Simplify proxy routing
This commit is contained in:
parent
6a7bfb3fc6
commit
28c919e5b0
@ -52,8 +52,6 @@ job "grafana" {
|
||||
|
||||
tags = [
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.grafana.entrypoints=web,websecure",
|
||||
"traefik.http.routers.grafana.tls=true",
|
||||
]
|
||||
}
|
||||
|
||||
|
||||
@ -54,8 +54,6 @@ job "prometheus" {
|
||||
// TODO: Remove traefik tags
|
||||
tags = [
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.prometheus.entrypoints=web,websecure",
|
||||
"traefik.http.routers.prometheus.tls=true",
|
||||
]
|
||||
}
|
||||
|
||||
|
||||
@ -1,9 +1,3 @@
|
||||
variable "base_hostname" {
|
||||
type = string
|
||||
description = "Base hostname to serve content from"
|
||||
default = "dev.homelab"
|
||||
}
|
||||
|
||||
job "adminer" {
|
||||
datacenters = ["dc1"]
|
||||
type = "service"
|
||||
@ -21,6 +15,7 @@ job "adminer" {
|
||||
}
|
||||
|
||||
service {
|
||||
name = "adminer"
|
||||
port = "adminer"
|
||||
|
||||
connect {
|
||||
@ -50,9 +45,6 @@ job "adminer" {
|
||||
|
||||
tags = [
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.adminer.entrypoints=web,websecure",
|
||||
"traefik.http.routers.adminer.rule=Host(`adminer.${var.base_hostname}`)",
|
||||
"traefik.http.routers.adminer.tls=true",
|
||||
]
|
||||
}
|
||||
|
||||
|
||||
@ -15,7 +15,6 @@ job "mysql-server" {
|
||||
network {
|
||||
mode = "bridge"
|
||||
port "db" {
|
||||
static = 3306
|
||||
to = 3306
|
||||
}
|
||||
}
|
||||
@ -31,7 +30,18 @@ job "mysql-server" {
|
||||
port = "db"
|
||||
|
||||
connect {
|
||||
sidecar_service {}
|
||||
sidecar_service {
|
||||
proxy {
|
||||
local_service_port = 3306
|
||||
}
|
||||
}
|
||||
|
||||
sidecar_task {
|
||||
resources {
|
||||
cpu = 50
|
||||
memory = 50
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# Can't use a tcp check with bridge network or proxy
|
||||
|
||||
@ -1,9 +1,3 @@
|
||||
variable "base_hostname" {
|
||||
type = string
|
||||
description = "Base hostname to serve content from"
|
||||
default = "dev.homelab"
|
||||
}
|
||||
|
||||
resource "nomad_job" "mysql-server" {
|
||||
hcl2 {
|
||||
enabled = true
|
||||
@ -15,9 +9,6 @@ resource "nomad_job" "mysql-server" {
|
||||
resource "nomad_job" "adminer" {
|
||||
hcl2 {
|
||||
enabled = true
|
||||
vars = {
|
||||
"base_hostname" = "${var.base_hostname}",
|
||||
}
|
||||
}
|
||||
|
||||
jobspec = file("${path.module}/adminer.nomad")
|
||||
|
||||
@ -29,6 +29,7 @@ job "nextcloud" {
|
||||
}
|
||||
|
||||
service {
|
||||
name = "nextcloud"
|
||||
port = "web"
|
||||
|
||||
connect {
|
||||
@ -57,8 +58,6 @@ job "nextcloud" {
|
||||
|
||||
tags = [
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.nextcloud.entrypoints=web,websecure",
|
||||
"traefik.http.routers.nextcloud.tls=true",
|
||||
]
|
||||
|
||||
}
|
||||
|
||||
@ -1,15 +1,6 @@
|
||||
variable "base_hostname" {
|
||||
type = string
|
||||
description = "Base hostname to serve content from"
|
||||
default = "dev.homelab"
|
||||
}
|
||||
|
||||
resource "nomad_job" "nextcloud" {
|
||||
hcl2 {
|
||||
enabled = true
|
||||
vars = {
|
||||
"base_hostname" = "${var.base_hostname}",
|
||||
}
|
||||
}
|
||||
|
||||
jobspec = file("${path.module}/nextcloud.nomad")
|
||||
|
||||
@ -63,8 +63,6 @@ module "metrics" {
|
||||
module "nextcloud" {
|
||||
source = "./nextcloud"
|
||||
|
||||
base_hostname = var.base_hostname
|
||||
|
||||
depends_on = [module.mysql-server]
|
||||
}
|
||||
|
||||
|
||||
@ -51,7 +51,7 @@ job "traefik" {
|
||||
|
||||
tags = [
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.traefik_dashboard.entrypoints=web,websecure",
|
||||
"traefik.http.routers.traefik_dashboard.entryPoints=web,websecure",
|
||||
"traefik.http.routers.traefik_dashboard.rule=Host(`traefik.${var.base_hostname}`)",
|
||||
"traefik.http.routers.traefik_dashboard.service=api@internal",
|
||||
"traefik.http.routers.traefik_dashboard.tls=true",
|
||||
@ -63,34 +63,99 @@ job "traefik" {
|
||||
|
||||
config {
|
||||
image = "traefik:2.6"
|
||||
args = [
|
||||
"--log.level=DEBUG",
|
||||
