From e1e482212b39fa9be1e017cb814df96aeff2dabc Mon Sep 17 00:00:00 2001 From: YuryHrytsuk Date: Tue, 17 Oct 2023 13:50:55 +0200 Subject: [PATCH 1/7] Return removed staging CA for letsenrypt --- services/traefik/docker-compose.public.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/traefik/docker-compose.public.yml b/services/traefik/docker-compose.public.yml index 027b7eac..6ebb3078 100644 --- a/services/traefik/docker-compose.public.yml +++ b/services/traefik/docker-compose.public.yml @@ -30,7 +30,7 @@ services: - "--certificatesresolvers.myresolver.acme.dnschallenge.delaybeforecheck=120" - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json" # For debug purpose, to avoid being ban by let's encrypt servers - #- "" + #- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory" - "--certificatesresolvers.myresolver.acme.dnschallenge.resolvers=${RFC2136_NAMESERVER}" volumes: - "letsencrypt_certs:/letsencrypt" From 6f287f8ace0ea0ad611434db5c36907607d5de45 Mon Sep 17 00:00:00 2001 From: YuryHrytsuk Date: Thu, 19 Oct 2023 14:48:13 +0200 Subject: [PATCH 2/7] Fix missing $ --- services/simcore/template.env | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/services/simcore/template.env b/services/simcore/template.env index ebaca163..f9037fb4 100644 --- a/services/simcore/template.env +++ b/services/simcore/template.env @@ -109,9 +109,9 @@ RABBIT_SECURE=${RABBIT_SECURE} R_CLONE_PROVIDER=${R_CLONE_PROVIDER} R_CLONE_VFS_CACHE_MODE=${R_CLONE_VFS_CACHE_MODE} -R_CLONE_OPTION_TRANSFERS={R_CLONE_OPTION_TRANSFERS} -R_CLONE_OPTION_RETRIES={R_CLONE_OPTION_RETRIES} -R_CLONE_OPTION_BUFFER_SIZE={R_CLONE_OPTION_BUFFER_SIZE} +R_CLONE_OPTION_TRANSFERS=${R_CLONE_OPTION_TRANSFERS} +R_CLONE_OPTION_RETRIES=${R_CLONE_OPTION_RETRIES} +R_CLONE_OPTION_BUFFER_SIZE=${R_CLONE_OPTION_BUFFER_SIZE} REDIS_HOST=${REDIS_HOST} REDIS_PORT=${REDIS_PORT} From 04f2ba0851c78b741a842880a47ddc84cea9f26f Mon Sep 17 00:00:00 2001 From: YuryHrytsuk Date: Tue, 31 Oct 2023 10:57:31 +0100 Subject: [PATCH 3/7] Remove PAYMENTS_AUTORECHARGE_DEFAULT_MIN_BALANCE --- services/simcore/template.env | 1 - 1 file changed, 1 deletion(-) diff --git a/services/simcore/template.env b/services/simcore/template.env index 189776b9..f3a8245b 100644 --- a/services/simcore/template.env +++ b/services/simcore/template.env @@ -296,7 +296,6 @@ WB_DB_EL_PAYMENTS=${WB_DB_EL_PAYMENTS} PAYMENTS_ACCESS_TOKEN_EXPIRE_MINUTES=${PAYMENTS_ACCESS_TOKEN_EXPIRE_MINUTES} PAYMENTS_ACCESS_TOKEN_SECRET_KEY=${PAYMENTS_ACCESS_TOKEN_SECRET_KEY} -PAYMENTS_AUTORECHARGE_DEFAULT_MIN_BALANCE=${PAYMENTS_AUTORECHARGE_DEFAULT_MIN_BALANCE} PAYMENTS_AUTORECHARGE_DEFAULT_TOP_UP_AMOUNT=${PAYMENTS_AUTORECHARGE_DEFAULT_TOP_UP_AMOUNT} PAYMENTS_FAKE_COMPLETION=${PAYMENTS_FAKE_COMPLETION} PAYMENTS_FAKE_COMPLETION_DELAY_SEC=${PAYMENTS_FAKE_COMPLETION_DELAY_SEC} From 6de3477ffa06d95882ddbbdb3b16b167bce68611 Mon Sep 17 00:00:00 2001 From: YuryHrytsuk Date: Tue, 21 Nov 2023 15:39:42 +0100 Subject: [PATCH 4/7] Add missing deploy constraint to prom catch all --- services/monitoring/docker-compose.master.