Skip to content
/ infra Public

Ansible + Jinja files for deploying the web & DNS servers for jb3.dev

Notifications You must be signed in to change notification settings

jb3/infra

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Infra

Components

DNS

DNS is provided by the nameserver group and role. It manages two authoritative DNS servers located at core.host.jb3.dev and rt1.host.jb3.dev.

DNS servers are authoritative for the following zones:

  • jb3.dev

Zones are signed using DNSSEC and keys are automatically generated if not present on the local machine. After DNS has been deployed the necessary DS records are downloaded from core.host.jb3.dev, it is only required to put the SHA256 hash at the registrar, not the shorter SHA1 hash.

Eventually I’ll write a blog post on this.

NGINX

NGINX is installed and deployed to a single server using the nginx role. Configuration is automatically generated according to role variables defining static sites and reverse proxies.

See the NGINX role for configuration and active sites. TLS certificates are currently generated using the HTTP-01 ACME challenge, though I hope to migrate this to DNS-01 with the above custom DNS system soon.

Blog

My blog (jb3.dev) is hosted by the above NGINX instance. It is deployed via rsync over the Tailscale network that all hosts are a member of.

You can find that workflow here.

About

Ansible + Jinja files for deploying the web & DNS servers for jb3.dev

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Sponsor this project

 

Packages

No packages published

Languages