# Tag to add a restart policy on all containers # # Examples: # tags: # - docker-services-restart: # policy: always # services: # - srv1 # - mysqldb # Default imports # ------------------------------------- # Import from external data local docker_data = std.parseJson(std.extVar('docker_data')); local user_data = std.parseJson(std.extVar('user_data')); # Init defaults local default_ns = std.get(user_data, 'PAASIFY_STACK_NS'); local default_name = std.get(user_data, 'PAASIFY_STACK_NAME'); local default_service = std.get(user_data, 'PAASIFY_STACK_SVC'); local default_domain = std.get(user_data, 'PAASIFY_STACK_DOMAIN'); # We replace app name by 'app', just for nice looking local default_service_name = if default_service != default_name then default_service else 'app'; # Build default config local config_default = { TRAEFIK_NET_IDENT: 'default', TRAEFIK_NET_NAME: std.get(user_data, 'APP_PROXY_NETWORK', default_ns + '_' + default_name), TRAEFIK_NET_EXTERNAL: true, TRAEFIK_SVC_IDENT: default_service, #TRAEFIK_SVC_NAME: default_ns + '_' + default_name + '_' + default_service, TRAEFIK_SVC_NAME: default_ns + '_' + default_name + '_' + default_service_name, TRAEFIK_SVC_DOMAIN: default_service + '.' + default_domain, TRAEFIK_SVC_PORT: 80, TRAEFIK_SVC_ENTRYPOINTS: std.get(user_data, 'TRAEFIK_SVC_ENTRYPOINTS', default=null), TRAEFIK_SVC_AUTH: std.get(user_data, 'TRAEFIK_SVC_AUTH', default=null), TRAEFIK_SVC_TLS: std.get(user_data, 'TRAEFIK_SVC_TLS', default=false), TRAEFIK_SVC_CERTRESOLVER: std.get(user_data, 'TRAEFIK_SVC_CERTRESOLVER', default=null), }; local conf = config_default + user_data; # Internal functions # ------------------------------------- # Base routing local LabelsTraefik(svc, domain, entrypoints, port) = { ["traefik.enable"]: "true", ["traefik.http.routers." + svc + ".rule"]: 'Host(`' + domain + '`)', ["traefik.http.routers." + svc + ".entrypoints"]: entrypoints, ["traefik.http.routers." + svc + ".service"]: svc, ["traefik.http.services." + svc + ".loadbalancer.server.port"]: std.format("%s", port), }; # Middleware local LabelsTraefikAuthelia(svc, authservice) = if std.isString(authservice) then { ["traefik.http.routers." + svc + ".middlewares"]: authservice + '@docker', } else {}; # TLS management local LabelsTraefikTls(svc, status) = if status == true then { ["traefik.http.routers." + svc + ".tls"]: "true", } else {}; local LabelsTraefikCertResolver(svc, name) = if std.isString(name) then LabelsTraefikTls(svc, true) + { ["traefik.http.routers." + svc + ".tls.certresolver"]: name, } else {}; # Networking local TraefikSvcNetwork(id, name) = if std.isString(id) then { [id]: null, } else {}; local TraefikPrjNetwork(id, name, external) = if std.isString(id) then { [id]+: { name: name }, } + if external == true then { [id]+: { external: true, }, } else {} else {}; # Return result # ------------------------------------- docker_data + { # Append stack network #networks+: TraefikPrjNetwork(svc_network_id, svc_network), networks+: TraefikPrjNetwork( conf.TRAEFIK_NET_IDENT, conf.TRAEFIK_NET_NAME, conf.TRAEFIK_NET_EXTERNAL), # Apply per services labels services+: { [conf.TRAEFIK_SVC_IDENT]+: { labels+: LabelsTraefik( conf.TRAEFIK_SVC_NAME, conf.TRAEFIK_SVC_DOMAIN, conf.TRAEFIK_SVC_ENTRYPOINTS, conf.TRAEFIK_SVC_PORT) + LabelsTraefikAuthelia( conf.TRAEFIK_SVC_NAME, conf.TRAEFIK_SVC_AUTH) + LabelsTraefikTls( conf.TRAEFIK_SVC_NAME, conf.TRAEFIK_SVC_TLS) + LabelsTraefikCertResolver( conf.TRAEFIK_SVC_NAME, conf.TRAEFIK_SVC_CERTRESOLVER) , networks+: TraefikSvcNetwork( conf.TRAEFIK_NET_IDENT, conf.TRAEFIK_NET_NAME), }, }, #["x-paasify"]: { # #stack_data: stack_data, # #user_data: user_data, # #config: config, # config2: conf, # #env_data: env_data, #}, }