setting up graylog docker swarm services

dockerfiles/sslproxy/docker-compose.prod.yml

@@ -1,7 +0,0 @@
----
-version: '2'
-services:
-  app:
-    restart: always
-    volumes:
-      - /opt/shared/fileserver:/www/data:ro

dockerfiles/sslproxy/docker-compose.yml

@@ -1,5 +1,8 @@
 ---
-version: '2'
+# DOCKER_HOST=192.168.2.41:2376 docker-compose up -d
+# DOCKER_HOST=dkhost03:2376 docker stack deploy -c docker-compose.yml sslproxy
+
+version: '3'
 services:
   app:
     restart: always
@@ -11,5 +14,14 @@ services:
     volumes:
       - /etc/letsencrypt:/etc/letsencrypt:ro
     ports:
-#       - "80:80"
        - "443:443"
+
+    deploy:
+      mode: replicated
+      replicas: 1
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 10
+      labels:
+        net.xai-corp.sslproxy.description:  proxy ssl calls to non ssl containers

dockerfiles/sslproxy/host.conf

@@ -17,7 +17,7 @@ server {
 # git.xai-corp.net
 server {
     listen  443 ssl;
-    server_name git.xai-corp.net docker.dev;
+    server_name git.xai-corp.net;
     ssl_certificate     /etc/letsencrypt/live/git.xai-corp.net/cert.pem;
     ssl_certificate_key /etc/letsencrypt/live/git.xai-corp.net/privkey.pem;
 
@@ -33,7 +33,7 @@ server {
 # tripbuilder.xai-corp.net
 server {
     listen  443 ssl;
-    server_name tripbuilder.xai-corp.net docker.dev;
+    server_name tripbuilder.xai-corp.net;
     ssl_certificate     /etc/letsencrypt/live/tripbuilder.xai-corp.net/cert.pem;
     ssl_certificate_key /etc/letsencrypt/live/tripbuilder.xai-corp.net/privkey.pem;
 
@@ -48,7 +48,7 @@ server {
 # jenkins.xai-corp.net
 server {
     listen  443 ssl;
-    server_name jenkins.xai-corp.net docker.dev;
+    server_name jenkins.xai-corp.net;
     ssl_certificate     /etc/letsencrypt/live/jenkins.xai-corp.net/cert.pem;
     ssl_certificate_key /etc/letsencrypt/live/jenkins.xai-corp.net/privkey.pem;
 
@@ -64,9 +64,10 @@ server {
 # dkui.xai-corp.net
 server {
     listen  443 ssl;
-    server_name dkui.xai-corp.net docker.dev;
+    server_name dkui.xai-corp.net;
     ssl_certificate     /etc/letsencrypt/live/dkui.xai-corp.net/cert.pem;
     ssl_certificate_key /etc/letsencrypt/live/dkui.xai-corp.net/privkey.pem;
+
     #Strict-Transport-Security: max-age=15768000
     add_header Strict-Transport-Security "max-age=600; includeSubDomains" always;
 
@@ -77,10 +78,26 @@ server {
 
 }
 
+# logs.xai-corp.net
+server {
+    listen  443 ssl;
+    server_name logs.xai-corp.net;
+    ssl_certificate     /etc/letsencrypt/live/logs.xai-corp.net/cert.pem;
+    ssl_certificate_key /etc/letsencrypt/live/logs.xai-corp.net/privkey.pem;
+    #Strict-Transport-Security: max-age=15768000
+    #add_header Strict-Transport-Security "max-age=600; includeSubDomains" always;
+
+    location / {
+        proxy_set_header Connection $http_connection;
+        proxy_pass http://dkhost04.xai-corp.net:10090;
+    }
+
+}
+
 # sql.xai-corp.net
 server {
     listen  443 ssl;
-    server_name sql.xai-corp.net docker.dev;
+    server_name sql.xai-corp.net;
     ssl_certificate     /etc/letsencrypt/live/sql.xai-corp.net/cert.pem;
     ssl_certificate_key /etc/letsencrypt/live/sql.xai-corp.net/privkey.pem;
     #Strict-Transport-Security: max-age=15768000
@@ -95,7 +112,7 @@ server {
 # www.xai-corp.net
 server {
     listen  443 ssl;
-    server_name www.xai-corp.net xai-corp.net docker.dev;
+    server_name www.xai-corp.net xai-corp.net;
     ssl_certificate     /etc/letsencrypt/live/www.xai-corp.net/cert.pem;
     ssl_certificate_key /etc/letsencrypt/live/www.xai-corp.net/privkey.pem;
     #Strict-Transport-Security: max-age=15768000