ansible
/
homelab
1
0
Fork 0
Code Issues 33 Pull Requests Projects 1 Releases Wiki Activity

Improve routing between containers 

Create user network nginx-internal
and use Docker's internal DNS server
to resolve containers by hostname.
This commit is contained in:
Lukáš Kucharczyk 2021-04-27 23:09:21 +02:00
parent d9bd3ac145
commit 54de631d29
No known key found for this signature in database
GPG Key ID: 65524498C0196B64
4 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
roles/jellyfin/tasks/main.yml
View File

@ -11,6 +11,8 @@
docker_container: docker_container:
name: 'jellyfin' name: 'jellyfin'
image: linuxserver/jellyfin image: linuxserver/jellyfin
networks:
- name: nginx-internal
volumes: volumes:
- "{{ data_folder }}/jellyfin:/config" - "{{ data_folder }}/jellyfin:/config"
- "{{ media.tv }}:/data/tv" - "{{ media.tv }}:/data/tv"

5
roles/jellyfin/templates/jellyfin.conf.j2
View File

@ -1,15 +1,12 @@
server { server {
listen 80; listen 80;
server_name "jellyfin.{{ base_domain }}";
set $jellyfin {{ server_ip }};
#resolver 127.0.0.1 valid=30;
return 301 https://$host$request_uri; return 301 https://$host$request_uri;
} }
server { server {
listen 443 ssl http2; listen 443 ssl http2;
server_name "jellyfin.{{ base_domain }}"; server_name "jellyfin.{{ base_domain }}";
set $jellyfin {{ server_ip }}; set $jellyfin jellyfin;
# Security/XSS Mitigation Headers # Security/XSS Mitigation Headers
add_header X-Frame-Options "SAMEORIGIN"; add_header X-Frame-Options "SAMEORIGIN";

8
roles/nginx/tasks/main.yml
View File

@ -58,10 +58,18 @@
src: nginx.conf.j2 src: nginx.conf.j2
dest: "{{ data_folder }}/nginx/nginx.conf" dest: "{{ data_folder }}/nginx/nginx.conf"
mode: '0755' mode: '0755'
- name: create nginx bridge network
docker_network:
name: nginx-internal
attachable: true
internal: true
state: present
- name: run container - name: run container
docker_container: docker_container:
name: 'nginx' name: 'nginx'
image: nginx image: nginx
networks:
- name: nginx-internal
volumes: volumes:
- "{{ data_folder }}/nginx/nginx.conf:/etc/nginx/nginx.conf" - "{{ data_folder }}/nginx/nginx.conf:/etc/nginx/nginx.conf"
- "{{ data_folder }}/nginx/{{ base_domain }}.key:/etc/nginx/{{ base_domain }}.key" - "{{ data_folder }}/nginx/{{ base_domain }}.key:/etc/nginx/{{ base_domain }}.key"

1
roles/nginx/templates/nginx.conf.j2
View File

@ -26,6 +26,7 @@ http {
keepalive_timeout 65; keepalive_timeout 65;
#gzip on; #gzip on;
resolver 127.0.0.11 valid=30;
ssl_certificate /etc/nginx/{{ base_domain }}.crt; ssl_certificate /etc/nginx/{{ base_domain }}.crt;
ssl_certificate_key /etc/nginx/{{ base_domain }}.key; ssl_certificate_key /etc/nginx/{{ base_domain }}.key;
include /etc/nginx/conf.d/*.conf; include /etc/nginx/conf.d/*.conf;