Remove whoami CDN

2026-01-22 18:07:05 +00:00 · 2025-12-03 23:30:13 +00:00 · 2025-12-03 23:30:13 +00:00 · efca6e351c
commit efca6e351c
parent 004df7acd8
6 changed files with 1 additions and 56 deletions
--- a/ansible/host_vars/casey/main.yml
+++ b/ansible/host_vars/casey/main.yml
@ -4,11 +4,6 @@ nginx_https_redirect: true
 certbot_certs:
  - domains:
      - headscale.jakehoward.tech
-  - domains:
-      - whoami-cdn.theorangeone.net
-
-cdn_domains:
-  - whoami-cdn.theorangeone.net

 restic_backup_locations:
  - /var/lib/headscale/
--- a/ansible/roles/gateway/files/nginx-cdn.conf
+++ b/ansible/roles/gateway/files/nginx-cdn.conf
@ -1,29 +0,0 @@
-# {{ ansible_managed }}
-
-proxy_cache_path /var/lib/nginx/cache levels=1:2 keys_zone=cdncache:20m max_size=1g inactive=48h;
-
-{% for domain in cdn_domains %}
-server {
-    listen 8800 ssl http2 proxy_protocol;
-
-    server_name {{ domain }};
-
-    ssl_certificate /etc/letsencrypt/live/{{ domain }}/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/{{ domain }}/privkey.pem;
-    ssl_trusted_certificate /etc/letsencrypt/live/{{ domain }}/chain.pem;
-
-    include includes/ssl.conf;
-
-    real_ip_header proxy_protocol;
-
-    set_real_ip_from 127.0.0.1;
-
-    proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;
-
-    location / {
-        proxy_cache cdncache;
-        add_header X-Cache-Status $upstream_cache_status;
-        proxy_pass https://{{ wireguard.clients.ingress.ip }}:443;
-    }
-}
-{% endfor %}
--- a/ansible/roles/gateway/files/nginx.conf
+++ b/ansible/roles/gateway/files/nginx.conf
@ -12,10 +12,6 @@ map $ssl_preread_server_name $gateway_destination {
    default                      {{ wireguard.clients.ingress.ip }}:8443;

    headscale.jakehoward.tech    127.0.0.1:8888;
-
-    {% for domain in cdn_domains %}
-    {{ domain }}  127.0.0.1:8800;
-    {% endfor %}
 }

 server {
--- a/ansible/roles/gateway/tasks/nginx.yml
+++ b/ansible/roles/gateway/tasks/nginx.yml
@ -5,13 +5,6 @@
    mode: "0644"
  register: nginx_config

- name: Install CDN config
-  template:
-    src: files/nginx-cdn.conf
-    dest: /etc/nginx/http.d/cdn.conf
-    mode: "0644"
-  register: nginx_config
-
 - name: Reload Nginx
  service:
    name: nginx
--- a/ansible/roles/pve_docker/files/whoami/docker-compose.yml
+++ b/ansible/roles/pve_docker/files/whoami/docker-compose.yml
@ -4,7 +4,7 @@ services:
    restart: unless-stopped
    labels:
      - traefik.enable=true
-      - traefik.http.routers.whoami.rule=Host(`whoami.theorangeone.net`) || Host(`whoami-cdn.theorangeone.net`) || Host(`who.0rng.one`)
+      - traefik.http.routers.whoami.rule=Host(`whoami.theorangeone.net`) || Host(`who.0rng.one`)
    networks:
      - default
      - traefik
--- a/terraform/theorangeone.net.tf
+++ b/terraform/theorangeone.net.tf
@ -22,16 +22,6 @@ resource "gandi_livedns_record" "theorangeonenet_whoami" {
  ]
 }

-resource "gandi_livedns_record" "theorangeonenet_whoami_cdn" {
-  zone = data.gandi_livedns_domain.theorangeonenet.id
-  name = "whoami-cdn"
-  type = "CNAME"
-  ttl  = 3600
-  values = [
-    "${gandi_livedns_record.sys_domain_pve.name}.${gandi_livedns_record.sys_domain_pve.zone}."
-  ]
-}
-
 resource "gandi_livedns_record" "theorangeonenet_mx" {
  zone = data.gandi_livedns_domain.theorangeonenet.id
  name = "@"