chaos/salt-pillar
Archived
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

cr, dr-mirror, gcr-mirror - the mirrors won't do

Browse Source
This commit is contained in:
do
2021-02-17 21:32:04 +01:00
parent 77b9025924
commit ca17236700
2 changed files with 58 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
base/hostconfig/adm01.sls
View File

@@ -1,19 +1,31 @@
pki:
cns:
- cr.lan
- gcr-mirror.lan
- dr-mirror.lan
- docker-registry.lan
systemd:
service:
container-container-registry:
Unit:
Description: Container Registry
After: network-online.target local-fs.target
After: network-online.target local-fs.target podman.socket
Before: haproxy.service
Requires: io.podman.service
Service:
ExecStart: /usr/bin/podman start -a container-registry
ExecStop: /usr/bin/podman stop container-registry
Install:
WantedBy: multi-user.target
container-dr-mirror:
Unit:
Description: docker.io mirror
After: network-online.target local-fs.target podman.socket
Before: haproxy.service
Service:
ExecStart: /usr/bin/podman start -a dr-mirror
ExecStop: /usr/bin/podman stop dr-mirror
Install:
WantedBy: multi-user.target
haproxy:
enabled: True
overwrite: True
@@ -81,9 +93,13 @@ haproxy:
- "*:443 ssl crt /etc/pki/chain ca-file /etc/pki/intca.crt"
default_backend: container-registry
acls:
- host_cr hdr_beg(host) -i cr.
- host_cr hdr_beg(host) -i cr. docker-registry.
- host_gcr-mirror hdr_beg(host) -i gcr-mirror.
- host_dr-mirror hdr_beg(host) -i dr-mirror.
use_backends:
- container-registry if host_cr
- container-registry if host_cr
- gcr-mirror if host_gcr-mirror
- dr-mirror if host_dr-mirror
backends:
backend1:
name: container-registry
@@ -97,11 +113,43 @@ haproxy:
options:
- http-server-close
extra:
#- http-request add-header Access-Control-Allow-Origin "http://docker-registry.lan"
- http-response add-header Access-Control-Allow-Origin "*"
- http-response add-header Access-Control-Allow-Methods "HEAD, GET, OPTIONS, DELETE"
- http-response add-header Access-Control-Allow-Headers "Authorization, Accept"
- http-response add-header Access-Control-Allow-Credentials true
- http-response add-header Access-Control-Expose-Headers "Docker-Content-Digest"
backend2:
name: dr-mirror
balance: roundrobin
servers:
server1:
name: adm01
host: 127.0.0.1
port: 5500
check: check
options:
- http-server-close
extra:
- http-response add-header Access-Control-Allow-Origin "*"
- http-response add-header Access-Control-Allow-Methods "HEAD, GET, OPTIONS"
- http-response add-header Access-Control-Allow-Headers "Authorization, Accept"
- http-response add-header Access-Control-Allow-Credentials true
- http-response add-header Access-Control-Expose-Headers "Docker-Content-Digest"
backend3:
name: gcr-mirror
balance: roundrobin
servers:
server1:
name: adm01
host: 127.0.0.1
port: 5600
check: check
options:
- http-server-close
extra:
- http-response add-header Access-Control-Allow-Origin "*"
- http-response add-header Access-Control-Allow-Methods "HEAD, GET, OPTIONS"
- http-response add-header Access-Control-Allow-Headers "Authorization, Accept"
- http-response add-header Access-Control-Allow-Credentials true
- http-response add-header Access-Control-Expose-Headers "Docker-Content-Digest"