forked from Deuxfleurs/nixcfg
staging: garage: Handle *.garage.staging for vhost-style S3 and add on-demand TLS checks
This commit is contained in:
parent
d4fb14347d
commit
cbb0093f2c
2 changed files with 9 additions and 0 deletions
|
@ -25,6 +25,7 @@ tls_skip_verify = true
|
||||||
[s3_api]
|
[s3_api]
|
||||||
s3_region = "garage-staging"
|
s3_region = "garage-staging"
|
||||||
api_bind_addr = "0.0.0.0:3990"
|
api_bind_addr = "0.0.0.0:3990"
|
||||||
|
root_domain = ".garage.staging.deuxfleurs.org"
|
||||||
|
|
||||||
[k2v_api]
|
[k2v_api]
|
||||||
api_bind_addr = "0.0.0.0:3993"
|
api_bind_addr = "0.0.0.0:3993"
|
||||||
|
|
|
@ -84,7 +84,9 @@ job "garage-staging" {
|
||||||
tags = [
|
tags = [
|
||||||
"garage-staging-api",
|
"garage-staging-api",
|
||||||
"tricot garage.staging.deuxfleurs.org",
|
"tricot garage.staging.deuxfleurs.org",
|
||||||
|
"tricot *.garage.staging.deuxfleurs.org",
|
||||||
"tricot-add-header Access-Control-Allow-Origin *",
|
"tricot-add-header Access-Control-Allow-Origin *",
|
||||||
|
"tricot-on-demand-tls-ask http://garage-staging-admin.service.staging.consul:3909/check",
|
||||||
"tricot-site-lb",
|
"tricot-site-lb",
|
||||||
]
|
]
|
||||||
port = "s3"
|
port = "s3"
|
||||||
|
@ -119,10 +121,16 @@ job "garage-staging" {
|
||||||
name = "garage-staging-web"
|
name = "garage-staging-web"
|
||||||
tags = [
|
tags = [
|
||||||
"garage-staging-web",
|
"garage-staging-web",
|
||||||
|
"tricot * 1",
|
||||||
"tricot *.web.staging.deuxfleurs.org",
|
"tricot *.web.staging.deuxfleurs.org",
|
||||||
"tricot staging.deuxfleurs.org",
|
"tricot staging.deuxfleurs.org",
|
||||||
"tricot matrix.home.adnab.me/.well-known/matrix/server",
|
"tricot matrix.home.adnab.me/.well-known/matrix/server",
|
||||||
|
"tricot-add-header Strict-Transport-Security max-age=63072000; includeSubDomains; preload",
|
||||||
|
"tricot-add-header X-Frame-Options SAMEORIGIN",
|
||||||
|
"tricot-add-header X-XSS-Protection 1; mode=block",
|
||||||
|
"tricot-add-header X-Content-Type-Options nosniff",
|
||||||
"tricot-add-header Access-Control-Allow-Origin *",
|
"tricot-add-header Access-Control-Allow-Origin *",
|
||||||
|
"tricot-on-demand-tls-ask http://garage-staging-admin.service.staging.consul:3909/check",
|
||||||
"tricot-site-lb",
|
"tricot-site-lb",
|
||||||
]
|
]
|
||||||
port = "web"
|
port = "web"
|
||||||
|
|
Loading…
Reference in a new issue