Skip to content

Commit

Permalink
Attempt to disable SSL
Browse files Browse the repository at this point in the history
  • Loading branch information
@euanmillar
euanmillar committed Dec 15, 2023
1 parent 51165a5 commit e0fbf60
Showing 1 changed file with 15 additions and 45 deletions.
60 changes: 15 additions & 45 deletions infrastructure/docker-compose.deploy.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@ services:
mode: host
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /data/traefik/acme.json:/acme.json
command:
- --entrypoints.web.address=:80
- --providers.docker
Expand Down Expand Up @@ -126,9 +125,7 @@ services:
- 'traefik.enable=true'
- 'traefik.http.routers.kibana.rule=Host(`kibana.{{hostname}}`)'
- 'traefik.http.services.kibana.loadbalancer.server.port=5601'
- 'traefik.http.routers.kibana.tls=true'
- 'traefik.http.routers.kibana.tls.certresolver=certResolver'
- 'traefik.http.routers.kibana.entrypoints=web,websecure'
- 'traefik.http.routers.kibana.entrypoints=web'
- 'traefik.docker.network=opencrvs_overlay_net'
- 'traefik.http.middlewares.traefik.headers.stsseconds=31536000'
- 'traefik.http.middlewares.traefik.headers.stsincludesubdomains=true'
Expand Down Expand Up @@ -280,18 +277,14 @@ services:
- 'traefik.docker.network=opencrvs_overlay_net'
# Console
- 'traefik.http.routers.minio-console.rule=Host(`minio-console.{{hostname}}`)'
- 'traefik.http.routers.minio-console.entrypoints=websecure'
- 'traefik.http.routers.minio-console.tls.certresolver=certResolver'
- 'traefik.http.routers.minio-console.entrypoints=web'
- 'traefik.http.routers.minio-console.service=minio-console'
- 'traefik.http.services.minio-console.loadbalancer.server.port=9001'
# API
- 'traefik.http.routers.minio.rule=Host(`minio.{{hostname}}`)'
- 'traefik.http.routers.minio.entrypoints=websecure,web'
- 'traefik.http.routers.minio.tls.certresolver=certResolver'
- 'traefik.http.routers.minio.tls=true'
- 'traefik.http.routers.minio.entrypoints=web'
- 'traefik.http.routers.minio.service=minio'
- 'traefik.http.routers.minio.middlewares=minio-https-redirect'
- 'traefik.http.middlewares.minio-https-redirect.redirectscheme.scheme=https'
- 'traefik.http.services.minio.loadbalancer.server.port=9000'
networks:
- overlay_net
Expand Down Expand Up @@ -470,14 +463,12 @@ services:
- 'traefik.http.routers.client.middlewares=test-replacepathregex'
- 'traefik.http.routers.client.service=client'
- 'traefik.http.services.client.loadbalancer.server.port=80'
- 'traefik.http.routers.client.tls=true'
- 'traefik.http.routers.client.tls.certresolver=certResolver'
- 'traefik.http.routers.client.entrypoints=web,websecure'
- 'traefik.http.routers.client.entrypoints=web'
- 'traefik.docker.network=opencrvs_overlay_net'

- 'traefik.http.middlewares.test-replacepathregex.redirectregex.permanent=true'
- 'traefik.http.middlewares.test-replacepathregex.redirectregex.regex=^https?://{{hostname}}/(.*)'
- 'traefik.http.middlewares.test-replacepathregex.redirectregex.replacement=https://register.{{hostname}}/$${1}'
- 'traefik.http.middlewares.test-replacepathregex.redirectregex.regex=^http?://{{hostname}}/(.*)'
- 'traefik.http.middlewares.test-replacepathregex.redirectregex.replacement=http://register.{{hostname}}/$${1}'

