Page MenuHomeDevCentral

D2381.id5988.diff
No OneTemporary

D2381.id5988.diff

diff --git a/PORTS b/PORTS
--- a/PORTS
+++ b/PORTS
@@ -37,4 +37,5 @@
39080 Cachet HTTP
41080 ACME DNS server HTTP
42080 Jenkins HTTP - CI
+ 43080 Hauk
50000 Jenkins master's port for JNLP-based Jenkins agents - CD
diff --git a/pillar/paas/docker.sls b/pillar/paas/docker.sls
--- a/pillar/paas/docker.sls
+++ b/pillar/paas/docker.sls
@@ -66,6 +66,9 @@
- library/sentry
- tianon/exim4
+ # Hauk
+ - bilde2910/hauk
+
# -------------------------------------------------------------
# Networks
#
@@ -430,6 +433,13 @@
title: Nasqueron Photos
max_album_length: 16
+ # Hauk
+ hauk:
+ hauk:
+ app_port: 43080
+ host: geo.nasqueron.org
+ api_entry_point: /hauk
+
# Sentry
# The Sentry instance uses a Redis and a PostgreSQL instance,
# declared above.
diff --git a/roles/paas-docker/containers/hauk.sls b/roles/paas-docker/containers/hauk.sls
new file mode 100644
--- /dev/null
+++ b/roles/paas-docker/containers/hauk.sls
@@ -0,0 +1,49 @@
+# -------------------------------------------------------------
+# Salt — Provision Docker engine
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Created: 2021-07-30
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
+{% set containers = pillar['docker_containers'][grains['id']] %}
+
+{% for instance, container in containers['hauk'].items() %}
+
+# -------------------------------------------------------------
+# Storage directory
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+/srv/hauk/{{ instance }}:
+ file.directory:
+ - user: 9001
+ - makedirs: True
+
+{% if has_selinux %}
+selinux_context_{{ instance }}_data:
+ selinux.fcontext_policy_present:
+ - name: /srv/hauk/{{ instance }}
+ - sel_type: container_file_t
+
+selinux_context_{{ instance }}_data_applied:
+ selinux.fcontext_policy_applied:
+ - name: /srv/hauk/{{ instance }}
+{% endif %}
+
+# -------------------------------------------------------------
+# Container
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+{{ instance }}:
+ docker_container.running:
+ - detach: True
+ - interactive: True
+ - image: bilde2910/hauk
+ - binds: /srv/hauk/{{ instance }}/var:/etc/hauk
+ - ports:
+ - 80
+ - port_bindings:
+ - {{ container['app_port'] }}:80
+
+{% endfor %}
diff --git a/roles/paas-docker/nginx/files/vhosts/hauk.conf b/roles/paas-docker/nginx/files/vhosts/hauk.conf
new file mode 100644
--- /dev/null
+++ b/roles/paas-docker/nginx/files/vhosts/hauk.conf
@@ -0,0 +1,53 @@
+# -------------------------------------------------------------
+# Configuration for Docker PaaS front-end nginx
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Author: Sébastien Santoro aka Dereckson
+# Created: 2021-07-30
+# Source file: roles/paas-docker/nginx/files/vhosts/hauk.conf
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+# -------------------------------------------------------------
+# Application - {{ fqdn }}
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name {{ fqdn }};
+
+ include includes/letsencrypt;
+
+ return 301 https://$host$request_uri;
+}
+
+server {
+ server_name {{ fqdn }};
+
+ include includes/tls;
+ ssl_certificate /srv/letsencrypt/etc/live/{{ fqdn }}/fullchain.pem;
+ ssl_certificate_key /srv/letsencrypt/etc/live/{{ fqdn }}/privkey.pem;
+
+ add_header Referrer-Policy same-origin always;
+ add_header X-Frame-Options DENY always;
+ add_header X-Content-Type-Options nosniff always;
+ add_header X-XSS-Protection "1; mode=block" always;
+ add_header X-Robots-Tag "noindex, nofollow" always;
+
+ include includes/letsencrypt;
+
+ location {{ args['api_entry_point'] }} {
+ proxy_pass http://localhost:{{ app_port }};
+ include includes/proxy_params;
+ }
+
+ root /var/wwwroot-502/_default;
+ error_page 502 /502.html;
+ location /502.html {}
+}

File Metadata

Mime Type
text/plain
Expires
Sat, Nov 16, 00:31 (2 h, 48 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2246921
Default Alt Text
D2381.id5988.diff (4 KB)

Event Timeline