2fc2d4be4e
The OpenStackID project has been rebranded, and the old openstackid.org deployment is being retained temporarily in order to ease transition, but id.openinfra.dev is in place now and intended as its successor. This will be used to test the IDP transition before applying a similar change and scripted database edits to production. Change-Id: Ia79f10d34d829784733ae43c9266241a57af9c23
250 lines
10 KiB
Puppet
250 lines
10 KiB
Puppet
# Node-OS: xenial
|
|
node /^health\d*\.openstack\.org$/ {
|
|
$group = "health"
|
|
class { 'openstack_project::server': }
|
|
class { 'openstack_project::openstack_health_api':
|
|
subunit2sql_db_host => hiera('subunit2sql_db_host', 'localhost'),
|
|
hostname => 'health.openstack.org',
|
|
}
|
|
}
|
|
|
|
# Node-OS: xenial
|
|
node /^cacti\d+\.open.*\.org$/ {
|
|
$group = "cacti"
|
|
class { 'openstack_project::cacti':
|
|
cacti_hosts => hiera_array('cacti_hosts'),
|
|
vhost_name => 'cacti.openstack.org',
|
|
}
|
|
}
|
|
|
|
# Node-OS: xenial
|
|
node /^ethercalc\d+\.open.*\.org$/ {
|
|
$group = "ethercalc"
|
|
class { 'openstack_project::server': }
|
|
|
|
class { 'openstack_project::ethercalc':
|
|
vhost_name => 'ethercalc.openstack.org',
|
|
ssl_cert_file => '/etc/letsencrypt-certs/ethercalc.openstack.org/ethercalc.openstack.org.cer',
|
|
ssl_key_file => '/etc/letsencrypt-certs/ethercalc.openstack.org/ethercalc.openstack.org.key',
|
|
ssl_chain_file => '/etc/letsencrypt-certs/ethercalc.openstack.org/ca.cer',
|
|
}
|
|
}
|
|
|
|
# Node-OS: xenial
|
|
node /^wiki\d+\.openstack\.org$/ {
|
|
$group = "wiki"
|
|
class { 'openstack_project::wiki':
|
|
bup_user => 'bup-wiki',
|
|
serveradmin => hiera('infra_apache_serveradmin'),
|
|
site_hostname => 'wiki.openstack.org',
|
|
ssl_cert_file_contents => hiera('ssl_cert_file_contents'),
|
|
ssl_key_file_contents => hiera('ssl_key_file_contents'),
|
|
ssl_chain_file_contents => hiera('ssl_chain_file_contents'),
|
|
wg_dbserver => hiera('wg_dbserver'),
|
|
wg_dbname => 'openstack_wiki',
|
|
wg_dbuser => 'wikiuser',
|
|
wg_dbpassword => hiera('wg_dbpassword'),
|
|
wg_secretkey => hiera('wg_secretkey'),
|
|
wg_upgradekey => hiera('wg_upgradekey'),
|
|
wg_recaptchasitekey => hiera('wg_recaptchasitekey'),
|
|
wg_recaptchasecretkey => hiera('wg_recaptchasecretkey'),
|
|
wg_googleanalyticsaccount => hiera('wg_googleanalyticsaccount'),
|
|
}
|
|
}
|
|
|
|
# Node-OS: xenial
|
|
node /^wiki-dev\d+\.openstack\.org$/ {
|
|
$group = "wiki-dev"
|
|
class { 'openstack_project::wiki':
|
|
serveradmin => hiera('infra_apache_serveradmin'),
|
|
site_hostname => 'wiki-dev.openstack.org',
|
|
wg_dbserver => hiera('wg_dbserver'),
|
|
wg_dbname => 'openstack_wiki',
|
|
wg_dbuser => 'wikiuser',
|
|
wg_dbpassword => hiera('wg_dbpassword'),
|
|
wg_secretkey => hiera('wg_secretkey'),
|
|
wg_upgradekey => hiera('wg_upgradekey'),
|
|
wg_recaptchasitekey => hiera('wg_recaptchasitekey'),
|
|
wg_recaptchasecretkey => hiera('wg_recaptchasecretkey'),
|
|
disallow_robots => true,
|
|
}
|
|
}
|
|
|
|
# Node-OS: xenial
|
|
node /^logstash\d*\.open.*\.org$/ {
|
|
class { 'openstack_project::server': }
|
|
|
|
class { 'openstack_project::logstash':
|
|
discover_nodes => [
|
|
'elasticsearch03.openstack.org:9200',
|
|
'elasticsearch04.openstack.org:9200',
|
|
