From 14b59ba4b019799dc15d7a92faa8e89f1d7bf6f3 Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Fri, 2 Jun 2023 15:40:43 +0200 Subject: [PATCH] =?UTF-8?q?m=C3=A0j=20config=20gitea?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cluster/prod/app/core/deploy/bottin.hcl | 2 +- cluster/prod/app/core/deploy/d53.hcl | 40 +++++++++++++++++++++- cluster/prod/app/core/deploy/diplonat.hcl | 5 +-- cluster/prod/app/core/deploy/tricot.hcl | 8 +++-- cluster/prod/register_external_services.sh | 18 ++++++++++ cluster/prod/site/bespin.nix | 10 ++++++ 6 files changed, 75 insertions(+), 8 deletions(-) diff --git a/cluster/prod/app/core/deploy/bottin.hcl b/cluster/prod/app/core/deploy/bottin.hcl index 40bb5af..a7d8694 100644 --- a/cluster/prod/app/core/deploy/bottin.hcl +++ b/cluster/prod/app/core/deploy/bottin.hcl @@ -1,4 +1,4 @@ -job "core:bottin" { +job "core-bottin" { datacenters = ["orion", "neptune", "scorpio"] type = "system" priority = 90 diff --git a/cluster/prod/app/core/deploy/d53.hcl b/cluster/prod/app/core/deploy/d53.hcl index 8baf781..81a88ff 100644 --- a/cluster/prod/app/core/deploy/d53.hcl +++ b/cluster/prod/app/core/deploy/d53.hcl @@ -1,4 +1,4 @@ -job "core:d53" { +job "core-d53" { datacenters = ["neptune", "orion", "bespin"] type = "service" priority = 90 @@ -61,4 +61,42 @@ EOH } } } + + # Dummy task for Gitea (still on an external VM), runs on any bespin node + # and allows D53 to automatically update the A record for git.deuxfleurs.fr + # to the IPv4 address of the bespin site (that changes occasionnaly) + group "gitea-dummy" { + count = 1 + + network { + port "dummy" { + to = 999 + } + } + + task "main" { + driver = "docker" + + constraint { + attribute = "${meta.site}" + operator = "=" + value = "bespin" + } + + config { + image = "alpine" + command = "sh" + args = ["-c", "while true; do echo x; sleep 60; done"] + ports = [ "dummy" ] + } + + service { + name = "gitea-dummy" + port = "dummy" + tags = [ + "d53-a git.deuxfleurs.fr", + ] + } + } + } } diff --git a/cluster/prod/app/core/deploy/diplonat.hcl b/cluster/prod/app/core/deploy/diplonat.hcl index d6f8423..078e811 100644 --- a/cluster/prod/app/core/deploy/diplonat.hcl +++ b/cluster/prod/app/core/deploy/diplonat.hcl @@ -1,4 +1,4 @@ -job "core:diplonat" { +job "core-diplonat" { datacenters = ["orion", "neptune", "scorpio", "bespin"] type = "system" priority = 90 @@ -53,9 +53,6 @@ DIPLONAT_CONSUL_URL=https://consul.service.prod.consul:8501 DIPLONAT_CONSUL_TLS_SKIP_VERIFY=true DIPLONAT_CONSUL_CLIENT_CERT=/etc/diplonat/consul-client.crt DIPLONAT_CONSUL_CLIENT_KEY=/etc/diplonat/consul-client.key -{{ if env "meta.site" | eq "bespin" }} -DIPLONAT_IPV6_ONLY=true -{{ end }} RUST_LOG=debug EOH destination = "secrets/env" diff --git a/cluster/prod/app/core/deploy/tricot.hcl b/cluster/prod/app/core/deploy/tricot.hcl index 7c3bada..6640dec 100644 --- a/cluster/prod/app/core/deploy/tricot.hcl +++ b/cluster/prod/app/core/deploy/tricot.hcl @@ -1,5 +1,9 @@ -job "core:tricot" { - datacenters = ["orion", "neptune", "scorpio", "bespin"] +job "core-tricot" { + # bespin pas pour l'instant, on a des soucis de SSL avec gitea + # on pourra mettre bespin quand on aura migré gitea de la vm vers le cluster + # en attendant, les deux ne sont pas capables de partager les certificats SSL + # donc on laisse la VM gitea gérer les certifs et prendre tout le trafic http(s) + datacenters = ["orion", "neptune", "scorpio"] type = "system" priority = 90 diff --git a/cluster/prod/register_external_services.sh b/cluster/prod/register_external_services.sh index 3b6a35e..7db4e7a 100755 --- a/cluster/prod/register_external_services.sh +++ b/cluster/prod/register_external_services.sh @@ -60,6 +60,24 @@ curl -vv -X PUT http://localhost:8500/v1/catalog/register -H "Content-Type: app } EOF +curl -vv -X PUT http://localhost:8500/v1/catalog/register -H "Content-Type: application/json" --data @- <