remove notes from site.yaml

ansible/inventories/production/group_vars/all.yaml

@@ -1,3 +1,4 @@
 lego_version: "4.30.1"
 olm_version: "1.4.0"
 olm_checksum: "sha256:e35431991b00a6c62fa32c91497a011bde2af9358efc2cb7f49aae5606409f94"
+static_site: false

ansible/inventories/production/host_vars/jthan.io/vars.yaml

@@ -0,0 +1,6 @@
+nginx_ssl_enabled: true
+static_site: true
+
+letsencrypt_email: "me@jthan.io"
+linode_dns_token: "{{ lookup('bitwarden.secrets.lookup', '8849d676-e53e-4aef-a7e6-b3dc014dd698') }}"
+

ansible/inventories/production/host_vars/notes.jthan.io/vars.yaml

@@ -1,4 +1,5 @@
 nginx_ssl_enabled: true
+static_site: true
 
 letsencrypt_email: "me@jthan.io"
 linode_dns_token: "{{ lookup('bitwarden.secrets.lookup', '8849d676-e53e-4aef-a7e6-b3dc014dd698') }}"

ansible/inventories/production/host_vars/pangolin.jthan.io/vars.yaml

@@ -1,4 +1,7 @@
 root_pw: "{{ lookup('bitwarden.secrets.lookup', '279ef4de-8dc7-4e55-a548-b3c400107332') }}"
+pangolin_version: "1.15.4"
+gerbil_version: "1.3.0"
+traefik_version: "3.6.8"
 pangolin_base_domain: "pangolin.jthan.io"
 pangolin_cert_email: "me@jthan.io"
 pangolin_secret_string: "{{ lookup('bitwarden.secrets.lookup', '30efc9d3-4f98-4b1b-b31b-b3c40010c343') }}"

ansible/inventories/production/host_vars/rpi0.home.jthan.io/vars.yaml

@@ -1,9 +1,15 @@
 private_domains:
   - name: jthan.io
     records:
+      - type: A
+        name: "jthan.io"
+        value: "192.168.1.17"
       - type: A
         name: "notes.jthan.io"
         value: "192.168.1.16"
+      - type: AAAA
+        name: "jthan.io"
+        value: "2602:fb57:c20:b00:be24:11ff:feac:6536"
       - type: AAAA
         name: "notes.jthan.io"
         value: "2602:fb57:c20:b00:be24:11ff:fe8b:f6db"

ansible/inventories/production/hosts.ini

@@ -22,5 +22,6 @@ irc.home.jthan.io
 [syncthing]
 syncthing.home.jthan.io
 
-[notes]
+[webservers]
 notes.jthan.io ansible_host=192.168.1.16
+jthan.io ansible_host=192.168.1.17

ansible/notes.yaml

@@ -1,8 +0,0 @@
----
-# file: notes.yaml
-- hosts: notes
-  roles:
-    - common
-    - ldap_client
-    - lego
-    - nginx

ansible/roles/nginx/tasks/templates/vhost_ssl.conf.j2

@@ -33,6 +33,7 @@ server {
   ssl_stapling_verify on;
   server_name {{ inventory_hostname }};
 
+  {% if not static_site %}
   location / {
     client_max_body_size 512M;
     proxy_pass http://localhost:3000;
@@ -43,4 +44,13 @@ server {
     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
     proxy_set_header X-Forwarded-Proto $scheme;
  }
+ {% endif %}
+ {% if static_site %}
+  root /srv/http/{{ inventory_hostname }}/html;
+  index index.html;
+  error_page 404 /404.html;
+  location / {
+    try_files $uri $uri.html $uri/ =404;
+  }
+ {% endif %}
 }

ansible/roles/pangolin/tasks/templates/docker-compose.yaml.j2

@@ -1,6 +1,6 @@
 services:
   pangolin:
-    image: fosrl/pangolin:1.15.1 # https://github.com/fosrl/pangolin/releases
+    image: fosrl/pangolin:{{ pangolin_version }} # https://github.com/fosrl/pangolin/releases
     container_name: pangolin
     restart: unless-stopped
     volumes:
@@ -12,7 +12,7 @@ services:
       retries: 15
 
   gerbil:
-    image: fosrl/gerbil:1.3.0 # https://github.com/fosrl/gerbil/releases
+    image: fosrl/gerbil:{{ gerbil_version }} # https://github.com/fosrl/gerbil/releases
     container_name: gerbil
     restart: unless-stopped
     depends_on:
@@ -38,7 +38,7 @@ services:
       - 80:80 # Port for traefik because of the network_mode
 
   traefik:
-    image: traefik:v3.4.0
+    image: traefik:v{{ traefik_version }}
     container_name: traefik
     restart: unless-stopped
     network_mode: service:gerbil # Ports appear on the gerbil service

ansible/site.yaml

@@ -8,6 +8,6 @@
 - import_playbook: ldap_server.yaml
 - import_playbook: irc.yaml
 - import_playbook: syncthing.yaml
-- import_playbook: notes.yaml
+#- import_playbook: notes.yaml
 #- import_playbook: authentik.yaml
 

ansible/webservers.yaml

@@ -3,5 +3,6 @@
 - hosts: webservers
   roles:
     - common
-    - nginx
+    - ldap_client
     - lego
+    - nginx