diff --git a/hammerhead/app/traefik/config/traefik.toml b/hammerhead/app/traefik/config/traefik.toml new file mode 100644 index 0000000..b342268 --- /dev/null +++ b/hammerhead/app/traefik/config/traefik.toml @@ -0,0 +1,50 @@ +InsecureSkipVerify = true +defaultEntryPoints = ["http", "https"] + +[entryPoints] + [entryPoints.admin] + address = ":8082" + + [entryPoints.http] + address = ":80" + [entryPoints.http.redirect] + entryPoint = "https" + + [entryPoints.https] + address = ":443" + compress = true + [entryPoints.https.tls] + +[ping] + entrypoint = "admin" + +[retry] + +[acme] + email = "adrien@luxeylab.net" + storage = "traefik/acme/account" + entryPoint = "https" + onHostRule = true + + [acme.httpChallenge] + entryPoint = "http" + +[api] + entryPoint = "admin" + dashboard = true + +[consul] + endpoint = "172.17.0.1:8500" + watch = true + prefix = "traefik" + +[consulCatalog] + endpoint = "172.17.0.1:8500" + prefix = "traefik" + # domain = "web.deuxfleurs.fr" + exposedByDefault = false + +# [metrics] +# [metrics.prometheus] +# # -- below is for traefik 1.7 see https://doc.traefik.io/traefik/v1.7/configuration/metrics/ +# entryPoint = "admin" diff --git a/hammerhead/app/traefik/deploy/traefik.hcl b/hammerhead/app/traefik/deploy/traefik.hcl new file mode 100644 index 0000000..385a36e --- /dev/null +++ b/hammerhead/app/traefik/deploy/traefik.hcl @@ -0,0 +1,72 @@ +job "traefik" { + datacenters = ["dc1"] + type = "service" + priority = 80 + + group "traefik" { + + network { + port "http_port" { static = 80 } + port "https_port" { static = 443 } + port "admin_port" { static = 8082 } + } + + task "server" { + driver = "docker" + + config { + image = "amd64/traefik:1.7.20" + readonly_rootfs = true + network_mode = "host" + volumes = [ + "secrets/traefik.toml:/etc/traefik/traefik.toml", + ] + ports = [ "http_port", "https_port", "admin_port" ] + } + + resources { + memory = 265 + } + + template { + data = file("../config/traefik.toml") + destination = "secrets/traefik.toml" + } + + service { + name = "traefik-http" + port = "http_port" + # tags = [ "(diplonat (tcp_port 80))" ] + address_mode = "host" + } + + service { + name = "traefik-https" + port = "https_port" + # tags = [ "(diplonat (tcp_port 443))" ] + address_mode = "host" + } + + service { + name = "traefik-admin" + port = "admin_port" + address_mode = "host" + check { + type = "http" + protocol = "http" + port = 8082 + address_mode = "driver" + path = "/ping" + interval = "60s" + timeout = "5s" + check_restart { + limit = 3 + grace = "90s" + ignore_warnings = false + } + } + } + } + } +} +