2014-12-07 23:39:44 +00:00
|
|
|
- name: Set up those proxy websites. My, my..
|
2015-02-21 22:28:28 +00:00
|
|
|
hosts: proxies-stg:proxies
|
2014-12-07 23:39:44 +00:00
|
|
|
user: root
|
|
|
|
|
gather_facts: True
|
|
|
|
|
|
|
|
|
|
vars_files:
|
|
|
|
|
- /srv/web/infra/ansible/vars/global.yml
|
2015-01-09 22:59:18 +00:00
|
|
|
- "/srv/private/ansible/vars.yml"
|
2014-12-07 23:39:44 +00:00
|
|
|
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
|
|
|
|
|
|
|
|
|
|
handlers:
|
|
|
|
|
- include: "{{ handlers }}/restart_services.yml"
|
|
|
|
|
|
|
|
|
|
vars:
|
2014-12-08 00:15:30 +00:00
|
|
|
- fpo_ips:
|
|
|
|
|
# Staging
|
|
|
|
|
- "10.5.126.88"
|
2015-01-06 18:46:58 +00:00
|
|
|
|
2014-12-08 00:15:30 +00:00
|
|
|
# Production
|
|
|
|
|
- "[2001:4178:2:1269::fed1]"
|
|
|
|
|
- "66.35.62.162"
|
|
|
|
|
- "80.239.156.214"
|
|
|
|
|
- "152.19.134.142"
|
|
|
|
|
- "[2610:28:3090:3001:dead:beef:cafe:fed3]"
|
|
|
|
|
- "[2001:2030:0:2::2]"
|
2015-02-18 21:58:43 +00:00
|
|
|
- "10.5.126.51"
|
2014-12-08 00:15:30 +00:00
|
|
|
- "10.5.126.52"
|
|
|
|
|
- "85.236.55.6"
|
|
|
|
|
- "[2001:4178:2:1269::fed2]"
|
|
|
|
|
- "80.239.156.215"
|
2015-02-05 23:50:58 +00:00
|
|
|
- "140.211.169.196"
|
2014-12-08 00:15:30 +00:00
|
|
|
- "213.175.193.206"
|
|
|
|
|
- "[2001:2030:0:2::3]"
|
|
|
|
|
- "67.203.2.67"
|
|
|
|
|
- "[2607:f188::dead:beef:cafe:fed1]"
|
|
|
|
|
- "192.168.122.2"
|
2015-01-06 18:46:58 +00:00
|
|
|
|
2014-12-08 00:15:30 +00:00
|
|
|
- wildcard_fpo_ips:
|
|
|
|
|
# Staging
|
2015-01-06 18:46:58 +00:00
|
|
|
- "10.5.126.88"
|
|
|
|
|
|
2014-12-08 00:15:30 +00:00
|
|
|
# Production
|
2015-02-18 21:58:43 +00:00
|
|
|
- "10.5.126.51"
|
2014-12-08 00:15:30 +00:00
|
|
|
- "10.5.126.52"
|
|
|
|
|
- "85.236.55.6"
|
|
|
|
|
- "[2001:4178:2:1269::fed2]"
|
2015-01-21 00:13:34 +00:00
|
|
|
- "66.35.62.162"
|
2015-01-26 21:24:12 +00:00
|
|
|
- "152.19.134.142"
|
2014-12-08 00:15:30 +00:00
|
|
|
- "80.239.156.215"
|
2015-01-26 21:28:17 +00:00
|
|
|
- "[2610:28:3090:3001:dead:beef:cafe:fed3]"
|
2015-02-05 23:50:58 +00:00
|
|
|
- "140.211.169.196"
|
2014-12-08 00:15:30 +00:00
|
|
|
- "213.175.193.206"
|
|
|
|
|
- "[2001:2030:0:2::3]"
|
|
|
|
|
- "67.203.2.67"
|
|
|
|
|
- "[2607:f188::dead:beef:cafe:fed1]"
|
|
|
|
|
- "192.168.122.2"
|
|
|
|
|
|
2014-12-07 23:43:38 +00:00
|
|
|
|
2014-12-18 18:34:00 +00:00
|
|
|
pre_tasks:
|
|
|
|
|
- name: Create /srv/web/ for all the goodies.
