Compare commits
2 Commits
8220c62233
...
512c3d6dd9
Author | SHA1 | Date |
---|---|---|
Starbeamrainbowlabs | 512c3d6dd9 | |
Starbeamrainbowlabs | f8a3ba9eb1 |
|
@ -1,25 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
SCRIPT "jobs/consul-server/common.sh";
|
||||
|
||||
COPY "../consul/client.hcl" "/tmp/client.hcl"
|
||||
|
||||
RUN "sudo mv /tmp/client.hcl /etc/consul/client.hcl";
|
||||
RUN "sudo chown root:root /etc/consul/client.hcl";
|
||||
RUN "sudo apt-get update";
|
||||
RUN "sudo apt-get install --yes hashicorp-consul-systemd-client";
|
||||
|
||||
# Do we need these as a client? I'm guessing not....?
|
||||
# If we run into issues, we'll unblock them.
|
||||
# RUN "sudo ufw allow 8301 comment consul-serf-lan";
|
||||
# # RUN "sudo ufw allow 8300/tcp comment consul-rpc";
|
||||
# RUN "sudo ufw allow 8600 comment consul-dns";
|
||||
|
||||
# Commented out since we're now running over wgoverlay & allowing all traffic on that interface because dynamic ports
|
||||
# Delete old ufw rules
|
||||
RUN "sudo ufw delete allow 8301 comment consul-serf-lan";
|
||||
RUN "sudo ufw delete allow 8300/tcp comment consul-rpc";
|
||||
RUN "sudo ufw delete allow 8600 comment consul-dns";
|
||||
|
||||
RUN "sudo systemctl enable consul.service";
|
||||
RUN "sudo systemctl restart consul.service";
|
|
@ -1,25 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
log_msg() {
|
||||
echo -e "[ ${HOSTNAME} ] [ $(date -u +"%Y-%m-%dT%H:%M:%SZ") ] $@" >&2;
|
||||
}
|
||||
|
||||
|
||||
log_msg "Installing consul";
|
||||
sudo apt-get update;
|
||||
sudo apt-get install --yes hashicorp-consul;
|
||||
|
||||
log_msg "consul installed successfully. Version:";
|
||||
consul --version;
|
||||
|
||||
log_msg "Creating directories";
|
||||
if [[ ! -d "/etc/consul" ]]; then
|
||||
sudo mkdir /etc/consul;
|
||||
sudo chown root:root /etc/consul;
|
||||
fi
|
||||
|
||||
if [[ ! -d "/srv/consul" ]]; then
|
||||
sudo mkdir /srv/consul;
|
||||
sudo chown root:root /srv/consul;
|
||||
sudo chmod 0750 /srv/consul;
|
||||
fi
|
|
@ -1,25 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
SCRIPT "${JOBFILE_DIR}/common.sh";
|
||||
|
||||
COPY "../consul/server.hcl" "/tmp/server.hcl"
|
||||
|
||||
RUN "sudo mv /tmp/server.hcl /etc/consul/server.hcl";
|
||||
RUN "sudo chown root:root /etc/consul/server.hcl";
|
||||
RUN "sudo apt-get update";
|
||||
RUN "sudo apt-get install --yes hashicorp-consul-systemd-server";
|
||||
|
||||
# TODO: Restrict these to the wesher subnet, and add 8500/tcp (the HTTP API)
|
||||
# TODO: Do that for Nomad too
|
||||
# RUN "sudo ufw allow 8301 comment consul-serf-lan";
|
||||
# RUN "sudo ufw allow 8300/tcp comment consul-rpc";
|
||||
# RUN "sudo ufw allow 8600 comment consul-dns";
|
||||
|
||||
# Commented out since we're now running over wgoverlay & allowing all traffic on that interface because dynamic ports
|
||||
# Delete old ufw rules
|
||||
RUN "sudo ufw delete allow 8301 comment consul-serf-lan";
|
||||
RUN "sudo ufw delete allow 8300/tcp comment consul-rpc";
|
||||
RUN "sudo ufw delete allow 8600 comment consul-dns";
|
||||
|
||||
RUN "sudo systemctl enable consul.service";
|
||||
RUN "sudo systemctl restart consul.service";
|
|
@ -1,3 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
SCRIPT "${JOBFILE_DIR}/dns.sh";
|
|
@ -9,9 +9,10 @@ cp "configs/consul-client.hcl" "/etc/consul/client.hcl";
|
|||
cp "configs/consul-server.hcl" "/etc/consul/server.hcl";
|
||||
subtask_end "$?";
|
||||
|
||||
# No UFW rules required, as we're now using wesher/wireguard, and allowing all inbound traffic on that interface
|
||||
|
||||
subtask_begin "Starting Consul and enabling on boot";
|
||||
systemctl consul;
|
||||
subtask_end "$?";
|
||||
|
||||
|
||||
task_end "$?";
|
||||
|
|
Loading…
Reference in New Issue