Make the ips and cert_name vars explicit.
This commit is contained in:
parent
76be370eac
commit
100eb6b0c6
1 changed files with 89 additions and 10 deletions
|
@ -61,13 +61,6 @@
|
|||
- "[2607:f188::dead:beef:cafe:fed1]"
|
||||
- "192.168.122.2"
|
||||
|
||||
# This is just a handy default. If 'ips' is not specified to the
|
||||
# httpd/website role below, then it will use the wildcard list, which most do.
|
||||
- ips: "{{wildcard_fpo_ips}}"
|
||||
|
||||
# This is another handy default. wildcard_cert_name is defined in group_vars
|
||||
- cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
|
||||
pre_tasks:
|
||||
- name: Create /srv/web/ for all the goodies.
|
||||
|
@ -90,12 +83,15 @@
|
|||
- role: httpd/website
|
||||
name: fedoraproject.org
|
||||
ips: "{{fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
server_aliases: [stg.fedoraproject.org]
|
||||
|
||||
# This is for all the other domains we own
|
||||
# that redirect to http://fedoraproject.org
|
||||
- role: httpd/website
|
||||
name: fedoraproject.com
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
server_aliases:
|
||||
- fedora.redhat.com
|
||||
- fedora.com.my
|
||||
|
@ -130,13 +126,19 @@
|
|||
name: admin.fedoraproject.org
|
||||
server_aliases: [admin.stg.fedoraproject.org]
|
||||
sslonly: true
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: cloud.fedoraproject.org
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: mirrors.fedoraproject.org
|
||||
server_aliases: [mirrors.stg.fedoraproject.org]
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: download.fedoraproject.org
|
||||
|
@ -152,25 +154,35 @@
|
|||
- download09.fedoraproject.org
|
||||
- download10.fedoraproject.org
|
||||
- download.stg.fedoraproject.org
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: translate.fedoraproject.org
|
||||
server_aliases: [translate.stg.fedoraproject.org]
|
||||
sslonly: true
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: spins.fedoraproject.org
|
||||
server_aliases:
|
||||
- spins.stg.fedoraproject.org
|
||||
- spins-test.fedoraproject.org
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: boot.fedoraproject.org
|
||||
server_aliases: [boot.stg.fedoraproject.org]
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: boot.fedoraproject.org
|
||||
server_aliases: [boot.stg.fedoraproject.org]
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: smolts.org
|
||||
|
@ -179,32 +191,44 @@
|
|||
- smolt.fedoraproject.org
|
||||
- stg.smolts.org
|
||||
- www.smolts.org
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: docs.fedoraproject.org
|
||||
server_aliases:
|
||||
- doc.fedoraproject.org
|
||||
- docs.stg.fedoraproject.org
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: bodhi.fedoraproject.org
|
||||
server_aliases: [bodhi.stg.fedoraproject.org]
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: bugz.fedoraproject.org
|
||||
server_aliases: [bugz.stg.fedoraproject.org]
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: fas.fedoraproject.org
|
||||
server_aliases:
|
||||
- fas.stg.fedoraproject.org
|
||||
- accounts.fedoraproject.org
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: fas.fedoraproject.org
|
||||
server_aliases:
|
||||
- fas.stg.fedoraproject.org
|
||||
- accounts.fedoraproject.org
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: fedoracommunity.org
|
||||
|
@ -212,10 +236,14 @@
|
|||
- www.fedoracommunity.org
|
||||
- stg.fedoracommunity.org
|
||||
ssl: false
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: get.fedoraproject.org
|
||||
server_aliases: [get.stg.fedoraproject.org]
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: help.fedoraproject.org
|
||||
|
@ -224,34 +252,50 @@
|
|||
- role: httpd/website
|
||||
name: it.fedoracommunity.org
|
||||
server_aliases: [it.fedoracommunity.org]
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: uk.fedoracommunity.org
|
||||
server_aliases:
|
||||
- uk.fedoracommunity.org
|
||||
- www.uk.fedoracommunity.org
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: people.fedoraproject.org
|
||||
server_aliases: [people.fedoraproject.org]
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: join.fedoraproject.org
|
||||
server_aliases: [join.stg.fedoraproject.org]
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: l10n.fedoraproject.org
|
||||
server_aliases: [l10n.stg.fedoraproject.org]
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: start.fedoraproject.org
|
||||
server_aliases: [start.stg.fedoraproject.org]
