ag-admin/OpenSlides
0
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #5872 from gsiv/dev/caddy

Browse Source 
Docker: Rename proxy-related variables
This commit is contained in:
Emanuel Schütze 2021-02-08 16:42:09 +01:00 committed by GitHub
commit c569835ce1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 14 additions and 137 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docker/.env
View File

@ -17,8 +17,8 @@ DEFAULT_DOCKER_REGISTRY=
# Docker Images # Docker Images
# ------------- # -------------
DOCKER_OPENSLIDES_HAPROXY_NAME= DOCKER_OPENSLIDES_PROXY_NAME=
DOCKER_OPENSLIDES_HAPROXY_TAG= DOCKER_OPENSLIDES_PROXY_TAG=
DOCKER_OPENSLIDES_BACKEND_NAME= DOCKER_OPENSLIDES_BACKEND_NAME=
DOCKER_OPENSLIDES_BACKEND_TAG= DOCKER_OPENSLIDES_BACKEND_TAG=
DOCKER_OPENSLIDES_FRONTEND_NAME= DOCKER_OPENSLIDES_FRONTEND_NAME=

2
docker/build.sh
View File

@ -6,7 +6,7 @@ declare -A TARGETS
TARGETS=( TARGETS=(
[client]="$(dirname "${BASH_SOURCE[0]}")/../client/docker/" [client]="$(dirname "${BASH_SOURCE[0]}")/../client/docker/"
[server]="$(dirname "${BASH_SOURCE[0]}")/../server/docker/" [server]="$(dirname "${BASH_SOURCE[0]}")/../server/docker/"
[caddy]="$(dirname "${BASH_SOURCE[0]}")/../caddy/" [proxy]="$(dirname "${BASH_SOURCE[0]}")/../caddy/"
[autoupdate]="$(dirname "${BASH_SOURCE[0]}")/../autoupdate/" [autoupdate]="$(dirname "${BASH_SOURCE[0]}")/../autoupdate/"
[media]="https://github.com/OpenSlides/openslides-media-service.git" [media]="https://github.com/OpenSlides/openslides-media-service.git"
[pgbouncer]="https://github.com/OpenSlides/openslides-docker-compose.git#:pgbouncer" [pgbouncer]="https://github.com/OpenSlides/openslides-docker-compose.git#:pgbouncer"

2
docker/docker-compose.dev.yml
View File

@ -45,7 +45,7 @@ services:
redis: redis:
image: redis:latest image: redis:latest
caddy: proxy:
image: caddy:2.3.0-alpine image: caddy:2.3.0-alpine
volumes: volumes:
- ../caddy/Caddyfile.dev:/etc/caddy/Caddyfile - ../caddy/Caddyfile.dev:/etc/caddy/Caddyfile

10
docker/docker-compose.yml.m4
View File

@ -13,10 +13,10 @@ define(`read_env', `esyscmd(`printf "\`%s'" "$$1"')')
dnl return env variable if set; otherwise, return given alternative value dnl return env variable if set; otherwise, return given alternative value
define(`ifenvelse', `ifelse(read_env(`$1'),, `$2', read_env(`$1'))') define(`ifenvelse', `ifelse(read_env(`$1'),, `$2', read_env(`$1'))')
define(`HAPROXY_IMAGE', define(`PROXY_IMAGE',
ifenvelse(`DEFAULT_DOCKER_REGISTRY', openslides)/dnl ifenvelse(`DEFAULT_DOCKER_REGISTRY', openslides)/dnl
ifenvelse(`DOCKER_OPENSLIDES_HAPROXY_NAME', openslides-caddy):dnl ifenvelse(`DOCKER_OPENSLIDES_PROXY_NAME', openslides-proxy):dnl
ifenvelse(`DOCKER_OPENSLIDES_HAPROXY_TAG', latest)) ifenvelse(`DOCKER_OPENSLIDES_PROXY_TAG', latest))
define(`BACKEND_IMAGE', define(`BACKEND_IMAGE',
ifenvelse(`DEFAULT_DOCKER_REGISTRY', openslides)/dnl ifenvelse(`DEFAULT_DOCKER_REGISTRY', openslides)/dnl
ifenvelse(`DOCKER_OPENSLIDES_BACKEND_NAME', openslides-server):dnl ifenvelse(`DOCKER_OPENSLIDES_BACKEND_NAME', openslides-server):dnl
@ -95,8 +95,8 @@ x-pgnode-env: &default-pgnode-env
REPMGR_WAL_ARCHIVE: "ifenvelse(`PGNODE_WAL_ARCHIVING', on)" REPMGR_WAL_ARCHIVE: "ifenvelse(`PGNODE_WAL_ARCHIVING', on)"
services: services:
haproxy: proxy:
image: HAPROXY_IMAGE image: PROXY_IMAGE
depends_on: depends_on:
- server - server
- client - client

