Page MenuHomeDevCentral
Files F10814227

No OneTemporary
Actions

View Options

diff --git a/roles/paas-docker/containers/auth-grove.sls b/roles/paas-docker/containers/auth-grove.sls
index 3085ceb..36a60e1 100644
--- a/roles/paas-docker/containers/auth-grove.sls
+++ b/roles/paas-docker/containers/auth-grove.sls
@@ -1,64 +1,72 @@
# -------------------------------------------------------------
# Salt — Provision Docker engine
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2016-05-21
# License: Trivial work, not eligible to copyright
# Description: SSO for Nasqueron services.
# Image: nasqueron/auth-grove
# Services used: MySQL server (acquisitariat)
# Docker volume (/data/login/storage)
# -------------------------------------------------------------
{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
{% for instance, container in pillar['docker_containers']['auth-grove'].items() %}
# -------------------------------------------------------------
# Data directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
/srv/{{ instance }}/storage:
file.directory:
- user: 431
- group: 433
- makedirs: True
+{% for subdir in ["sessions", "views", "cache"] %}
+/srv/{{ instance }}/storage/framework/{{ subdir }}:
+ file.directory:
+ - user: 431
+ - group: 433
+ - makedirs: True
+{% endfor %}
+
{% if has_selinux %}
selinux_context_{{ instance }}_data:
selinux.fcontext_policy_present:
- name: /srv/{{ instance }}/storage
- sel_type: container_file_t
selinux_context_{{ instance }}_data_applied:
selinux.fcontext_policy_applied:
- name: /srv/{{ instance }}/storage
{% endif %}
# -------------------------------------------------------------
# Container
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{{ instance }}:
docker_container.running:
- detach: True
- interactive: True
- image: nasqueron/auth-grove
- links: {{ container['mysql_link'] }}:mysql
- environment:
- DB_DRIVER: mysql
- DB_HOST: mysql
- DB_PORT: 3306
- DB_DATABASE: {{ instance }}
- DB_USERNAME: {{ salt['credentials.get_username'](container['credential']) }}
- DB_PASSWORD: {{ salt['credentials.get_password'](container['credential']) }}
- CANONICAL_URL: https://{{ container['host'] }}
- TRUST_ALL_PROXIES: 1
- binds: /srv/{{ instance }}/storage:/var/wwwroot/default/storage
- ports:
- 80
- port_bindings:
- 127.0.0.1:{{ container['app_port'] }}:80
{% endfor %}
diff --git a/roles/paas-docker/containers/notifications.sls b/roles/paas-docker/containers/notifications.sls
index 47ed342..f444c8b 100644
--- a/roles/paas-docker/containers/notifications.sls
+++ b/roles/paas-docker/containers/notifications.sls
@@ -1,113 +1,121 @@
# -------------------------------------------------------------
# Salt — Provision Docker engine
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2016-01-23
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
{% for instance, container in pillar['docker_containers']['notifications'].items() %}
# -------------------------------------------------------------
# Storage directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
/srv/{{ instance }}/storage:
file.directory:
- user: 431
- group: 433
- makedirs: True
+{% for subdir in ["sessions", "views", "cache"] %}
+/srv/{{ instance }}/storage/framework/{{ subdir }}:
+ file.directory:
+ - user: 431
+ - group: 433
+ - makedirs: True
+{% endfor %}
+
/srv/{{ instance }}/storage/app/credentials.json:
file.managed:
- user: 431
- group: 433
- mode: 400
- makedirs: True
- show_changes: False
- contents: |
{{ salt['notifications.get_credentials']() | json }}
/srv/{{ instance }}/storage/app/DockerHubTriggers.json:
file.managed:
- user: 431
- group: 433
- mode: 400
- show_changes: False
- contents: |
{{ salt['notifications.get_dockerhub_triggers']() | json }}
{% for folder, configs in salt['pillar.get']("notifications_configuration", {}).items() %}
{% for config_file, config in configs.items() %}
/srv/{{ instance }}/storage/app/{{ folder }}/{{ config_file }}.json:
file.managed:
- user: 431
- group: 433
- makedirs: True
- contents: |
{{ config | json }}
{% endfor %}
{% endfor %}
{% if has_selinux %}
selinux_context_notifications_data_{{ instance }}:
selinux.fcontext_policy_present:
- name: /srv/{{ instance }}/storage
- sel_type: container_file_t
selinux_context_notifications_data_applied_{{ instance }}:
selinux.fcontext_policy_applied:
- name: /srv/{{ instance }}/storage
{% endif %}
# -------------------------------------------------------------
# Container
#
# Image: nasqueron/notifications
# Description: Listen to webhooks, fire notifications to
# the broker. Used for CI / IRC notifications.
# Services used: RabbitMQ broker (white-rabbit)
# Docker volume (/srv/notifications/storage)
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{% if "network" in container %}
{% set broker = container['broker'] %}
{% else %}
{% set broker = "mq" %}
{% endif %}
{{ instance }}:
docker_container.running:
- detach: True
- interactive: True
- image: nasqueron/notifications
- binds: /srv/{{ instance }}/storage:/var/wwwroot/default/storage
{% if "network" in container %}
- networks:
- {{ container['network'] }}
{% else %}
- links:
- {{ container['broker_link'] }}:mq
{% endif %}
- environment:
- BROKER_HOST: {{ broker }}
- BROKER_USERNAME: {{ salt['credentials.get_username'](container['credentials']['broker']) }}
- BROKER_PASSWORD: {{ salt['credentials.get_password'](container['credentials']['broker']) }}
- BROKER_VHOST: dev
{% if "mailgun" in container["credentials"] %}
- MAILGUN_DOMAIN: {{ salt['credentials.get_username'](container['credentials']['mailgun']) }}
- MAILGUN_APIKEY: {{ salt['credentials.get_password'](container['credentials']['mailgun']) }}
{% endif %}
- SENTRY_DSN: {{ salt['credentials.get_sentry_dsn'](container["sentry"]) }}
- SENTRY_TRACES_SAMPLE_RATE: 1.0
- SENTRY_ENVIRONMENT: {{ container["sentry"].get("environment", "production") }}
- ports:
- 80
- port_bindings:
- {{ container['app_port'] }}:80
{% endfor %}

File Metadata

Mime Type
text/x-diff
Expires
Tue, Jul 29, 14:29 (11 h, 25 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2853141
Default Alt Text
(6 KB)

Event Timeline

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator