feat: add traefik2 for all the services (except monitoring) in dev mode #1287
Conversation
Currently the traefik2 configuration is for DEV, i.e. it assumes a bunch of self-signed certificates (via mkcert) to be provisioned. In other words there is not yet the ACME http01 challenge. It will be introduced after i make sure it works
| - "traefik.enable=true" | ||
| #- "traefik.hc.frontend.rule=Path:/api/gsuite-wrapper/healthcheck;PathPrefixStrip:/api/gsuite-wrapper" | ||
| #- "traefik.doc.frontend.rule=Path:/api/gsuite-wrapper/api-docs.json;PathPrefixStrip:/api/gsuite-wrapper" | ||
| # ---------old ^ for some reason it was all that was exposed, TODO: check |
There was a problem hiding this comment.
Are you sure that's all what was exposed? I thought we used gsuite-wrapper on prod once, since it is deployed there
There was a problem hiding this comment.
well weirdly, yes, but again that's why i wrote i have to double check
| @@ -10,6 +10,9 @@ services: | |||
| environment: | |||
| POSTGRES_USER: "postgres" | |||
| POSTGRES_PASSWORD: "${PW_POSTGRES}" | |||
| labels: | |||
| # we don't access via traefik | |||
| - "traefik.enable=false" | |||
|
|
|||
| knowledge: | |||
There was a problem hiding this comment.
Not sure if we should have this file here. We never actually got a use for it and are using Confluence now for KMS. Might be good to remove it when moving to monorepo and just archive the old repo.
There was a problem hiding this comment.
By this file you mean this module altogether I presume?
- the enablement MUST be specified - use a common middleware for all the metrics routes - specify the entrypoint=websecure so that there are no other routes made in auto by traefik - bump the traefik version to 2.11
also specify entrypoints
I built the image with those files inside and tagged it :prod
|
|
||
| events-static: | ||
| restart: on-failure | ||
| image: aegee/nginx-static:latest | ||
| image: aegee/nginx-static:prod |
There was a problem hiding this comment.
Does this mean we also updated nginx versions? Not sure if we really maintained this image. Which is the Dockerfile for it?
There was a problem hiding this comment.
i only made a Dockerfile FROM aegee/nginx-static:latest and with the 3 COPY instructions, and pushed
Currently the traefik2 configuration is for DEV, i.e. it assumes a bunch of self-signed certificates (via mkcert) to be provisioned. In other words there is not yet the ACME http01 challenge. It will be introduced after i make sure it works
NOTE: this MR is NOT against
stable