Page MenuHomeDevCentral

D1921.id4850.diff
No OneTemporary

D1921.id4850.diff

diff --git a/PORTS b/PORTS
--- a/PORTS
+++ b/PORTS
@@ -1,8 +1,3 @@
-reserved-for-legacy-docker-migration-high-priority
- 23080 Phabricator HTTP - River Sector
- 35080 Phabricator HTTP - Wolfplex
- 36080 Phabricator HTTP - Zed
-
reserved-for-legacy-docker-migration-medium-priority
3000 Mastodon public HTTP
4000 Mastodon streaming HTTP
@@ -27,12 +22,15 @@
20080 Nasqueron API - Docker registry API
22220 Phabricator Aphlict (client)
22221 Phabricator Aphlict (admin)
+ 23080 Phabricator HTTP - River Sector
24080 Tommy HTTP - CI
24180 Tommy HTTP - CD
25080 Auth Grove HTTP
31080 Phabricator HTTP - DevCentral
33080 Bugzilla HTTP - Espace Win
34080 Etherpad
+ 35080 Phabricator HTTP - Wolfplex
+ 36080 Phabricator HTTP - Zed
38080 Jenkins HTTP - CD
39080 Cachet HTTP
42080 Jenkins HTTP - CI
diff --git a/pillar/credentials/zr.sls b/pillar/credentials/zr.sls
--- a/pillar/credentials/zr.sls
+++ b/pillar/credentials/zr.sls
@@ -28,6 +28,16 @@
# This API key is used by Wolfplex API to access to the pad lists
api: 125
+ #
+ # Credentials used by Nasqueron members private services
+ #
+
+ dereckson:
+
+ # River Sector
+ phabricator:
+ mysql: 133
+
#
# Credentials used by Espace Win services
#
@@ -37,3 +47,25 @@
# bugzilla.espace-win.org
bugzilla:
mysql: 131
+
+ #
+ # Credentials used by Wolfplex services
+ #
+
+ wolfplex:
+
+ # phabricator.wolfplex.be
+ phabricator:
+ mysql: 135
+ mailgun: 138
+
+ #
+ # Credentials used by Zed services
+ #
+
+ zed:
+
+ # code.zed.dereckson.be
+ phabricator:
+ mysql: 134
+ sendgrid: 45
diff --git a/pillar/paas/docker.sls b/pillar/paas/docker.sls
--- a/pillar/paas/docker.sls
+++ b/pillar/paas/docker.sls
@@ -216,6 +216,7 @@
# Infrastructure and development services
phabricator:
+ # Nasqueron instance
devcentral:
app_port: 31080
host: devcentral.nasqueron.org
@@ -228,7 +229,55 @@
- server.nasqueron.org
- serveur.nasqueron.org
- serveurs.nasqueron.org
+ mailer: mailgun
+ credentials:
+ mysql: zed.phabricator.mysql
static_host: phabricator-files-for-devcentral-nasqueron.spacetechnology.net
+ title: Nasqueron DevCentral
+ mysql_link: acquisitariat
+ skip_container: True
+
+ # Private instance for Dereckson
+ river_sector:
+ app_port: 23080
+ host: river-sector.dereckson.be
+ static_host: phabricator-files-for-river-sector.nasqueron.org
+ mailer: _
+ credentials:
+ mailgun: dereckson.phabricator.mailgun
+ mysql: dereckson.phabricator.mysql
+ storage:
+ namespace: river_sector
+ title: River Sector
+ mysql_link: acquisitariat
+
+ # Wolfplex instance
+ wolfplex_phab:
+ app_port: 35080
+ host: phabricator.wolfplex.be
+ static_host: phabricator-files-for-wolfplex.nasqueron.org
+ mailer: mailgun
+ credentials:
+ mailgun: wolfplex.phabricator.mailgun
+ mysql: wolfplex.phabricator.mysql
+ storage:
+ namespace: wolfphab
+ title: Wolfplex Phabricator
+ mysql_link: acquisitariat
+
+ # Zed instance
+ zed_code:
+ app_port: 36080
+ host: code.zed.dereckson.be
+ static_host: phabricator-files-for-zed.nasqueron.org
