aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorArun Isaac2024-03-01 17:15:13 +0000
committerArun Isaac2024-03-01 17:21:11 +0000
commit6e89d155df5750966fae7b3039f4b9a81ea0009d (patch)
treead34a5a9d60f50b68f0d422c3219bf479ca6ab7e
parent405cd495049efa78c901ae767035b594e4188db8 (diff)
downloadgn-machines-6e89d155df5750966fae7b3039f4b9a81ea0009d.tar.gz
Reverse proxy gn-auth on production.
* genenetwork/services/genenetwork.scm (<genenetwork-configuration>)[gn-auth-server-name]: New field. * genenetwork/services/genenetwork.scm (genenetwork-nginx-server-block): Rename to ... (genenetwork-nginx-server-blocks): ... this. Return list of reverse proxy blocks including one for gn-auth. * genenetwork/services/genenetwork.scm (genenetwork-service-type): Use genenetwork-nginx-server-blocks instead of genenetwork-nginx-server-block. * production.scm (operating-system)[services]{genenetwork-service-type}: Add gn-auth-server-name.
-rw-r--r--genenetwork/services/genenetwork.scm50
-rw-r--r--production.scm1
2 files changed, 31 insertions, 20 deletions
diff --git a/genenetwork/services/genenetwork.scm b/genenetwork/services/genenetwork.scm
index 2d9e4f1..4e60184 100644
--- a/genenetwork/services/genenetwork.scm
+++ b/genenetwork/services/genenetwork.scm
@@ -61,6 +61,8 @@
(default gn-auth))
(server-name genenetwork-configuration-server-name
(default "genenetwork.org"))
+ (gn-auth-server-name genenetwork-configuration-gn-auth-server-name
+ (default "auth.genenetwork.org"))
(gn2-port genenetwork-configuration-gn2-port
(default 8082))
(gn3-port genenetwork-configuration-gn3-port
@@ -287,26 +289,34 @@ object."
(source gn-auth-secrets)
(target source)))))))))
-(define (genenetwork-nginx-server-block config)
- "Return an @code{<nginx-server-configuration>} record specifying
-reverse proxy of the genenetwork service described by @var{config}, a
-@code{<genenetwork-configuration>} record."
+(define (genenetwork-nginx-server-blocks config)
+ "Return a list of @code{<nginx-server-configuration>} records specifying
+reverse proxies for the genenetwork service described by @var{config},
+a @code{<genenetwork-configuration>} record."
(match-record config <genenetwork-configuration>
- (server-name gn2-port gn3-port)
- (nginx-server-configuration
- (server-name (list server-name))
- (locations
- (list (nginx-location-configuration
- (uri "/")
- (body (list (string-append "proxy_pass http://localhost:"
- (number->string gn2-port) ";")
- "proxy_set_header Host $host;")))
- (nginx-location-configuration
- (uri "/api3/")
- (body (list "rewrite /api3/(.*) /api/$1 break;"
- (string-append "proxy_pass http://localhost:"
- (number->string gn3-port) ";")
- "proxy_set_header Host $host;"))))))))
+ (server-name gn-auth-server-name gn2-port gn3-port gn-auth-port)
+ (list (nginx-server-configuration
+ (server-name (list server-name))
+ (locations
+ (list (nginx-location-configuration
+ (uri "/")
+ (body (list (string-append "proxy_pass http://localhost:"
+ (number->string gn2-port) ";")
+ "proxy_set_header Host $host;")))
+ (nginx-location-configuration
+ (uri "/api3/")
+ (body (list "rewrite /api3/(.*) /api/$1 break;"
+ (string-append "proxy_pass http://localhost:"
+ (number->string gn3-port) ";")
+ "proxy_set_header Host $host;"))))))
+ (nginx-server-configuration
+ (server-name (list gn-auth-server-name))
+ (locations
+ (list (nginx-location-configuration
+ (uri "/")
+ (body (list (string-append "proxy_pass http://localhost:"
+ (number->string gn-auth-port) ";")
+ "proxy_set_header Host $host;")))))))))
(define genenetwork-service-type
(service-type
@@ -320,5 +330,5 @@ reverse proxy of the genenetwork service described by @var{config}, a
(service-extension gunicorn-service-type
genenetwork-gunicorn-apps)
(service-extension forge-nginx-service-type
- (compose list genenetwork-nginx-server-block))))
+ genenetwork-nginx-server-blocks)))
(default-value (genenetwork-configuration))))
diff --git a/production.scm b/production.scm
index 12ec385..f422b34 100644
--- a/production.scm
+++ b/production.scm
@@ -61,6 +61,7 @@
(service genenetwork-service-type
(genenetwork-configuration
(server-name "test1.genenetwork.org")
+ (gn-auth-server-name "test1-auth.genenetwork.org")
(gn2-port 8892)
(gn3-port 8893)
(sql-uri "mysql://webqtlout:webqtlout@localhost/db_webqtl")