Skip to content

Instantly share code, notes, and snippets.

@fabriziosalmi

fabriziosalmi/example.yaml

Created March 24, 2025 07:21
Show Gist options
  • Save fabriziosalmi/12ee0001741afd403075afcdaec6c69b to your computer and use it in GitHub Desktop.
Save fabriziosalmi/12ee0001741afd403075afcdaec6c69b to your computer and use it in GitHub Desktop.
Download ZIP
Example infra yaml
Raw
example.yaml
proxmox_config:
username: "root"
password: "{{ proxmox_password }}"
network_gateway: "192.168.1.1"
network_cidr: "192.168.1.0/24"
os_template_debian: "local:vztmpl/debian-11-standard_11.6-1_amd64.tar.gz"
os_template_ubuntu: "local:vztmpl/ubuntu-22.04-standard_22.04-1_amd64.tar.gz"
api:
enabled: true
url: "https://{{ proxmox_hostname }}:8006/api2/json"
verify_ssl: false
cloudflare_config:
email: "{{ cloudflare_email }}"
api_key: "{{ cloudflare_api_key }}"
reverse_proxy_defaults:
cores: 2
memory: 1024
type: "nginx"
tls:
enabled: true
strict: false
auto_ssl:
enabled: true
method: "http"
proxmox_hosts:
- name: "proxmox1"
hostname: "proxmox1.example.com"
lxc_containers:
- name: "reverseproxy1"
id: 101
ostemplate: "{{ proxmox_config.os_template_debian }}"
network:
- ip: "192.168.1.101/24"
gateway: "{{ proxmox_config.network_gateway }}"
resources:
cores: "{{ reverse_proxy_defaults.cores }}"
memory: "{{ reverse_proxy_defaults.memory }}"
reverse_proxy_config:
domain: "service1.example.com"
origin_server: "192.168.1.201:80"
tls: "{{ reverse_proxy_defaults.tls }}"
cloudflare: "{{ cloudflare_config }}"
extra_nginx_config: |
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Port 443;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
add_header X-Content-Type-Options nosniff;
access_log /var/log/nginx/access.log combined;
error_log /var/log/nginx/error.log warn;
error_page 502 /502.html;
location = /502.html {
internal;
root /usr/share/nginx/html;
}
- name: "reverseproxy2"
id: 102
ostemplate: "{{ proxmox_config.os_template_ubuntu }}"
network:
- ip: "192.168.1.102/24"
gateway: "{{ proxmox_config.network_gateway }}"
resources:
cores: 1
memory: 512
reverse_proxy_config:
domain: "service2.example.com"
origin_server: "192.168.1.202:8080"
tls:
enabled: true
strict: false
auto_ssl:
enabled: true
method: "dns"
cloudflare: "{{ cloudflare_config }}"
extra_nginx_config: |
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Port 443;
# configurazioni di bilanciamento del carico se ci fossero + origin
# upstream backend {
# server 192.168.1.202:8080;
# server 192.168.1.203:8080;
# }
# location / {
# proxy_pass http://backend;
# }
- name: "proxmox2"
hostname: "proxmox2.example.com"
lxc_containers:
- name: "reverseproxy3"
id: 103
ostemplate: "{{ proxmox_config.os_template_debian }}"
network:
- ip: "192.168.1.103/24"
gateway: "{{ proxmox_config.network_gateway }}"
resources:
cores: "{{ reverse_proxy_defaults.cores }}"
memory: "{{ reverse_proxy_defaults.memory }}"
reverse_proxy_config:
domain: "service3.example.com"
origin_server: "192.168.1.203:80"
tls: "{{ reverse_proxy_defaults.tls }}"
cloudflare: "{{ cloudflare_config }}"
extra_nginx_config: |
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Port 443;
limit_req zone=mylimit burst=5;
limit_zone mylimit $binary_remote_addr 10m;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment