diff --git a/data/deployments/production/common.yaml b/data/deployments/production/common.yaml index a53f269a..77246b9d 100644 --- a/data/deployments/production/common.yaml +++ b/data/deployments/production/common.yaml @@ -1,19 +1,20 @@ swh::deploy::deposit::reverse_proxy::backend_http_host: "::1" swh::deploy::webapp::reverse_proxy::backend_http_host: "::1" elasticsearch::config::cluster::name: swh-logging-prod elasticsearch::config::discovery::seed_hosts: - esnode1.internal.softwareheritage.org - esnode2.internal.softwareheritage.org - esnode3.internal.softwareheritage.org elasticsearch::config::cluster::initial_master_nodes: - esnode1 - esnode2 - esnode3 elasticsearch::config::extras: indices.memory.index_buffer_size: 50% index.store.type: hybridfs elasticsearch::jvm_options::heap_size: 16g +swh::postgresql::shared_buffers: 4GB diff --git a/data/deployments/production/vagrant.yaml b/data/deployments/production/vagrant.yaml index 6ba82087..8e6da343 100644 --- a/data/deployments/production/vagrant.yaml +++ b/data/deployments/production/vagrant.yaml @@ -1 +1,3 @@ elasticsearch::jvm_options::heap_size: 512m + +swh::postgresql::shared_buffers: 128MB diff --git a/data/hostname/bardo.softwareheritage.org.yaml b/data/hostname/bardo.softwareheritage.org.yaml new file mode 100644 index 00000000..c02e36d3 --- /dev/null +++ b/data/hostname/bardo.softwareheritage.org.yaml @@ -0,0 +1,32 @@ +groups: + hedgedoc: + gid: 6000 + +users: + hedgedoc: + uid: 6000 + shell: /bin/bash + groups: + - hedgedoc + +swh::postgresql::version: '12' +swh::postgresql::port: 5433 +swh::postgresql::cluster_name: "%{lookup('swh::postgresql::version')}/main" +swh::postgresql::datadir_base: "%{lookup('swh::base_directory')}/postgres" +swh::postgresql::datadir: "%{lookup('swh::postgresql::datadir_base')}/%{lookup('swh::postgresql::cluster_name')}" +swh::postgresql::listen_addresses: + - 0.0.0.0 +swh::postgresql::network_accesses: + - 192.168.100.0/24 # Monitoring + - 192.168.130.0/24 # Staging services + +postgresql::globals::version: "%{alias('swh::postgresql::version')}" + +postgresql::server::config_entries: + shared_buffers: "%{alias('swh::postgresql::shared_buffers')}" + cluster_name: "%{alias('swh::postgresql::cluster_name')}" + +swh::dbs: + hedgedoc: + name: hedgedoc + user: hedgedoc diff --git a/data/subnets/vagrant.yaml b/data/subnets/vagrant.yaml index e1d8417f..78390f81 100644 --- a/data/subnets/vagrant.yaml +++ b/data/subnets/vagrant.yaml @@ -1,137 +1,139 @@ --- # forwarder for : # - swh network # - Inria network # - external network dns::forwarders: - 192.168.100.29 - 192.168.200.22 - 128.93.77.234 - 1.1.1.1 dns::forwarder_insecure: true ntp::servers: - sesi-ntp1.inria.fr - sesi-ntp2.inria.fr networks::manage_interfaces: false internal_network: 10.168.128.0/16 networks::private_routes: {} smtp::relay_hostname: 'none' swh::postgresql::network_accesses: - 10.168.100.0/24 swh::deploy::worker::instances: - checker_deposit - lister - loader_archive - loader_cran - loader_debian - loader_deposit - loader_git - loader_mercurial - loader_nixguix - loader_npm - loader_pypi - loader_svn dns::forward_zones: { } netbox::vhost::letsencrypt_cert: inventory-vagrant netbox::vhost::name: inventory-vagrant.internal.softwareheritage.org netbox::mail::from: inventory+vagrant@softwareheritage.org netbox::admin::email: sysop+vagrant@softwareheritage.org kafka::cluster::public_network: 10.168.130.0/24 static_hostnames: + 10.168.50.10: + host: bardo.softwareheritage.org 10.168.100.18: host: banco.internal.softwareheritage.org aliases: - backup.internal.softwareheritage.org - kibana.internal.softwareheritage.org 10.168.100.19: host: logstash0.internal.softwareheritage.org aliases: - logstash.internal.softwareheritage.org 10.168.100.29: host: pergamon.internal.softwareheritage.org aliases: - icinga.internal.softwareheritage.org - grafana.softwareheritage.org - stats.export.softwareheritage 10.168.100.30: host: jenkins.softwareheritage.org 10.168.100.31: host: moma.internal.softwareheritage.org aliases: - archive.internal.softwareheritage.org - deposit.internal.softwareheritage.org 10.168.100.52: host: riverside.internal.softwareheritage.org aliases: - sentry.softwareheritage.org 10.168.100.61: host: esnode1.internal.softwareheritage.org 10.168.100.62: host: esnode2.internal.softwareheritage.org 10.168.100.63: host: esnode3.internal.softwareheritage.org 10.168.100.104: host: saatchi.internal.softwareheritage.org aliases: - rabbitmq.internal.softwareheritage.org 10.168.100.106: host: kelvingrove.internal.softwareheritage.org aliases: - auth.softwareheritage.org 10.168.100.109: host: saam.internal.softwareheritage.org 10.168.100.131: host: zookeeper1.internal.softwareheritage.org 10.168.100.132: host: zookeeper2.internal.softwareheritage.org 10.168.100.133: host: zookeeper3.internal.softwareheritage.org 10.168.100.210: host: belvedere.internal.softwareheritage.org aliases: - db.internal.softwareheritage.org 10.168.100.199: host: bojimans.internal.softwareheritage.org aliases: - inventory.internal.softwareheritage.org 10.168.130.11: host: db1.internal.staging.swh.network 10.168.130.20: host: rp0.internal.staging.swh.network aliases: - webapp.staging.swh.network - deposit.staging.swh.network - objstorage.staging.swh.network 10.168.130.30: host: webapp.internal.staging.swh.network 10.168.130.31: host: deposit.internal.staging.swh.network 10.168.130.41: host: storage1.internal.staging.swh.network 10.168.130.50: host: scheduler0.internal.staging.swh.network 10.168.130.60: host: vault.internal.staging.swh.network 10.168.130.70: host: journal0.internal.staging.swh.network aliases: - broker0.journal.staging.swh.network 10.168.130.80: host: search-esnode0.internal.staging.swh.network 10.168.130.90: host: search0.internal.staging.swh.network 10.168.130.110: host: objstorage0.internal.staging.swh.network 10.168.130.200: host: clearly-defined.internal.staging.swh.network diff --git a/manifests/site.pp b/manifests/site.pp index edce590c..0466a91b 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -1,198 +1,202 @@ node 'louvre.internal.softwareheritage.org' { include role::swh_server } node /^(orsay|beaubourg|hypervisor\d+|branly|pompidou|uffizi)\.(internal\.)?softwareheritage\.org$/ { include role::swh_hypervisor } node 'pergamon.softwareheritage.org' { include role::swh_sysadmin include profile::export_archive_counters } node 'tate.softwareheritage.org' { include role::swh_forge } node 'moma.softwareheritage.org' { include role::swh_rp_webapps } node 'webapp0.softwareheritage.org' { include role::swh_rp_webapp } node 'saatchi.internal.softwareheritage.org' { include role::swh_scheduler } node /^(belvedere|somerset).(internal.)?softwareheritage.org$/ { include role::swh_database include profile::pgbouncer } node 'banco.softwareheritage.org' { include role::swh_backup include role::postgresql_backup } node /^esnode\d+.(internal.)?softwareheritage.org$/ { include role::swh_elasticsearch } node /^kafka\d+\./ { include role::swh_kafka_broker } node /^cassandra\d+\./ { include role::swh_cassandra_node } node 'granet.internal.softwareheritage.org' { include role::swh_graph_backend } node /^(unibo-prod|vangogh).(euwest.azure.)?(internal.)?softwareheritage.org$/ { include role::swh_vault } node /^saam\.(internal\.)?softwareheritage\.org$/ { include role::swh_storage_baremetal } node 'storage01.euwest.azure.internal.softwareheritage.org' { include role::swh_storage_cloud } node 'storage02.euwest.azure.internal.softwareheritage.org' { include role::swh_storage_cassandra } node /^getty.(internal.)?softwareheritage.org$/ { include role::swh_journal_orchestrator } node /^worker\d+\.(internal\.)?softwareheritage\.org$/ { include role::swh_worker_inria } node /^worker\d+\..*\.azure\.internal\.softwareheritage\.org$/ { include role::swh_worker_azure } node /^dbreplica(0|1)\.euwest\.azure\.internal\.softwareheritage\.org$/ { include role::swh_database } node /^ceph-osd\d+\.internal\.softwareheritage\.org$/ { include role::swh_ceph_osd } node /^ceph-mon\d+\.internal\.softwareheritage\.org$/ { include role::swh_ceph_mon } node /^ns\d+\.(.*\.azure\.)?internal\.softwareheritage\.org/ { include role::swh_nameserver_secondary } node 'thyssen.internal.softwareheritage.org' { include role::swh_ci_server } node 'riverside.internal.softwareheritage.org' { include role::swh_sentry } node /^jenkins-debian\d+\.internal\.softwareheritage\.org$/ { include role::swh_ci_agent_debian } node 'logstash0.internal.softwareheritage.org' { include role::swh_logstash_instance } node 'kibana0.internal.softwareheritage.org' { include role::swh_kibana_instance } node 'kelvingrove.internal.softwareheritage.org' { include role::swh_idp_primary } node 'giverny.softwareheritage.org' { include role::swh_desktop } node /^db\d\.internal\.staging\.swh\.network$/ { include role::swh_database include profile::postgresql::server include profile::pgbouncer include profile::postgresql::client } +node bardo.softwareheritage.org { + include role::swh_hedgedoc +} + node 'scheduler0.internal.staging.swh.network' { include role::swh_scheduler include profile::postgresql::client } node 'gateway.internal.staging.swh.network' { include role::swh_gateway } node /^storage\d\.internal\.staging\.swh\.network$/ { include role::swh_base_storage include profile::postgresql::client include profile::swh::deploy::journal::backfill } node /^worker\d\.internal\.staging\.swh\.network$/ { include role::swh_worker_inria } node /^search-esnode\d\.internal\.staging\.swh\.network$/ { include role::swh_elasticsearch } node /^search\d\.internal\.staging\.swh\.network$/ { include role::swh_search_with_journal_client } node 'webapp.internal.staging.swh.network' { include role::swh_webapp } node 'deposit.internal.staging.swh.network' { include role::swh_deposit } node 'vault.internal.staging.swh.network' { include role::swh_vault } node /^rp\d\.internal\.staging\.swh\.network$/ { include role::swh_reverse_proxy } node 'journal0.internal.staging.swh.network' { include role::swh_journal_allinone } # Read-only storage for mirrors node 'objstorage0.internal.staging.swh.network' { include role::swh_remote_objstorage } node 'bojimans.internal.softwareheritage.org' { include role::swh_netbox } node 'clearly-defined.internal.staging.swh.network' { include role::swh_db_client } node default { include role::swh_base } diff --git a/site-modules/profile/manifests/hedgedoc.pp b/site-modules/profile/manifests/hedgedoc.pp new file mode 100644 index 00000000..ea133ac2 --- /dev/null +++ b/site-modules/profile/manifests/hedgedoc.pp @@ -0,0 +1,10 @@ +# deploy a hedgedoc instance +class profile::hedgedoc { + + $packages = [ + 'npm', 'yarnpkg', 'node-gyp' + ] + + ensure_packages ( $packages ) + +} diff --git a/site-modules/role/manifests/swh_hedgedoc.pp b/site-modules/role/manifests/swh_hedgedoc.pp new file mode 100644 index 00000000..792bfb35 --- /dev/null +++ b/site-modules/role/manifests/swh_hedgedoc.pp @@ -0,0 +1,4 @@ +class role::swh_hedgedoc inherits role::swh_database { + include profile::postgresql::server + include profile::hedgedoc +}