Automating web applications proxying, DNS registration and TLS termination with ansible

For the needs of an incoming project, that I’ll describe in a later post, I needed to automate public access configuration for existing web applications. In other words, I needed to automate, proxy vhost configuration, tls termination and dns registration on a given domain. What is presented here has been used on a simple libvirt/KVM architecture (managed as described in my latest post).

The workflow is this one:

  • deploy the DNS entry
  • deploy nginx vhost for the given webapp and domain name (allowing access to .well-known directory for letsencrypt http based authentication and authorization)
  • ask for letsencrypt certificate
  • retrieve certificate and configure tcp/443 vhost with tls

Here are the components I used:

[Read More]