No OneTemporary
Actions

Size

11 KB

Referenced Files

None

Subscribers

None

View Options

	diff --git a/pillar/paas/alkane/windriver/main.sls b/pillar/paas/alkane/windriver/main.sls
	index 4020901..2253033 100644
	--- a/pillar/paas/alkane/windriver/main.sls
	+++ b/pillar/paas/alkane/windriver/main.sls
	@@ -1,133 +1,134 @@
	# -------------------------------------------------------------
	# Salt — PaaS Alkane :: PHP and static sites [development]
	# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	# Project: Nasqueron
	# License: Trivial work, not eligible to copyright
	# -------------------------------------------------------------

	web_aliases:
	services:
	- &db-B 172.27.27.9

	# -------------------------------------------------------------
	# Domains we deploy
	# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

	web_domains:

	#
	# Directly managed by Nasqueron
	#

	nasqueron:
	- nasqueron.org
	- ook.space

	#
	# Nasqueron members
	#

	nasqueron_members:
	- dereckson.be
	- hypership.space

	#
	# Projects ICT is managed by Nasqueron
	#

	espacewin:
	- espace-win.org

	wolfplex:
	- wolfplex.org

	# -------------------------------------------------------------
	# Static sites
	#
	# Sites to deploy from the staging repository
	# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

	web_static_sites:
	nasqueron.org:
	- docker51
	- rain51
	- www51

	# -------------------------------------------------------------
	# PHP sites
	#
	# Username must be unique and use max 31 characters.
	# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

	php_fpm_instances:
	# PHP current version, generally installed as package/port
	prod:
	command: /usr/local/sbin/php-fpm

	web_php_sites:
	# Nasqueron
	tools51.nasqueron.org:
	domain: nasqueron.org
	subdomain: tools51
	user: web-org-nasqueron-tools51
	php-fpm: prod

	# Nasqueron members
	mediawiki.dereckson.be:
	domain: dereckson.be
	subdomain: mediawiki
	user: web-be-dereckson-mw
	php-fpm: prod

	www51.dereckson.be:
	domain: dereckson.be
	subdomain: www51
	user: web-be-dereckson-www51
	php-fpm: prod

	# Zed
	zed51.dereckson.be:
	domain: dereckson.be
	subdomain: zed51
	user: web-be-dereckson-zed51
	php-fpm: prod
	env:
	CACHE_DIR: /var/dataroot/zed/cache
	CONTENT_DIR: /var/dataroot/zed/content

	# Espace Win
	www51.espace-win.org:
	domain: espace-win.org
	subdomain: www51
	user: web-org-espacewin-www51
	php-fpm: prod

	# -------------------------------------------------------------
	# nginx configuration
	#
	# Configuration files to provision to vhosts/
	# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

	nginx_vhosts:
	dereckson.be:
	- mediawiki
	- scherzo
	- www51
	- zed51

	nasqueron.org:
	- api51
	+ - grafana
	- tools51
	- www51


	# -------------------------------------------------------------
	# Credentials
	# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

