Page Menu
Home
DevCentral
Search
Configure Global Search
Log In
Files
F12297961
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
14 KB
Referenced Files
None
Subscribers
None
View Options
diff --git a/roles/paas-docker/containers/etherpad.sls b/roles/paas-docker/containers/etherpad.sls
index b32cba2..f65fcef 100644
--- a/roles/paas-docker/containers/etherpad.sls
+++ b/roles/paas-docker/containers/etherpad.sls
@@ -1,69 +1,69 @@
# -------------------------------------------------------------
# Salt — Provision Docker engine
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2018-06-18
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
{% set containers = pillar['docker_containers'][grains['id']] %}
{% for instance, container in containers['etherpad'].items() %}
# -------------------------------------------------------------
# Storage directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
/srv/{{ instance }}:
file.directory:
- makedirs: True
{% if has_selinux %}
selinux_context_{{ instance }}_data:
selinux.fcontext_policy_present:
- name: /srv/{{ instance }}
- - sel_type: svirt_sandbox_file_t
+ - sel_type: container_file_t
selinux_context_{{ instance }}_data_applied:
selinux.fcontext_policy_applied:
- name: /srv/{{ instance }}
{% endif %}
# -------------------------------------------------------------
# Container
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{{ instance }}:
docker_container.running:
- detach: True
- interactive: True
- image: nasqueron/etherpad:production
- links: {{ container['mysql_link'] }}:mysql
- binds: /srv/{{ instance }}/var:/opt/etherpad-lite/var
- ports:
- 9001
- port_bindings:
- {{ container['app_port'] }}:9001
# -------------------------------------------------------------
# API key
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{% set api_key_path = "/srv/" + instance + "/APIKEY.txt" %}
{{ api_key_path }}:
file.managed:
- mode: 400
- contents: {{ salt['zr.get_password'](container['credential']) }}
deploy_api_key_{{ instance }}:
cmd.run:
- name: |
docker cp {{ api_key_path }} {{ instance }}:opt/etherpad-lite/APIKEY.txt
docker restart {{ instance }}
- onchanges:
- docker_container: {{ instance }}
- file: {{ api_key_path }}
{% endfor %}
diff --git a/roles/paas-docker/containers/jenkins.sls b/roles/paas-docker/containers/jenkins.sls
index fe35e76..69e5df5 100644
--- a/roles/paas-docker/containers/jenkins.sls
+++ b/roles/paas-docker/containers/jenkins.sls
@@ -1,57 +1,57 @@
# -------------------------------------------------------------
# Salt — Provision Docker engine
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2018-03-11
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
{% set containers = pillar['docker_containers'][grains['id']] %}
{% for instance, container in containers['jenkins'].items() %}
{% set realm = pillar['jenkins_realms'][container['realm']] %}
{% set home = "/srv/jenkins/" + container['realm'] + "/jenkins_home" %}
# -------------------------------------------------------------
# Home directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{{ home }}:
file.directory:
- user: 1000
- group: 1000
- makedirs: True
{% if has_selinux %}
selinux_context_jenkins_home:
selinux.fcontext_policy_present:
- name: {{ home }}
- - sel_type: svirt_sandbox_file_t
+ - sel_type: container_file_t
selinux_context_jenkins_home_applied:
selinux.fcontext_policy_applied:
- name: {{ home }}
{% endif %}
# -------------------------------------------------------------
# Container
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{{ instance }}:
docker_container.running:
- detach: True
- interactive: True
- image: jenkinsci/jenkins
- binds: {{ home }}:/var/jenkins_home
- networks:
- {{ realm['network'] }}
- ports:
- 8080
- 50000
- port_bindings:
- {{ container['app_port'] }}:8080 # HTTP
- {{ container['jnlp_port'] }}:50000 # Jenkins master's port for JNLP-based Jenkins agents
{% endfor %}
diff --git a/roles/paas-docker/containers/jenkins_slave.sls b/roles/paas-docker/containers/jenkins_slave.sls
index b7a06b8..9dbadcb 100644
--- a/roles/paas-docker/containers/jenkins_slave.sls
+++ b/roles/paas-docker/containers/jenkins_slave.sls
@@ -1,63 +1,63 @@
