vault-wrap: мучения продолжаются

2024-07-11 09:30:58 +03:00 · 2024-07-11 09:30:58 +03:00 · 9c0b887909
commit 9c0b887909
parent 8174eb3ead
2 changed files with 3 additions and 2 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -65,6 +65,7 @@ vault_wrap_deploy:
    - docker volume create vault-wrap_vault-wrap-conf
    - docker run --rm -v vault-wrap_vault-wrap-conf:/temporary -v /etc/ssl/certs/:/files alpine cp files/runner1-prod.corp.samsonopt.ru.crt /temporary
    - docker run --rm -v vault-wrap_vault-wrap-conf:/temporary -v /etc/ssl/private/:/files alpine cp files/runner1-prod.corp.samsonopt.ru.key /temporary
    - docker run --rm -v vault-wrap_vault-wrap-conf:/temporary -v ./html_template/index.html:/files alpine cp files/index.html /temporary
    # -cp /etc/ssl/certs/runner1-prod.corp.samsonopt.ru.crt /srv/docker/volumes/vault-wrap_vault-wrap-conf/_data/
    # - cp /etc/ssl/private/runner1-prod.corp.samsonopt.ru.key /srv/docker/volumes/vault-wrap_vault-wrap-conf/_data/
    - export TLS_CERT_FILE=runner1-prod.corp.samsonopt.ru.crt
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -6,7 +6,7 @@ services:
    image: $IMAGE_PATH/vault-wrap:$RELEASE_VERSION
    container_name: vault-wrap
    environment:
-      - ACTION_ADDRESS=${ACTION_ADDRESS:-https://secret.corp.samsonopt.ru}
+      - ACTION_ADDRESS=${ACTION_ADDRESS:-secret.corp.samsonopt.ru}
      - VAULT_ADDRESS=${VAULT_ADDRESS}
      - LISTEN_PORT=1234
      - TLS_KEY_FILE=${TLS_KEY_FILE}
@ -30,7 +30,7 @@ services:
      - "traefik.http.routers.secret.rule=Host(`secret.corp.samsonopt.ru`)"
      - "traefik.http.services.secret.loadbalancer.server.port=1234"
      - "traefik.docker.network=reverse-proxy"
-      - "traefik.http.routers.secret.tls=false"
+      - "traefik.http.routers.secret.tls=true"
      - "traefik.http.services.secret.loadbalancer.server.scheme=http"
    networks:
      - default