D1586.diff
No OneTemporary
Actions

Size

6 KB

Referenced Files

None

Subscribers

None

D1586.diff
View Options

	diff --git a/pillar/credentials/vault.sls b/pillar/credentials/vault.sls
	--- a/pillar/credentials/vault.sls
	+++ b/pillar/credentials/vault.sls
	@@ -230,6 +230,8 @@
	- ops/secrets/dbserver/cluster-B/users/dereckson_www
	- ops/secrets/dbserver/cluster-B/users/zed

	+ - ops/secrets/nasqueron/deploy/deploy_keys/by_repo/github/hypership/content_users
	+
	- ops/secrets/zed/hypership/secret_key

	#
	diff --git a/pillar/paas/alkane/web-001/main.sls b/pillar/paas/alkane/web-001/main.sls
	--- a/pillar/paas/alkane/web-001/main.sls
	+++ b/pillar/paas/alkane/web-001/main.sls
	@@ -29,7 +29,6 @@

	nasqueron_members:
	- dereckson.be
	- - hypership.space

	#
	# Projects ICT is managed by Nasqueron
	@@ -124,16 +123,6 @@
	DATASTORE: /var/dataroot/wolfplex
	CREDENTIAL_PATH_DATASOURCES_SECURITYDATA: /var/dataroot/wolfplex/secrets.json

	- # Zed - HyperShip
	- hypership.space:
	- domain: hypership.space
	- subdomain: www
	- user: web-space-hypership-www
	- php-fpm: prod
	- env:
	- CACHE_DIR: /var/cache/zed/hypership.space
	- CONTENT_DIR: /srv/zed/content
	-
	# -------------------------------------------------------------
	# nginx configuration
	#
	@@ -152,9 +141,6 @@
	- cosmo
	- www

	- hypership.space:
	- - www
	-
	nasqueron.org:
	- api
	- assets
	diff --git a/pillar/paas/alkane/web-001/zed.sls b/pillar/paas/alkane/web-001/zed.sls
	new file mode 100644
	--- /dev/null
	+++ b/pillar/paas/alkane/web-001/zed.sls
	@@ -0,0 +1,51 @@
	+# -------------------------------------------------------------
	+# Salt — PaaS Alkane :: PHP and static sites [production]
	+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	+# Project: Nasqueron
	+# License: Trivial work, not eligible to copyright
	+# -------------------------------------------------------------
	+
	+# -------------------------------------------------------------
	+# nginx, php-fpm
	+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	+
	+web_domains:
	+ zed:
	+ - hypership.space
	+
	+nginx_vhosts:
	+ hypership.space:
	+ - www
	+
	+web_php_sites:
	+ hypership.space:
	+ domain: hypership.space
	+ subdomain: www
	+ user: web-space-hypership-www
	+ php-fpm: prod
	+ env:
	+ CACHE_DIR: /var/dataroot/zed/cache
	+ CONTENT_DIR: /var/dataroot/zed/content
	+
	+# -------------------------------------------------------------
	+# Credentials
	+#
	+# :: deployment
	+# :: .env
	+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	+
	+wwwroot_identities:
	+ deploy-key-github-hypership-content_users:
	+ secret: nasqueron/deploy/deploy_keys/by_repo/github/hypership/content_users
	+ path: /opt/salt/security/id_zed_github_hypership_content_users
	+
	+webserver_content_dotenv:
	+ /var/wwwroot/hypership.space/www/.env:
	+ user: web-space-hypership-www
	+ db:
	+ service: db-B
	+ credentials: dbserver/cluster-B/users/zed
	+ extra_values:
	+ DB_NAME: zed_prod
	+ extra_credentials:
	+ ZED_SECRET_KEY: zed/hypership/secret_key
	diff --git a/pillar/webserver/credentials.sls b/pillar/webserver/credentials.sls
	--- a/pillar/webserver/credentials.sls
	+++ b/pillar/webserver/credentials.sls
	@@ -52,13 +52,3 @@
	db:
	service: db-B
	credentials: dbserver/cluster-B/users/dereckson_www
	-
	- /var/wwwroot/hypership.space/www/.env:
	- user: web-space-hypership-www
	- db:
	- service: db-B
	- credentials: dbserver/cluster-B/users/zed
	- extra_values:
	- DB_NAME: zed_prod
	- extra_credentials:
	- ZED_SECRET_KEY: zed/hypership/secret_key
	diff --git a/pillar/webserver/sites.sls b/pillar/webserver/sites.sls
	--- a/pillar/webserver/sites.sls
	+++ b/pillar/webserver/sites.sls
	@@ -25,7 +25,7 @@
	mastodon:
	- .org/nasqueron/social

