ansible: Make domain configurable

ansible/hosts

@@ -7,7 +7,5 @@ motis:
     spline-vm-motis:
       ansible_user: root
       ansible_host: vm-motis.spline.de
-      cert_domains:
-        - transitous.jbb.ghsq.de
-        - api.transitous.jbb.ghsq.de
-      email: [email protected]
+      transitous_nginx_site_include_extra: /etc/ssl/routing.spline.inf.fu-berlin.de/include.nginx
+      transitous_domain: routing.spline.de

ansible/roles/motis/files/config.ini

@@ -20,6 +20,7 @@ host=127.0.0.1
 [import]
 #paths=osm:europe-latest.osm.pbf
 paths=osm:berlin-latest.osm.pbf
+paths=schedule-de-longdistance:de-longdistance.fixed.zip
 paths=schedule-de-berlin:vbb.fixed.zip
 paths=schedule-lv-pv:pv.zip
 paths=schedule-lv-rigas-satiksme:improved-gtfs-satiksme.zip

ansible/roles/motis/tasks/main.yml

@@ -8,7 +8,7 @@
 
 - name: Unpack MOTIS
   unarchive:
-    src: https://github.com/motis-project/motis/releases/download/v0.11.16/motis-linux-amd64.tar.bz2
+    src: https://github.com/motis-project/motis/releases/download/v0.11.17/motis-linux-amd64.tar.bz2
     dest: /opt/
     remote_src: yes
 

ansible/roles/nginx/tasks/main.yml

@@ -10,44 +10,16 @@
   systemd:
     name: nginx.service
     state: started
-#
-# - name: Install certbot
-#   apt:
-#     name: certbot
-#
-# - name: Check if certificate already exists.
-#   stat:
-#     path: /etc/letsencrypt/live/{{ cert_domains | first | replace('*.', '') }}/cert.pem
-#   register: letsencrypt_cert
-#
-# - name: Generate new certificate if one doesn't exist.
-#   command: >-
-#     certbot certonly --noninteractive --agree-tos --dry-run
-#     --email {{ email }}
-#     -w /var/www/html/
-#     -d {{ cert_domains | join(',') }}
-#     --webroot
-#     --expand
-#   when: not letsencrypt_cert.stat.exists
-#
-# - name: Enable automatic certificate renewal
-#   service:
-#     name: certbot.timer
-#     enabled: true
-#     masked: false
 
 - name: Install nginx config
   copy:
     src: nginx.conf
     dest: /etc/nginx/nginx.conf
 
 - name: Install site config
-  copy:
-    src: "{{ item }}.conf"
-    dest: "/etc/nginx/sites-available/{{ item }}.conf"
-  with_items:
-    - transitous.jbb.ghsq.de
-    - api.transitous.jbb.ghsq.de
+  template:
+    src: "transitous.conf.j2"
+    dest: "/etc/nginx/sites-available/transitous.conf"
 
 - name: Disable default site configuration
   file:
@@ -56,12 +28,9 @@
 
 - name: Enable nginx sites
   file:
-    src: "/etc/nginx/sites-available/{{ item }}.conf"
-    dest: "/etc/nginx/sites-enabled/{{ item }}.conf"
+    src: "/etc/nginx/sites-available/transitous.conf"
+    dest: "/etc/nginx/sites-enabled/transitous.conf"
     state: link
-  with_items:
-    - transitous.jbb.ghsq.de
-    - api.transitous.jbb.ghsq.de
 
 - name: Reload nginx
   systemd:

ansible/roles/nginx/templates/transitous.conf.j2

@@ -0,0 +1,28 @@
+# SPDX-FileCopyrightText: 2024 Jonah Brüchert <jbb@kaidan.im>
+#
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+server {
+    listen 443 http2 ssl;
+    listen [::]:443 http2 ssl;
+
+    include '{{ transitous_nginx_site_include_extra }}';
+
+    server_name {{ transitous_domain }};
+
+    location ~ ^/$ {
+        if ($arg_motis != https%3A%2F{{ transitous_domain }}%2Fapi) {
+                return 301 https://$host?motis=https%3A%2F{{ transitous_domain }}%2Fapi;
+        }
+
+        root /opt/motis/web/;
+    }
+
+    location / {
+        root /opt/motis/web/;
+    }
+
+    location /api/ {
+        proxy_pass http://localhost:8080/;
+    }
+}