|
|
remote_ip {{ proxy_trusted_subnets | join(' ') }}
|
|
}
|
|
|
|
handle @local {
|
|
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
|
|
}
|
|
|
|
respond 403
|
|
}
|
|
|
|
meet.{{ proxy_vars[env].app01.base_domain }} {
|
|
tls {{ tls_email }} {
|
|
dns njalla {{ njalla_api_token }}
|
|
}
|
|
|
|
header {
|
|
Strict-Transport-Security "max-age=31536000; includeSubDomains"
|
|
-Server
|
|
}
|
|
|
|
{% if env == 'production' %}
|
|
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
|
|
{% else %}
|
|
@local {
|
|
remote_ip {{ proxy_trusted_subnets | join(' ') }}
|
|
}
|
|
|
|
handle @local {
|
|
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
|
|
}
|
|
|
|
respond 403
|
|
{% endif %}
|
|
}
|
|
|
|
xmr.local.{{ proxy_vars[env].app01.base_domain }} {
|
|
tls {{ tls_email }} {
|
|
dns njalla {{ njalla_api_token }}
|
|
}
|
|
|
|
header {
|
|
Strict-Transport-Security "max-age=31536000; includeSubDomains"
|
|
-Server
|
|
}
|
|
|
|
@local {
|
|
remote_ip {{ proxy_trusted_subnets | join(' ') }}
|
|
}
|
|
|
|
handle @local {
|
|
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
|
|
}
|
|
|
|
respond 403
|
|
}
|
|
|
|
# END Environment: {{ env }}
|
|
{% endfor %}
|