aboutsummaryrefslogtreecommitdiff
path: root/app/traefik
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2021-01-16 17:07:01 +0100
committerAlex Auvolat <alex@adnab.me>2021-01-16 17:07:01 +0100
commitc74dc92febd1841c8ea5ff31caab0f941d57527d (patch)
treed05a203d95cac988952799667ec43c327a5d9038 /app/traefik
parent0c4ee40e01c95d7bf73236cbead5cc261f67eb9d (diff)
downloadinfrastructure-c74dc92febd1841c8ea5ff31caab0f941d57527d.tar.gz
infrastructure-c74dc92febd1841c8ea5ff31caab0f941d57527d.zip
Proposal: reorganize app/ folder by modules
Diffstat (limited to 'app/traefik')
-rw-r--r--app/traefik/config/traefik.toml50
-rw-r--r--app/traefik/deploy/traefik.hcl72
2 files changed, 122 insertions, 0 deletions
diff --git a/app/traefik/config/traefik.toml b/app/traefik/config/traefik.toml
new file mode 100644
index 0000000..4a48fde
--- /dev/null
+++ b/app/traefik/config/traefik.toml
@@ -0,0 +1,50 @@
+InsecureSkipVerify = true
+defaultEntryPoints = ["http", "https"]
+
+[entryPoints]
+ [entryPoints.admin]
+ address = ":8082"
+
+ [entryPoints.http]
+ address = ":80"
+ [entryPoints.http.redirect]
+ entryPoint = "https"
+
+ [entryPoints.https]
+ address = ":443"
+ compress = true
+ [entryPoints.https.tls]
+
+[ping]
+entrypoint = "admin"
+
+[retry]
+
+[acme]
+ email = "quentin@dufour.io"
+ storage = "traefik/acme/account"
+ entryPoint = "https"
+ onHostRule = true
+
+ [acme.httpChallenge]
+ entryPoint = "http"
+
+[api]
+ entryPoint = "admin"
+ dashboard = true
+
+[consul]
+ endpoint = "172.17.0.1:8500"
+ watch = true
+ prefix = "traefik"
+
+[consulCatalog]
+ endpoint = "172.17.0.1:8500"
+ prefix = "traefik"
+ domain = "web.deuxfleurs.fr"
+ exposedByDefault = false
+
+[metrics]
+ [metrics.prometheus]
+ # -- below is for traefik 1.7 see https://doc.traefik.io/traefik/v1.7/configuration/metrics/
+ entryPoint = "admin"
diff --git a/app/traefik/deploy/traefik.hcl b/app/traefik/deploy/traefik.hcl
new file mode 100644
index 0000000..bcfa95b
--- /dev/null
+++ b/app/traefik/deploy/traefik.hcl
@@ -0,0 +1,72 @@
+job "frontend" {
+ datacenters = ["dc1"]
+ type = "service"
+ priority = 80
+
+ group "traefik" {
+
+ network {
+ port "http_port" { static = 80 }
+ port "https_port" { static = 443 }
+ port "admin_port" { static = 8082 }
+ }
+
+ task "server" {
+ driver = "docker"
+
+ config {
+ image = "amd64/traefik:1.7.20"
+ readonly_rootfs = true
+ network_mode = "host"
+ volumes = [
+ "secrets/traefik.toml:/etc/traefik/traefik.toml",
+ ]
+ ports = [ "http_port", "https_port", "admin_port" ]
+ }
+
+ resources {
+ memory = 265
+ }
+
+ template {
+ data = file("../config/traefik.toml")
+ destination = "secrets/traefik.toml"
+ }
+
+ service {
+ name = "traefik-http"
+ port = "http_port"
+ tags = [ "(diplonat (tcp_port 80))" ]
+ address_mode = "host"
+ }
+
+ service {
+ name = "traefik-https"
+ port = "https_port"
+ tags = [ "(diplonat (tcp_port 443))" ]
+ address_mode = "host"
+ }
+
+ service {
+ name = "traefik-admin"
+ port = "admin_port"
+ address_mode = "host"
+ check {
+ type = "http"
+ protocol = "http"
+ port = 8082
+ address_mode = "driver"
+ path = "/ping"
+ interval = "60s"
+ timeout = "5s"
+ check_restart {
+ limit = 3
+ grace = "90s"
+ ignore_warnings = false
+ }
+ }
+ }
+ }
+ }
+}
+