"--entryPoints.web.address=:80",
|
||||
"--entryPoints.websecure.address=:443",
|
||||
"--entryPoints.websecure.tls=true",
|
||||
"--entrypoints.web.http.redirections.entryPoint.to=websecure",
|
||||
# "--entryPoints.admin.address=:8080",
|
||||
"--accesslog=true",
|
||||
"--api=true",
|
||||
"--api.dashboard=true",
|
||||
# "--metrics=true",
|
||||
# "--metrics.prometheus=true",
|
||||
# "--metrics.prometheus.entryPoint=admin",
|
||||
# "--metrics.prometheus.manualrouting=true",
|
||||
"--ping=true",
|
||||
"--ping.entryPoint=web",
|
||||
"--providers.consulcatalog=true",
|
||||
"--providers.consulcatalog.connectaware=true",
|
||||
"--providers.consulcatalog.connectbydefault=true",
|
||||
"--providers.consulcatalog.exposedbydefault=false",
|
||||
"--providers.consulcatalog.endpoint.address=${var.consul_address}",
|
||||
"--providers.consulcatalog.defaultrule=Host(`{{normalize .Name}}.${var.base_hostname}`)",
|
||||
]
|
||||
|
||||
ports = ["web", "websecure"]
|
||||
network_mode = "host"
|
||||
|
||||
volumes = []
|
||||
mount {
|
||||
type = "bind"
|
||||
target = "/etc/traefik"
|
||||
source = "config"
|
||||
}
|
||||
}
|
||||
|
||||
template {
|
||||
# Avoid conflict with TOML lists [[ ]] and Go templates {{ }}
|
||||
left_delimiter = "<<"
|
||||
right_delimiter = ">>"
|
||||
data = <<EOH
|
||||
[log]
|
||||
level = "DEBUG"
|
||||
|
||||
[entryPoints]
|
||||
[entryPoints.web]
|
||||
address = ":80"
|
||||
[entryPoints.web.http]
|
||||
[entryPoints.web.http.redirections]
|
||||
[entryPoints.web.http.redirections.entrypoint]
|
||||
to = "websecure"
|
||||
scheme = "https"
|
||||
|
||||
[entryPoints.websecure]
|
||||
address = ":443"
|
||||
[entryPoints.websecure.http.tls]
|
||||
# certResolver = "letsEncrypt"
|
||||
|
||||
[entryPoints.metrics]
|
||||
address = ":8989"
|
||||
|
||||
[api]
|
||||
dashboard = true
|
||||
|
||||
[ping]
|
||||
entrypoint = "web"
|
||||
|
||||
[metrics]
|
||||
[metrics.prometheus]
|
||||
entrypoint = "metrics"
|
||||
# manualRouting = true
|
||||
|
||||
[providers.file]
|
||||
directory = "/etc/traefik/conf"
|
||||
watch = true
|
||||
|
||||
[providers.consulCatalog]
|
||||
connectAware = true
|
||||
connectByDefault = true
|
||||
exposedByDefault = false
|
||||
defaultRule = "Host(`{{normalize .Name}}.${var.base_hostname}`)"
|
||||
[providers.consulCatalog.endpoint]
|
||||
address = "http://<< env "CONSUL_HTTP_ADDR" >>"
|
||||
EOH
|
||||
destination = "/config/traefik.toml"
|
||||
}
|
||||
|
||||
template {
|
||||
# Avoid conflict with TOML lists [[ ]] and Go templates {{ }}
|
||||
left_delimiter = "<<"
|
||||
right_delimiter = ">>"
|
||||
data = <<EOH
|
||||
[http]
|
||||
[http.routers]
|
||||
[http.routers.nomad]
|
||||
entryPoints = ["web", "websecure"]
|
||||
# middlewares = []
|
||||
service = "nomad"
|
||||
rule = "Host(`nomad.${var.base_hostname}`)"
|
||||
[http.routers.consul]
|
||||
entryPoints = ["web", "websecure"]
|
||||
# middlewares = []
|
||||
service = "consul"
|
||||
rule = "Host(`consul.${var.base_hostname}`)"
|
||||
|
||||
[http.services]
|
||||
[http.services.nomad]
|
||||
[http.services.nomad.loadBalancer]
|
||||
[[http.services.nomad.loadBalancer.servers]]
|
||||
url = "http://<< env "NOMAD_IP_web" >>:4646"
|
||||
[http.services.consul]
|
||||
[http.services.consul.loadBalancer]
|
||||
[[http.services.consul.loadBalancer.servers]]
|
||||
url = "http://<< env "NOMAD_IP_web" >>:8500"
|
||||
|
||||
EOH
|
||||
destination = "/config/conf/route-hashi.toml"
|
||||
change_mode = "noop"
|
||||
}
|
||||
|
||||
resources {
|
||||
|
||||
@ -1,9 +1,3 @@
|
||||
variable "base_hostname" {
|
||||
type = string
|
||||
description = "Base hostname to serve content from"
|
||||
default = "dev.homelab"
|
||||
}
|
||||
|
||||
variable "count" {
|
||||
type = number
|
||||
default = 2
|
||||
@ -55,8 +49,6 @@ job "whoami" {
|
||||
|
||||
tags = [
|
||||
"traefik.enable=true",
|
||||
"traefik.http.routers.whoami.entrypoints=web,websecure",
|
||||
"traefik.http.routers.whoami.tls=true",
|
||||
]
|
||||
}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user