From aca026f39bc0cf3c45546bd74f5dd2aa967013f3 Mon Sep 17 00:00:00 2001 From: Markus Katharina Brechtel Date: Sun, 23 Feb 2020 22:21:24 +0100 Subject: [PATCH] nginx and certificate config --- defaults/main.yaml | 1 + tasks/main.yaml | 18 ++++++++++++++++++ vars/main.yaml | 21 +++++++++++++++++++++ 3 files changed, 40 insertions(+) diff --git a/defaults/main.yaml b/defaults/main.yaml index ed97d53..627eeeb 100644 --- a/defaults/main.yaml +++ b/defaults/main.yaml @@ -1 +1,2 @@ --- +alerta_server_name: "{{ inventory_hostname }}" diff --git a/tasks/main.yaml b/tasks/main.yaml index 655b174..74d6037 100644 --- a/tasks/main.yaml +++ b/tasks/main.yaml @@ -81,3 +81,21 @@ content: from alerta import app dest: /opt/alerta/wsgi.py notify: restart uwsgi + +- include_role: + name: certificate + vars: + certificate_name: alerta + certificate_directory: /etc/ssl + certificate_key_usage: + - digitalSignature + - keyEncipherment + certificate_extended_key_usage: + - serverAuth + certificate_alt_names: + - "{{ alerta_server_name | regex_replace( '(.*)','DNS:\\1' ) }}" + +- include_role: + name: nginx + vars: + nginx_vhosts: "{{ alerta_nginx_vhosts }}" diff --git a/vars/main.yaml b/vars/main.yaml index e4f952e..d9d909c 100644 --- a/vars/main.yaml +++ b/vars/main.yaml @@ -15,3 +15,24 @@ alerta_uwsgi_config: alerta_webui_config: endpoint: /api + +alerta_nginx_vhosts: + - name: alerta + server_names: + - "{{ alerta_server_name }}" + custom: |- + root /opt/alerta/webui/dist; + index index.html; + + location /api { try_files $uri @api; } + location @api { + include uwsgi_params; + uwsgi_pass unix:/run/uwsgi/app/alerta/socket; + proxy_set_header Host $host:$server_port; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location /config.json { alias /opt/alerta/config.json; } + location / { + try_files $uri $uri/ /index.html; + }