Skip to content

Extracting proxy role and preparing for CDK#47

Draft
citizen-stig wants to merge 11 commits intomainfrom
nikolai/extracting-proxy-role
Draft

Extracting proxy role and preparing for CDK#47
citizen-stig wants to merge 11 commits intomainfrom
nikolai/extracting-proxy-role

Conversation

@citizen-stig
Copy link
Member

@citizen-stig citizen-stig commented Jan 7, 2026
edited
Loading

Following params can be present in runtime_vars for proxy:

deployment_name: "nikolai-ansible-proxy-2"
switches: "cp"  # Commmon + proxy
disk_profile: "aws_simple" # Can do different or skpi
proxy_rollup_leader_ip: "127.0.0.1"
rollup_http_port: 12346
proxy_ssl_enabled: true
proxy_domain_name: "foo-rollup-1.sov-obs.xyz"
proxy_unlimited_domains: ["bar-rollup-1.sov-obs.xyz","baz-rollup-1.sov-obs.xyz"]
proxy_rate_limit_enabled: true
proxy_rate_limit_exempt_ips: ["37.27.235.102", " 37.27.235.103"]
proxy_enable_logs_export: false

Adds https://docs.influxdata.com/telegraf/v1/input-plugins/nginx/ inputs

Screenshot 2026-01-07 at 14 23 26

@citizen-stig citizen-stig changed the title Nikolai/extracting proxy role Extracting proxy role and preparing for CDK Jan 7, 2026
@citizen-stig citizen-stig marked this pull request as ready for review January 7, 2026 13:28
@citizen-stig
Copy link
Member Author

citizen-stig commented Jan 7, 2026

Added a fix for swagger being usable by setting public_address value in rollup_config.toml:

Screenshot 2026-01-07 at 15 25 15 Screenshot 2026-01-07 at 15 25 24

preston-evans98
preston-evans98 reviewed Jan 9, 2026
View reviewed changes
roles/proxy/tasks/main.yaml
# =============================================================================
# SSL Certificate Acquisition
# =============================================================================
- name: Build certbot domain arguments
Copy link
Member

@preston-evans98 preston-evans98 Jan 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry, I know we're tracking a moving target here - but we'll need to add the s3 fetch and sync logic from https://github.com/Sovereign-Labs/sov-rollup-cdk-starter/pull/50

Copy link
Member Author

@citizen-stig citizen-stig Jan 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep, I will convert this PR to draft.

preston-evans98
preston-evans98 reviewed Jan 9, 2026
View reviewed changes
Copy link
Member

@preston-evans98 preston-evans98 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me, other than needing support for the zero-downtime proxy replacement changes that just merged into CDK.

I assume you've tested this out with a personal CDK deploy already. If not, that's probably worth doing before merging as well.

@citizen-stig citizen-stig marked this pull request as draft January 9, 2026 19:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@preston-evans98 preston-evans98 preston-evans98 left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@citizen-stig @preston-evans98