diff options
author | Alex Auvolat <alex@adnab.me> | 2021-01-16 17:07:01 +0100 |
---|---|---|
committer | Alex Auvolat <alex@adnab.me> | 2021-01-16 17:07:01 +0100 |
commit | c74dc92febd1841c8ea5ff31caab0f941d57527d (patch) | |
tree | d05a203d95cac988952799667ec43c327a5d9038 /app/traefik | |
parent | 0c4ee40e01c95d7bf73236cbead5cc261f67eb9d (diff) | |
download | infrastructure-c74dc92febd1841c8ea5ff31caab0f941d57527d.tar.gz infrastructure-c74dc92febd1841c8ea5ff31caab0f941d57527d.zip |
Proposal: reorganize app/ folder by modules
Diffstat (limited to 'app/traefik')
-rw-r--r-- | app/traefik/config/traefik.toml | 50 | ||||
-rw-r--r-- | app/traefik/deploy/traefik.hcl | 72 |
2 files changed, 122 insertions, 0 deletions
diff --git a/app/traefik/config/traefik.toml b/app/traefik/config/traefik.toml new file mode 100644 index 0000000..4a48fde --- /dev/null +++ b/app/traefik/config/traefik.toml @@ -0,0 +1,50 @@ +InsecureSkipVerify = true +defaultEntryPoints = ["http", "https"] + +[entryPoints] + [entryPoints.admin] + address = ":8082" + + [entryPoints.http] + address = ":80" + [entryPoints.http.redirect] + entryPoint = "https" + + [entryPoints.https] + address = ":443" + compress = true + [entryPoints.https.tls] + +[ping] +entrypoint = "admin" + +[retry] + +[acme] + email = "quentin@dufour.io" + storage = "traefik/acme/account" + entryPoint = "https" + onHostRule = true + + [acme.httpChallenge] + entryPoint = "http" + +[api] + entryPoint = "admin" + dashboard = true + +[consul] + endpoint = "172.17.0.1:8500" + watch = true + prefix = "traefik" + +[consulCatalog] + endpoint = "172.17.0.1:8500" + prefix = "traefik" + domain = "web.deuxfleurs.fr" + exposedByDefault = false + +[metrics] + [metrics.prometheus] + # -- below is for traefik 1.7 see https://doc.traefik.io/traefik/v1.7/configuration/metrics/ + entryPoint = "admin" diff --git a/app/traefik/deploy/traefik.hcl b/app/traefik/deploy/traefik.hcl new file mode 100644 index 0000000..bcfa95b --- /dev/null +++ b/app/traefik/deploy/traefik.hcl @@ -0,0 +1,72 @@ +job "frontend" { + datacenters = ["dc1"] + type = "service" + priority = 80 + + group "traefik" { + + network { + port "http_port" { static = 80 } + port "https_port" { static = 443 } + port "admin_port" { static = 8082 } + } + + task "server" { + driver = "docker" + + config { + image = "amd64/traefik:1.7.20" + readonly_rootfs = true + network_mode = "host" + volumes = [ + "secrets/traefik.toml:/etc/traefik/traefik.toml", + ] + ports = [ "http_port", "https_port", "admin_port" ] + } + + resources { + memory = 265 + } + + template { + data = file("../config/traefik.toml") + destination = "secrets/traefik.toml" + } + + service { + name = "traefik-http" + port = "http_port" + tags = [ "(diplonat (tcp_port 80))" ] + address_mode = "host" + } + + service { + name = "traefik-https" + port = "https_port" + tags = [ "(diplonat (tcp_port 443))" ] + address_mode = "host" + } + + service { + name = "traefik-admin" + port = "admin_port" + address_mode = "host" + check { + type = "http" + protocol = "http" + port = 8082 + address_mode = "driver" + path = "/ping" + interval = "60s" + timeout = "5s" + check_restart { + limit = 3 + grace = "90s" + ignore_warnings = false + } + } + } + } + } +} + |