From fb224b361ebab5778298f74d0c021db1bad37658 Mon Sep 17 00:00:00 2001 From: Otho Date: Fri, 20 Jan 2023 22:57:55 -0500 Subject: [PATCH] Separate interfaces and DNS updates. --- apache24/httpd.conf | 131 ++++++++++++++++++++++++-------------------- dns.tf | 37 +++++++++++-- 2 files changed, 104 insertions(+), 64 deletions(-) diff --git a/apache24/httpd.conf b/apache24/httpd.conf index 174af90..7ff5864 100644 --- a/apache24/httpd.conf +++ b/apache24/httpd.conf @@ -1,7 +1,9 @@ +ServerName othostash.com +ServerRoot /usr/local -ServerRoot "/usr/local" - -Listen 443 +Listen [2603:3015:1003:566d::dad:db]:80 +Listen [2603:3015:1003:566d::dad:db]:443 +Listen 10.1.9.10:443 LoadModule mpm_prefork_module libexec/apache24/mod_mpm_prefork.so LoadModule authn_file_module libexec/apache24/mod_authn_file.so @@ -49,74 +51,87 @@ Group www Require all denied -MDomain othostash.com +MDCertificateAgreement accepted +MDContactEmail admin@othostash.com +MDomain othostash.com www.othostash.com -# +# +# ServerName "plex.othostash.com" +# SSLEngine on +# ProxyPass "/" "http://localhost:32400" +# ProxyPassReverse "/" "http://localhost:32400" +# - - SetHandler md-status - + + ServerName "www.othostash.com" + ServerName "othostash.com" -DocumentRoot "/data" - - Options Indexes - AllowOverride Options Indexes FileInfo AuthConfig - AuthType Basic - AuthName "Who be you?" - AuthUserFile /usr/local/etc/apache24/.badpass - Require valid-user - + + SetHandler md-status + - - Require all denied - + DocumentRoot "/data" + + Options Indexes + AllowOverride Options Indexes FileInfo AuthConfig + AuthType Basic + AuthName "Who be you?" + AuthUserFile /usr/local/etc/apache24/.badpass + Require valid-user + - - Require all denied - + + Require all denied + - - DirectoryIndex index.html - + + Require all denied + -SSLEngine on -SSLCertificateFile /usr/local/etc/apache24/fullchain.pem -SSLCertificateKeyFile /usr/local/etc/apache24/privkey.pem - -ErrorLog "/var/log/httpd-error.log" -LogLevel warn - - - LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined - LogFormat "%h %l %u %t \"%r\" %>s %b" common - - - # You need to enable mod_logio.c to use %I and %O - LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio + + DirectoryIndex index.html - CustomLog "/var/log/httpd-access.log" common - + SSLEngine on + # SSLCertificateFile /usr/local/etc/apache24/fullchain.pem + # SSLCertificateKeyFile /usr/local/etc/apache24/privkey.pem - - ScriptAlias /cgi-bin/ "/data/metadata/www/cgi-bin/" - + ErrorLog "/var/log/httpd-error.log" + LogLevel warn - - AllowOverride None - Options None - Require all granted - + + LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined + LogFormat "%h %l %u %t \"%r\" %>s %b" common - - RequestHeader unset Proxy early - + + # You need to enable mod_logio.c to use %I and %O + LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio + - - TypesConfig etc/apache24/mime.types - AddType application/x-compress .Z - AddType application/x-gzip .gz .tgz - + CustomLog "/var/log/httpd-access.log" common + + + + ScriptAlias /cgi-bin/ "/data/metadata/www/cgi-bin/" + + + + AllowOverride None + Options None + Require all granted + + + + RequestHeader unset Proxy early + + + + TypesConfig etc/apache24/mime.types + AddType application/x-compress .Z + AddType application/x-gzip .gz .tgz + + + SSLRandomSeed startup builtin diff --git a/dns.tf b/dns.tf index 78ca7ca..7685397 100644 --- a/dns.tf +++ b/dns.tf @@ -18,22 +18,47 @@ terraform { provider "namecheap" {} -variable "stashbox-vip" { +variable "network" { type = string - default = "stashbox.delhi.o4data.net." + default = "2603:3015:1003:566d" +} + +variable "ipv4" { + type = string + default = "96.78.236.124" } resource "namecheap_domain_records" "othostash" { domain = "othostash.com" record { hostname = "@" - address = var.stashbox-vip - type = "ALIAS" - ttl = 300 + address = "${var.network}::dad:db" + type = "AAAA" + } + record { + hostname = "feed" + address = "${var.network}::dad:feed" + type = "AAAA" } record { hostname = "www" - address = "othostash.com." + address = "othostash.com" type = "CNAME" } + record { + hostname = "plex" + address = "feed.othostash.com" + type = "CNAME" + } + + record { + hostname = "@" + address = var.ipv4 + type = "A" + } + record { + hostname = "feed" + address = var.ipv4 + type = "A" + } }