+ mailer: sendgrid
+ credentials:
+ mysql: zed.phabricator.mysql
+ sendgrid: zed.phabricator.sendgrid
+ storage:
+ namespace: zedphab
+ title: Zed
+ mysql_link: acquisitariat
aphlict:
aphlict:
diff --git a/roles/paas-docker/containers/phabricator.sls b/roles/paas-docker/containers/phabricator.sls
--- a/roles/paas-docker/containers/phabricator.sls
+++ b/roles/paas-docker/containers/phabricator.sls
@@ -10,6 +10,7 @@
{% set containers = pillar['docker_containers'][grains['id']] %}
{% for instance, container in containers['phabricator'].items() %}
+{% set create_container = "skip_container" not in container or not container['skip_container'] %}
# -------------------------------------------------------------
# Storage directory
@@ -24,12 +25,61 @@
{% if has_selinux %}
selinux_context_{{ instance }}_data:
selinux.fcontext_policy_present:
- - name: /srv/{{ instance }}
+ - name: /srv/phabricator/{{ instance }}
- sel_type: container_file_t
selinux_context_{{ instance }}_data_applied:
selinux.fcontext_policy_applied:
- - name: /srv/{{ instance }}
+ - name: /srv/phabricator/{{ instance }}
+{% endif %}
+
+# -------------------------------------------------------------
+# Container
+#
+# /!\ DEVCENTRAL DEPLOYMENT ISSUE /!\
+#
+# We've currently a chicken or egg problem here: the zr
+# credentials source is the Nasqueron Phabricator instance,
+# DevCentral. As such, we can't provision it through this block.
+#
+# This is blocked by secrets migration to Vault.
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+{% if create_container %}
+
+{{ instance }}:
+ docker_container.running:
+ - detach: True
+ - interactive: True
+ - image: nasqueron/devcentral
+ - binds:
+ - /srv/phabricator/{{ instance }}/conf:/opt/phabricator/conf
+ - /srv/phabricator/{{ instance }}/repo:/var/repo
+ - environment:
+ PHABRICATOR_URL: https://{{ container['host'] }}
+ PHABRICATOR_TITLE: {{ container['title'] }}
+ PHABRICATOR_DOMAIN: {{ container['host'] }}
+ PHABRICATOR_ALT_FILE_DOMAIN: {{ container['static_host'] }}
+
+ DB_USER: {{ salt['zr.get_username'](container['credentials']['mysql']) }}
+ DB_PASS: {{ salt['zr.get_password'](container['credentials']['mysql']) }}
+ PHABRICATOR_STORAGE_NAMESPACE: {{ container['storage']['namespace'] }}
+
+ {% if container['mailer'] == 'sendgrid' %}
+ PHABRICATOR_USE_SENDGRID: 1
+ PHABRICATOR_SENDGRID_APIUSER: {{ salt['zr.get_username'](container['credentials']['sendgrid']) }}
+ PHABRICATOR_SENDGRID_APIKEY: {{ salt['zr.get_password'](container['credentials']['sendgrid']) }}
+ {% elif container['mailer'] == 'mailgun' %}
+ PHABRICATOR_USE_MAILGUN: 1
+ PHABRICATOR_MAILGUN_APIKEY: {{ salt['zr.get_token'](container['credentials']['mailgun']) }}
+ {% endif %}
+
+ - links: {{ container['mysql_link'] }}:mysql
+ - ports:
+ - 80
+ - ports_bindings:
+ - {{ container['app_port'] }}:80
+
{% endif %}
{% endfor %}

File Metadata

Mime Type
text/plain
Expires
Tue, Dec 24, 14:29 (19 h, 15 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2314045
Default Alt Text
D1921.id4850.diff (6 KB)

Event Timeline