- 'traefik.http.middlewares.client.headers.customresponseheaders.Pragma=no-cache'
- 'traefik.http.middlewares.client.headers.customresponseheaders.Cache-control=no-store'
Expand All @@ -500,8 +491,6 @@ services:
- 'traefik.enable=true'
- 'traefik.http.routers.components.rule=Host(`ui-kit.{{hostname}}`)'
- 'traefik.http.services.components.loadbalancer.server.port=80'
- 'traefik.http.routers.components.tls=true'
- 'traefik.http.routers.components.tls.certresolver=certResolver'
- 'traefik.http.routers.components.entrypoints=web,websecure'
- 'traefik.docker.network=opencrvs_overlay_net'
- 'traefik.http.middlewares.components.headers.customresponseheaders.Pragma=no-cache'
Expand All @@ -525,9 +514,7 @@ services:
- 'traefik.enable=true'
- 'traefik.http.routers.countryconfig.rule=Host(`countryconfig.{{hostname}}`)'
- 'traefik.http.services.countryconfig.loadbalancer.server.port=3040'
- 'traefik.http.routers.countryconfig.tls=true'
- 'traefik.http.routers.countryconfig.tls.certresolver=certResolver'
- 'traefik.http.routers.countryconfig.entrypoints=web,websecure'
- 'traefik.http.routers.countryconfig.entrypoints=web'
- 'traefik.docker.network=opencrvs_overlay_net'
- 'traefik.http.middlewares.countryconfig.headers.customresponseheaders.Pragma=no-cache'
- 'traefik.http.middlewares.countryconfig.headers.customresponseheaders.Cache-control=no-store'
Expand Down Expand Up @@ -558,9 +545,7 @@ services:
- 'traefik.enable=true'
- 'traefik.http.routers.login.rule=Host(`login.{{hostname}}`)'
- 'traefik.http.services.login.loadbalancer.server.port=80'
- 'traefik.http.routers.login.tls=true'
- 'traefik.http.routers.login.tls.certresolver=certResolver'
- 'traefik.http.routers.login.entrypoints=web,websecure'
- 'traefik.http.routers.login.entrypoints=web'
- 'traefik.docker.network=opencrvs_overlay_net'
- 'traefik.http.middlewares.login.headers.customresponseheaders.Pragma=no-cache'
- 'traefik.http.middlewares.login.headers.customresponseheaders.Cache-control=no-store'
Expand Down Expand Up @@ -594,9 +579,7 @@ services:
- 'traefik.enable=true'
- 'traefik.http.routers.auth.rule=Host(`auth.{{hostname}}`)'
- 'traefik.http.services.auth.loadbalancer.server.port=4040'
- 'traefik.http.routers.auth.tls=true'
- 'traefik.http.routers.auth.tls.certresolver=certResolver'
- 'traefik.http.routers.auth.entrypoints=web,websecure'
- 'traefik.http.routers.auth.entrypoints=web'
- 'traefik.docker.network=opencrvs_overlay_net'
- 'traefik.http.middlewares.auth.headers.customresponseheaders.Pragma=no-cache'
- 'traefik.http.middlewares.auth.headers.customresponseheaders.Cache-control=no-store'
Expand Down Expand Up @@ -662,9 +645,7 @@ services:
- 'traefik.enable=true'
- 'traefik.http.routers.gateway.rule=Host(`gateway.{{hostname}}`)'
- 'traefik.http.services.gateway.loadbalancer.server.port=7070'
- 'traefik.http.routers.gateway.tls=true'
- 'traefik.http.routers.gateway.tls.certresolver=certResolver'
- 'traefik.http.routers.gateway.entrypoints=web,websecure'
- 'traefik.http.routers.gateway.entrypoints=web'
- 'traefik.docker.network=opencrvs_overlay_net'
- 'traefik.http.middlewares.gateway.headers.customresponseheaders.Pragma=no-cache'
- 'traefik.http.middlewares.gateway.headers.customresponseheaders.Cache-control=no-store'
Expand Down Expand Up @@ -792,9 +773,7 @@ services:
- 'traefik.enable=true'
- 'traefik.http.routers.config.rule=Host(`config.{{hostname}}`)'
- 'traefik.http.services.config.loadbalancer.server.port=2021'
- 'traefik.http.routers.config.tls=true'
- 'traefik.http.routers.config.tls.certresolver=certResolver'
- 'traefik.http.routers.config.entrypoints=web,websecure'
- 'traefik.http.routers.config.entrypoints=web'
- 'traefik.docker.network=opencrvs_overlay_net'
- 'traefik.http.middlewares.config.headers.customresponseheaders.Pragma=no-cache'
- 'traefik.http.middlewares.config.headers.customresponseheaders.Cache-control=no-store'
Expand Down Expand Up @@ -873,11 +852,8 @@ services:
- 'traefik.enable=true'
- 'traefik.http.routers.openhimapi.rule=Host(`openhim-api.{{hostname}}`)'
- 'traefik.http.services.openhimapi.loadbalancer.server.port=8080'
- 'traefik.http.routers.openhimapi.tls=true'
- 'traefik.http.routers.openhimapi.service=openhimapi'
- 'traefik.http.routers.openhimapi.entrypoints=web,websecure'
- 'traefik.http.routers.openhimapi.tls.certresolver=certResolver'
- 'traefik.http.services.openhimapi.loadbalancer.server.scheme=https'
- 'traefik.http.routers.openhimapi.entrypoints=web'