'elasticsearch05.openstack.org:9200',
|
|
'elasticsearch06.openstack.org:9200',
|
|
'elasticsearch07.openstack.org:9200',
|
|
'elasticsearch02.openstack.org:9200',
|
|
],
|
|
subunit2sql_db_host => hiera('subunit2sql_db_host', ''),
|
|
subunit2sql_db_pass => hiera('subunit2sql_db_password', ''),
|
|
}
|
|
}
|
|
|
|
# Node-OS: xenial
|
|
node /^logstash-worker\d+\.open.*\.org$/ {
|
|
$group = 'logstash-worker'
|
|
|
|
$elasticsearch_nodes = [
|
|
'elasticsearch02.openstack.org',
|
|
'elasticsearch03.openstack.org',
|
|
'elasticsearch04.openstack.org',
|
|
'elasticsearch05.openstack.org',
|
|
'elasticsearch06.openstack.org',
|
|
'elasticsearch07.openstack.org',
|
|
]
|
|
|
|
class { 'openstack_project::server': }
|
|
|
|
class { 'openstack_project::logstash_worker':
|
|
discover_node => 'elasticsearch03.openstack.org',
|
|
enable_mqtt => false,
|
|
mqtt_password => hiera('mqtt_service_user_password'),
|
|
mqtt_ca_cert_contents => hiera('mosquitto_tls_ca_file'),
|
|
}
|
|
}
|
|
|
|
# Node-OS: xenial
|
|
node /^subunit-worker\d+\.open.*\.org$/ {
|
|
$group = "subunit-worker"
|
|
class { 'openstack_project::server': }
|
|
class { 'openstack_project::subunit_worker':
|
|
subunit2sql_db_host => hiera('subunit2sql_db_host', ''),
|
|
subunit2sql_db_pass => hiera('subunit2sql_db_password', ''),
|
|
mqtt_pass => hiera('mqtt_service_user_password'),
|
|
mqtt_ca_cert_contents => hiera('mosquitto_tls_ca_file'),
|
|
}
|
|
}
|
|
|
|
# Node-OS: xenial
|
|
node /^elasticsearch\d+\.open.*\.org$/ {
|
|
$group = "elasticsearch"
|
|
|
|
$elasticsearch_nodes = [
|
|
'elasticsearch02.openstack.org',
|
|
'elasticsearch03.openstack.org',
|
|
'elasticsearch04.openstack.org',
|
|
'elasticsearch05.openstack.org',
|
|
'elasticsearch06.openstack.org',
|
|
'elasticsearch07.openstack.org',
|
|
]
|
|
|
|
class { 'openstack_project::server': }
|
|
class { 'openstack_project::elasticsearch_node':
|
|
discover_nodes => $elasticsearch_nodes,
|
|
}
|
|
}
|
|
|
|
# A machine to run Storyboard
|
|
# Node-OS: xenial
|
|
node /^storyboard\d+\.opendev\.org$/ {
|
|
$group = "storyboard"
|
|
class { 'openstack_project::storyboard':
|
|
project_config_repo => 'https://opendev.org/openstack/project-config',
|
|
mysql_host => hiera('storyboard_db_host', 'localhost'),
|
|
mysql_user => hiera('storyboard_db_user', 'username'),
|
|
mysql_password => hiera('storyboard_db_password'),
|
|
rabbitmq_user => hiera('storyboard_rabbit_user', 'username'),
|
|
rabbitmq_password => hiera('storyboard_rabbit_password'),
|
|
ssl_cert => '/etc/letsencrypt-certs/storyboard.openstack.org/storyboard.openstack.org.cer',
|
|
ssl_key => '/etc/letsencrypt-certs/storyboard.openstack.org/storyboard.openstack.org.key',
|
|
ssl_ca => '/etc/letsencrypt-certs/storyboard.openstack.org/ca.cer',
|
|
hostname => 'storyboard.openstack.org',
|
|
valid_oauth_clients => ['storyboard.openstack.org',],
|
|
cors_allowed_origins => ['https://storyboard.openstack.org',],
|
|
sender_email_address => 'storyboard@storyboard.openstack.org',
|
|
default_url => 'https://storyboard.openstack.org',
|
|
}
|
|
}
|
|
|
|
# A machine to run Storyboard devel
|
|
# Node-OS: xenial
|
|
node /^storyboard-dev\d+\.opendev\.org$/ {
|
|
$group = "storyboard-dev"
|
|
class { 'openstack_project::storyboard::dev':
