xai-corp.net/provisioning
1
0
Fork 0
Code Issues 9 Releases Activity

add abcapi to sslproxy

Browse Source
This commit is contained in:
richard
2017-12-31 13:00:40 -05:00
parent d6806a673e
commit 771dfabd69
9 changed files with 77 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
dockerfiles/services/letsencrypt/docker-compose-install.yml
View File

@@ -14,7 +14,7 @@ services:
- 83:80
# - 443:443
volumes:
- /opt/shared/letsencrypt:/etc/letsencrypt
- /opt/shared/letsencrypt-2:/etc/letsencrypt
environment:
LETSENCRYPT_EMAIL: r_morgan@sympatico.ca
LETSENCRYPT_HTTPS_ENABLED: "false"
@@ -32,6 +32,7 @@ services:
LETSENCRYPT_DOMAIN9: office.xai-corp.net
LETSENCRYPT_DOMAIN10: www.xai-corp.net
LETSENCRYPT_DOMAIN11: mail.xai-corp.net
LETSENCRYPT_DOMAIN12: abcapi.xai-corp.net
command:
- install
- --expand

11
dockerfiles/services/letsencrypt/docker-compose-update.yml
View File

@@ -9,18 +9,19 @@ version: '3'
services:
updates:
image: "dkregistry.xai-corp.net:5000/letsencrypt:latest"
# image: "dkregistry.xai-corp.net:5000/letsencrypt:latest"
image: "blacklabelops/letsencrypt"
ports:
- 83:80
# - 443:443
volumes:
- /opt/shared/letsencrypt:/etc/letsencrypt
- /opt/shared/letsencrypt-2:/etc/letsencrypt
environment:
LETSENCRYPT_EMAIL: r_morgan@sympatico.ca
LETSENCRYPT_HTTPS_ENABLED: "false"
LETSENCRYPT_TESTCERT: "false"
LETSENCRYPT_DEBUG: "true"
LETSENCRYPT_JOB_TIME: "0 1 */12 * * 0"
LETSENCRYPT_JOB_TIME: "0 */30 * * * 0"
LETSENCRYPT_DOMAIN1: xai-corp.net
LETSENCRYPT_DOMAIN2: git.xai-corp.net
LETSENCRYPT_DOMAIN3: xaibox.xai-corp.net
@@ -32,6 +33,10 @@ services:
LETSENCRYPT_DOMAIN9: office.xai-corp.net
LETSENCRYPT_DOMAIN10: www.xai-corp.net
LETSENCRYPT_DOMAIN11: mail.xai-corp.net
LETSENCRYPT_DOMAIN12: abcapi.xai-corp.net
command:
- newcert
- --expand
deploy:
mode: replicated

12
dockerfiles/services/postgres/docker-compose.yml
View File

@@ -1,12 +0,0 @@
version: '2'
services:
postgres:
container_name: postgres-9.6
restart: always
image: "postgres:9.6-alpine"
volumes:
- /opt/shared/postgres/data:/data
ports:
- "5432:5432"
environment:
- POSTGRES_PASSWORD=alphapass1

3
dockerfiles/services/services/memcached/docker-compose.yml
View File

@@ -2,6 +2,7 @@
# docker-compose file for memcached
# DOCKER_HOST=dkhost:2376 docker-compose up -d
# DOCKER_HOST=dkhost:2376 docker stack deploy -c docker-compose.yml services
# DOCKER_HOST=dkhost:2376 docker service ps services_memcached
version: '3'
services:
@@ -16,7 +17,7 @@ services:
deploy:
mode: replicated
replicas: 1
replicas: 3
restart_policy:
condition: any
delay: "1s"

32
dockerfiles/services/services/postgres/docker-compose.yml Normal file
View File

@@ -0,0 +1,32 @@
# DOCKER_HOST=dkhost:2376 docker stack deploy -c docker-compose.yml services
# DOCKER_HOST=dkhost:2376 docker service ps services_postgres
version: '3'
services:
postgres:
volumes:
- /opt/shared/postgres/data:/data
image: postgres:alpine
environment:
POSTGRES_PASSWORD: snqioxni1sw
POSTGRES_USER: xaicorp_admin
POSTGRES_DB: xaicorp_default
ports:
- 5432:5432
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: any
delay: "1s"
max_attempts: 1
resources:
limits:
cpus: '0.5'
memory: 128M
networks:
default:
external:
name: prod-private

19
dockerfiles/services/sslproxy/docker-compose-prod.yml
View File

@@ -1,18 +1,19 @@
---
# DOCKER_HOST=192.168.2.41:2376 docker-compose up -d
# docker login dkregistry.xai-corp.net:5000
# docker-compose build && docker push dkregistry.xai-corp.net:5000/sslproxy:2.0
# docker-compose build && docker push dkregistry.xai-corp.net:5000/sslproxy:2.1
# DOCKER_HOST=dkhost:2376 docker stack deploy --with-registry-auth -c docker-compose-prod.yml sslproxy
# DOCKER_HOST=dkhost:2376 docker stack ps sslproxy
version: '3'
services:
app:
image: "dkregistry.xai-corp.net:5000/sslproxy:2.0"
image: "dkregistry.xai-corp.net:5000/sslproxy:2.1"
volumes:
- /opt/shared/letsencrypt-2:/etc/letsencrypt:ro
ports:
- "443:443"
- "80:80" # required for letsencrypt
# logging:
# driver: syslog
@@ -37,7 +38,7 @@ services:
mode: global
restart_policy:
condition: any
delay: 5s
delay: 6s
max_attempts: 10
# update_config:
# parallelism: 2
@@ -50,3 +51,15 @@ services:
labels:
net.xai-corp.sslproxy.description: proxy ssl calls to non ssl containers
networks:
- ingress
- prod-private
networks:
ingress:
external:
name: ingress
prod-private:
external:
name: prod-private

4
dockerfiles/services/sslproxy/docker-compose.yml
View File

@@ -1,7 +1,7 @@
---
# DOCKER_HOST=192.168.2.41:2376 docker-compose up -d
# docker login dkregistry.xai-corp.net:5000
# docker-compose build && docker push dkregistry.xai-corp.net:5000/sslproxy:2.0
# docker-compose build && docker push dkregistry.xai-corp.net:5000/sslproxy:2.1
# DOCKER_HOST=dkhost:2376 docker stack deploy --with-registry-auth -c docker-compose.yml sslproxy
# DOCKER_HOST=dkhost:2376 docker stack ps sslproxy
@@ -9,7 +9,7 @@ version: '3'
services:
app:
image: "dkregistry.xai-corp.net:5000/sslproxy:2.0"
image: "dkregistry.xai-corp.net:5000/sslproxy:2.1"
build:
context: .
dockerfile: Dockerfile

14
dockerfiles/services/sslproxy/hosts/abcapi.xai-corp.net.conf Normal file
View File

@@ -0,0 +1,14 @@
server {
listen 443 ssl ipv6only=off;
server_name abcapi.xai-corp.net;
ssl_certificate /etc/letsencrypt/live/xai-corp.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/xai-corp.net/privkey.pem;
#Strict-Transport-Security: max-age=15768000
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains" always;
location / {
proxy_pass http://abc-api_nginx;
}
}

1
roles/ns.xai-corp.net/templates/xai-corp.net.internal.j2
View File

@@ -61,4 +61,5 @@ xaibox IN CNAME dkhost
office IN CNAME dkhost
www IN CNAME dkhost
mail IN CNAME dkhost
abcapi IN CNAME dkhost
; xai-corp.net. IN CNAME dkhost