Compare View

switch
from
...
to
 
Commits (3)
Rakefile
... ... @@ -34,8 +34,6 @@ if $SPB_ENV == 'lxc'
34 34 exit
35 35 end
36 36 config = YAML.load_file('config/local/config.yaml')
37   - config['external_ip'] = ips['reverseproxy']
38   - config['relay_ip'] = ips['email']
39 37 File.open(config_file, 'w') do |f|
40 38 f.puts(YAML.dump(config))
41 39 end
... ... @@ -155,7 +153,7 @@ task :preconfig => ssh_config_file do
155 153 puts "I: delete #{preconfig_file} to force running again"
156 154 else
157 155 sh 'scp', '-F', ssh_config_file, 'utils/reverseproxy_ssh_setup', 'reverseproxy.unconfigured:/tmp'
158   - sh 'ssh', '-F', ssh_config_file, 'reverseproxy.unconfigured', 'sudo', '/tmp/reverseproxy_ssh_setup', $ALT_SSH_PORT.to_s, ips['reverseproxy'], ips['integration']
  156 + sh 'ssh', '-F', ssh_config_file, 'reverseproxy.unconfigured', 'sudo', '/tmp/reverseproxy_ssh_setup', $ALT_SSH_PORT.to_s, config['external_ip'], ips['integration']
159 157  
160 158 File.open(preconfig_file, 'w') do |f|
161 159 f.puts($ALT_SSH_PORT)
... ...
config/prod/ips.yaml
... ... @@ -4,4 +4,4 @@ social: 10.21.0.5
4 4 email: 10.21.0.7
5 5 integration: 10.21.0.8
6 6 mezuro: 10.21.0.11
7   -monitor: 189.9.151.77
  7 +monitor: 10.21.0.10
... ...
config/sample/config.yaml 0 → 100644
... ... @@ -0,0 +1,90 @@
  1 +# This is a sample of config.yaml file. Make the changes according to your
  2 +# environment.
  3 +
  4 +# Valid RPM repository and gpgkey links of SoftwarePublico packages
  5 +# Default: "https://copr-be.cloud.fedoraproject.org/results/softwarepublico/v5/epel-7-$basearch/"
  6 +# "https://copr-be.cloud.fedoraproject.org/results/softwarepublico/v5/pubkey.gpg"
  7 +#
  8 +#rpm_repository: <RPM REPO>
  9 +#rpm_gpgkey: <RPM REPO GPG KEY>
  10 +
  11 +# Users admins for the environment
  12 +admins:
  13 + - ["USER NAME", "USER EMAIL"]
  14 +
  15 +# External domain name for Softwarepublico
  16 +# Example:
  17 +# site_url: https://softwarepublico.gov.br
  18 +# external_hostname: softwarepublico.gov.br
  19 +site_url: https://<SOFTWAREPUBLICO DOMAIN>
  20 +external_hostname: <SOFTWAREPUBLICO DOMAIN>
  21 +
  22 +# External domain for monitoring server
  23 +# Default: "status.sofwarepublico"
  24 +#
  25 +# This is for a production environment. You don't really needs that for
  26 +# development or test environments.
  27 +#
  28 +#monitor_external_hostname: <SOFTWAREPUBLICO STATUS DOMAIN>
  29 +
  30 +# Munin master private IP addr
  31 +#
  32 +# This also is used for production environment purposes
  33 +munin_master: <IP ADDR>
  34 +
  35 +# Raven dsn key for sentry
  36 +raven_dsn: <URL SENTRY KEY>
  37 +
  38 +# Alternatives hostname for Softwarepulico
  39 +#
  40 +#alternative_hostnames:
  41 +# - <ALT HOSTNAMES>
  42 +
  43 +# The public IP address for the reverseproxy machine
  44 +# If the public IP is provided from other machine, just put the private IP of
  45 +# the reverseproxy machine
  46 +external_ip: <IP ADDR>
  47 +
  48 +# Alternative port for ssh access of reverseproxy machine
  49 +alt_ssh_port: <PORT>
  50 +
  51 +# Configurations for the email reply.
  52 +#
  53 +# Example:
  54 +# colab_from_address: '"Softwarepublico" <noreply@softwarepublico.gov>'
  55 +# server_email: '"Softwarepublico" <noreply@softwarepublico.gov>'
  56 +# email_subject_prefix: '[spb]'
  57 +colab_from_address: '"EMAIL HEADER" <NOREPLY EMAIL>'
  58 +server_email: '"EMAIL HEADER" <NOREPLY EMAIL>'
  59 +email_subject_prefix: '[EMAIL PREFIX]'
  60 +
  61 +# Email list addresses
  62 +#
  63 +# Example:
  64 +# lists_admin: admin@admin.gov
  65 +# from_address: noreply@softwarepublico.gov
  66 +lists_admin: <ADM EMAIL ADDR>
  67 +from_address: <NOREPLY EMAIL>
  68 +
  69 +# Email hostnames
  70 +#
  71 +# Example:
  72 +# lists_hostname: listas.softwarepublico.gov
  73 +# relay_hostname: relay.softwarepublico.gov
  74 +lists_hostname: <LIST HOSTNAME>
  75 +relay_hostname: <RELAY HOSTNAME>
  76 +
  77 +# Relay external IP address. Used to send reply emails.
