PIXELPARK - proxy for tower

diff --git a/customer/pixelpark/deploy.pixelpark.com.yaml b/customer/pixelpark/deploy.pixelpark.com.yaml
index 4f6a50ea43041c01fa6cbf69837b235b8e0272fc..66416542ad0b940c10d179b71289fe0e957517ea 100644 (file)
--- a/customer/pixelpark/deploy.pixelpark.com.yaml
+++ b/customer/pixelpark/deploy.pixelpark.com.yaml
@@ -3,6 +3,10 @@ infra::role: base_for_old_systems
 infra::additional_classes:
   - accounts
   - logstash
+  - infra::profile::apache
+  - apache::mod::proxy_http
+  - apache::mod::headers
+
 
 python::dev: true
 infra::profile::ansible::optional_packages:
@@ -16,3 +20,22 @@ logstash::generic_resource:
     parameters:
       path: '/var/log/ansible/*.log'
       type: ansible-log
+
+infra::profile::apache::pp_vhosts:
+  int-kampagnen:
+    servername: deploy.pixelpark.com
+    docroot: /var/www/html
+    ssl: true
+    cert_servername: 'wildcard.pixelpark.net'
+    cert_customer: 'pixelpark'
+    ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
+    ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem'
+    ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
+    proxy_preserve_host: true
+    rewrites_non_ssl:
+      - https:
+        comment: 'all to https'
+        rewrite_rule:
+          - '^(.*)$ https://deploy.pixelpark.com$1 [L,R=301]'
+    proxy_pass:
+      - { path: /, url: 'http://localhost:9090/' }