mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-08-29 15:06:26 +02:00
Optimized webport and certbot_dns_api_token
This commit is contained in:
@@ -4,14 +4,14 @@ location {{location | default("/")}}
|
||||
{% include 'roles/web-app-oauth2-proxy/templates/following_directives.conf.j2'%}
|
||||
{% endif %}
|
||||
|
||||
proxy_pass http://127.0.0.1:{{http_port}}{{location | default("/")}};
|
||||
proxy_pass http://127.0.0.1:{{ http_port }}{{ location | default("/") }};
|
||||
|
||||
# headers
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Forwarded-Port 443;
|
||||
proxy_set_header X-Forwarded-Port {{ WEB_PORT }};
|
||||
proxy_set_header Accept-Encoding "";
|
||||
|
||||
{% include 'roles/srv-proxy-7-4-core/templates/headers/content_security_policy.conf.j2' %}
|
||||
|
@@ -1,4 +1,11 @@
|
||||
---
|
||||
|
||||
- name: "Validate certbot_dns_api_token"
|
||||
fail:
|
||||
msg: >
|
||||
The variable "certbot_dns_api_token" must be defined and cannot be empty!
|
||||
when: (certbot_dns_api_token | default('') | trim) == ''
|
||||
|
||||
- name: "Ensure all CAA records are present"
|
||||
community.general.cloudflare_dns:
|
||||
api_token: "{{ certbot_dns_api_token }}"
|
||||
|
@@ -1,5 +1,5 @@
|
||||
listen 443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
listen {{ WEB_PORT }} ssl http2;
|
||||
listen [::]:{{ WEB_PORT }} ssl http2;
|
||||
|
||||
ssl_protocols TLSv1.2 TLSv1.3;
|
||||
ssl_ecdh_curve X25519:P-256;
|
||||
|
@@ -36,6 +36,6 @@ mailu_dns_srv_records:
|
||||
priority: 20
|
||||
weight: 1
|
||||
autodiscover:
|
||||
port: 443
|
||||
port: "{{ WEB_PORT }}"
|
||||
priority: 20
|
||||
weight: 1
|
@@ -1,3 +1,3 @@
|
||||
{
|
||||
"m.server": "{{domains.matrix.synapse}}:443"
|
||||
"m.server": "{{domains.matrix.synapse}}:{{ WEB_PORT }}"
|
||||
}
|
Reference in New Issue
Block a user