From 7275c5b156eff8f79ce9422de80a637ff5fdb23f Mon Sep 17 00:00:00 2001 From: LUXEY Adrien Date: Fri, 14 May 2021 10:32:40 +0200 Subject: [PATCH] minor --- hammerhead/README.md | 3 +++ .../dummy-http-server/deploy/dummy-http-server.hcl | 3 +++ hammerhead/app/nginx/deploy/nginx.hcl | 12 +++++++++++- 3 files changed, 17 insertions(+), 1 deletion(-) diff --git a/hammerhead/README.md b/hammerhead/README.md index 4df8c4c..6601c11 100644 --- a/hammerhead/README.md +++ b/hammerhead/README.md @@ -17,8 +17,11 @@ Solution: each new service needs to add its nginx configuration to `app/nginx/config`. + * The services URL should be accessible from Consul using tags, instead of being hard-coded in configuration files. + * The dummy HTTP server replicas must not be accessible through the Internet. * TLS: Let's Encrypt will probably be part of the same job definition as nginx. + 2. Gitea migration * Postgres database: needs to be its own Nomad job. diff --git a/hammerhead/app/dummy-http-server/deploy/dummy-http-server.hcl b/hammerhead/app/dummy-http-server/deploy/dummy-http-server.hcl index 8d738c6..d9d6e88 100644 --- a/hammerhead/app/dummy-http-server/deploy/dummy-http-server.hcl +++ b/hammerhead/app/dummy-http-server/deploy/dummy-http-server.hcl @@ -16,6 +16,9 @@ job "dummy-http-server" { interval = "2s" timeout = "2s" } + tags = [ + "url=dummy.hammerhead.luxeylab.net" + ] } task "server" { diff --git a/hammerhead/app/nginx/deploy/nginx.hcl b/hammerhead/app/nginx/deploy/nginx.hcl index a6dcdd4..1699347 100644 --- a/hammerhead/app/nginx/deploy/nginx.hcl +++ b/hammerhead/app/nginx/deploy/nginx.hcl @@ -8,8 +8,17 @@ job "nginx" { port "http" { static = 80 } + port "https" { + static = 443 + } } + # volume "certs" { + # type = "host" + # source = "ca-certificates" + # # read_only = true + # } + service { name = "nginx" port = "http" @@ -19,10 +28,11 @@ job "nginx" { driver = "docker" config { - ports = ["http"] + ports = ["http", "https"] image = "nginx" volumes = [ "local:/etc/nginx/conf.d", + #"certs:..." ] }