Minor enhancements
This commit is contained in:
parent
be39958d66
commit
91fee9f25c
2
deps/common
vendored
2
deps/common
vendored
|
@ -1 +1 @@
|
|||
Subproject commit 90a3625ebcff54b6b645c71362a89a1508f9a1cc
|
||||
Subproject commit 32a9bacc01c161bd60961fb578675f5c69026537
|
|
@ -1,5 +1,6 @@
|
|||
job "rpms-repo" {
|
||||
datacenters = [[ .nomad.datacenters | toJSON ]]
|
||||
|
||||
[[- template "common/job_start.tpl" . ]]
|
||||
|
||||
group "web" {
|
||||
|
||||
|
@ -31,7 +32,10 @@ job "rpms-repo" {
|
|||
tags = [
|
||||
"[[ .env.traefik ]].enable=true",
|
||||
"[[ .env.traefik ]].http.routers.repo-web[[ .env.suffix ]].rule=Host(`[[ (.repo.nginx.public_url | urlParse).Host ]]`)",
|
||||
"[[ .env.traefik ]].http.routers.repo-web[[ .env.suffix ]].entrypoints=https",
|
||||
"[[ .env.traefik ]].http.routers.repo-web[[ .env.suffix ]].entrypoints=[[ join .repo.nginx.traefik.entrypoints "," ]]",
|
||||
[[- if gt (len .repo.nginx.traefik.middlewares) 0 ]]
|
||||
"[[ .env.traefik ]].http.routers.repo-web[[ .env.suffix ]].middlewares=[[ join .repo.nginx.traefik.middlewares "," ]]",
|
||||
[[- end ]]
|
||||
"[[ .env.traefik ]].http.routers.repo-web[[ .env.suffix ]].tls=true",
|
||||
]
|
||||
}
|
||||
|
@ -96,7 +100,10 @@ _EOF
|
|||
"[[ .env.traefik ]].enable=true",
|
||||
"[[ .env.traefik ]].tcp.routers.repo-rsync[[ .env.suffix ]].rule=HostSNI(`*`)
|
||||
[[- if gt (len .repo.rsync.allowed_cidr) 0 ]] && ([[ range $idx, $cidr := .repo.rsync.allowed_cidr ]][[ if ne $idx 0 ]] || [[ end ]]ClientIP(`[[ $cidr ]]`)[[ end ]])[[ end ]]",
|
||||
"[[ .env.traefik ]].tcp.routers.repo-rsync[[ .env.suffix ]].entrypoints=[[ join .repo.rsync.traefik_entrypoints "," ]]",
|
||||
"[[ .env.traefik ]].tcp.routers.repo-rsync[[ .env.suffix ]].entrypoints=[[ join .repo.rsync.traefik.entrypoints "," ]]",
|
||||
[[- if gt (len .repo.rsync.traefik.middlewares) 0 ]]
|
||||
"[[ .env.traefik ]].http.routers.repo-rsync[[ .env.suffix ]].middlewares=[[ join .repo.rsync.traefik.middlewares "," ]]",
|
||||
[[- end ]]
|
||||
# Traefik doesn't support Consul Connect for TCP services yet
|
||||
"[[ .env.traefik ]].consulcatalog.connect=false"
|
||||
]
|
||||
|
|
|
@ -11,7 +11,7 @@ repo:
|
|||
# Resources to allocate
|
||||
resources:
|
||||
cpu: 20
|
||||
memory: 20
|
||||
memory: 40
|
||||
|
||||
# Public URL of the repo
|
||||
public_url: https://rpms.example.org
|
||||
|
@ -19,6 +19,13 @@ repo:
|
|||
# Driver to use for the task (docker or podman)
|
||||
driver: docker
|
||||
|
||||
traefik:
|
||||
# A list of entrypoints on which the ssh service will be exposed
|
||||
entrypoints:
|
||||
- https
|
||||
# Optional list of middlewares to apply
|
||||
middlewares: []
|
||||
|
||||
# Optional, additional env vars
|
||||
env: {}
|
||||
|
||||
|
@ -37,9 +44,12 @@ repo:
|
|||
# Optional, additional env vars
|
||||
env: {}
|
||||
|
||||
# A list of entrypoints on which the ssh service will be exposed
|
||||
traefik_entrypoints:
|
||||
- repo-rsync
|
||||
traefik:
|
||||
# A list of entrypoints on which the ssh service will be exposed
|
||||
entrypoints:
|
||||
- repo-rsync
|
||||
# Optional list of middlewares to apply
|
||||
middlewares: []
|
||||
|
||||
# A list of IP or CIDR from which connections will be allowed
|
||||
# If empty, no restriction will be done and any IP will be accepter
|
||||
|
|
Loading…
Reference in New Issue
Block a user