blob: 29a4ae5c439726dc0efd712c57b859ee15af5dc0 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
|
---
- name: Basic Setup
hosts: ch-pan
roles:
- role: apt-repo/base
- role: core/base
- role: core/sshd/base
- role: core/zsh
- role: core/ntp
- name: Payload Setup
hosts: ch-pan
roles:
- role: network/wireguard/base
- role: network/wireguard/p2p
- role: network/bind
- role: dyndns/server
- role: x509/acmetool/base
- role: nginx/base
- role: apt-repo/spreadspace
- role: whawty/auth/store
- role: whawty/auth/app
- role: monitoring/prometheus/exporter
- role: nginx/vhost
nginx_vhost:
name: captive-schaaas
content: |
server {
listen 80;
listen [::]:80;
access_log /dev/null;
error_log /var/log/nginx/captive-schaaas_error.log;
server_name captive.schaaas.at;
location / {
default_type text/plain;
return 200 "success";
}
}
- role: nginx/vhost
nginx_vhost:
name: dyn-schaaas
template: generic
hostnames:
- dyn.schaaas.at
tls:
certificate_provider: acmetool
logs:
access: /var/log/nginx/dyn-schaaas_access.log
error: /var/log/nginx/dyn-schaaas_error.log
extra_directives: |
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header Content-Security-Policy "default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'unsafe-inline';";
root /var/www/dyn-schaaas;
index /index.shtml;
ssi on;
locations:
'= /raw':
custom: |
types { }
default_type text/plain;
ssi_types text/plain;
post_tasks:
- name: create web-root for dyn.schaaas.at
file:
path: /var/www/dyn-schaaas
state: directory
- name: install content file for dyn.schaaas.at
loop:
- name: index.shtml
content: |
<html>
<head>
<title>dynamic DNS service...</title>
<meta charset="utf-8">
</head>
<body style="background-color: #eee; font-family: sans; font-weight: bold;">
<div style="max-width: 60%; margin-top: 100px; margin-left: auto; margin-right: auto;">
<div style="padding: 0.3em;">You're coming from</div>
<div style="padding: 0.5em 1em; background-color: #7e7e7e; text-align: center; font-size: 2em;"><!--#echo var="REMOTE_ADDR" --></div>
</div>
</body>
</html>
- name: raw
content: |
<!--#echo var="REMOTE_ADDR" -->
loop_control:
label: "{{ item.name }}"
copy:
content: "{{ item.content }}"
dest: "/var/www/dyn-schaaas/{{ item.name }}"
|
