Initial project commit

2021-08-28 11:28:23 +12:00
commit af437cfae5
22 changed files with 3442 additions and 0 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -0,0 +1,48 @@
+version: '3.7'
+services:
+  app:
+    image: registry.dockerprod.ultrafast.co.nz/uff/apikeyhandler:0.10
+    networks:
+      - traefik-net
+    volumes:
+      - /etc/localtime:/etc/localtime:ro # Mount Timezone config to container
+      - /data/swarm-vols/apikeyhandler:/opt/apikeyhandler/config # Store Config on Persistent drive shared between nodes
+    deploy:
+      mode: replicated
+      replicas: 1
+      placement:
+        constraints:
+          - node.role == worker # Place this service on Worker Nodes alternatively may specify manager if you want service on manager node.
+      labels:
+        - "traefik.http.routers.apikeyauth.rule=Host(`apiauth-internal.dockertest.ultrafast.co.nz`)" # This label creates a route Traefik will listen on
+        - "traefik.http.routers.apikeyauth.tls=true" # Enable TLS,  in this example using default TLS cert
+        - "traefik.http.services.apikeyauth.loadbalancer.server.port=8080" # Set Port to proxy
+        - "traefik.enable=true" # This flag enables load balancing through Traefik :)
+        - "traefik.docker.network=traefik-net" # Set the network to connect to container on
+        - "traefik.http.middlewares.apikeyauth.forwardauth.address=https://apiauth-internal.dockertest.ultrafast.co.nz"
+        - "traefik.http.middlewares.apikeyauth.forwardauth.trustForwardHeader=true"
+        - "traefik.http.middlewares.apikeyauth.forwardauth.authResponseHeaders=X-Client-Id"
+        - "traefik.http.middlewares.apikeyauth.forwardauth.tls.insecureSkipVerify=true"
+  test_app:
+    image: containous/whoami
+    networks:
+      - traefik-net
+    volumes:
+      - /etc/localtime:/etc/localtime:ro # Mount Timezone config to container
+    deploy:
+      mode: replicated
+      replicas: 1
+      placement:
+        constraints:
+          - node.role == worker # Place this service on Worker Nodes alternatively may specify manager if you want service on manager node.
+      labels:
+        - "traefik.http.routers.testapp.rule=Host(`testapp.dockertest.ultrafast.co.nz`)" # This label creates a route Traefik will listen on
+        - "traefik.http.routers.testapp.tls=true" # Enable TLS,  in this example using default TLS cert
+        - "traefik.http.routers.testapp.middlewares=apikeyauth"
+        - "traefik.http.services.testapp.loadbalancer.server.port=80" # Set Port to proxy
+        - "traefik.enable=true" # This flag enables load balancing through Traefik :)
+        - "traefik.docker.network=traefik-net" # Set the network to connect to container on
+
+networks:
+  traefik-net:
+    external: true