.deploy-nginx/deploy-dev.yaml

@@ -6,9 +6,6 @@ services:
     image: mathwave/sprint-repo:sprint-infra-nginx-dev
     networks:
       - common-infra-nginx-development
-      - configurator
-    environment:
-      MINIO_SECRET_KEY: $MINIO_SECRET_KEY_DEV
     ports:
       - published: 80
         target: 80
@@ -30,5 +27,3 @@ services:
 networks:
   common-infra-nginx-development:
     external: true
-  configurator:
-    external: true

.deploy-nginx/deploy-prod.yaml

@@ -6,9 +6,6 @@ services:
     image: mathwave/sprint-repo:sprint-infra-nginx-prod
     networks:
       - common-infra-nginx
-      - configurator
-    environment:
-      MINIO_SECRET_KEY: $MINIO_SECRET_KEY_PROD
     ports:
       - published: 80
         target: 80
@@ -29,6 +26,4 @@ services:
 
 networks:
   common-infra-nginx:
-    external: true
+    external: true
-  configurator:
-    external: true

nginx/nginx-dev/prepare.py

@@ -39,10 +39,7 @@ for host, params in hosts.items():
     '''.format(host=host, target_host=params['host'], port=params['port'])
     fullchain = minio_client.get_object("certupdater", f'certificates/{host}/fullchain.pem')
     privkey = minio_client.get_object("certupdater", f'certificates/{host}/privkey.pem')
-    try:
+    os.mkdir(f'/etc/nginx/{host}')
-        os.mkdir(f'/etc/nginx/{host}')
-    except FileExistsError:
-        ...
     with open(f"/etc/nginx/{host}/fullchain.pem", 'wb') as fp:
         fp.write(fullchain.data)
     with open(f"/etc/nginx/{host}/privkey.pem", 'wb') as fp:

nginx/nginx-prod/prepare.py

@@ -12,10 +12,10 @@ minio_client = Minio(
 
 
 hosts = get('http://configurator/api/v1/fetch?project=certupdater&stage=production').json()['configs']['hosts']
-hosts = {**hosts, 'platform.sprinthub.ru': {'host': 'platform-nginx', 'port': 1238}}
+hosts = list(set(hosts + ['platform.sprinthub.ru']))
 
 config = ''
-for host, params in hosts.items():
+for host in hosts:
     config += '''
         server {{
             listen      443 ssl http2;
@@ -33,16 +33,13 @@ for host, params in hosts.items():
 
             location / {{
                 resolver 127.0.0.11;
-                proxy_pass http://{target_host}:{port}$request_uri;
+                proxy_pass http://{pre_domain}-nginx:1238$request_uri;
             }}
         }}\n\n
-    '''.format(host=host, target_host=params['host'], port=params['port'])
+    '''.format(host=host, pre_domain=host.split('.')[0])
     fullchain = minio_client.get_object("certupdater", f'certificates/{host}/fullchain.pem')
     privkey = minio_client.get_object("certupdater", f'certificates/{host}/privkey.pem')
-    try:
+    os.mkdir(f'/etc/nginx/{host}')
-        os.mkdir(f'/etc/nginx/{host}')
-    except FileExistsError:
-        ...
     with open(f"/etc/nginx/{host}/fullchain.pem", 'wb') as fp:
         fp.write(fullchain.data)
     with open(f"/etc/nginx/{host}/privkey.pem", 'wb') as fp: