feat: add edgecache role
- add edge-caching role - add mirror for debian, almalinux and epel repositories - export service as edgecache in consul
This commit is contained in:
@@ -0,0 +1,76 @@
|
||||
---
|
||||
consul::services:
|
||||
puppet:
|
||||
service_name: 'edgecache'
|
||||
tags:
|
||||
- 'cache'
|
||||
- 'edge'
|
||||
address: "%{facts.networking.ip}"
|
||||
port: 443
|
||||
checks:
|
||||
- id: 'edgecache_https_check'
|
||||
name: 'EdgeCache HTTPS Check'
|
||||
http: "https://%{facts.networking.fqdn}"
|
||||
method: 'GET'
|
||||
tls_skip_verify: true
|
||||
interval: '10s'
|
||||
timeout: '1s'
|
||||
profiles::consul::client::node_rules:
|
||||
- resource: service
|
||||
segment: edgecache
|
||||
disposition: write
|
||||
|
||||
# additional altnames
|
||||
profiles::pki::vault::alt_names:
|
||||
- edgecache.service.consul
|
||||
- edgecache.query.consul
|
||||
|
||||
profiles::edgecache::params::nginx_listen_mode: both
|
||||
profiles::edgecache::params::nginx_cert_type: vault
|
||||
profiles::edgecache::params::nginx_aliases:
|
||||
- edgecache.service.consul
|
||||
- edgecache.query.consul
|
||||
profiles::edgecache::params::directories:
|
||||
/data/edgecache: { owner: root, group: root }
|
||||
/data/edgecache/pub: { owner: nginx, group: nginx }
|
||||
/data/edgecache/pub/almalinux: { owner: nginx, group: nginx }
|
||||
/data/edgecache/pub/debian: { owner: nginx, group: nginx }
|
||||
/data/edgecache/pub/epel: { owner: nginx, group: nginx }
|
||||
|
||||
profiles::edgecache::params::mirrors:
|
||||
debian:
|
||||
ensure: present
|
||||
location: /debian
|
||||
proxy: http://mirror.gsl.icu
|
||||
debian_pool:
|
||||
ensure: present
|
||||
location: /debian/pool
|
||||
proxy: http://mirror.gsl.icu
|
||||
proxy_cache: cache
|
||||
proxy_cache_valid:
|
||||
- '200 302 1440h'
|
||||
- '404 1m'
|
||||
almalinux_repodata:
|
||||
ensure: present
|
||||
location: '~* ^/almalinux/.*/repodata/'
|
||||
proxy: http://gsl-syd.mm.fcix.net
|
||||
almalinux_data:
|
||||
ensure: present
|
||||
location: /almalinux
|
||||
proxy: http://gsl-syd.mm.fcix.net
|
||||
proxy_cache: cache
|
||||
proxy_cache_valid:
|
||||
- '200 302 1440h'
|
||||
- '404 1m'
|
||||
epel_repodata:
|
||||
ensure: present
|
||||
location: '~* ^/epel/.*/repodata/'
|
||||
proxy: http://gsl-syd.mm.fcix.net
|
||||
epel_data:
|
||||
ensure: present
|
||||
location: /epel
|
||||
proxy: http://gsl-syd.mm.fcix.net
|
||||
proxy_cache: cache
|
||||
proxy_cache_valid:
|
||||
- '200 302 1440h'
|
||||
- '404 1m'
|
||||
Reference in New Issue
Block a user