Page Menu
Home
DevCentral
Search
Configure Global Search
Log In
Files
F3767444
D3025.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
5 KB
Referenced Files
None
Subscribers
None
D3025.diff
View Options
diff --git a/pillar/credentials/vault.sls b/pillar/credentials/vault.sls
--- a/pillar/credentials/vault.sls
+++ b/pillar/credentials/vault.sls
@@ -200,6 +200,10 @@
- ops/secrets/espacewin.bugzilla.mysql
- ops/secrets/espacewin.bugzilla.mysql_root
+ saas-mediawiki:
+ - ops/secrets/dbserver/cluster-B/users/saas-mediawiki
+ - ops/secrets/nasqueron/mediawiki/secret_key
+
viperserv:
- ops/secrets/nasqueron.viperserv.vault
diff --git a/pillar/dbserver/cluster-B.sls b/pillar/dbserver/cluster-B.sls
--- a/pillar/dbserver/cluster-B.sls
+++ b/pillar/dbserver/cluster-B.sls
@@ -19,6 +19,23 @@
- database: Nasqueron
scope: database
+ saas-mediawiki:
+ password: dbserver/cluster-B/users/saas-mediawiki
+ host: "%"
+ privileges:
+ - database: wikis
+ scope: database
+ - database: utopia
+ scope: database
+ - database: arsmagica
+ scope: database
+ - database: wolfplexdb
+ scope: database
+ - database: inidal_wiki
+ scope: database
+ - database: nasqueron_wiki
+ scope: database
+
# Tips for databases:
# This is a MariaDB cluster. At version 10.6, MariaDB is still using utf8mb3
# by default, but we generally prefer utf8mb4 as encoding.
@@ -35,3 +52,15 @@
Nasqueron: &unicode
encoding: utf8mb4
collation: uca1400_as_ci
+
+ # Databases used by MediaWiki SaaS
+ wikis: &mediawiki
+ encoding: utf8mb4
+ collation: utf8_bin
+ arsmagica: *mediawiki
+ inidal_wiki: *mediawiki
+ nasqueron_wiki: *mediawiki
+
+ # Databases used by MediaWiki SaaS - still to split from other content
+ utopia: *mediawiki
+ wolfplexdb: *mediawiki
diff --git a/pillar/saas/mediawiki.sls b/pillar/saas/mediawiki.sls
--- a/pillar/saas/mediawiki.sls
+++ b/pillar/saas/mediawiki.sls
@@ -35,8 +35,11 @@
mediawiki_directory: /srv/mediawiki
fastcgi_url: unix:/var/run/web/wikis.nasqueron.org/php-fpm.sock
db:
- host: localhost
- user: mediawiki-saas
+ host: 172.27.27.9
+ user: saas-mediawiki
+ credentials:
+ db: dbserver/cluster-B/users/saas-mediawiki
+ secret_key: nasqueron/mediawiki/secret_key
mediawiki_datastores:
###
diff --git a/roles/saas-mediawiki/init.sls b/roles/saas-mediawiki/init.sls
--- a/roles/saas-mediawiki/init.sls
+++ b/roles/saas-mediawiki/init.sls
@@ -8,6 +8,7 @@
include:
- .account
+ - .saas
- .mediawiki
- .software
- .nginx
diff --git a/roles/saas-mediawiki/saas/files/dot.env b/roles/saas-mediawiki/saas/files/dot.env
new file mode 100644
--- /dev/null
+++ b/roles/saas-mediawiki/saas/files/dot.env
@@ -0,0 +1,17 @@
+# -------------------------------------------------------------
+# SaaS :: MediaWiki :: Credentials
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# Source file: roles/saas-mediawiki/saas/files/dot.env
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+MEDIAWIKI_SECRET_KEY={{ secret_key }}
+DB_PASS={{ db_pass }}
diff --git a/roles/saas-mediawiki/saas/init.sls b/roles/saas-mediawiki/saas/init.sls
new file mode 100644
--- /dev/null
+++ b/roles/saas-mediawiki/saas/init.sls
@@ -0,0 +1,49 @@
+# -------------------------------------------------------------
+# Salt — MediaWiki farm
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% set saas = pillar["mediawiki_saas"] %}
+
+# -------------------------------------------------------------
+# Base directory
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+saas_mediawiki_parent_directory:
+ file.directory:
+ - name: /srv/saas
+
+# -------------------------------------------------------------
+# SaaS entry point
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+saas_mediawiki:
+ git.latest:
+ - name: https://devcentral.nasqueron.org/source/saas-mediawiki.git
+ - target: {{ saas["directory"] }}
+ - update_head: False
+ - user: mediawiki
+
+saas_mediawiki_vendor:
+ cmd.run:
+ - name: composer update --no-dev
+ - cwd: {{ saas["directory"] }}
+ - runas: mediawiki
+ - creates: {{ saas["directory"] }}/vendor
+
+# -------------------------------------------------------------
+# MediaWiki SaaS credentials
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+{{ saas["directory"] }}/.env
+ file.managed:
+ - source: salt://roles/saas-mediawiki/saas/files/dot.env
+ - user: mediawiki
+ - group: mediawiki
+ - mode: 400
+ - template: jinja
+ - context:
+ secret_key: {{ credentials.get_password(saas["credentials"]["secret_key"]) }}
+ db_pass: {{ credentials.get_password(saas["credentials"]["db"]) }}
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Sun, Nov 24, 00:15 (19 h, 41 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2258541
Default Alt Text
D3025.diff (5 KB)
Attached To
Mode
D3025: Provision MediaWiki SaaS entry point
Attached
Detach File
Event Timeline
Log In to Comment