packetcat
/
ansible-playbooks
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

We redirect all HTTP requests to their HTTPS equivalents.

This commit is contained in:
staticsafe 2017-05-08 21:11:58 -04:00
parent de8c801cb3
commit c80fc35887
1 changed files with 40 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
ubuntu/site.yml
View File

@ -10,14 +10,14 @@
- name: install PHP-FPM to required nodes - name: install PHP-FPM to required nodes
hosts: php hosts: php
user: root user: root
roles: roles:
- php - php
- name: Generate LE certs on required servers - name: Generate LE certs on required servers
hosts: webservers hosts: webservers
user: root user: root
roles: roles:
- letsencrypt - letsencrypt
@ -30,11 +30,14 @@
- sendfile "on" - sendfile "on"
- server_names_hash_bucket_size 512 - server_names_hash_bucket_size 512
nginx_sites: nginx_sites:
asininetech.com: asininetech.com.http:
- listen {{ ansible_default_ipv4.address }}:80 - listen {{ ansible_default_ipv4.address }}:80
- listen {{ ansible_default_ipv4.address }}:443 ssl
- listen [{{ ansible_default_ipv6.address }}]:80 - listen [{{ ansible_default_ipv6.address }}]:80
- listen [{{ ansible_default_ipv6.address }}]:443 ssl - server_name asininetech.com
- return 301 "https://$host$request_uri"
asininetech.com.https:
- listen {{ ansible_default_ipv4.address }}:443 ssl http2
- listen [{{ ansible_default_ipv6.address }}]:443 ssl http2
- server_name asininetech.com - server_name asininetech.com
- root "/srv/www/asininetech.com" - root "/srv/www/asininetech.com"
- index index.php index.html - index index.php index.html
@ -60,11 +63,14 @@
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass php; fastcgi_pass php;
} }
entropynet.net: entropynet.net.http:
- listen {{ ansible_default_ipv4.address }}:80 - listen {{ ansible_default_ipv4.address }}:80
- listen {{ ansible_default_ipv4.address }}:443 ssl
- listen [{{ ansible_default_ipv6.address }}]:80 - listen [{{ ansible_default_ipv6.address }}]:80
- listen [{{ ansible_default_ipv6.address }}]:443 ssl - server_name entropynet.net
- return 301 "https://$host$request_uri"
entropynet.net.https:
- listen {{ ansible_default_ipv4.address }}:443 ssl http2
- listen [{{ ansible_default_ipv6.address }}]:443 ssl http2
- server_name entropynet.net - server_name entropynet.net
- root "/srv/www/entropynet.net" - root "/srv/www/entropynet.net"
- index index.html - index index.html
@ -75,11 +81,14 @@
- ssl_stapling on - ssl_stapling on
- resolver 8.8.8.8 valid=300s - resolver 8.8.8.8 valid=300s
- add_header Strict-Transport-Security max-age=31536000 - add_header Strict-Transport-Security max-age=31536000
i.asininetech.com: i.asininetech.com.http:
- listen {{ ansible_default_ipv4.address }}:80 - listen {{ ansible_default_ipv4.address }}:80
- listen {{ ansible_default_ipv4.address }}:443 ssl
- listen [{{ ansible_default_ipv6.address }}]:80 - listen [{{ ansible_default_ipv6.address }}]:80
- listen [{{ ansible_default_ipv6.address }}]:443 ssl - server_name i.asininetech.com
- return 301 "https://$host$request_uri"
i.asininetech.com.https:
- listen {{ ansible_default_ipv4.address }}:443 ssl http2
- listen [{{ ansible_default_ipv6.address }}]:443 ssl http2
- server_name i.asininetech.com - server_name i.asininetech.com
- root "/home/tenshi/public_html" - root "/home/tenshi/public_html"
