--- - name: Basic Setup hosts: sk-testvm roles: - role: apt-repo/base - role: core/base - role: core/sshd/base - role: core/zsh - role: core/ntp - name: Payload Setup hosts: sk-testvm vars: acme_client: uacme # acme_client: acmetool # cert_provider: "{{ acme_client }}" # cert_provider: static # cert_provider: selfsigned cert_provider: static-ca roles: - role: apt-repo/spreadspace - role: kubernetes/base - role: kubernetes/standalone/base - role: "x509/{{ cert_provider }}/base" - role: nginx/base - role: nginx/auth/sso/base - role: nginx/auth/sso/backend - role: nginx/vhost nginx_vhost: default: yes name: nosuchsite template: generic tls: certificate_provider: "{{ cert_provider }}" certificate_config: "{{ lookup('vars', (cert_provider | replace('-','_'))+'_cert_config__default', default={}) }}" hsts: no hostnames: - testvm.elev8.at locations: '/': root: /var/www/default index: index.html - role: nginx/vhost nginx_vhost: name: login template: generic tls: certificate_provider: "{{ cert_provider }}" certificate_config: "{{ lookup('vars', (cert_provider | replace('-','_'))+'_cert_config__test', default={}) }}" hsts: no hostnames: - login.spreadspace.org - login.spreadspace.com - login.spreadspace.net - login.spreadspace.systems locations: '/': proxy_pass: http://127.0.0.1:8082 - role: nginx/vhost nginx_vhost: name: test template: generic tls: certificate_provider: "{{ cert_provider }}" certificate_config: "{{ lookup('vars', (cert_provider | replace('-','_'))+'_cert_config__test', default={}) }}" hsts: no hostnames: - test.spreadspace.org - test.spreadspace.com - test.spreadspace.net - test.spreadspace.systems extra_directives: | include snippets/sso-spreadspace.conf; locations: '/': # proxy_pass: http://127.0.0.1:8080 root: /var/www/test index: index.html extra_directives: | #auth_request_set $username $upstream_http_x_username; #proxy_set_header Remote-User $username; auth_request_set $cookie $upstream_http_set_cookie; add_header Set-Cookie $cookie; # - role: apps/mumble # mumble_version: v1.4.274-4 # mumble_instance: spreadspace # mumble_hostnames: # - test.spreadspace.org # - test.spreadspace.com # - test.spreadspace.net # - test.spreadspace.systems # mumble_superuser_password: "very-secret" # mumble_config_options: # bonjour: false # sslCiphers: "ECDHE+AESGCM:DHE+AESGCM:ECDHE+AES256:DHE+AES256:ECDHE+AES128:DHE+AES128:!RSA:!ADH:!AECDH:!MD5" # welcometext: "Welcome to the spreadspace Mumble Test-Server" # rememberchannel: true # mumble_tls: # certificate_provider: "{{ cert_provider }}" # certificate_config: "{{ lookup('vars', cert_provider+'_cert_config__test', default={}) }}" # - role: apps/coturn # coturn_version: 4.6.2-r4 # coturn_realm: spreadspace # coturn_hostnames: # - test.spreadspace.org # - test.spreadspace.com # - test.spreadspace.net # - test.spreadspace.systems # coturn_auth_secret: "somewhat-secret" # coturn_tls: # certificate_provider: "{{ cert_provider }}" # certificate_config: "{{ lookup('vars', cert_provider+'_cert_config__test', default={}) }}" post_tasks: - name: make sure document root directories exist loop: - test - default file: path: "/var/www/{{ item }}" state: directory - name: install index.html for default server copy: dest: /var/www/default/index.html content: |