diff options
author | Alex Auvolat <alex@adnab.me> | 2022-08-24 18:19:04 +0200 |
---|---|---|
committer | Alex Auvolat <alex@adnab.me> | 2022-08-24 18:19:04 +0200 |
commit | 0d2d46f4371a424b3e7c476a472d1dcc098b36d7 (patch) | |
tree | e63b9c7e6b74ce3d542b616c064c675e99f9874d /cluster/prod | |
parent | cfb1d623d9711156a1195312afa5cebadc8a6697 (diff) | |
download | nixcfg-0d2d46f4371a424b3e7c476a472d1dcc098b36d7.tar.gz nixcfg-0d2d46f4371a424b3e7c476a472d1dcc098b36d7.zip |
skip consul tls verify for diplonat and tricot (should be reverted?)
Diffstat (limited to 'cluster/prod')
-rw-r--r-- | cluster/prod/app/core/deploy/core.hcl | 4 | ||||
-rw-r--r-- | cluster/prod/app/frontend/deploy/frontend-tricot.hcl | 8 |
2 files changed, 6 insertions, 6 deletions
diff --git a/cluster/prod/app/core/deploy/core.hcl b/cluster/prod/app/core/deploy/core.hcl index b87f15d..b2acb43 100644 --- a/cluster/prod/app/core/deploy/core.hcl +++ b/cluster/prod/app/core/deploy/core.hcl @@ -18,7 +18,7 @@ job "core" { driver = "docker" config { - image = "lxpz/amd64_diplonat:3" + image = "lxpz/amd64_diplonat:4" network_mode = "host" readonly_rootfs = true volumes = [ @@ -54,7 +54,7 @@ DIPLONAT_REFRESH_TIME=60 DIPLONAT_EXPIRATION_TIME=300 DIPLONAT_CONSUL_NODE_NAME={{ env "attr.unique.hostname" }} DIPLONAT_CONSUL_URL=https://consul.service.prod.consul:8501 -DIPLONAT_CONSUL_CA_CERT=/etc/diplonat/consul.crt +DIPLONAT_CONSUL_TLS_SKIP_VERIFY=true DIPLONAT_CONSUL_CLIENT_CERT=/etc/diplonat/consul-client.crt DIPLONAT_CONSUL_CLIENT_KEY=/etc/diplonat/consul-client.key RUST_LOG=debug diff --git a/cluster/prod/app/frontend/deploy/frontend-tricot.hcl b/cluster/prod/app/frontend/deploy/frontend-tricot.hcl index 904e9fb..fcc7c46 100644 --- a/cluster/prod/app/frontend/deploy/frontend-tricot.hcl +++ b/cluster/prod/app/frontend/deploy/frontend-tricot.hcl @@ -19,7 +19,7 @@ job "frontend" { driver = "docker" config { - image = "lxpz/amd64_tricot:41" + image = "lxpz/amd64_tricot:42" network_mode = "host" readonly_rootfs = true ports = [ "http_port", "https_port" ] @@ -41,8 +41,8 @@ job "frontend" { } template { - data = "{{ key \"secrets/consul/consul.crt\" }}" - destination = "secrets/consul.crt" + data = "{{ key \"secrets/consul/consul-ca.crt\" }}" + destination = "secrets/consul-ca.crt" } template { @@ -61,7 +61,7 @@ TRICOT_NODE_NAME={{ env "attr.unique.consul.name" }} TRICOT_LETSENCRYPT_EMAIL=alex@adnab.me TRICOT_ENABLE_COMPRESSION=true TRICOT_CONSUL_HOST=https://consul.service.prod.consul:8501 -TRICOT_CONSUL_CA_CERT=/etc/tricot/consul.crt +TRICOT_CONSUL_TLS_SKIP_VERIFY=true TRICOT_CONSUL_CLIENT_CERT=/etc/tricot/consul-client.crt TRICOT_CONSUL_CLIENT_KEY=/etc/tricot/consul-client.key TRICOT_HTTP_BIND_ADDR=[::]:80 |