Merge pull request #5872 from gsiv/dev/caddy

Docker: Rename proxy-related variables
2021-02-08 16:42:09 +01:00 · 2021-02-08 16:42:09 +01:00 · c569835ce1
commit c569835ce1
parent ac0a27276c a1e65e8a47
13 changed files with 14 additions and 137 deletions
--- a/docker/.env
+++ b/docker/.env
@ -17,8 +17,8 @@ DEFAULT_DOCKER_REGISTRY=

 # Docker Images
 # -------------
-DOCKER_OPENSLIDES_HAPROXY_NAME=
-DOCKER_OPENSLIDES_HAPROXY_TAG=
+DOCKER_OPENSLIDES_PROXY_NAME=
+DOCKER_OPENSLIDES_PROXY_TAG=
 DOCKER_OPENSLIDES_BACKEND_NAME=
 DOCKER_OPENSLIDES_BACKEND_TAG=
 DOCKER_OPENSLIDES_FRONTEND_NAME=
--- a/docker/build.sh
+++ b/docker/build.sh
@ -6,7 +6,7 @@ declare -A TARGETS
 TARGETS=(
  [client]="$(dirname "${BASH_SOURCE[0]}")/../client/docker/"
  [server]="$(dirname "${BASH_SOURCE[0]}")/../server/docker/"
-  [caddy]="$(dirname "${BASH_SOURCE[0]}")/../caddy/"
+  [proxy]="$(dirname "${BASH_SOURCE[0]}")/../caddy/"
  [autoupdate]="$(dirname "${BASH_SOURCE[0]}")/../autoupdate/"
  [media]="https://github.com/OpenSlides/openslides-media-service.git"
  [pgbouncer]="https://github.com/OpenSlides/openslides-docker-compose.git#:pgbouncer"
--- a/docker/docker-compose.dev.yml
+++ b/docker/docker-compose.dev.yml
@ -45,7 +45,7 @@ services:
  redis:
    image: redis:latest

-  caddy:
+  proxy:
    image: caddy:2.3.0-alpine
    volumes:
      - ../caddy/Caddyfile.dev:/etc/caddy/Caddyfile
--- a/docker/docker-compose.yml.m4
+++ b/docker/docker-compose.yml.m4
@ -13,10 +13,10 @@ define(`read_env', `esyscmd(`printf "\`%s'" "$$1"')')
 dnl return env variable if set; otherwise, return given alternative value
 define(`ifenvelse', `ifelse(read_env(`$1'),, `$2', read_env(`$1'))')

-define(`HAPROXY_IMAGE',
+define(`PROXY_IMAGE',
 ifenvelse(`DEFAULT_DOCKER_REGISTRY', openslides)/dnl
-ifenvelse(`DOCKER_OPENSLIDES_HAPROXY_NAME', openslides-caddy):dnl
-ifenvelse(`DOCKER_OPENSLIDES_HAPROXY_TAG', latest))
+ifenvelse(`DOCKER_OPENSLIDES_PROXY_NAME', openslides-proxy):dnl
+ifenvelse(`DOCKER_OPENSLIDES_PROXY_TAG', latest))
 define(`BACKEND_IMAGE',
 ifenvelse(`DEFAULT_DOCKER_REGISTRY', openslides)/dnl
 ifenvelse(`DOCKER_OPENSLIDES_BACKEND_NAME', openslides-server):dnl
@ -95,8 +95,8 @@ x-pgnode-env: &default-pgnode-env
  REPMGR_WAL_ARCHIVE: "ifenvelse(`PGNODE_WAL_ARCHIVING', on)"

 services:
-  haproxy:
-    image: HAPROXY_IMAGE
+  proxy:
+    image: PROXY_IMAGE
    depends_on:
      - server
      - client
--- a/docker/docker-stack.yml.m4
+++ b/docker/docker-stack.yml.m4
@ -13,10 +13,10 @@ define(`read_env', `esyscmd(`printf "\`%s'" "$$1"')')
 dnl return env variable if set; otherwise, return given alternative value
 define(`ifenvelse', `ifelse(read_env(`$1'),, `$2', read_env(`$1'))')

-define(`HAPROXY_IMAGE',
+define(`PROXY_IMAGE',
 ifenvelse(`DEFAULT_DOCKER_REGISTRY', openslides)/dnl
-ifenvelse(`DOCKER_OPENSLIDES_HAPROXY_NAME', openslides-caddy):dnl
-ifenvelse(`DOCKER_OPENSLIDES_HAPROXY_TAG', latest))
+ifenvelse(`DOCKER_OPENSLIDES_PROXY_NAME', openslides-proxy):dnl
+ifenvelse(`DOCKER_OPENSLIDES_PROXY_TAG', latest))
 define(`BACKEND_IMAGE',
 ifenvelse(`DEFAULT_DOCKER_REGISTRY', openslides)/dnl
 ifenvelse(`DOCKER_OPENSLIDES_BACKEND_NAME', openslides-server):dnl
@ -95,8 +95,8 @@ x-pgnode-env: &default-pgnode-env
  REPMGR_WAL_ARCHIVE: "ifenvelse(`PGNODE_WAL_ARCHIVING', on)"

