Commit 86b167d3 authored by Johan Bloemberg's avatar Johan Bloemberg

Switch to as main domain

parent 714962e0
Pipeline #43139626 passed with stage
in 1 minute and 5 seconds
# provide application independent OS layer base settings
class base {
class base (
Hash[String,Hash] $files = {}
$osinfo = $::os['distro']['description']
notice("fqdn=${::fqdn}, env=${::env}, os=${osinfo}")
......@@ -25,4 +27,6 @@ class base {
# use hiera configuration (hiera.yaml) to get a list of classes to include
lookup('classes', {merge => unique}).include
create_resources(file, $files)
......@@ -55,6 +55,25 @@ apps::failmap::admin::client_ca: &failmap_ca |
# Set frontend hostname for this server
sites::vhost_webroot: {} {}
require: File[/var/www/]
content: |
<head><meta http-equiv="refresh" content="0;URL='https://%{lookup('apps::failmap::hostname')}/'" /></head>
You are being redirected to <a href="https://%{lookup('apps::failmap::hostname')}/">https://%{lookup('apps::failmap::hostname')}/</a>
require: File[/var/www/]
content: |
<head><meta http-equiv="refresh" content="0;URL='https://admin.%{lookup('apps::failmap::hostname')}/'" /></head>
You are being redirected to <a href="https://admin.%{lookup('apps::failmap::hostname')}/">https://admin.%{lookup('apps::failmap::hostname')}/</a>
# CA for validating access to monitoring frontends (Grafana)
apps::failmap::monitoring::server::client_ca: *failmap_ca
......@@ -92,4 +111,4 @@ accounts::users:
# We prefer not having secrets that need to be deployed to the server and still have to think
# of a good way to make this work for non-http TLS ports like Redis (one such solution might be
# delagating letsencrypt dns-01 TXT records and running a DNS daemon on the server).
apps::failmap::broker::tls_combined_path: /etc/
apps::failmap::broker::tls_combined_path: "/etc/{lookup('apps::failmap::hostname')}/combined.pem"
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment