From ee9d9ecd868742500d418e11a479b57aa6b53f1e Mon Sep 17 00:00:00 2001 From: Thomas Daley Date: Sat, 19 Jun 2021 21:34:54 -0700 Subject: [PATCH 1/8] Add some routers for the docker proxy --- .../development/group_vars/tools/proxy.yaml | 11 +++++++---- .../production/group_vars/tools/proxy.yaml | 11 +++++++---- .ansible/templates/docker-compose.yaml.j2 | 15 +++++++-------- 3 files changed, 21 insertions(+), 16 deletions(-) diff --git a/.ansible/inventory/development/group_vars/tools/proxy.yaml b/.ansible/inventory/development/group_vars/tools/proxy.yaml index 58df8e1..a2603e0 100644 --- a/.ansible/inventory/development/group_vars/tools/proxy.yaml +++ b/.ansible/inventory/development/group_vars/tools/proxy.yaml @@ -1,13 +1,16 @@ proxy: - main: - service: '{{ git_repository }}-{{ git_branch }}-main' + - service: '{{ git_repository }}-{{ git_branch }}-main' port: 8081 router: '{{ git_repository }}-{{ git_branch }}-main' host: nexus.dev.diesel.net - docker: - service: '{{ git_repository }}-{{ git_branch }}-docker' + - service: '{{ git_repository }}-{{ git_branch }}-docker' port: 8082 router: '{{ git_repository }}-{{ git_branch }}-docker' host: docker.nexus.dev.diesel.net + + - service: '{{ git_repository }}-{{ git_branch }}-docker-proxy' + port: 8083 + router: '{{ git_repository }}-{{ git_branch }}-docker-proxy' + host: proxy.docker.nexus.dev.diesel.net diff --git a/.ansible/inventory/production/group_vars/tools/proxy.yaml b/.ansible/inventory/production/group_vars/tools/proxy.yaml index 508d5a1..80651bc 100644 --- a/.ansible/inventory/production/group_vars/tools/proxy.yaml +++ b/.ansible/inventory/production/group_vars/tools/proxy.yaml @@ -1,13 +1,16 @@ proxy: - main: - service: '{{ git_repository }}-{{ git_branch }}-main' + - service: '{{ git_repository }}-{{ git_branch }}-main' port: 8081 router: '{{ git_repository }}-{{ git_branch }}-main' host: nexus.diesel.net - docker: - service: '{{ git_repository }}-{{ git_branch }}-docker' + - service: '{{ git_repository }}-{{ git_branch }}-docker' port: 8082 router: '{{ git_repository }}-{{ git_branch }}-docker' host: docker.nexus.diesel.net + + - service: '{{ git_repository }}-{{ git_branch }}-docker-proxy' + port: 8083 + router: '{{ git_repository }}-{{ git_branch }}-docker-proxy' + host: proxy.docker.nexus.diesel.net diff --git a/.ansible/templates/docker-compose.yaml.j2 b/.ansible/templates/docker-compose.yaml.j2 index 0334dbf..a02f6c4 100644 --- a/.ansible/templates/docker-compose.yaml.j2 +++ b/.ansible/templates/docker-compose.yaml.j2 @@ -10,15 +10,14 @@ services: deploy: labels: - traefik.enable=true - - traefik.http.services.{{ proxy.main.service }}.loadbalancer.server.port={{ proxy.main.port }} - - traefik.http.routers.{{ proxy.main.router }}.rule=Host(`{{ proxy.main.host }}`) - - traefik.http.routers.{{ proxy.main.router }}.service={{ proxy.main.service }} - - traefik.http.routers.{{ proxy.main.router }}.tls.certresolver=step-ca - - traefik.http.services.{{ proxy.docker.service }}.loadbalancer.server.port={{ proxy.docker.port }} - - traefik.http.routers.{{ proxy.docker.router }}.rule=Host(`{{ proxy.docker.host }}`) - - traefik.http.routers.{{ proxy.docker.router }}.service={{ proxy.docker.service }} - - traefik.http.routers.{{ proxy.docker.router }}.tls.certresolver=step-ca +{% for item in proxy %} + - traefik.http.services.{{ item.service }}.loadbalancer.server.port={{ item.port }} + - traefik.http.routers.{{ item.router }}.rule=Host(`{{ item.host }}`) + - traefik.http.routers.