Fix www.directlx.dev accessibility with nginx firewall and DNS config
This commit resolves connectivity issues for www.directlx.dev by: 1. Add nginx firewall configuration (host_vars/nginx.yml) - Allow ports 80/tcp (HTTP) and 443/tcp (HTTPS) - Enables NPM to proxy traffic to nginx backend 2. Add www.directlx.dev DNS record via Pi-hole - Configure playbooks/configure-directlx-dev-dns.yml - Route www.directlx.dev → NPM (192.168.200.71) - NPM then proxies to nginx (192.168.200.65) Problem: After firewall changes, nginx server only allowed SSH (port 22), blocking HTTP/HTTPS from NPM. Additionally, Pi-hole had no DNS record for www.directlx.dev subdomain. Solution: Applied firewall rules and DNS configuration to complete the proxy chain: Browser → Pi-hole DNS → NPM → nginx. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
directlx
parent
015c708644
commit
9be34947b2
|
|
@ -0,0 +1,7 @@
|
||||||
|
---
|
||||||
|
# Nginx web server specific variables
|
||||||
|
|
||||||
|
common_firewall_allowed_ports:
|
||||||
|
- "22/tcp" # SSH
|
||||||
|
- "80/tcp" # HTTP
|
||||||
|
- "443/tcp" # HTTPS
|
||||||
|
|
@ -0,0 +1,38 @@
|
||||||
|
---
|
||||||
|
- name: Configure Pi-hole DNS for directlx.dev services (via NPM)
|
||||||
|
hosts: pihole
|
||||||
|
vars:
|
||||||
|
dns_domain: directlx.dev
|
||||||
|
# All services routed through NPM (192.168.200.71)
|
||||||
|
dns_records:
|
||||||
|
- { ip: "192.168.200.71", hostname: "www" }
|
||||||
|
- { ip: "192.168.200.71", hostname: "mgmt" }
|
||||||
|
- { ip: "192.168.200.71", hostname: "hiveops" }
|
||||||
|
- { ip: "192.168.200.71", hostname: "browser" }
|
||||||
|
- { ip: "192.168.200.71", hostname: "smartjournal" }
|
||||||
|
- { ip: "192.168.200.71", hostname: "incidents" }
|
||||||
|
- { ip: "192.168.200.71", hostname: "remote" }
|
||||||
|
|
||||||
|
tasks:
|
||||||
|
- name: Copy DNS update script
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: ../templates/pihole-hosts.py.j2
|
||||||
|
dest: /tmp/update_pihole_hosts_directlx.py
|
||||||
|
mode: '0755'
|
||||||
|
|
||||||
|
- name: Update Pi-hole DNS hosts for directlx.dev
|
||||||
|
ansible.builtin.command: python3 /tmp/update_pihole_hosts_directlx.py
|
||||||
|
register: update_result
|
||||||
|
changed_when: "'updated' in update_result.stdout.lower()"
|
||||||
|
notify: Restart pihole-FTL
|
||||||
|
|
||||||
|
- name: Cleanup script
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: /tmp/update_pihole_hosts_directlx.py
|
||||||
|
state: absent
|
||||||
|
|
||||||
|
handlers:
|
||||||
|
- name: Restart pihole-FTL
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
name: pihole-FTL
|
||||||
|
state: restarted
|
||||||
Loading…
Reference in New Issue