- index index.html - index index.html
@ -107,7 +116,7 @@
- ssl_stapling on - ssl_stapling on
- resolver 8.8.8.8 valid=300s - resolver 8.8.8.8 valid=300s
- add_header Strict-Transport-Security max-age=31536000 - add_header Strict-Transport-Security max-age=31536000
- return 301 "$scheme://sadiqsaif.com$request_uri" - return 301 "https://sadiqsaif.com$request_uri"
staticsafe.ca: staticsafe.ca:
- listen {{ ansible_default_ipv4.address }}:80 - listen {{ ansible_default_ipv4.address }}:80
- listen {{ ansible_default_ipv4.address }}:443 ssl - listen {{ ansible_default_ipv4.address }}:443 ssl
@ -121,12 +130,15 @@
- ssl_stapling on - ssl_stapling on
- resolver 8.8.8.8 valid=300s - resolver 8.8.8.8 valid=300s
- add_header Strict-Transport-Security max-age=31536000 - add_header Strict-Transport-Security max-age=31536000
- return 301 "$scheme://sadiqsaif.com$request_uri" - return 301 "https://sadiqsaif.com$request_uri"
twoshadesofbrown.com: twoshadesofbrown.com.http:
- listen {{ ansible_default_ipv4.address }}:80 - listen {{ ansible_default_ipv4.address }}:80
- listen {{ ansible_default_ipv4.address }}:443 ssl
- listen [{{ ansible_default_ipv6.address }}]:80 - listen [{{ ansible_default_ipv6.address }}]:80
- listen [{{ ansible_default_ipv6.address }}]:443 ssl - server_name twoshadesofbrown.com
- return 301 "https://$host$request_uri"
twoshadesofbrown.com.https:
- listen {{ ansible_default_ipv4.address }}:443 ssl http2
- listen [{{ ansible_default_ipv6.address }}]:443 ssl http2
- server_name twoshadesofbrown.com - server_name twoshadesofbrown.com
- root "/srv/www/twoshadesofbrown.com" - root "/srv/www/twoshadesofbrown.com"
- index index.php index.html - index index.php index.html
@ -152,11 +164,14 @@
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass php; fastcgi_pass php;
} }
wiki.staticsafe.ca: wiki.staticsafe.ca.http:
- listen {{ ansible_default_ipv4.address }}:80 - listen {{ ansible_default_ipv4.address }}:80
- listen {{ ansible_default_ipv4.address }}:443 ssl
- listen [{{ ansible_default_ipv6.address }}]:80 - listen [{{ ansible_default_ipv6.address }}]:80
- listen [{{ ansible_default_ipv6.address }}]:443 ssl - server_name wiki.staticsafe.ca
- return 301 "https://$host$request_uri"
wiki.staticsafe.ca.https:
- listen {{ ansible_default_ipv4.address }}:443 ssl http2
- listen [{{ ansible_default_ipv6.address }}]:443 ssl http2
- server_name wiki.staticsafe.ca - server_name wiki.staticsafe.ca
- root "/srv/www/wiki.staticsafe.ca" - root "/srv/www/wiki.staticsafe.ca"
- index index.php - index index.php
@ -181,11 +196,14 @@
fastcgi_pass php; fastcgi_pass php;
fastcgi_index index.php; fastcgi_index index.php;
} }
sadiqsaif.com: sadiqsaif.com.http:
- listen {{ ansible_default_ipv4.address }}:80 - listen {{ ansible_default_ipv4.address }}:80
- listen {{ ansible_default_ipv4.address }}:443 ssl
- listen [{{ ansible_default_ipv6.address }}]:80 - listen [{{ ansible_default_ipv6.address }}]:80
- listen [{{ ansible_default_ipv6.address }}]:443 ssl - server_name sadiqsaif.com
- return 301 "https://$host$request_uri"
sadiqsaif.com.https:
- listen {{ ansible_default_ipv4.address }}:443 ssl http2
- listen [{{ ansible_default_ipv6.address }}]:443 ssl http2
- server_name sadiqsaif.com - server_name sadiqsaif.com
- root "/srv/www/sadiqsaif.com" - root "/srv/www/sadiqsaif.com"
- index index.html - index index.html