Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

Rename these to be more clear

Browse source
This commit is contained in:
Kevin Fenzi 2018-10-01 23:35:05 +00:00
parent b0fac77859
commit 8df1499ee9
4 changed files with 114 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
roles/totpcgi/tasks/main.yml
View file

@ -115,8 +115,8 @@
when: env == "staging" when: env == "staging"
- name: copy staging server conf file over - name: copy staging server conf file over
copy: > template: >
src=totpcgi-httpd.conf.stg src=totpcgi-httpd.conf.stg.j2
dest=/etc/httpd/conf.d/totpcgi.conf dest=/etc/httpd/conf.d/totpcgi.conf
owner=root owner=root
group=root group=root
@ -158,7 +158,7 @@
- name: copy totpcgi httpd config - name: copy totpcgi httpd config
template: > template: >
src=totpcgi-httpd.conf src=totpcgi-httpd.conf.j2
dest=/etc/httpd/conf.d/totpcgi.conf dest=/etc/httpd/conf.d/totpcgi.conf
owner=root owner=root
group=root group=root
@ -200,7 +200,7 @@
- name: copy VPN server cert file over - name: copy VPN server cert file over
template: > template: >
src=totpcgi-httpd.conf.vpn src=totpcgi-httpd.conf.vpn.j2
dest=/etc/httpd/conf.d/totpcgi-vpn.conf dest=/etc/httpd/conf.d/totpcgi-vpn.conf
owner=root owner=root
group=root group=root

37
roles/totpcgi/templates/totpcgi-httpd.conf.j2 Normal file
View file

@ -0,0 +1,37 @@
Listen 8443
<VirtualHost 10.5.126.30:8443 10.5.126.25:8443 10.5.126.26:8443>
# Load this module locally here.
LoadModule suexec_module modules/mod_suexec.so
ServerAdmin admin@fedoraproject.org
DocumentRoot /var/www/totpcgi
ServerName fas-all.phx2.fedoraproject.org:8443
ErrorLog /var/log/httpd/totpcgi-error.log
SuexecUserGroup totpcgi totpcgi
# Use this for totp.cgi
AddHandler cgi-script .cgi
DirectoryIndex index.cgi
# Or use this for totp.fcgi:
#AddHandler fcgid-script .fcgi
#DirectoryIndex index.fcgi
SSLEngine on
SSLCertificateFile /etc/pki/totpcgi/totpcgi-server.crt
SSLCertificateKeyFile /etc/pki/totpcgi/totpcgi-server.key
SSLCACertificateFile /etc/pki/totpcgi/totpcgi-ca.crt
SSLHonorCipherOrder On
SSLCipherSuite {{ ssl_ciphers }}
SSLProtocol {{ ssl_protocols }}
SSLVerifyClient require
SSLVerifyDepth 10
CustomLog /var/log/httpd/totpcgi-ssl-request-log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
<Directory "/var/www/totpcgi">
Options ExecCGI
</Directory>
</VirtualHost>

37
roles/totpcgi/templates/totpcgi-httpd.conf.stg.j2 Normal file
View file

@ -0,0 +1,37 @@
Listen 8443
<VirtualHost *:8443>
# Load this module locally here.
LoadModule suexec_module modules/mod_suexec.so
ServerAdmin admin@fedoraproject.org
DocumentRoot /var/www/totpcgi
ServerName fas-all.stg.phx2.fedoraproject.org:8443
ErrorLog /var/log/httpd/totpcgi-error.log
SuexecUserGroup totpcgi totpcgi
# Use this for totp.cgi
AddHandler cgi-script .cgi
DirectoryIndex index.cgi
# Or use this for totp.fcgi:
#AddHandler fcgid-script .fcgi
#DirectoryIndex index.fcgi
SSLEngine on
SSLCertificateFile /etc/pki/totpcgi/totpcgi-server.crt
SSLCertificateKeyFile /etc/pki/totpcgi/totpcgi-server.key
SSLCACertificateFile /etc/pki/totpcgi/totpcgi-ca.crt
SSLHonorCipherOrder On
SSLCipherSuite {{ ssl_ciphers }}
SSLProtocol {{ ssl_protocols }}
SSLVerifyClient require
SSLVerifyDepth 10
CustomLog /var/log/httpd/totpcgi-ssl-request-log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
<Directory "/var/www/totpcgi">
Options ExecCGI
</Directory>
</VirtualHost>

36
roles/totpcgi/templates/totpcgi-httpd.conf.vpn.j2 Normal file
View file

@ -0,0 +1,36 @@
<VirtualHost 192.168.1.38:8443 192.168.1.39:8443 192.168.1.49:8443>
# Load this module locally here.
LoadModule suexec_module modules/mod_suexec.so
ServerAdmin admin@fedoraproject.org
DocumentRoot /var/www/totpcgi
ServerName fas-all.vpn.fedoraproject.org:8443
ErrorLog /var/log/httpd/totpcgi-error.log
SuexecUserGroup totpcgi totpcgi
# Use this for totp.cgi
AddHandler cgi-script .cgi
DirectoryIndex index.cgi
# Or use this for totp.fcgi:
#AddHandler fcgid-script .fcgi
#DirectoryIndex index.fcgi
SSLEngine on
SSLCertificateFile /etc/pki/totpcgi/totpcgi-server-vpn.crt
SSLCertificateKeyFile /etc/pki/totpcgi/totpcgi-server-vpn.key
SSLCACertificateFile /etc/pki/totpcgi/totpcgi-ca.crt
SSLHonorCipherOrder On
SSLCipherSuite {{ ssl_ciphers }}
SSLProtocol {{ ssl_protocols }}
SSLVerifyClient require
SSLVerifyDepth 10
CustomLog /var/log/httpd/totpcgi-ssl-request-log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
<Directory "/var/www/totpcgi">
Options ExecCGI
</Directory>
</VirtualHost>