# -------------------------------------------------------------
# Salt — Provision Docker engine
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2018-03-16
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
{% set containers = pillar['docker_containers'][grains['id']] %}
{% for instance, container in containers['jenkins_slave'].items() %}
{% set realm = pillar['jenkins_realms'][container['realm']] %}
{% set home = "/srv/jenkins/" + container['realm'] + "/slaves_homes/" + instance %}
{% set image = pillar['jenkins_images'][container['image']] %}
# -------------------------------------------------------------
# Home directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{{ home }}:
file.directory:
- user: 431
- group: 433
- makedirs: True
{% if has_selinux %}
selinux_context_jenkins_slave_{{ instance }}_home:
selinux.fcontext_policy_present:
- name: {{ home }}
- - sel_type: svirt_sandbox_file_t
+ - sel_type: container_file_t
selinux_context_jenkins_slave_{{ instance }}_home_applied:
selinux.fcontext_policy_applied:
- name: {{ home }}
{% endif %}
{{ home }}/.ssh:
file.directory:
- user: 431
- group: 433
{{ home }}/.ssh/authorized_keys:
file.managed:
- contents: {{ realm['ssh_key'] }}
- user: 431
- group: 433
# -------------------------------------------------------------
# Container
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{{ instance }}:
docker_container.running:
- detach: True
- interactive: True
- image: {{ image }}
- binds: {{ home }}:/home/app
- networks:
- {{ realm['network'] }}
{% endfor %}
diff --git a/roles/paas-docker/containers/mysql.sls b/roles/paas-docker/containers/mysql.sls
index 6abb863..41384b6 100644
--- a/roles/paas-docker/containers/mysql.sls
+++ b/roles/paas-docker/containers/mysql.sls
@@ -1,48 +1,48 @@
# -------------------------------------------------------------
# Salt — Provision Docker engine
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2018-03-27
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
{% set containers = pillar['docker_containers'][grains['id']] %}
{% for instance in containers['mysql'] %}
# -------------------------------------------------------------
# Home directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
/srv/{{ instance }}/mysql:
file.directory:
- user: 999
- group: 999
- makedirs: True
{% if has_selinux %}
selinux_context_{{ instance }}_mysql_data:
selinux.fcontext_policy_present:
- name: /srv/{{ instance }}/mysql
- - sel_type: svirt_sandbox_file_t
+ - sel_type: container_file_t
selinux_context_{{ instance }}_mysql_data_applied:
selinux.fcontext_policy_applied:
- name: /srv/{{ instance }}/mysql
{% endif %}
# -------------------------------------------------------------
# Container
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{{ instance }}:
docker_container.running:
- detach: True
- interactive: True
- image: nasqueron/mysql
- binds: /srv/{{ instance }}/mysql:/var/lib/mysql
- environment:
MYSQL_ROOT_PASSWORD: {{ salt['random.get_str'](31) }}
{% endfor %}
diff --git a/roles/paas-docker/containers/openfire.sls b/roles/paas-docker/containers/openfire.sls
index 5baf441..bfe0a65 100644
--- a/roles/paas-docker/containers/openfire.sls
+++ b/roles/paas-docker/containers/openfire.sls
@@ -1,52 +1,52 @@
# -------------------------------------------------------------
# Salt — Provision Docker engine
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2018-06-18
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
{% set containers = pillar['docker_containers'][grains['id']] %}
{% for instance, container in containers['openfire'].items() %}
# -------------------------------------------------------------
# Storage directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
/srv/{{ instance }}:
file.directory:
- user: 999
- group: 999
- makedirs: True
{% if has_selinux %}
selinux_context_openfire_data:
selinux.fcontext_policy_present:
- name: /srv/{{ instance }}
- - sel_type: svirt_sandbox_file_t
+ - sel_type: container_file_t
selinux_context_openfire_data_applied:
selinux.fcontext_policy_applied:
- name: /srv/{{ instance }}
{% endif %}
# -------------------------------------------------------------
# Container
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{{ instance }}:
