diff --git a/playbook-swag.yml b/playbook-swag.yml index d21fed7..e09c292 100644 --- a/playbook-swag.yml +++ b/playbook-swag.yml @@ -1,19 +1,19 @@ --- -- hosts: localhost - become: yes - roles: - - role: swag/provision/delete - - role: swag/provision/create - - role: swag/provision/start +# - hosts: localhost +# become: yes +# roles: +# - role: swag/provision/delete +# - role: swag/provision/create +# - role: swag/provision/start -- hosts: mipha - become: yes - roles: - - role: swag/provision/enable-ssh +# - hosts: mipha +# become: yes +# roles: +# - role: swag/provision/enable-ssh - hosts: swag become: yes roles: - - role: swag/update - - role: swag/install-docker + # - role: swag/update + # - role: swag/install-docker - role: swag/install-app diff --git a/roles/swag/install-app/tasks/main.yml b/roles/swag/install-app/tasks/main.yml index 9ea3804..ae98e29 100644 --- a/roles/swag/install-app/tasks/main.yml +++ b/roles/swag/install-app/tasks/main.yml @@ -13,6 +13,22 @@ group: root mode: 0755 +- name: Copy authelia configuration.yml + template: + src: "authelia-configuration.yml" + dest: /data/authelia/config/configuration.yml + owner: root + group: root + mode: 0755 + +- name: Copy authelia users.yml + template: + src: "authelia-users.yml" + dest: /data/authelia/config/users_database.yml + owner: root + group: root + mode: 0755 + - name: Run docker-compose ansible.builtin.shell: args: @@ -21,29 +37,41 @@ - name: Wait for config folder to be created wait_for: - path: "/data/config/dns-conf/" + path: "/data/swag/config/dns-conf/" delay: 10 timeout: 30 state: present -- name: Copy cloudflare.ini +- name: Copy swag cloudflare.ini template: src: "cloudflare.ini" - dest: /data/config/dns-conf/cloudflare.ini + dest: /data/swag/config/dns-conf/cloudflare.ini owner: root group: root mode: 0755 -- name: Copy proxy confs +- name: Copy swag proxy confs copy: src: "{{ item }}" - dest: /data/config/nginx/proxy-confs/ + dest: /data/swag/config/nginx/proxy-confs/ owner: root group: root mode: 0755 with_fileglob: - "templates/*.conf" +- name: Uncomment authelia-server on domain root + ansible.builtin.replace: + path: /data/swag/config/nginx/site-confs/default.conf + regexp: '^(\s+)#(include \/config\/nginx\/authelia-server\.conf\;)$' + replace: '\1 \2' + +- name: Uncomment authelia-location on domain root + ansible.builtin.replace: + path: /data/swag/config/nginx/site-confs/default.conf + regexp: '^(\s+)#(include \/config\/nginx\/authelia-location\.conf\;)$' + replace: '\1 \2' + - name: Stop swag ansible.builtin.shell: args: diff --git a/roles/swag/install-app/templates/authelia-configuration.yml b/roles/swag/install-app/templates/authelia-configuration.yml new file mode 100644 index 0000000..9b0300f --- /dev/null +++ b/roles/swag/install-app/templates/authelia-configuration.yml @@ -0,0 +1,133 @@ +server: + host: 0.0.0.0 + port: 9091 + read_buffer_size: 4096 + write_buffer_size: 4096 + path: "authelia" +log: + level: debug +totp: + issuer: authelia.com +jwt_secret: TPeotFcS9PUTaT7uEU5uf84ZNa7Pqf94twnsJ6d5S5qjarGkLW +default_redirection_url: https://lino.cooking +duo_api: + hostname: api-229a51d0.duosecurity.com + integration_key: DI4O44JGTM27HCNR50BA + secret_key: wvOMDSrKcxpaj5Z9NjBgltltl0FoA4SH70HfsYkj +authentication_backend: + disable_reset_password: false + file: + path: /config/users_database.yml + password: + algorithm: argon2id + iterations: 1 + key_length: 32 + salt_length: 16 + memory: 512 + parallelism: 8 +access_control: + default_policy: deny + rules: + - domain: + - lino.cooking + - "*.lino.cooking" + policy: two_factor +session: + name: authelia_session + secret: 827zfF6B9@foFGYh^qt7kz374uvGBE5#L&45**%fUPyR3Big@J + expiration: 1h + inactivity: 5m + remember_me_duration: 1M + domain: lino.cooking +regulation: + max_retries: 3 + find_time: 2m + ban_time: 5m +storage: + local: + path: /config/db.sqlite3 + encryption_key: FY3hn3RYRB#U%9YPWxmcqHkRW&Nvr&eJ2fJ39t!4a4zSjMd$Nj +notifier: + disable_startup_check: