status-im/infra-nimbus
2
0
Fork 0
mirror of https://github.com/status-im/infra-nimbus.git synced 2025-01-18 17:52:17 +00:00
Code Issues Projects Releases Wiki Activity

logs.nimubs: move nimbus-es to our own SSL proxy

Browse Source 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
This commit is contained in:
Jakub Sokołowski 2022-06-01 11:43:00 +02:00
parent f8b09ccd3c
commit 5e1af52f2d
No known key found for this signature in database
GPG Key ID: 09AA5403E54D9931
4 changed files with 8 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
ansible/group_vars/logs.nimbus.yml
View File

@ -71,23 +71,4 @@ open_ports_list:
- { port: '{{ es_node_port }}', ipset: 'logs.nimbus' } - { port: '{{ es_node_port }}', ipset: 'logs.nimbus' }
- { port: '{{ es_node_port }}', ipset: 'dash.nimbus' } - { port: '{{ es_node_port }}', ipset: 'dash.nimbus' }
- { port: '{{ es_exp_cont_port }}', ipset: 'metrics.hq' } - { port: '{{ es_exp_cont_port }}', ipset: 'metrics.hq' }
- { port: '{{ oauth_local_port }}', ipset: 'proxy.misc' }
# Proxy for ES HQ
nginx_sites:
elasticsearch_hq_http:
- listen 80
- server_name {{ oauth_domain }}
- return 302 https://$server_name$request_uri
elasticsearch_hq_https:
- listen 80
- listen 443 ssl
- server_name {{ oauth_domain }}
- ssl_certificate /certs/status.im/origin.crt
- ssl_certificate_key /certs/status.im/origin.key
- location / {
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:{{ oauth_local_port }}/;
}

8
ansible/logs.yml
View File

@ -15,16 +15,12 @@
roles: roles:
- role: swap-file - role: swap-file
tags: swap-file tags: swap-file
- role: origin-certs - role: open-ports
tags: origin-certs tags: open-ports
- role: elasticsearch - role: elasticsearch
tags: elasticsearch tags: elasticsearch
- role: oauth-proxy - role: oauth-proxy
tags: oauth-proxy tags: oauth-proxy
- role: nginx
tags: nginx
- role: open-ports
tags: open-ports
- name: Configure ElasticSearch servers - name: Configure ElasticSearch servers
become: true become: true

4
ansible/requirements.yml
View File

@ -46,7 +46,7 @@
- name: infra-role-beacon-node-linux - name: infra-role-beacon-node-linux
src: git@github.com:status-im/infra-role-beacon-node-linux.git src: git@github.com:status-im/infra-role-beacon-node-linux.git
version: 53a8258d98e748ef1569647d6ecdb2b6cf00460d version: 1da64ec23c0e81e2d6de818a91b2bb451043c09b
scm: git scm: git
- name: infra-role-beacon-node-windows - name: infra-role-beacon-node-windows
@ -91,7 +91,7 @@
- name: elasticsearch - name: elasticsearch
src: git@github.com:status-im/infra-role-elasticsearch.git src: git@github.com:status-im/infra-role-elasticsearch.git
version: 0731b84f940b4a5de7c999606bc128b238ca3e5c version: 0677d8a98721b451f3d44f9827f05bfd880cfd1d
scm: git scm: git
- name: elasticsearch-lb - name: elasticsearch-lb

7
logs.tf
View File

@ -19,8 +19,7 @@ module "nimbus_log_store" {
resource "cloudflare_record" "nimbus_log_store" { resource "cloudflare_record" "nimbus_log_store" {
zone_id = local.zones["status.im"] zone_id = local.zones["status.im"]
name = "nimbus-es.infra" name = "nimbus-es.infra"
value = module.nimbus_log_store.public_ips[count.index] value = "proxy.infra.status.im"
count = var.log_stores_count type = "CNAME"
type = "A" proxied = false
proxied = true
} }