1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
define catlfish::frontend(
$image = 'docker.sunet.se/ctct/catlfish-dev',
$version = 'latest'
)
{
$base = '/var/local/db/urd.appendto.org'
file {$base: ensure => directory } ->
file {"${base}/${name}": ensure => directory } ->
sunet::docker_run{"${name}_varnish":
image => "docker.sunet.se/varnish",
imagetag => "latest",
env => ["BACKEND_PORT=tcp://${name}_frontend.docker:8080"]
ports => ["80:80"],
}
sunet::docker_run{"${name}_stud":
image => "docker.sunet.se/stud",
imagetag => "latest",
volumes => ["/etc/ssl:/etc/ssl"],
env => ["BACKEND_PORT=tcp://${name}_varnish.docker:80"],
ports => ["443:443"]
}
sunet::docker_run {'${name}_frontend':
image => $image,
imagetag => $version,
ports => ["8080:8080","8082:8082"],
volumes => ["/data/${name}/catlfish:/usr/local/etc/catlfish:ro","${base}/${name}:/var/local/db/catlfish"],
command => ["frontend"]
}
ufw::allow { "${name}-allow-http":
ip => 'any',
port => 80
}
ufw::allow { "${name}-allow-https":
ip => 'any',
port => 443
}
ufw:allow { "${name}-allow-8082-acl0":
ip => '130.242.125.0/24',
port => 8082
}
}
|