From 8df2970e7c547b02b91b1be4f9c02ada032fbef0 Mon Sep 17 00:00:00 2001 From: Sven Ketelsen Date: Mon, 1 Nov 2021 11:58:21 +0100 Subject: [PATCH] feat: reverse proxy configuration for gitea - https://... - ssh@...:2222 --- group_vars/all/plain.yml | 20 ++++++++++---------- roles/gitea/vars/main.yml | 22 ++++++---------------- roles/traefik/vars/main.yml | 4 ++-- templates/traefik/traefik.toml.j2 | 9 +++------ 4 files changed, 21 insertions(+), 34 deletions(-) diff --git a/group_vars/all/plain.yml b/group_vars/all/plain.yml index 586df64..0a3a6b2 100644 --- a/group_vars/all/plain.yml +++ b/group_vars/all/plain.yml @@ -89,21 +89,21 @@ https_port: "443" service_port: "8080" management_port: "8081" -service_port_cadvisor: "8080" -service_port_elasticsearch: "9200" -service_port_iam: "8082" -service_port_webdav: "8080" -service_port_keycloak: "8080" -service_port_kibana: "5601" -service_port_logstash: "5044" service_port_mssql: "1433" +service_port_git: "2222" service_port_mysql: "3306" -service_port_node_exporter: "9100" +service_port_logstash: "5044" service_port_postgres: "5432" -service_port_portainer: "9000" +service_port_kibana: "5601" +service_port_cadvisor: "8080" +service_port_webdav: "8080" +service_port_keycloak: "8080" +service_port_iam: "8082" +service_port_sonarqube: "9000" service_port_pgadmin: "9001" service_port_phpmyadmin: "9002" -service_port_sonarqube: "9000" +service_port_node_exporter: "9100" +service_port_elasticsearch: "9200" monitor_port_system: "9082" monitor_port_docker: "9083" diff --git a/roles/gitea/vars/main.yml b/roles/gitea/vars/main.yml index bea7571..8eda8cd 100644 --- a/roles/gitea/vars/main.yml +++ b/roles/gitea/vars/main.yml @@ -15,6 +15,11 @@ gitea_labels: [ '"traefik.http.routers.{{ gitea_id }}-admin.tls=true"', '"traefik.http.routers.{{ gitea_id }}-admin.tls.certresolver=letsencrypt"', '"traefik.http.services.{{ gitea_id }}-admin.loadbalancer.server.port=3000"', + + '"traefik.tcp.routers.{{ gitea_id }}-git.service={{ gitea_id }}-git"', + '"traefik.tcp.routers.{{ gitea_id }}-git.rule=HostSNI(`*`)"', + '"traefik.tcp.routers.{{ gitea_id }}-git.entrypoints=git"', + '"traefik.tcp.services.{{ gitea_id }}-git.loadbalancer.server.port=22"', ] gitea_environment: [ @@ -30,10 +35,6 @@ gitea_environment: [ gitea_docker: { networks: [ - { - name: back-tier, - external: true, - }, { name: front-tier, external: true, @@ -58,19 +59,8 @@ gitea_docker: { '"/etc/localtime:/etc/localtime:ro"', ], networks: [ - '"back-tier"', '"front-tier"', - ], - ports: [ - { - "external": "3000", - "internal": "3000", - }, - { - "external": "2222", - "internal": "22", - }, - ], + ] extra_hosts: "{{ gitea_extra_hosts | default([]) }}", } ], diff --git a/roles/traefik/vars/main.yml b/roles/traefik/vars/main.yml index 6826892..dc8f85f 100644 --- a/roles/traefik/vars/main.yml +++ b/roles/traefik/vars/main.yml @@ -37,8 +37,8 @@ traefik_docker: { internal: "{{ https_port }}" }, { - external: "0.0.0.0:{{ service_port_portainer }}", - internal: "{{ service_port_portainer }}" + external: "0.0.0.0:{{ service_port_git }}", + internal: "{{ service_port_git }}" }, { external: "0.0.0.0:{{ service_port_pgadmin }}", diff --git a/templates/traefik/traefik.toml.j2 b/templates/traefik/traefik.toml.j2 index c9cdae0..119e075 100644 --- a/templates/traefik/traefik.toml.j2 +++ b/templates/traefik/traefik.toml.j2 @@ -38,12 +38,9 @@ [entryPoints.websecure] address = ":{{ https_port }}" - ### portainer as a service for the host ### - [entryPoints.service-portainer ] - address = ":{{ service_port_portainer }}" - [entryPoints.service-portainer.http.redirections.entryPoint] - to = "service-portainer" - scheme = "https" + ### git/ssh as a service for the host ### + [entryPoints.git ] + address = ":{{ service_port_git }}" ### mysql admin service for the host ### [entryPoints.admin-mysql]