docker_container.running:
- detach: True
- interactive: True
- image: gizmotronic/openfire
- binds: /srv/{{ instance }}:/var/lib/openfire
- hostname: {{ container['host'] }}
- ports: {{ pillar['xmpp_ports'] }}
- port_bindings:
{% for port in pillar['xmpp_ports'] %}
- {{ container['ip'] }}:{{ port }}:{{ port }}
{% endfor %}
{% endfor %}
diff --git a/roles/paas-docker/containers/phabricator.sls b/roles/paas-docker/containers/phabricator.sls
index 06bf8a9..8f98d7e 100644
--- a/roles/paas-docker/containers/phabricator.sls
+++ b/roles/paas-docker/containers/phabricator.sls
@@ -1,35 +1,35 @@
# -------------------------------------------------------------
# Salt — Provision Docker engine
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2018-09-06
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
{% set containers = pillar['docker_containers'][grains['id']] %}
{% for instance, container in containers['phabricator'].items() %}
# -------------------------------------------------------------
# Storage directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
/srv/{{ instance }}:
file.directory:
- user: 431
- group: 433
- makedirs: True
{% if has_selinux %}
selinux_context_{{ instance }}_data:
selinux.fcontext_policy_present:
- name: /srv/{{ instance }}
- - sel_type: svirt_sandbox_file_t
+ - sel_type: container_file_t
selinux_context_{{ instance }}_data_applied:
selinux.fcontext_policy_applied:
- name: /srv/{{ instance }}
{% endif %}
{% endfor %}
diff --git a/roles/paas-docker/containers/phpbb.sls b/roles/paas-docker/containers/phpbb.sls
index 8def226..11b0927 100644
--- a/roles/paas-docker/containers/phpbb.sls
+++ b/roles/paas-docker/containers/phpbb.sls
@@ -1,45 +1,45 @@
# -------------------------------------------------------------
# Salt — Provision Docker engine
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2018-03-27
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
# -------------------------------------------------------------
# Data directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
/srv/phpbb/data:
file.directory:
- user: 431
- group: 433
- makedirs: True
{% if has_selinux %}
selinux_context_phpbb_datastores:
selinux.fcontext_policy_present:
- name: /srv/phpbb/data
- - sel_type: svirt_sandbox_file_t
+ - sel_type: container_file_t
selinux_context_phpbb_datastores_applied:
selinux.fcontext_policy_applied:
- name: /srv/phpbb/data
{% endif %}
{% for store in pillar['phpbb_datastores'] %}
/srv/phpbb/data/{{ store }}:
file.directory:
- user: 431
- group: 433
{% for subdir in ['cache', 'config', 'ext', 'files', 'images', 'store'] %}
/srv/phpbb/data/{{ store }}/{{ subdir }}:
file.recurse:
- source: salt://software/phpbb/phpBB/{{ subdir }}
- user: 431
- group: 433
{% endfor %}
{% endfor %}
diff --git a/roles/paas-docker/letsencrypt/init.sls b/roles/paas-docker/letsencrypt/init.sls
index 657f07a..2b86037 100644
--- a/roles/paas-docker/letsencrypt/init.sls
+++ b/roles/paas-docker/letsencrypt/init.sls
@@ -1,41 +1,41 @@
# -------------------------------------------------------------
# Salt — Provision Docker engine
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2018-03-16
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
# -------------------------------------------------------------
# See also
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Wrapper script
# - wrappers/init.Sls
# - wrappers/files/certbot.sh
#
# Image
# - /pillar/paas/docker.Sls
#
# Nginx configuration
# - nginx/files/includes/letsencrypt
# -------------------------------------------------------------
# Data directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
/srv/letsencrypt:
file.directory
{% if has_selinux %}
selinux_context_jenkins_home:
selinux.fcontext_policy_present:
- name: /srv/letsencrypt
- - sel_type: svirt_sandbox_file_t
+ - sel_type: container_file_t
selinux_context_jenkins_home_applied:
selinux.fcontext_policy_applied:
- name: /srv/letsencrypt
{% endif %}
File Metadata
Details
Attached
Mime Type
text/x-diff
Expires
Wed, Oct 22, 13:45 (1 d, 3 h)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3089256
Default Alt Text
(14 KB)
Attached To
Mode
rOPS Nasqueron Operations
Attached
Detach File
Event Timeline
Log In to Comment