Page MenuHomeDevCentral
Files F3626138

D3212.id8227.diff
No OneTemporary
Actions

D3212.id8227.diff
View Options

diff --git a/pillar/credentials/vault.sls b/pillar/credentials/vault.sls
--- a/pillar/credentials/vault.sls
+++ b/pillar/credentials/vault.sls
@@ -226,7 +226,7 @@
viperserv:
- ops/secrets/nasqueron.viperserv.vault
- webserver-alkane:
+ webserver-alkane-prod:
- ops/secrets/dbserver/cluster-B/users/dereckson_www
- ops/secrets/dbserver/cluster-B/users/zed
@@ -240,6 +240,9 @@
- ops/secrets/nasqueron.etherpad.api
+ webserver-alkane-dev:
+ - ops/secrets/dbserver/cluster-B/users/dereckson_www51
+
webserver-legacy:
#
diff --git a/pillar/nodes/nodes.sls b/pillar/nodes/nodes.sls
--- a/pillar/nodes/nodes.sls
+++ b/pillar/nodes/nodes.sls
@@ -214,6 +214,7 @@
hostname: web-001.nasqueron.org
roles:
- webserver-alkane
+ - webserver-alkane-prod
- saas-mediawiki
- saas-wordpress
network:
@@ -276,6 +277,8 @@
roles:
- devserver
- dbserver-mysql
+ - webserver-alkane
+ - webserver-alkane-dev
- webserver-legacy
zfs:
pool: arcology
diff --git a/pillar/paas/alkane/web-001/main.sls b/pillar/paas/alkane/web-001/main.sls
--- a/pillar/paas/alkane/web-001/main.sls
+++ b/pillar/paas/alkane/web-001/main.sls
@@ -164,3 +164,14 @@
- api
- assets
- www
+
+# -------------------------------------------------------------
+# Credentials
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+webserver_content_dotenv:
+ /var/wwwroot/dereckson.be/www/.env:
+ user: web-be-dereckson-www
+ db:
+ service: db-B
+ credentials: dbserver/cluster-B/users/dereckson_www
diff --git a/pillar/paas/alkane/windriver/main.sls b/pillar/paas/alkane/windriver/main.sls
--- a/pillar/paas/alkane/windriver/main.sls
+++ b/pillar/paas/alkane/windriver/main.sls
@@ -119,3 +119,15 @@
- api51
- tools51
- www51
+
+
+# -------------------------------------------------------------
+# Credentials
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+webserver_content_dotenv:
+ /var/51-wwwroot/dereckson-www/.env:
+ user: web-be-dereckson-www51
+ db:
+ service: db-B
+ credentials: dbserver/cluster-B/users/dereckson_www51
diff --git a/pillar/top.sls b/pillar/top.sls
--- a/pillar/top.sls
+++ b/pillar/top.sls
@@ -61,12 +61,10 @@
web-001:
- saas.mediawiki
- saas.wordpress
- - webserver.credentials
windriver:
- devserver.datacubes
- devserver.ports
- devserver.repos
- webserver.labs
- - webserver.credentials
- webserver.wwwroot51
diff --git a/pillar/webserver/credentials.sls b/pillar/webserver/credentials.sls
deleted file mode 100644
--- a/pillar/webserver/credentials.sls
+++ /dev/null
@@ -1,54 +0,0 @@
-# -------------------------------------------------------------
-# Salt — Sites to provision on the legacy web server
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Nasqueron
-# License: Trivial work, not eligible to copyright
-# -------------------------------------------------------------
-
-# -------------------------------------------------------------
-# Content of the .env files
-#
-# Those files allow site using DotEnv to read secrets.
-#
-# To ensure secrets can only be read by application user, use:
-#
-# ```
-# user: <php-fpm pool user>
-# ```
-# If your configuration can be read and stored in memory,
-# it's probably best to directly call Vault from the app
-# and only provision Vault AppRole credentials:
-#
-# ```
-# vault: <path to AppRole credential>
-# ```
-#
-# For PHP sites where the configuration file is read every
-# request, it's probably best to cache secrets in file
-# through this mechanism.
-#
-# If you need a database, you can use:
-#
-# ```
-# db:
-# service: entry in nasqueron_services table
-# credentials: path to Vault secret
-#
-# To provision a secret key or other credentials, use:
-#
-# extra_credentials:
-# key: path to vault secret
-#
-# If you need to pass extra plain values use:
-#
-# extra_values:
-# key: value
-# ```
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-
-webserver_content_dotenv:
- /var/wwwroot/dereckson.be/www/.env:
- user: web-be-dereckson-www
- db:
- service: db-B
- credentials: dbserver/cluster-B/users/dereckson_www

File Metadata

Mime Type
text/plain
Expires
Sun, Oct 6, 01:15 (21 h, 58 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2177612
Default Alt Text
D3212.id8227.diff (4 KB)

Event Timeline

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator