From 27ab6a6842ec0cce2bf165561f7de9b03c7927bd Mon Sep 17 00:00:00 2001 From: Christian Boettcher <c.boettcher@fz-juelich.de> Date: Tue, 15 Mar 2022 09:34:30 +0100 Subject: [PATCH] Add reverse proxy for https and certificate --- dockers/docker-compose.yaml | 43 +++++++++++++++++++++++++++++++++++++ scripts/cloudinit.yml | 2 ++ 2 files changed, 45 insertions(+) diff --git a/dockers/docker-compose.yaml b/dockers/docker-compose.yaml index a5b2ec3..44f5d7a 100644 --- a/dockers/docker-compose.yaml +++ b/dockers/docker-compose.yaml @@ -75,6 +75,37 @@ x-airflow-common: condition: service_healthy services: + + reverse-proxy: + image: "jwilder/nginx-proxy:alpine" + container_name: "reverse-proxy" + volumes: + - "html:/usr/share/nginx/html" + - "dhparam:/etc/nginx/dhparam" + - "vhost:/etc/nginx/vhost.d" + - "certs:/etc/nginx/certs" + - "/run/docker.sock:/tmp/docker.sock:ro" + restart: "always" + ports: + - "80:80" + - "443:443" + + letsencrypt: + image: "jrcs/letsencrypt-nginx-proxy-companion:latest" + container_name: "letsencrypt-helper" + volumes: + - "html:/usr/share/nginx/html" + - "dhparam:/etc/nginx/dhparam" + - "vhost:/etc/nginx/vhost.d" + - "certs:/etc/nginx/certs" + - "/run/docker.sock:/var/run/docker.sock:ro" + environment: + NGINX_PROXY_CONTAINER: "reverse-proxy" + DEFAULT_EMAIL: "m.petrova@fz-juelich.de" + restart: "always" + depends_on: + - "reverse-proxy" + postgres: image: postgres:13 environment: @@ -105,6 +136,13 @@ services: command: webserver ports: - 7001:8080 + + environment: + <<: *airflow-common-env + VIRTUAL_HOST: datalogistics.eflows4hpc.eu + LETSENCRYPT_HOST: datalogistics.eflows4hpc.eu + VIRTUAL_PORT: 8080 + healthcheck: test: ["CMD", "curl", "--fail", "http://localhost:8080/health"] interval: 60s @@ -285,3 +323,8 @@ services: volumes: postgres-db-volume: + certs: + html: + vhost: + dhparam: + diff --git a/scripts/cloudinit.yml b/scripts/cloudinit.yml index 8fdb026..46a09ca 100644 --- a/scripts/cloudinit.yml +++ b/scripts/cloudinit.yml @@ -53,6 +53,8 @@ runcmd: - echo "Current user is $(whoami)" - sudo -u airflow git clone https://gitlab.jsc.fz-juelich.de/eflows4hpc-wp2/data-logistics-service.git ./data-logistics-service - cd ./data-logistics-service + - docker network create net + - docker network create airflow - touch /finished_cloudinit final_message: "The system is finally up, after $UPTIME seconds" \ No newline at end of file -- GitLab