# To expose OpenHIM to external systems as an interoperability layer
# Given OpenCRVS has it's own integrations UI and control. This functionality is currently disabled
Expand Down Expand Up @@ -913,9 +889,7 @@ services:
- 'traefik.enable=true'
- 'traefik.http.routers.openhim.rule=Host(`openhim.{{hostname}}`)'
- 'traefik.http.services.openhim.loadbalancer.server.port=80'
- 'traefik.http.routers.openhim.tls=true'
- 'traefik.http.routers.openhim.tls.certresolver=certResolver'
- 'traefik.http.routers.openhim.entrypoints=web,websecure'
- 'traefik.http.routers.openhim.entrypoints=web'
- 'traefik.docker.network=opencrvs_overlay_net'
- 'traefik.http.middlewares.openhim.headers.stsseconds=31536000'
- 'traefik.http.middlewares.openhim.headers.stsincludesubdomains=true'
Expand Down Expand Up @@ -944,9 +918,7 @@ services:
- 'traefik.enable=true'
- 'traefik.http.routers.webhooks.rule=Host(`webhooks.{{hostname}}`)'
- 'traefik.http.services.webhooks.loadbalancer.server.port=2525'
- 'traefik.http.routers.webhooks.tls=true'
- 'traefik.http.routers.webhooks.tls.certresolver=certResolver'
- 'traefik.http.routers.webhooks.entrypoints=web,websecure'
- 'traefik.http.routers.webhooks.entrypoints=web'
- 'traefik.docker.network=opencrvs_overlay_net'
- 'traefik.http.middlewares.webhooks.headers.customresponseheaders.Pragma=no-cache'
- 'traefik.http.middlewares.webhooks.headers.customresponseheaders.Cache-control=no-store'
Expand Down Expand Up @@ -987,9 +959,7 @@ services:
- 'traefik.enable=true'
- 'traefik.http.routers.metabase.rule=Host(`metabase.{{hostname}}`)'
- 'traefik.http.services.metabase.loadbalancer.server.port=4444'
- 'traefik.http.routers.metabase.tls=true'
- 'traefik.http.routers.metabase.tls.certresolver=certResolver'
- 'traefik.http.routers.metabase.entrypoints=web,websecure'
- 'traefik.http.routers.metabase.entrypoints=web'
- 'traefik.docker.network=opencrvs_overlay_net'
- 'traefik.http.middlewares.metabase.headers.customresponseheaders.Pragma=no-cache'
- 'traefik.http.middlewares.metabase.headers.customresponseheaders.Cache-control=no-store'
Expand Down

0 comments on commit e0fbf60

Please sign in to comment.