Page Menu
Home
DevCentral
Search
Configure Global Search
Log In
Files
F24894490
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
13 KB
Referenced Files
None
Subscribers
None
View Options
diff --git a/pillar/paas/alkane/web-001/main.sls b/pillar/paas/alkane/web-001/main.sls
index e572a12..564d822 100644
--- a/pillar/paas/alkane/web-001/main.sls
+++ b/pillar/paas/alkane/web-001/main.sls
@@ -1,183 +1,183 @@
# -------------------------------------------------------------
# Salt — PaaS Alkane :: PHP and static sites [production]
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
web_aliases:
services:
- &db-B 172.27.27.9
# -------------------------------------------------------------
# Domains we deploy
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
web_domains:
#
# Directly managed by Nasqueron
#
nasqueron:
- nasqueron.org
- ook.space
#
# Nasqueron members
#
nasqueron_members:
- dereckson.be
#
# Projects ICT is managed by Nasqueron
#
espacewin:
- espace-win.org
wolfplex:
- wolfplex.org
# -------------------------------------------------------------
# Static sites
#
# Sites to deploy from the staging repository
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
web_static_sites:
dereckson.be:
- assets
nasqueron.org:
- www
- assets
- docker
- ftp
- launch
- trustspace
wolfplex.org:
- www
- assets
# -------------------------------------------------------------
# PHP sites
#
# Username must be unique and use max 31 characters.
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
php_fpm_instances:
# PHP current version, generally installed as package/port
prod:
command: /usr/local/sbin/php-fpm
web_php_sites:
# Nasqueron members
www.dereckson.be:
domain: dereckson.be
subdomain: www
user: web-be-dereckson-www
source: wwwroot/dereckson.be/www
target: /var/wwwroot/dereckson.be/www
php-fpm: prod
capabilities:
- wordpress
# Directly managed by Nasqueron
api.nasqueron.org:
domain: nasqueron.org
subdomain: api
user: web-org-nasqueron-api-serverslog
php-fpm: prod
env:
SERVERS_LOG_FILE: /srv/api/data/servers-log-all.json
wikis.nasqueron.org:
domain: nasqueron.org
subdomain: wikis
user: mediawiki
php-fpm: prod
skipCreateUser: True
env:
MEDIAWIKI_ENTRY_POINT: /srv/mediawiki/index.php
DB_HOST: *db-B
DB_USER: saas-mediawiki
# Espace Win
www.espace-win.org:
domain: espace-win.org
subdomain: www
user: web-org-espacewin-www
source: wwwroot/espace-win.org/www
target: /var/wwwroot/espace-win.org/www
php-fpm: prod
# Wolfplex Hackerspace
www.wolfplex.org:
domain: wolfplex.org
subdomain: www
user: web-org-wolfplex-www
php-fpm: prod
env:
DATASTORE: /var/dataroot/wolfplex
CREDENTIAL_PATH_DATASOURCES_SECURITYDATA: /var/dataroot/wolfplex/secrets.json
# -------------------------------------------------------------
# nginx configuration
#
# Configuration files to provision to vhosts/
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
nginx_vhosts:
dereckson.be:
- assets
- hg
- www
espace-win.org:
- cosmo
- www
nasqueron.org:
- api
- assets
- autoconfig
- daeghrefn
- docker
- docs
- ftp
- infra
- join
- labs
- launch
- rain
- trustspace
- www
test.ook.space:
- migration.mediawiki
wolfplex.org:
- api
- assets
- www
# -------------------------------------------------------------
# Credentials
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
webserver_content_dotenv:
/var/wwwroot/dereckson.be/www/.env:
user: web-be-dereckson-www
- db:
- service: db-B
- credentials: dbserver/cluster-B/users/dereckson_www
+ databases:
+ - service: db-B
+ credentials: dbserver/cluster-B/users/dereckson_www
# -------------------------------------------------------------
# Alkane deployment recipes
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
alkane_recipes:
www.nasqueron.org:
init: standard-init.sh
update: standard-update.sh
diff --git a/pillar/paas/alkane/web-001/zed.sls b/pillar/paas/alkane/web-001/zed.sls
index c0a9d4d..b38fa95 100644
--- a/pillar/paas/alkane/web-001/zed.sls
+++ b/pillar/paas/alkane/web-001/zed.sls
@@ -1,51 +1,51 @@
# -------------------------------------------------------------
# Salt — PaaS Alkane :: PHP and static sites [production]
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
# -------------------------------------------------------------
# nginx, php-fpm
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
