bastian/deploy_home
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
207 Commits 1 Branch 0 Tags
2b4844b2113dfae906b8bb9c43c12fb7579c4cc2
Commit Graph

17 Commits

Author SHA1 Message Date
Bastian de Byl
2303e0ddc8 bumped cloud versions, remove signup, venv improvements, ansible bump 2025-11-17 15:31:36 -05:00
Bastian de Byl
9c9da4f47c Complete infrastructure migration from nginx + ModSecurity to Caddy 
This commit finalizes the comprehensive migration from nginx + ModSecurity + manual LetsEncrypt
to Caddy v2 with automatic HTTPS. The migration eliminates over 2000 lines of complex
configuration in favor of a single, simplified Caddyfile.

## Major Changes:

### Infrastructure Transformation
- **Web Server**: Replaced nginx with Caddy v2 for automatic HTTPS and simplified configuration
- **SSL/TLS**: Removed manual LetsEncrypt management, now fully automated by Caddy
- **Security**: Replaced ModSecurity WAF with Caddy's built-in security features
- **CI/CD**: Decommissioned Drone CI infrastructure completely

### Configuration Simplification
- **Before**: 20+ nginx site configs, ModSecurity rules, LetsEncrypt cron jobs
- **After**: Single Caddyfile with automatic HTTPS, security headers, and IP restrictions
- **Reduction**: 75% less configuration code while maintaining all functionality

### Files Added
- Caddy container deployment and configuration tasks
- Single Caddyfile template replacing all nginx configs
- Updated documentation (CLAUDE.md, TODO.md)

### Files Removed
- Complete nginx role and all site configurations (24 files)
- SSL role with LetsEncrypt management (6 files)
- Drone CI infrastructure (1 file)
- nginx static files and ModSecurity includes (2 files)

## Verified Functionality
All websites confirmed working with HTTPS certificates automatically provisioned:
- photos.bdebyl.net, parts.bdebyl.net, cloud.bdebyl.net
- wiki.skudakrennsport.com, cloud.skudakrennsport.com
- fulfillr.debyltech.com (with IP restrictions)
- Proper security headers and WebSocket support

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-09-11 20:38:45 -04:00
Bastian de Byl
0266439999 updated yamllint in ci 2023-07-24 15:25:47 -04:00
Bastian de Byl
872f2bda84 remove ansible-lint, fix service for skudak ddns container 2023-07-24 13:58:21 -04:00
Bastian de Byl
7fba5179c4 debyltech updates, satisfactory 2023-04-30 00:31:10 -04:00
Bastian de Byl
cb2001357f moved ddns, partkeepr, hass to podman, selinux 2022-04-30 03:44:55 -04:00
Bastian de Byl
78f8ce2c6f ansible lint additions, .yamllint.yml configuratuion 2022-04-12 01:43:26 -04:00
Bastian de Byl
9fbe473e3c added https parts site, video site, fixed modsecurity 2022-04-12 01:15:51 -04:00
Bastian de Byl
46940a6fa8 noticket Added 'list-tasks' make target 2020-10-07 22:59:41 -04:00
Bastian de Byl
17dd1fc372 noticket Changes from redeploy to new server 2020-10-07 22:46:13 -04:00
Bastian de Byl
304902fafe Fixed 'make vault' target 2020-09-25 23:40:28 -04:00
Bastian de Byl
189255db01 Updates with upstream yamllint ci pipeline 2020-09-25 15:48:17 -04:00
Bastian de Byl
f97ab7e6f3 Updated lint commands for CI 2020-09-25 14:22:54 -04:00
Bastian de Byl
ad349d1433 Makefile cleanup 2020-09-25 12:23:14 -04:00
Bastian de Byl
4ef5cc815f Fixed linting, ignore vault file for linting 2020-09-25 12:17:06 -04:00
Bastian de Byl
53f2868916 Implemented working version of drone w/nginx https 2020-09-24 22:52:33 -04:00
Bastian de Byl
e0abdbe506 Initial working commit 2020-09-24 21:06:56 -04:00