proxy fixes

ministryofjustice · Dec 7, 2023 · 4644474 · 4644474
1 parent 46c7a06
commit 4644474
Show file tree

Hide file tree

Showing 5 changed files with 7 additions and 23 deletions.
diff --git a/ansible/group_vars/environment_name_nomis_data_hub_test.yml b/ansible/group_vars/environment_name_nomis_data_hub_test.yml
@@ -2,3 +2,4 @@
 ansible_aws_ssm_bucket_name: s3-bucket20230309164626616600000002
 image_builder_s3_bucket_name: nomis-data-hub-software20230309164626754200000003
 dns_zone_internal: nomis-data-hub.hmpps-test.modernisation-platform.internal
+ndelius_proxy_pass: interface.test.probation.service.justice.gov.uk
diff --git a/ansible/roles/ndh-app/defaults/main.yml b/ansible/roles/ndh-app/defaults/main.yml
@@ -19,6 +19,10 @@ ndh_ems_port_1: "7222"
 ndh_ems_port_2: "7224"
 ndh_host_os: "RHEL"
 ndh_host_os_version: "7.9"
+ndh_proxy_host: "{{ ndh_environment }}"
+
+# set this to probation interface URL in relevant environment group_vars
+#ndelius_proxy_pass:
 
 ndh_secretsmanager_passwords:
   ndh-shared:

diff --git a/ansible/roles/ndh-app/handlers/main.yml b/ansible/roles/ndh-app/handlers/main.yml
@@ -1,5 +1,3 @@
 ---
 - name: test nginx config
   ansible.builtin.command: nginx -t
-  tags:
-    - amibuild
diff --git a/ansible/roles/ndh-app/tasks/configure_proxy.yml b/ansible/roles/ndh-app/tasks/configure_proxy.yml
@@ -6,53 +6,39 @@
     baseurl: https://nginx.org/packages/rhel/{{ ansible_distribution_major_version }}/$basearch/
     gpgcheck: no
     enabled: yes
-  tags:
-    - amibuild
 
 - name: Install nginx
   ansible.builtin.package:
     name: nginx
     state: latest
-  tags:
-    - amibuild
 
 - name: Enable nginx
   ansible.builtin.service:
     name: nginx
     enabled: yes
     state: stopped
-  tags:
-    - amibuild
 
 - name: Add nginx proxy config
   ansible.builtin.template:
     src: etc/nginx/nginx.conf.j2
     dest: /etc/nginx/nginx.conf
   notify:
     - test nginx config
-  tags:
-    - amibuild
 
 - meta: flush_handlers
-  tags:
-    - amibuild
 
 - name: Create ssl directory in /etc/nginx
   ansible.builtin.file:
     path: /etc/nginx/ssl
     state: directory
     owner: nginx
     group: nginx
-  tags:
-    - amibuild
 
 - name: Generate a private key
   community.crypto.openssl_privatekey:
     path: /etc/nginx/ssl/nginx.key
     type: RSA
     size: 2048
-  tags:
-    - amibuild
 
 - name: Create a CSR for the ndh_proxy_host
   community.crypto.openssl_csr:
@@ -67,22 +53,16 @@
     csr_path: /etc/nginx/ssl/nginx.csr
     provider: selfsigned
     force: yes
-  tags:
-    - amibuild
 
 - name: add ndh_proxy_host to /etc/hosts for loopback
   ansible.builtin.lineinfile:
     path: /etc/hosts
     regexp: '^(127\.0\.0\.1.*)$'
     line: '\1 {{ ndh_proxy_host }}'
     backrefs: yes
-  tags:
-    - amibuild
 
 - name: Start nginx
   ansible.builtin.service:
     name: nginx
     enabled: yes
     state: started
-  tags:
-    - amibuild
diff --git a/ansible/roles/ndh-app/tasks/main.yml b/ansible/roles/ndh-app/tasks/main.yml
@@ -44,4 +44,5 @@
 
 - import_tasks: configure_proxy.yml
   tags:
-    - amibuild
+    - ec2provision
+  when: ndelius_proxy_pass is defined