false + smtp: + username: okulto@gmail.com + password: tcqmoqyeoknwqcqj + host: smtp.gmail.com + port: 587 + sender: okulto@gmail.com + subject: "[Authelia] {title}" +identity_providers: + oidc: + hmac_secret: UBg46dwV2PifY5CJZSeNicyo4oRKnz9A7wZ6fW7zTuxV5Vrve3 + issuer_private_key: | + -----BEGIN RSA PRIVATE KEY----- + MIIEogIBAAKCAQEAs1Hi3NZXo4VXV+zkQou6zSXa2FV5eHCn12Ndo3winp3UZUZ6fQV9+yeL6Q4FcLhVlQnoL5R97vxttKBbtdzj9cfJ9puGfPD/JwFVGntVmVZiikz3kRoAJyeX2pnbII9BQ7fa5Rr5FaSW8fxXeB4LIfnobPVYkNneodZV8J33OSdEQ4LUwlV8N/ErD3XwOrbMHM+RHm+ddY3B6Cg8NLFyIS2UpvRa2fUqzVbyQDEoHwWMuVvhGVZKnu3okXowHZGP+XQ00gv+X3o1vaMX9ZTCFFryT/xf2uw/TXkxJxzgL/YwT3FdfDKc6L8efb7dBeto6rBZBTl8ZaJyI9qiC86fcwIDAQABAoIBAFJY+GWRyQ0+3q1yDCDDKjWrfKR8HBxDH9C5wPaiuwM8V51qkDV5oDEGKCoOVlE9VY/rzMSM3IgzQ+3+9h6+IbFs3kJxiYE26vVulzZiDR0tnnMEhWwNFKTmecXZgdeh8ca3V75+dISL4QWfbEutAE/KBAKFaPacFrEbTLwCztVffhJKYrxya9suynS7P0W74d3u4kkkWlahlewefzKFyzJ94YaUR/GqDGyEwW7/EYg2qPZkhQNYtHTd4aamT3CpNG3IXJARbIG5S+XMTSfCRXT6mYVltAtsI4Wet36LkHhPbJqjSjM86N0Kw9ixmO/HkyCr8moZ9YdvMeRj4SpZugECgYEA23BrH8is5MwJYC2Mqyhnybzl2jeRm0oStXTFLEgjfcFZEqdAe+GOd+K5LDQ18uHRwhjADDTpe8wKO92YzRtz9ybrbZe/ZXZbmnk+0BNyJOqgqE+IVhODzfP8T5gB8H1pJLKnTvTgg7SJar9hMRD/zCTZmRy6FH9lKgrANk23ZlECgYEA0TJKBTb+q7hwHVPppOBEDoo7pLuIGeS+lRzKiVCLQITFgLxrwG8Pv6dfuv2vziatLkarYsaAv3cjuKQGfVoY7STDwbZNK7u/5xTS5zgnZqmF53eLo49ViL5RN95JwykX0sYp9u2bFH3xpUmvC1l+B2dCPZxzKQKkxdJrWhCcBIMCgYANnGZ4nTjkJCe8uHaOMz5ky/ux0lqMuEZ6zNhiC8NvzGta9dbRGEd+9igoLsDd5NXe5SwcVbfZvukvl2of5sEFpntZ29y6TWIXLcgQnfQpiAgZCH3bYPB++NBAm5wbL5wy84XfJt86LBuN7Hr50SUco3h/v8Fm/hPnTK1pcN6cUQKBgC5ygvrLbhoEdmgclHi2DoZH7NwzgxF0t1f2L4XzayelExD1RNtSDWYZLGkhIGKeNb9bk3v35Ogd9MFvMb2tPnGQwyIEbvfx1Lbi6bzKu/zQUNnGsitbjLsyvmewJCJ/wjlbJEAeG1ueZwOy63mSoifUpmF1liAZ5SnDAXDa1TkvAoGALMDbvRZVtaYwgUig0GQJttFCKzIJg253/7msMGs/hppLtNy+UYU/eOElMht4dV6mW/8vW6dwvz/Hnn1J49+6eXJqTRe6hOYK7f8VtfWxtDqbzDgAu9dWWuK3Fwep/CKH+E/MMK+pYQr4Zx85/fWz+g28nuhpZ1gm1qkSzP+3FFU= + -----END RSA PRIVATE KEY----- + access_token_lifespan: 24h + authorize_code_lifespan: 1m + id_token_lifespan: 1h + refresh_token_lifespan: 90m + enable_client_debug_messages: false + clients: + - id: outline-766Wu4kcFgB4CWhXWH2CF6pim5dYHB6MCVqPDGVPoPDvsvW8dL + description: Outline + secret: 766Wu4kcFgB4CWhXWH2CF6pim5dYHB6MCVqPDGVPoPDvsvW8dL + public: false + authorization_policy: two_factor + audience: [] + scopes: + - openid + - groups + - email + - profile + redirect_uris: + - https://outline.lino.cooking/auth/oidc.callback + grant_types: + - refresh_token + - authorization_code + response_types: + - code + response_modes: + - form_post + - query + - fragment + userinfo_signing_algorithm: none + - id: portainer-rivfjn52DnrP3uoR4X6f2UKaMxnueB66MiooZWjDSswe7mZA4K + description: Portainer + secret: Xc4W3JFyfQ3FyJ3b9nouoSE8z8Se8pkr4QgdM8xRagH33p33xv + public: false + authorization_policy: two_factor + scopes: + - openid + - groups + - email + - profile + redirect_uris: + - https://portainer.lino.cooking + userinfo_signing_algorithm: none + - id: gitea-BnXBBQdFvtyi2AYZfvt5ettMkmysWveLixB8fBeS7UrMoXcQfQ + description: Gitea + secret: BbAL8REu3nfqk2XSiDoJUZrVvdCSeVU5CHi8kE7DCcE5NxF87b + public: false + authorization_policy: two_factor + scopes: + - openid + - email + - profile + redirect_uris: + - https://gitea.lino.cooking/user/oauth2/authelia/callback + userinfo_signing_algorithm: none + - id: immich-Q7jwnUyPz2gAG4iJRHPw7PX2xfz7utrLWn2dUpjhs4sKMP6Tzv + description: Immich + secret: 7Rd6Vra3BpgLXR2xqtj7EUeiRvngNbBeY3yisaCHg5zzUBXRkh + public: false + authorization_policy: two_factor + scopes: + - openid + - email + - profile + redirect_uris: + - app.immich:/ + - https://immich.lino.cooking/auth/login + - https://immich.lino.cooking/user-settings + userinfo_signing_algorithm: none \ No newline at end of file diff --git a/roles/swag/install-app/templates/authelia-users.yml b/roles/swag/install-app/templates/authelia-users.yml new file mode 100644 index 0000000..f27dc40 --- /dev/null +++ b/roles/swag/install-app/templates/authelia-users.yml @@ -0,0 +1,11 @@ +users: + linosilva: + displayname: "Lino Silva" + password: "$argon2id$v=19$m=65536,t=1,p=8$eXFHQkpNOSs5MVMwMm1QNw$AG5734/n8YNArA2w13sS7HMe+NEaCsM57tV7gacy8ZQ" + email: okulto@gmail.com + groups: [] + ana: + displayname: "Ana Silva" + password: "$argon2id$v=19$m=65536,t=3,p=4$iNSytIK31g/wjNL9pfmLIA$xqeAFmKT998zd7mckQx+qBVJNeSMPRNYL8E4TcNWI+E" + email: amargarida09@gmail.com + groups: [] diff --git a/roles/swag/install-app/templates/bazarr.subdomain.conf b/roles/swag/install-app/templates/bazarr.subdomain.conf index 0c58a46..a97cc1f 100644 --- a/roles/swag/install-app/templates/bazarr.subdomain.conf +++ b/roles/swag/install-app/templates/bazarr.subdomain.conf @@ -37,7 +37,7 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app bazarr; + set $upstream_app 10.0.0.2; set $upstream_port 6767; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; @@ -47,7 +47,7 @@ server { location ~ (/bazarr)?/api { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app bazarr; + set $upstream_app 10.0.0.2; set $upstream_port 6767; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; diff --git a/roles/swag/install-app/templates/changedetection.subdomain.conf b/roles/swag/install-app/templates/changedetection.subdomain.conf index bed436f..fc1ba86 100644 --- a/roles/swag/install-app/templates/changedetection.subdomain.conf +++ b/roles/swag/install-app/templates/changedetection.subdomain.conf @@ -37,7 +37,7 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app changedetection; + set $upstream_app 10.0.0.2; set $upstream_port 5000; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; diff --git a/roles/swag/install-app/templates/cloud.subdomain.conf b/roles/swag/install-app/templates/cloud.subdomain.conf index 2ed7861..c30e7ab 100644 --- a/roles/swag/install-app/templates/cloud.subdomain.conf +++ b/roles/swag/install-app/templates/cloud.subdomain.conf @@ -27,8 +27,8 @@ server { location / { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app nextcloud; - set $upstream_port 80; + set $upstream_app 10.0.0.2; + set $upstream_port 8001; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; diff --git a/roles/swag/install-app/templates/docker-compose.yml b/roles/swag/install-app/templates/docker-compose.yml index dc12dc6..f95539b 100644 --- a/roles/swag/install-app/templates/docker-compose.yml +++ b/roles/swag/install-app/templates/docker-compose.yml @@ -19,7 +19,7 @@ services: - MAXMINDDB_LICENSE_KEY=5sfHzlxz9pXsvrlz - DOCKER_MODS=linuxserver/mods:swag-dashboard volumes: - - /data/config:/config + - /data/swag/config:/config ports: - 443:443 - 80:80 @@ -27,6 +27,19 @@ services: networks: - reverse-proxy + authelia: + image: authelia/authelia:latest + container_name: authelia + environment: + - TZ=Europe/Lisbon + ports: + - 9091:9091 + volumes: + - /data/authelia/config:/config + restart: unless-stopped + networks: + - reverse-proxy + networks: reverse-proxy: external: true \ No newline at end of file diff --git a/roles/swag/install-app/templates/gitea.subdomain.conf b/roles/swag/install-app/templates/gitea.subdomain.conf index 9a783c4..3f3f2ec 100644 --- a/roles/swag/install-app/templates/gitea.subdomain.conf +++ b/roles/swag/install-app/templates/gitea.subdomain.conf @@ -42,7 +42,7 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app gitea; + set $upstream_app 10.0.0.2; set $upstream_port 3000; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; diff --git a/roles/swag/install-app/templates/immich.subdomain.conf b/roles/swag/install-app/templates/immich.subdomain.conf index 6dd1c9d..249b2c1 100755 --- a/roles/swag/install-app/templates/immich.subdomain.conf +++ b/roles/swag/install-app/templates/immich.subdomain.conf @@ -33,7 +33,7 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app immich_proxy; + set $upstream_app 10.0.0.2; set $upstream_port 8080; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; diff --git a/roles/swag/install-app/templates/lidarr.subdomain.conf b/roles/swag/install-app/templates/lidarr.subdomain.conf index 3f94970..9ac17c5 100644 --- a/roles/swag/install-app/templates/lidarr.subdomain.conf +++ b/roles/swag/install-app/templates/lidarr.subdomain.conf @@ -37,7 +37,7 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app lidarr; + set $upstream_app 10.0.0.2; set $upstream_port 8686; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; @@ -47,7 +47,7 @@ server { location ~ (/lidarr)?