aboutsummaryrefslogtreecommitdiffstats
path: root/fdio.infra.terraform/1n_nmd/nginx
diff options
context:
space:
mode:
authorpmikus <pmikus@cisco.com>2021-05-13 19:19:40 +0000
committerPeter Mikus <pmikus@cisco.com>2021-05-17 08:28:02 +0000
commitd4f082106d3e8cfda1c0d52bcafb177b46562944 (patch)
tree6f86e14aab71be82bc438143cee1a0c2dfdfaf95 /fdio.infra.terraform/1n_nmd/nginx
parent505d4afb63c83b6d2e39727dd0d47bc6c697954c (diff)
Infra: Additional changes
Signed-off-by: pmikus <pmikus@cisco.com> Change-Id: Ie08bd125c0d7b8e47344d34db77526f6714f5c0d
Diffstat (limited to 'fdio.infra.terraform/1n_nmd/nginx')
-rw-r--r--fdio.infra.terraform/1n_nmd/nginx/conf/nomad/nginx.hcl14
1 files changed, 8 insertions, 6 deletions
diff --git a/fdio.infra.terraform/1n_nmd/nginx/conf/nomad/nginx.hcl b/fdio.infra.terraform/1n_nmd/nginx/conf/nomad/nginx.hcl
index 0775a498da..1382060ba6 100644
--- a/fdio.infra.terraform/1n_nmd/nginx/conf/nomad/nginx.hcl
+++ b/fdio.infra.terraform/1n_nmd/nginx/conf/nomad/nginx.hcl
@@ -132,8 +132,10 @@ job "${job_name}" {
}
privileged = false
volumes = [
- "/etc/consul.d/ssl/consul.pem:/etc/ssl/certs/nginx-cert.pem",
- "/etc/consul.d/ssl/consul-key.pem:/etc/ssl/private/nginx-key.pem",
+ "/etc/ssl/certs/docs.nginx.service.consul.crt:/etc/ssl/certs/docs.nginx.service.consul.crt",
+ "/etc/ssl/private/docs.nginx.service.consul.key:/etc/ssl/private/docs.nginx.service.consul.key",
+ "/etc/ssl/certs/logs.nginx.service.consul.crt:/etc/ssl/certs/logs.nginx.service.consul.crt",
+ "/etc/ssl/private/logs.nginx.service.consul.key:/etc/ssl/private/logs.nginx.service.consul.key",
"custom/upstream.conf:/etc/nginx/conf.d/upstream.conf",
"custom/logs.conf:/etc/nginx/conf.d/logs.conf",
"custom/docs.conf:/etc/nginx/conf.d/docs.conf"
@@ -170,8 +172,8 @@ job "${job_name}" {
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384";
- ssl_certificate /etc/ssl/certs/nginx-cert.pem;
- ssl_certificate_key /etc/ssl/private/nginx-key.pem;
+ ssl_certificate /etc/ssl/certs/logs.nginx.service.consul.crt;
+ ssl_certificate_key /etc/ssl/private/logs.nginx.service.consul.key;
location / {
chunked_transfer_encoding off;
proxy_connect_timeout 300;
@@ -229,8 +231,8 @@ job "${job_name}" {
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384";
- ssl_certificate /etc/ssl/certs/nginx-cert.pem;
- ssl_certificate_key /etc/ssl/private/nginx-key.pem;
+ ssl_certificate /etc/ssl/certs/docs.nginx.service.consul.crt;
+ ssl_certificate_key /etc/ssl/private/docs.nginx.service.consul.key;
location / {
chunked_transfer_encoding off;
proxy_connect_timeout 300;