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/services/monitoring/docker-compose.master.yml b/services/monitoring/docker-compose.master.yml index a0fd2fc2..1ff008f0 100644 --- a/services/monitoring/docker-compose.master.yml +++ b/services/monitoring/docker-compose.master.yml @@ -9,6 +9,7 @@ services: deploy: placement: constraints: + - node.labels.prometheus==true prometheusfederation: deploy: placement: From a95e472411d1d405cac7493c4eab4f49ebab38a0 Mon Sep 17 00:00:00 2001 From: YuryHrytsuk Date: Fri, 24 Nov 2023 16:24:21 +0100 Subject: [PATCH 5/7] add docs --- ...sencrypt-dns-challenge-workflow.drawio.svg | 276 ++++++++++++++++++ 1 file changed, 276 insertions(+) create mode 100644 docs/letsencrypt-dns-challenge-workflow.drawio.svg diff --git a/docs/letsencrypt-dns-challenge-workflow.drawio.svg b/docs/letsencrypt-dns-challenge-workflow.drawio.svg new file mode 100644 index 00000000..3dd0304b --- /dev/null +++ b/docs/letsencrypt-dns-challenge-workflow.drawio.svg @@ -0,0 +1,276 @@ + + + + + + + + + + + + +
+
+
+ Token +
+
+
+ + + Token + + + + + + +
+
+
+ 2 +
+
+
+ + + 2 + + + + + + + + +
+
+
+ Verify generated +
+ TXT record +
+
+
+ + + Verify generated... + + + + + + +
+
+
+ 4 +
+
+
+ + + 4 + + + + + + + + +
+
+
+ Issue +
+ certificate +
+
+
+ + + Issue... + + + + + + +
+
+
+ 5 +
+
+
+ + + 5 + + + + + + + +
+
+
+ + letsencrypt + +
+
+
+ + + letsencrypt + + + + + + + + +
+
+
+ + Generate +
+ Certificate + +
+
+
+ + + Generate... + + + + + + +
+
+
+ 1 +
+
+
+ + + 1 + + + + + + + + +
+
+
+ Create + + TXT + + record with Token +
+
+
+ + + Create TXT record with Token + + + + + + +
+
+
+ 3 +
+
+
+ + + 3 + + + + + + + +
+
+
+ + traefik + +
+
+
+ + + traefik + + + + + + +
+
+
+ + _acme-challenge.<YOUR_DOMAIN> + +
+
+
+ + + _acme-challenge.<YOUR_DOMAIN> + + + + + + + +
+
+
+ + RFC2136 dns provider + +
+
+
+ + + RFC2136 dns provider + + + + + + + + + Text is not SVG - cannot display + + + + From 0be8c51245d590122f76b2e63fcb5f7a8964878a Mon Sep 17 00:00:00 2001 From: YuryHrytsuk Date: Fri, 24 Nov 2023 16:28:42 +0100 Subject: [PATCH 6/7] fix --- ...sencrypt-dns-challenge-workflow.drawio.svg | 90 ++++++++++--------- 1 file changed, 46 insertions(+), 44 deletions(-) diff --git a/docs/letsencrypt-dns-challenge-workflow.drawio.svg b/docs/letsencrypt-dns-challenge-workflow.drawio.svg index 3dd0304b..35291a74 100644 --- a/docs/letsencrypt-dns-challenge-workflow.drawio.svg +++ b/docs/letsencrypt-dns-challenge-workflow.drawio.svg @@ -1,18 +1,18 @@ - + - - - - + + + + -
+
Token @@ -20,7 +20,7 @@
- + Token @@ -28,7 +28,7 @@ -
+
2 @@ -36,17 +36,17 @@
- + 2 - - + + -
+
Verify generated @@ -56,7 +56,7 @@
- + Verify generated... @@ -64,7 +64,7 @@ -
+
4 @@ -72,17 +72,17 @@
- + 4 - - + + -
+
Issue @@ -92,7 +92,7 @@
- + Issue... @@ -100,7 +100,7 @@ -
+
5 @@ -108,16 +108,16 @@
- + 5 - + -
+
@@ -127,17 +127,17 @@
- + letsencrypt - - + + -
+
@@ -149,7 +149,7 @@
- + Generate... @@ -157,7 +157,7 @@ -
+
1 @@ -165,17 +165,17 @@
- + 1 - - + + -
+
Create @@ -187,7 +187,7 @@
- + Create TXT record with Token @@ -195,7 +195,7 @@ -
+
3 @@ -203,16 +203,16 @@
- + 3 - + -
+
@@ -222,7 +222,7 @@
- + traefik @@ -230,7 +230,7 @@ -
+
@@ -240,16 +240,16 @@
- + _acme-challenge.<YOUR_DOMAIN> - + -
+
@@ -259,11 +259,13 @@
- + RFC2136 dns provider + + From f59d1e87ad872349be7bf8db318732d8ccfc53b3 Mon Sep 17 00:00:00 2001 From: YuryHrytsuk Date: Fri, 24 Nov 2023 16:30:12 +0100 Subject: [PATCH 7/7] add oclor --- docs/letsencrypt-dns-challenge-workflow.drawio.svg | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/letsencrypt-dns-challenge-workflow.drawio.svg b/docs/letsencrypt-dns-challenge-workflow.drawio.svg index 35291a74..eaf2e1c5 100644 --- a/docs/letsencrypt-dns-challenge-workflow.drawio.svg +++ b/docs/letsencrypt-dns-challenge-workflow.drawio.svg @@ -1,4 +1,4 @@ - +