124 lines
3.1 KiB
YAML
124 lines
3.1 KiB
YAML
http:
|
||
serversTransports:
|
||
waypoint-insecure:
|
||
insecureSkipVerify: true
|
||
authentik-insecure:
|
||
insecureSkipVerify: true
|
||
|
||
middlewares:
|
||
consul-stripprefix:
|
||
stripPrefix:
|
||
prefixes:
|
||
- "/consul"
|
||
waypoint-auth:
|
||
replacePathRegex:
|
||
regex: "^/auth/token(.*)$"
|
||
replacement: "/auth/token$1"
|
||
|
||
services:
|
||
consul-cluster:
|
||
loadBalancer:
|
||
servers:
|
||
- url: "http://ch4.tailnet-68f9.ts.net:8500" # 韩国,Leader
|
||
- url: "http://warden.tailnet-68f9.ts.net:8500" # 北京,Follower
|
||
- url: "http://ash3c.tailnet-68f9.ts.net:8500" # 美国,Follower
|
||
healthCheck:
|
||
path: "/v1/status/leader"
|
||
interval: "30s"
|
||
timeout: "15s"
|
||
|
||
nomad-cluster:
|
||
loadBalancer:
|
||
servers:
|
||
- url: "http://ch2.tailnet-68f9.ts.net:4646" # 韩国,Leader
|
||
- url: "http://warden.tailnet-68f9.ts.net:4646" # 北京,Follower
|
||
- url: "http://ash3c.tailnet-68f9.ts.net:4646" # 美国,Follower
|
||
healthCheck:
|
||
path: "/v1/status/leader"
|
||
interval: "30s"
|
||
timeout: "15s"
|
||
|
||
waypoint-cluster:
|
||
loadBalancer:
|
||
servers:
|
||
- url: "https://hcp1.tailnet-68f9.ts.net:9701" # hcp1 节点 HTTPS API
|
||
serversTransport: waypoint-insecure
|
||
|
||
vault-cluster:
|
||
loadBalancer:
|
||
servers:
|
||
- url: "http://warden.tailnet-68f9.ts.net:8200" # 北京,单节点
|
||
healthCheck:
|
||
path: "/ui/"
|
||
interval: "30s"
|
||
timeout: "15s"
|
||
|
||
authentik-cluster:
|
||
loadBalancer:
|
||
servers:
|
||
- url: "https://authentik.tailnet-68f9.ts.net:9443" # Authentik容器HTTPS端口
|
||
serversTransport: authentik-insecure
|
||
healthCheck:
|
||
path: "/flows/-/default/authentication/"
|
||
interval: "30s"
|
||
timeout: "15s"
|
||
|
||
routers:
|
||
consul-api:
|
||
rule: "Host(`consul.git4ta.tech`)"
|
||
service: consul-cluster
|
||
entryPoints:
|
||
- websecure
|
||
tls:
|
||
certResolver: cloudflare
|
||
middlewares:
|
||
- consul-stripprefix
|
||
|
||
consul-ui:
|
||
rule: "Host(`consul.git-4ta.live`) && PathPrefix(`/ui`)"
|
||
service: consul-cluster
|
||
entryPoints:
|
||
- websecure
|
||
tls:
|
||
certResolver: cloudflare
|
||
|
||
nomad-api:
|
||
rule: "Host(`nomad.git-4ta.live`)"
|
||
service: nomad-cluster
|
||
entryPoints:
|
||
- websecure
|
||
tls:
|
||
certResolver: cloudflare
|
||
|
||
nomad-ui:
|
||
rule: "Host(`nomad.git-4ta.live`) && PathPrefix(`/ui`)"
|
||
service: nomad-cluster
|
||
entryPoints:
|
||
- websecure
|
||
tls:
|
||
certResolver: cloudflare
|
||
|
||
waypoint-ui:
|
||
rule: "Host(`waypoint.git-4ta.live`)"
|
||
service: waypoint-cluster
|
||
entryPoints:
|
||
- websecure
|
||
tls:
|
||
certResolver: cloudflare
|
||
|
||
vault-ui:
|
||
rule: "Host(`vault.git-4ta.live`)"
|
||
service: vault-cluster
|
||
entryPoints:
|
||
- websecure
|
||
tls:
|
||
certResolver: cloudflare
|
||
|
||
authentik-ui:
|
||
rule: "Host(`authentik1.git-4ta.live`)"
|
||
service: authentik-cluster
|
||
entryPoints:
|
||
- websecure
|
||
tls:
|
||
certResolver: cloudflare
|