Nginx Domain Setup ๐Ÿš€ยถ

Descriptionยถ

This role bootstraps per-domain Nginx configuration: it requests TLS certificates, applies global modifiers, deploys a ready-made vHost file, and can optionally lock down access via OAuth2.

Overviewยถ

A higher-level orchestration wrapper, srv-proxy-6-6-domain ties together several lower-level roles:

  1. srv-web-7-7-inj-compose โ€“ applies global tweaks and includes.

  2. srv-web-6-6-tls-core โ€“ obtains Letโ€™s Encrypt certificates.

  3. Domain template deployment โ€“ copies a Jinja2 vHost from srv-proxy-7-4-core.

  4. web-app-oauth2-proxy (optional) โ€“ protects the site with OAuth2.

The result is a complete, reproducible domain rollout in a single playbook task.

Purposeยถ

Provide one-stop, idempotent domain provisioning for Nginx-based homelabs or small production environments.

Featuresยถ

  • End-to-end TLS โ€” certificate retrieval and secure headers included.

  • Template-driven vHosts โ€” choose basic or ws_generic flavours (or your own).

  • Conditional OAuth2 โ€” easily toggle authentication per application.

  • Handler-safe โ€” automatically triggers an Nginx reload when templates change.

  • Composable โ€” designed to be called repeatedly for many domains.

Credits ๐Ÿ“ยถ

Developed and maintained by Kevin Veen-Birkenbach.
Learn more at https://www.veen.world

Part of the CyMaIS Project โ€” licensed under the CyMaIS NonCommercial License (CNCL)