Access staging cluster through IPv6

- for now DiploNAT is no longer used to transfer port
- and it is not yet capable of updating DNS AAAA record,
  so tricot is pinned to a single machine for now
This commit is contained in:
Alex 2022-05-04 15:07:03 +02:00
parent 44d3d6d19c
commit d9e2465e28
Signed by untrusted user: lx
GPG key ID: 0E496D15096376BE

View file

@ -4,6 +4,11 @@ job "frontend" {
priority = 90 priority = 90
group "tricot" { group "tricot" {
constraint {
attribute = "${attr.unique.hostname}"
value = "caribou"
}
network { network {
port "http_port" { static = 80 } port "http_port" { static = 80 }
port "https_port" { static = 443 } port "https_port" { static = 443 }
@ -58,6 +63,8 @@ TRICOT_CONSUL_HOST=https://localhost:8501
TRICOT_CONSUL_CA_CERT=/etc/tricot/consul-ca.crt TRICOT_CONSUL_CA_CERT=/etc/tricot/consul-ca.crt
TRICOT_CONSUL_CLIENT_CERT=/etc/tricot/consul-client.crt TRICOT_CONSUL_CLIENT_CERT=/etc/tricot/consul-client.crt
TRICOT_CONSUL_CLIENT_KEY=/etc/tricot/consul-client.key TRICOT_CONSUL_CLIENT_KEY=/etc/tricot/consul-client.key
TRICOT_HTTP_BIND_ADDR=[::]:80
TRICOT_HTTPS_BIND_ADDR=[::]:443
RUST_LOG=tricot=debug RUST_LOG=tricot=debug
EOH EOH
destination = "secrets/env" destination = "secrets/env"
@ -67,14 +74,14 @@ EOH
service { service {
name = "tricot-http" name = "tricot-http"
port = "http_port" port = "http_port"
tags = [ "(diplonat (tcp_port 80))" ] /* tags = [ "(diplonat (tcp_port 80))" ] */
address_mode = "host" address_mode = "host"
} }
service { service {
name = "tricot-https" name = "tricot-https"
port = "https_port" port = "https_port"
tags = [ "(diplonat (tcp_port 443))" ] /* tags = [ "(diplonat (tcp_port 443))" ] */
address_mode = "host" address_mode = "host"
} }
} }