From 2802784e7a353ab94cecae79c2b5aa72facf1403 Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Tue, 6 Sep 2022 20:13:40 +0200 Subject: [PATCH 1/2] :sparkles: Add HTTPS ingress to krypton --- krypton.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/krypton.yml b/krypton.yml index 8707264..39662ac 100644 --- a/krypton.yml +++ b/krypton.yml @@ -22,6 +22,13 @@ - role: docker_setup vars: docker_data_root: "/srv/docker" + - role: apache + - role: apache-letsencrypt # Uses configuration from dehydrated setup + - role: ansible-role-dehydrated + vars: + dehydrated_contact_email: "{{ server_admin }}" + dehydrated_domains: + - role: penguineer.dehydrated_cron tasks: From feaf052f650af905182cf07b0d6c03997cead45b Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Tue, 6 Sep 2022 20:31:27 +0200 Subject: [PATCH 2/2] :truck: Move entities validation service from pottwal to krypton This is a service handling member data, so it moves to krypton. --- holmium.yml | 2 +- krypton.yml | 23 +++++++++++++++++++++++ pottwal.yml | 19 ------------------- 3 files changed, 24 insertions(+), 20 deletions(-) diff --git a/holmium.yml b/holmium.yml index 1eafa29..f8b5efe 100644 --- a/holmium.yml +++ b/holmium.yml @@ -17,11 +17,11 @@ - server: krypton hosts: - name: entities.svc.n39.eu + - name: entities-validation.svc.n39.eu - server: pottwal hosts: - name: gitea.n39.eu - name: uritools.n39.eu - - name: entities-validation.svc.n39.eu - name: sl.n39.eu - name: pad.n39.eu - name: brotherql-web.n39.eu diff --git a/krypton.yml b/krypton.yml index 39662ac..bbb8443 100644 --- a/krypton.yml +++ b/krypton.yml @@ -18,6 +18,9 @@ ldap_org: "Netz39 e.V." ldap_base_dn: "dc=netz39,dc=de" + entities_validation_svc_host_port: 9001 + + roles: - role: docker_setup vars: @@ -28,6 +31,7 @@ vars: dehydrated_contact_email: "{{ server_admin }}" dehydrated_domains: + - name: entities-validation.svc.n39.eu - role: penguineer.dehydrated_cron tasks: @@ -111,4 +115,23 @@ comment: LDAP Docker Access loop: "{{ docker_ip_ranges }}" + + - name: Ensure container for entities validation service is running + docker_container: + name: entities_validation_svc + image: netz39/entities_validation_svc:v1.0.0 + pull: true + state: started + detach: yes + ports: + - "127.0.0.1:{{ entities_validation_svc_host_port }}:8080" + restart_policy: unless-stopped + + - name: Setup proxy site entities-validation.svc.n39.eu + include_role: + name: setup-http-site-proxy + vars: + site_name: entities-validation.svc.n39.eu + proxy_port: "{{ entities_validation_svc_host_port }}" + handlers: diff --git a/pottwal.yml b/pottwal.yml index 4275be9..8d72f2a 100644 --- a/pottwal.yml +++ b/pottwal.yml @@ -9,7 +9,6 @@ gitea_host_port: 9091 uritools_host_port: 8080 - entities_validation_svc_host_port: 8082 shlink_host_port: 8083 shlink_domain_name: sl.n39.eu @@ -28,7 +27,6 @@ dehydrated_domains: - name: gitea.n39.eu - name: uritools.n39.eu - - name: entities-validation.svc.n39.eu - name: sl.n39.eu - name: pad.n39.eu - role: penguineer.dehydrated_cron @@ -109,23 +107,6 @@ site_name: uritools.n39.eu proxy_port: "{{ uritools_host_port }}" - - name: Ensure container for entities validation service is running - docker_container: - name: entities_validation_svc - image: netz39/entities_validation_svc:v1.0.0 - pull: true - state: started - detach: yes - ports: - - "127.0.0.1:{{ entities_validation_svc_host_port }}:8080" - restart_policy: unless-stopped - - - name: Setup proxy site entities-validation.svc.n39.eu - include_role: - name: setup-http-site-proxy - vars: - site_name: entities-validation.svc.n39.eu - proxy_port: "{{ entities_validation_svc_host_port }}" - name: Ensure container for shlink is running docker_container: