diff options
author | Quentin Dufour <quentin@deuxfleurs.fr> | 2021-01-18 16:46:21 +0100 |
---|---|---|
committer | Quentin Dufour <quentin@deuxfleurs.fr> | 2021-01-18 16:46:21 +0100 |
commit | 2c2efdc27684c1382a4949cff8fe06ee36c0f4c0 (patch) | |
tree | c01dd9454deeec6f43ce5ccd94d12138e6f9ea18 /app/traefik | |
parent | 6c8c861dd50aebf4a12232ecc1fab12c5f83bf03 (diff) | |
parent | ad6017eea058f7cb6fdf078783f992a4f45a3e15 (diff) | |
download | infrastructure-2c2efdc27684c1382a4949cff8fe06ee36c0f4c0.tar.gz infrastructure-2c2efdc27684c1382a4949cff8fe06ee36c0f4c0.zip |
Merge branch 'master' of git.deuxfleurs.fr:Deuxfleurs/infrastructure
Diffstat (limited to 'app/traefik')
-rw-r--r-- | app/traefik/config/traefik.toml | 50 | ||||
-rw-r--r-- | app/traefik/deploy/traefik.hcl | 72 |
2 files changed, 122 insertions, 0 deletions
diff --git a/app/traefik/config/traefik.toml b/app/traefik/config/traefik.toml new file mode 100644 index 0000000..4a48fde --- /dev/null +++ b/app/traefik/config/traefik.toml @@ -0,0 +1,50 @@ +InsecureSkipVerify = true +defaultEntryPoints = ["http", "https"] + +[entryPoints] + [entryPoints.admin] + address = ":8082" + + [entryPoints.http] + address = ":80" + [entryPoints.http.redirect] + entryPoint = "https" + + [entryPoints.https] + address = ":443" + compress = true + [entryPoints.https.tls] + +[ping] +entrypoint = "admin" + +[retry] + +[acme] + email = "quentin@dufour.io" + storage = "traefik/acme/account" + entryPoint = "https" + onHostRule = true + + [acme.httpChallenge] + entryPoint = "http" + +[api] + entryPoint = "admin" + dashboard = true + +[consul] + endpoint = "172.17.0.1:8500" + watch = true + prefix = "traefik" + +[consulCatalog] + endpoint = "172.17.0.1:8500" + prefix = "traefik" + domain = "web.deuxfleurs.fr" + exposedByDefault = false + +[metrics] + [metrics.prometheus] + # -- below is for traefik 1.7 see https://doc.traefik.io/traefik/v1.7/configuration/metrics/ + entryPoint = "admin" diff --git a/app/traefik/deploy/traefik.hcl b/app/traefik/deploy/traefik.hcl new file mode 100644 index 0000000..bcfa95b --- /dev/null +++ b/app/traefik/deploy/traefik.hcl @@ -0,0 +1,72 @@ +job "frontend" { + datacenters = ["dc1"] + type = "service" + priority = 80 + + group "traefik" { + + network { + port "http_port" { static = 80 } + port "https_port" { static = 443 } + port "admin_port" { static = 8082 } + } + + task "server" { + driver = "docker" + + config { + image = "amd64/traefik:1.7.20" + readonly_rootfs = true + network_mode = "host" + volumes = [ + "secrets/traefik.toml:/etc/traefik/traefik.toml", + ] + ports = [ "http_port", "https_port", "admin_port" ] + } + + resources { + memory = 265 + } + + template { + data = file("../config/traefik.toml") + destination = "secrets/traefik.toml" + } + + service { + name = "traefik-http" + port = "http_port" + tags = [ "(diplonat (tcp_port 80))" ] + address_mode = "host" + } + + service { + name = "traefik-https" + port = "https_port" + tags = [ "(diplonat (tcp_port 443))" ] + address_mode = "host" + } + + service { + name = "traefik-admin" + port = "admin_port" + address_mode = "host" + check { + type = "http" + protocol = "http" + port = 8082 + address_mode = "driver" + path = "/ping" + interval = "60s" + timeout = "5s" + check_restart { + limit = 3 + grace = "90s" + ignore_warnings = false + } + } + } + } + } +} + |