From ede895d49357ecb8b26b3a1b142d9e640c8660fa Mon Sep 17 00:00:00 2001 From: Greg Tyler Date: Tue, 15 Oct 2024 14:22:13 +0100 Subject: [PATCH] Run fixtures on non-privileged port But it will still be providing 443 at the load balancer. #patch --- fixtures/Dockerfile | 4 ++-- terraform/modules/fixtures_service/ecs.tf | 6 +++--- terraform/modules/fixtures_service/load_balancer.tf | 2 +- .../modules/fixtures_service/load_balancer_security.tf | 4 ++-- terraform/modules/fixtures_service/security_group.tf | 4 ++-- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/fixtures/Dockerfile b/fixtures/Dockerfile index b49dbd06..10129a0f 100644 --- a/fixtures/Dockerfile +++ b/fixtures/Dockerfile @@ -24,9 +24,9 @@ COPY fixtures/static static COPY fixtures/templates templates COPY docs/schemas static/schemas -EXPOSE 80 +EXPOSE 8080 RUN addgroup -S app && adduser -S -g app app USER app -CMD [ "flask", "run", "--host", "0.0.0.0", "--port", "80"] +CMD [ "flask", "run", "--host", "0.0.0.0", "--port", "8080"] diff --git a/terraform/modules/fixtures_service/ecs.tf b/terraform/modules/fixtures_service/ecs.tf index f2e8ea02..e4326170 100644 --- a/terraform/modules/fixtures_service/ecs.tf +++ b/terraform/modules/fixtures_service/ecs.tf @@ -19,7 +19,7 @@ resource "aws_ecs_service" "fixtures" { load_balancer { target_group_arn = aws_lb_target_group.fixtures.arn container_name = "fixtures" - container_port = 80 + container_port = 8080 } network_configuration { @@ -60,8 +60,8 @@ locals { name = "fixtures", portMappings = [ { - containerPort = 80, - hostPort = 80, + containerPort = 8080, + hostPort = 8080, protocol = "tcp" } ], diff --git a/terraform/modules/fixtures_service/load_balancer.tf b/terraform/modules/fixtures_service/load_balancer.tf index 0632ca33..98329d3d 100644 --- a/terraform/modules/fixtures_service/load_balancer.tf +++ b/terraform/modules/fixtures_service/load_balancer.tf @@ -57,7 +57,7 @@ resource "aws_lb_listener_rule" "fixtures" { resource "aws_lb_target_group" "fixtures" { name = "fixtures-${var.environment_name}-http" - port = 80 + port = 8080 protocol = "HTTP" target_type = "ip" vpc_id = var.vpc_id diff --git a/terraform/modules/fixtures_service/load_balancer_security.tf b/terraform/modules/fixtures_service/load_balancer_security.tf index 5b4410f2..5d13346e 100644 --- a/terraform/modules/fixtures_service/load_balancer_security.tf +++ b/terraform/modules/fixtures_service/load_balancer_security.tf @@ -39,8 +39,8 @@ resource "aws_security_group" "loadbalancer_gov_wifi" { resource "aws_security_group_rule" "loadbalancer_egress_to_ecs" { type = "egress" protocol = "tcp" - from_port = 80 - to_port = 80 + from_port = 8080 + to_port = 8080 security_group_id = aws_security_group.loadbalancer_gov_wifi.id source_security_group_id = aws_security_group.ecs.id diff --git a/terraform/modules/fixtures_service/security_group.tf b/terraform/modules/fixtures_service/security_group.tf index a5611ad7..c7b815f3 100644 --- a/terraform/modules/fixtures_service/security_group.tf +++ b/terraform/modules/fixtures_service/security_group.tf @@ -8,8 +8,8 @@ resource "aws_security_group" "ecs" { resource "aws_security_group_rule" "alb_ingress" { type = "ingress" protocol = "tcp" - from_port = 80 - to_port = 80 + from_port = 8080 + to_port = 8080 source_security_group_id = aws_security_group.loadbalancer_gov_wifi.id security_group_id = aws_security_group.ecs.id description = "Inbound from the ALB"