update some sslproxy host files to use variables. This will allow nginx to start even if the upstream is not ready
This commit is contained in:
@@ -35,14 +35,14 @@ services:
|
|||||||
|
|
||||||
deploy:
|
deploy:
|
||||||
mode: replicated
|
mode: replicated
|
||||||
replicas: 1
|
replicas: 2
|
||||||
restart_policy:
|
restart_policy:
|
||||||
condition: any
|
condition: any
|
||||||
delay: 6s
|
delay: 6s
|
||||||
max_attempts: 3
|
max_attempts: 3
|
||||||
update_config:
|
update_config:
|
||||||
parallelism: 1
|
parallelism: 1
|
||||||
delay: 2s
|
delay: 5s
|
||||||
order: start-first
|
order: start-first
|
||||||
resources:
|
resources:
|
||||||
limits:
|
limits:
|
||||||
|
|||||||
@@ -1,13 +1,17 @@
|
|||||||
proxy_cache_path /data/nginx/cache/abcapi levels=1:2 keys_zone=abcapi:10m max_size=10g
|
proxy_cache_path /data/nginx/cache/abcapi levels=1:2 keys_zone=abcapi:10m max_size=10g
|
||||||
inactive=60m use_temp_path=off;
|
inactive=60m use_temp_path=off;
|
||||||
|
|
||||||
upstream abcapi_upstream {
|
#upstream abcapi_upstream {
|
||||||
server tasks.abc-api_nginx:8084;
|
# server tasks.abc-api_nginx:8084;
|
||||||
|
# server dkhost.xai-corp.net:8084 backup;
|
||||||
server dkhost.xai-corp.net:8084 backup;
|
#}
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
server {
|
||||||
|
# this is the internal Docker DNS, cache only for 30s
|
||||||
|
resolver 127.0.0.11 valid=30s;
|
||||||
|
|
||||||
|
set $backend http://tasks.abc-api_nginx:8084;
|
||||||
|
|
||||||
listen 443 ssl ipv6only=off;
|
listen 443 ssl ipv6only=off;
|
||||||
server_name abcapi.xai-corp.net;
|
server_name abcapi.xai-corp.net;
|
||||||
ssl_certificate /etc/letsencrypt/live/xai-corp.net/fullchain.pem;
|
ssl_certificate /etc/letsencrypt/live/xai-corp.net/fullchain.pem;
|
||||||
@@ -17,7 +21,7 @@ server {
|
|||||||
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains" always;
|
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains" always;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
proxy_pass http://abcapi_upstream;
|
proxy_pass $upstream_addr;
|
||||||
proxy_set_header Host $host; # required for docker client's sake
|
proxy_set_header Host $host; # required for docker client's sake
|
||||||
proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP
|
proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
|||||||
@@ -1,14 +1,17 @@
|
|||||||
proxy_cache_path /data/nginx/cache/dkui levels=1:2 keys_zone=dkui:10m max_size=10g
|
proxy_cache_path /data/nginx/cache/dkui levels=1:2 keys_zone=dkui:10m max_size=10g
|
||||||
inactive=60m use_temp_path=off;
|
inactive=60m use_temp_path=off;
|
||||||
|
|
||||||
upstream portainer_upstream {
|
#upstream portainer_upstream {
|
||||||
server tasks.dkui_app:9000;
|
# server tasks.dkui_app:9000;
|
||||||
|
#}
|
||||||
server dkhost.xai-corp.net:9000 backup;
|
|
||||||
}
|
|
||||||
|
|
||||||
# dkui.xai-corp.net
|
# dkui.xai-corp.net
|
||||||
server {
|
server {
|
||||||
|
# this is the internal Docker DNS, cache only for 30s
|
||||||
|
resolver 127.0.0.11 valid=30s;
|
||||||
|
|
||||||
|
set $backend http://tasks.dkui_app:9000;
|
||||||
|
|
||||||
# listen 443 ssl ipv6only=off;
|
# listen 443 ssl ipv6only=off;
|
||||||
listen 443 ssl;
|
listen 443 ssl;
|
||||||
server_name dkui.xai-corp.net;
|
server_name dkui.xai-corp.net;
|
||||||
@@ -25,7 +28,7 @@ server {
|
|||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
proxy_set_header X-Forwarded-Host $host;
|
proxy_set_header X-Forwarded-Host $host;
|
||||||
proxy_set_header X-Forwarded-Proto $scheme;
