convert config to use newer docker_compose class

2025-01-14 11:08:48 +01:00 · 2025-01-14 11:08:48 +01:00 · e08196d293
commit e08196d293
parent 29aecdfe2a
2 changed files with 35 additions and 17 deletions
--- a/manifests/satosa.pp
+++ b/manifests/satosa.pp
@ -29,13 +29,16 @@ class sunetdrive::satosa($dehydrated_name=undef,$image='docker.sunet.se/satosa',
        }
    }
  }
-  sunet::docker_run {'satosa':
-    image    => $image,
-    imagetag => $tag,
-    dns      => ['89.32.32.32'],
-    volumes  => ['/etc/satosa:/etc/satosa','/etc/dehydrated:/etc/dehydrated'],
-    ports    => ['443:8000'],
-    env      => ['METADATA_DIR=/etc/satosa/metadata', 'WORKER_TIMEOUT=120']
+  $dehydrated_status = $dehydrated_name ? {
+    undef   => 'absent',
+    default => 'present'
+  }
+  sunet::docker_compose { 'satosa':
+    content          => template('satosa/docker-compose.yml.erb'),
+    service_name     => 'satosa',
+    compose_dir      => '/opt/',
+    compose_filename => 'docker-compose.yml',
+    description      => 'Satosa',
  }
  file {'/etc/satosa/proxy_conf.yaml':
    content => inline_template("<%= @merged_conf.to_yaml %>\n"),
@ -54,16 +57,6 @@ class sunetdrive::satosa($dehydrated_name=undef,$image='docker.sunet.se/satosa',
    from => 'any',
    port => '443'
  }
-  $dehydrated_status = $dehydrated_name ? {
-    undef   => 'absent',
-    default => 'present'
-  }
-  sunet::docker_run {'alwayshttps':
-    ensure => $dehydrated_status,
-    image  => 'docker.sunet.se/always-https',
-    ports  => ['80:80'],
-    env    => ['ACME_URL=http://acme-c.sunet.se']
-  }
  sunet::misc::ufw_allow { 'satosa-allow-http':
    ensure => $dehydrated_status,
    from   => 'any',
--- a/templates/satosa/docker-compose.yml.erb
+++ b/templates/satosa/docker-compose.yml.erb
@ -0,0 +1,25 @@
+services:
+  satosa:
+    environment:
+      - "METADATA_DIR=/etc/satosa/metadata"
+      - "WORKER_TIMEOUT=120"
+    dns:
+      - "89.32.32.32"
+    image: "<%= @image %><% if @tag %>:<%= @tag %><% end %>"
+    pull_policy: "always"
+    ports:
+      - "443:8000"
+    volumes:
+      - "/etc/satosa:/etc/satosa"
+      - "/etc/dehydrated:/etc/dehydrated"
+<% if @dehydrated_status == "present" -%>
+  alwayshttps:
+    environment:
+      - "ACME_URL=http://acme-c.sunet.se"
+    dns:
+      - "89.32.32.32"
+    image: "docker.sunet.se/always-https"
+    pull_policy: "always"
+    ports:
+      - "80:80"
+<% end -%>