Reverse proxy gn-auth on production.

* genenetwork/services/genenetwork.scm (<genenetwork-configuration>)[gn-auth-server-name]: New field. * genenetwork/services/genenetwork.scm (genenetwork-nginx-server-block): Rename to ... (genenetwork-nginx-server-blocks): ... this. Return list of reverse proxy blocks including one for gn-auth. * genenetwork/services/genenetwork.scm (genenetwork-service-type): Use genenetwork-nginx-server-blocks instead of genenetwork-nginx-server-block. * production.scm (operating-system)[services]{genenetwork-service-type}: Add gn-auth-server-name.
author: Arun Isaac 2024-03-01 17:15:13 +0000
committer: Arun Isaac 2024-03-01 17:21:11 +0000
commit: 6e89d155df5750966fae7b3039f4b9a81ea0009d (patch)
tree: ad34a5a9d60f50b68f0d422c3219bf479ca6ab7e
parent: 405cd495049efa78c901ae767035b594e4188db8 (diff)
download: gn-machines-6e89d155df5750966fae7b3039f4b9a81ea0009d.tar.gz
2 files changed, 31 insertions, 20 deletions
diff --git a/genenetwork/services/genenetwork.scm b/genenetwork/services/genenetwork.scm
index 2d9e4f1..4e60184 100644
--- a/genenetwork/services/genenetwork.scm
+++ b/genenetwork/services/genenetwork.scm
@@ -61,6 +61,8 @@
            (default gn-auth))
   (server-name genenetwork-configuration-server-name
                (default "genenetwork.org"))
+  (gn-auth-server-name genenetwork-configuration-gn-auth-server-name
+                       (default "auth.genenetwork.org"))
   (gn2-port genenetwork-configuration-gn2-port
             (default 8082))
   (gn3-port genenetwork-configuration-gn3-port
@@ -287,26 +289,34 @@ object."
                               (source gn-auth-secrets)
                               (target source)))))))))
 
-(define (genenetwork-nginx-server-block config)
-  "Return an @code{<nginx-server-configuration>} record specifying
-reverse proxy of the genenetwork service described by @var{config}, a
-@code{<genenetwork-configuration>} record."
+(define (genenetwork-nginx-server-blocks config)
+  "Return a list of @code{<nginx-server-configuration>} records specifying
+reverse proxies for the genenetwork service described by @var{config},
+a @code{<genenetwork-configuration>} record."
   (match-record config <genenetwork-configuration>
-    (server-name gn2-port gn3-port)
-    (nginx-server-configuration
-     (server-name (list server-name))
-     (locations
-      (list (nginx-location-configuration
-             (uri "/")
-             (body (list (string-append "proxy_pass http://localhost:"
-                                        (number->string gn2-port) ";")
-                         "proxy_set_header Host $host;")))
-            (nginx-location-configuration
-             (uri "/api3/")
-             (body (list "rewrite /api3/(.*) /api/$1 break;"
-                         (string-append "proxy_pass http://localhost:"
-                                        (number->string gn3-port) ";")
-                         "proxy_set_header Host $host;"))))))))
+    (server-name gn-auth-server-name gn2-port gn3-port gn-auth-port)
+    (list (nginx-server-configuration
+           (server-name (list server-name))
+           (locations
+            (list (nginx-location-configuration
+                   (uri "/")
+                   (body (list (string-append "proxy_pass http://localhost:"
+                                              (number->string gn2-port) ";")
+                               "proxy_set_header Host $host;")))
+                  (nginx-location-configuration
+                   (uri "/api3/")
+                   (body (list "rewrite /api3/(.*) /api/$1 break;"
+                               (string-append "proxy_pass http://localhost:"
+                                              (number->string gn3-port) ";")
+                               "proxy_set_header Host $host;"))))))
+          (nginx-server-configuration
+           (server-name (list gn-auth-server-name))
+           (locations
+            (list (nginx-location-configuration
+	           (uri "/")
+                   (body (list (string-append "proxy_pass http://localhost:"
+				              (number->string gn-auth-port) ";")
+                               "proxy_set_header Host $host;")))))))))
 
 (define genenetwork-service-type
   (service-type
@@ -320,5 +330,5 @@ reverse proxy of the genenetwork service described by @var{config}, a
           (service-extension gunicorn-service-type
                              genenetwork-gunicorn-apps)
           (service-extension forge-nginx-service-type
-                             (compose list genenetwork-nginx-server-block))))
+                             genenetwork-nginx-server-blocks)))
    (default-value (genenetwork-configuration))))
diff --git a/production.scm b/production.scm
index 12ec385..f422b34 100644
--- a/production.scm
+++ b/production.scm
@@ -61,6 +61,7 @@
                    (service genenetwork-service-type
                             (genenetwork-configuration
                              (server-name "test1.genenetwork.org")
+                             (gn-auth-server-name "test1-auth.genenetwork.org")
                              (gn2-port 8892)
                              (gn3-port 8893)
                              (sql-uri "mysql://webqtlout:webqtlout@localhost/db_webqtl")
author	Arun Isaac	2024-03-01 17:15:13 +0000
committer	Arun Isaac	2024-03-01 17:21:11 +0000
commit	6e89d155df5750966fae7b3039f4b9a81ea0009d (patch)
tree	ad34a5a9d60f50b68f0d422c3219bf479ca6ab7e
parent	405cd495049efa78c901ae767035b594e4188db8 (diff)
download	gn-machines-6e89d155df5750966fae7b3039f4b9a81ea0009d.tar.gz