NelisVolschenk/server_init
0
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
server_init/resources/pangolin/dynamic_config.yml.j2
Nelis c34d2b4849 Initial server init setup with Ansible playbook 
Automated server provisioning with Pangolin reverse proxy, Forgejo git
server with SSH passthrough, and OpenCode dev environment. Includes
server hardening (UFW, fail2ban, SSH lockdown), Docker, Rust, Python/uv,
and unattended security upgrades.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-28 10:34:20 +00:00

93 lines
1.9 KiB
Django/Jinja
Raw Blame History

http:
middlewares:
badger:
plugin:
badger:
disableForwardAuth: true
redirect-to-https:
redirectScheme:
scheme: https
routers:
# --- Pangolin dashboard ---
main-app-router-redirect:
rule: "Host(`{{ pangolin_domain }}`)"
service: next-service
entryPoints:
- web
middlewares:
- redirect-to-https
- badger
next-router:
rule: "Host(`{{ pangolin_domain }}`) && !PathPrefix(`/api/v1`)"
service: next-service
entryPoints:
- websecure
middlewares:
- badger
tls:
certResolver: letsencrypt
api-router:
rule: "Host(`{{ pangolin_domain }}`) && PathPrefix(`/api/v1`)"
service: api-service
entryPoints:
- websecure
middlewares:
- badger
tls:
certResolver: letsencrypt
ws-router:
rule: "Host(`{{ pangolin_domain }}`)"
service: api-service
entryPoints:
- websecure
middlewares:
- badger
tls:
certResolver: letsencrypt
# --- Forgejo (public, no auth) ---
forgejo-redirect:
rule: "Host(`{{ forgejo_domain }}`)"
service: forgejo-service
entryPoints:
- web
middlewares:
- redirect-to-https
forgejo-router:
rule: "Host(`{{ forgejo_domain }}`)"
service: forgejo-service
entryPoints:
- websecure
tls:
certResolver: letsencrypt
services:
next-service:
loadBalancer:
servers:
- url: "http://pangolin:3002"
api-service:
loadBalancer:
servers:
- url: "http://pangolin:3000"
forgejo-service:
loadBalancer:
servers:
- url: "http://forgejo:3001"
tcp:
serversTransports:
pp-transport-v1:
proxyProtocol:
version: 1
pp-transport-v2:
proxyProtocol:
version: 2
Reference in a new issue View git blame Copy permalink