pool/traefik
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1200844 from devel:kubic

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/1200844
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/traefik?expand=0&rev=21
This commit is contained in:
Ana Guerrero 2024-09-18 13:26:56 +00:00 committed by Git OBS Bridge
commit 52bb3c603c
4 changed files with 59 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
90-traefik.conf Normal file
View File

@ -0,0 +1,9 @@
#
# Increase the maximum UDP Buffer size to prevent dropping
# incoming packaets by the kernel
#
# https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes
#
net.core.rmem_max=7500000
net.core.wmem_max=7500000

12
traefik.changes
View File

@ -1,3 +1,15 @@
-------------------------------------------------------------------
Thu Sep 12 14:50:28 UTC 2024 - Johannes Weberhofer <jweberhofer@weberhofer.at>
- Moved /etc/traefik/acme.json to /var/lib/traefik/acme.json to allow traefik
running with "ProtectSystem=full" write access to the certificate store.
The acme.json file will be automatically moved and the configuration will be
updated accordingly.
- Added /usr/lib/sysctl.d/90-itraefik.conf to increase UDP Buffer sizes as explained
at https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Aug 7 08:03:10 UTC 2024 - Johannes Weberhofer <jweberhofer@weberhofer.at> Wed Aug 7 08:03:10 UTC 2024 - Johannes Weberhofer <jweberhofer@weberhofer.at>

38
traefik.spec
View File

@ -36,6 +36,7 @@ Source1: vendor.tar.gz
Source2: %{name}.service Source2: %{name}.service
Source3: %{name}.yml Source3: %{name}.yml
Source4: %{name}-user.conf Source4: %{name}-user.conf
Source5: 90-%{name}.conf
BuildRequires: go-bindata BuildRequires: go-bindata
BuildRequires: golang-packaging BuildRequires: golang-packaging
BuildRequires: systemd-rpm-macros BuildRequires: systemd-rpm-macros
@ -94,6 +95,13 @@ ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}
install -D -p -m 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/%{name}/%{name}.yml install -D -p -m 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/%{name}/%{name}.yml
mkdir -p %{buildroot}%{_sysconfdir}/%{name}/conf.d mkdir -p %{buildroot}%{_sysconfdir}/%{name}/conf.d
# install configuration to increase UDP buffer sizes
install -D -p -m 0644 %{SOURCE5} %{buildroot}%{_prefix}/lib/sysctl.d/90-%{name}.conf
# acme storage
install -d -m 0700 %{buildroot}%{_localstatedir}/lib/%{name}
touch %{buildroot}%{_localstatedir}/lib/%{name}/acme.json
# logging # logging
mkdir -p %{buildroot}%{_localstatedir}/log/%{name} mkdir -p %{buildroot}%{_localstatedir}/log/%{name}
@ -106,6 +114,30 @@ mkdir -p %{buildroot}%{_localstatedir}/log/%{name}
# fix ownership for config and logging directory # fix ownership for config and logging directory
chown -R traefik: %{_sysconfdir}/%{name} %{_localstatedir}/log/%{name} chown -R traefik: %{_sysconfdir}/%{name} %{_localstatedir}/log/%{name}
# try to move acme.json file from old directory to new
if [ -e "%{_sysconfdir}/%{name}/acme.json" ] ; then
if [ -s "%{_sysconfdir}/%{name}/acme.json" ] ; then
if [ -s "%{_localstatedir}/lib/%{name}/acme.json" ] ; then
# if not-empty acme.json files exists on old and new location, write warning
echo "A non-empty acme.json file exists in:" 1>&2
echo "%{_sysconfdir}/%{name} and %{_localstatedir}/lib/%{name}" 1>&2
echo "Please clean up this situation and place the correct file in %{_localstatedir}/lib/%{name}" 1>&2
else
# if not-empty acme.json exists on old location and no file or empty file exists on new location
# move it to the new location
mv "%{_sysconfdir}/%{name}/acme.json" "%{_localstatedir}/lib/%{name}/acme.json"
sed -i -e 's|%{_sysconfdir}/traefik/acme.json|%{_localstatedir}/lib/traefik/acme.json|' %{_sysconfdir}/%{name}/%{name}.yml
fi
else
# remove empty acme.json file from old location
rm "%{_sysconfdir}/%{name}/acme.json"
sed -i -e 's|%{_sysconfdir}/traefik/acme.json|%{_localstatedir}/lib/traefik/acme.json|' %{_sysconfdir}/%{name}/%{name}.yml
fi
fi
# fix ownership for acme file
chown -R traefik: %{_localstatedir}/lib/%{name}/*
%preun %preun
%service_del_preun %{name}.service %service_del_preun %{name}.service
@ -121,11 +153,15 @@ chown -R traefik: %{_sysconfdir}/%{name} %{_localstatedir}/log/%{name}
%{_unitdir}/%{name}.service %{_unitdir}/%{name}.service
%{_sbindir}/rc%{name} %{_sbindir}/rc%{name}
%{_prefix}/lib/sysctl.d/90-%{name}.conf
%defattr(0660, traefik, traefik, 0750) %defattr(0600, traefik, traefik, 0700)
%dir %{_sysconfdir}/%{name} %dir %{_sysconfdir}/%{name}
%dir %{_sysconfdir}/%{name}/conf.d %dir %{_sysconfdir}/%{name}/conf.d
%dir %{_localstatedir}/lib/%{name}
%config(noreplace) %{_localstatedir}/lib/%{name}/acme.json
%config(noreplace) %{_sysconfdir}/%{name}/%{name}.yml %config(noreplace) %{_sysconfdir}/%{name}/%{name}.yml
%dir %{_localstatedir}/log/%{name} %dir %{_localstatedir}/log/%{name}

2
traefik.yml
View File

@ -147,7 +147,7 @@ providers:
# letsencryptResolver: # letsencryptResolver:
# acme: # acme:
# email: your@email # email: your@email
# storage: /etc/traefik/acme.json # storage: /var/lib/traefik/acme.json
# httpChallenge: # httpChallenge:
# entryPoint: web # entryPoint: web