{{ item.router }}.service={{ item.service }} + - traefik.http.routers.{{ item.router }}.tls.certresolver=step-ca +{% endfor %} + networks: - {{ docker_network }} From 6e5c6eee8e4672d0c702a924e616faaa60fc6c3e Mon Sep 17 00:00:00 2001 From: Thomas Daley Date: Sat, 19 Jun 2021 21:41:10 -0700 Subject: [PATCH 2/8] debug --- .ansible/roles/configure_active_realms/tasks/configure.yaml | 2 +- .../roles/configure_anonymous_access/tasks/configure.yaml | 2 +- .ansible/roles/configure_capabilities/tasks/configure.yaml | 2 +- .ansible/roles/configure_certificates/tasks/configure.yaml | 6 +++--- .../roles/configure_cleanup_policies/tasks/configure.yaml | 6 +++--- .../roles/configure_ldap_connections/tasks/configure.yaml | 6 +++--- .ansible/roles/configure_privileges/tasks/configure.yaml | 6 +++--- .ansible/roles/configure_repositories/tasks/configure.yaml | 6 +++--- .ansible/roles/configure_repositories/tasks/remove.yaml | 4 ++-- .ansible/roles/configure_roles/tasks/configure.yaml | 6 +++--- .ansible/roles/configure_users/tasks/configure.yaml | 6 +++--- .ansible/roles/setup/tasks/main.yaml | 6 +++--- 12 files changed, 29 insertions(+), 29 deletions(-) diff --git a/.ansible/roles/configure_active_realms/tasks/configure.yaml b/.ansible/roles/configure_active_realms/tasks/configure.yaml index b4a7b1b..b7679d6 100644 --- a/.ansible/roles/configure_active_realms/tasks/configure.yaml +++ b/.ansible/roles/configure_active_realms/tasks/configure.yaml @@ -1,6 +1,6 @@ - name: Update active realms uri: - url: https://{{ proxy.main.host }}/service/rest/v1/security/realms/active + url: https://{{ proxy[0].host }}/service/rest/v1/security/realms/active method: PUT headers: content-type: 'application/json' diff --git a/.ansible/roles/configure_anonymous_access/tasks/configure.yaml b/.ansible/roles/configure_anonymous_access/tasks/configure.yaml index 19accfc..23f085d 100644 --- a/.ansible/roles/configure_anonymous_access/tasks/configure.yaml +++ b/.ansible/roles/configure_anonymous_access/tasks/configure.yaml @@ -1,6 +1,6 @@ - name: Configure anonymous access for `{{ payload.realmName }}` uri: - url: https://{{ proxy.main.host }}/service/rest/v1/security/anonymous + url: https://{{ proxy[0].host }}/service/rest/v1/security/anonymous method: PUT headers: content-type: 'application/json' diff --git a/.ansible/roles/configure_capabilities/tasks/configure.yaml b/.ansible/roles/configure_capabilities/tasks/configure.yaml index dd8a16c..c67389c 100644 --- a/.ansible/roles/configure_capabilities/tasks/configure.yaml +++ b/.ansible/roles/configure_capabilities/tasks/configure.yaml @@ -1,6 +1,6 @@ - name: Create capability `{{ payload.typeId }}` uri: - url: https://{{ proxy.main.host }}/service/extdirect + url: https://{{ proxy[0].host }}/service/extdirect method: POST headers: content-type: 'application/json' diff --git a/.ansible/roles/configure_certificates/tasks/configure.yaml b/.ansible/roles/configure_certificates/tasks/configure.yaml index 9e16d86..2c73c02 100644 --- a/.ansible/roles/configure_certificates/tasks/configure.yaml +++ b/.ansible/roles/configure_certificates/tasks/configure.yaml @@ -1,6 +1,6 @@ - name: Get all certificates in nexus trust store uri: - url: https://{{ proxy.main.host }}/service/rest/v1/security/ssl/truststore + url: https://{{ proxy[0].host }}/service/rest/v1/security/ssl/truststore method: GET headers: content-type: 'application/json' @@ -18,7 +18,7 @@ - name: Get PEM for `{{ certificate.host }}` uri: - url: https://{{ proxy.main.host }}/service/rest/v1/security/ssl/?host={{ certificate.host | urlencode }}&port={{ certificate.port | urlencode }} + url: https://{{ proxy[0].host }}/service/rest/v1/security/ssl/?host={{ certificate.host | urlencode }}&port={{ certificate.port | urlencode }} method: GET headers: content-type: 'application/json' @@ -38,7 +38,7 @@ - name: Add certificate `{{ certificate.host }}` to nexus trust store uri: - url: https://{{ proxy.main.host }}/service/rest/v1/security/ssl/truststore + url: https://{{ proxy[0].host }}/service/rest/v1/security/ssl/truststore method: POST headers: content-type: 'application/json' diff --git a/.ansible/roles/configure_cleanup_policies/tasks/configure.yaml b/.ansible/roles/configure_cleanup_policies/tasks/configure.yaml index 87363c8..a4a36bc 100644 --- a/.ansible/roles/configure_cleanup_policies/tasks/configure.yaml +++ b/.ansible/roles/configure_cleanup_policies/tasks/configure.yaml @@ -1,6 +1,6 @@ - name: Get cleanup policy `{{ payload.name }}` uri: - url: https://{{ proxy.main.host }}/service/rest/internal/cleanup-policies/{{ payload.name }} + url: https://{{ proxy[0].host }}/service/rest/internal/cleanup-policies/{{ payload.name }} method: GET headers: content-type: 'application/json' @@ -19,7 +19,7 @@ - name: Create cleanup policy `{{ payload.name }}` uri: - url: https://{{ proxy.main.host }}/service/rest/internal/cleanup-policies + url: https://{{ proxy[0].host }}/service/rest/internal/cleanup-policies method: POST headers: content-type: 'application/json' @@ -34,7 +34,7 @@ - name: Update cleanup policy `{{ payload.name }}` uri: - url: https://{{ proxy.main.host }}/service/rest/internal/cleanup-policies/{{ payload.name }} + url: https://{{ proxy[0].host }}/service/rest/internal/cleanup-policies/{{ payload.name }} method: PUT headers: content-type: 'application/json' diff --git a/.ansible/roles/configure_ldap_connections/tasks/configure.yaml b/.ansible/roles/configure_ldap_connections/tasks/configure.yaml index e9564e3..6f46fdd 100644 --- a/.ansible/roles/configure_ldap_connections/tasks/configure.yaml +++ b/.ansible/roles/configure_ldap_connections/tasks/configure.yaml @@ -1,6 +1,6 @@ - name: Get ldap connection `{{ payload.name }}` uri: - url: https://{{ proxy.main.host }}/service/rest/v1/security/ldap/{{ payload.name }} + url: https://{{ proxy[0].host }}/service/rest/v1/security/ldap/{{ payload.name }} method: GET headers: content-type: 'application/json' @@ -19,7 +19,7 @@ - name: Create ldap connection `{{ payload.name }}` uri: - url: https://{{ proxy.main.host }}/service/rest/v1/security/ldap + url: https://{{ proxy[0].host }}/service/rest/v1/security/ldap method: POST headers: content-type: 'application/json' @@ -34,7 +34,7 @@ - name: Update ldap connection `{{ payload.name }}` uri: - url: https://{{ proxy.main.host }}/service/rest/v1/security/ldap/{{ payload.name }} + url: https://{{ proxy[0].host }}/service/rest/v1/security/ldap/{{ payload.name }} method: PUT headers: content-type: 'application/json' diff --git a/.ansible/roles/configure_privileges/tasks/configure.yaml b/.ansible/roles/configure_privileges/tasks/configure.yaml index 147ba2e..a7c7718 100644 --- a/.ansible/roles/configure_privileges/tasks/configure.yaml +++ b/.ansible/roles/configure_privileges/tasks/configure.yaml @@ -1,6 +1,6 @@ - name: Get privilege `{{ privilege.payload.name }}` uri: - url: https://{{ proxy.main.host }}/service/rest/v1/security/privileges/{{ privilege.payload.name }} + url: https://{{ proxy[0].host }}/service/rest/v1/security/privileges/{{ privilege.payload.name }} method: GET headers: content-type: 'application/json' @@ -19,7 +19,7 @@ - name: Create {{ privilege.type }} privilege `{{ privilege.payload.name }}` uri: - url: https://{{ proxy.main.host }}/service/rest/v1/security/privileges/{{ privilege.type }} + url: https://{{ proxy[0].host }}/service/rest/v1/security/privileges/{{ privilege.type }} method: POST headers: content-type: 'application/json' @@ -34,7 +34,7 @@ - name: Update {{ privilege.type }} privilege `{{ privilege.payload.name }}` uri: - url: https://{{ proxy.main.host }}/service/rest/v1/security/privileges/{{ privilege.type }}/{{ privilege.payload.name }} + url: https://{{ proxy[0].host }}/service/rest/v1/security/privileges/{{ privilege.type }}/{{ privilege.payload.name }} method: PUT headers: content-type: 'application/json' diff --git a/.ansible/roles/configure_repositories/tasks/configure.yaml b/.ansible/roles/configure_repositories/tasks/configure.yaml index 87585e2..b12fcdb 100644 --- a/.ansible/roles/configure_repositories/tasks/configure.yaml +++ b/.ansible/roles/configure_repositories/tasks/configure.yaml @@ -1,6 +1,6 @@ - name: Get {{ repo.format }} {{ repo.type }} repository `{{ repo.payload.name }}` uri: - url: https://{{ proxy.main.host }}/service/rest/v1/repositories/{{ repo.format }}/{{ repo.type }}/{{ repo.payload.name }} + url: https://{{ proxy[0].host }}/service/rest/v1/repositories/{{ repo.format }}/{{ repo.type }}/{{ repo.payload.name }} method: GET headers: content-type: 'application/json' @@ -19,7 +19,7 @@ - name: Create {{ repo.format }} {{ repo.type }} repository `{{ repo.payload.name }}` uri: - url: https://{{ proxy.main.host }}/service/rest/v1/repositories/{{ repo.format }}/{{ repo.type }} + url: https://{{ proxy[0].host }}/service/rest/v1/repositories/{{ repo.format }}/{{ repo.type }} method: POST headers: content-type: 'application/json' @@ -34,7 +34,7 @@ - name: Update {{ repo.format }} {{ repo.type }} repository `{{ repo.payload.name }}` uri: - url: https://{{ proxy.main.host }}/service/rest/v1/repositories/{{ repo.format }}/{{ repo.type }}/{{ repo.payload.name }} + url: https://{{ proxy[0].host }}/service/rest/v1/repositories/{{ repo.format }}/{{ repo.type }}/{{ repo.payload.name }} method: PUT headers: content-type: 'application/json' diff --git a/.ansible/roles/configure_repositories/tasks/remove.yaml b/.ansible/roles/configure_repositories/tasks/remove.yaml index 5021392..4209abf 100644 --- a/.ansible/roles/configure_repositories/tasks/remove.yaml +++ b/.ansible/roles/configure_repositories/tasks/remove.yaml @@ -1,6 +1,6 @@ - name: Get {{ repo.format }} {{ repo.type }} repository `{{ repo.payload.name }}` uri: - url: https://{{ proxy.main.host }}/service/rest/v1/repositories/{{ repo.format }}/{{ repo.type }}/{{ repo.payload.name }} + url: https://{{ proxy[0].host }}/service/rest/v1/repositories/{{ repo.format }}/{{ repo.type }}/{{ repo.payload.name }} method: GET headers: content-type: 'application/json' @@ -19,7 +19,7 @@ - name: Remove repository `{{ repo.payload.name }}` uri: - url: https://{{ proxy.main.host }}/service/rest/v1/repositories/{{ repo.payload.name }} + url: https://{{ proxy[0].host }}/service/rest/v1/repositories/{{ repo.payload.name }} method: DELETE headers: content-type: 'application/json' diff --git a/.ansible/roles/configure_roles/tasks/configure.yaml b/.ansible/roles/configure_roles/tasks/configure.yaml