+

Proxy/HAProxy_install.md

@@ -6,9 +6,9 @@ Connect to the required server:
 ```sh
 ssh administrator@10.101.1.3 -p 22
 ```
-Connect to CCALM Turkish infrastructure:
+Home server
 ```sh
-ssh igor@88.218.94.134 -p 2200
+ssh igor@192.168.200.81 -p 22
 ```
 ----------------------------------------------------------------------------------------------------
 ## Install haproxy

Proxy/Traefik_install.md

@@ -107,7 +107,7 @@ http:
     ccalm-api-auth:
       entryPoints:
         - websecure
-      rule: "Host(`ccalm.test`) && PathPrefix(`/api/authorization/v02/`)"
+      rule: "(Host(`ccalm.test`) || Host(`almaty.ccalm.test`)) && PathPrefix(`/api/authorization/v02/`)"
       service: org_ccalm_api_authorization_v02
       tls:
         certresolver: myresolver
@@ -117,7 +117,7 @@ http:
     ccalm-dbms:
       entryPoints:
         - websecure
-      rule: "Host(`ccalm.test`) && PathPrefix(`/api/dbms/v09/`)"
+      rule: "(Host(`ccalm.test`) || Host(`almaty.ccalm.test`)) && PathPrefix(`/api/dbms/v09/`)"
       service: org_ccalm_dbms_v09
       tls:
         certresolver: myresolver
@@ -127,7 +127,7 @@ http:
     ccalm-translation:
       entryPoints:
         - websecure
-      rule: "Host(`ccalm.test`) && PathPrefix(`/api/translation/v01/`)"
+      rule: "(Host(`ccalm.test`) || Host(`almaty.ccalm.test`)) && PathPrefix(`/api/translation/v01/`)"
       service: org_ccalm_translation_v01
       tls:
         certresolver: myresolver
@@ -137,7 +137,7 @@ http:
     ccalm-login:
       entryPoints:
         - websecure
-      rule: "Host(`ccalm.test`) && PathPrefix(`/login/`)"
+      rule: "(Host(`ccalm.test`) || Host(`almaty.ccalm.test`)) && PathPrefix(`/login/`)"
       service: org_ccalm_login_v01
       tls:
         certresolver: myresolver
@@ -145,7 +145,7 @@ http:
     ccalm-default:
       entryPoints:
         - websecure
-      rule: "Host(`ccalm.test`)"
+      rule: "(Host(`ccalm.test`) || Host(`almaty.ccalm.test`))"
       service: org_ccalm
       tls:
         certresolver: myresolver
@@ -164,6 +164,13 @@ http:
       service: local_gotify
       tls: {}
 
+    vault:
+      entryPoints:
+        - websecure
+      rule: "Host(`vault.local`)"
+      service: local_vault
+      tls: {}
+
   middlewares:
     strip-auth-prefix:
       stripPrefix:
@@ -199,6 +206,16 @@ http:
           path: "/"
           interval: "5s"
 
+    # Бэкенд для local_vault
+    local_vault:
+      loadBalancer:
+        servers:
+          - url: "https://192.168.200.85:8200"
+        serversTransport: insecureTransport
+        healthCheck:
+          path: "/"
+          interval: "5s"
+
     # Бэкенд для org_ccalm_api_authorization_v02 (HTTPS с отключенной проверкой SSL)
     org_ccalm_api_authorization_v02:
       loadBalancer:
@@ -264,6 +281,8 @@ tls:
       keyFile: "/etc/traefik/certs/powerdns.local.key"
     - certFile: "/etc/traefik/certs/gotify.local.crt"
       keyFile: "/etc/traefik/certs/gotify.local.key"
+    - certFile: "/etc/traefik/certs/vault.local.crt"
+      keyFile: "/etc/traefik/certs/vault.local.key"
     - certFile: "/etc/traefik/certs/wildcard.local.crt"
       keyFile: "/etc/traefik/certs/wildcard.local.key"
     - certFile: "/etc/traefik/certs/wildcard.test.crt"