diff options
| author | Elizabeth Hunt <me@liz.coffee> | 2025-08-18 15:21:46 -0700 |
|---|---|---|
| committer | Elizabeth Hunt <me@liz.coffee> | 2025-08-18 15:21:46 -0700 |
| commit | 9b45729da8a094f8c098216ddfabab53e566dfc5 (patch) | |
| tree | 400ff69699b009a25edd16bac149ec83551cf1d7 | |
| parent | 6bc2e3f47c674852614a50404e9fb50ff7dedfac (diff) | |
| download | mmt-infra-9b45729da8a094f8c098216ddfabab53e566dfc5.tar.gz mmt-infra-9b45729da8a094f8c098216ddfabab53e566dfc5.zip | |
| -rw-r--r-- | group_vars/host_domains.yml | 4 | ||||
| -rw-r--r-- | group_vars/kanidm.yml | 2 | ||||
| -rw-r--r-- | group_vars/mail.yml | 4 | ||||
| -rw-r--r-- | inventory | 34 | ||||
| -rw-r--r-- | playbooks/roles/common/tasks/main.yml | 2 | ||||
| -rw-r--r-- | playbooks/roles/nginx/templates/mail.mistymountainstherapy.com/http.auth.mistymountainstherapy.com.conf (renamed from playbooks/roles/nginx/templates/mail.int.mistymountainstherapy.com/http.auth.mistymountainstherapy.com.conf) | 0 | ||||
| -rw-r--r-- | playbooks/roles/nginx/templates/mail.mistymountainstherapy.com/http.mail.mistymountainstherapy.com.conf (renamed from playbooks/roles/nginx/templates/mail.int.mistymountainstherapy.com/http.mail.mistymountainstherapy.com.conf) | 0 | ||||
| -rw-r--r-- | playbooks/roles/nginx/templates/mail.mistymountainstherapy.com/https.auth.mistymountainstherapy.com.conf (renamed from playbooks/roles/nginx/templates/mail.int.mistymountainstherapy.com/https.auth.mistymountainstherapy.com.conf) | 0 | ||||
| -rw-r--r-- | playbooks/roles/nginx/templates/mail.mistymountainstherapy.com/https.mail.mistymountainstherapy.com.conf (renamed from playbooks/roles/nginx/templates/mail.int.mistymountainstherapy.com/https.mail.mistymountainstherapy.com.conf) | 0 | ||||
| -rw-r--r-- | playbooks/roles/nginx/templates/www.mistymountainstherapy.com/http.mistymountainstherapy.com.conf (renamed from playbooks/roles/nginx/templates/www.int.mistymountainstherapy.com/http.mistymountainstherapy.com.conf) | 0 | ||||
| -rw-r--r-- | playbooks/roles/nginx/templates/www.mistymountainstherapy.com/http.www.mistymountainstherapy.com.conf (renamed from playbooks/roles/nginx/templates/www.int.mistymountainstherapy.com/http.www.mistymountainstherapy.com.conf) | 0 | ||||
| -rw-r--r-- | playbooks/roles/nginx/templates/www.mistymountainstherapy.com/https.mistymountainstherapy.com.conf (renamed from playbooks/roles/nginx/templates/www.int.mistymountainstherapy.com/https.mistymountainstherapy.com.conf) | 0 | ||||
| -rw-r--r-- | playbooks/roles/nginx/templates/www.mistymountainstherapy.com/https.www.mistymountainstherapy.com.conf (renamed from playbooks/roles/nginx/templates/www.int.mistymountainstherapy.com/https.www.mistymountainstherapy.com.conf) | 0 |
13 files changed, 22 insertions, 24 deletions
diff --git a/group_vars/host_domains.yml b/group_vars/host_domains.yml index be02f26..53b0d6e 100644 --- a/group_vars/host_domains.yml +++ b/group_vars/host_domains.yml @@ -1,9 +1,9 @@ --- host_domains: - www.int.mistymountainstherapy.com: + www.mistymountainstherapy.com: - www.mistymountainstherapy.com - mistymountainstherapy.com - mail.int.mistymountainstherapy.com: + mail.mistymountainstherapy.com: - mail.mistymountainstherapy.com - auth.mistymountainstherapy.com diff --git a/group_vars/kanidm.yml b/group_vars/kanidm.yml index 6d755d4..ce6a10e 100644 --- a/group_vars/kanidm.yml +++ b/group_vars/kanidm.yml @@ -1,4 +1,4 @@ --- kanidm_domain: auth.mistymountainstherapy.com -kanidm_bind_address: "{{ lookup('community.general.dig', inventory_hostname) }}" +kanidm_bind_address: "10.212.0.2" diff --git