fix build and deploy of sslproxy
This commit is contained in:
@@ -2,3 +2,4 @@ FROM nginx:alpine
|
||||
|
||||
COPY ./nginx.conf /etc/nginx/nginx.conf
|
||||
COPY ./hosts /etc/nginx/conf.d/
|
||||
RUN rm /etc/nginx/conf.d/default.conf
|
||||
|
||||
@@ -77,8 +77,8 @@ function assertTeapot() {
|
||||
build_save() {
|
||||
echo push to registry
|
||||
|
||||
docker tag $LOCAL_IMAGE $REMOTE_IMAGE
|
||||
docker push $REMOTE_IMAGE
|
||||
docker tag "$LOCAL_IMAGE:$TAG" "$REMOTE_IMAGE"
|
||||
docker push "$REMOTE_IMAGE"
|
||||
}
|
||||
|
||||
function trap_exit() {
|
||||
|
||||
@@ -4,7 +4,7 @@ set -e
|
||||
|
||||
LOCAL_IMAGE=sslproxy
|
||||
TAG=2.2.${BUILD_NUMBER:-dev}
|
||||
TAG=2.1
|
||||
#TAG=2.1
|
||||
REMOTE_IMAGE=dkregistry.xai-corp.net:5000/${LOCAL_IMAGE}:${TAG}
|
||||
APP_NAME=sslproxy_app
|
||||
|
||||
@@ -25,10 +25,10 @@ function deploy() {
|
||||
-c docker-compose.prod.yml \
|
||||
sslproxy
|
||||
|
||||
docker stack ps sslproxy
|
||||
|
||||
sleep 2
|
||||
docker service ps --filter "desired-state=Running" sslproxy_app
|
||||
docker stack ps sslproxy
|
||||
# docker service ps --filter "desired-state=Running" sslproxy_app
|
||||
|
||||
wait_for_completed
|
||||
}
|
||||
@@ -41,6 +41,7 @@ wait_for_completed() {
|
||||
sleep 3
|
||||
state=$(docker service inspect sslproxy_app | jq -r .[0].UpdateStatus.State)
|
||||
done
|
||||
sleep 5
|
||||
}
|
||||
|
||||
function deploy_test() {
|
||||
@@ -57,8 +58,8 @@ function deploy_test() {
|
||||
|
||||
function deploy_save() {
|
||||
#tag as latest
|
||||
docker tag "$REMOTE_IMAGE" latest
|
||||
docker push latest
|
||||
docker tag "$REMOTE_IMAGE" "${REMOTE_IMAGE//${TAG}/latest}"
|
||||
docker push "${REMOTE_IMAGE//${TAG}/latest}"
|
||||
}
|
||||
|
||||
dc() {
|
||||
|
||||
@@ -1,3 +1,8 @@
|
||||
ARGS - The arguments you wish to provide to this command
|
||||
-d deploy
|
||||
-t test the deployment
|
||||
-s mark the deployment as complete
|
||||
|
||||
TODO: Fill out the help information for this command.
|
||||
Environment Variables:
|
||||
|
||||
BUILD_NUMBER : is used in the image tag 2.2.$BUILD_NUMBER
|
||||
DOCKER_HOST
|
||||
|
||||
@@ -1 +1 @@
|
||||
ARGS...
|
||||
[-d][-t][-s]
|
||||
|
||||
@@ -3,9 +3,13 @@ set -e
|
||||
|
||||
export DOCKER_HOST=${DOCKER_HOST:-'dkhost:2376'}
|
||||
|
||||
#docker exec $@
|
||||
container=$(docker ps -qn1)
|
||||
# shellcheck disable=SC2068
|
||||
docker exec -it "$container" $@
|
||||
#docker network inspect ingress
|
||||
|
||||
#docker service $@
|
||||
|
||||
docker $@
|
||||
#docker $@
|
||||
|
||||
#wget --no-check-certificate --spider -S --header='Host: abcapi.xai-corp.net' https://localhost/
|
||||
|
||||
26
dockerfiles/services/sslproxy/cli/inspect
Executable file
26
dockerfiles/services/sslproxy/cli/inspect
Executable file
@@ -0,0 +1,26 @@
|
||||
#!/usr/bin/env bash
|
||||
set -e
|
||||
|
||||
export DOCKER_HOST=${DOCKER_HOST:-'dkhost:2376'}
|
||||
|
||||
#container=$(docker service ps -q --filter "desired-state=Running" sslproxy_app | head -n 1)
|
||||
|
||||
inspect_service() {
|
||||
docker service ps --filter "desired-state=Running" sslproxy_app
|
||||
}
|
||||
|
||||
inspect_stack() {
|
||||
docker stack ps --filter "desired-state=Running" sslproxy
|
||||
}
|
||||
|
||||
inspect_containers() {
|
||||
docker ps -n2
|
||||
}
|
||||
|
||||
if [ "$1" == "service" ]; then
|
||||
inspect_service
|
||||
elif [ "$1" == "stack" ]; then
|
||||
inspect_stack
|
||||
else
|
||||
inspect_containers
|
||||
fi
|
||||
3
dockerfiles/services/sslproxy/cli/inspect.help
Normal file
3
dockerfiles/services/sslproxy/cli/inspect.help
Normal file
@@ -0,0 +1,3 @@
|
||||
ARGS - The arguments you wish to provide to this command
|
||||
|
||||
TODO: Fill out the help information for this command.