|
2015-01-06 19:16:24 +00:00
|
|
|
file: >
|
|
|
|
|
dest=/srv/web state=directory
|
|
|
|
|
owner=root group=root mode=0755
|
2015-01-06 21:25:03 +00:00
|
|
|
tags:
|
|
|
|
|
- httpd
|
|
|
|
|
- httpd/website
|
2015-02-22 14:08:37 +00:00
|
|
|
|
|
|
|
|
- name: check the selinux context of webdir
|
|
|
|
|
command: matchpathcon /srv/web
|
|
|
|
|
register: webdir
|
|
|
|
|
always_run: yes
|
|
|
|
|
changed_when: "1 != 1"
|
|
|
|
|
tags:
|
|
|
|
|
- config
|
|
|
|
|
- selinux
|
|
|
|
|
- httpd
|
|
|
|
|
- httpd/website
|
|
|
|
|
|
|
|
|
|
- name: /srv/web file contexts
|
|
|
|
|
command: semanage fcontext -a -t httpd_sys_content_t "/srv/web(/.*)?"
|
|
|
|
|
when: webdir.stdout.find('httpd_sys_content_t') == -1
|
2014-12-18 18:34:00 +00:00
|
|
|
tags:
|
2015-02-22 14:08:37 +00:00
|
|
|
- config
|
|
|
|
|
- selinux
|
2014-12-18 18:34:00 +00:00
|
|
|
- httpd
|
|
|
|
|
- httpd/website
|
|
|
|
|
|
2014-12-07 23:39:44 +00:00
|
|
|
roles:
|
|
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: fedoraproject.org
|
2014-12-08 00:15:30 +00:00
|
|
|
ips: "{{fpo_ips}}"
|
2015-01-19 19:16:26 +00:00
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 00:27:47 +00:00
|
|
|
server_aliases: [stg.fedoraproject.org]
|
2014-12-07 23:39:44 +00:00
|
|
|
|
2014-12-08 14:07:27 +00:00
|
|
|
# This is for all the other domains we own
|
|
|
|
|
# that redirect to http://fedoraproject.org
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: fedoraproject.com
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
server_aliases:
|
|
|
|
|
- fedora.redhat.com
|
|
|
|
|
- fedora.com.my
|
|
|
|
|
- fedora.my
|
|
|
|
|
- fedora.pe
|
|
|
|
|
- fedora.pt
|
|
|
|
|
- fedora.us
|
|
|
|
|
- fedoralinux.com
|
|
|
|
|
- fedoralinux.net
|
|
|
|
|
- fedoralinux.net
|
|
|
|
|
- fedoralinux.org
|
|
|
|
|
- fedoraproject.org.uk
|
|
|
|
|
- fedoraproject.com
|
|
|
|
|
- fedoraproject.com.my
|
|
|
|
|
- fedoraproject.net
|
|
|
|
|
- projectofedora.org
|
|
|
|
|
- www.fedora.pe
|
|
|
|
|
- www.fedora.pt
|
|
|
|
|
- www.fedora.redhat.com
|
|
|
|
|
- www.fedora.us
|
|
|
|
|
- www.fedoralinux.com
|
|
|
|
|
- www.fedoralinux.net
|
|
|
|
|
- www.fedoralinux.org
|
|
|
|
|
- www.fedoraproject.com
|
|
|
|
|
- www.fedoraproject.com
|
|
|
|
|
- www.fedoraproject.net
|
|
|
|
|
- www.fedoraproject.org
|
|
|
|
|
- www.fedoraproject.org.uk
|
|
|
|
|
- www.projectofedora.org
|
|
|
|
|
|
2014-12-07 23:39:44 +00:00
|
|
|
- role: httpd/website
|
|
|
|
|
name: admin.fedoraproject.org
|
|
|
|
|
server_aliases: [admin.stg.fedoraproject.org]
|
|
|
|
|
sslonly: true
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 00:27:47 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: cloud.fedoraproject.org
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 00:27:47 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: mirrors.fedoraproject.org
|
2014-12-08 14:24:46 +00:00
|
|
|
server_aliases: [mirrors.stg.fedoraproject.org]
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 00:27:47 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: download.fedoraproject.org
|
|
|
|
|
server_aliases:
|
|
|
|
|
- download01.fedoraproject.org
|
|
|
|
|
- download02.fedoraproject.org
|
|
|
|
|
- download03.fedoraproject.org
|
|
|
|
|
- download04.fedoraproject.org
|
|
|
|
|
- download05.fedoraproject.org
|
|
|
|
|
- download06.fedoraproject.org
|
|
|
|
|
- download07.fedoraproject.org
|
|
|
|
|
- download08.fedoraproject.org
|
|
|
|
|
- download09.fedoraproject.org
|
|
|
|
|
- download10.fedoraproject.org
|
|
|
|
|
- download.stg.fedoraproject.org
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 00:27:47 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: translate.fedoraproject.org
|
|
|
|
|
server_aliases: [translate.stg.fedoraproject.org]
|
|
|
|
|
sslonly: true
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 00:27:47 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: spins.fedoraproject.org
|
|
|
|
|
server_aliases:
|
|
|
|
|
- spins.stg.fedoraproject.org
|
|
|
|
|
- spins-test.fedoraproject.org
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 00:27:47 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: boot.fedoraproject.org
|
|
|
|
|
server_aliases: [boot.stg.fedoraproject.org]
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 00:27:47 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: boot.fedoraproject.org
|
|
|
|
|
server_aliases: [boot.stg.fedoraproject.org]
