diff options
author | pmikus <pmikus@cisco.com> | 2021-05-13 19:19:40 +0000 |
---|---|---|
committer | Peter Mikus <pmikus@cisco.com> | 2021-05-17 08:28:02 +0000 |
commit | d4f082106d3e8cfda1c0d52bcafb177b46562944 (patch) | |
tree | 6f86e14aab71be82bc438143cee1a0c2dfdfaf95 /fdio.infra.terraform/1n_nmd/nginx/conf/nomad/nginx.hcl | |
parent | 505d4afb63c83b6d2e39727dd0d47bc6c697954c (diff) |
Infra: Additional changes
Signed-off-by: pmikus <pmikus@cisco.com>
Change-Id: Ie08bd125c0d7b8e47344d34db77526f6714f5c0d
Diffstat (limited to 'fdio.infra.terraform/1n_nmd/nginx/conf/nomad/nginx.hcl')
-rw-r--r-- | fdio.infra.terraform/1n_nmd/nginx/conf/nomad/nginx.hcl | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/fdio.infra.terraform/1n_nmd/nginx/conf/nomad/nginx.hcl b/fdio.infra.terraform/1n_nmd/nginx/conf/nomad/nginx.hcl index 0775a498da..1382060ba6 100644 --- a/fdio.infra.terraform/1n_nmd/nginx/conf/nomad/nginx.hcl +++ b/fdio.infra.terraform/1n_nmd/nginx/conf/nomad/nginx.hcl @@ -132,8 +132,10 @@ job "${job_name}" { } privileged = false volumes = [ - "/etc/consul.d/ssl/consul.pem:/etc/ssl/certs/nginx-cert.pem", - "/etc/consul.d/ssl/consul-key.pem:/etc/ssl/private/nginx-key.pem", + "/etc/ssl/certs/docs.nginx.service.consul.crt:/etc/ssl/certs/docs.nginx.service.consul.crt", + "/etc/ssl/private/docs.nginx.service.consul.key:/etc/ssl/private/docs.nginx.service.consul.key", + "/etc/ssl/certs/logs.nginx.service.consul.crt:/etc/ssl/certs/logs.nginx.service.consul.crt", + "/etc/ssl/private/logs.nginx.service.consul.key:/etc/ssl/private/logs.nginx.service.consul.key", "custom/upstream.conf:/etc/nginx/conf.d/upstream.conf", "custom/logs.conf:/etc/nginx/conf.d/logs.conf", "custom/docs.conf:/etc/nginx/conf.d/docs.conf" @@ -170,8 +172,8 @@ job "${job_name}" { ssl_protocols TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384"; - ssl_certificate /etc/ssl/certs/nginx-cert.pem; - ssl_certificate_key /etc/ssl/private/nginx-key.pem; + ssl_certificate /etc/ssl/certs/logs.nginx.service.consul.crt; + ssl_certificate_key /etc/ssl/private/logs.nginx.service.consul.key; location / { chunked_transfer_encoding off; proxy_connect_timeout 300; @@ -229,8 +231,8 @@ job "${job_name}" { ssl_protocols TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384"; - ssl_certificate /etc/ssl/certs/nginx-cert.pem; - ssl_certificate_key /etc/ssl/private/nginx-key.pem; + ssl_certificate /etc/ssl/certs/docs.nginx.service.consul.crt; + ssl_certificate_key /etc/ssl/private/docs.nginx.service.consul.key; location / { chunked_transfer_encoding off; proxy_connect_timeout 300; |