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
proxy_pass http://portainer_upstream;
|
proxy_pass $backend;
|
||||||
|
|
||||||
proxy_connect_timeout 3s;
|
proxy_connect_timeout 3s;
|
||||||
# proxy_next_upstream_timeout 1.5s;
|
# proxy_next_upstream_timeout 1.5s;
|
||||||
|
|||||||
@@ -1,5 +1,15 @@
|
|||||||
# fs.xai-corp.net
|
# fs.xai-corp.net
|
||||||
|
upstream fs_upstream {
|
||||||
|
server dkhost.xai-corp.net:8081;
|
||||||
|
# server dkhost.xai-corp.net:8084 backup;
|
||||||
|
}
|
||||||
|
|
||||||
server {
|
server {
|
||||||
|
# this is the internal Docker DNS, cache only for 30s
|
||||||
|
resolver 127.0.0.11 valid=30s;
|
||||||
|
|
||||||
|
set $backend http://dkhost.xai-corp.net:8081;
|
||||||
|
|
||||||
listen 443 ssl ipv6only=off;
|
listen 443 ssl ipv6only=off;
|
||||||
server_name fs.xai-corp.net;
|
server_name fs.xai-corp.net;
|
||||||
ssl_certificate /etc/letsencrypt/live/xai-corp.net/fullchain.pem;
|
ssl_certificate /etc/letsencrypt/live/xai-corp.net/fullchain.pem;
|
||||||
@@ -9,7 +19,7 @@ server {
|
|||||||
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains" always;
|
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains" always;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
proxy_pass http://dkhost.xai-corp.net:8081;
|
proxy_pass $backend;
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
@@ -1,12 +1,13 @@
|
|||||||
proxy_cache_path /data/nginx/cache/gitea levels=1:2 keys_zone=gitea:10m max_size=10g
|
proxy_cache_path /data/nginx/cache/gitea levels=1:2 keys_zone=gitea:10m max_size=10g
|
||||||
inactive=60m use_temp_path=off;
|
inactive=60m use_temp_path=off;
|
||||||
|
|
||||||
upstream gitea_upstream {
|
|
||||||
server dkhost.xai-corp.net:10080;
|
|
||||||
}
|
|
||||||
|
|
||||||
# git.xai-corp.net
|
# git.xai-corp.net
|
||||||
server {
|
server {
|
||||||
|
# this is the internal Docker DNS, cache only for 30s
|
||||||
|
resolver 127.0.0.11 valid=30s;
|
||||||
|
|
||||||
|
set $backend http://dkhost.xai-corp.net:10080;
|
||||||
|
|
||||||
listen 443 ipv6only=off;
|
listen 443 ipv6only=off;
|
||||||
listen [::]:43 ipv6only=on;
|
listen [::]:43 ipv6only=on;
|
||||||
server_name git.xai-corp.net;
|
server_name git.xai-corp.net;
|
||||||
@@ -17,6 +18,6 @@ server {
|
|||||||
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains" always;
|
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains" always;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
proxy_pass http://gitea_upstream;
|
proxy_pass $backend;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -3,6 +3,11 @@ proxy_cache_path /data/nginx/cache/jenkins levels=1:2 keys_zone=jenkins:10m max_
|
|||||||
|
|
||||||
# jenkins.xai-corp.net
|
# jenkins.xai-corp.net
|
||||||
server {
|
server {
|
||||||
|
# this is the internal Docker DNS, cache only for 30s
|
||||||
|
resolver 127.0.0.11 valid=30s;
|
||||||
|
|
||||||
|
set $backend http://dkhost.xai-corp.net:8080;
|
||||||
|
|
||||||
listen 443 ssl;
|
listen 443 ssl;
|
||||||
server_name jenkins.xai-corp.net;
|
server_name jenkins.xai-corp.net;
|
||||||
ssl_certificate /etc/letsencrypt/live/xai-corp.net/fullchain.pem;
|
ssl_certificate /etc/letsencrypt/live/xai-corp.net/fullchain.pem;
|
||||||
@@ -18,7 +23,7 @@ server {
|
|||||||
proxy_set_header X-Forwarded-Host $host;
|
proxy_set_header X-Forwarded-Host $host;
|
||||||
proxy_set_header X-Forwarded-Proto $scheme;
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
|
||||||
proxy_pass http://dkhost.xai-corp.net:8080;
|
proxy_pass $backend;
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user