summaryrefslogtreecommitdiff
path: root/global/overlay/etc/puppet/manifests/catlfish/frontend.pp
blob: 37d455f87093b1e3da9451d0366e8d3d4a1436dd (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
define catlfish::frontend(
      $image    = 'docker.sunet.se/ctct/catlfish-dev',
      $version  = 'latest'
)
{
   $base = '/var/local/db/urd.appendto.org'
   file {$base: ensure => directory } ->
   file {"${base}/${name}": ensure => directory } ->
   sunet::docker_run{"${name}_varnish":
      image    => "docker.sunet.se/varnish",
      imagetag => "latest",
      env      => ["BACKEND_PORT=tcp://${name}_frontend.docker:8080"]
      ports    => ["80:80"],
   }
   sunet::docker_run{"${name}_stud":
      image    => "docker.sunet.se/stud",
      imagetag => "latest",
      volumes  => ["/etc/ssl:/etc/ssl"],
      env      => ["BACKEND_PORT=tcp://${name}_varnish.docker:80"],
      ports    => ["443:443"]
   }
   sunet::docker_run {'${name}_frontend':
       image    => $image,
       imagetag => $version,
       ports    => ["8080:8080","8082:8082"],
       volumes  => ["/data/${name}/catlfish:/usr/local/etc/catlfish:ro","${base}/${name}:/var/local/db/catlfish"],
       command  => ["frontend"]
   }
   ufw::allow { "${name}-allow-http":
      ip   => 'any',
      port => 80
   }
   ufw::allow { "${name}-allow-https":
      ip   => 'any',
      port => 443
   }
   ufw:allow { "${name}-allow-8082-acl0":
      ip     => '130.242.125.0/24',
      port   => 8082
   }
}