OpenPunk/openpunk-ansible
1
0
Fork 0
mirror of https://github.com/CPunch/openpunk-ansible.git synced 2024-11-22 15:30:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: OpenPunk:262e350f7b96c29626cfeef385c16018a2a98035
Branches Tags
OpenPunk:main
OpenPunk:rewrite
OpenPunk:v1.0.2
OpenPunk:v1.0.1
OpenPunk:v1.0.0
..
compare: OpenPunk:74e55ef1b933d1fc67520fe3412361945a662186
Branches Tags
OpenPunk:main
OpenPunk:rewrite
OpenPunk:v1.0.2
OpenPunk:v1.0.1
OpenPunk:v1.0.0

No commits in common. "262e350f7b96c29626cfeef385c16018a2a98035" and "74e55ef1b933d1fc67520fe3412361945a662186" have entirely different histories.
262e350f7b ... 74e55ef1b9

3 changed files with 6 additions and 6 deletions
Show Stats Expand all files Collapse all files

3
group_vars/all.yml
View File

@ -1,5 +1,4 @@
--- ---
domain: openpunk.com domain: openpunk.com
contact_email: openpunk@proton.me contact_email: openpunk@proton.me
onionDomain: opnpnk6eutjiqy4ndpyvwxd5pncj2g2cmz6fkocr5uh3omnn4utvspad.onion onionDomain: opnpnk6eutjiqy4ndpyvwxd5pncj2g2cmz6fkocr5uh3omnn4utvspad.onion
giteaPort: 3000

6
roles/nginx/tasks/main.yml
View File

@ -20,14 +20,13 @@
include_role: include_role:
name: geerlingguy.nginx name: geerlingguy.nginx
vars: vars:
nginx_listen_ipv6: false nginx_listen_ipv6: true
nginx_vhosts: nginx_vhosts:
- listen: "443 ssl http2" - listen: "443 ssl http2"
server_name: "{{ domain }}" server_name: "{{ domain }}"
root: "/var/www/{{ domain }}/public" root: "/var/www/{{ domain }}/public"
index: "index.html index.htm" index: "index.html index.htm"
extra_parameters: | extra_parameters: |
listen [::]:443 ssl http2;
location / { location / {
add_header Permissions-Policy interest-cohort=(); add_header Permissions-Policy interest-cohort=();
try_files $uri $uri/ =404; try_files $uri $uri/ =404;
@ -40,7 +39,6 @@
server_name: "git.{{ domain }}" server_name: "git.{{ domain }}"
client_max_body_size: "100M" client_max_body_size: "100M"
extra_parameters: | extra_parameters: |
listen [::]:443 ssl http2;
location / { location / {
add_header Permissions-Policy interest-cohort=(); add_header Permissions-Policy interest-cohort=();
proxy_pass http://localhost:{{ giteaPort }}; proxy_pass http://localhost:{{ giteaPort }};
@ -49,7 +47,7 @@
ssl_certificate_key /etc/letsencrypt/live/{{ domain }}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/{{ domain }}/privkey.pem;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5; ssl_ciphers HIGH:!aNULL:!MD5;
- listen: "127.0.0.1:2171" - listen: "2171"
server_name: "{{ onionDomain }}" server_name: "{{ onionDomain }}"
root: "/var/www/{{ domain }}/tor" root: "/var/www/{{ domain }}/tor"
index: "index.html index.htm" index: "index.html index.htm"

3
run.yml
View File

@ -1,6 +1,9 @@
--- ---
- hosts: all - hosts: all
become: yes become: yes
vars:
- giteaPort: 3000
vars_files: vars_files:
- group_vars/all.yml - group_vars/all.yml