From e5e4c273a33a333b4bfa83c34678412eaddacaca Mon Sep 17 00:00:00 2001
From: =?utf8?q?Oliver=20B=C3=B6ttcher?= <oliver.boettcher@pixelpark.com>
Date: Mon, 11 Sep 2017 12:06:53 +0200
Subject: [PATCH] PIXELPARK - proxy for tower

---
 customer/pixelpark/deploy.pixelpark.com.yaml | 23 ++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/customer/pixelpark/deploy.pixelpark.com.yaml b/customer/pixelpark/deploy.pixelpark.com.yaml
index 4f6a50ea..66416542 100644
--- a/customer/pixelpark/deploy.pixelpark.com.yaml
+++ b/customer/pixelpark/deploy.pixelpark.com.yaml
@@ -3,6 +3,10 @@ infra::role: base_for_old_systems
 infra::additional_classes:
   - accounts
   - logstash
+  - infra::profile::apache
+  - apache::mod::proxy_http
+  - apache::mod::headers
+
 
 python::dev: true
 infra::profile::ansible::optional_packages:
@@ -16,3 +20,22 @@ logstash::generic_resource:
     parameters:
       path: '/var/log/ansible/*.log'
       type: ansible-log
+
+infra::profile::apache::pp_vhosts:
+  int-kampagnen:
+    servername: deploy.pixelpark.com
+    docroot: /var/www/html
+    ssl: true
+    cert_servername: 'wildcard.pixelpark.net'
+    cert_customer: 'pixelpark'
+    ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
+    ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem'
+    ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
+    proxy_preserve_host: true
+    rewrites_non_ssl:
+      - https:
+        comment: 'all to https'
+        rewrite_rule:
+          - '^(.*)$ https://deploy.pixelpark.com$1 [L,R=301]'
+    proxy_pass:
+      - { path: /, url: 'http://localhost:9090/' }
-- 
2.39.5