Switches gitea to git.captnemo.in

2017-12-25 17:58:13 +05:30 · 2017-12-25 17:58:13 +05:30 · 59f5f49271
parent a554b2dab5
commit 59f5f49271
4 changed files with 26 additions and 4 deletions
--- a/cloudflare/main.tf
+++ b/cloudflare/main.tf
@ -20,6 +20,13 @@ resource "cloudflare_record" "docker" {
  type   = "A"
 }

+resource "cloudflare_record" "debug" {
+  domain = "${var.domain}"
+  name   = "debug.in"
+  value  = "10.8.0.14"
+  type   = "A"
+}
+
 resource "cloudflare_record" "internet" {
  domain = "${var.domain}"
  name   = "@"
--- a/docker/conf/traefik.toml
+++ b/docker/conf/traefik.toml
@ -8,6 +8,9 @@ defaultEntryPoints = ["http", "https"]
  address = ":443"
  # This is required for ACME support
  [entryPoints.https.tls]
+  [[entryPoints.https.tls.certificates]]
+    certFile = "/etc/traefik/git.captnemo.in.crt"
+    keyFile  = "/etc/traefik/git.captnemo.in.key"

 [docker]
  # Make sure you mount this as readonly
@ -78,7 +81,8 @@ sans = [
  "emby.in.bb8.fun",
  "debug.in.bb8.fun",
  "flexget.bb8.fun",
-  # "gitea.bb8.fun",
+  "git.bb8.fun",
+  "gitea.bb8.fun",
  "headphones.bb8.fun",
  "home.bb8.fun",
  "home.in.bb8.fun",
--- a/docker/main.tf
+++ b/docker/main.tf
@ -61,11 +61,12 @@ resource docker_container "gitea" {
  labels {
    "traefik.port" = 3000
    "traefik.enable" = "true"
-    "traefik.frontend.headers.SSLTemporaryRedirect" = "true"
+    "traefik.frontend.rule" = "Host:git.captnemo.in"
    "traefik.frontend.headers.STSSeconds" = "2592000"
-    "traefik.frontend.headers.STSIncludeSubdomains" = "false"
-    "traefik.frontend.headers.contentTypeNosniff" = "true"
    "traefik.frontend.headers.browserXSSFilter" = "true"
+    "traefik.frontend.headers.contentTypeNosniff" = "true"
+    "traefik.frontend.headers.SSLTemporaryRedirect" = "true"
+    "traefik.frontend.headers.STSIncludeSubdomains" = "false"
    "traefik.frontend.headers.customResponseHeaders" = "${var.xpoweredby}"
    "traefik.frontend.headers.customFrameOptionsValue" = "${var.xfo_allow}"
  }
--- a/docker/traefik.tf
+++ b/docker/traefik.tf
@ -48,6 +48,16 @@ resource "docker_container" "traefik" {
    file    = "/etc/traefik/traefik.toml"
  }

+  upload {
+    content = "${file("/home/nemo/projects/personal/certs/git.captnemo.in/fullchain.pem")}"
+    file    = "/etc/traefik/git.captnemo.in.crt"
+  }
+
+  upload {
+    content = "${file("/home/nemo/projects/personal/certs/git.captnemo.in/privkey.pem")}"
+    file    = "/etc/traefik/git.captnemo.in.key"
+  }
+
  volumes {
    host_path         = "/var/run/docker.sock"
    container_path    = "/var/run/docker.sock"