Page MenuHomeDevCentral

D1720.id4369.diff
No OneTemporary

D1720.id4369.diff

diff --git a/pillar/paas/docker.sls b/pillar/paas/docker.sls
--- a/pillar/paas/docker.sls
+++ b/pillar/paas/docker.sls
@@ -10,13 +10,14 @@
- &ipv4_equatower 51.255.124.10
# -------------------------------------------------------------
-# Images and containers
+# Images
+#
+# You can append a :tag (by default, latest is used).
+#
+# It's not possible to specify Docker library images only by final name.
+# See https://docs.saltstack.com/en/latest/ref/states/all/salt.states.docker_image.html
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# You can append a :tag (by default, latest is used).
-# You can't directly specify a Docker library images.
-# See https://docs.saltstack.com/en/latest/ref/states/all/salt.states.docker_image.html
-
docker_images:
'*':
- certbot/certbot
@@ -39,50 +40,104 @@
# phpBB SaaS
- nasqueron/mysql
+# -------------------------------------------------------------
+# Containers
+#
+# The docker_containers entry allow to declare
+# containers by image by servers
+#
+# The hierarchy is so as following.
+#
+# docker_containers:
+# server with the Docker engine:
+# service codename:
+# instance name:
+# container properties
+#
+# The service codename must match a state file in
+# the roles/paas-docker/containers/ directory.
+#
+# The container will be run with the specified instance name.
+#
+# **nginx**
+#
+# The container properties can also describe the information
+# needed to configure nginx with the host and app_port key.
+#
+# In such case, a matching vhost file should be declared as
+# roles/paas-docker/nginx/files/vhosts/<service codename>.sls
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
docker_containers:
- equatower:
- # MySQL
- mysql:
+
+ #
+ # Equatower is the current production engine
+ #
+ equatower:
+
+ #
+ # Core services
+ #
+
+ mysql:
acquisitariat: {}
phpbb_db: {}
+ #
# CD
- jenkins:
- host: cd.nasqueron.org
- app_port: 38080
- jenkins_slave:
- apsile:
- ip: 172.17.0.100
- elapsi:
- ip: 172.17.0.101
-
- # Infrastructure and development services
- phabricator:
- devcentral: {}
- aphlict: {}
- cachet:
- app_port: 39080
- host: status.nasqueron.org
- mysql_link: acquisitariat
- etherpad:
- app_port: 34080
- host: pad.nasqueron.org
- aliases:
- - pad.wolfplex.org
- - pad.wolfplex.be
- mysql_link: acquisitariat
- plugins:
- - ep_ether-o-meter
- - ep_author_neat
-
- # phpBB SaaS
- # The SaaS uses a MySQL instance, declared in the MySQL section.
-
- # Openfire
- openfire:
- ip: *ipv4_equatower
- app_port: 9090
- host: xmpp.nasqueron.org
+ #
+
+ jenkins:
+ jenkins_cd:
+ host: cd.nasqueron.org
+ app_port: 38080
+
+ jenkins_slave:
+ # Slaves for CD
+ apsile:
+ ip: 172.17.0.100
+ elapsi:
+ ip: 172.17.0.101
+
+ # Infrastructure and development services
+
+ phabricator:
+ devcentral: {}
+
+ aphlict:
+ aphlict:
+ ports:
+ client: 22280
+ admin: 22281
+
+ cachet:
+ cachet:
+ app_port: 39080
+ host: status.nasqueron.org
+ credential: 47
+ mysql_link: acquisitariat
+
+ etherpad:
+ pad:
+ app_port: 34080
+ host: pad.nasqueron.org
+ aliases:
+ - pad.wolfplex.org
+ - pad.wolfplex.be
+ mysql_link: acquisitariat
+ plugins:
+ - ep_ether-o-meter
+ - ep_author_neat
+
+ # phpBB SaaS
+ # The SaaS uses a MySQL instance, declared in the MySQL section.
+
+ # Openfire
+ openfire:
+ openfire:
+ ip: *ipv4_equatower
+ app_port: 9090
+ host: xmpp.nasqueron.org
# -------------------------------------------------------------
# Ports listened by XMPP
diff --git a/roles/paas-docker/containers/aphlict.sls b/roles/paas-docker/containers/aphlict.sls
--- a/roles/paas-docker/containers/aphlict.sls
+++ b/roles/paas-docker/containers/aphlict.sls
@@ -6,6 +6,10 @@
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
+{% set containers = pillar['docker_containers'][grains['id']] %}
+
+{% for instance, container in containers['aphlict'].items() %}
+
# -------------------------------------------------------------
# Container
#
@@ -14,7 +18,7 @@
# through websockets for Phabricator instances.
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-aphlict:
+{{ instance }}:
docker_container.running:
- detach: True
- interactive: True
@@ -23,5 +27,7 @@
- 22280
- 22281
- port_bindings:
- - 22280:22280
- - 22281:22281
+ - {{ container['ports']['client'] }}:22280
+ - {{ container['ports']['admin'] }}:22281
+
+{% endfor %}
diff --git a/roles/paas-docker/containers/cachet.sls b/roles/paas-docker/containers/cachet.sls
--- a/roles/paas-docker/containers/cachet.sls
+++ b/roles/paas-docker/containers/cachet.sls
@@ -7,7 +7,8 @@
# -------------------------------------------------------------
{% set containers = pillar['docker_containers'][grains['id']] %}
-{% set container = containers['cachet'] %}
+
+{% for instance, container in containers['cachet'].items() %}
# -------------------------------------------------------------
# Container
@@ -26,9 +27,11 @@
- environment:
- DB_HOST: mysql
- DB_DATABASE: cachet
- - DB_USERNAME: {{ salt['zr.get_username'](47) }}
- - DB_PASSWORD: {{ salt['zr.get_password'](47) }}
+ - DB_USERNAME: {{ salt['zr.get_username'](container['credential']) }}
+ - DB_PASSWORD: {{ salt['zr.get_password'](container['credential']) }}
- ports:
- 80
- port_bindings:
- {{ container['app_port'] }}:80
+
+{% endfor %}
diff --git a/roles/paas-docker/containers/etherpad.sls b/roles/paas-docker/containers/etherpad.sls
--- a/roles/paas-docker/containers/etherpad.sls
+++ b/roles/paas-docker/containers/etherpad.sls
@@ -8,26 +8,26 @@
{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
{% set containers = pillar['docker_containers'][grains['id']] %}
-{% set container = containers['etherpad'] %}
-{% set instance = 'pad' %}
+
+{% for instance, container in containers['etherpad'].items() %}
# -------------------------------------------------------------
# Storage directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-/srv/etherpad:
+/srv/{{ instance }}:
file.directory:
- makedirs: True
{% if has_selinux %}
-selinux_context_etherpad_data:
+selinux_context_{{ instance }}_data:
selinux.fcontext_policy_present:
- - name: /srv/etherpad
+ - name: /srv/{{ instance }}
- sel_type: svirt_sandbox_file_t
-selinux_context_etherpad_data_applied:
+selinux_context_{{ instance }}_data_applied:
selinux.fcontext_policy_applied:
- - name: /srv/etherpad
+ - name: /srv/{{ instance }}
{% endif %}
# -------------------------------------------------------------
@@ -40,7 +40,7 @@
- interactive: True
- image: nasqueron/etherpad
- links: {{ container['mysql_link'] }}:mysql
- - binds: /srv/etherpad/var:/opt/etherpad-lite/var
+ - binds: /srv/{{ instance }}/var:/opt/etherpad-lite/var
- ports:
- 9001
- port_bindings:
@@ -48,26 +48,28 @@
pad_deploy_api:
cmd.run:
- - creates: /srv/etherpad/.ok-apikey
+ - creates: /srv/{{ instance }}/.ok-apikey
- name: |
- docker cp /srv/etherpad/var/APIKEY.txt {{ instance }}:opt/etherpad-lite/APIKEY.txt
+ docker cp /srv/{{ instance }}/var/APIKEY.txt {{ instance }}:opt/etherpad-lite/APIKEY.txt
docker restart {{ instance }}
- touch /srv/etherpad/.ok-apikey
+ touch /srv/{{ instance }}/.ok-apikey
pad_deploy_plugins:
cmd.run:
- - creates: /srv/etherpad/.ok-plugins
+ - creates: /srv/{{ instance }}/.ok-plugins
- name: |
{% for plugin in container['plugins'] %}
docker exec {{ instance }} npm install {{ plugin }}
{% endfor %}
docker restart {{ instance }}
- touch /srv/etherpad/.ok-plugins
+ touch /srv/{{ instance }}/.ok-plugins
