Page MenuHomeDevCentral

D2179.id.diff
No OneTemporary

D2179.id.diff

diff --git a/roles/paas-docker/containers/acme_dns.sls b/roles/paas-docker/containers/acme_dns.sls
--- a/roles/paas-docker/containers/acme_dns.sls
+++ b/roles/paas-docker/containers/acme_dns.sls
@@ -68,6 +68,6 @@
- port_bindings:
- 53:53
- 53:53/udp
- - {{ container['app_port'] }}:80
+ - 127.0.0.1:{{ container['app_port'] }}:80
{% endfor %}
diff --git a/roles/paas-docker/nginx/files/includes/geo_nasqueron b/roles/paas-docker/nginx/files/includes/geo_nasqueron
new file mode 100644
--- /dev/null
+++ b/roles/paas-docker/nginx/files/includes/geo_nasqueron
@@ -0,0 +1,21 @@
+geo $nasqueron_server {
+ default 0;
+
+ # Dreadnought
+ 51.255.124.8/30 1;
+
+ # Ysul
+ 163.172.49.16 1;
+ 212.83.187.132 1;
+
+ # WindRiver
+ 51.159.18.59 1;
+
+ # CloudHugger
+ 188.165.200.229 1;
+}
+
+map $not_a_nasqueron_server {
+ default 0;
+ 0 1;
+}
diff --git a/roles/paas-docker/nginx/files/vhosts/acme_dns.conf b/roles/paas-docker/nginx/files/vhosts/acme_dns.conf
--- a/roles/paas-docker/nginx/files/vhosts/acme_dns.conf
+++ b/roles/paas-docker/nginx/files/vhosts/acme_dns.conf
@@ -1 +1,63 @@
-{% include 'roles/paas-docker/nginx/files/vhosts/_default.conf' %}
+# -------------------------------------------------------------
+# Configuration for Docker PaaS front-end nginx
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Author: Sébastien Santoro aka Dereckson
+# Created: 2020-02-04
+# Source file: roles/paas-docker/nginx/files/vhosts/acme_dns.conf
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+include includes/geo_nasqueron;
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name {{ fqdn }};
+
+ include includes/letsencrypt;
+
+ return 301 https://$host$request_uri;
+}
+
+server {
+ server_name {{ fqdn }};
+
+ include includes/tls;
+ ssl_certificate /srv/letsencrypt/etc/live/{{ fqdn }}/fullchain.pem;
+ ssl_certificate_key /srv/letsencrypt/etc/live/{{ fqdn }}/privkey.pem;
+
+ include includes/letsencrypt;
+
+ # ---------------------------------------------------------
+ # Public homepage
+ # - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+ root /var/wwwroot-502/acme.nasqueron.org;
+
+ location = / {
+ index index.html;
+ }
+
+ location = /index.html {
+ }
+
+ # ---------------------------------------------------------
+ # API
+ # - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+ location / {
+ if ($not_a_nasqueron_server) {
+ return 403;
+ }
+
+ proxy_pass http://localhost:{{ app_port }};
+ include includes/proxy_params;
+ }
+
+}

File Metadata

Mime Type
text/plain
Expires
Sun, Nov 24, 14:12 (5 h, 20 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2260334
Default Alt Text
D2179.id.diff (2 KB)

Event Timeline