Skip to content

Commit

Permalink
Merge pull request #7 from SUNET/masv_config
Browse files Browse the repository at this point in the history
Some config changes.
  • Loading branch information
masv3971 authored Oct 13, 2023
2 parents e2c987c + de49923 commit 5e9ebb3
Show file tree
Hide file tree
Showing 2 changed files with 26 additions and 7 deletions.
22 changes: 20 additions & 2 deletions dev_haproxy.cfg
Original file line number Diff line number Diff line change
Expand Up @@ -19,8 +19,24 @@ frontend stats
stats uri /
stats refresh 10s

frontend myfrontend
bind :80
frontend front_http
bind 0.0.0.0:80
bind :::80

redirect scheme https code 301

frontend front_https
bind *:443 ssl crt /etc/ssl/vc.pem alpn h2,http/1.1
stats enable

timeout http-request 10s
timeout http-keep-alive 4s

#http-request redirect scheme https unless { ssl_fc }

# http-request set-header X-SSL-Client-Cert %{+Q}[ssl_c_der,base64]
# http-request set-header X-SSL-Client-CN %{+Q}[ssl_c_s_dn(cn)]
# http-request set-header X-SSL-Client-Verify %[ssl_c_verify]

use_backend issuer if { path /issuer } || { path_beg /issuer/ }
use_backend verifier if { path /verifier } || { path_beg /verifier/ }
Expand All @@ -30,6 +46,7 @@ frontend myfrontend
backend issuer
http-request replace-path /issuer(/)?(.*) /\2
server issuer_server issuer:8080 resolvers docker_resolver resolve-prefer ipv4
# server issuer_server vc_issuer:8080 ssl verify optional crt-ignore-err all ca-file /cert/ladok_utv_dev.crt resolvers docker_resolver resolve-prefer ipv4

backend verifier
http-request replace-path /verifier(/)?(.*) /\2
Expand All @@ -42,3 +59,4 @@ backend datastore
backend registry
http-request replace-path /registry(/)?(.*) /\2
server registry_server registry:8080 resolvers docker_resolver resolve-prefer ipv4

11 changes: 6 additions & 5 deletions docker-compose.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,8 @@ services:
depends_on:
- redis
- mongo
- datastore
- registry
networks:
- vc-net
environment:
Expand All @@ -37,7 +39,6 @@ services:
depends_on:
- redis
- mongo
- issuer
networks:
- vc-net
environment:
Expand All @@ -58,12 +59,11 @@ services:
depends_on:
- redis
- mongo
- issuer
networks:
- vc-net
environment:
- "VC_CONFIG_YAML=config.yaml"

registry:
container_name: "vc_registry"
image: docker.sunet.se/dc4eu/registry:latest
Expand All @@ -79,7 +79,6 @@ services:
depends_on:
- redis
- mongo
- issuer
networks:
- vc-net
environment:
Expand All @@ -93,8 +92,10 @@ services:
- 8404:8404
volumes:
- ./dev_haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg:ro
- ./pki/vc.pem:/etc/ssl/vc.pem:ro
networks:
- vc-net
vc-net:
ipv4_address: 172.16.50.200

redis:
image: redis:alpine
Expand Down

0 comments on commit 5e9ebb3

Please sign in to comment.