This commit resolves connectivity issues for www.directlx.dev by:
1. Add nginx firewall configuration (host_vars/nginx.yml)
- Allow ports 80/tcp (HTTP) and 443/tcp (HTTPS)
- Enables NPM to proxy traffic to nginx backend
2. Add www.directlx.dev DNS record via Pi-hole
- Configure playbooks/configure-directlx-dev-dns.yml
- Route www.directlx.dev → NPM (192.168.200.71)
- NPM then proxies to nginx (192.168.200.65)
Problem: After firewall changes, nginx server only allowed SSH (port 22),
blocking HTTP/HTTPS from NPM. Additionally, Pi-hole had no DNS record for
www.directlx.dev subdomain.
Solution: Applied firewall rules and DNS configuration to complete the
proxy chain: Browser → Pi-hole DNS → NPM → nginx.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Add MySQL host_vars with firewall rules for port 3306
- Enable IP forwarding on Docker hosts (hiveops, smartjournal)
- Fix container-to-external-network connectivity issue
The IP forwarding setting was previously disabled by the common role's
security defaults, preventing Docker containers from reaching external
databases. This change overrides that setting for hosts running Docker.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Set up standard directory layout with:
- ansible.cfg with sensible defaults
- YAML inventory with example groups
- Main site playbook template
- Directories for roles, group_vars, host_vars, files, templates
- .gitignore for secrets, vault files, and SSH keys
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
directlx