	webserver_content_dotenv:
	/var/51-wwwroot/dereckson-www/.env:
	user: web-be-dereckson-www51
	db:
	service: db-B
	credentials: dbserver/cluster-B/users/dereckson_www51
	diff --git a/roles/grafana/grafana/files/grafana.ini b/roles/grafana/grafana/files/grafana.ini
	new file mode 100644
	index 0000000..950918f
	--- /dev/null
	+++ b/roles/grafana/grafana/files/grafana.ini
	@@ -0,0 +1,26 @@
	+# -------------------------------------------------------------
	+# Grafana configuration
	+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	+# Project: Nasqueron
	+# License: Trivial work, not eligible to copyright
	+# Source file: roles/grafana/grafana/files/grafana.ini
	+# -------------------------------------------------------------
	+#
	+# <auto-generated>
	+# This file is managed by our rOPS SaltStack repository.
	+#
	+# Changes to this file may cause incorrect behavior
	+# and will be lost if the state is redeployed.
	+# </auto-generated>
	+
	+[paths]
	+data = /var/db/grafana
	+logs = /var/log/grafana
	+plugins = /var/db/grafana/plugins
	+provisioning = /usr/local/etc/grafana/provisioning
	+
	+[server]
	+protocol = socket
	+socket_gid = {{ socket.gid }}
	+socket = {{ socket.dir }}/grafana.sock
	+domain = {{ domain }}
	diff --git a/roles/grafana/grafana/files/rc/grafana.conf b/roles/grafana/grafana/files/rc/grafana.conf
	new file mode 100644
	index 0000000..7f375be
	--- /dev/null
	+++ b/roles/grafana/grafana/files/rc/grafana.conf
	@@ -0,0 +1,16 @@
	+# -------------------------------------------------------------
	+# grafana — rc configuration
	+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	+# Project: Nasqueron
	+# License: Trivial work, not eligible to copyright
	+# Source file: roles/grafana/grafana/files/rc/grafana.conf
	+# -------------------------------------------------------------
	+#
	+# <auto-generated>
	+# This file is managed by our rOPS SaltStack repository.
	+#
	+# Changes to this file may cause incorrect behavior
	+# and will be lost if the state is redeployed.
	+# </auto-generated>
	+
	+grafana_enable="YES"
	diff --git a/roles/grafana/grafana/init.sls b/roles/grafana/grafana/init.sls
	new file mode 100644
	index 0000000..3168ab5
	--- /dev/null
	+++ b/roles/grafana/grafana/init.sls
	@@ -0,0 +1,77 @@
	+# -------------------------------------------------------------
	+# Salt — Provision Grafana
	+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	+# Project: Nasqueron
	+# License: Trivial work, not eligible to copyright
	+# -------------------------------------------------------------
	+
	+{% from "map.jinja" import dirs with context %}
	+
	+# -------------------------------------------------------------
	+# Software
	+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	+
	+grafana:
	+ pkg.installed
	+
	+# -------------------------------------------------------------
	+# Config
	+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	+
	+{{ dirs.etc }}/grafana/grafana.ini:
	+ file.managed:
	+ - source: salt://roles/grafana/grafana/files/grafana.ini
	+ - template: jinja
	+ - context:
	+ domain: grafana.nasqueron.org
	+ socket:
	+ dir: /var/run/web/grafana
	+ gid: 9003 # web
	+
	+# -------------------------------------------------------------
	+# Socket
	+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	+
	+/var/run/web/grafana:
	+ file.directory:
	+ - user: grafana
	+ - group: web
	+
	+ensure_grafana_user_is_in_group_web:
	+ user.present:
	+ - name: grafana
	+ - groups:
	+ - web
	+ - remove_groups: False
	+ - createhome: False
	+
	+# -------------------------------------------------------------
	+# Plugins access by nginx
	+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	+
	+/var/db/grafana:
	+ file.directory:
	+ - mode: 0751
	+
	+/var/db/grafana/plugins:
	+ file.directory:
	+ - user: grafana
	+ - group: web
	+ - mode: 0750
	+
	+# -------------------------------------------------------------
	+# Service
	+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	+
	+{% if grains['os'] == 'FreeBSD' %}
	+
	+/etc/rc.conf.d/grafana:
	+ file.managed:
	+ - source: salt://roles/grafana/grafana/files/rc/grafana.conf
	+ - template: jinja
	+
	+{% endif %}
	+
	+grafana_running:
	+ service.running:
	+ - name: grafana
	diff --git a/roles/grafana/init.sls b/roles/grafana/init.sls
	new file mode 100644
	index 0000000..a5b6309
	--- /dev/null
	+++ b/roles/grafana/init.sls
	@@ -0,0 +1,9 @@
	+# -------------------------------------------------------------
	+# Salt — Provision Grafana
	+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	+# Project: Nasqueron
	+# License: Trivial work, not eligible to copyright
	+# -------------------------------------------------------------
	+
	+include:
	+ - .grafana
	diff --git a/roles/webserver-alkane/nginx/files/vhosts/nasqueron.org/grafana.conf b/roles/webserver-alkane/nginx/files/vhosts/nasqueron.org/grafana.conf
	new file mode 100644
	index 0000000..e5f5232
	--- /dev/null
	+++ b/roles/webserver-alkane/nginx/files/vhosts/nasqueron.org/grafana.conf
	@@ -0,0 +1,69 @@
	+# -------------------------------------------------------------
	+# Webserver
	+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	+# Project: Nasqueron
	+# Site: grafana.nasqueron.org
	+# License: Trivial work, not eligible to copyright
	+# Source file: roles/webserver-alkane/nginx/files/vhosts/nasqueron.org/grafana.conf
	+# -------------------------------------------------------------
	+#
	+# <auto-generated>
	+# This file is managed by our rOPS SaltStack repository.
	+#
	+# Changes to this file may cause incorrect behavior
	+# and will be lost if the state is redeployed.
	+# </auto-generated>
	+
	+# -------------------------------------------------------------
	+# Back-end
	+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	+
	+upstream grafana {
	+ server unix:/var/run/web/grafana/grafana.sock;
	+}
	+
	+# -------------------------------------------------------------
	+# grafana.nasqueron.org configuration
	+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	+
	+server {
	+ listen 80;
	+ listen [::]:80;
	+ server_name grafana.nasqueron.org;
	+
	+ return 301 https://grafana.nasqueron.org$request_uri;
	+}
	+
	+server {
	+ server_name grafana.nasqueron.org;
	+
	+ include includes/tls;
	+ ssl_certificate /usr/local/etc/letsencrypt/live/grafana.nasqueron.org/fullchain.pem;
	+ ssl_certificate_key /usr/local/etc/letsencrypt/live/grafana.nasqueron.org/privkey.pem;
	+
	+ error_log /var/log/www/nasqueron.org/grafana-error.log;
	+ access_log /var/log/www/nasqueron.org/grafana-access.log;
	+
	+ include includes/letsencrypt;
	+
	+ location /public {
	+ alias /usr/local/share/grafana/public;
	+ }
	+
	+ location /public/plugins {
	+ alias /var/db/grafana/plugins;
	+ }
	+
	+ location / {
	+ proxy_pass http://grafana;
	+ include includes/proxy;
	+ }
	+
	+ location /api/live/ {
	+ proxy_http_version 1.1;
	+ proxy_set_header Upgrade $http_upgrade;
	+ proxy_set_header Connection $connection_upgrade;
	+ proxy_set_header Host $host;
	+ proxy_pass http://grafana;
	+ }
	+}
	diff --git a/top.sls b/top.sls
	index 3648e6f..0cb112b 100644
	--- a/top.sls
	+++ b/top.sls
	@@ -1,56 +1,57 @@
	# -------------------------------------------------------------
	# Salt configuration for Nasqueron servers
	# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	# Project: Nasqueron
	# Created: 2016-04-10
	# License: Trivial work, not eligible to copyright
	# -------------------------------------------------------------