web_domains:
zed:
- hypership.space
nginx_vhosts:
hypership.space:
- www
web_php_sites:
hypership.space:
domain: hypership.space
subdomain: www
user: web-space-hypership-www
php-fpm: prod
env:
CACHE_DIR: /var/dataroot/zed/cache
CONTENT_DIR: /var/dataroot/zed/content
# -------------------------------------------------------------
# Credentials
#
# :: deployment
# :: .env
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
wwwroot_identities:
deploy-key-github-hypership-content_users:
secret: nasqueron/deploy/deploy_keys/by_repo/github/hypership/content_users
path: /opt/salt/security/id_zed_github_hypership_content_users
webserver_content_dotenv:
/var/wwwroot/hypership.space/www/.env:
user: web-space-hypership-www
- db:
- service: db-B
- credentials: dbserver/cluster-B/users/zed
+ databases:
+ - service: db-B
+ credentials: dbserver/cluster-B/users/zed
extra_values:
DB_NAME: zed_prod
extra_credentials:
ZED_SECRET_KEY: zed/hypership/secret_key
diff --git a/pillar/paas/alkane/windriver/main.sls b/pillar/paas/alkane/windriver/main.sls
index c44f053..5bdd820 100644
--- a/pillar/paas/alkane/windriver/main.sls
+++ b/pillar/paas/alkane/windriver/main.sls
@@ -1,139 +1,139 @@
# -------------------------------------------------------------
# Salt — PaaS Alkane :: PHP and static sites [development]
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
web_aliases:
services:
- &db-B 172.27.27.9
# -------------------------------------------------------------
# Domains we deploy
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
web_domains:
#
# Directly managed by Nasqueron
#
nasqueron:
- nasqueron.org
- ook.space
#
# Nasqueron members
#
nasqueron_members:
- dereckson.be
- hypership.space
#
# Projects ICT is managed by Nasqueron
#
espacewin:
- espace-win.org
wolfplex:
- wolfplex.org
# -------------------------------------------------------------
# Static sites
#
# Sites to deploy from the staging repository
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
web_static_sites:
nasqueron.org:
- docker51
- packages
- rain51
- www51
# -------------------------------------------------------------
# PHP sites
#
# Username must be unique and use max 31 characters.
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
php_fpm_instances:
# PHP current version, generally installed as package/port
prod:
command: /usr/local/sbin/php-fpm
web_php_sites:
# Nasqueron
tools51.nasqueron.org:
domain: nasqueron.org
subdomain: tools51
user: web-org-nasqueron-tools51
php-fpm: prod
# Nasqueron members
mediawiki.dereckson.be:
domain: dereckson.be
subdomain: mediawiki
user: web-be-dereckson-mw
php-fpm: prod
www51.dereckson.be:
domain: dereckson.be
subdomain: www51
user: web-be-dereckson-www51
php-fpm: prod
# Zed
zed51.dereckson.be:
domain: dereckson.be
subdomain: zed51
user: web-be-dereckson-zed51
php-fpm: prod
env:
CACHE_DIR: /var/dataroot/zed/cache
CONTENT_DIR: /var/dataroot/zed/content
# Espace Win
www51.espace-win.org:
domain: espace-win.org
subdomain: www51
user: web-org-espacewin-www51
php-fpm: prod
# -------------------------------------------------------------
# nginx configuration
#
# Configuration files to provision to vhosts/
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
nginx_vhosts:
dereckson.be:
- mediawiki
- scherzo
- www51
- zed51
espace-win.org:
- grip
nasqueron.org:
- api51
- grafana
- packages
- tools51
- www51
# -------------------------------------------------------------
# Credentials
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
webserver_content_dotenv:
/var/51-wwwroot/dereckson-www/.env:
user: web-be-dereckson-www51
- db:
- service: db-B
- credentials: dbserver/cluster-B/users/dereckson_www51
+ databases:
+ - service: db-B
+ credentials: dbserver/cluster-B/users/dereckson_www51
diff --git a/pillar/paas/alkane/windriver/obsidian.sls b/pillar/paas/alkane/windriver/obsidian.sls
index ae4a316..aa27c48 100644
--- a/pillar/paas/alkane/windriver/obsidian.sls
+++ b/pillar/paas/alkane/windriver/obsidian.sls
@@ -1,41 +1,41 @@
# -------------------------------------------------------------
# Salt — PaaS Alkane :: PHP and static sites [development]
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# License: Trivial work, not eligible to copyright
