diff --git a/data/defaults.yaml b/data/defaults.yaml --- a/data/defaults.yaml +++ b/data/defaults.yaml @@ -1372,6 +1372,12 @@ args: url: "http://orangerie.internal.softwareheritage.org:%{hiera('swh::remote_service::vault::port')}/" +# Vault backend configuration on azure +swh::remote_service::vault::config::azure: + cls: remote + args: + url: "http://vangogh.euwest.azure.internal.softwareheritage.org:%{hiera('swh::remote_service::vault::port')}/" + # End remote service configurations ##################################################################################################### diff --git a/data/hostname/orangerie.internal.softwareheritage.org.yaml b/data/hostname/orangerie.internal.softwareheritage.org.yaml --- a/data/hostname/orangerie.internal.softwareheritage.org.yaml +++ b/data/hostname/orangerie.internal.softwareheritage.org.yaml @@ -1,8 +1,5 @@ ssh::port: 7022 -# open objstorage api -swh::deploy::objstorage::backend::listen::host: 0.0.0.0 -swh::deploy::objstorage::backend::listen::host: 0.0.0.0 swh::deploy::objstorage::directory: "%{hiera('swh::deploy::vault::cache')}" swh::deploy::vault::backend::listen::host: 0.0.0.0 diff --git a/data/hostname/orangeriedev.internal.softwareheritage.org.yaml b/data/hostname/orangeriedev.internal.softwareheritage.org.yaml --- a/data/hostname/orangeriedev.internal.softwareheritage.org.yaml +++ b/data/hostname/orangeriedev.internal.softwareheritage.org.yaml @@ -1,8 +1,5 @@ ssh::port: 7022 -# open objstorage api -swh::deploy::objstorage::backend::listen::host: 0.0.0.0 -swh::deploy::objstorage::backend::listen::host: 0.0.0.0 swh::deploy::objstorage::directory: "%{hiera('swh::deploy::vault::cache')}" swh::deploy::vault::db::host: orangeriedev diff --git a/data/hostname/vangogh.euwest.azure.internal.softwareheritage.org.yaml b/data/hostname/vangogh.euwest.azure.internal.softwareheritage.org.yaml new file mode 100644 --- /dev/null +++ b/data/hostname/vangogh.euwest.azure.internal.softwareheritage.org.yaml @@ -0,0 +1,15 @@ +# open vault api +swh::deploy::vault::backend::listen::host: 0.0.0.0 + +# vault's cache backend is an azure objstorage +swh::deploy::vault::config::cache: + cls: azure + args: + account_name: "%{hiera('swh::azure::credentials::vaultstorage::account')}" + api_secret_key: "%{hiera('swh::azure::credentials::vaultstorage::key')}" + container_name: contents + +swh::remote_service::storage::config: "%{alias('swh::remote_service::storage::config::azure')}" + +# No workers +swh::deploy::worker::instances: [] diff --git a/manifests/site.pp b/manifests/site.pp --- a/manifests/site.pp +++ b/manifests/site.pp @@ -47,7 +47,7 @@ include role::swh_vault_test } -node /^(unibo-prod|orangerie).(internal.)?softwareheritage.org$/ { +node /^(unibo-prod|orangerie|vangogh).(euwest.azure.)?(internal.)?softwareheritage.org$/ { include role::swh_vault } diff --git a/site-modules/role/manifests/swh_vault.pp b/site-modules/role/manifests/swh_vault.pp --- a/site-modules/role/manifests/swh_vault.pp +++ b/site-modules/role/manifests/swh_vault.pp @@ -1,9 +1,4 @@ class role::swh_vault inherits role::swh_server { include profile::puppet::agent include profile::swh::deploy::vault - - include profile::munin::plugins::postgresql - include profile::postgresql - - include profile::swh::deploy::objstorage }