Page MenuHomeDevCentral
Files F3945042

D3326.id8569.diff
No OneTemporary
Actions

D3326.id8569.diff
View Options

diff --git a/UIDs b/UIDs
--- a/UIDs
+++ b/UIDs
@@ -8,3 +8,7 @@
9001 salt
9002 deploy
8900 zr LEGACY
+
+# Web app
+12000 web-org-nasqueron-mail
+12001 web-org-nasqueron-mail-admin
diff --git a/pillar/dbserver/cluster-A.sls b/pillar/dbserver/cluster-A.sls
--- a/pillar/dbserver/cluster-A.sls
+++ b/pillar/dbserver/cluster-A.sls
@@ -142,7 +142,7 @@
- db: mail
user: mailManagement
- ips: 172.27.27.5/32
+ ips: 172.27.27.3/32
method: password
- db: mail
diff --git a/pillar/nodes/nodes.sls b/pillar/nodes/nodes.sls
--- a/pillar/nodes/nodes.sls
+++ b/pillar/nodes/nodes.sls
@@ -177,6 +177,8 @@
netmask: 255.255.255.255
roles:
- mailserver
+ - webserver-core
+ - webserver-alkane
router-001:
forest: nasqueron-infra
diff --git a/pillar/paas/alkane/hervil/main.sls b/pillar/paas/alkane/hervil/main.sls
new file mode 100644
--- /dev/null
+++ b/pillar/paas/alkane/hervil/main.sls
@@ -0,0 +1,47 @@
+# -------------------------------------------------------------
+# Salt — PaaS Alkane :: PHP and static sites [development]
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# Site: https://explore.wolfplex.org/
+# -------------------------------------------------------------
+
+web_aliases:
+ services:
+ - &db-A 172.27.27.8
+
+# -------------------------------------------------------------
+# PHP sites
+#
+# Username must be unique and use max 31 characters.
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+web_domains:
+ nasqueron:
+ - nasqueron.org
+
+nginx_vhosts:
+ nasqueron.org:
+ - admin.mail
+
+php_fpm_instances:
+ # PHP current version, generally installed as package/port
+ prod:
+ command: /usr/local/sbin/php-fpm
+
+web_php_sites:
+ mail.nasqueron.org:
+ domain: nasqueron.org
+ subdomain: mail
+ user: web-org-nasqueron-mail
+ uid: 12000
+ php-fpm: prod
+
+ admin.mail.nasqueron.org:
+ domain: nasqueron.org
+ subdomain: admin.mail
+ user: web-org-nasqueron-mail-admin
+ uid: 12001
+ php-fpm: prod
+ env:
+ DB_HOST: *db-A
diff --git a/pillar/webserver/sites.sls b/pillar/webserver/sites.sls
--- a/pillar/webserver/sites.sls
+++ b/pillar/webserver/sites.sls
@@ -22,6 +22,10 @@
#
# Nasqueron servers
#
+ mailserver:
+ - .org/nasqueron/mail
+ - .org/nasqueron/mail_admin
+
mastodon:
- .org/nasqueron/social
diff --git a/roles/webserver-alkane/account/init.sls b/roles/webserver-alkane/account/init.sls
--- a/roles/webserver-alkane/account/init.sls
+++ b/roles/webserver-alkane/account/init.sls
@@ -43,6 +43,9 @@
user.present:
- name: {{ site['user' ] }}
- fullname: {{ fqdn }}
+{% if 'uid' in site %}
+ - uid: {{ site['uid'] }}
+{% endif %}
- gid: 9003
- system: True
- home: /var/run/web/{{ fqdn }}
diff --git a/roles/webserver-alkane/nginx/files/vhosts/nasqueron.org/admin.mail.conf b/roles/webserver-alkane/nginx/files/vhosts/nasqueron.org/admin.mail.conf
new file mode 100644
--- /dev/null
+++ b/roles/webserver-alkane/nginx/files/vhosts/nasqueron.org/admin.mail.conf
@@ -0,0 +1,45 @@
+# -------------------------------------------------------------
+# Webserver
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Site: mail.nasqueron.org
+# License: Trivial work, not eligible to copyright
+# Source file: roles/webserver-alkane/nginx/files/vhosts/nasqueron.org/mail.conf
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+# -------------------------------------------------------------
+# Main site
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name admin.mail.nasqueron.org;
+
+ include includes/tls;
+ ssl_certificate /usr/local/etc/letsencrypt/live/admin.mail.nasqueron.org/fullchain.pem;
+ ssl_certificate_key /usr/local/etc/letsencrypt/live/admin.mail.nasqueron.org/privkey.pem;
+
+ include includes/letsencrypt;
+
+ root /var/wwwroot/nasqueron.org/admin.mail/public;
+ index index.html index.php index.htm;
+
+ location / {
+ try_files $uri $uri/ @app;
+ }
+
+ location @app {
+ fastcgi_pass unix:/var/run/web/admin.mail.nasqueron.org/php-fpm.sock;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME /var/wwwroot/nasqueron.org/admin.mail/public/index.php;
+ include includes/fastcgi;
+ }
+}
diff --git a/roles/webserver-content/init.sls b/roles/webserver-content/init.sls
--- a/roles/webserver-content/init.sls
+++ b/roles/webserver-content/init.sls
@@ -19,6 +19,8 @@
- .org/nasqueron/docs
- .org/nasqueron/infra
- .org/nasqueron/labs
+ - .org/nasqueron/mail
+ - .org/nasqueron/mail_admin
- .org/nasqueron/rain
- .org/nasqueron/social
- .org/wolfplex/api
