From 58803532da259e9c4869935b024ac8d6940c248e Mon Sep 17 00:00:00 2001 From: svkalinin Date: Thu, 11 Jul 2024 08:20:24 +0300 Subject: [PATCH] =?UTF-8?q?vault-wrap:=20=D0=9F=D1=80=D0=B0=D0=B2=D0=BA?= =?UTF-8?q?=D0=B0=20=D0=B7=D0=B0=D0=BF=D1=83=D1=87=D1=81=D0=BA=D0=B0=20?= =?UTF-8?q?=D0=B2=20=D1=87=D0=B0=D1=81=D1=82=D0=B8=20https?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitlab-ci.yml | 34 +++++++++++++++++----------------- docker-compose.yml | 1 + 2 files changed, 18 insertions(+), 17 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 78615f4..0a924e5 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -74,21 +74,21 @@ vault_wrap_deploy: refs: - main -traefik_deploy: - <<: *dedicated-runner - stage: deploy - script: - - mkdir -p /home/gitlab-runner/traefik - - docker volume create vault-wrap_traefik-ssl - - docker volume create vault-wrap_traefik-dynamic-conf - - docker run --rm -v vault-wrap_traefik-ssl:/temporary -v /etc/ssl/certs/:/files alpine cp files/runner1-prod.corp.samsonopt.ru.crt /temporary - - docker run --rm -v vault-wrap_traefik-ssl:/temporary -v /etc/ssl/private/:/files alpine cp files/runner1-prod.corp.samsonopt.ru.key /temporary - - docker run --rm -v vault-wrap_traefik-dynamic-conf:/temporary -v ./traefik-files:/files alpine cp files/certificates.yml /temporary - - cp traefik-files/traefik.yml /home/gitlab-runner/traefik/traefik.yml - - export TLS_CERT_FILE=runner1-prod.corp.samsonopt.ru.crt - - export TLS_KEY_FILE=runner1-prod.corp.samsonopt.ru.key - - if [ -e .ci_status/vault_wrap_release ]; then docker-compose -f docker-compose.yml up -d traefik; fi - only: - refs: - - main +# traefik_deploy: + # <<: *dedicated-runner + # stage: deploy + # script: + # - mkdir -p /home/gitlab-runner/traefik + # - docker volume create vault-wrap_traefik-ssl + # - docker volume create vault-wrap_traefik-dynamic-conf + # - docker run --rm -v vault-wrap_traefik-ssl:/temporary -v /etc/ssl/certs/:/files alpine cp files/runner1-prod.corp.samsonopt.ru.crt /temporary + # - docker run --rm -v vault-wrap_traefik-ssl:/temporary -v /etc/ssl/private/:/files alpine cp files/runner1-prod.corp.samsonopt.ru.key /temporary + # - docker run --rm -v vault-wrap_traefik-dynamic-conf:/temporary -v ./traefik-files:/files alpine cp files/certificates.yml /temporary + # - cp traefik-files/traefik.yml /home/gitlab-runner/traefik/traefik.yml + # - export TLS_CERT_FILE=runner1-prod.corp.samsonopt.ru.crt + # - export TLS_KEY_FILE=runner1-prod.corp.samsonopt.ru.key + # - if [ -e .ci_status/vault_wrap_release ]; then docker-compose -f docker-compose.yml up -d traefik; fi + # only: + # refs: + # - main diff --git a/docker-compose.yml b/docker-compose.yml index 05337c7..dd74c46 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -29,6 +29,7 @@ services: - "traefik.http.services.secret.loadbalancer.server.port=443" - "traefik.docker.network=reverse-proxy" - "traefik.http.routers.secret.tls=true" + - "traefik.http.services.secret.loadbalancer.server.scheme=https" networks: - default - vault-wrap