Use traefik_tags template
This commit is contained in:
parent
2717f33d2d
commit
8a8974103d
|
@ -28,25 +28,7 @@ job "[[ .instance ]]" {
|
|||
}
|
||||
|
||||
tags = [
|
||||
"[[ $c.traefik.instance ]].enable=[[ $c.traefik.enabled ]]",
|
||||
|
||||
# Define a middleware to set custom CSP headers
|
||||
"[[ $c.traefik.instance ]].http.middlewares.[[ .instance ]]-headers[[ .consul.suffix ]].headers.contentsecuritypolicy=[[ range $k, $v := $c.traefik.csp ]][[ $k ]] [[ $v ]];[[ end ]]",
|
||||
|
||||
[[- if not (regexp.Match "^/?$" (urlParse $c.public_url).Path) ]]
|
||||
# Diagrams exposed by traefik on a subpath. Define a middleware to strip the prefix before passing the request to the backend
|
||||
"[[ $c.traefik.instance ]].http.middlewares.[[ .instance ]]-prefix[[ .consul.suffix ]].stripprefix.prefixes=[[ (urlParse .diagrams.public_url).Path ]]",
|
||||
[[- end ]]
|
||||
|
||||
# Main app router
|
||||
"[[ $c.traefik.instance ]].http.routers.[[ .instance ]][[ .consul.suffix ]].rule=Host(`[[ (urlParse $c.public_url).Hostname ]]`)
|
||||
[[- if not (regexp.Match "^/?$" (urlParse $c.public_url).Path) ]] && PathPrefix(`[[ (urlParse $c.public_url).Path ]]`)[[ end ]]",
|
||||
"[[ $c.traefik.instance ]].http.routers.[[ .instance ]][[ .consul.suffix ]].entrypoints=[[ join $c.traefik.entrypoints "," ]]",
|
||||
[[- if not (regexp.Match "^/?$" (urlParse $c.public_url).Path) ]]
|
||||
"[[ $c.traefik.instance ]].http.routers.[[ .instance ]][[ .consul.suffix ]].middlewares=[[ .instance ]]-prefix[[ $c.consul.suffix ]],[[ .instance ]]-headers[[ .consul.suffix ]],[[ template "common/traefik_middlewares.tpl" $c ]]",
|
||||
[[- else ]]
|
||||
"[[ $c.traefik.instance ]].http.routers.[[ .instance ]][[ .consul.suffix ]].middlewares=[[ .instance ]]-headers[[ .consul.suffix ]],[[ template "common/traefik_middlewares.tpl" $c ]]",
|
||||
[[- end ]]
|
||||
[[ template "common/traefik_tags" $c ]]
|
||||
]
|
||||
}
|
||||
|
||||
|
|
|
@ -17,6 +17,17 @@ job "diagrams" {
|
|||
sidecar_service {
|
||||
}
|
||||
sidecar_task {
|
||||
config {
|
||||
args = [
|
||||
"-c",
|
||||
"${NOMAD_SECRETS_DIR}/envoy_bootstrap.json",
|
||||
"-l",
|
||||
"${meta.connect.log_level}",
|
||||
"--concurrency",
|
||||
"${meta.connect.proxy_concurrency}",
|
||||
"--disable-hot-restart"
|
||||
]
|
||||
}
|
||||
|
||||
resources {
|
||||
cpu = 50
|
||||
|
@ -41,15 +52,13 @@ job "diagrams" {
|
|||
}
|
||||
|
||||
tags = [
|
||||
|
||||
"traefik.enable=true",
|
||||
|
||||
# Define a middleware to set custom CSP headers
|
||||
"traefik.http.middlewares.diagrams-headers.headers.contentsecuritypolicy=connect-src 'self' https://*.dropboxapi.com https://api.trello.com https://api.github.com https://raw.githubusercontent.com https://*.googleapis.com https://*.googleusercontent.com https://graph.microsoft.com https://*.1drv.com https://*.sharepoint.com https://gitlab.com https://*.google.com https://fonts.gstatic.com https://fonts.googleapis.com;default-src 'self';font-src * about:;frame-src 'self' https://*.google.com;img-src * data:;media-src * data:;script-src 'self' https://storage.googleapis.com https://apis.google.com https://docs.google.com https://code.jquery.com 'unsafe-inline';style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;",
|
||||
|
||||
# Main app router
|
||||
"traefik.http.routers.diagrams.rule=Host(`draw.example.org`)",
|
||||
"traefik.http.routers.diagrams.entrypoints=https",
|
||||
"traefik.http.routers.diagrams.middlewares=diagrams-headers,rate-limit-std@file,inflight-std@file,security-headers@file,hsts@file",
|
||||
"traefik.http.middlewares.diagrams-csp.headers.contentsecuritypolicy=connect-src 'self' https://*.dropboxapi.com https://api.trello.com https://api.github.com https://raw.githubusercontent.com https://*.googleapis.com https://*.googleusercontent.com https://graph.microsoft.com https://*.1drv.com https://*.sharepoint.com https://gitlab.com https://*.google.com https://fonts.gstatic.com https://fonts.googleapis.com;default-src 'self';font-src * about:;frame-src 'self' https://*.google.com;img-src * data:;media-src * data:;script-src 'self' https://storage.googleapis.com https://apis.google.com https://docs.google.com https://code.jquery.com 'unsafe-inline';style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;",
|
||||
"traefik.http.routers.diagrams.middlewares=diagrams-csp,rate-limit-std@file,inflight-std@file,security-headers@file,hsts@file",
|
||||
|
||||
]
|
||||
}
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
FROM danielberteaud/java:17.24.1-9
|
||||
FROM danielberteaud/java:17.24.1-10
|
||||
MAINTAINER Daniel Berteaud <dbd@ehtrace.com>
|
||||
|
||||
ARG TOMCAT_VERSION=9.0.85 \
|
||||
|
|
Loading…
Reference in New Issue