adds TLS configurations for Screwdriver services.

diff --git a/roles/devops-suite-on-docker.rb b/roles/devops-suite-on-docker.rb
index e9bd402..3b35cde 100644 (file)
--- a/roles/devops-suite-on-docker.rb
+++ b/roles/devops-suite-on-docker.rb
@@ -262,6 +262,7 @@ if network_mode_bridge
   nexus_srvs['nexus']['network_mode'] = 'bridge'
 
   screwdriver_srvs = attrs['screwdriver']['docker-compose']['config']['services']
+  screwdriver_srvs['reverseproxy']['network_mode'] = 'bridge' unless screwdriver_srvs['reverseproxy'].nil?
   screwdriver_srvs['api']['network_mode'] = 'bridge'
   screwdriver_srvs['ui']['network_mode'] = 'bridge'
   screwdriver_srvs['store']['network_mode'] = 'bridge'

diff --git a/roles/devops-suite-with-ssl-on-docker.rb b/roles/devops-suite-with-ssl-on-docker.rb
index ec79953..9990ff1 100644 (file)
--- a/roles/devops-suite-with-ssl-on-docker.rb
+++ b/roles/devops-suite-with-ssl-on-docker.rb
@@ -30,20 +30,22 @@ if $0.split.include?('chef-solo') || ($0.split.include?('chef-client') && ARGV.i
   host_cn = node['fqdn'] if host_cn.nil?
 end
 host_cn = 'devops.io.example.com' if host_cn.nil?
-aptly_cn = host_cn       # e.g. 'aptly.io.example.com'
-athenz_cn = host_cn      # e.g. 'athenz.io.example.com'
-concourse_cn = host_cn   # e.g. 'concourse.io.example.com'
-concourse_port    = '8443'
-docker_reg_cn = host_cn  # e.g. 'registry.docker.example.com'
-docker_reg_port   = '5000'
+aptly_cn = host_cn        # e.g. 'aptly.io.example.com'
+athenz_cn = host_cn       # e.g. 'athenz.io.example.com'
+concourse_cn = host_cn    # e.g. 'concourse.io.example.com'
+concourse_port      = '8443'
+docker_reg_cn = host_cn   # e.g. 'registry.docker.example.com'
+docker_reg_port     = '5000'
 docker_reg_data_vol = '/opt/docker-compose/app/registry/data'
-gitlab_cn = host_cn      # e.g. 'gitlab.io.example.com'
-gitlab_https_port =  '443'
-gitlab_reg_port   = '5050'
-jenkins_cn = host_cn     # e.g. 'jenkins.io.example.com'
-jenkins_port      = '9083'
-nexus_cn = host_cn       # e.g. 'nexus.io.example.com'
-vault_cn = host_cn       # e.g. 'vault.io.example.com'
+gitlab_cn = host_cn       # e.g. 'gitlab.io.example.com'
+gitlab_https_port   =  '443'
+gitlab_reg_port     = '5050'
+jenkins_cn = host_cn      # e.g. 'jenkins.io.example.com'
+jenkins_port        = '9083'
+nexus_cn = host_cn        # e.g. 'nexus.io.example.com'
+screwdriver_cn = host_cn  # e.g. 'screwdriver.io.example.com'
+screwdriver_ui_port = '9000'  # default: 9000
+vault_cn = host_cn        # e.g. 'vault.io.example.com'
 dockerd_extra_opts = [
   '-H fd://',
   '--bip=192.168.100.1/24 --fixed-cidr=192.168.100.0/24',
@@ -62,6 +64,7 @@ common_names = [
   gitlab_cn,
   jenkins_cn,
   nexus_cn,
+  screwdriver_cn,
   vault_cn,
 ].compact.uniq
 
@@ -324,6 +327,43 @@ override_attributes(
       },
     },
   },
+  'screwdriver' => {
+    'with_ssl_cert_cookbook' => with_ssl,
+    'ssl_cert' => {
+      'common_name' => screwdriver_cn,
+    },
+    'docker-compose' => {
+      'config' => {
+        'services' => {
+          'reverseproxy' => {
+            'ports' => [
+              "#{screwdriver_ui_port}:9000"
+            ],
+            'environment' => {
+            },
+          },
+          'api' => {
+            #'ports' => [
+            #],
+            'environment' => {
+            },
+          },
+          'ui' => {
+            #'ports' => [
+            #],
+            'environment' => {
+            },
+          },
+          'store' => {
+            #'ports' => [
+            #],
+            'environment' => {
+            },
+          },
+        },
+      },
+    },
+  },
   'hc-vault' => {
     'with_ssl_cert_cookbook' => with_ssl,
     'ssl_cert' => {