revert changes

53a771af · David Ivey · 1c3010df · 53a771af · 53a771af · 53a771af
Commit 53a771af authored 5 years ago by David Ivey
--- a/apps/public/haproxy/configure-haproxy.sls
+++ b/apps/public/haproxy/configure-haproxy.sls
@@ -11,7 +11,6 @@ set_up_ssl:
    - creates: /etc/letsencrypt/live/graylog.cybbh.space/fullchain.pem
    - creates: /etc/letsencrypt/live/register.cybbh.space/fullchain.pem
    - creates: /etc/letsencrypt/live/status.cybbh.space/fullchain.pem
-    - creates: /etc/letsencrypt/live/csat.cybbh.space/fullchain.pem

 /etc/haproxy/haproxy.cfg:
  file.managed:
@@ -42,8 +41,3 @@ systemctl stop haproxy.service && letsencrypt renew --agree-tos && cat /etc/lets
  cron.present:
    - minute: 45
    - hour: 6
-
-systemctl stop haproxy.service && letsencrypt renew --agree-tos && cat /etc/letsencrypt/live/csat.cybbh.space/fullchain.pem /etc/letsencrypt/live/csat.cybbh.space/privkey.pem > /etc/letsencrypt/live/csat.cybbh.space/master.pem && systemctl start haproxy.service:
-  cron.present:
-    - minute: 45
-    - hour: 6
--- a/apps/public/haproxy/files/haproxy.cfg
+++ b/apps/public/haproxy/files/haproxy.cfg
@@ -41,7 +41,7 @@ defaults

 frontend tls_termination
  mode http
-  bind 192.168.200.4:443 ssl crt /etc/letsencrypt/live/git.cybbh.space/master.pem crt /etc/letsencrypt/live/status.cybbh.space/master.pem crt /etc/letsencrypt/live/csat.cybbh.space/master.pem
+  bind 192.168.200.4:443 ssl crt /etc/letsencrypt/live/git.cybbh.space/master.pem crt /etc/letsencrypt/live/status.cybbh.space/master.pem
  bind 192.168.200.4:9000 ssl crt /etc/letsencrypt/live/graylog.cybbh.space/master.pem ca-file /etc/ssl/certs/dod-root-certs.pem verify required
  reqadd  X-Forwarded-Proto:\ https
  http-response set-header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
@@ -72,14 +72,6 @@ backend graylog_https
  option  tcplog
  server graylog.cybbh.space 192.168.200.11:9000 check inter 2000 rise 2 fall 5

-backend csat_https
-  mode http
-  http-request  set-header X-Forwarded-Proto https if { ssl_fc }
-  balance roundrobin
-  option  tcpka
-  option  tcplog
-  server csat.cybbh.space 192.168.200.14:443 check inter 2000 rise 2 fall 5
-
 listen gitlab_ssh
  bind 192.168.200.4:22
  mode tcp

--- a/apps/public/haproxy/files/mkcert.sh
+++ b/apps/public/haproxy/files/mkcert.sh
@@ -19,8 +19,3 @@ systemctl stop haproxy.service
 letsencrypt certonly -d status.cybbh.space --agree-tos --email {{ letsencrypt_email }}
 cat /etc/letsencrypt/live/status.cybbh.space/fullchain.pem /etc/letsencrypt/live/status.cybbh.space/privkey.pem > /etc/letsencrypt/live/status.cybbh.space/master.pem
 systemctl start haproxy.service
-
-systemctl stop haproxy.service
-letsencrypt certonly -d csat.cybbh.space --agree-tos --email {{ letsencrypt_email }}
-cat /etc/letsencrypt/live/csat.cybbh.space/fullchain.pem /etc/letsencrypt/live/csat.cybbh.space/privkey.pem > /etc/letsencrypt/live/csat.cybbh.space/master.pem
-systemctl start haproxy.service