/api { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app lidarr; + set $upstream_app 10.0.0.2; set $upstream_port 8686; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; diff --git a/roles/swag/install-app/templates/mealie.subdomain.conf b/roles/swag/install-app/templates/mealie.subdomain.conf index f3ff14f..9e177af 100644 --- a/roles/swag/install-app/templates/mealie.subdomain.conf +++ b/roles/swag/install-app/templates/mealie.subdomain.conf @@ -36,8 +36,8 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app mealie; - set $upstream_port 80; + set $upstream_app 10.0.0.2; + set $upstream_port 8002; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; diff --git a/roles/swag/install-app/templates/metube.subdomain.conf b/roles/swag/install-app/templates/metube.subdomain.conf index 515223b..6ef8202 100644 --- a/roles/swag/install-app/templates/metube.subdomain.conf +++ b/roles/swag/install-app/templates/metube.subdomain.conf @@ -37,7 +37,7 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app metube; + set $upstream_app 10.0.0.2; set $upstream_port 8081; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; diff --git a/roles/swag/install-app/templates/overseerr.subdomain.conf b/roles/swag/install-app/templates/overseerr.subdomain.conf index 8849e3e..74a7229 100644 --- a/roles/swag/install-app/templates/overseerr.subdomain.conf +++ b/roles/swag/install-app/templates/overseerr.subdomain.conf @@ -37,7 +37,7 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app overseerr; + set $upstream_app 10.0.0.2; set $upstream_port 5055; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; @@ -47,7 +47,7 @@ server { location ~ (/overseerr)?/api { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app overseerr; + set $upstream_app 10.0.0.2; set $upstream_port 5055; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; diff --git a/roles/swag/install-app/templates/paperless.subdomain.conf b/roles/swag/install-app/templates/paperless.subdomain.conf index fe62997..c0201be 100644 --- a/roles/swag/install-app/templates/paperless.subdomain.conf +++ b/roles/swag/install-app/templates/paperless.subdomain.conf @@ -36,8 +36,8 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app paperless-app; - set $upstream_port 8000; + set $upstream_app 10.0.0.2; + set $upstream_port 8003; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; diff --git a/roles/swag/install-app/templates/portainer.subdomain.conf b/roles/swag/install-app/templates/portainer.subdomain.conf index d72d471..f679162 100644 --- a/roles/swag/install-app/templates/portainer.subdomain.conf +++ b/roles/swag/install-app/templates/portainer.subdomain.conf @@ -37,7 +37,7 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app portainer; + set $upstream_app 10.0.0.2; set $upstream_port 9000; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; @@ -48,7 +48,7 @@ server { location ~ (/portainer)?/api { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app portainer; + set $upstream_app 10.0.0.2; set $upstream_port 9000; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; diff --git a/roles/swag/install-app/templates/prowlarr.subdomain.conf b/roles/swag/install-app/templates/prowlarr.subdomain.conf index 7fcedf0..900fa9c 100644 --- a/roles/swag/install-app/templates/prowlarr.subdomain.conf +++ b/roles/swag/install-app/templates/prowlarr.subdomain.conf @@ -37,7 +37,7 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app prowlarr; + set $upstream_app 10.0.0.2; set $upstream_port 9696; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; @@ -46,7 +46,7 @@ server { location ~ (/prowlarr)?