From fdef912a3e821542956d5a86de78d4562b69f702 Mon Sep 17 00:00:00 2001 From: Mahdi Khanzadi Date: Tue, 7 Jan 2025 09:46:37 +0100 Subject: [PATCH] switch to traefik --- .github/workflows/infrastructure.yaml | 1 + proxy/Dockerfile | 4 +- proxy/nginx.conf | 56 --------------------- proxy/traefik.yml | 70 +++++++++++++++++++++++++++ 4 files changed, 73 insertions(+), 58 deletions(-) delete mode 100644 proxy/nginx.conf create mode 100644 proxy/traefik.yml diff --git a/.github/workflows/infrastructure.yaml b/.github/workflows/infrastructure.yaml index 7917ef9..a17daa4 100644 --- a/.github/workflows/infrastructure.yaml +++ b/.github/workflows/infrastructure.yaml @@ -72,6 +72,7 @@ jobs: if: ${{ format('refs/heads/{0}', github.event.repository.default_branch) == github.ref }} permissions: + packages: write contents: read needs: diff --git a/proxy/Dockerfile b/proxy/Dockerfile index 070ba3e..66592e8 100644 --- a/proxy/Dockerfile +++ b/proxy/Dockerfile @@ -1,5 +1,5 @@ -FROM nginx:1.26-alpine +FROM traefik:v3.3 -COPY ./nginx.conf /etc/nginx/conf.d/default.conf +COPY ./traefik.yml /etc/traefik/traefik.yml EXPOSE 80 diff --git a/proxy/nginx.conf b/proxy/nginx.conf deleted file mode 100644 index 749055f..0000000 --- a/proxy/nginx.conf +++ /dev/null @@ -1,56 +0,0 @@ -# Server block to catch-all unmatched subdomains -server { - listen 80 default_server; - - server_name "_"; - - location / { - proxy_pass http://frontend:3000; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - } -} - -# Server block for backend subdomain -server { - listen 80; - server_name "backend.*"; - - location / { - proxy_pass http://app:80; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - } -} - -# Server block for dockerdashboard subdomain -server { - listen 80; - server_name "dockerdashboard.*"; - - location / { - proxy_pass http://docker_dashboard:9000; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - } -} - -# Server block for mongodashboard subdomain -server { - listen 80; - server_name "mongodashboard.*"; - - location / { - proxy_pass http://mongodb_dashboard:8081; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - } -} diff --git a/proxy/traefik.yml b/proxy/traefik.yml new file mode 100644 index 0000000..88cd73c --- /dev/null +++ b/proxy/traefik.yml @@ -0,0 +1,70 @@ +http: + routers: + # Catch-all router for unmatched subdomains + catch-all: + rule: "HostRegexp(`{subdomain:[a-z0-9-]+}.*`)" + entryPoints: + - web + service: frontend-service + middlewares: + - headers + + # Backend subdomain + backend: + rule: "Host(`backend.{subdomain:[a-z0-9-]+}.*`)" + entryPoints: + - web + service: app-service + middlewares: + - headers + + # Docker Dashboard subdomain + dockerdashboard: + rule: "Host(`dockerdashboard.{subdomain:[a-z0-9-]+}.*`)" + entryPoints: + - web + service: docker-dashboard-service + middlewares: + - headers + + # MongoDB Dashboard subdomain + mongodashboard: + rule: "Host(`mongodashboard.{subdomain:[a-z0-9-]+}.*`)" + entryPoints: + - web + service: mongodb-dashboard-service + middlewares: + - headers + + services: + frontend-service: + loadBalancer: + servers: + - url: "http://frontend:3000" + + app-service: + loadBalancer: + servers: + - url: "http://app:80" + + docker-dashboard-service: + loadBalancer: + servers: + - url: "http://docker_dashboard:9000" + + mongodb-dashboard-service: + loadBalancer: + servers: + - url: "http://mongodb_dashboard:8081" + + middlewares: + headers: + headers: + customRequestHeaders: + X-Real-IP: "{remote_ip}" + X-Forwarded-For: "{remote_ip}" + X-Forwarded-Proto: "{scheme}" + +entryPoints: + web: + address: ":80"