add uptables to ansible for navi, cleanup

Anandkumar Patel · Anandkumar Patel · commit 59d074dd87df · 2016-06-20T13:58:27.000-07:00
diff --git a/ansible/group_vars/alpha-consul-template-updater.yml b/ansible/group_vars/alpha-consul-template-updater.yml
@@ -14,4 +14,4 @@ container_run_opts: >
 container_run_args: >
   -consul={{ consul_host_address }}:{{ consul_api_port }}
   -wait=1s
-  -template="/tmp/template:{{ target_updater_file_path }}/{{ out_file }}:{{ template_command }}"
+  -template="/tmp/template:{{ target_updater_file_path }}/{{ proxy_service_name }}.conf:{{ template_command }}"
diff --git a/ansible/group_vars/alpha-navi-proxy.yml b/ansible/group_vars/alpha-navi-proxy.yml
@@ -2,16 +2,18 @@
 name: nginx
 
 # used by consul template updater
+proxy_service_name: navi
 target_container_name: nginx
 target_updater_file_path: /etc/nginx/sites-enabled
-template_path: /etc/nginx/template/navi.tmpl
 template_command: /bin/docker kill -s HUP {{ target_container_name }}
-out_file: navi.conf
+template_path: /etc/nginx/template/navi.tmpl
 
 # used by container_kill_start
 container_image: "{{ name }}"
 container_tag: "1.10"
 
+restart_policy: always
+
 container_run_opts: >
   -d
   --net=host
diff --git a/ansible/group_vars/alpha-registrator.yml b/ansible/group_vars/alpha-registrator.yml
@@ -4,6 +4,8 @@ name: registrator
 container_image: gliderlabs/registrator
 container_tag: v7
 
+restart_policy: always
+
 container_run_opts: >
   -d
   --hostname={{ ansible_hostname }}
diff --git a/ansible/roles/content-domain-proxy/tasks/main.yml b/ansible/roles/content-domain-proxy/tasks/main.yml
@@ -44,13 +44,6 @@
     dest: /etc/nginx
     state: directory
 
-- name: assert nginx sites-enabled directory
-  tags: [ configure_proxy ]
-  become: yes
-  file:
-    state: directory
-    dest: /etc/nginx/sites-enabled
-
 - name: put nginx configuration in place
   tags: [ configure_proxy ]
   become: yes
@@ -70,4 +63,20 @@
   become: yes
   template:
     src: navi.tmpl
-    dest: /etc/nginx/template
+    dest: /etc/nginx/template/navi.tmpl
+
+- name: setup ip table rule to redir all to port 80
+  tags: [ configure_proxy, iptables ]
+  become: yes
+  iptables:
+    table=nat
+    chain=PREROUTING
+    in_interface=eth0
+    protocol=tcp
+    destination_port={{ item }}
+    jump=REDIRECT
+    to_ports=80
+    comment="Redirect {{ item }} traffic to port 80"
+  with_items:
+  - 81:442
+  - 444:65535
diff --git a/ansible/roles/content-domain-proxy/templates/navi.tmpl b/ansible/roles/content-domain-proxy/templates/navi.tmpl
@@ -4,7 +4,7 @@ map $http_upgrade $connection_upgrade {
 }
 
 upstream {{ name }} {
- {{ '{{' }}range service "{{ name }}"{{ '}}' }} server {{ '{{' }}.Address{{ '}}' }}:{{ '{{' }}.Port{{ '}}' }} max_fails=0 fail_timeout=1s;
+ {{ '{{' }}range service "{{ proxy_service_name }}"{{ '}}' }} server {{ '{{' }}.Address{{ '}}' }}:{{ '{{' }}.Port{{ '}}' }} max_fails=0 fail_timeout=1s;
  {{ '{{' }}end{{ '}}' }}
 }
 

Original file line number	Diff line number	Diff line change
`@@ -4,7 +4,7 @@ map $http_upgrade $connection_upgrade {`
`4`	`4`	`}`
`5`	`5`
`6`	`6`	`upstream {{ name }} {`
`7`		`- {{ '{{' }}range service "{{ name }}"{{ '}}' }} server {{ '{{' }}.Address{{ '}}' }}:{{ '{{' }}.Port{{ '}}' }} max_fails=0 fail_timeout=1s;`
	`7`	`+ {{ '{{' }}range service "{{ proxy_service_name }}"{{ '}}' }} server {{ '{{' }}.Address{{ '}}' }}:{{ '{{' }}.Port{{ '}}' }} max_fails=0 fail_timeout=1s;`
`8`	`8`	`{{ '{{' }}end{{ '}}' }}`
`9`	`9`	`}`
`10`	`10`