diff --git a/pillar/nodes/nodes.sls b/pillar/nodes/nodes.sls
--- a/pillar/nodes/nodes.sls
+++ b/pillar/nodes/nodes.sls
@@ -138,6 +138,34 @@
netmask: *intranought_netmask
gateway: 172.27.27.1
+ docker-002:
+ forest: nasqueron-infra
+ hostname: docker-002.nasqueron.org
+ roles:
+ - paas-docker
+ - paas-docker-prod
+ network:
+ ipv6_tunnel: True
+
+ canonical_public_ipv4: 51.255.124.9
+
+ interfaces:
+ public:
+ device: ens192
+ uuid: d55e0fec-f90b-3014-a458-9067ff8f2520
+ ipv4:
+ address: 51.255.124.10
+ netmask: *intranought_netmask
+ gateway: 51.210.99.254
+
+ intranought:
+ device: ens224
+ uuid: 57c04bcc-929b-3177-a2e3-88f84f210721
+ ipv4:
+ address: 172.27.27.5
+ netmask: *intranought_netmask
+ gateway: 172.27.27.1
+
router-001:
forest: nasqueron-infra
hostname: router-001.nasqueron.org
diff --git a/pillar/paas/docker.sls b/pillar/paas/docker.sls
--- a/pillar/paas/docker.sls
+++ b/pillar/paas/docker.sls
@@ -7,8 +7,8 @@
# -------------------------------------------------------------
docker_aliases:
- - &ipv4_docker001 51.255.124.9
- - &ipv4_docker001_restricted 51.255.124.9
+ - &ipv4_docker002 51.255.124.9
+ - &ipv4_docker002_restricted 172.27.27.5
# -------------------------------------------------------------
# Images
@@ -27,7 +27,7 @@
# Core services
- nasqueron/mysql:5.7
- docker-001:
+ docker-002:
# Core services
- library/postgres
- library/redis:3.2-alpine
@@ -83,7 +83,7 @@
subnet: 172.21.3.0/24
jenkinsTest:
subnet: 172.21.5.0/24
- docker-001:
+ docker-002:
cd:
subnet: 172.18.1.0/24
ci:
@@ -94,21 +94,12 @@
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
docker_daemon:
- docker-001:
- storage-driver: devicemapper
- storage-opts:
- - "dm.thinpooldev=/dev/mapper/wharf-thinpool"
- - "dm.use_deferred_removal=true"
- - "dm.use_deferred_deletion=true"
-
+ docker-002:
+ data-root: /srv/docker
dwellers:
data-root: /srv/docker
group: nasqueron-dev-docker
-docker_devicemapper:
- docker-001:
- thinpool: wharf-thinpool
-
# -------------------------------------------------------------
# Containers
#
@@ -198,9 +189,9 @@
realm: nasqueron
#
- # Current production engine
+ # Production engine
#
- docker-001:
+ docker-002:
#
# Core services
@@ -218,15 +209,6 @@
sentry_db:
credential: nasqueron.sentry.postgresql
- rabbitmq:
- white-rabbit:
- ip: *ipv4_docker001_restricted
- host: white-rabbit.nasqueron.org
- app_port: 15672
- credentials:
- erlang_cookie: nasqueron/rabbitmq/white-rabbit/erlang-cookie
- root: nasqueron/rabbitmq/white-rabbit/root
-
redis:
sentry_redis: {}
pixelfed_redis: {}
@@ -240,102 +222,24 @@
- 127.0.0.1
# Dwellers
- - 51.255.124.11
- - 2001:470:1f13:30b:ca5:cade:fab:1e
-
- # docker-001
- - 51.255.124.9
- - 2001:470:1f13:365::50f7:ba11
+ - 172.27.27.4
- #
- # Let's Encrypt
- #
+ # docker-002
+ - 172.27.27.5
- acme_dns:
- acme:
- ip: *ipv4_docker001
- app_port: 41080
- host: acme.nasqueron.org
- nsadmin: ops.nasqueron.org
+ rabbitmq:
+ white-rabbit:
+ ip: *ipv4_docker002_restricted
+ host: white-rabbit.nasqueron.org
+ app_port: 15672
+ credentials:
+ erlang_cookie: nasqueron/rabbitmq/white-rabbit/erlang-cookie
+ root: nasqueron/rabbitmq/white-rabbit/root
#
- # CI and CD
+ # Phabricator
#
- jenkins:
- jenkins_cd:
- realm: cd
- host: cd.nasqueron.org
- app_port: 38080
- jnlp_port: 50000
- jenkins_ci:
- realm: ci
- host: ci.nasqueron.org
- app_port: 42080
- jnlp_port: 55000
-
- jenkins_agent:
- # Agents for CD
-
- apsile: &php_for_cd
- image_flavour: php
- realm: cd
-
- elapsi: *php_for_cd
-
- rust_brown:
- image_flavour: rust
- realm: cd
-
- yarabokin:
- image_flavour: node
- realm: cd
-
- # Agents for CI
-
- zateki: &php_for_ci
- image_flavour: php
- realm: ci
-
- zenerre:
- <<: *php_for_ci
- version: 7.4.23
-
- tommy:
- tommy_ci:
- app_port: 24080
- host: builds.nasqueron.org
- aliases:
- - build.nasqueron.org
- jenkins_url: https://ci.nasqueron.org
- jenkins_multi_branch: True
-
- tommy_cd:
- # No host definition, as this dashboard is mounted on infra.nasqueron.org
- app_port: 24180
- jenkins_url: https://cd.nasqueron.org
-
- # Infrastructure and development services
-
- hound:
- hound:
- app_port: 44080
- host: code.nasqueron.org
- github_account: nasqueron
