/rproxy-ansible

Reverse proxy, Wireguard, and DDNS server setup playbook

Primary LanguageJinja

rProxy Ansible

Features

  • Nginx Reverse Proxy
    • Generates wildcard certificate for domain with automatic renewal
    • Full end to end encryption between (host -> reverse proxy -> app)
    • Downstream apps can perform Let's Encrypt certificate renewals through reverse proxy
  • Dynamic DNS with AWS
  • Wireguard VPN
    • Easy client management

Install

  1. Create AWS user with programmatic access and the following policy permissions:

    aws-ddns

    route53:ChangeResourceRecordSets
route53:ListResourceRecordSets

    certbot

    route53:ListHostedZones
route53:GetChange
route53:ChangeResourceRecordSets

  2. make encrypt_string to encrypt Wireguard client private keys for hosts.yml

  3. Update variables in hosts.yml

  4. Update variables in vault.yml

  5. make vault to encrypt vault.yml

  6. make install to run playbook