diff --git a/roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/init.sh b/roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/init.sh
new file mode 100644
--- /dev/null
+++ b/roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/init.sh
@@ -0,0 +1,25 @@
+#!/bin/sh
+
+# -------------------------------------------------------------
+# Nasqueron PaaS :: Alkane :: Recipe for deployment
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# Source file: roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/init.sh
+# Action: init
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+set -e
+
+
+git clone https://github.com/opensolutions/ViMbAdmin.git "$ALKANE_SITE_PATH"
+
+cd "$ALKANE_SITE_PATH"
+composer install --prefer-dist --no-dev
diff --git a/roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/update.sh b/roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/update.sh
new file mode 100644
--- /dev/null
+++ b/roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/update.sh
@@ -0,0 +1,27 @@
+#!/bin/sh
+
+# -------------------------------------------------------------
+# Nasqueron PaaS :: Alkane :: Recipe for deployment
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# Source file: roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/update.sh
+# Action: update
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+set -e
+
+
+cd "$ALKANE_SITE_PATH"
+
+git fetch --all
+git diff-index --quiet HEAD && git pull
+
+composer update --prefer-dist --no-dev
diff --git a/roles/webserver-content/org/nasqueron/mail.sls b/roles/webserver-content/org/nasqueron/mail.sls
new file mode 100644
--- /dev/null
+++ b/roles/webserver-content/org/nasqueron/mail.sls
@@ -0,0 +1,28 @@
+# -------------------------------------------------------------
+# Salt — Provision rain.nasqueron.org website
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% if salt['node.has_web_content'](".org/nasqueron/mail") %}
+
+# -------------------------------------------------------------
+# Base directory
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+/var/wwwroot/nasqueron.org/mail:
+ file.directory:
+ - user: deploy
+ - group: web
+ - dir_mode: 755
+
+# -------------------------------------------------------------
+# Deploy mail
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+www_mail_build:
+ cmd.run:
+ - name: alkane deploy mail.nasqueron.org
+
+{% endif %}
diff --git a/roles/webserver-content/org/nasqueron/mail_admin.sls b/roles/webserver-content/org/nasqueron/mail_admin.sls
new file mode 100644
--- /dev/null
+++ b/roles/webserver-content/org/nasqueron/mail_admin.sls
@@ -0,0 +1,56 @@
+# -------------------------------------------------------------
+# Salt — Provision rain.nasqueron.org website
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% if salt['node.has_web_content'](".org/nasqueron/mail_admin") %}
+
+# -------------------------------------------------------------
+# Base directory
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+/var/wwwroot/nasqueron.org/admin.mail:
+ file.directory:
+ - user: deploy
+ - group: wheel
+ - dir_mode: 755
+
+# -------------------------------------------------------------
+# Deploy mail
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+/usr/local/libexec/alkane/admin.mail.nasqueron.org:
+ file.directory:
+ - user: root
+ - group: web
+ - dir_mode: 755
+
+
+/usr/local/libexec/alkane/admin.mail.nasqueron.org/init:
+ file.managed:
+ - source: salt://roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/init.sh
+ - mode: 755
+
+/usr/local/libexec/alkane/admin.mail.nasqueron.org/update:
+ file.managed:
+ - source: salt://roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/update.sh
+ - mode: 755
+
+www_admin_mail_build:
+ cmd.run:
+ - name: alkane deploy admin.mail.nasqueron.org
+ - runas: deploy
+
+/var/wwwroot/nasqueron.org/admin.mail/var:
+ file.directory:
+ - user: web-org-nasqueron-mail-admin
+ - group: web
+ - dir_mode: 711
+ - recurse:
+ - user
+ - group
+ - mode
+
+{% endif %}
diff --git a/top.sls b/top.sls
--- a/top.sls
+++ b/top.sls
@@ -46,6 +46,8 @@
- roles/shellserver
'hervil':
- roles/mailserver
+ - roles/webserver-core
+ - roles/webserver-alkane
'web-001':
- roles/webserver-core
- roles/webserver-alkane

File Metadata

Mime Type
text/plain
Expires
Fri, Dec 27, 03:24 (11 h, 11 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2316373
Default Alt Text
D3326.id8569.diff (10 KB)

Event Timeline

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator