From 1fee0441e817483bd20bda370d3a87d3eb37feef Mon Sep 17 00:00:00 2001 From: Quentin Dufour Date: Mon, 9 Mar 2020 14:11:24 +0100 Subject: [frontend,matrix] finally fix order bug with traefik by assigning priorities --- consul/configuration/.gitignore | 2 + consul/configuration/chat/synapse/homeserver.yaml | 9 ++++ consul/configuration/traefik/cloudflare.env.sample | 2 - consul/configuration/traefik/traefik.toml | 47 +++++++++++++++++++ consul/configuration/traefik/traefik.toml.sample | 53 ---------------------- nomad/chat.hcl | 21 ++++++++- nomad/web_static.hcl | 3 +- 7 files changed, 79 insertions(+), 58 deletions(-) delete mode 100644 consul/configuration/traefik/cloudflare.env.sample create mode 100644 consul/configuration/traefik/traefik.toml delete mode 100644 consul/configuration/traefik/traefik.toml.sample diff --git a/consul/configuration/.gitignore b/consul/configuration/.gitignore index 8c55cc6..dabb84d 100644 --- a/consul/configuration/.gitignore +++ b/consul/configuration/.gitignore @@ -27,3 +27,5 @@ !chat/**/* !directory/*/* + +!traefik/traefik.toml diff --git a/consul/configuration/chat/synapse/homeserver.yaml b/consul/configuration/chat/synapse/homeserver.yaml index 0534235..7f313f6 100644 --- a/consul/configuration/chat/synapse/homeserver.yaml +++ b/consul/configuration/chat/synapse/homeserver.yaml @@ -61,6 +61,15 @@ listeners: resources: - names: [client] compress: true + + - port: 8448 + tls: false + bind_address: '' + type: http + + x_forwarded: false + + resources: - names: [federation] compress: false diff --git a/consul/configuration/traefik/cloudflare.env.sample b/consul/configuration/traefik/cloudflare.env.sample deleted file mode 100644 index 072e671..0000000 --- a/consul/configuration/traefik/cloudflare.env.sample +++ /dev/null @@ -1,2 +0,0 @@ -CF_API_EMAIL = "" -CF_API_KEY = "" diff --git a/consul/configuration/traefik/traefik.toml b/consul/configuration/traefik/traefik.toml new file mode 100644 index 0000000..ce50532 --- /dev/null +++ b/consul/configuration/traefik/traefik.toml @@ -0,0 +1,47 @@ +InsecureSkipVerify = true +defaultEntryPoints = ["http", "https"] + +[entryPoints] + [entryPoints.admin] + address = ":8082" + + [entryPoints.http] + address = ":80" + [entryPoints.http.redirect] + entryPoint = "https" + + [entryPoints.https] + address = ":443" + compress = true + [entryPoints.https.tls] + + [entryPoints.matrix] + address = ":8448" + compress = true + [entryPoints.matrix.tls] + +[retry] + +[acme] + email = "quentin@dufour.io" + storage = "traefik/acme/account" + entryPoint = "https" + onHostRule = true + + [acme.httpChallenge] + entryPoint = "http" + +[api] + entryPoint = "admin" + dashboard = true + +[consul] + endpoint = "consul.service.2.cluster.deuxfleurs.fr:8500" + watch = true + prefix = "traefik" + +[consulCatalog] + endpoint = "consul.service.2.cluster.deuxfleurs.fr:8500" + prefix = "traefik" + domain = "web.deuxfleurs.fr" + exposedByDefault = false diff --git a/consul/configuration/traefik/traefik.toml.sample b/consul/configuration/traefik/traefik.toml.sample deleted file mode 100644 index 1e34554..0000000 --- a/consul/configuration/traefik/traefik.toml.sample +++ /dev/null @@ -1,53 +0,0 @@ -InsecureSkipVerify = true -defaultEntryPoints = ["http", "https"] - -[entryPoints] - [entryPoints.admin] - address = ":8082" - [entryPoints.admin.auth.basic] - users = [":"] - - [entryPoints.http] - address = ":80" - [entryPoints.http.redirect] - entryPoint = "https" - - [entryPoints.https] - address = ":443" - compress = true - [entryPoints.https.tls] - -[retry] - -[acme] - email = "quentin@dufour.io" - storage = "traefik/acme/account" - entryPoint = "https" - onHostRule = true - -# [acme.dnsChallenge] -# provider = "cloudflare" -# delayBeforeCheck = 0 - - [acme.httpChallenge] - entryPoint = "http" - -#[[acme.domains]] -# main = "deuxfleurs.fr" - -[api] - entryPoint = "admin" - dashboard = true - -[consul] - endpoint = "consul.service.2.cluster.deuxfleurs.fr:8500" - watch = true - prefix = "traefik" - -[consulCatalog] - endpoint = "consul.service.2.cluster.deuxfleurs.fr:8500" - prefix = "traefik" - domain = "web.deuxfleurs.fr" - exposedByDefault = false - - diff --git a/nomad/chat.hcl b/nomad/chat.hcl index 812f009..042e619 100644 --- a/nomad/chat.hcl +++ b/nomad/chat.hcl @@ -12,6 +12,7 @@ job "chat" { readonly_rootfs = true port_map { client_port = 8008 + federation_port = 8448 } command = "python" args = [ @@ -96,18 +97,20 @@ job "chat" { memory = 4000 network { port "client_port" { } + port "federation_port" { } } } service { - name = "synapse" + name = "synapse-client" port = "client_port" address_mode = "host" tags = [ "matrix", "traefik.enable=true", "traefik.frontend.entryPoints=https", - "traefik.frontend.rule=Host:im.deuxfleurs.fr,deuxfleurs.fr;PathPrefix:/_matrix" + "traefik.frontend.rule=Host:im.deuxfleurs.fr;PathPrefix:/_matrix", + "traefik.frontend.priority=100" ] check { type = "tcp" @@ -121,6 +124,20 @@ job "chat" { } } } + + service { + name = "synapse-federation" + port = "federation_port" + address_mode = "host" + tags = [ + "matrix", + "traefik.enable=true", + "traefik.frontend.entryPoints=https", + "traefik.frontend.rule=Host:deuxfleurs.fr;PathPrefix:/_matrix", + "traefik.frontend.priority=100" + ] + } + } } diff --git a/nomad/web_static.hcl b/nomad/web_static.hcl index 5a3b80f..b3ad3e8 100644 --- a/nomad/web_static.hcl +++ b/nomad/web_static.hcl @@ -38,7 +38,8 @@ EOH "webstatic", "traefik.enable=true", "traefik.frontend.entryPoints=https,http", - "traefik.frontend.rule=Host:deuxfleurs.fr,www.deuxfleurs.fr,deuxfleurs.org,www.deuxfleurs.org;PathPrefix:/" + "traefik.frontend.rule=Host:deuxfleurs.fr,www.deuxfleurs.fr,deuxfleurs.org,www.deuxfleurs.org;PathPrefix:/", + "traefik.frontend.priority=10" ] port = "web_port" address_mode = "host" -- cgit v1.2.3