1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
define catlfish::frontend(
$logname = undef,
$image = 'docker.sunet.se/ctct/catlfish-dev',
$version = 'latest'
)
{
$base = '/var/local/db'
$db = ""${base}/${logname}"
file {$base: ensure => directory } ->
file {$db: ensure => directory } ->
sunet::docker_run{"${name}_varnish":
image => "docker.sunet.se/varnish",
imagetag => "latest",
env => ["BACKEND_PORT=tcp://${name}_frontend.docker:8080"],
ports => ["80:80"],
} ->
sunet::docker_run{"${name}_stud":
image => "docker.sunet.se/stud",
imagetag => "latest",
volumes => ["/etc/ssl:/etc/ssl"],
env => ["BACKEND_PORT=tcp://${name}_varnish.docker:80"],
ports => ["443:443"]
} ->
sunet::docker_run {"${name}_catlfish":
image => $image,
imagetag => $version,
ports => ["8080:8080","8082:8082"],
volumes => ["/usr/local/etc/catlfish:/usr/local/etc/catlfish:ro","${db}:/var/local/db/catlfish"],
command => ["frontend ${name} ${logname}"]
} ->
ufw::allow { "${name}-allow-http":
ip => 'any',
port => 80
} ->
ufw::allow { "${name}-allow-https":
ip => 'any',
port => 443
} ->
ufw:allow { "${name}-allow-8082-acl0":
ip => '130.242.125.0/24',
port => 8082
}
}
|