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: kde.fedoraproject.org
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: nightly.fedoraproject.org
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: port389.org
|
||||
|
@ -260,45 +304,62 @@
|
|||
- 389tcp.org
|
||||
- www.389tcp.org
|
||||
ssl: false
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: fedoramagazine.org
|
||||
server_aliases: [www.fedoramagazine.org]
|
||||
cert_name: fedoramagazine.org
|
||||
SSLCertificateChainFile: fedoramagazine.org.intermediate.cert
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: k12linux.org
|
||||
server_aliases:
|
||||
- www.k12linux.org
|
||||
ssl: false
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: fonts.fedoraproject.org
|
||||
server_aliases: [fonts.stg.fedoraproject.org]
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: meetbot.fedoraproject.org
|
||||
server_aliases: [meetbot.stg.fedoraproject.org]
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: fudcon.fedoraproject.org
|
||||
server_aliases: [fudcon.stg.fedoraproject.org]
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: ask.fedoraproject.org
|
||||
server_aliases: [ask.stg.fedoraproject.org]
|
||||
sslonly: true
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: badges.fedoraproject.org
|
||||
server_aliases: [badges.stg.fedoraproject.org]
|
||||
sslonly: true
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: darkserver.fedoraproject.org
|
||||
server_aliases: [darkserver.stg.fedoraproject.org]
|
||||
sslonly: true
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: paste.fedoraproject.org
|
||||
|
@ -306,12 +367,16 @@
|
|||
- paste.stg.fedoraproject.org
|
||||
- fpaste.org
|
||||
- www.fpaste.org
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: apps.fedoraproject.org
|
||||
server_aliases: [apps.stg.fedoraproject.org]
|
||||
sslonly: true
|
||||
gzip: true
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
# Kinda silly that we have two entries here, one for prod and one for stg.
|
||||
# This is inherited from our puppet setup -- we can collapse them as soon as
|
||||
|
@ -320,6 +385,8 @@
|
|||
name: taskotron.fedoraproject.org
|
||||
server_aliases: [taskotron.fedoraproject.org]
|
||||
sslonly: true
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: taskotron.stg.fedoraproject.org
|
||||
|
@ -327,6 +394,8 @@
|
|||
# Set this explicitly to stg here.. as per the original puppet config.
|
||||
SSLCertificateChainFile: wildcard-2014.stg.fedoraproject.org.intermediate.cert
|
||||
sslonly: true
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
when: env == "staging"
|
||||
|
||||
- role: httpd/website
|
||||
|
@ -335,34 +404,40 @@
|
|||
sslonly: true
|
||||
# Set this explicitly to stg here.. as per the original puppet config.
|
||||
SSLCertificateChainFile: wildcard-2014.stg.fedoraproject.org.intermediate.cert
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
when: env == "staging"
|
||||
|
||||
- role: httpd/website
|
||||
name: id.fedoraproject.org
|
||||
server_aliases:
|
||||
- "*.id.fedoraproject.org"
|
||||
cert_name: wildcard-2014.id.fedoraproject.org
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
SSLCertificateChainFile: wildcard-2014.id.fedoraproject.org.intermediate.cert
|
||||
|
||||
when: env == "staging"
|
||||
|
||||
- role: httpd/website
|
||||
name: id.stg.fedoraproject.org
|
||||
server_aliases:
|
||||
- "*.id.stg.fedoraproject.org"
|
||||
ips: "{{wildcard_fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
SSLCertificateChainFile: wildcard-2014.stg.fedoraproject.org.intermediate.cert
|
||||
when: env == "staging"
|
||||
|
||||
- role: httpd/website
|
||||
name: getfedora.org
|
||||
ips: "{{fpo_ips}}"
|
||||
server_aliases: [stg.getfedora.org]
|
||||
sslonly: true
|
||||
ips: "{{fpo_ips}}"
|
||||
cert_name: getfedora.org
|
||||
SSLCertificateChainFile: getfedora.org.intermediate.cert
|
||||
|
||||
- role: httpd/website
|
||||
name: qa.fedoraproject.org
|
||||
ips: "{{fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
server_aliases: [qa.stg.fedoraproject.org]
|
||||
sslonly: true
|
||||
|
||||
|
@ -371,8 +446,12 @@
|
|||
server_aliases: [redirect.stg.fedoraproject.org]
|
||||
sslonly: true
|
||||
gzip: true
|
||||
ips: "{{fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: geoip.fedoraproject.org
|
||||
server_aliases: [geoip.stg.fedoraproject.org]
|
||||
sslonly: true
|
||||
ips: "{{fpo_ips}}"
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue