From 21c64883f0d6a089c60c266b0e4ee3333429b00b Mon Sep 17 00:00:00 2001
From: Markus Hauschild <markus@moepman.eu>
Date: Wed, 15 Nov 2023 17:15:12 +0100
Subject: [PATCH] event_web: add engelsystem domain

---
 roles/event_web/files/certs    |  2 +-
 roles/event_web/files/vhost    | 28 ++++++++++++++++++++++++++++
 roles/event_web/tasks/main.yml |  3 +++
 3 files changed, 32 insertions(+), 1 deletion(-)

diff --git a/roles/event_web/files/certs b/roles/event_web/files/certs
index b19cea4..b64bace 100644
--- a/roles/event_web/files/certs
+++ b/roles/event_web/files/certs
@@ -1,6 +1,6 @@
 ---
 
-eh21.easterhegg.eu:
+eh21.easterhegg.eu engel.eh21.easterhegg.eu:
 - path: /etc/nginx/ssl/eh21.easterhegg.eu.crt
   user: root
   group: root
diff --git a/roles/event_web/files/vhost b/roles/event_web/files/vhost
index c51b209..b4bf602 100644
--- a/roles/event_web/files/vhost
+++ b/roles/event_web/files/vhost
@@ -25,3 +25,31 @@ server {
 
 	root /var/www/eh21;
 }
+
+server {
+	listen 80;
+	listen [::]:80;
+
+	server_name engel.eh21.easterhegg.eu;
+
+	location /.well-known/acme-challenge {
+		default_type "text/plain";
+		alias /var/www/acme-challenge;
+	}
+
+	location / {
+		return 301 https://engel.eh21.easterhegg.eu$request_uri;
+	}
+}
+
+server {
+	listen 443 ssl http2;
+	listen [::]:443 ssl http2;
+
+	server_name engel.eh21.easterhegg.eu;
+
+	ssl_certificate_key /etc/nginx/ssl/eh21.easterhegg.eu.key;
+	ssl_certificate /etc/nginx/ssl/eh21.easterhegg.eu.crt;
+
+	root /var/www/engel;
+}
diff --git a/roles/event_web/tasks/main.yml b/roles/event_web/tasks/main.yml
index ad10c96..2ab01c4 100644
--- a/roles/event_web/tasks/main.yml
+++ b/roles/event_web/tasks/main.yml
@@ -8,6 +8,9 @@
 - name: Create vhost directory
   file: path=/var/www/eh21 state=directory owner=www-data group=www-data
 
+- name: Create vhost directory
+  file: path=/var/www/engel state=directory owner=www-data group=www-data
+
 - name: Ensure certificates are available
   command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/eh21.easterhegg.eu.key -out /etc/nginx/ssl/eh21.easterhegg.eu.crt -days 730 -subj "/CN=eh21.easterhegg.eu" creates=/etc/nginx/ssl/eh21.easterhegg.eu.crt
   notify: Restart nginx