Dustin C. Hatch
6acb25e309
If Nextcloud does not have the Internet-facing reverse proxy listed in its "trusted proxies" setting, it will mark all traffic as being from the proxy itself. This breaks brute force detection, etc.
21 lines
496 B
YAML
21 lines
496 B
YAML
nextcloud_server_name: nextcloud.pyrocufflink.net
|
|
apache_server_name: '{{ nextcloud_server_name }}'
|
|
pg_hba_extra:
|
|
- type: host
|
|
database: nextcloud
|
|
user: nextcloud
|
|
address: ::1/128
|
|
method: md5
|
|
nextcloud_trusted_proxies:
|
|
- 127.0.0.1
|
|
- ::1
|
|
- '{{ lookup("dig", groups["public-web"][0]) }}'
|
|
nextcloud_trusted_domains:
|
|
- nextcloud.pyrocufflink.net
|
|
- nextcloud.pyrocufflink.blue
|
|
- '{{ ansible_fqdn }}'
|
|
nextcloud_smtp:
|
|
from: nextcloud@pyrocufflink.net
|
|
host: mail.pyrocufflink.blue
|
|
port: 25
|