Changeset View
Changeset View
Standalone View
Standalone View
data/deployments/staging/common.yaml
Show First 20 Lines • Show All 90 Lines • ▼ Show 20 Lines | |||||
# do not save pack | # do not save pack | ||||
swh::deploy::worker::loader_git::save_data_path: "" | swh::deploy::worker::loader_git::save_data_path: "" | ||||
swh::deploy::worker::loader_git::concurrency: 1 | swh::deploy::worker::loader_git::concurrency: 1 | ||||
zookeeper::clusters: | zookeeper::clusters: | ||||
rocquencourt_staging: | rocquencourt_staging: | ||||
'1': journal0.internal.staging.swh.network | '1': journal0.internal.staging.swh.network | ||||
'2': storage1.internal.staging.swh.network | |||||
kafka::broker::heap_opts: "-Xmx3G -Xms3G" | kafka::broker::heap_opts: "-Xmx3G -Xms3G" | ||||
kafka::clusters: | kafka::clusters: | ||||
rocquencourt_staging: | rocquencourt_staging: | ||||
zookeeper::chroot: '/kafka/softwareheritage' | zookeeper::chroot: '/kafka/softwareheritage' | ||||
zookeeper::servers: | zookeeper::servers: | ||||
- journal0.internal.staging.swh.network | - journal0.internal.staging.swh.network | ||||
- journal1.internal.staging.swh.network | |||||
brokers: | brokers: | ||||
journal0.internal.staging.swh.network: | journal0.internal.staging.swh.network: | ||||
id: 1 | id: 1 | ||||
public_hostname: broker0.journal.staging.swh.network | public_hostname: broker0.journal.staging.swh.network | ||||
storage1.internal.staging.swh.network: | |||||
id: 2 | |||||
olasd: You will need to create a letsencrypt certificate for `storage1.internal.staging.swh.network`… | |||||
Done Inline ActionsThanks, I forgot this even if I have created one to test locally :| rSENV5650b21f5abc0de430d77573e2e6b2cc8593ca3d vsellier: Thanks, I forgot this even if I have created one to test locally :|… | |||||
public_hostname: broker1.journal.staging.swh.network | |||||
broker::heap_opts: "%{alias('kafka::broker::heap_opts')}" | broker::heap_opts: "%{alias('kafka::broker::heap_opts')}" | ||||
superusers: | superusers: | ||||
- User:swh-admin-olasd | - User:swh-admin-olasd | ||||
# Users connecting in the plaintext endpoint are ANONYMOUS | # Users connecting in the plaintext endpoint are ANONYMOUS | ||||
# TODO: remove when explicit ACLs are given to producers | # TODO: remove when explicit ACLs are given to producers | ||||
- User:ANONYMOUS | - User:ANONYMOUS | ||||
tls: true | tls: true | ||||
plaintext_port: 9092 | plaintext_port: 9092 | ||||
public_tls_port: 9093 | public_tls_port: 9093 | ||||
internal_tls_port: 9094 | internal_tls_port: 9094 | ||||
cluster_config_overrides: | cluster_config_overrides: | ||||
offsets.topic.replication.factor: 1 # this is mandatory with only one node | offsets.topic.replication.factor: 1 # this is mandatory with only one node | ||||
public_listener_network: "%{alias('kafka::cluster::public_network')}" | public_listener_network: "%{alias('kafka::cluster::public_network')}" | ||||
swh::deploy::journal::brokers: | swh::deploy::journal::brokers: | ||||
- journal0.internal.staging.swh.network | - journal0.internal.staging.swh.network | ||||
- storage1.internal.staging.swh.network | |||||
swh::deploy::deposit::vhost::letsencrypt_cert: deposit_staging | swh::deploy::deposit::vhost::letsencrypt_cert: deposit_staging | ||||
swh::deploy::deposit::reverse_proxy::backend_http_host: deposit.internal.staging.swh.network | swh::deploy::deposit::reverse_proxy::backend_http_host: deposit.internal.staging.swh.network | ||||
swh::deploy::webapp::vhost::letsencrypt_cert: archive_staging | swh::deploy::webapp::vhost::letsencrypt_cert: archive_staging | ||||
swh::deploy::webapp::reverse_proxy::backend_http_host: webapp.internal.staging.swh.network | swh::deploy::webapp::reverse_proxy::backend_http_host: webapp.internal.staging.swh.network | ||||
swh::remote_service::objstorage::config::rw: | swh::remote_service::objstorage::config::rw: | ||||
▲ Show 20 Lines • Show All 198 Lines • Show Last 20 Lines |
You will need to create a letsencrypt certificate for storage1.internal.staging.swh.network, with a couple subjectaltnames (journal1.internal.staging.swh.network and broker1.journal.staging.swh.network)