 services:
-  haproxy:
-    image: HAPROXY_IMAGE
+  proxy:
+    image: PROXY_IMAGE
    networks:
      - front
      - back
--- a/haproxy/Dockerfile
+++ b/haproxy/Dockerfile
@ -1,5 +0,0 @@
-FROM haproxy:2.0-alpine
-COPY src/haproxy.common.cfg /usr/local/etc/haproxy/haproxy.common.cfg
-COPY src/haproxy.prod.cfg /usr/local/etc/haproxy/haproxy.prod.cfg
-COPY src/combined.pem /usr/local/etc/haproxy/combined.pem
-CMD ["haproxy", "-f", "/usr/local/etc/haproxy/haproxy.common.cfg", "-f", "/usr/local/etc/haproxy/haproxy.prod.cfg"]
--- a/haproxy/Dockerfile.dev
+++ b/haproxy/Dockerfile.dev
@ -1,5 +0,0 @@
-FROM haproxy:2.0-alpine
-COPY src/haproxy.common.cfg /usr/local/etc/haproxy/haproxy.common.cfg
-COPY src/haproxy.dev.cfg /usr/local/etc/haproxy/haproxy.dev.cfg
-COPY src/combined.pem /usr/local/etc/haproxy/combined.pem
-CMD ["haproxy", "-f", "/usr/local/etc/haproxy/haproxy.common.cfg", "-f", "/usr/local/etc/haproxy/haproxy.dev.cfg"]
--- a/haproxy/Makefile
+++ b/haproxy/Makefile
@ -1,3 +0,0 @@
-build-dev:
-	./prepare-cert.sh
-	docker build -t os3-haproxy-dev -f Dockerfile.dev .
--- a/haproxy/build.sh
+++ b/haproxy/build.sh
@ -1,6 +0,0 @@
-#!/bin/bash
-
-cd "$(dirname "${BASH_SOURCE[0]}")"
-./prepare-cert.sh
-docker build --tag "${img:-openslides/openslides-${service_name}:latest}" \
-  --pull "${OPTIONS[@]}" .
--- a/haproxy/prepare-cert.sh
+++ b/haproxy/prepare-cert.sh
@ -1,27 +0,0 @@
-#!/bin/bash
-
-set -e
-cd "$(dirname "$0")"
-
-# check, if we already generated a cert
-combined="src/combined.pem"
-
-if [[ ! -f $combined ]]; then
-    echo "Creating certificates..."
-    cd src
-    if type 2>&1 >/dev/null openssl ; then
-      echo "Using openssl to generate a certificate."
-      echo "You will need to accept an security exception for the"
-      echo "generated certificate in your browser manually."
-      openssl req -x509 -newkey rsa:4096 -nodes -days 3650 \
-              -subj "/C=DE/O=Selfsigned Test/CN=localhost" \
-              -keyout localhost-key.pem -out localhost.pem
-    else
-      echo >&2 "FATAL: No valid certificate generation tool found!"
-      exit -1
-    fi
-    cat localhost.pem localhost-key.pem > combined.pem
-    echo "done"
-else
-    echo "Certificate exists."
-fi
--- a/haproxy/src/haproxy.common.cfg
+++ b/haproxy/src/haproxy.common.cfg
@ -1,31 +0,0 @@
-global
-    log stdout  format raw  local0  debug
-
-defaults
-    option http-use-htx
-    option dontlognull
-    timeout connect 3s
-    timeout client 10s
-    timeout client-fin 10s
-    timeout server 10s
-    timeout server-fin 10s
-    timeout check 2s
-    timeout tunnel 10s
-    timeout queue 2s
-    log global
-    option httplog
-
-resolvers docker_resolver
-    nameserver dns 127.0.0.11:53
-
-backend backend_server
-    mode http
-    # Do not pass the auth-header from /stats to OS. It confuses the server...
-    http-request del-header authorization
-    timeout server 4m
-    server server server:8000 resolvers docker_resolver check alpn http/1.1
-
-backend backend_autoupdate
-    mode http
-    timeout server 1h
-    server autoupdate autoupdate:8002 resolvers docker_resolver check ssl verify none alpn h2
--- a/haproxy/src/haproxy.dev.cfg
+++ b/haproxy/src/haproxy.dev.cfg
@ -1,20 +0,0 @@
-frontend https
-    mode http
-    bind *:8000 ssl crt /usr/local/etc/haproxy/combined.pem alpn h2,http/1.1
-    default_backend backend_client
-
-    acl autoupdate path_beg -i /system
-    use_backend backend_autoupdate if autoupdate
-
-    acl server path_beg -i /apps /media/ /rest /server-version.txt
-    use_backend backend_server if server
-
-    stats enable
-    stats uri /stats
-    stats refresh 10s
-    stats auth admin:admin
-
-backend backend_client
-    mode http
-    timeout tunnel 1h
-    server client client:4200 resolvers docker_resolver no-check
--- a/haproxy/src/haproxy.prod.cfg
+++ b/haproxy/src/haproxy.prod.cfg
@ -1,26 +0,0 @@
-frontend https
-    mode http
-    bind *:8000 ssl crt /usr/local/etc/haproxy/combined.pem alpn h2,http/1.1
-    default_backend backend_client
-
-    acl autoupdate path_beg -i /system
-    use_backend backend_autoupdate if autoupdate
-
-    acl server path_beg -i /apps /rest /server-version.txt
-    use_backend backend_server if server
-
-    acl media path_beg -i /media/
-    use_backend backend_media if media
-
-    stats enable
-    stats uri /stats
-    stats refresh 10s
-    stats auth admin:admin
-
-backend backend_client
-    mode http
-    server client client:80 resolvers docker_resolver check
-
-backend backend_media
-    mode http
-    server media media:8000 resolvers docker_resolver check