aboutsummaryrefslogtreecommitdiffstats
path: root/roles/kibana-nginx
diff options
context:
space:
mode:
Diffstat (limited to 'roles/kibana-nginx')
-rw-r--r--roles/kibana-nginx/README.md3
-rw-r--r--roles/kibana-nginx/meta/main.yml4
-rw-r--r--roles/kibana-nginx/tasks/main.yml26
3 files changed, 33 insertions, 0 deletions
diff --git a/roles/kibana-nginx/README.md b/roles/kibana-nginx/README.md
new file mode 100644
index 0000000..23f8ffc
--- /dev/null
+++ b/roles/kibana-nginx/README.md
@@ -0,0 +1,3 @@
+# Role "kibana-nginx"
+
+This role installs the configuration for NGINX reverse proxying to Kibana.
diff --git a/roles/kibana-nginx/meta/main.yml b/roles/kibana-nginx/meta/main.yml
new file mode 100644
index 0000000..fe0bcd5
--- /dev/null
+++ b/roles/kibana-nginx/meta/main.yml
@@ -0,0 +1,4 @@
+---
+dependencies:
+ - nginx
+ - nginx-cloudflare-mtls
diff --git a/roles/kibana-nginx/tasks/main.yml b/roles/kibana-nginx/tasks/main.yml
new file mode 100644
index 0000000..ae34b94
--- /dev/null
+++ b/roles/kibana-nginx/tasks/main.yml
@@ -0,0 +1,26 @@
+- name: Install Kibana NGINX config
+ copy:
+ dest: /etc/nginx/sites-enabled/kibana
+ mode: 0644
+ group: root
+ owner: root
+ content: |
+ # Managed by Ansible
+ server {
+ listen 443 ssl http2;
+ server_name kibana.pydis.wtf;
+
+ ssl_certificate /etc/letsencrypt/live/pydis.wtf/fullchain.pem;
+ ssl_certificate_key /etc/letsencrypt/live/pydis.wtf/privkey.pem;
+ ssl_client_certificate {{ nginx_cloudflare_mtls_certificate_path }};
+ ssl_verify_client on;
+
+ location / {
+ include proxy_params;
+ proxy_pass http://localhost:5601;
+ }
+ }
+ notify:
+ - reload the nginx service
+ tags:
+ - role::kibana-nginx
generated by cgit v1.2.3 (git 2.39.1) at 2025-11-13 08:54:08 +0000