diff options
author | Niklas Yann Wettengel <niyawe@niyawe.de> | 2021-07-28 18:53:23 +0200 |
---|---|---|
committer | Niklas Yann Wettengel <niyawe@niyawe.de> | 2021-07-28 18:53:23 +0200 |
commit | 140a04a8b58fdcef4f80398bc2f762d648a3a035 (patch) | |
tree | 4ae2db2340e78fc33fbe8ceb7796e0d60e168326 | |
parent | 9ec1670a262597356c24bff27d473eccceb45b61 (diff) |
run webserver for connectivity check
-rw-r--r-- | roles/configure_iptables/templates/ip6tables.rules | 2 | ||||
-rw-r--r-- | roles/configure_iptables/templates/iptables.rules | 2 | ||||
-rw-r--r-- | roles/install_nginx/files/nginx.conf | 32 | ||||
-rw-r--r-- | setup_fastd.yml | 2 |
4 files changed, 37 insertions, 1 deletions
diff --git a/roles/configure_iptables/templates/ip6tables.rules b/roles/configure_iptables/templates/ip6tables.rules index 79d9f86..636541d 100644 --- a/roles/configure_iptables/templates/ip6tables.rules +++ b/roles/configure_iptables/templates/ip6tables.rules @@ -46,6 +46,8 @@ COMMIT # dns -A INPUT -p tcp -m tcp --dport 53 -j ACCEPT -A INPUT -p udp -m udp --dport 53 -j ACCEPT +# http +-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT # ntp -A INPUT -p udp -m udp --dport 123 -j ACCEPT # fastd / wg diff --git a/roles/configure_iptables/templates/iptables.rules b/roles/configure_iptables/templates/iptables.rules index 2508445..6d7fce1 100644 --- a/roles/configure_iptables/templates/iptables.rules +++ b/roles/configure_iptables/templates/iptables.rules @@ -49,6 +49,8 @@ COMMIT {% for site in sites %} -I INPUT -i bat{{ site.name }} -p udp --dport 67:68 --sport 67:68 -j ACCEPT {% endfor %} +# http +-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT # ntp -A INPUT -p udp -m udp --dport 123 -j ACCEPT # fastd / wg diff --git a/roles/install_nginx/files/nginx.conf b/roles/install_nginx/files/nginx.conf index 12e9948..b37c7b0 100644 --- a/roles/install_nginx/files/nginx.conf +++ b/roles/install_nginx/files/nginx.conf @@ -21,6 +21,38 @@ http { charset UTF-8; + server { + listen 80 default_server; + listen [::]:80 default_server ipv6only=on; + + index index.html index.htm; + root /srv/http; + + location / { + try_files $uri $uri/ =404; + autoindex on; + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } + + location /nginx_status { + stub_status on; + access_log off; + allow 127.0.0.1; + allow ::1; + deny all; + } + + location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf|svg)$ { + expires 30d; + # Optional: Don't log access to assets + access_log off; + } + } + # Virtual Host Config include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; diff --git a/setup_fastd.yml b/setup_fastd.yml index 0a991cb..8429e56 100644 --- a/setup_fastd.yml +++ b/setup_fastd.yml @@ -10,7 +10,7 @@ #- install_ssmtp - install_cronie - install_php - #- install_nginx + - install_nginx - install_ntp - install_haveged - setup_batman |