10
docker/docker-stack.yml.m4
View File

@ -13,10 +13,10 @@ define(`read_env', `esyscmd(`printf "\`%s'" "$$1"')')
dnl return env variable if set; otherwise, return given alternative value dnl return env variable if set; otherwise, return given alternative value
define(`ifenvelse', `ifelse(read_env(`$1'),, `$2', read_env(`$1'))') define(`ifenvelse', `ifelse(read_env(`$1'),, `$2', read_env(`$1'))')
define(`HAPROXY_IMAGE', define(`PROXY_IMAGE',
ifenvelse(`DEFAULT_DOCKER_REGISTRY', openslides)/dnl ifenvelse(`DEFAULT_DOCKER_REGISTRY', openslides)/dnl
ifenvelse(`DOCKER_OPENSLIDES_HAPROXY_NAME', openslides-caddy):dnl ifenvelse(`DOCKER_OPENSLIDES_PROXY_NAME', openslides-proxy):dnl
ifenvelse(`DOCKER_OPENSLIDES_HAPROXY_TAG', latest)) ifenvelse(`DOCKER_OPENSLIDES_PROXY_TAG', latest))
define(`BACKEND_IMAGE', define(`BACKEND_IMAGE',
ifenvelse(`DEFAULT_DOCKER_REGISTRY', openslides)/dnl ifenvelse(`DEFAULT_DOCKER_REGISTRY', openslides)/dnl
ifenvelse(`DOCKER_OPENSLIDES_BACKEND_NAME', openslides-server):dnl ifenvelse(`DOCKER_OPENSLIDES_BACKEND_NAME', openslides-server):dnl
@ -95,8 +95,8 @@ x-pgnode-env: &default-pgnode-env
REPMGR_WAL_ARCHIVE: "ifenvelse(`PGNODE_WAL_ARCHIVING', on)" REPMGR_WAL_ARCHIVE: "ifenvelse(`PGNODE_WAL_ARCHIVING', on)"
services: services:
haproxy: proxy:
image: HAPROXY_IMAGE image: PROXY_IMAGE
networks: networks:
- front - front
- back - back

5
haproxy/Dockerfile
View File

@ -1,5 +0,0 @@
FROM haproxy:2.0-alpine
COPY src/haproxy.common.cfg /usr/local/etc/haproxy/haproxy.common.cfg
COPY src/haproxy.prod.cfg /usr/local/etc/haproxy/haproxy.prod.cfg
COPY src/combined.pem /usr/local/etc/haproxy/combined.pem
CMD ["haproxy", "-f", "/usr/local/etc/haproxy/haproxy.common.cfg", "-f", "/usr/local/etc/haproxy/haproxy.prod.cfg"]

5
haproxy/Dockerfile.dev
View File

@ -1,5 +0,0 @@
FROM haproxy:2.0-alpine
COPY src/haproxy.common.cfg /usr/local/etc/haproxy/haproxy.common.cfg
COPY src/haproxy.dev.cfg /usr/local/etc/haproxy/haproxy.dev.cfg
COPY src/combined.pem /usr/local/etc/haproxy/combined.pem
CMD ["haproxy", "-f", "/usr/local/etc/haproxy/haproxy.common.cfg", "-f", "/usr/local/etc/haproxy/haproxy.dev.cfg"]

3
haproxy/Makefile
View File

@ -1,3 +0,0 @@
build-dev:
./prepare-cert.sh
docker build -t os3-haproxy-dev -f Dockerfile.dev .