	- webserver-legacy:
	+ webserver-legacy: &legacy_to_migrate_to_alkane
	# Nasqueron members
	- .be/dereckson

	@@ -45,6 +45,8 @@
	- .org/wolfplex/api
	- .org/wolfplex/www

	+ webserver-alkane: *legacy_to_migrate_to_alkane
	+
	# -------------------------------------------------------------
	# Sites deployed through Jenkins CD
	# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	diff --git a/roles/webserver-alkane/nginx/files/vhosts/hypership.space/www.conf b/roles/webserver-alkane/nginx/files/vhosts/hypership.space/www.conf
	--- a/roles/webserver-alkane/nginx/files/vhosts/hypership.space/www.conf
	+++ b/roles/webserver-alkane/nginx/files/vhosts/hypership.space/www.conf
	@@ -32,11 +32,11 @@
	}

	location /content/users {
	- alias /srv/zed/content/users;
	+ alias /var/dataroot/zed/content/users;
	}

	location /content/scenes {
	- alias /srv/zed/content/scenes;
	+ alias /var/dataroot/zed/content/scenes;

	location ~ \.tpl$ {
	# This folder contains templates intended to be rendered,
	@@ -45,6 +45,10 @@
	}
	}

	+ location = /tour {
	+ return 302 /tour.html;
	+ }
	+
	location /buildergate {
	return 503;

	diff --git a/roles/webserver-content/space/hypership/www.sls b/roles/webserver-content/space/hypership/www.sls
	--- a/roles/webserver-content/space/hypership/www.sls
	+++ b/roles/webserver-content/space/hypership/www.sls
	@@ -7,16 +7,62 @@

	{% if salt['node.has_web_content'](".space/hypership") %}

	-/srv/zed:
	- file.directory
	+/var/dataroot/zed:
	+ file.directory:
	+ - user: deploy

	# -------------------------------------------------------------
	# Content
	# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

	+{% if not salt["file.directory_exists"]("/var/dataroot/zed/content/.git") %}
	zed_content:
	+ file.directory:
	+ - name: /var/dataroot/zed/content
	+ - user: deploy
	+ - mode: 755
	+
	git.latest:
	- name: https://github.com/hypership/content.git
	- - target: /srv/zed/content
	+ - target: /var/dataroot/zed/content
	+ - user: deploy
	+{% endif %}
	+
	+{% if not salt["file.directory_exists"]("/var/dataroot/zed/content/users") %}
	+zed_content_private:
	+ file.directory:
	+ - name: /var/dataroot/zed/content/users
	+ - user: deploy
	+ - mode: 711
	+
	+ git.latest:
	+ - name: git@github.com:hypership/content_users.git
	+ - target: /var/dataroot/zed/content/users
	+ - user: deploy
	+ - identity: {{ pillar["wwwroot_identities"]["deploy-key-github-hypership-content_users"]["path"] }}
	+ - update_head: False
	+{% endif %}
	+
	+zed_content_rights:
	+ file.directory:
	+ - name: /var/dataroot/zed/content
	+ - user: web-space-hypership-www
	+ - recurse:
	+ - user
	+ - group
	+
	+# -------------------------------------------------------------
	+# Cache
	+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	+
	+/var/dataroot/zed/cache:
	+ file.directory:
	+ - user: web-space-hypership-www
	+
	+{% for subdir in ['compiled', 'openid', 'sessions'] %}
	+/var/dataroot/zed/cache/{{ subdir }}:
	+ file.directory:
	+ - user: web-space-hypership-www
	+{% endfor %}

	{% endif %}

File Metadata

Mime Type: text/plain
Expires: Sun, Nov 24, 16:48 (1 h, 43 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 2260593
Default Alt Text: D1586.diff (6 KB)

D1586.diffNo OneTemporaryActions

D1586.diffView Options

File Metadata

Event Timeline

D1586.diff
No OneTemporary
Actions

D1586.diff
View Options