xai-corp.net/provisioning
1
0
Fork 0
Code Issues 9 Releases Activity

add abcapi to sslproxy

Browse Source
This commit is contained in:
richard
2017-12-31 13:00:40 -05:00
parent d6806a673e
commit 771dfabd69
9 changed files with 77 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
dockerfiles/services/letsencrypt/docker-compose-install.yml
View File

@@ -14,7 +14,7 @@ services:
- 83:80 - 83:80
# - 443:443 # - 443:443
volumes: volumes:
- /opt/shared/letsencrypt:/etc/letsencrypt - /opt/shared/letsencrypt-2:/etc/letsencrypt
environment: environment:
LETSENCRYPT_EMAIL: r_morgan@sympatico.ca LETSENCRYPT_EMAIL: r_morgan@sympatico.ca
LETSENCRYPT_HTTPS_ENABLED: "false" LETSENCRYPT_HTTPS_ENABLED: "false"
@@ -32,6 +32,7 @@ services:
LETSENCRYPT_DOMAIN9: office.xai-corp.net LETSENCRYPT_DOMAIN9: office.xai-corp.net
LETSENCRYPT_DOMAIN10: www.xai-corp.net LETSENCRYPT_DOMAIN10: www.xai-corp.net
LETSENCRYPT_DOMAIN11: mail.xai-corp.net LETSENCRYPT_DOMAIN11: mail.xai-corp.net
LETSENCRYPT_DOMAIN12: abcapi.xai-corp.net
command: command:
- install - install
- --expand - --expand

11
dockerfiles/services/letsencrypt/docker-compose-update.yml
View File

@@ -9,18 +9,19 @@ version: '3'
services: services:
updates: updates:
image: "dkregistry.xai-corp.net:5000/letsencrypt:latest" # image: "dkregistry.xai-corp.net:5000/letsencrypt:latest"
image: "blacklabelops/letsencrypt"
ports: ports:
- 83:80 - 83:80
# - 443:443 # - 443:443
volumes: volumes:
- /opt/shared/letsencrypt:/etc/letsencrypt - /opt/shared/letsencrypt-2:/etc/letsencrypt
environment: environment:
LETSENCRYPT_EMAIL: r_morgan@sympatico.ca LETSENCRYPT_EMAIL: r_morgan@sympatico.ca
LETSENCRYPT_HTTPS_ENABLED: "false" LETSENCRYPT_HTTPS_ENABLED: "false"
LETSENCRYPT_TESTCERT: "false" LETSENCRYPT_TESTCERT: "false"
LETSENCRYPT_DEBUG: "true" LETSENCRYPT_DEBUG: "true"
LETSENCRYPT_JOB_TIME: "0 1 */12 * * 0" LETSENCRYPT_JOB_TIME: "0 */30 * * * 0"
LETSENCRYPT_DOMAIN1: xai-corp.net LETSENCRYPT_DOMAIN1: xai-corp.net
LETSENCRYPT_DOMAIN2: git.xai-corp.net LETSENCRYPT_DOMAIN2: git.xai-corp.net
LETSENCRYPT_DOMAIN3: xaibox.xai-corp.net LETSENCRYPT_DOMAIN3: xaibox.xai-corp.net
@@ -32,6 +33,10 @@ services:
LETSENCRYPT_DOMAIN9: office.xai-corp.net LETSENCRYPT_DOMAIN9: office.xai-corp.net
LETSENCRYPT_DOMAIN10: www.xai-corp.net LETSENCRYPT_DOMAIN10: www.xai-corp.net
LETSENCRYPT_DOMAIN11: mail.xai-corp.net LETSENCRYPT_DOMAIN11: mail.xai-corp.net
LETSENCRYPT_DOMAIN12: abcapi.xai-corp.net
command:
- newcert
- --expand
deploy: deploy:
mode: replicated mode: replicated

12
dockerfiles/services/postgres/docker-compose.yml
View File

@@ -1,12 +0,0 @@
version: '2'
services:
postgres:
container_name: postgres-9.6
restart: always
image: "postgres:9.6-alpine"
volumes:
- /opt/shared/postgres/data:/data
ports:
- "5432:5432"
environment:
- POSTGRES_PASSWORD=alphapass1

3
dockerfiles/services/services/memcached/docker-compose.yml
View File

@@ -2,6 +2,7 @@
# docker-compose file for memcached # docker-compose file for memcached
# DOCKER_HOST=dkhost:2376 docker-compose up -d # DOCKER_HOST=dkhost:2376 docker-compose up -d
# DOCKER_HOST=dkhost:2376 docker stack deploy -c docker-compose.yml services # DOCKER_HOST=dkhost:2376 docker stack deploy -c docker-compose.yml services
# DOCKER_HOST=dkhost:2376 docker service ps services_memcached
version: '3' version: '3'
services: services:
@@ -16,7 +17,7 @@ services:
deploy: deploy:
mode: replicated mode: replicated
replicas: 1 replicas: 3
restart_policy: restart_policy:
condition: any condition: any
delay: "1s" delay: "1s"

32
dockerfiles/services/services/postgres/docker-compose.yml Normal file
View File