|
||||
1
dockerfiles/services/sslproxy/cli/inspect.usage
Normal file
1
dockerfiles/services/sslproxy/cli/inspect.usage
Normal file
@@ -0,0 +1 @@
|
||||
ARGS...
|
||||
@@ -7,6 +7,10 @@ services:
|
||||
build:
|
||||
context: .
|
||||
dockerfile: Dockerfile
|
||||
volumes: []
|
||||
networks:
|
||||
- prod_ui
|
||||
- prod_tasks
|
||||
|
||||
|
||||
mock:
|
||||
@@ -14,13 +18,29 @@ services:
|
||||
volumes:
|
||||
- ./test.conf:/etc/nginx/nginx.conf
|
||||
networks:
|
||||
default:
|
||||
prod_ui:
|
||||
aliases:
|
||||
- abc-api_nginx
|
||||
- dkui_app
|
||||
- abc-api_nginx
|
||||
- gitea_app
|
||||
- jenkins_app
|
||||
- sslproxy_renew
|
||||
- xaibox_app
|
||||
prod_app:
|
||||
aliases:
|
||||
- xaibox_app
|
||||
- abc-api_nginx
|
||||
prod_tasks:
|
||||
aliases:
|
||||
- sslproxy_renew
|
||||
prod_ingress:
|
||||
aliases:
|
||||
- xaibox.xai-corp.net
|
||||
- xai-corp.net
|
||||
|
||||
|
||||
networks:
|
||||
prod_ui:
|
||||
prod_tasks:
|
||||
prod_app:
|
||||
prod_ingress:
|
||||
|
||||
|
||||
@@ -20,11 +20,11 @@ services:
|
||||
- "80:80" # required for letsencrypt
|
||||
|
||||
# healthcheck:
|
||||
# test: ["CMD", "wget", "--spider", "'Host: dkui.xai-corp.net'", "https://localhost/"]
|
||||
# test: ["CMD", "wget", "--spider", "--no-check-certificate", "--header", "Host: dkui.xai-corp.net", "https://localhost/"]
|
||||
# interval: 10s
|
||||
# timeout: 5s
|
||||
# timeout: 2s
|
||||
# retries: 3
|
||||
# start_period: 10s
|
||||
# start_period: 5s
|
||||
|
||||
logging:
|
||||
driver: fluentd
|
||||
@@ -54,8 +54,12 @@ services:
|
||||
|
||||
networks:
|
||||
- prod_ui
|
||||
- prod_tasks
|
||||
|
||||
networks:
|
||||
prod_ui:
|
||||
external:
|
||||
name: prod_ui
|
||||
prod_tasks:
|
||||
external:
|
||||
name: prod_tasks
|
||||
|
||||
@@ -14,6 +14,8 @@ services:
|
||||
- certbot
|
||||
- certonly
|
||||
- --standalone
|
||||
networks:
|
||||
- prod_tasks:
|
||||
|
||||
certificates:
|
||||
image: ${LETSENCRYPT_IMAGE}
|
||||
@@ -33,3 +35,11 @@ services:
|
||||
- ${LETSENCRYPT_MOUNT}:/etc/letsencrypt
|
||||
ports:
|
||||
- 80:80
|
||||
|
||||
networks:
|
||||
prod_ui:
|
||||
external:
|
||||
name: prod_ui
|
||||
prod_tasks:
|
||||
external:
|
||||
name: prod_tasks
|
||||
|
||||
@@ -15,8 +15,6 @@ services:
|
||||
image: ${LOCAL_IMAGE}:${TAG}
|
||||
volumes:
|
||||
- ./certs:/etc/letsencrypt
|
||||
- ./hosts:/etc/nginx/conf.d:ro
|
||||
- ./nginx.conf:/etc/nginx/nginx.conf
|
||||
- cache:/data/nginx/cache
|
||||
ports:
|
||||
- 443:443
|
||||
|
||||
@@ -3,12 +3,12 @@ proxy_cache_path /data/nginx/cache/gitea levels=1:2 keys_zone=gitea:10m max_size
|
||||
|
||||
# git.xai-corp.net
|
||||
server {
|
||||
listen 443;
|
||||
server_name git.xai-corp.net;
|
||||
|
||||
# this is the internal Docker DNS, cache only for 30s
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
|
||||
listen 443 ssl;
|
||||
server_name git.xai-corp.net;
|
||||
|
||||
set $backend http://gitea_app:3000;
|
||||
#set $backend http://dkhost.xai-corp.net:10080;
|
||||
|
||||
|
||||
@@ -19,14 +19,14 @@ server {
|
||||
|
||||
# this is the internal Docker DNS, cache only for 30s
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend http://xaibox.xai-corp.net:8083;
|
||||
set $backend http://xaibox_app;
|
||||
|
||||
#Strict-Transport-Security: max-age=15768000
|
||||
add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always;
|
||||
|
||||
location / {
|
||||
proxy_set_header Connection $http_connection;
|
||||
proxy_set_header Host $host:$server_port;
|
||||
proxy_set_header Host xaibox.xai-corp.net:$server_port;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
|
||||
Reference in New Issue
Block a user