From 9c0b8879099d6dcb98211d6fbc79c64cf9dc25ab Mon Sep 17 00:00:00 2001 From: svkalinin Date: Thu, 11 Jul 2024 09:30:58 +0300 Subject: [PATCH] =?UTF-8?q?vault-wrap:=20=D0=BC=D1=83=D1=87=D0=B5=D0=BD?= =?UTF-8?q?=D0=B8=D1=8F=20=D0=BF=D1=80=D0=BE=D0=B4=D0=BE=D0=BB=D0=B6=D0=B0?= =?UTF-8?q?=D1=8E=D1=82=D1=81=D1=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitlab-ci.yml | 1 + docker-compose.yml | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 0a924e5..85c36ce 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -65,6 +65,7 @@ vault_wrap_deploy: - docker volume create vault-wrap_vault-wrap-conf - docker run --rm -v vault-wrap_vault-wrap-conf:/temporary -v /etc/ssl/certs/:/files alpine cp files/runner1-prod.corp.samsonopt.ru.crt /temporary - docker run --rm -v vault-wrap_vault-wrap-conf:/temporary -v /etc/ssl/private/:/files alpine cp files/runner1-prod.corp.samsonopt.ru.key /temporary + - docker run --rm -v vault-wrap_vault-wrap-conf:/temporary -v ./html_template/index.html:/files alpine cp files/index.html /temporary # -cp /etc/ssl/certs/runner1-prod.corp.samsonopt.ru.crt /srv/docker/volumes/vault-wrap_vault-wrap-conf/_data/ # - cp /etc/ssl/private/runner1-prod.corp.samsonopt.ru.key /srv/docker/volumes/vault-wrap_vault-wrap-conf/_data/ - export TLS_CERT_FILE=runner1-prod.corp.samsonopt.ru.crt diff --git a/docker-compose.yml b/docker-compose.yml index 3e32b85..7cc3562 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -6,7 +6,7 @@ services: image: $IMAGE_PATH/vault-wrap:$RELEASE_VERSION container_name: vault-wrap environment: - - ACTION_ADDRESS=${ACTION_ADDRESS:-https://secret.corp.samsonopt.ru} + - ACTION_ADDRESS=${ACTION_ADDRESS:-secret.corp.samsonopt.ru} - VAULT_ADDRESS=${VAULT_ADDRESS} - LISTEN_PORT=1234 - TLS_KEY_FILE=${TLS_KEY_FILE} @@ -30,7 +30,7 @@ services: - "traefik.http.routers.secret.rule=Host(`secret.corp.samsonopt.ru`)" - "traefik.http.services.secret.loadbalancer.server.port=1234" - "traefik.docker.network=reverse-proxy" - - "traefik.http.routers.secret.tls=false" + - "traefik.http.routers.secret.tls=true" - "traefik.http.services.secret.loadbalancer.server.scheme=http" networks: - default