From ba868fa76cc6a0748c7da69962155bbad70fad44 Mon Sep 17 00:00:00 2001
From: Salt <rehashedsalt@cock.li>
Date: Fri, 18 Dec 2020 06:25:00 -0600
Subject: [PATCH] Polish up configuration for web1, seems we're mostly live

---
 site.yml | 30 +++++++++++++++++-------------
 1 file changed, 17 insertions(+), 13 deletions(-)

diff --git a/site.yml b/site.yml
index 7e64d73..19d5063 100755
--- a/site.yml
+++ b/site.yml
@@ -87,20 +87,16 @@
           - proxy_http.load
           - rewrite.load
         apache_vhosts:
-          - servername: web1.desu.ltd
-            serveralias: "*"
+          - servername: nc.desu.ltd
             extra_parameters: |
-              RewriteEngine On
-              RewriteRule "^http\:" "^https:" [R=302,L]
-        apache_vhosts_ssl:
+              Redirect permanent / https://nc.desu.ltd
+          - servername: desu.ltd
+            extra_parameters: |
+              Redirect permanent / https://desu.ltd
           - servername: git.desu.ltd
             extra_parameters: |
-              ProxyPreserveHost On
-              ProxyRequests Off
-              ProxyPass / http://127.0.0.1:3000/ nocanon retry=1
-            certificate_file: /etc/letsencrypt/live/desu.ltd/fullchain.pem
-            certificate_key_file: /etc/letsencrypt/live/desu.ltd/privkey.pem
-            certificate_chain_file: /etc/letsencrypt/live/desu.ltd/chain.pem
+              Redirect permanent / https://git.desu.ltd
+        apache_vhosts_ssl:
           - servername: nc.desu.ltd
             documentroot: /var/www/html/nextcloud
             certificate_file: /etc/letsencrypt/live/desu.ltd/fullchain.pem
@@ -111,6 +107,14 @@
             certificate_file: /etc/letsencrypt/live/desu.ltd/fullchain.pem
             certificate_key_file: /etc/letsencrypt/live/desu.ltd/privkey.pem
             certificate_chain_file: /etc/letsencrypt/live/desu.ltd/chain.pem
+          - servername: git.desu.ltd
+            extra_parameters: |
+              ProxyPreserveHost On
+              ProxyRequests Off
+              ProxyPass / http://127.0.0.1:3000/ nocanon retry=1
+            certificate_file: /etc/letsencrypt/live/desu.ltd/fullchain.pem
+            certificate_key_file: /etc/letsencrypt/live/desu.ltd/privkey.pem
+            certificate_chain_file: /etc/letsencrypt/live/desu.ltd/chain.pem
       become: yes
       tags: [ web, apache ]
     - role: certbot
@@ -180,13 +184,13 @@
         gitea_app_name: "Git Desu"
         # Core config
         gitea_db_type: postgres
-        gitea_db_host: 192.168.122.169:5432
+        gitea_db_host: 192.168.164.156:5432
         gitea_db_name: gitea
         gitea_db_user: gitea
         gitea_db_password: "{{ secret_gitea_db_pass }}"
         gitea_http_domain: git.desu.ltd
         gitea_oauth2_enabled: no
-        gitea_root_url: http://git.desu.ltd
+        gitea_root_url: https://git.desu.ltd
         gitea_shell: "/bin/bash"
         gitea_ssh_domain: git.desu.ltd
         gitea_ssh_port: 22