From 500018ab0ab6b857881682f497eed2670400d5dd Mon Sep 17 00:00:00 2001 From: Taehoon Kim <95288696+goathoon@users.noreply.github.com> Date: Wed, 31 Jan 2024 16:57:40 +0900 Subject: [PATCH] =?UTF-8?q?Caddyfile=20secret=20=EB=B3=80=EC=88=98=20?= =?UTF-8?q?=EC=A3=BC=EC=9E=85=20(#14)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat/fix: apply NAT IP only AWS to LOKI request by Caddy 1. codedang AWS에서 오는 요청만 LOKI에서 수집하기 위해 Caddy에서 특정 NAT IP만 프록시하도록 설정하였습니다. 2. github action flow 를 보완하였습니다. - Caddy를 reload하는 과정은 static frontend file mount가 정상적으로 작동하지 않았을 때 해결하는 과정이므로 불필요하다고 생각합니다. - 사용하지 않는 volume을 삭제하는 과정은 추후 로그 분석시 이전 log가 삭제될 가능성을 염두하였을 때 불필요하다고 생각합니다. - container가 running인지 확인하는 과정은 log container에 국한되므로, 이를 분리합니다. * fix(Caddy): reload caddy not running compose caddy up always * fix(Caddy): edit env variable of Caddyfile --- .github/workflows/update-stage.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/update-stage.yml b/.github/workflows/update-stage.yml index 17be867..9dbd265 100644 --- a/.github/workflows/update-stage.yml +++ b/.github/workflows/update-stage.yml @@ -35,9 +35,13 @@ jobs: run: | docker compose --profile caddy up -d --no-recreate - - name: Copy Caddyfile into Caddy Container + - name: Set Caddyfile Environment Variables env: - AWS_REQ_IP: ${{ secrets.AWS_NAT_IP }} + AWS_REQ_IP: ${{ secrets.AWS_REQ_IP}} + run: | + sed -i "s/{$AWS_REQ_IP}/$AWS_REQ_IP/" ./Caddyfile + + - name: Copy Caddyfile into Caddy Container run: | docker cp ./Caddyfile caddy:/etc/caddy/Caddyfile