logs.nimubs: move nimbus-es to our own SSL proxy

Signed-off-by: Jakub Sokołowski <jakub@status.im>
This commit is contained in:
Jakub Sokołowski 2022-06-01 11:43:00 +02:00
parent f8b09ccd3c
commit 5e1af52f2d
No known key found for this signature in database
GPG Key ID: 09AA5403E54D9931
4 changed files with 8 additions and 32 deletions

View File

@ -71,23 +71,4 @@ open_ports_list:
- { port: '{{ es_node_port }}', ipset: 'logs.nimbus' }
- { port: '{{ es_node_port }}', ipset: 'dash.nimbus' }
- { port: '{{ es_exp_cont_port }}', ipset: 'metrics.hq' }
# Proxy for ES HQ
nginx_sites:
elasticsearch_hq_http:
- listen 80
- server_name {{ oauth_domain }}
- return 302 https://$server_name$request_uri
elasticsearch_hq_https:
- listen 80
- listen 443 ssl
- server_name {{ oauth_domain }}
- ssl_certificate /certs/status.im/origin.crt
- ssl_certificate_key /certs/status.im/origin.key
- location / {
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:{{ oauth_local_port }}/;
}
- { port: '{{ oauth_local_port }}', ipset: 'proxy.misc' }

View File

@ -15,16 +15,12 @@
roles:
- role: swap-file
tags: swap-file
- role: origin-certs
tags: origin-certs
- role: open-ports
tags: open-ports
- role: elasticsearch
tags: elasticsearch
- role: oauth-proxy
tags: oauth-proxy
- role: nginx
tags: nginx
- role: open-ports
tags: open-ports
- name: Configure ElasticSearch servers
become: true

View File

@ -46,7 +46,7 @@
- name: infra-role-beacon-node-linux
src: git@github.com:status-im/infra-role-beacon-node-linux.git
version: 53a8258d98e748ef1569647d6ecdb2b6cf00460d
version: 1da64ec23c0e81e2d6de818a91b2bb451043c09b
scm: git
- name: infra-role-beacon-node-windows
@ -91,7 +91,7 @@
- name: elasticsearch
src: git@github.com:status-im/infra-role-elasticsearch.git
version: 0731b84f940b4a5de7c999606bc128b238ca3e5c
version: 0677d8a98721b451f3d44f9827f05bfd880cfd1d
scm: git
- name: elasticsearch-lb

View File

@ -19,8 +19,7 @@ module "nimbus_log_store" {
resource "cloudflare_record" "nimbus_log_store" {
zone_id = local.zones["status.im"]
name = "nimbus-es.infra"
value = module.nimbus_log_store.public_ips[count.index]
count = var.log_stores_count
type = "A"
proxied = true
value = "proxy.infra.status.im"
type = "CNAME"
proxied = false
}