From a60e47bd973e0ef073e2755691fa318fe1072cae Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Th=C3=A9o=20-=20Le=20Filament?= <theo@le-filament.com>
Date: Wed, 7 Aug 2024 14:33:57 +0200
Subject: [PATCH] feat: new endpoint on port 8443

---
 templates/inverseproxy.yaml.j2 |  8 ++++++++
 templates/traefik.toml.j2      | 10 ++++++++++
 2 files changed, 18 insertions(+)

diff --git a/templates/inverseproxy.yaml.j2 b/templates/inverseproxy.yaml.j2
index 2ff16b1..82c7a15 100644
--- a/templates/inverseproxy.yaml.j2
+++ b/templates/inverseproxy.yaml.j2
@@ -46,9 +46,17 @@ services:
             - "0.0.0.0:80:80/tcp"
             - "0.0.0.0:443:443/tcp"
             - "0.0.0.0:443:443/udp"
+{% if inventory_hostname in groups['maintenance_contract'] %}
+            - "0.0.0.0:8443:8443/tcp"
+            - "0.0.0.0:8443:8443/udp"
+{% endif %}
             - "[::]:80:80/tcp"
             - "[::]:443:443/tcp"
             - "[::]:443:443/udp"
+{% if inventory_hostname in groups['maintenance_contract'] %}
+            - "[::]:8443:8443/tcp"
+            - "[::]:8443:8443/udp"
+{% endif %}
         depends_on:
             - dockersocket
         restart: unless-stopped
diff --git a/templates/traefik.toml.j2 b/templates/traefik.toml.j2
index c1e564a..8efdd6b 100644
--- a/templates/traefik.toml.j2
+++ b/templates/traefik.toml.j2
@@ -17,6 +17,16 @@
     [entryPoints.websecure.http3]
       advertisedPort = 443
 
+  [entryPoints.websecure_updater]
+    address = ":8443"
+    [entryPoints.websecure_updater.http]
+      middlewares = ["security-headers@file"{% if inventory_hostname not in groups.docker_tuleap | default([]) %}, "limit@file"{% endif %}, "compression@file"]
+      [entryPoints.websecure_updater.http.tls]
+        options = "default"
+        certResolver = "le"
+    [entryPoints.websecure_updater.http3]
+      advertisedPort = 8443
+
 [providers]
   [providers.docker]
     endpoint = "http://dockersocket:2375"
-- 
GitLab