X-Git-Url: https://git.arvados.org/arvados-formula.git/blobdiff_plain/257615eab47f9d4bf64694dc0aac9dfff4e8edc4..5bf76f78a2eaa11ab18edb0c3fe9fdc78e6368c0:/test/salt/pillar/examples/nginx_webshell_configuration.sls

diff --git a/test/salt/pillar/examples/nginx_webshell_configuration.sls b/test/salt/pillar/examples/nginx_webshell_configuration.sls
index e28fb9a..050adf9 100644
--- a/test/salt/pillar/examples/nginx_webshell_configuration.sls
+++ b/test/salt/pillar/examples/nginx_webshell_configuration.sls
@@ -1,15 +1,39 @@
 ---
+# This parameter will be used here to generate a list of upstreams and vhosts.
+# This dict is here for convenience and should be managed some other way, but the
+# different ways of orchestration that can be used for this are outside the scope
+# of this formula and their examples.
+# These upstreams should match those defined in `arvados:cluster:resources:virtual_machines`
+{% set webshell_virtual_machines = {
+  'shell1': {
+    'name': 'webshell1',
+    'backend': '1.2.3.4',
+    'port': 4200,
+  },
+  'shell.internal': {},
+  'webshell3': {
+    'backend': '4.3.2.1',
+    'port': 4500,
+  }
+}
+%}
+
 ### NGINX
 nginx:
   ### SERVER
   server:
     config:
-
       ### STREAMS
       http:
-        {%- for shell_node, params in %}
-        upstream webshell_upstream:
-          - server: 'shell.internal:4200 fail_timeout=10s'
+        {%- for vm, params in webshell_virtual_machines.items() %}
+          {%- set vm_name = params.name | default(vm) %}
+          {%- set vm_backend = params.backend | default(vm_name) %}
+          {%- set vm_port = params.port | default(4200) %}
+
+        upstream {{ vm_name }}_upstream:
+          - server: '{{ vm_backend }}:{{ vm_port }} fail_timeout=10s'
+
+        {%- endfor %}
 
   ### SITES
   servers:
@@ -36,8 +60,10 @@ nginx:
             - listen:
               - 443 http2 ssl
             - index: index.html index.htm
-            - location /shell.fixme.example.net:
-              - proxy_pass: 'http://webshell_upstream'
+            {%- for vm, params in webshell_virtual_machines.items() %}
+              {%- set vm_name = params.name | default(vm) %}
+            - location /{{ vm_name }}:
+              - proxy_pass: 'http://{{ vm_name }}_upstream'
               - proxy_read_timeout: 90
               - proxy_connect_timeout: 90
               - proxy_set_header: 'Host $http_host'
@@ -64,6 +90,7 @@ nginx:
                 - add_header: "'Access-Control-Allow-Origin' '*'"
                 - add_header: "'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'"
                 - add_header: "'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'"
+            {%- endfor %}
             - include: 'snippets/ssl_hardening_default.conf'
             # - include: 'snippets/letsencrypt.conf'
             - include: 'snippets/ssl_snakeoil.conf'