From 6e89d155df5750966fae7b3039f4b9a81ea0009d Mon Sep 17 00:00:00 2001 From: Arun Isaac Date: Fri, 1 Mar 2024 17:15:13 +0000 Subject: Reverse proxy gn-auth on production. * genenetwork/services/genenetwork.scm ()[gn-auth-server-name]: New field. * genenetwork/services/genenetwork.scm (genenetwork-nginx-server-block): Rename to ... (genenetwork-nginx-server-blocks): ... this. Return list of reverse proxy blocks including one for gn-auth. * genenetwork/services/genenetwork.scm (genenetwork-service-type): Use genenetwork-nginx-server-blocks instead of genenetwork-nginx-server-block. * production.scm (operating-system)[services]{genenetwork-service-type}: Add gn-auth-server-name. --- genenetwork/services/genenetwork.scm | 50 +++++++++++++++++++++--------------- 1 file changed, 30 insertions(+), 20 deletions(-) (limited to 'genenetwork/services') diff --git a/genenetwork/services/genenetwork.scm b/genenetwork/services/genenetwork.scm index 2d9e4f1..4e60184 100644 --- a/genenetwork/services/genenetwork.scm +++ b/genenetwork/services/genenetwork.scm @@ -61,6 +61,8 @@ (default gn-auth)) (server-name genenetwork-configuration-server-name (default "genenetwork.org")) + (gn-auth-server-name genenetwork-configuration-gn-auth-server-name + (default "auth.genenetwork.org")) (gn2-port genenetwork-configuration-gn2-port (default 8082)) (gn3-port genenetwork-configuration-gn3-port @@ -287,26 +289,34 @@ object." (source gn-auth-secrets) (target source))))))))) -(define (genenetwork-nginx-server-block config) - "Return an @code{} record specifying -reverse proxy of the genenetwork service described by @var{config}, a -@code{} record." +(define (genenetwork-nginx-server-blocks config) + "Return a list of @code{} records specifying +reverse proxies for the genenetwork service described by @var{config}, +a @code{} record." (match-record config - (server-name gn2-port gn3-port) - (nginx-server-configuration - (server-name (list server-name)) - (locations - (list (nginx-location-configuration - (uri "/") - (body (list (string-append "proxy_pass http://localhost:" - (number->string gn2-port) ";") - "proxy_set_header Host $host;"))) - (nginx-location-configuration - (uri "/api3/") - (body (list "rewrite /api3/(.*) /api/$1 break;" - (string-append "proxy_pass http://localhost:" - (number->string gn3-port) ";") - "proxy_set_header Host $host;")))))))) + (server-name gn-auth-server-name gn2-port gn3-port gn-auth-port) + (list (nginx-server-configuration + (server-name (list server-name)) + (locations + (list (nginx-location-configuration + (uri "/") + (body (list (string-append "proxy_pass http://localhost:" + (number->string gn2-port) ";") + "proxy_set_header Host $host;"))) + (nginx-location-configuration + (uri "/api3/") + (body (list "rewrite /api3/(.*) /api/$1 break;" + (string-append "proxy_pass http://localhost:" + (number->string gn3-port) ";") + "proxy_set_header Host $host;")))))) + (nginx-server-configuration + (server-name (list gn-auth-server-name)) + (locations + (list (nginx-location-configuration + (uri "/") + (body (list (string-append "proxy_pass http://localhost:" + (number->string gn-auth-port) ";") + "proxy_set_header Host $host;"))))))))) (define genenetwork-service-type (service-type @@ -320,5 +330,5 @@ reverse proxy of the genenetwork service described by @var{config}, a (service-extension gunicorn-service-type genenetwork-gunicorn-apps) (service-extension forge-nginx-service-type - (compose list genenetwork-nginx-server-block)))) + genenetwork-nginx-server-blocks))) (default-value (genenetwork-configuration)))) -- cgit v1.2.3