services/homelab
1
1
Fork 0
Code Issues 5 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1f4769fdbe1fc94bf55c57f90dbf8779ec653706
homelab/nginx
History
ducoterra 1f4769fdbe ipv6 working
2024-06-09 18:35:56 -04:00
..
service
add ipv6 to nginx
2024-06-06 20:39:13 -04:00
stream.d
ipv6 working
2024-06-09 18:35:56 -04:00
certbot.yaml
ipv6 working
2024-06-09 18:35:56 -04:00
https.conf
ipv6 working
2024-06-09 18:35:56 -04:00
nginx.conf
ipv6 working
2024-06-09 18:35:56 -04:00
nginx.yaml
ipv6 working
2024-06-09 18:35:56 -04:00
README.md
ipv6 working
2024-06-09 18:35:56 -04:00
vars.yaml
ipv6 working
2024-06-09 18:35:56 -04:00

README.md

Nginx Ansible Configuration

Installation

Check vars.yaml to edit your servers.

# Run certbot first to ensure certs exist
ansible-playbook -i ansible/inventory.yaml nginx/certbot.yaml
ansible-playbook -i ansible/inventory.yaml nginx/nginx.yaml

Restricted Addresses

We'll use nginx basic auth to protect our internal addresses

htpasswd -c secrets/.htpasswd ducoterra

Certbot

Use certbot delete to remove unused certs.

vars.yaml

allowed_ips restricts access to the endpoint (deny all) and then allows only the list of ips provided.

Logging

You can tail all the nginx logs with tail -f /var/log/nginx/*

Reference in New Issue View Git Blame Copy Permalink