Bound the read-only storage on the local network address of the server (192.168.100.xxx)
instead of localhost to let the dev environment access them
Related to T3408
Details
Details
- Reviewers
ardumont - Group Reviewers
System administrators - Maniphest Tasks
- T3408: Provide read-only access to production servers
- Commits
- rSPSITE30a27bc6af13: webapp: bind the local storage to the internal network address
- saam
*** Running octocatalog-diff on host saam.internal.softwareheritage.org I, [2021-07-01T19:25:28.876581 #23571] INFO -- : Catalogs compiled for saam.internal.softwareheritage.org I, [2021-07-01T19:25:30.517152 #23571] INFO -- : Diffs computed for saam.internal.softwareheritage.org I, [2021-07-01T19:25:30.517197 #23571] INFO -- : No differences *** End octocatalog-diff on saam.internal.softwareheritage.org
- moma
*******************************************
Concat::Fragment[nginx-swh-storage-default-header] =>
parameters =>
content =>
@@ -1,5 +1,5 @@
# MANAGED BY PUPPET
server {
- listen 127.0.0.1:5002 default_server;
+ listen moma.internal.softwareheritage.org:5002 default_server;
_
_
*******************************************
Concat::Fragment[nginx-swh-storage-header] =>
parameters =>
content =>
@@ -1,5 +1,5 @@
# MANAGED BY PUPPET
server {
- listen 127.0.0.1:5002 deferred;
+ listen moma.internal.softwareheritage.org:5002 deferred;
_
_
*******************************************
Concat_fragment[nginx-swh-storage-default-header] =>
parameters =>
content =>
@@ -1,5 +1,5 @@
# MANAGED BY PUPPET
server {
- listen 127.0.0.1:5002 default_server;
+ listen moma.internal.softwareheritage.org:5002 default_server;
_
_
*******************************************
Concat_fragment[nginx-swh-storage-header] =>
parameters =>
content =>
@@ -1,5 +1,5 @@
# MANAGED BY PUPPET
server {
- listen 127.0.0.1:5002 deferred;
+ listen moma.internal.softwareheritage.org:5002 deferred;
_
_
*******************************************
File[/etc/softwareheritage/web/web.yml] =>
parameters =>
content =>
@@ -7,5 +7,5 @@
cls: remote
args:
- url: http://localhost:5002/
+ url: http://moma.internal.softwareheritage.org:5002/
vault:
cls: remote
*******************************************
Nginx::Resource::Server[nginx-swh-storage-default] =>
parameters =>
listen_ip =>
- 127.0.0.1
+ moma.internal.softwareheritage.org
*******************************************
Nginx::Resource::Server[nginx-swh-storage] =>
parameters =>
listen_ip =>
- 127.0.0.1
+ moma.internal.softwareheritage.org
*******************************************
*** End octocatalog-diff on moma.softwareheritage.org- webapp1
*******************************************
Concat::Fragment[nginx-swh-storage-default-header] =>
parameters =>
content =>
@@ -1,5 +1,5 @@
# MANAGED BY PUPPET
server {
- listen 127.0.0.1:5002 default_server;
+ listen webapp1.internal.softwareheritage.org:5002 default_server;
_
_
*******************************************
Concat::Fragment[nginx-swh-storage-header] =>
parameters =>
content =>
@@ -1,5 +1,5 @@
# MANAGED BY PUPPET
server {
- listen 127.0.0.1:5002 deferred;
+ listen webapp1.internal.softwareheritage.org:5002 deferred;
_
_
*******************************************
Concat_fragment[nginx-swh-storage-default-header] =>
parameters =>
content =>
@@ -1,5 +1,5 @@
# MANAGED BY PUPPET
server {
- listen 127.0.0.1:5002 default_server;
+ listen webapp1.internal.softwareheritage.org:5002 default_server;
_
_
*******************************************
Concat_fragment[nginx-swh-storage-header] =>
parameters =>
content =>
@@ -1,5 +1,5 @@
# MANAGED BY PUPPET
server {
- listen 127.0.0.1:5002 deferred;
+ listen webapp1.internal.softwareheritage.org:5002 deferred;
_
_
*******************************************
File[/etc/softwareheritage/web/web.yml] =>
parameters =>
content =>
@@ -7,5 +7,5 @@
cls: remote
args:
- url: http://localhost:5002/
+ url: http://webapp1.internal.softwareheritage.org:5002/
vault:
cls: remote
*******************************************
Nginx::Resource::Server[nginx-swh-storage-default] =>
parameters =>
listen_ip =>
- 127.0.0.1
+ webapp1.internal.softwareheritage.org
*******************************************
Nginx::Resource::Server[nginx-swh-storage] =>
parameters =>
listen_ip =>
- 127.0.0.1
+ webapp1.internal.softwareheritage.org
*******************************************
*** End octocatalog-diff on webapp1.internal.softwareheritage.orgDiff Detail
Diff Detail
- Repository
- rSPSITE puppet-swh-site
- Lint
Automatic diff as part of commit; lint not applicable. - Unit
Automatic diff as part of commit; unit tests not applicable.
Event Timeline
Comment Actions
lgtm, one question inline.
| data/hostname/moma.softwareheritage.org.yaml | ||
|---|---|---|
| 14 | curious me, why not the same as webapp1, "%{::fqdn}"? | |
| data/hostname/moma.softwareheritage.org.yaml | ||
|---|---|---|
| 14 | The default fqdn of moma is moma.softwareheritage.org so if the fqdn is used, the service will be bound to the public address. webapp1 has no interface on the public vlan, so I used the fqdn to be more generic. moma ~ % hostname -f moma.softwareheritage.org moma ~ % host moma.softwareheritage.org moma.softwareheritage.org is an alias for swh-arch-rp.inria.fr. swh-arch-rp.inria.fr has address 128.93.166.15 | |