a/group_vars/mail.yml b/group_vars/mail.yml index 8e7591b..7e57816 100644 --- a/group_vars/mail.yml +++ b/group_vars/mail.yml @@ -7,9 +7,7 @@ mail_domain: mail.mistymountainstherapy.com ldap_server: "auth.mistymountainstherapy.com" ldap_server_host: "ldaps://{{ ldap_server }}:3636" -ldap_intranet: > - {{ lookup('community.general.dig', - 'mail.int.mistymountainstherapy.com') }} +ldap_intranet: "10.212.0.2" ldap_search_base: "dc=auth,dc=mistymountainstherapy,dc=com" ldap_bind_dn: "dn=token" @@ -1,35 +1,35 @@ [docker] -www.int.mistymountainstherapy.com ansible_user=root ansible_connection=ssh -mail.int.mistymountainstherapy.com ansible_user=root ansible_connection=ssh +www.mistymountainstherapy.com ansible_user=root ansible_connection=ssh +mail.mistymountainstherapy.com ansible_user=root ansible_connection=ssh [host_domains] -www.int.mistymountainstherapy.com ansible_user=root ansible_connection=ssh -mail.int.mistymountainstherapy.com ansible_user=root ansible_connection=ssh +www.mistymountainstherapy.com ansible_user=root ansible_connection=ssh +mail.mistymountainstherapy.com ansible_user=root ansible_connection=ssh [nginx] -www.int.mistymountainstherapy.com ansible_user=root ansible_connection=ssh -mail.int.mistymountainstherapy.com ansible_user=root ansible_connection=ssh +www.mistymountainstherapy.com ansible_user=root ansible_connection=ssh +mail.mistymountainstherapy.com ansible_user=root ansible_connection=ssh [certbot] -www.int.mistymountainstherapy.com ansible_user=root ansible_connection=ssh -mail.int.mistymountainstherapy.com ansible_user=root ansible_connection=ssh +www.mistymountainstherapy.com ansible_user=root ansible_connection=ssh +mail.mistymountainstherapy.com ansible_user=root ansible_connection=ssh [kanidm] -mail.int.mistymountainstherapy.com ansible_user=root ansible_connection=ssh +mail.mistymountainstherapy.com ansible_user=root ansible_connection=ssh [mail] -mail.int.mistymountainstherapy.com ansible_user=root ansible_connection=ssh +mail.mistymountainstherapy.com ansible_user=root ansible_connection=ssh [wireguard-mesh] -www.int.mistymountainstherapy.com ansible_user=root ansible_connection=ssh -mail.int.mistymountainstherapy.com ansible_user=root ansible_connection=ssh +www.mistymountainstherapy.com ansible_user=root ansible_connection=ssh +mail.mistymountainstherapy.com ansible_user=root ansible_connection=ssh -[wireguard-endpoint] -www.int.mistymountainstherapy.com ansible_user=root ansible_connection=ssh +[wireguard-endp] +www.mistymountainstherapy.com ansible_user=root ansible_connection=ssh [borg] -www.int.mistymountainstherapy.com ansible_user=root ansible_connection=ssh -mail.int.mistymountainstherapy.com ansible_user=root ansible_connection=ssh +www.mistymountainstherapy.com ansible_user=root ansible_connection=ssh +mail.mistymountainstherapy.com ansible_user=root ansible_connection=ssh [mmt] -www.int.mistymountainstherapy.com ansible_user=root ansible_connection=ssh +www.mistymountainstherapy.com ansible_user=root ansible_connection=ssh diff --git a/playbooks/roles/common/tasks/main.yml b/playbooks/roles/common/tasks/main.yml index 4648a62..6624069 100644 --- a/playbooks/roles/common/tasks/main.yml +++ b/playbooks/roles/common/tasks/main.yml @@ -68,7 +68,7 @@ name: ufw state: present -- name: Allow ssh from rfc1918 networks +- name: Allow ssh community.general.ufw: rule: allow port: 22 diff --git a/playbooks/roles/nginx/templates/mail.int.mistymountainstherapy.com/http.auth.mistymountainstherapy.com.conf b/playbooks/roles/nginx/templates/mail.mistymountainstherapy.com/http.auth.mistymountainstherapy.com.conf