From 7258b129c47d5558c52f6f060990e68eacdd5e59 Mon Sep 17 00:00:00 2001 From: decentral1se Date: Thu, 10 Jun 2021 12:36:54 +0200 Subject: [PATCH] Support OVH configuration See https://github.com/Autonomic-Cooperative/traefik/pull/1. --- .env.sample | 8 ++++++++ abra.sh | 3 ++- compose.ovh.yml | 21 +++++++++++++++++++++ compose.yml | 17 +++++++++-------- entrypoint.sh.tmpl | 10 ++++++++++ 5 files changed, 50 insertions(+), 9 deletions(-) create mode 100644 compose.ovh.yml create mode 100644 entrypoint.sh.tmpl diff --git a/.env.sample b/.env.sample index 3f12a1b..bbadded 100644 --- a/.env.sample +++ b/.env.sample @@ -13,6 +13,14 @@ LOG_LEVEL=WARN #LETS_ENCRYPT_DNS_CHALLENGE_ENABLED=1 #LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER=ovh +## OVH configuration +# COMPOSE_FILE="compose.yml:compose.ovh.yml" +# OVH_ENABLED=1 +# OVH_APPLICATION_KEY= +# OVH_ENDPOINT= +# SECRET_OVH_APP_SECRET_VERSION=v1 +# SECRET_OVH_CONSUMER_KEY=v1 + ## Enable Keycloak #COMPOSE_FILE="compose.yml:compose.keycloak.yml" #KEYCLOAK_MIDDLEWARE_ENABLED=1 diff --git a/abra.sh b/abra.sh index a53694e..2f8abf1 100644 --- a/abra.sh +++ b/abra.sh @@ -1,2 +1,3 @@ -export TRAEFIK_YML_VERSION=v8 +export TRAEFIK_YML_VERSION=v9 export FILE_PROVIDER_YML_VERSION=v2 +export ENTRYPOINT_VERSION=v1 diff --git a/compose.ovh.yml b/compose.ovh.yml new file mode 100644 index 0000000..e9580c2 --- /dev/null +++ b/compose.ovh.yml @@ -0,0 +1,21 @@ +version: "3.8" + +services: + app: + environment: + - OVH_APPLICATION_KEY + - OVH_APPLICATION_SECRET_FILE=/run/secrets/ovh_app_secret + - OVH_CONSUMER_KEY_FILE=/run/secrets/ovh_consumer_key + - OVH_ENABLED + - OVH_ENDPOINT + secrets: + - ovh_app_secret + - ovh_consumer_key + +secrets: + ovh_app_secret: + name: ${STACK_NAME}_ovh_app_secret_${SECRET_OVH_APP_SECRET_VERSION} + external: true + ovh_consumer_key: + name: ${STACK_NAME}_ovh_consumer_key_${SECRET_OVH_CONSUMER_KEY} + external: true diff --git a/compose.yml b/compose.yml index dca5dce..365843f 100644 --- a/compose.yml +++ b/compose.yml @@ -16,25 +16,22 @@ services: target: /etc/traefik/traefik.yml - source: file_provider_yml target: /etc/traefik/file-provider.yml + - source: entrypoint + target: /custom-entrypoint.sh + mode: 0555 networks: - proxy environment: - DASHBOARD_ENABLED - LOG_LEVEL - {{ if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_ENABLED") "1" }} - {{ if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER") "ovh" }} - - OVH_APPLICATION_KEY - - OVH_APPLICATION_SECRET - - OVH_CONSUMER_KEY - - OVH_ENDPOINT - {{ end }} - {{ end }} healthcheck: test: ["CMD", "traefik", "healthcheck"] interval: 30s timeout: 10s retries: 10 start_period: 1m + command: traefik + entrypoint: /custom-entrypoint.sh deploy: update_config: failure_action: rollback @@ -61,5 +58,9 @@ configs: name: ${STACK_NAME}_file_provider_yml_${FILE_PROVIDER_YML_VERSION} file: file-provider.yml.tmpl template_driver: golang + entrypoint: + name: ${STACK_NAME}_entrypoint_${ENTRYPOINT_VERSION} + file: entrypoint.sh.tmpl + template_driver: golang volumes: letsencrypt: diff --git a/entrypoint.sh.tmpl b/entrypoint.sh.tmpl new file mode 100644 index 0000000..84c59b6 --- /dev/null +++ b/entrypoint.sh.tmpl @@ -0,0 +1,10 @@ +#!/bin/sh + +set -e + +{{ if eq (env "OVH_ENABLED") "1" }} +export OVH_CONSUMER_KEY=$(cat "$OVH_CONSUMER_KEY_FILE") +export OVH_APPLICATION_SECRET=$(cat "$OVH_APPLICATION_SECRET_FILE") +{{ end }} + +/entrypoint.sh "$@"