@@ -0,0 +1,32 @@
# DOCKER_HOST=dkhost:2376 docker stack deploy -c docker-compose.yml services
# DOCKER_HOST=dkhost:2376 docker service ps services_postgres
version: '3'
services:
postgres:
volumes:
- /opt/shared/postgres/data:/data
image: postgres:alpine
environment:
POSTGRES_PASSWORD: snqioxni1sw
POSTGRES_USER: xaicorp_admin
POSTGRES_DB: xaicorp_default
ports:
- 5432:5432
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: any
delay: "1s"
max_attempts: 1
resources:
limits:
cpus: '0.5'
memory: 128M
networks:
default:
external:
name: prod-private

19
dockerfiles/services/sslproxy/docker-compose-prod.yml
View File

@@ -1,18 +1,19 @@
--- ---
# DOCKER_HOST=192.168.2.41:2376 docker-compose up -d # DOCKER_HOST=192.168.2.41:2376 docker-compose up -d
# docker login dkregistry.xai-corp.net:5000 # docker login dkregistry.xai-corp.net:5000
# docker-compose build && docker push dkregistry.xai-corp.net:5000/sslproxy:2.0 # docker-compose build && docker push dkregistry.xai-corp.net:5000/sslproxy:2.1
# DOCKER_HOST=dkhost:2376 docker stack deploy --with-registry-auth -c docker-compose-prod.yml sslproxy # DOCKER_HOST=dkhost:2376 docker stack deploy --with-registry-auth -c docker-compose-prod.yml sslproxy
# DOCKER_HOST=dkhost:2376 docker stack ps sslproxy # DOCKER_HOST=dkhost:2376 docker stack ps sslproxy
version: '3' version: '3'
services: services:
app: app:
image: "dkregistry.xai-corp.net:5000/sslproxy:2.0" image: "dkregistry.xai-corp.net:5000/sslproxy:2.1"
volumes: volumes:
- /opt/shared/letsencrypt-2:/etc/letsencrypt:ro - /opt/shared/letsencrypt-2:/etc/letsencrypt:ro
ports: ports:
- "443:443" - "443:443"
- "80:80" # required for letsencrypt
# logging: # logging:
# driver: syslog # driver: syslog
@@ -37,7 +38,7 @@ services:
mode: global mode: global
restart_policy: restart_policy:
condition: any condition: any
delay: 5s delay: 6s
max_attempts: 10 max_attempts: 10
# update_config: # update_config:
# parallelism: 2 # parallelism: 2
@@ -50,3 +51,15 @@ services:
labels: labels:
net.xai-corp.sslproxy.description: proxy ssl calls to non ssl containers net.xai-corp.sslproxy.description: proxy ssl calls to non ssl containers
networks:
- ingress
- prod-private
networks:
ingress:
external:
name: ingress
prod-private:
external:
name: prod-private

4
dockerfiles/services/sslproxy/docker-compose.yml
View File

@@ -1,7 +1,7 @@
--- ---
# DOCKER_HOST=192.168.2.41:2376 docker-compose up -d # DOCKER_HOST=192.168.2.41:2376 docker-compose up -d
# docker login dkregistry.xai-corp.net:5000 # docker login dkregistry.xai-corp.net:5000
# docker-compose build && docker push dkregistry.xai-corp.net:5000/sslproxy:2.0 # docker-compose build && docker push dkregistry.xai-corp.net:5000/sslproxy:2.1
# DOCKER_HOST=dkhost:2376 docker stack deploy --with-registry-auth -c docker-compose.yml sslproxy # DOCKER_HOST=dkhost:2376 docker stack deploy --with-registry-auth -c docker-compose.yml sslproxy
# DOCKER_HOST=dkhost:2376 docker stack ps sslproxy # DOCKER_HOST=dkhost:2376 docker stack ps sslproxy
@@ -9,7 +9,7 @@ version: '3'
services: services:
app: app:
image: "dkregistry.xai-corp.net:5000/sslproxy:2.0" image: "dkregistry.xai-corp.net:5000/sslproxy:2.1"
build: build:
context: . context: .
dockerfile: Dockerfile dockerfile: Dockerfile

14
dockerfiles/services/sslproxy/hosts/abcapi.xai-corp.net.conf Normal file
View File

@@ -0,0 +1,14 @@
server {
listen 443 ssl ipv6only=off;
server_name abcapi.xai-corp.net;
ssl_certificate /etc/letsencrypt/live/xai-corp.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/xai-corp.net/privkey.pem;
#Strict-Transport-Security: max-age=15768000
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains" always;
location / {
proxy_pass http://abc-api_nginx;
}
}

1
roles/ns.xai-corp.net/templates/xai-corp.net.internal.j2
View File

@@ -61,4 +61,5 @@ xaibox IN CNAME dkhost
office IN CNAME dkhost office IN CNAME dkhost
www IN CNAME dkhost www IN CNAME dkhost
mail IN CNAME dkhost mail IN CNAME dkhost
abcapi IN CNAME dkhost
; xai-corp.net. IN CNAME dkhost ; xai-corp.net. IN CNAME dkhost