|
|
project_config_repo => 'https://opendev.org/openstack/project-config',
|
|
mysql_host => hiera('storyboard_db_host', 'localhost'),
|
|
mysql_user => hiera('storyboard_db_user', 'username'),
|
|
mysql_password => hiera('storyboard_db_password'),
|
|
rabbitmq_user => hiera('storyboard_rabbit_user', 'username'),
|
|
rabbitmq_password => hiera('storyboard_rabbit_password'),
|
|
hostname => 'storyboard-dev.openstack.org',
|
|
valid_oauth_clients => ['^.*',],
|
|
cors_allowed_origins => ['^.*',],
|
|
sender_email_address => 'storyboard-dev@storyboard-dev.openstack.org',
|
|
default_url => 'https://storyboard-dev.openstack.org',
|
|
}
|
|
|
|
}
|
|
|
|
# A machine to serve various project status updates.
|
|
# Node-OS: xenial
|
|
node /^status\d*\.open.*\.org$/ {
|
|
$group = 'status'
|
|
|
|
class { 'openstack_project::server': }
|
|
|
|
class { 'openstack_project::status':
|
|
gerrit_host => 'review.opendev.org',
|
|
gerrit_ssh_host_key => hiera('gerrit_ssh_rsa_pubkey_contents'),
|
|
reviewday_ssh_public_key => hiera('reviewday_rsa_pubkey_contents'),
|
|
reviewday_ssh_private_key => hiera('reviewday_rsa_key_contents'),
|
|
recheck_ssh_public_key => hiera('elastic-recheck_gerrit_ssh_public_key'),
|
|
recheck_ssh_private_key => hiera('elastic-recheck_gerrit_ssh_private_key'),
|
|
recheck_bot_nick => 'openstackrecheck',
|
|
recheck_bot_passwd => hiera('elastic-recheck_ircbot_password'),
|
|
}
|
|
}
|
|
|
|
# Node-OS: xenial
|
|
node /^translate\d+\.open.*\.org$/ {
|
|
$group = "translate"
|
|
class { 'openstack_project::server': }
|
|
class { 'openstack_project::translate':
|
|
admin_users => 'aeng,cboylan,eumel8,ianw,ianychoi,infra,jaegerandi,mordred,stevenk',
|
|
openid_url => 'https://openstackid.org',
|
|
listeners => ['ajp'],
|
|
from_address => 'noreply@openstack.org',
|
|
mysql_host => hiera('translate_mysql_host', 'localhost'),
|
|
mysql_password => hiera('translate_mysql_password'),
|
|
zanata_server_user => hiera('proposal_zanata_user'),
|
|
zanata_server_api_key => hiera('proposal_zanata_api_key'),
|
|
zanata_wildfly_version => '10.1.0',
|
|
zanata_wildfly_install_url => 'https://repo1.maven.org/maven2/org/wildfly/wildfly-dist/10.1.0.Final/wildfly-dist-10.1.0.Final.tar.gz',
|
|
zanata_main_version => 4,
|
|
zanata_url => 'https://github.com/zanata/zanata-platform/releases/download/platform-4.3.3/zanata-4.3.3-wildfly.zip',
|
|
zanata_checksum => 'eaf8bd07401dade758b677007d2358f173193d17',
|
|
project_config_repo => 'https://opendev.org/openstack/project-config',
|
|
ssl_cert_file => '/etc/letsencrypt-certs/translate.openstack.org/translate.openstack.org.cer',
|
|
ssl_key_file => '/etc/letsencrypt-certs/translate.openstack.org/translate.openstack.org.key',
|
|
ssl_chain_file => '/etc/letsencrypt-certs/translate.openstack.org/ca.cer',
|
|
vhost_name => 'translate.openstack.org',
|
|
}
|
|
}
|
|
|
|
# Node-OS: xenial
|
|
node /^translate-dev\d*\.open.*\.org$/ {
|
|
$group = "translate-dev"
|
|
class { 'openstack_project::translate_dev':
|
|
admin_users => 'aeng,cboylan,eumel,eumel8,ianw,ianychoi,infra,jaegerandi,mordred,stevenk',
|
|
openid_url => 'https://id.openinfra.dev',
|
|
listeners => ['ajp'],
|
|
from_address => 'noreply@openstack.org',
|
|
mysql_host => hiera('translate_dev_mysql_host', 'localhost'),
|
|
mysql_password => hiera('translate_dev_mysql_password'),
|
|
zanata_server_user => hiera('proposal_zanata_user'),
|
|
zanata_server_api_key => hiera('proposal_zanata_api_key'),
|
|
project_config_repo => 'https://opendev.org/openstack/project-config',
|
|
vhost_name => 'translate-dev.openstack.org',
|
|
}
|
|
}
|
|
|
|
# vim:sw=2:ts=2:expandtab:textwidth=79
|