From bd7d2560045d9aebfeb0c7c2b08067e093f588e1 Mon Sep 17 00:00:00 2001 From: Thomas Basler Date: Thu, 3 Oct 2024 01:04:54 +0200 Subject: [PATCH] homeassistant: Add installation procedures for nginx --- host_vars/lasagne.binary.kitchen | 3 ++ roles/homeassistant/handlers/main.yml | 5 ++++ roles/homeassistant/meta/main.yml | 1 + roles/homeassistant/tasks/main.yml | 1 + roles/homeassistant/tasks/nginx.yml | 15 ++++++++++ roles/homeassistant/templates/vhost.j2 | 41 ++++++++++++++++++++++++++ 6 files changed, 66 insertions(+) create mode 100644 roles/homeassistant/tasks/nginx.yml create mode 100644 roles/homeassistant/templates/vhost.j2 diff --git a/host_vars/lasagne.binary.kitchen b/host_vars/lasagne.binary.kitchen index 52b25cf..d4bbc05 100644 --- a/host_vars/lasagne.binary.kitchen +++ b/host_vars/lasagne.binary.kitchen @@ -43,3 +43,6 @@ pgadmin4_db_password: "{{ vault_pgadmin4_db_password }}" pgadmin4_initial_user_email: noby@binary-kitchen.de pgadmin4_initial_user_password: "{{ vault_pgadmin4_initial_user_password }}" ha_pg_grafana_db_pass: "{{ vault_ha_pg_grafana_db_pass }}" + +ha_domains: + - lasagne.binary.kitchen diff --git a/roles/homeassistant/handlers/main.yml b/roles/homeassistant/handlers/main.yml index 6728c1d..b3e8144 100644 --- a/roles/homeassistant/handlers/main.yml +++ b/roles/homeassistant/handlers/main.yml @@ -14,3 +14,8 @@ ansible.builtin.service: name: grafana-server state: restarted + +- name: Restart nginx + ansible.builtin.service: + name: nginx + state: restarted diff --git a/roles/homeassistant/meta/main.yml b/roles/homeassistant/meta/main.yml index 9b650cd..cb90fe0 100644 --- a/roles/homeassistant/meta/main.yml +++ b/roles/homeassistant/meta/main.yml @@ -11,3 +11,4 @@ galaxy_info: dependencies: - { role: mosquitto } - { role: pgadmin4 } + - { role: nginx, nginx_ssl: false } diff --git a/roles/homeassistant/tasks/main.yml b/roles/homeassistant/tasks/main.yml index 7259630..7e387e1 100644 --- a/roles/homeassistant/tasks/main.yml +++ b/roles/homeassistant/tasks/main.yml @@ -12,3 +12,4 @@ - systemd.yml - installation.yml - grafana.yml + - nginx.yml diff --git a/roles/homeassistant/tasks/nginx.yml b/roles/homeassistant/tasks/nginx.yml new file mode 100644 index 0000000..62d5179 --- /dev/null +++ b/roles/homeassistant/tasks/nginx.yml @@ -0,0 +1,15 @@ +--- + +- name: Configure vhost + ansible.builtin.template: + src: vhost.j2 + dest: /etc/nginx/sites-available/homeassistant + mode: "0644" + notify: Restart nginx + +- name: Enable vhost + ansible.builtin.file: + src: /etc/nginx/sites-available/homeassistant + dest: /etc/nginx/sites-enabled/homeassistant + state: link + notify: Restart nginx diff --git a/roles/homeassistant/templates/vhost.j2 b/roles/homeassistant/templates/vhost.j2 new file mode 100644 index 0000000..ba005bb --- /dev/null +++ b/roles/homeassistant/templates/vhost.j2 @@ -0,0 +1,41 @@ +{{ ansible_managed | comment }} + +server { + listen 80; + listen [::]:80; + server_name {{ ha_domains | join(' ') }}; + + proxy_buffering off; + + location / { + proxy_pass http://127.0.0.1:8123; + proxy_set_header Host $host; + proxy_redirect http:// https://; + proxy_http_version 1.1; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + } + + location /api/websocket { + proxy_pass http://127.0.0.1:8123; + proxy_set_header Host $host; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + } + + location /grafana { + client_max_body_size 1024M; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $http_host; + proxy_pass http://localhost:3000; + } + + location = /pgadmin4 { rewrite ^ /pgadmin4/; } + location /pgadmin4 { try_files $uri @pgadmin4; } + location @pgadmin4 { + include uwsgi_params; + uwsgi_pass unix:/run/pgadmin4/pgadmin4.sock; + } +} \ No newline at end of file