-
- notifications:
- notifications:
- host: notifications.nasqueron.org
- app_port: 37080
- broker_link: white-rabbit
- credentials:
- broker: nasqueron.notifications.broker
- mailgun: nasqueron.notifications.mailgun
- sentry:
- realm: nasqueron
- project_id: 2
- credential: nasqueron.notifications.sentry
-
phabricator:
# Nasqueron instance
devcentral:
@@ -407,13 +311,26 @@
client: 22280
admin: 22281
- cachet:
- cachet:
- app_port: 39080
- host: status.nasqueron.org
- credential: nasqueron.cachet.mysql
- app_key: nasqueron.cachet.app_key
- mysql_link: acquisitariat
+ #
+ # Notifications center
+ #
+
+ notifications:
+ notifications:
+ host: notifications.nasqueron.org
+ app_port: 37080
+ broker_link: white-rabbit
+ credentials:
+ broker: nasqueron.notifications.broker
+ mailgun: nasqueron.notifications.mailgun
+ sentry:
+ realm: nasqueron
+ project_id: 2
+ credential: nasqueron.notifications.sentry
+
+ #
+ # Community and development services
+ #
etherpad:
pad:
@@ -425,6 +342,99 @@
credential: nasqueron.etherpad.api
mysql_link: acquisitariat
+ # Hauk
+ hauk:
+ hauk:
+ app_port: 43080
+ host: geo.nasqueron.org
+ api_entry_point: /hauk
+
+ #
+ # Let's Encrypt
+ #
+
+ acme_dns:
+ acme:
+ ip: *ipv4_docker002
+ app_port: 41080
+ host: acme.nasqueron.org
+ nsadmin: ops.nasqueron.org
+
+ #
+ # CI and CD
+ #
+
+ jenkins:
+ jenkins_cd:
+ realm: cd
+ host: cd.nasqueron.org
+ app_port: 38080
+ jnlp_port: 50000
+ jenkins_ci:
+ realm: ci
+ host: ci.nasqueron.org
+ app_port: 42080
+ jnlp_port: 55000
+
+ jenkins_agent:
+ # Agents for CD
+
+ apsile: &php_for_cd
+ image_flavour: php
+ realm: cd
+
+ elapsi: *php_for_cd
+
+ rust_brown:
+ image_flavour: rust
+ realm: cd
+
+ yarabokin:
+ image_flavour: node
+ realm: cd
+
+ # Agents for CI
+
+ zateki: &php_for_ci
+ image_flavour: php
+ realm: ci
+
+ zenerre:
+ <<: *php_for_ci
+ version: 7.4.23
+
+ tommy:
+ tommy_ci:
+ app_port: 24080
+ host: builds.nasqueron.org
+ aliases:
+ - build.nasqueron.org
+ jenkins_url: https://ci.nasqueron.org
+ jenkins_multi_branch: True
+
+ tommy_cd:
+ # No host definition, as this dashboard is mounted on infra.nasqueron.org
+ app_port: 24180
+ jenkins_url: https://cd.nasqueron.org
+
+ #
+ # Infrastructure and development services
+ #
+
+ hound:
+ hound:
+ app_port: 44080
+ host: code.nasqueron.org
+ github_account: nasqueron
+
+ cachet:
+ cachet:
+ app_port: 39080
+ host: status.nasqueron.org
+ credential: nasqueron.cachet.mysql
+ app_key: nasqueron.cachet.app_key
+ mysql_link: acquisitariat
+
auth-grove:
login:
app_port: 25080
@@ -451,7 +461,7 @@
# Openfire
openfire:
openfire:
- ip: *ipv4_docker001
+ ip: *ipv4_docker002
app_port: 9090
host: xmpp.nasqueron.org
@@ -478,13 +488,6 @@
title: Nasqueron Photos
max_album_length: 16
- # Hauk
- hauk:
- hauk:
- app_port: 43080
- host: geo.nasqueron.org
- api_entry_point: /hauk
-
# Sentry
# The Sentry instance uses a Redis and a PostgreSQL instance,
# declared above.
diff --git a/pillar/top.sls b/pillar/top.sls
--- a/pillar/top.sls
+++ b/pillar/top.sls
@@ -25,8 +25,7 @@
complector:
- credentials.vault
- docker-001:
- - credentials.zr
+ docker-002:
- notifications.config
- paas.docker
- saas.jenkins
diff --git a/roles/core/motd/files/docker-002 b/roles/core/motd/files/docker-002
new file mode 100644
--- /dev/null
+++ b/roles/core/motd/files/docker-002
@@ -0,0 +1,14 @@
+
+ docker-002 ______
+ \ \
+ A Nasqueron infra- \ \ IP: {{ ipv4_address }}
+ structure server. \ \_ GW: {{ ipv4_gateway }}
+ _\ \
+ PaaS Docker \ \
+ \ \_
+ The containers hosted _\ \
+ here are in production. \ \
+ \ \_
+ /// /// /// /// /// /// _\ \
+ \ \
+___________________________________\ \_________mic'03
diff --git a/roles/core/network/files/ipv6-tunnels/equatower.sh.jinja b/roles/core/network/files/ipv6-tunnels/docker-002.sh.jinja
rename from roles/core/network/files/ipv6-tunnels/equatower.sh.jinja
rename to roles/core/network/files/ipv6-tunnels/docker-002.sh.jinja
diff --git a/top.sls b/top.sls
--- a/top.sls
+++ b/top.sls
@@ -31,7 +31,7 @@
- roles/opensearch
'db-A-001':
- roles/dbserver-pgsql
- 'docker-001':
+ 'docker-002':
- roles/paas-docker
'dwellers':
- roles/paas-docker/docker