index 58744a5..9af18be 100644 --- a/.ansible/roles/configure_roles/tasks/configure.yaml +++ b/.ansible/roles/configure_roles/tasks/configure.yaml @@ -1,6 +1,6 @@ - name: Get role `{{ payload.id }}` uri: - url: https://{{ proxy.main.host }}/service/rest/v1/security/roles/{{ payload.id | urlencode }} + url: https://{{ proxy[0].host }}/service/rest/v1/security/roles/{{ payload.id | urlencode }} method: GET headers: content-type: 'application/json' @@ -19,7 +19,7 @@ - name: Create role `{{ payload.id }}` uri: - url: https://{{ proxy.main.host }}/service/rest/v1/security/roles + url: https://{{ proxy[0].host }}/service/rest/v1/security/roles method: POST headers: content-type: 'application/json' @@ -34,7 +34,7 @@ - name: Update role `{{ payload.id }}` uri: - url: https://{{ proxy.main.host }}/service/rest/v1/security/roles/{{ payload.id | urlencode }} + url: https://{{ proxy[0].host }}/service/rest/v1/security/roles/{{ payload.id | urlencode }} method: PUT headers: content-type: 'application/json' diff --git a/.ansible/roles/configure_users/tasks/configure.yaml b/.ansible/roles/configure_users/tasks/configure.yaml index cd36e71..41940dd 100644 --- a/.ansible/roles/configure_users/tasks/configure.yaml +++ b/.ansible/roles/configure_users/tasks/configure.yaml @@ -1,6 +1,6 @@ - name: Get user `{{ payload.userId }}` uri: - url: https://{{ proxy.main.host }}/service/rest/v1/security/users/?userId={{ payload.userId | urlencode }} + url: https://{{ proxy[0].host }}/service/rest/v1/security/users/?userId={{ payload.userId | urlencode }} method: GET headers: content-type: 'application/json' @@ -18,7 +18,7 @@ - name: Create user `{{ payload.userId }}` uri: - url: https://{{ proxy.main.host }}/service/rest/v1/security/users + url: https://{{ proxy[0].host }}/service/rest/v1/security/users method: POST headers: content-type: 'application/json' @@ -33,7 +33,7 @@ - name: Update user `{{ payload.userId }}` uri: - url: https://{{ proxy.main.host }}/service/rest/v1/security/users/{{ payload.userId | urlencode }} + url: https://{{ proxy[0].host }}/service/rest/v1/security/users/{{ payload.userId | urlencode }} method: PUT headers: content-type: 'application/json' diff --git a/.ansible/roles/setup/tasks/main.yaml b/.ansible/roles/setup/tasks/main.yaml index 234f067..0b42bcd 100644 --- a/.ansible/roles/setup/tasks/main.yaml +++ b/.ansible/roles/setup/tasks/main.yaml @@ -18,9 +18,9 @@ name: docker tasks_from: stack_deploy -- name: Wait for https://{{ proxy.main.host }} to be ready +- name: Wait for https://{{ proxy[0].host }} to be ready uri: - url: https://{{ proxy.main.host }} + url: https://{{ proxy[0].host }} method: GET validate_certs: '{{ validate_certs }}' register: ui_ready @@ -51,7 +51,7 @@ - name: Change admin password (required on first login) uri: - url: https://{{ proxy.main.host }}/service/rest/v1/security/users/admin/change-password + url: https://{{ proxy[0].host }}/service/rest/v1/security/users/admin/change-password method: PUT headers: content-type: 'text/plain' From e01ef292b88606e7482e12348b77455572a50853 Mon Sep 17 00:00:00 2001 From: Thomas Daley Date: Sat, 19 Jun 2021 21:45:37 -0700 Subject: [PATCH 3/8] fix port references --- .../inventory/development/group_vars/tools/repositories.yaml | 4 ++-- .../inventory/production/group_vars/tools/repositories.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.ansible/inventory/development/group_vars/tools/repositories.yaml b/.ansible/inventory/development/group_vars/tools/repositories.yaml index 0dbed43..50f5ff8 100644 --- a/.ansible/inventory/development/group_vars/tools/repositories.yaml +++ b/.ansible/inventory/development/group_vars/tools/repositories.yaml @@ -17,7 +17,7 @@ repositories: docker: v1Enabled: false forceBasicAuth: false - httpPort: '{{ proxy.docker.port }}' + httpPort: '{{ proxy[1].port }}' - format: docker @@ -49,7 +49,7 @@ repositories: docker: v1Enabled: false forceBasicAuth: false - httpPort: '{{ proxy.docker.port + 1 }}' + httpPort: '{{ proxy[2].port }}' dockerProxy: indexType: 'HUB' indexUrl: 'https://index.docker.io/' diff --git a/.ansible/inventory/production/group_vars/tools/repositories.yaml b/.ansible/inventory/production/group_vars/tools/repositories.yaml index 0dbed43..50f5ff8 100644 --- a/.ansible/inventory/production/group_vars/tools/repositories.yaml +++ b/.ansible/inventory/production/group_vars/tools/repositories.yaml @@ -17,7 +17,7 @@ repositories: docker: v1Enabled: false forceBasicAuth: false - httpPort: '{{ proxy.docker.port }}' + httpPort: '{{ proxy[1].port }}' - format: docker @@ -49,7 +49,7 @@ repositories: docker: v1Enabled: false forceBasicAuth: false - httpPort: '{{ proxy.docker.port + 1 }}' + httpPort: '{{ proxy[2].port }}' dockerProxy: indexType: 'HUB' indexUrl: 'https://index.docker.io/' From 1839a895086b6469444506d41ca5e5afdba9ccd1 Mon Sep 17 00:00:00 2001 From: Thomas Daley Date: Sat, 19 Jun 2021 22:04:08 -0700 Subject: [PATCH 4/8] debugging cache option --- .../inventory/development/group_vars/tools/repositories.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ansible/inventory/development/group_vars/tools/repositories.yaml b/.ansible/inventory/development/group_vars/tools/repositories.yaml index 50f5ff8..51cfea2 100644 --- a/.ansible/inventory/development/group_vars/tools/repositories.yaml +++ b/.ansible/inventory/development/group_vars/tools/repositories.yaml @@ -35,7 +35,7 @@ repositories: contentMaxAge: 1440 metadataMaxAge: 1440 negativeCache: - enabled: true + enabled: false timeToLive: 1440 httpClient: blocked: false From 17bf66ebc87305b2070ebbfb45d47e54858f05f3 Mon Sep 17 00:00:00 2001 From: Thomas Daley Date: Sat, 19 Jun 2021 22:11:20 -0700 Subject: [PATCH 5/8] turn on negativecache --- .../inventory/development/group_vars/tools/repositories.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ansible/inventory/development/group_vars/tools/repositories.yaml b/.ansible/inventory/development/group_vars/tools/repositories.yaml index 51cfea2..50f5ff8 100644 --- a/.ansible/inventory/development/group_vars/tools/repositories.yaml +++ b/.ansible/inventory/development/group_vars/tools/repositories.yaml @@ -35,7 +35,7 @@ repositories: contentMaxAge: 1440 metadataMaxAge: 1440 negativeCache: - enabled: false + enabled: true timeToLive: 1440 httpClient: blocked: false From 4e2224385953392d3439210a0586b3a2dab3676c Mon Sep 17 00:00:00 2001 From: Thomas Daley Date: Sat, 19 Jun 2021 22:12:16 -0700 Subject: [PATCH 6/8] Update to new version. --- .ansible/templates/docker-compose.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ansible/templates/docker-compose.yaml.j2 b/.ansible/templates/docker-compose.yaml.j2 index a02f6c4..1136adc 100644 --- a/.ansible/templates/docker-compose.yaml.j2 +++ b/.ansible/templates/docker-compose.yaml.j2 @@ -2,7 +2,7 @@ version: '3.8' services: main: - image: sonatype/nexus3:3.30.1 + image: sonatype/nexus3:3.31.1 volumes: - {{ ssl_cert_dir }}:/etc/ssl/certs/ - {{ data_dir }}:/nexus-data/ From d825a990f39dc530ded6227927462f7f85e6373a Mon Sep 17 00:00:00 2001 From: Thomas Daley Date: Sat, 19 Jun 2021 22:21:32 -0700 Subject: [PATCH 7/8] fix version number --- .ansible/templates/docker-compose.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ansible/templates/docker-compose.yaml.j2 b/.ansible/templates/docker-compose.yaml.j2 index 1136adc..e5ea80f 100644 --- a/.ansible/templates/docker-compose.yaml.j2 +++ b/.ansible/templates/docker-compose.yaml.j2 @@ -2,7 +2,7 @@ version: '3.8' services: main: - image: sonatype/nexus3:3.31.1 + image: sonatype/nexus3:3.31.0 volumes: - {{ ssl_cert_dir }}:/etc/ssl/certs/ - {{ data_dir }}:/nexus-data/ From c1f4b885b60124e625de159dea5333e1669e9b88 Mon Sep 17 00:00:00 2001 From: Thomas Daley Date: Sun, 20 Jun 2021 09:27:46 -0700 Subject: [PATCH 8/8] Add dockerhub credentials for docker registry mirror --- .ansible/group_vars/all/dockerhub.yaml | 16 ++++++++++++++++ .../group_vars/tools/repositories.yaml | 4 ++++ .../group_vars/tools/repositories.yaml | 4 ++++ 3 files changed, 24 insertions(+) create mode 100644 .ansible/group_vars/all/dockerhub.yaml diff --git a/.ansible/group_vars/all/dockerhub.yaml b/.ansible/group_vars/all/dockerhub.yaml new file mode 100644 index 0000000..531da24 --- /dev/null +++ b/.ansible/group_vars/all/dockerhub.yaml @@ -0,0 +1,16 @@ +dockerhub_username: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 61343931653064343262373039383165386135303532333132336131303439316230396536313564 + 3230313537303633326465393436316161613830346331390a306264346462356165376136663930 + 30393661636338376631623537336537623035376336633635353561643033303462346461353461 + 6635663734373038640a616566636338613863363065336435653862396439633030653437623633 + 3263 + +dockerhub_password: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 62343130333463643237633263643335366561623466643036346234346337366233356166633538 + 3831316665336164626361303062643433373931663133310a356664623262353638666266663934 + 62396632306565393435343338353030653930376362346666616135303764323766656134633031 + 3436663938363265300a303136366230373332323831306465303263353131623765356533333232 + 65386462636437376538636363336432613834616165376137393064303764653239393339643862 + 6236613761656161393063393633303338613934323061316239 diff --git a/.ansible/inventory/development/group_vars/tools/repositories.yaml b/.ansible/inventory/development/group_vars/tools/repositories.yaml index 50f5ff8..ccfa870 100644 --- a/.ansible/inventory/development/group_vars/tools/repositories.yaml +++ b/.ansible/inventory/development/group_vars/tools/repositories.yaml @@ -46,6 +46,10 @@ repositories: enableCircularRedirects: false enableCookies: false useTrustStore: false + authentication: + type: "username" + username: "{{ dockerhub_username }}" + password: "{{ dockerhub_password }}" docker: v1Enabled: false forceBasicAuth: false diff --git a/.ansible/inventory/production/group_vars/tools/repositories.yaml b/.ansible/inventory/production/group_vars/tools/repositories.yaml index 50f5ff8..736598d 100644 --- a/.ansible/inventory/production/group_vars/tools/repositories.yaml +++ b/.ansible/inventory/production/group_vars/tools/repositories.yaml @@ -46,6 +46,10 @@ repositories: enableCircularRedirects: false enableCookies: false useTrustStore: false + authentication: + type: "username" + username: "{{ dockerhub_username }}" + password: "{{ dockerhub_password }}" docker: v1Enabled: false forceBasicAuth: false