From ca17236700a402d4b24fb68495bdcf135f5d4669 Mon Sep 17 00:00:00 2001 From: do Date: Wed, 17 Feb 2021 21:32:04 +0100 Subject: [PATCH] cr, dr-mirror, gcr-mirror - the mirrors won't do --- base/hostconfig/adm01.sls | 62 +++++++++++++++++++++++++++++++++----- base/hostconfig/auto02.sls | 36 ++-------------------- 2 files changed, 58 insertions(+), 40 deletions(-) diff --git a/base/hostconfig/adm01.sls b/base/hostconfig/adm01.sls index 8ae2a9d..8b2d0c3 100644 --- a/base/hostconfig/adm01.sls +++ b/base/hostconfig/adm01.sls @@ -1,19 +1,31 @@ pki: cns: - cr.lan + - gcr-mirror.lan + - dr-mirror.lan + - docker-registry.lan systemd: service: container-container-registry: Unit: Description: Container Registry - After: network-online.target local-fs.target + After: network-online.target local-fs.target podman.socket Before: haproxy.service - Requires: io.podman.service Service: ExecStart: /usr/bin/podman start -a container-registry ExecStop: /usr/bin/podman stop container-registry Install: WantedBy: multi-user.target + container-dr-mirror: + Unit: + Description: docker.io mirror + After: network-online.target local-fs.target podman.socket + Before: haproxy.service + Service: + ExecStart: /usr/bin/podman start -a dr-mirror + ExecStop: /usr/bin/podman stop dr-mirror + Install: + WantedBy: multi-user.target haproxy: enabled: True overwrite: True @@ -81,9 +93,13 @@ haproxy: - "*:443 ssl crt /etc/pki/chain ca-file /etc/pki/intca.crt" default_backend: container-registry acls: - - host_cr hdr_beg(host) -i cr. + - host_cr hdr_beg(host) -i cr. docker-registry. + - host_gcr-mirror hdr_beg(host) -i gcr-mirror. + - host_dr-mirror hdr_beg(host) -i dr-mirror. use_backends: - - container-registry if host_cr + - container-registry if host_cr + - gcr-mirror if host_gcr-mirror + - dr-mirror if host_dr-mirror backends: backend1: name: container-registry @@ -97,11 +113,43 @@ haproxy: options: - http-server-close extra: - #- http-request add-header Access-Control-Allow-Origin "http://docker-registry.lan" - http-response add-header Access-Control-Allow-Origin "*" - http-response add-header Access-Control-Allow-Methods "HEAD, GET, OPTIONS, DELETE" - http-response add-header Access-Control-Allow-Headers "Authorization, Accept" - http-response add-header Access-Control-Allow-Credentials true - http-response add-header Access-Control-Expose-Headers "Docker-Content-Digest" - - \ No newline at end of file + backend2: + name: dr-mirror + balance: roundrobin + servers: + server1: + name: adm01 + host: 127.0.0.1 + port: 5500 + check: check + options: + - http-server-close + extra: + - http-response add-header Access-Control-Allow-Origin "*" + - http-response add-header Access-Control-Allow-Methods "HEAD, GET, OPTIONS" + - http-response add-header Access-Control-Allow-Headers "Authorization, Accept" + - http-response add-header Access-Control-Allow-Credentials true + - http-response add-header Access-Control-Expose-Headers "Docker-Content-Digest" + backend3: + name: gcr-mirror + balance: roundrobin + servers: + server1: + name: adm01 + host: 127.0.0.1 + port: 5600 + check: check + options: + - http-server-close + extra: + - http-response add-header Access-Control-Allow-Origin "*" + - http-response add-header Access-Control-Allow-Methods "HEAD, GET, OPTIONS" + - http-response add-header Access-Control-Allow-Headers "Authorization, Accept" + - http-response add-header Access-Control-Allow-Credentials true + - http-response add-header Access-Control-Expose-Headers "Docker-Content-Digest" + \ No newline at end of file diff --git a/base/hostconfig/auto02.sls b/base/hostconfig/auto02.sls index ae6a236..ce73ad6 100644 --- a/base/hostconfig/auto02.sls +++ b/base/hostconfig/auto02.sls @@ -40,17 +40,6 @@ systemd: ExecStop: /usr/bin/podman stop pihole Install: WantedBy: multi-user.target - container-docker-registry: - Unit: - Description: Docker Registry - After: network-online.target local-fs.target - Before: haproxy.service - Requires: io.podman.service - Service: - ExecStart: /usr/bin/podman start -a docker-registry - ExecStop: /usr/bin/podman stop docker-registry - Install: - WantedBy: multi-user.target container-zwave2mqtt: Unit: Description: zwave2mqtt - yes @@ -144,13 +133,11 @@ haproxy: - host_auto-conf hdr_beg(host) -i auto-conf. - host_z2m hdr_beg(host) -i zwave2mqtt. - host_pihole hdr_beg(host) -i pihole. - - host_docker-registry hdr_beg(host) -i docker-registry. use_backends: - auto if host_auto - auto-conf if host_auto-conf - z2m if host_z2m - pihole if host_pihole - - docker-registry if host_docker-registry backends: backend1: name: auto @@ -192,23 +179,6 @@ haproxy: host: 127.0.0.1 port: 8080 check: check - backend5: - name: docker-registry - balance: roundrobin - servers: - server1: - name: auto02 - host: 127.0.0.1 - port: 5000 - check: check - options: - - http-server-close - extra: - #- http-request add-header Access-Control-Allow-Origin "http://docker-registry.lan" - - http-response add-header Access-Control-Allow-Origin "*" - - http-response add-header Access-Control-Allow-Methods "HEAD, GET, OPTIONS, DELETE" - - http-response add-header Access-Control-Allow-Headers "Authorization, Accept" - - http-response add-header Access-Control-Allow-Credentials true - - http-response add-header Access-Control-Expose-Headers "Docker-Content-Digest" - - \ No newline at end of file + + + \ No newline at end of file