6
haproxy/build.sh
View File

@ -1,6 +0,0 @@
#!/bin/bash
cd "$(dirname "${BASH_SOURCE[0]}")"
./prepare-cert.sh
docker build --tag "${img:-openslides/openslides-${service_name}:latest}" \
--pull "${OPTIONS[@]}" .

27
haproxy/prepare-cert.sh
View File

@ -1,27 +0,0 @@
#!/bin/bash
set -e
cd "$(dirname "$0")"
# check, if we already generated a cert
combined="src/combined.pem"
if [[ ! -f $combined ]]; then
echo "Creating certificates..."
cd src
if type 2>&1 >/dev/null openssl ; then
echo "Using openssl to generate a certificate."
echo "You will need to accept an security exception for the"
echo "generated certificate in your browser manually."
openssl req -x509 -newkey rsa:4096 -nodes -days 3650 \
-subj "/C=DE/O=Selfsigned Test/CN=localhost" \
-keyout localhost-key.pem -out localhost.pem
else
echo >&2 "FATAL: No valid certificate generation tool found!"
exit -1
fi
cat localhost.pem localhost-key.pem > combined.pem
echo "done"
else
echo "Certificate exists."
fi

31
haproxy/src/haproxy.common.cfg
View File

@ -1,31 +0,0 @@
global
log stdout format raw local0 debug
defaults
option http-use-htx
option dontlognull
timeout connect 3s
timeout client 10s
timeout client-fin 10s
timeout server 10s
timeout server-fin 10s
timeout check 2s
timeout tunnel 10s
timeout queue 2s
log global
option httplog
resolvers docker_resolver
nameserver dns 127.0.0.11:53
backend backend_server
mode http
# Do not pass the auth-header from /stats to OS. It confuses the server...
http-request del-header authorization
timeout server 4m
server server server:8000 resolvers docker_resolver check alpn http/1.1
backend backend_autoupdate
mode http
timeout server 1h
server autoupdate autoupdate:8002 resolvers docker_resolver check ssl verify none alpn h2

20
haproxy/src/haproxy.dev.cfg
View File

@ -1,20 +0,0 @@
frontend https
mode http
bind *:8000 ssl crt /usr/local/etc/haproxy/combined.pem alpn h2,http/1.1
default_backend backend_client
acl autoupdate path_beg -i /system
use_backend backend_autoupdate if autoupdate
acl server path_beg -i /apps /media/ /rest /server-version.txt
use_backend backend_server if server
stats enable
stats uri /stats
stats refresh 10s
stats auth admin:admin
backend backend_client
mode http
timeout tunnel 1h
server client client:4200 resolvers docker_resolver no-check

26
haproxy/src/haproxy.prod.cfg
View File

@ -1,26 +0,0 @@
frontend https
mode http
bind *:8000 ssl crt /usr/local/etc/haproxy/combined.pem alpn h2,http/1.1
default_backend backend_client
acl autoupdate path_beg -i /system
use_backend backend_autoupdate if autoupdate
acl server path_beg -i /apps /rest /server-version.txt
use_backend backend_server if server
acl media path_beg -i /media/
use_backend backend_media if media
stats enable
stats uri /stats
stats refresh 10s
stats auth admin:admin
backend backend_client
mode http
server client client:80 resolvers docker_resolver check
backend backend_media
mode http
server media media:8000 resolvers docker_resolver check