index 9a767f2..9a767f2 100644 --- a/playbooks/roles/nginx/templates/mail.int.mistymountainstherapy.com/http.auth.mistymountainstherapy.com.conf +++ b/playbooks/roles/nginx/templates/mail.mistymountainstherapy.com/http.auth.mistymountainstherapy.com.conf diff --git a/playbooks/roles/nginx/templates/mail.int.mistymountainstherapy.com/http.mail.mistymountainstherapy.com.conf b/playbooks/roles/nginx/templates/mail.mistymountainstherapy.com/http.mail.mistymountainstherapy.com.conf index 8f6d782..8f6d782 100644 --- a/playbooks/roles/nginx/templates/mail.int.mistymountainstherapy.com/http.mail.mistymountainstherapy.com.conf +++ b/playbooks/roles/nginx/templates/mail.mistymountainstherapy.com/http.mail.mistymountainstherapy.com.conf diff --git a/playbooks/roles/nginx/templates/mail.int.mistymountainstherapy.com/https.auth.mistymountainstherapy.com.conf b/playbooks/roles/nginx/templates/mail.mistymountainstherapy.com/https.auth.mistymountainstherapy.com.conf index fe39586..fe39586 100644 --- a/playbooks/roles/nginx/templates/mail.int.mistymountainstherapy.com/https.auth.mistymountainstherapy.com.conf +++ b/playbooks/roles/nginx/templates/mail.mistymountainstherapy.com/https.auth.mistymountainstherapy.com.conf diff --git a/playbooks/roles/nginx/templates/mail.int.mistymountainstherapy.com/https.mail.mistymountainstherapy.com.conf b/playbooks/roles/nginx/templates/mail.mistymountainstherapy.com/https.mail.mistymountainstherapy.com.conf index 2a6a7bc..2a6a7bc 100644 --- a/playbooks/roles/nginx/templates/mail.int.mistymountainstherapy.com/https.mail.mistymountainstherapy.com.conf +++ b/playbooks/roles/nginx/templates/mail.mistymountainstherapy.com/https.mail.mistymountainstherapy.com.conf diff --git a/playbooks/roles/nginx/templates/www.int.mistymountainstherapy.com/http.mistymountainstherapy.com.conf b/playbooks/roles/nginx/templates/www.mistymountainstherapy.com/http.mistymountainstherapy.com.conf index fc6e8f6..fc6e8f6 100644 --- a/playbooks/roles/nginx/templates/www.int.mistymountainstherapy.com/http.mistymountainstherapy.com.conf +++ b/playbooks/roles/nginx/templates/www.mistymountainstherapy.com/http.mistymountainstherapy.com.conf diff --git a/playbooks/roles/nginx/templates/www.int.mistymountainstherapy.com/http.www.mistymountainstherapy.com.conf b/playbooks/roles/nginx/templates/www.mistymountainstherapy.com/http.www.mistymountainstherapy.com.conf index d165e01..d165e01 100644 --- a/playbooks/roles/nginx/templates/www.int.mistymountainstherapy.com/http.www.mistymountainstherapy.com.conf +++ b/playbooks/roles/nginx/templates/www.mistymountainstherapy.com/http.www.mistymountainstherapy.com.conf diff --git a/playbooks/roles/nginx/templates/www.int.mistymountainstherapy.com/https.mistymountainstherapy.com.conf b/playbooks/roles/nginx/templates/www.mistymountainstherapy.com/https.mistymountainstherapy.com.conf index 6cdd63f..6cdd63f 100644 --- a/playbooks/roles/nginx/templates/www.int.mistymountainstherapy.com/https.mistymountainstherapy.com.conf +++ b/playbooks/roles/nginx/templates/www.mistymountainstherapy.com/https.mistymountainstherapy.com.conf diff --git a/playbooks/roles/nginx/templates/www.int.mistymountainstherapy.com/https.www.mistymountainstherapy.com.conf b/playbooks/roles/nginx/templates/www.mistymountainstherapy.com/https.www.mistymountainstherapy.com.conf index c6ae568..c6ae568 100644 --- a/playbooks/roles/nginx/templates/www.int.mistymountainstherapy.com/https.www.mistymountainstherapy.com.conf +++ b/playbooks/roles/nginx/templates/www.mistymountainstherapy.com/https.www.mistymountainstherapy.com.conf |