  78 +relay_ip: <IP ADDR>
  79 +external_outgoing_mail_relay: <IP ADDR>
  80 +external_outgoing_mail_domain: <EXTERNAL DOMAIN>
  81 +
  82 +# Google Analytics ID. Check out the google documentation for more information
  83 +# about the ID: https://support.google.com/analytics/answer/1032385?hl=pt-BR
  84 +google_analytics_id: '<ID>'
  85 +
  86 +# Numbers of workes for colab.
  87 +# Default: numbers of cpu * 2 + 1
  88 +#
  89 +# Make sure that you have enough resources for the amount of workers
  90 +#colab_http_workers: <NUMBER OF WORKERS>
... ...
config/sample/ips.yaml 0 → 100644
... ... @@ -0,0 +1,10 @@
  1 +# This file contains the IP of all the machines on the environment.
  2 +# All of them must be the private IP.
  3 +reverseproxy: <IP>
  4 +database: <IP>
  5 +social: <IP>
  6 +email: <IP>
  7 +integration: <IP>
  8 +mezuro: <IP>
  9 +monitor: <IP>
  10 +
... ...
config/sample/iptables-filter-rules 0 → 100644
... ... @@ -0,0 +1,2 @@
  1 +# Insert over here all additional iptables configuration that you need
  2 +# for your environment
... ...
config/sample/ssh_config 0 → 100644
... ... @@ -0,0 +1,50 @@
  1 +# This file contains the ssh configurations for access the SPB machines
  2 +Host *
  3 + ForwardAgent yes
  4 +
  5 +# The reverseproxy unconfigured is the reverseproxy machine
  6 +# before "rake preconfig" command
  7 +Host reverseproxy.unconfigured
  8 + User spb
  9 + Hostname <REVERSEPROXY UNCONFIGURED EXTERNAL IP>
  10 +
  11 +Host reverseproxy
  12 + User spb
  13 + Hostname <REVERSEPROXY INTERNAL IP>
  14 + # The port must be equals to the one defined on config.yaml file "alt_ssh_port"
  15 + Port <PORT>
  16 + ProxyCommand ssh spb@<REVERSEPROXY EXTERNAL IP> -p 22 nc %h %p
  17 +
  18 +Host integration
  19 + User spb
  20 + Hostname <REVERSEPROXY EXTERNAL IP>
  21 +
  22 +Host database
  23 + User spb
  24 + Hostname <DATABASE INTERNAL IP>
  25 + # connect via reverseproxy host
  26 + ProxyCommand ssh spb@<REVERSEPROXY EXTERNAL IP> -p %p nc %h 22
  27 +
  28 +Host social
  29 + User spb
  30 + Hostname <SOCIAL INTERNAL IP>
  31 + # connect via reverseproxy host
  32 + ProxyCommand ssh spb@<REVERSEPROXY EXTERNAL IP> -p %p nc %h 22
  33 +
  34 +Host email
  35 + User spb
  36 + Hostname <EMAIL INTERNAL IP>
  37 + # connect via reverseproxy host
  38 + ProxyCommand ssh spb@<REVERSEPROXY EXTERNAL IP> -p %p nc %h 22
  39 +
  40 +Host mezuro
  41 + User spb
  42 + Hostname <MAZURO INTERNAL IP>
  43 + # connect via reverseproxy host
  44 + ProxyCommand ssh spb@<REVERSEPROXY EXTERNAL IP> -p %p nc %h 22
  45 +
  46 +Host monitor
  47 + User spb
  48 + Hostname <MONITOR INTERNAL IP>
  49 + # connect via reverseproxy host
  50 + ProxyCommand ssh spb@<REVERSEPROXY EXTERNAL IP> -p %p nc %h 22
... ...
cookbooks/colab/recipes/default.rb
... ... @@ -130,6 +130,7 @@ template &#39;/etc/colab/settings.d/06-raven-settings.py&#39; do
130 130 group 'colab'
131 131 mode 0640
132 132 notifies :restart, 'service[colab]'
  133 + only_if { node['config']['raven_dsn'] }
133 134 end
134 135  
135 136 # Adding plugins for colab
... ...
cookbooks/loganalyzer/templates/nginx.conf.erb
... ... @@ -4,7 +4,7 @@ server {
4 4 root /usr/share/nginx/html/;
5 5 index index.php index.html index.htm;
6 6  
7   - server_name <%= node['config']['monitor_external_hostname'] %>;
  7 + server_name <%= node['config']['monitor_external_hostname'] || 'status.softwarepublico' %>;
8 8  
9 9 location /loganalyzer/images/ {
10 10 alias /usr/share/nginx/html/loganalyzer/images/;
... ...