Page MenuHomeDevCentral

D2888.id7366.diff
No OneTemporary

D2888.id7366.diff

diff --git a/PORTS b/PORTS
--- a/PORTS
+++ b/PORTS
@@ -26,6 +26,7 @@
24180 Tommy HTTP - CD
25080 Auth Grove HTTP
26080 Sentry HTTP
+ 26300 Sentry - Relay
30080 Pixelfed HTTP
31080 Phabricator HTTP - DevCentral
33080 Bugzilla HTTP - Espace Win
diff --git a/pillar/paas/docker/docker-002/sentry.sls b/pillar/paas/docker/docker-002/sentry.sls
--- a/pillar/paas/docker/docker-002/sentry.sls
+++ b/pillar/paas/docker/docker-002/sentry.sls
@@ -14,6 +14,7 @@
- library/postgres
- library/redis:3.2-alpine
- library/sentry
+ - getsentry/relay:nightly
- getsentry/snuba:nightly
- tianon/exim4
- yandex/clickhouse-server:20.3.9.70
@@ -150,6 +151,18 @@
sentry_symbolicator:
network: sentry
+ #
+ # Relay
+ #
+
+ relay:
+ sentry_relay:
+ app_port: 26300
+ kafka: sentry_kafka
+ redis: sentry_redis
+ web: sentry_web
+ network: sentry
+
#
# Sentry
#
@@ -157,6 +170,7 @@
sentry:
sentry_web:
app_port: 26080
+ relay_port: 26300
host: sentry.nasqueron.org
command: run web
realm: nasqueron
diff --git a/roles/paas-docker/containers/files/relay/config.yml.jinja b/roles/paas-docker/containers/files/relay/config.yml.jinja
new file mode 100644
--- /dev/null
+++ b/roles/paas-docker/containers/files/relay/config.yml.jinja
@@ -0,0 +1,36 @@
+# -------------------------------------------------------------
+# Sentry configuration - Relay
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# Source file: roles/paas-docker/containers/files/relay/config.yml.jinja
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+relay:
+ upstream: http://{{ container.web }}:9000/
+
+ host: 0.0.0.0
+ port: 3000
+
+logging:
+ level: WARN
+
+processing:
+ enabled: true
+
+ kafka_config:
+ - name: bootstrap.servers
+ value: {{ container.kafka }}:9092
+ - name: message.max.bytes
+ value: 50000000 # 50MB
+
+ redis: redis://{{ container.redis }}:6379
+
+ geoip_path: "/usr/local/share/geoip/GeoLite2-City.mmdb"
diff --git a/roles/paas-docker/containers/relay.sls b/roles/paas-docker/containers/relay.sls
new file mode 100644
--- /dev/null
+++ b/roles/paas-docker/containers/relay.sls
@@ -0,0 +1,67 @@
+# -------------------------------------------------------------
+# Salt — Provision Docker engine
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
+
+{% for instance, container in pillar['docker_containers']['relay'].items() %}
+
+# -------------------------------------------------------------
+# Data directory
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+/srv/relay/{{ instance }}:
+ file.directory:
+ - makedirs: True
+
+/srv/relay/{{ instance }}/config.yml:
+ file.managed:
+ - source: salt://roles/paas-docker/containers/files/relay/config.yml.jinja
+ - mode: 644
+ - template: jinja
+ - context:
+ container: {{ container }}
+
+relay_{{ instance }}_credentials:
+ docker_container.run:
+ - image: getsentry/relay:nightly
+ - command: bash -c "relay credentials generate --stdout > /work/.relay/credentials.json"
+ - binds:
+ - /srv/relay/{{ instance }}:/work/.relay
+ - replace: True
+ - creates: /srv/relay/{{ instance }}/credentials.json
+
+{% if has_selinux %}
+selinux_context_{{ instance }}_relay_data:
+ selinux.fcontext_policy_present:
+ - name: /srv/relay/{{ instance }}
+ - sel_type: container_file_t
+
+selinux_context_{{ instance }}_relay_data_applied:
+ selinux.fcontext_policy_applied:
+ - name: /srv/relay/{{ instance }}
+{% endif %}
+
+# -------------------------------------------------------------
+# Container
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+{{ instance }}:
+ docker_container.running:
+ - detach: True
+ - interactive: True
+ - image: getsentry/relay:nightly
+ - binds:
+ - /srv/relay/{{ instance }}:/work/.relay
+ - /srv/geoip:/usr/local/share/geoip:ro
+ - ports:
+ - 3000
+ - port_bindings:
+ - {{ container['app_port'] }}:3000
+ - networks:
+ - {{ container['network'] }}
+
+{% endfor %}
diff --git a/roles/paas-docker/nginx/files/vhosts/sentry.conf b/roles/paas-docker/nginx/files/vhosts/sentry.conf
--- a/roles/paas-docker/nginx/files/vhosts/sentry.conf
+++ b/roles/paas-docker/nginx/files/vhosts/sentry.conf
@@ -2,8 +2,7 @@
# Configuration for Docker PaaS front-end nginx
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Author: Sébastien Santoro aka Dereckson
-# Created: 2018-09-11
-# Source file: roles/paas-docker/nginx/files/vhosts/_default.conf
+# Source file: roles/paas-docker/nginx/files/vhosts/sentry.conf
# -------------------------------------------------------------
#
# <auto-generated>
@@ -32,11 +31,29 @@
include includes/letsencrypt;
+ include includes/proxy_params;
+ proxy_redirect off;
+
+ location /api/store/ {
+ proxy_buffer_size 128k;
+ proxy_buffers 4 256k;
+ proxy_busy_buffers_size 256k;
+ proxy_temp_file_write_size 256k;
+
+ proxy_pass http://localhost:{{ args.relay_port }};
+ }
+
+ location ~ ^/api/[1-9]\d*/ {
+ proxy_buffer_size 128k;
+ proxy_buffers 4 256k;
+ proxy_busy_buffers_size 256k;
+ proxy_temp_file_write_size 256k;
+
+ proxy_pass http://localhost:{{ args.relay_port }};
+ }
+
location / {
proxy_pass http://localhost:{{ app_port }};
-
- include includes/proxy_params;
- proxy_redirect off;
}
location /.well-known/change-password {

File Metadata

Mime Type
text/plain
Expires
Sun, Nov 17, 02:28 (20 h, 37 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2248534
Default Alt Text
D2888.id7366.diff (6 KB)

Event Timeline