diff options
Diffstat (limited to 'chaos-at-home/ch-pan.yml')
-rw-r--r-- | chaos-at-home/ch-pan.yml | 77 |
1 files changed, 76 insertions, 1 deletions
diff --git a/chaos-at-home/ch-pan.yml b/chaos-at-home/ch-pan.yml index 8e9466cd..93871234 100644 --- a/chaos-at-home/ch-pan.yml +++ b/chaos-at-home/ch-pan.yml @@ -13,6 +13,81 @@ roles: - role: network/bind - role: dyndns/server - - role: apt-repo/spreadspace + - role: acmetool/base - role: nginx/base + - role: apt-repo/spreadspace - role: monitoring/prometheus/exporter + - role: nginx/vhost + nginx_vhost: + name: captive-schaaas + content: | + server { + listen 80; + listen [::]:80; + + access_log /dev/null; + error_log /var/log/nginx/captive-schaaas_error.log; + + server_name captive.schaaas.at; + + location / { + default_type text/plain; + return 200 "success"; + } + } + - role: nginx/vhost + nginx_vhost: + name: dyn-schaaas + template: generic + hostnames: + - dyn.schaaas.at + acme: yes + extra_directives: | + access_log /var/log/nginx/dyn-schaaas_access.log; + error_log /var/log/nginx/dyn-schaaas_error.log; + + add_header X-Frame-Options DENY; + add_header X-Content-Type-Options nosniff; + add_header X-XSS-Protection "1; mode=block"; + add_header Content-Security-Policy "default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'unsafe-inline';"; + + root /var/www/dyn-schaaas; + index /index.shtml; + ssi on; + locations: + '= /raw': + extra_directives: | + types { } + default_type text/plain; + ssi_types text/plain; + + post_tasks: + - name: create web-root for dyn.schaaas.at + file: + path: /var/www/dyn-schaaas + state: directory + + - name: install content file for dyn.schaaas.at + loop: + - name: index.shtml + content: | + <html> + <head> + <title>dynamic DNS service...</title> + <meta charset="utf-8"> + </head> + <body style="background-color: #eee; font-family: sans; font-weight: bold;"> + <div style="max-width: 60%; margin-top: 100px; margin-left: auto; margin-right: auto;"> + <div style="padding: 0.3em;">You're coming from</div> + <div style="padding: 0.5em 1em; background-color: #7e7e7e; text-align: center; font-size: 2em;"><!--#echo var="REMOTE_ADDR" --></div> + </div> + </body> + </html> + - name: raw + content: | + <!--#echo var="REMOTE_ADDR" --> + loop_control: + label: "{{ item.name }}" + copy: + content: "{{ item.content }}" + dest: "/var/www/dyn-schaaas/{{ item.name }}" |