switch sslproxy and fluentd to global service so each host runs one container.

build own image for letsencrypt, and tweek update job runtime.
2017-12-23 22:03:51 -05:00
parent 785db4ec18
commit d6806a673e
11 changed files with 65 additions and 103 deletions
--- a/dockerfiles/services/letsencrypt/Dockerfile
+++ b/dockerfiles/services/letsencrypt/Dockerfile
@@ -0,0 +1,3 @@
+FROM blacklabelops/letsencrypt:latest
+MAINTAINER Richard Morgan <r_morgan@sympatico.ca>
+
--- a/dockerfiles/services/letsencrypt/docker-compose-update.yml
+++ b/dockerfiles/services/letsencrypt/docker-compose-update.yml
@@ -9,7 +9,7 @@ version: '3'
 services:

  updates:
-    image: "blacklabelops/letsencrypt"
+    image: "dkregistry.xai-corp.net:5000/letsencrypt:latest"
    ports:
      - 83:80
 #      - 443:443
@@ -20,7 +20,7 @@ services:
      LETSENCRYPT_HTTPS_ENABLED: "false"
      LETSENCRYPT_TESTCERT: "false"
      LETSENCRYPT_DEBUG: "true"
-      LETSENCRYPT_JOB_TIME: "0 0 1 */2 * *"
+      LETSENCRYPT_JOB_TIME: "0 1 */12 * * 0"
      LETSENCRYPT_DOMAIN1: xai-corp.net
      LETSENCRYPT_DOMAIN2: git.xai-corp.net
      LETSENCRYPT_DOMAIN3: xaibox.xai-corp.net
@@ -43,9 +43,9 @@ services:
          cpus: '0.5'
          memory: 16M

-    logging:
-      driver: fluentd
-      options:
-        fluentd-address: "logs.xai-corp.net:24224"
-        fluentd-async-connect: 'true'
-        tag: letsencrypt-update
+#    logging:
+#      driver: fluentd
+#      options:
+#        fluentd-address: "logs.xai-corp.net:24224"
+#        fluentd-async-connect: 'true'
+#        tag: letsencrypt-update
--- a/dockerfiles/services/letsencrypt/docker-compose.yml
+++ b/dockerfiles/services/letsencrypt/docker-compose.yml
@@ -5,80 +5,38 @@
 # DOCKER_HOST=dkhost01:2376 docker-compose up updates

 # docker login dkregistry.xai-corp.net:5000
-# docker-compose build && docker push dkregistry.xai-corp.net:5000/xaicorp/nextcloud:latest
-# DOCKER_HOST=dkhost:2376 docker stack deploy -c docker-compose.yml services_letsencrypt
+# docker-compose build && docker push dkregistry.xai-corp.net:5000/letsencrypt:latest
+# DOCKER_HOST=dkhost:2376 docker stack deploy --with-registry-auth -c docker-compose-update.yml services_letsencrypt
+# DOCKER_HOST=dkhost:2376 docker stack ps services
+

 version: '3'
 services:

-  install:
-    image: "blacklabelops/letsencrypt"
-    container_name: letsencrypt_staging_install
-    ports:
-      - 80:80
-#      - 443:443
-    volumes:
-      - /opt/shared/letsencrypt-2-staging:/etc/letsencrypt
-    environment:
-      LETSENCRYPT_HTTPS_ENABLED: "false"
-      LETSENCRYPT_EMAIL: r_morgan@sympatico.ca
-      LETSENCRYPT_DOMAIN1: xai-corp.net
-      LETSENCRYPT_DOMAIN2: git.xai-corp.net
-      LETSENCRYPT_DOMAIN3: xaibox.xai-corp.net
-      LETSENCRYPT_DOMAIN4: dkui.xai-corp.net
-      LETSENCRYPT_DOMAIN5: dkregistry.xai-corp.net
-      LETSENCRYPT_DOMAIN6: fs.xai-corp.net
-      LETSENCRYPT_DOMAIN7: jenkins.xai-corp.net
-      LETSENCRYPT_DOMAIN8: sql.xai-corp.net
-      LETSENCRYPT_DOMAIN9: office.xai-corp.net
-      LETSENCRYPT_DOMAIN9: www.xai-corp.net
-    command:
-      - install
-      - --staging
-      - --expand
-
-    deploy:
-      mode: replicated
-      replicas: 1
-      restart_policy:
-        condition: none
-      resources:
-        limits:
-          cpus: '0.1'
-          memory: 256M
-
-  updates:
-    image: "blacklabelops/letsencrypt"
-    container_name: letsencrypt_staging_updates
-    ports:
-      - 80:80
-#      - 443:443
-    volumes:
-      - /opt/shared/letsencrypt-2-staging:/etc/letsencrypt
-    environment:
-      LETSENCRYPT_HTTPS_ENABLED: "false"
-      LETSENCRYPT_EMAIL: r_morgan@sympatico.ca
-      LETSENCRYPT_DOMAIN1: xai-corp.net
-      LETSENCRYPT_DOMAIN2: git.xai-corp.net
-      LETSENCRYPT_DOMAIN3: xaibox.xai-corp.net
-      LETSENCRYPT_DOMAIN4: dkui.xai-corp.net
-      LETSENCRYPT_DOMAIN5: dkregistry.xai-corp.net
-      LETSENCRYPT_DOMAIN6: fs.xai-corp.net
-      LETSENCRYPT_DOMAIN7: jenkins.xai-corp.net
-      LETSENCRYPT_DOMAIN8: sql.xai-corp.net
-      LETSENCRYPT_DOMAIN9: office.xai-corp.net
-      LETSENCRYPT_DOMAIN9: www.xai-corp.net
-    command:
-      - install
-      - --staging
-      - --expand
-
-    deploy:
-      mode: replicated
-      replicas: 1
-      restart_policy:
-        condition: none
-      resources:
-        limits:
-          cpus: '0.1'
-          memory: 256M
+  builder:
+    build:
+      context: ""
+      dockerfile: Dockerfile
+    image: "dkregistry.xai-corp.net:5000/letsencrypt:latest"
+#    ports:
+#      - 80:80
+##      - 443:443
+#    volumes:
+#      - /opt/shared/letsencrypt-2-staging:/etc/letsencrypt
+#    environment:
+#      LETSENCRYPT_HTTPS_ENABLED: "false"
+#      LETSENCRYPT_EMAIL: r_morgan@sympatico.ca
+#      LETSENCRYPT_DOMAIN1: xai-corp.net
+#      LETSENCRYPT_DOMAIN2: git.xai-corp.net
+#      LETSENCRYPT_DOMAIN3: xaibox.xai-corp.net
+#      LETSENCRYPT_DOMAIN4: dkui.xai-corp.net
+#      LETSENCRYPT_DOMAIN5: dkregistry.xai-corp.net
+#      LETSENCRYPT_DOMAIN6: fs.xai-corp.net
+#      LETSENCRYPT_DOMAIN7: jenkins.xai-corp.net
+#      LETSENCRYPT_DOMAIN8: sql.xai-corp.net
+#      LETSENCRYPT_DOMAIN9: office.xai-corp.net
+#      LETSENCRYPT_DOMAIN9: www.xai-corp.net
+#    command:
+#      - install
+#      - --staging
+#      - --expand