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 00:27:47 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: smolts.org
|
|
|
|
|
ssl: false
|
|
|
|
|
server_aliases:
|
|
|
|
|
- smolt.fedoraproject.org
|
|
|
|
|
- stg.smolts.org
|
|
|
|
|
- www.smolts.org
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 00:27:47 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: docs.fedoraproject.org
|
|
|
|
|
server_aliases:
|
|
|
|
|
- doc.fedoraproject.org
|
|
|
|
|
- docs.stg.fedoraproject.org
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: bodhi.fedoraproject.org
|
|
|
|
|
server_aliases: [bodhi.stg.fedoraproject.org]
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: bugz.fedoraproject.org
|
|
|
|
|
server_aliases: [bugz.stg.fedoraproject.org]
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: fas.fedoraproject.org
|
|
|
|
|
server_aliases:
|
|
|
|
|
- fas.stg.fedoraproject.org
|
|
|
|
|
- accounts.fedoraproject.org
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: fedoracommunity.org
|
|
|
|
|
server_aliases:
|
|
|
|
|
- www.fedoracommunity.org
|
|
|
|
|
- stg.fedoracommunity.org
|
|
|
|
|
ssl: false
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: get.fedoraproject.org
|
|
|
|
|
server_aliases: [get.stg.fedoraproject.org]
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: help.fedoraproject.org
|
|
|
|
|
server_aliases: [help.stg.fedoraproject.org]
|
2015-01-19 19:25:44 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: it.fedoracommunity.org
|
|
|
|
|
server_aliases: [it.fedoracommunity.org]
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: uk.fedoracommunity.org
|
|
|
|
|
server_aliases:
|
|
|
|
|
- uk.fedoracommunity.org
|
|
|
|
|
- www.uk.fedoracommunity.org
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: people.fedoraproject.org
|
|
|
|
|
server_aliases: [people.fedoraproject.org]
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: join.fedoraproject.org
|
|
|
|
|
server_aliases: [join.stg.fedoraproject.org]
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: l10n.fedoraproject.org
|
|
|
|
|
server_aliases: [l10n.stg.fedoraproject.org]
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: start.fedoraproject.org
|
|
|
|
|
server_aliases: [start.stg.fedoraproject.org]
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: kde.fedoraproject.org
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: nightly.fedoraproject.org
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
2015-02-04 16:44:36 +00:00
|
|
|
- role: httpd/website
|
|
|
|
|
name: store.fedoraproject.org
|
|
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
|
|
|
|
|
2014-12-08 14:07:27 +00:00
|
|
|
- role: httpd/website
|
|
|
|
|
name: port389.org
|
|
|
|
|
server_aliases:
|
|
|
|
|
- www.port389.org
|
|
|
|
|
- 389tcp.org
|
|
|
|
|
- www.389tcp.org
|
|
|
|
|
ssl: false
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: fedoramagazine.org
|
2015-03-12 15:41:03 +00:00
|
|
|
server_aliases: [www.fedoramagazine.org stg.fedoramagazine.org]
|
2014-12-08 14:07:27 +00:00
|
|
|
cert_name: fedoramagazine.org
|
|
|
|
|
SSLCertificateChainFile: fedoramagazine.org.intermediate.cert
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: k12linux.org
|
|
|
|
|
server_aliases:
|
|
|
|
|
- www.k12linux.org
|
|
|
|
|
ssl: false
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: fonts.fedoraproject.org
|
|
|
|
|
server_aliases: [fonts.stg.fedoraproject.org]
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: meetbot.fedoraproject.org
|
|
|
|
|
server_aliases: [meetbot.stg.fedoraproject.org]
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: fudcon.fedoraproject.org
|
|
|
|
|
server_aliases: [fudcon.stg.fedoraproject.org]
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: ask.fedoraproject.org
|
|
|
|
|
server_aliases: [ask.stg.fedoraproject.org]
|
|
|
|
|
sslonly: true
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: badges.fedoraproject.org
|
|
|
|
|
server_aliases: [badges.stg.fedoraproject.org]
|
|
|
|
|
sslonly: true
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: darkserver.fedoraproject.org
|
|
|
|
|
server_aliases: [darkserver.stg.fedoraproject.org]
|
|
|
|
|
sslonly: true
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: paste.fedoraproject.org
|
|
|
|
|
server_aliases:
|
|
|
|
|
- paste.stg.fedoraproject.org
|
|
|
|
|
- fpaste.org
|
|
|
|
|
- www.fpaste.org
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: apps.fedoraproject.org
|
|
|
|
|
server_aliases: [apps.stg.fedoraproject.org]
