libre.sh/compose-website
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Splits haproxy-confd in 2 images

Browse source
This commit is contained in:
pierreozoux 2014-10-27 11:40:36 +00:00
parent 57e51fbd67
commit 9210f0ea75
6 changed files with 107 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
confd/conf.d/crt-list.toml Normal file
View file

@ -0,0 +1,7 @@
[template]
src = "crt-list.tmpl"
dest = "/etc/haproxy/crt-list"
keys = [
"/services"
]
reload_cmd = "/docker kill --signal=\"SIGUSR1\" haproxy"

7
confd/conf.d/haproxy.toml Normal file
View file

@ -0,0 +1,7 @@
[template]
src = "haproxy.cfg.tmpl"
dest = "/etc/haproxy/haproxy.cfg"
keys = [
"/services"
]
reload_cmd = "/docker kill --signal=\"SIGUSR1\" haproxy"

7
confd/templates/crt-list.tmpl Normal file
View file

@ -0,0 +1,7 @@
{{range $app := lsdir "/services"}}
{{$hostnames := printf "/services/%s/*" $app}}
{{range gets $hostnames}}
{{$hostname := .Key}}
/etc/haproxy/approved-certs/{{base $hostname}}.pem {{base $hostname}}
{{end}}
{{end}}

63
confd/templates/haproxy.cfg.tmpl Normal file
View file

@ -0,0 +1,63 @@
{{$default_service_value := getv "/services/default"}}
{{$default_service := json $default_service_value}}
{{$default_url := printf "/services/%s/%s" $default_service.app $default_service.hostname}}
{{$default_value := getv $default_url}}
{{$default := json $default_value}}
{{$default := json $default_value}}
global
maxconn 4096
user haproxy
group haproxy
defaults
mode http
option httplog
option dontlognull
retries 3
timeout connect 5000
timeout client 50000
timeout server 50000
frontend https-in
mode http
bind *:443 ssl crt-list /etc/haproxy/crt-list crt /etc/haproxy/approved-certs/{{$default_service.hostname}}.pem
reqadd X-Forwarded-Proto:\ https
{{range $app := lsdir "/services"}}
{{$hostnames := printf "/services/%s/*" $app}}
{{range gets $hostnames}}
{{$hostname := .Key}}
{{$data := json .Value}}
# {{base $hostname}}:
acl https_{{base $hostname}} hdr(host) -i {{base $hostname}}
use_backend {{base $hostname}} if https_{{base $hostname}}
{{end}}
{{end}}
default_backend {{$default_service.hostname}}
frontend http-in
bind *:80
{{range $app := lsdir "/services"}}
{{$hostnames := printf "/services/%s/*" $app}}
{{range gets $hostnames}}
{{$hostname := .Key}}
{{$data := json .Value}}
# {{base $hostname}}:
acl is_{{base $hostname}} hdr(host) -i {{base $hostname}}
use_backend {{base $hostname}} if is_{{base $hostname}}
{{end}}
{{end}}
{{range $app := lsdir "/services"}}
{{$hostnames := printf "/services/%s/*" $app}}
{{range gets $hostnames}}
{{$hostname := .Key}}
{{$data := json .Value}}
# {{base $hostname}}:
backend {{base $hostname}}
cookie SERVERID insert nocache indirect
option httpclose
option forwardfor
server Server {{$data.ip}}:{{$data.port}} cookie Server
{{end}}
{{end}}

21
unit-files/haproxy-confd.service Normal file
View file

@ -0,0 +1,21 @@
[Unit]
Description=%p
After=docker.service
Requires=docker.service
[Service]
Restart=always
TimeoutStartSec=0
ExecStartPre=-/usr/bin/docker kill %p
ExecStartPre=-/usr/bin/docker rm %p
ExecStart=/usr/bin/docker run\
--name %p\
-v /data/server-wide/haproxy/:/etc/haproxy/\
-v /data/indiehosters/confd/:/etc/confd/\
-v /var/run/docker.sock:/var/run/docker.sock\
indiehosters/confd
ExecReload=/usr/bin/docker restart %p
ExecStop=/usr/bin/docker stop %p
[Install]
WantedBy=multi-user.target

4
unit-files/haproxy.service
View file

@ -10,10 +10,10 @@ ExecStartPre=-/usr/bin/docker kill %p
ExecStartPre=-/usr/bin/docker rm %p ExecStartPre=-/usr/bin/docker rm %p
ExecStart=/usr/bin/docker run\ ExecStart=/usr/bin/docker run\
--name %p\ --name %p\
-v /data/server-wide/haproxy:/etc/haproxy\
-p 80:80\ -p 80:80\
-p 443:443\ -p 443:443\
-v /data/server-wide/haproxy/approved-certs/:/etc/haproxy/approved-certs\ indiehosters/haproxy
indiehosters/haproxy-confd
ExecReload=/usr/bin/docker restart %p ExecReload=/usr/bin/docker restart %p
ExecStop=/usr/bin/docker stop %p ExecStop=/usr/bin/docker stop %p