Deploy to localhost instead of seperate VM
This commit is contained in:
parent
5aa567c8b7
commit
b05d1647b3
14 changed files with 27 additions and 252 deletions
|
|
@ -1,33 +0,0 @@
|
|||
# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }}
|
||||
#
|
||||
# vim:set ts=2 sw=2 et:
|
||||
# use uppercase table names for compatibility with docker
|
||||
|
||||
flush ruleset
|
||||
|
||||
table inet filter {
|
||||
chain INPUT {
|
||||
type filter hook input priority 0; policy drop;
|
||||
|
||||
# accept any localhost traffic
|
||||
iif lo accept
|
||||
|
||||
# accept traffic originated from us
|
||||
ct state { established, related } accept
|
||||
|
||||
tcp dport { 22, 80, 443 } accept
|
||||
}
|
||||
|
||||
chain FORWARD {
|
||||
type filter hook forward priority 0; policy drop;
|
||||
ct state { established, related } accept;
|
||||
|
||||
mark 1 accept
|
||||
}
|
||||
}
|
||||
|
||||
table ip filter {
|
||||
chain DOCKER-USER {
|
||||
mark set 1
|
||||
}
|
||||
}
|
||||
|
|
@ -1,26 +0,0 @@
|
|||
# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }}
|
||||
#
|
||||
server {
|
||||
listen 80;
|
||||
server_name {{ app_name }}.fudiggity.nl;
|
||||
return 301 https://$server_name$request_uri;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name {{ app_name }}.fudiggity.nl;
|
||||
|
||||
ssl_certificate /etc/ssl/{{ app_name }}/{{ app_name }}.crt;
|
||||
ssl_certificate_key /etc/ssl/{{ app_name }}/local.pem;
|
||||
|
||||
access_log /var/log/nginx/{{ app_name }}.log;
|
||||
error_log /var/log/nginx/{{ app_name }}.log;
|
||||
|
||||
location / {
|
||||
include proxy_params;
|
||||
|
||||
proxy_redirect off;
|
||||
|
||||
proxy_pass http://localhost:9000;
|
||||
}
|
||||
}
|
||||
|
|
@ -1,17 +0,0 @@
|
|||
# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }}
|
||||
#
|
||||
[Unit]
|
||||
Description=Sentry
|
||||
Requires=docker.service
|
||||
After=docker.service
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=yes
|
||||
User={{ app_user }}
|
||||
ExecStart=/usr/local/bin/docker-compose up --detach
|
||||
ExecStop=/usr/local/bin/docker-compose down
|
||||
WorkingDirectory={{ app_dir }}
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }}
|
||||
#
|
||||
ansible ALL = (sentry:sentry) NOPASSWD: ALL
|
||||
Reference in a new issue