(/[0-9]+)?/api { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app prowlarr; + set $upstream_app 10.0.0.2; set $upstream_port 9696; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; diff --git a/roles/swag/install-app/templates/radarr.subdomain.conf b/roles/swag/install-app/templates/radarr.subdomain.conf index f0853d6..bff48e4 100644 --- a/roles/swag/install-app/templates/radarr.subdomain.conf +++ b/roles/swag/install-app/templates/radarr.subdomain.conf @@ -37,7 +37,7 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app radarr; + set $upstream_app 10.0.0.2; set $upstream_port 7878; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; @@ -47,7 +47,7 @@ server { location ~ (/radarr)?/api { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app radarr; + set $upstream_app 10.0.0.2; set $upstream_port 7878; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; diff --git a/roles/swag/install-app/templates/sonarr.subdomain.conf b/roles/swag/install-app/templates/sonarr.subdomain.conf index bb81c33..6dee486 100644 --- a/roles/swag/install-app/templates/sonarr.subdomain.conf +++ b/roles/swag/install-app/templates/sonarr.subdomain.conf @@ -37,7 +37,7 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app sonarr; + set $upstream_app 10.0.0.2; set $upstream_port 8989; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; @@ -47,7 +47,7 @@ server { location ~ (/sonarr)?/api { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app sonarr; + set $upstream_app 10.0.0.2; set $upstream_port 8989; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; diff --git a/roles/swag/install-app/templates/transmission.subdomain.conf b/roles/swag/install-app/templates/transmission.subdomain.conf index 0da88e3..4bf564c 100644 --- a/roles/swag/install-app/templates/transmission.subdomain.conf +++ b/roles/swag/install-app/templates/transmission.subdomain.conf @@ -46,7 +46,7 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app transmission; + set $upstream_app 10.0.0.2; set $upstream_port 9091; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; @@ -57,7 +57,7 @@ server { location ~ (/transmission)?/rpc { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app transmission; + set $upstream_app 10.0.0.2; set $upstream_port 9091; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; diff --git a/roles/swag/install-app/templates/vaultwarden.subdomain.conf b/roles/swag/install-app/templates/vaultwarden.subdomain.conf index fbc66d4..22bb775 100644 --- a/roles/swag/install-app/templates/vaultwarden.subdomain.conf +++ b/roles/swag/install-app/templates/vaultwarden.subdomain.conf @@ -38,8 +38,8 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app vaultwarden; - set $upstream_port 80; + set $upstream_app 10.0.0.2; + set $upstream_port 8004; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; @@ -61,8 +61,8 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app vaultwarden; - set $upstream_port 80; + set $upstream_app 10.0.0.2; + set $upstream_port 8004; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; @@ -71,8 +71,8 @@ server { location ~ (/pwds)?/api { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app vaultwarden; - set $upstream_port 80; + set $upstream_app 10.0.0.2; + set $upstream_port 8004; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; @@ -81,7 +81,7 @@ server { location ~ (/pwds)?/notifications/hub { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app vaultwarden; + set $upstream_app 10.0.0.2; set $upstream_port 3012; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; @@ -91,8 +91,8 @@ server { location ~ (/pwds)?/notifications/hub/negotiate { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app vaultwarden; - set $upstream_port 80; + set $upstream_app 10.0.0.2; + set $upstream_port 8004; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port;