diff --git a/ansible/roles/element-and-nginx/defaults/main.json b/ansible/roles/element-and-nginx/defaults/main.json new file mode 100644 index 0000000..c7db00b --- /dev/null +++ b/ansible/roles/element-and-nginx/defaults/main.json @@ -0,0 +1,4 @@ +{ + "var_element_and_nginx_domain": "element.example.org", + "var_element_and_nginx_path": "/opt/element" +} diff --git a/ansible/roles/element-with-nginx/tasks/main.json b/ansible/roles/element-and-nginx/tasks/main.json similarity index 71% rename from ansible/roles/element-with-nginx/tasks/main.json rename to ansible/roles/element-and-nginx/tasks/main.json index efaec23..25c82aa 100644 --- a/ansible/roles/element-with-nginx/tasks/main.json +++ b/ansible/roles/element-and-nginx/tasks/main.json @@ -12,7 +12,7 @@ "become": true, "ansible.builtin.template": { "src": "conf.j2", - "dest": "/etc/nginx/sites-available/{{var_element_with_nginx_domain}}" + "dest": "/etc/nginx/sites-available/{{var_element_and_nginx_domain}}" } }, { @@ -20,8 +20,8 @@ "become": true, "ansible.builtin.file": { "state": "link", - "src": "/etc/nginx/sites-available/{{var_element_with_nginx_domain}}", - "dest": "/etc/nginx/sites-enabled/{{var_element_with_nginx_domain}}" + "src": "/etc/nginx/sites-available/{{var_element_and_nginx_domain}}", + "dest": "/etc/nginx/sites-enabled/{{var_element_and_nginx_domain}}" } }, { diff --git a/ansible/roles/element-and-nginx/templates/conf.j2 b/ansible/roles/element-and-nginx/templates/conf.j2 new file mode 100644 index 0000000..bbbad4e --- /dev/null +++ b/ansible/roles/element-and-nginx/templates/conf.j2 @@ -0,0 +1,13 @@ +server { + listen 80; + listen [::]:80; + listen 443 ssl; + listen [::]:443 ssl; + + server_name {{var_element_and_nginx_domain}}; + + ssl_certificate /etc/ssl/certs/{{var_element_and_nginx_domain}}.pem; + ssl_certificate_key /etc/ssl/private/{{var_element_and_nginx_domain}}.pem; + + root {{var_element_and_nginx_path}}; +} diff --git a/ansible/roles/element-with-nginx/defaults/main.json b/ansible/roles/element-with-nginx/defaults/main.json deleted file mode 100644 index c68e4d6..0000000 --- a/ansible/roles/element-with-nginx/defaults/main.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "var_element_with_nginx_domain": "element.example.org", - "var_element_with_nginx_path": "/opt/element" -} diff --git a/ansible/roles/element-with-nginx/templates/conf.j2 b/ansible/roles/element-with-nginx/templates/conf.j2 deleted file mode 100644 index 90b65ff..0000000 --- a/ansible/roles/element-with-nginx/templates/conf.j2 +++ /dev/null @@ -1,13 +0,0 @@ -server { - listen 80; - listen [::]:80; - listen 443 ssl; - listen [::]:443 ssl; - - server_name {{var_element_with_nginx_domain}}; - - ssl_certificate /etc/ssl/certs/{{var_element_with_nginx_domain}}.pem; - ssl_certificate_key /etc/ssl/private/{{var_element_with_nginx_domain}}.pem; - - root {{var_element_with_nginx_path}}; -} diff --git a/ansible/roles/synapse-and-lighttpd/defaults/main.json b/ansible/roles/synapse-and-lighttpd/defaults/main.json new file mode 100644 index 0000000..fc3f952 --- /dev/null +++ b/ansible/roles/synapse-and-lighttpd/defaults/main.json @@ -0,0 +1,3 @@ +{ + "var_synapse_and_lighttpd_domain": "REPLACE_ME" +} diff --git a/ansible/roles/synapse-with-lighttpd/info.md b/ansible/roles/synapse-and-lighttpd/info.md similarity index 100% rename from ansible/roles/synapse-with-lighttpd/info.md rename to ansible/roles/synapse-and-lighttpd/info.md diff --git a/ansible/roles/synapse-with-lighttpd/tasks/main.json b/ansible/roles/synapse-and-lighttpd/tasks/main.json similarity index 68% rename from ansible/roles/synapse-with-lighttpd/tasks/main.json rename to ansible/roles/synapse-and-lighttpd/tasks/main.json index 34cbc47..61b5117 100644 --- a/ansible/roles/synapse-with-lighttpd/tasks/main.json +++ b/ansible/roles/synapse-and-lighttpd/tasks/main.json @@ -11,7 +11,7 @@ "become": true, "ansible.builtin.template": { "src": "conf.j2", - "dest": "/etc/lighttpd/conf-available/{{var_synapse_with_lighttpd_domain}}.conf" + "dest": "/etc/lighttpd/conf-available/{{var_synapse_and_lighttpd_domain}}.conf" } }, { @@ -19,8 +19,8 @@ "become": true, "ansible.builtin.file": { "state": "link", - "src": "/etc/lighttpd/conf-available/{{var_synapse_with_lighttpd_domain}}.conf", - "dest": "/etc/lighttpd/conf-enabled/{{var_synapse_with_lighttpd_domain}}.conf" + "src": "/etc/lighttpd/conf-available/{{var_synapse_and_lighttpd_domain}}.conf", + "dest": "/etc/lighttpd/conf-enabled/{{var_synapse_and_lighttpd_domain}}.conf" } }, { diff --git a/ansible/roles/synapse-and-lighttpd/templates/conf.j2 b/ansible/roles/synapse-and-lighttpd/templates/conf.j2 new file mode 100644 index 0000000..e7c98ec --- /dev/null +++ b/ansible/roles/synapse-and-lighttpd/templates/conf.j2 @@ -0,0 +1,29 @@ +$HTTP["host"] == "{{var_synapse_and_lighttpd_domain}}" { + server.name = "{{var_synapse_and_lighttpd_domain}}" + + ## alle Anfragen auf Port 443 + $SERVER["socket"] == ":443" { + ## mit dem SSL-Kram beglücken + # ssl.engine = "enable" + # ssl.pemfile = "/etc/ssl/certs/{{var_synapse_and_lighttpd_domain}}.pem" + # ssl.privkey = "/etc/ssl/keys/{{var_synapse_and_lighttpd_domain}}.pem" + # ssl.ca-file = "/etc/ssl/fullchains/{{var_synapse_and_lighttpd_domain}}.pem" + # ssl.use-sslv2 = "disable" + # ssl.use-sslv3 = "disable" + } + + ## alle HTTP-Anfragen + $SERVER["socket"] == ":80" { + ## auf HTTPS umleiten + # url.redirect = ("^/(.*)$" => "https://{{var_synapse_and_lighttpd_domain}}/$1") + } + + proxy.server = ( + "" => ( + "" => ( + "host" => "localhost", + "port" => 8008 + ) + ) + ) +} diff --git a/ansible/roles/synapse-and-nginx/defaults/main.json b/ansible/roles/synapse-and-nginx/defaults/main.json new file mode 100644 index 0000000..8a172d0 --- /dev/null +++ b/ansible/roles/synapse-and-nginx/defaults/main.json @@ -0,0 +1,3 @@ +{ + "var_synapse_and_nginx_domain": "REPLACE_ME" +} diff --git a/ansible/roles/synapse-with-nginx/info.md b/ansible/roles/synapse-and-nginx/info.md similarity index 100% rename from ansible/roles/synapse-with-nginx/info.md rename to ansible/roles/synapse-and-nginx/info.md diff --git a/ansible/roles/synapse-with-nginx/tasks/main.json b/ansible/roles/synapse-and-nginx/tasks/main.json similarity index 71% rename from ansible/roles/synapse-with-nginx/tasks/main.json rename to ansible/roles/synapse-and-nginx/tasks/main.json index e3a2f94..c11ccfe 100644 --- a/ansible/roles/synapse-with-nginx/tasks/main.json +++ b/ansible/roles/synapse-and-nginx/tasks/main.json @@ -12,7 +12,7 @@ "become": true, "ansible.builtin.template": { "src": "conf.j2", - "dest": "/etc/nginx/sites-available/{{var_synapse_with_nginx_domain}}" + "dest": "/etc/nginx/sites-available/{{var_synapse_and_nginx_domain}}" } }, { @@ -20,8 +20,8 @@ "become": true, "ansible.builtin.file": { "state": "link", - "src": "/etc/nginx/sites-available/{{var_synapse_with_nginx_domain}}", - "dest": "/etc/nginx/sites-enabled/{{var_synapse_with_nginx_domain}}" + "src": "/etc/nginx/sites-available/{{var_synapse_and_nginx_domain}}", + "dest": "/etc/nginx/sites-enabled/{{var_synapse_and_nginx_domain}}" } }, { diff --git a/ansible/roles/synapse-with-nginx/templates/conf.j2 b/ansible/roles/synapse-and-nginx/templates/conf.j2 similarity index 70% rename from ansible/roles/synapse-with-nginx/templates/conf.j2 rename to ansible/roles/synapse-and-nginx/templates/conf.j2 index c2a3371..74c13bd 100644 --- a/ansible/roles/synapse-with-nginx/templates/conf.j2 +++ b/ansible/roles/synapse-and-nginx/templates/conf.j2 @@ -8,10 +8,10 @@ server { listen 8448 ssl http2 default_server; listen [::]:8448 ssl http2 default_server; - server_name {{var_synapse_with_nginx_domain}}; + server_name {{var_synapse_and_nginx_domain}}; - ssl_certificate /etc/ssl/certs/{{var_synapse_with_nginx_domain}}.pem; - ssl_certificate_key /etc/ssl/private/{{var_synapse_with_nginx_domain}}.pem; + ssl_certificate /etc/ssl/certs/{{var_synapse_and_nginx_domain}}.pem; + ssl_certificate_key /etc/ssl/private/{{var_synapse_and_nginx_domain}}.pem; location ~ ^(/_matrix|/_synapse/client) { proxy_pass http://localhost:8008; diff --git a/ansible/roles/synapse-with-lighttpd/defaults/main.json b/ansible/roles/synapse-with-lighttpd/defaults/main.json deleted file mode 100644 index e5fd94b..0000000 --- a/ansible/roles/synapse-with-lighttpd/defaults/main.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "var_synapse_with_lighttpd_domain": "REPLACE_ME" -} diff --git a/ansible/roles/synapse-with-lighttpd/templates/conf.j2 b/ansible/roles/synapse-with-lighttpd/templates/conf.j2 deleted file mode 100644 index ee6a951..0000000 --- a/ansible/roles/synapse-with-lighttpd/templates/conf.j2 +++ /dev/null @@ -1,29 +0,0 @@ -$HTTP["host"] == "{{var_synapse_with_lighttpd_domain}}" { - server.name = "{{var_synapse_with_lighttpd_domain}}" - - ## alle Anfragen auf Port 443 - $SERVER["socket"] == ":443" { - ## mit dem SSL-Kram beglücken - # ssl.engine = "enable" - # ssl.pemfile = "/etc/ssl/certs/{{var_synapse_with_lighttpd_domain}}.pem" - # ssl.privkey = "/etc/ssl/keys/{{var_synapse_with_lighttpd_domain}}.pem" - # ssl.ca-file = "/etc/ssl/fullchains/{{var_synapse_with_lighttpd_domain}}.pem" - # ssl.use-sslv2 = "disable" - # ssl.use-sslv3 = "disable" - } - - ## alle HTTP-Anfragen - $SERVER["socket"] == ":80" { - ## auf HTTPS umleiten - # url.redirect = ("^/(.*)$" => "https://{{var_synapse_with_lighttpd_domain}}/$1") - } - - proxy.server = ( - "" => ( - "" => ( - "host" => "localhost", - "port" => 8008 - ) - ) - ) -} diff --git a/ansible/roles/synapse-with-nginx/defaults/main.json b/ansible/roles/synapse-with-nginx/defaults/main.json deleted file mode 100644 index 5d97e4b..0000000 --- a/ansible/roles/synapse-with-nginx/defaults/main.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "var_synapse_with_nginx_domain": "REPLACE_ME" -}