	base:
	'*':
	- roles/core
	- roles/webserver-content
	'local':
	- roles/salt-primary
	'ysul':
	- roles/builder
	- roles/dbserver-mysql
	- roles/devserver
	- roles/viperserv
	- roles/webserver-core
	- roles/webserver-legacy
	- roles/webserver-varnish
	'windriver':
	- roles/builder
	- roles/dbserver-mysql
	- roles/dbserver-pgsql
	- roles/devserver
	+ - roles/grafana
	- roles/redis
	- roles/saas-nextcloud
	- roles/webserver-alkane
	- roles/webserver-core
	- roles/webserver-legacy
	'cloudhugger':
	- roles/opensearch
	'db-A-001':
	- roles/dbserver-pgsql
	'db-B-001':
	- roles/dbserver-mysql
	'docker-002':
	- roles/paas-docker
	'dwellers':
	- roles/paas-docker/docker
	- roles/paas-lxc/lxc
	- roles/saas-airflow
	'eglide':
	- roles/webserver-core
	- roles/shellserver
	'hervil':
	- roles/mailserver
	- roles/webserver-core
	- roles/webserver-alkane
	'web-001':
	- roles/webserver-core
	- roles/webserver-alkane
	- roles/saas-mediawiki
	- roles/saas-wordpress

File Metadata

Mime Type: text/x-diff
Expires: Thu, Dec 26, 20:18 (12 h, 22 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 2315301
Default Alt Text: (11 KB)

No OneTemporaryActions

View Options

File Metadata

Event Timeline

No OneTemporary
Actions