diff --git a/dkhost.xai-corp.net.yml b/dkhost.xai-corp.net.yml index 3afee43..5cd6f2c 100644 --- a/dkhost.xai-corp.net.yml +++ b/dkhost.xai-corp.net.yml @@ -25,11 +25,12 @@ - proc - securityfs excluded_mountpoint_re: /[media/richard|run/user].* -# docker: -# init_config: -# instances: -# - url: "unix://var/run/docker.sock" -# new_tag_names: true + docker: + init_config: + instances: + - url: "unix://var/run/docker.sock" + new_tag_names: true + dockerhost: users: - dd-agent diff --git a/dockerfiles/jenkins/docker-compose.yml b/dockerfiles/jenkins/docker-compose.yml index acf133c..ffb864c 100644 --- a/dockerfiles/jenkins/docker-compose.yml +++ b/dockerfiles/jenkins/docker-compose.yml @@ -1,10 +1,11 @@ --- # DOCKER_HOST=192.168.2.41:2376 docker-compose up -d +# DOCKER_HOST=dkhost:2376 docker stack deploy -c docker-compose.yml jenkins -version: '2' +version: '3' services: app: - restart: always +# restart: always privileged: true image: "jenkins:alpine" @@ -12,4 +13,16 @@ services: - /var/lib/jenkins:/var/jenkins_home ports: - "8080:8080" - - "5001:5000" + - "50000:50000" + deploy: + mode: replicated + replicas: 1 + restart_policy: + condition: any + delay: "5s" + max_attempts: 1 + +networks: + default: + external: + name: prod-private diff --git a/dockerfiles/sslproxy/host.conf b/dockerfiles/sslproxy/host.conf index 9fb17f5..72cf86f 100644 --- a/dockerfiles/sslproxy/host.conf +++ b/dockerfiles/sslproxy/host.conf @@ -56,6 +56,12 @@ server { add_header Strict-Transport-Security "max-age=600; includeSubDomains" always; location / { + proxy_set_header Host $host:$server_port; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://dkhost.xai-corp.net:8080; } diff --git a/managed_setup.yml b/managed_setup.yml index 9dffe66..144bb64 100644 --- a/managed_setup.yml +++ b/managed_setup.yml @@ -35,6 +35,23 @@ - users_groups: - datadog_api_key: ca0faf176c4aedd4f547ed7cf85615eb + datadog_checks: + system: + init_config: [] + instances: [] + disk: + init_config: + instances: + - use_mount: yes + excluded_filesystems: + - sysfs + - cgroup + - tracefs + - debugfs + - proc + - securityfs + excluded_mountpoint_re: /[media/richard|run/user].* + - rsyslog: user: root diff --git a/managed_updates.yml b/managed_updates.yml index 830f3e0..8f22613 100644 --- a/managed_updates.yml +++ b/managed_updates.yml @@ -9,6 +9,23 @@ become: True vars: + datadog_api_key: ca0faf176c4aedd4f547ed7cf85615eb + datadog_checks: + system: + init_config: [] + instances: [] + disk: + init_config: + instances: + - use_mount: yes + excluded_filesystems: + - sysfs + - cgroup + - tracefs + - debugfs + - proc + - securityfs + excluded_mountpoint_re: /[media/richard|run/user].* roles: - _install_updates diff --git a/roles/dockerhost/tasks/fstab.yml b/roles/dockerhost/tasks/fstab.yml index e1ebf18..63ccc9d 100644 --- a/roles/dockerhost/tasks/fstab.yml +++ b/roles/dockerhost/tasks/fstab.yml @@ -13,5 +13,5 @@ dest: /etc/fstab insertafter: EOF regexp: '^#?{{ item.value.host }}' - line: '{{ item.value.host }} {{ item.value.mount }} glusterfs defaults,_netdev 0 0' + line: '{{ item.value.host }} {{ item.value.mount }} glusterfs direct-io-mode=disable,defaults,_netdev 0 0' with_dict: gluster