pad_deploy_abiword:
cmd.run:
- - creates: /srv/etherpad/.ok-abiword
+ - creates: /srv/{{ instance }}/.ok-abiword
- name: |
docker exec {{ instance }} sh -c 'apt update && apt install -y abiword' && \
docker restart {{ instance }} && \
- touch /srv/etherpad/.ok-abiword
+ touch /srv/{{ instance }}/.ok-abiword
+
+{% endfor %}
diff --git a/roles/paas-docker/containers/init.sls b/roles/paas-docker/containers/init.sls
--- a/roles/paas-docker/containers/init.sls
+++ b/roles/paas-docker/containers/init.sls
@@ -6,9 +6,9 @@
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
-{% set containers = salt['node.filter_by_name']('docker_containers') %}
+{% set services = salt['node.filter_by_name']('docker_containers') %}
include:
-{% for container in containers %}
- - .{{ container }}
+{% for service in services %}
+ - .{{ service }}
{% endfor %}
diff --git a/roles/paas-docker/containers/jenkins_slave.sls b/roles/paas-docker/containers/jenkins_slave.sls
--- a/roles/paas-docker/containers/jenkins_slave.sls
+++ b/roles/paas-docker/containers/jenkins_slave.sls
@@ -45,8 +45,8 @@
# Container
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-{% for name, container in containers['jenkins_slave'].items() %}
-{{ name }}:
+{% for instance, container in containers['jenkins_slave'].items() %}
+{{ instance }}:
docker_container.running:
- detach: True
- interactive: True
diff --git a/roles/paas-docker/containers/openfire.sls b/roles/paas-docker/containers/openfire.sls
--- a/roles/paas-docker/containers/openfire.sls
+++ b/roles/paas-docker/containers/openfire.sls
@@ -9,11 +9,13 @@
{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
{% set containers = pillar['docker_containers'][grains['id']] %}
+{% for instance, container in containers['jenkins_slave'].items() %}
+
# -------------------------------------------------------------
# Storage directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-/srv/openfire:
+/srv/{{ instance }}:
file.directory:
- user: 999
- group: 999
@@ -22,27 +24,29 @@
{% if has_selinux %}
selinux_context_openfire_data:
selinux.fcontext_policy_present:
- - name: /srv/openfire
+ - name: /srv/{{ instance }}
- sel_type: svirt_sandbox_file_t
selinux_context_openfire_data_applied:
selinux.fcontext_policy_applied:
- - name: /srv/openfire
+ - name: /srv/{{ instance }}
{% endif %}
# -------------------------------------------------------------
# Container
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-openfire:
+{{ instance }}:
docker_container.running:
- detach: True
- interactive: True
- image: gizmotronic/openfire
- - binds: /srv/openfire:/var/lib/openfire
- - hostname: {{ containers['openfire']['host'] }}
+ - binds: /srv/{{ instance }}:/var/lib/openfire
+ - hostname: {{ container['host'] }}
- ports: {{ pillar['xmpp_ports'] }}
- port_bindings:
{% for port in pillar['xmpp_ports'] %}
- - {{ containers['openfire']['ip'] }}:{{ port }}:{{ port }}
+ - {{ container['ip'] }}:{{ port }}:{{ port }}
+{% endfor %}
+
{% endfor %}
diff --git a/roles/paas-docker/containers/phabricator.sls b/roles/paas-docker/containers/phabricator.sls
--- a/roles/paas-docker/containers/phabricator.sls
+++ b/roles/paas-docker/containers/phabricator.sls
@@ -9,7 +9,7 @@
{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
{% set containers = pillar['docker_containers'][grains['id']] %}
-{% for instance in containers['phabricator'] %}
+{% for instance, container in containers['phabricator'].items() %}
# -------------------------------------------------------------
# Storage directory

File Metadata

Mime Type
text/plain
Expires
Thu, Nov 28, 17:50 (8 h, 9 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2269558
Default Alt Text
D1720.id4369.diff (12 KB)

Event Timeline