diff --git a/ansible/fail2ban.yml b/ansible/fail2ban.yml new file mode 100644 index 0000000..193d48f --- /dev/null +++ b/ansible/fail2ban.yml @@ -0,0 +1,6 @@ +--- +- hosts: plumbi + become: yes + roles: + - fail2ban + diff --git a/ansible/nginx.yml b/ansible/nginx.yml index 7b8de16..3cac957 100644 --- a/ansible/nginx.yml +++ b/ansible/nginx.yml @@ -1,5 +1,5 @@ --- -- hosts: nginx-server +- hosts: plumbi become: yes roles: - nginx diff --git a/ansible/roles/nginx/files/.index.html.swp b/ansible/roles/nginx/files/.index.html.swp new file mode 100644 index 0000000..1f84385 Binary files /dev/null and b/ansible/roles/nginx/files/.index.html.swp differ diff --git a/ansible/roles/nginx/files/nginx/index.html b/ansible/roles/nginx/files/nginx/index.html new file mode 100644 index 0000000..b0d878e --- /dev/null +++ b/ansible/roles/nginx/files/nginx/index.html @@ -0,0 +1,25 @@ + + +
+If you see this page, the nginx web server is successfully installed and +working. Further configuration is required.
+ +For online documentation and support please refer to
+nginx.org.
+Commercial support is available at
+nginx.com.
Thank you for using nginx.
+ + diff --git a/ansible/roles/nginx/files/nginx/nginx.conf b/ansible/roles/nginx/files/nginx/nginx.conf new file mode 100644 index 0000000..a9c5a2b --- /dev/null +++ b/ansible/roles/nginx/files/nginx/nginx.conf @@ -0,0 +1,55 @@ +user www-data; +worker_processes auto; +pid /run/nginx.pid; + +events { } + +http { + include mime.types; + + # Basic Server Configuration + server { + listen 80; + server_tokens off; + server_name {{ domain_name }}; + + location / { + root {{ nginx_root_dir }}; + index {{ index_files }}; + } + + # Uncomment to pass for SSL + #return 301 https://$host$request_uri; + } +} + + # Terminate SSL and route traffic +# server { +# server_name localhost; +# server_tokens off; +# + # SSL Settings +# listen 443 ssl; +# ssl_certificate /etc/letsencrypt/live/www.domain.com/fullchain.pem; +# ssl_certificate_key /etc/letsencrypt/live/www.domain.com/privkey.pem; +# include /etc/letsencrypt/options-ssl-nginx.conf; +# ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; + +# location / { +# include proxy_params; +# proxy_pass http://0.0.0.0:8080/; +# } +# } + +# Private subdomain for routing custom ssh port +# server { +# server_name sub.domain.com; +# server_tokens off; +# +# location / { +# include proxy_params; +# proxy_pass http://0.0.0.0:3333; +# } +# +#} +