# Site: https://obsidian51.nasqueron.org
# -------------------------------------------------------------
# -------------------------------------------------------------
# PHP sites
#
# Username must be unique and use max 31 characters.
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
web_php_sites:
obsidian51.nasqueron.org:
domain: nasqueron.org
subdomain: obsidian51
user: web-org-nasqueron-obsidian51
php-fpm: prod
# -------------------------------------------------------------
# Vhosts
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
nginx_vhosts:
nasqueron.org:
- obsidian51
# -------------------------------------------------------------
# .env configuration files
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
webserver_content_dotenv:
/var/51-wwwroot/obsidian/.env:
user: web-org-nasqueron-obsidian51
- db:
- service: db-B
- credentials: dbserver/cluster-B/users/obsidian51
+ databases:
+ - service: db-B
+ credentials: dbserver/cluster-B/users/obsidian51
extra_values:
DB_NAME: obsidian51
diff --git a/roles/webserver-content/_generic/init.sls b/roles/webserver-content/_generic/init.sls
index 5d19589..62ecadf 100644
--- a/roles/webserver-content/_generic/init.sls
+++ b/roles/webserver-content/_generic/init.sls
@@ -1,43 +1,42 @@
# -------------------------------------------------------------
# Salt — Webserver content
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
# -------------------------------------------------------------
# .env
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{% for env_path, env_args in pillar.get("webserver_content_dotenv", {}).items() %}
-{% set db_credentials = env_args["db"]["credentials"] %}
-
{{ env_path }}:
file.managed:
- source: salt://roles/webserver-content/_generic/files/dot.env
- mode: 400
- user: {{ env_args["user"] }}
- show_changes: False
- template: jinja
- context:
environment:
- {% if "db" in env_args %}
- DB_HOST: {{ pillar["nasqueron_services"][env_args["db"]["service"]] }}
- DB_USER: {{ salt["credentials.get_username"](db_credentials) }}
- DB_PASSWORD: {{ salt["credentials.get_password"](db_credentials) }}
- {% endif %}
+ {% for db in env_args.get("databases", {}) %}
+ {% set prefix = db.get("prefix", "") %}
+ {{ prefix }}DB_HOST: {{ pillar["nasqueron_services"][db["service"]] }}
+ {{ prefix }}DB_USER: {{ salt["credentials.get_username"](db["credentials"]) }}
+ {{ prefix }}DB_PASSWORD: {{ salt["credentials.get_password"](db["credentials"]) }}
+ {% endfor %}
{% if "vault" in env_args %}
VAULT_ROLE_ID: {{ salt["credentials.get_username"](env_args["vault"]) }}
VAULT_SECRET_ID: {{ salt["credentials.get_password"](env_args["vault"]) }}
{% endif %}
{% for key, value in env_args.get("extra_values", {}).items() %}
{{ key }}: {{ value }}
{% endfor %}
{% for key, vault_path in env_args.get("extra_credentials", {}).items() %}
{{ key }}: {{ salt["credentials.get_password"](vault_path) }}
{% endfor %}
{% endfor %}
File Metadata
Details
Attached
Mime Type
text/x-diff
Expires
Wed, Mar 18, 12:52 (1 d, 18 h)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3527968
Default Alt Text
(13 KB)
Attached To
Mode
rOPS Nasqueron Operations
Attached
Detach File
Event Timeline
Log In to Comment