|
|
|
|
|
sslonly: true
|
|
|
|
|
gzip: true
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
2014-12-08 14:24:46 +00:00
|
|
|
# Kinda silly that we have two entries here, one for prod and one for stg.
|
|
|
|
|
# This is inherited from our puppet setup -- we can collapse them as soon as
|
|
|
|
|
# is convenient. -- threebean
|
2014-12-08 14:07:27 +00:00
|
|
|
- role: httpd/website
|
|
|
|
|
name: taskotron.fedoraproject.org
|
2014-12-08 14:24:46 +00:00
|
|
|
server_aliases: [taskotron.fedoraproject.org]
|
|
|
|
|
sslonly: true
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:24:46 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: taskotron.stg.fedoraproject.org
|
2014-12-08 14:07:27 +00:00
|
|
|
server_aliases: [taskotron.stg.fedoraproject.org]
|
2014-12-08 14:24:46 +00:00
|
|
|
# Set this explicitly to stg here.. as per the original puppet config.
|
|
|
|
|
SSLCertificateChainFile: wildcard-2014.stg.fedoraproject.org.intermediate.cert
|
2014-12-08 14:07:27 +00:00
|
|
|
sslonly: true
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:24:46 +00:00
|
|
|
when: env == "staging"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: lists.fedoraproject.org
|
|
|
|
|
server_aliases: [lists.stg.fedoraproject.org]
|
|
|
|
|
sslonly: true
|
2014-12-08 14:24:46 +00:00
|
|
|
# Set this explicitly to stg here.. as per the original puppet config.
|
|
|
|
|
SSLCertificateChainFile: wildcard-2014.stg.fedoraproject.org.intermediate.cert
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
when: env == "staging"
|
|
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: id.fedoraproject.org
|
|
|
|
|
server_aliases:
|
|
|
|
|
- "*.id.fedoraproject.org"
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
2015-02-21 01:45:41 +01:00
|
|
|
# Must not be sslonly, because example.id.fedoraproject.org must be reachable
|
|
|
|
|
# via plain http for openid identity support
|
2015-02-13 22:58:50 +00:00
|
|
|
cert_name: wildcard-2014.id.fedoraproject.org
|
2014-12-08 14:24:46 +00:00
|
|
|
SSLCertificateChainFile: wildcard-2014.id.fedoraproject.org.intermediate.cert
|
2015-01-19 19:16:26 +00:00
|
|
|
|
2014-12-08 14:07:27 +00:00
|
|
|
- role: httpd/website
|
|
|
|
|
name: id.stg.fedoraproject.org
|
|
|
|
|
server_aliases:
|
|
|
|
|
- "*.id.stg.fedoraproject.org"
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{wildcard_fpo_ips}}"
|
2015-02-21 01:45:41 +01:00
|
|
|
# Must not be sslonly, because example.id.fedoraproject.org must be reachable
|
|
|
|
|
# via plain http for openid identity support
|
2015-01-19 19:16:26 +00:00
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:24:46 +00:00
|
|
|
SSLCertificateChainFile: wildcard-2014.stg.fedoraproject.org.intermediate.cert
|
2014-12-08 14:07:27 +00:00
|
|
|
when: env == "staging"
|
|
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: getfedora.org
|
2015-03-14 18:17:16 +00:00
|
|
|
server_aliases: [stg.getfedora.org www.getfedora.org]
|
2014-12-08 14:07:27 +00:00
|
|
|
sslonly: true
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{fpo_ips}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
cert_name: getfedora.org
|
|
|
|
|
SSLCertificateChainFile: getfedora.org.intermediate.cert
|
|
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: qa.fedoraproject.org
|
2014-12-08 14:24:46 +00:00
|
|
|
ips: "{{fpo_ips}}"
|
2015-01-19 19:16:26 +00:00
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
server_aliases: [qa.stg.fedoraproject.org]
|
|
|
|
|
sslonly: true
|
|
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: redirect.fedoraproject.org
|
|
|
|
|
server_aliases: [redirect.stg.fedoraproject.org]
|
|
|
|
|
sslonly: true
|
|
|
|
|
gzip: true
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
2014-12-08 14:07:27 +00:00
|
|
|
|
|
|
|
|
- role: httpd/website
|
|
|
|
|
name: geoip.fedoraproject.org
|
|
|
|
|
server_aliases: [geoip.stg.fedoraproject.org]
|
|
|
|
|
sslonly: true
|
2015-01-19 19:16:26 +00:00
|
|
|
ips: "{{fpo_ips}}"
|
|
|
|
|
cert_name: "{{wildcard_cert_name}}"
|
