diff --git a/data/hostname/webapp.internal.staging.swh.network.yaml b/data/hostname/webapp.internal.staging.swh.network.yaml index d62ac6a7..f0201ef2 100644 --- a/data/hostname/webapp.internal.staging.swh.network.yaml +++ b/data/hostname/webapp.internal.staging.swh.network.yaml @@ -1,84 +1,84 @@ networks: default: interface: eth0 address: 192.168.128.8 netmask: 255.255.255.0 gateway: 192.168.128.1 hitch::frontend: "[*]:443" hitch::proxy_support: true varnish::http_port: 80 apache::http_port: 9080 # Disable default vhost on port 80 apache::default_vhost: false swh::deploy::webapp::vhost::name: webapp.internal.staging.swh.network swh::deploy::webapp::vhost::aliases: - webapp.staging.swh.network - webapp.staging.softwareheritage.org swh::deploy::webapp::config::allowed_hosts: - webapp.internal.staging.swh.network - webapp.staging.swh.network - webapp.staging.softwareheritage.org swh::deploy::webapp::backend::workers: 16 swh::deploy::webapp::backend::http_keepalive: 5 swh::deploy::webapp::backend::http_timeout: 3600 swh::deploy::webapp::backend::reload_mercy: 3600 # in private data: # deposit_basic_auth_swhworker_username # deposit_basic_auth_swhworker_password swh::deploy::webapp::config: storage: "%{alias('swh::remote_service::storage::config')}" vault: "%{alias('swh::remote_service::vault::config::writable')}" indexer_storage: "%{alias('swh::remote_service::indexer::config')}" scheduler: "%{alias('swh::remote_service::scheduler::config::writable')}" log_dir: "%{hiera('swh::deploy::webapp::conf::log_dir')}" secret_key: "%{hiera('swh::deploy::webapp::conf::secret_key')}" content_display_max_size: 1048576 throttling: cache_uri: "%{hiera('memcached::server::bind')}:%{hiera('memcached::server::port')}" scopes: swh_api: limiter_rate: default: 120/h exempted_networks: - 127.0.0.0/8 - 192.168.100.0/23 - 129.168.128.0/24 swh_api_origin_visit_latest: # This endpoint gets called a lot (by default, up to 70 times # per origin search), so it deserves a much higher rate-limit # than the rest of the API. limiter_rate: default: 700/m exempted_networks: - 127.0.0.0/8 - 192.168.100.0/23 - 192.168.128.0/24 swh_vault_cooking: limiter_rate: default: 120/h GET: 60/m exempted_networks: - 127.0.0.0/8 - 192.168.100.0/23 - 192.168.128.0/24 swh_save_origin: limiter_rate: default: 120/h POST: 10/h exempted_networks: - 127.0.0.0/8 - 192.168.100.0/23 - 129.168.128.0/24 allowed_hosts: "%{alias('swh::deploy::webapp::config::allowed_hosts')}" production_db: "%{hiera('swh::deploy::webapp::production_db')}" deposit: - private_api_url: https://deposit.internal.swh.staging/1/private/ + private_api_url: "%{hiera('swh::deploy::webapp::deposit::private::url')}" private_api_user: "%{hiera('deposit_basic_auth_swhworker_username')}" private_api_password: "%{hiera('deposit_basic_auth_swhworker_password')}" diff --git a/data/location/sesi_rocquencourt_staging.yaml b/data/location/sesi_rocquencourt_staging.yaml index 2d108a40..c75c00d1 100644 --- a/data/location/sesi_rocquencourt_staging.yaml +++ b/data/location/sesi_rocquencourt_staging.yaml @@ -1,111 +1,113 @@ --- dar::backup::enable: false dns::local_cache: false dns::nameservers: - 192.168.100.29 dns::search_domains: - internal.staging.swh.network dns::forward_zones: 'internal.softwareheritage.org.': - 192.168.100.29 '100.168.192.in-addr.arpa.': - 192.168.100.29 '101.168.192.in-addr.arpa.': - 192.168.100.29 'internal.staging.swh.network': - 192.168.100.29 '128.168.192.in-addr.arpa.': - 192.168.100.29 dns::forwarders: - 193.51.196.130 - 193.51.196.131 dns::forwarder_insecure: true ntp::servers: - sesi-ntp1.inria.fr - sesi-ntp2.inria.fr internal_network: 192.168.128.0/24 smtp::relayhost: '[smtp.inria.fr]' swh::deploy::storage::db::host: db0.internal.staging.swh.network swh::deploy::storage::db::port: "%{alias('swh::deploy::db::pgbouncer::port')}" swh::deploy::storage::db::user: swh swh::deploy::storage::db::dbname: swh swh::deploy::indexer::storage::db::host: db0.internal.staging.swh.network swh::deploy::indexer::storage::db::port: "%{alias('swh::deploy::db::pgbouncer::port')}" swh::deploy::indexer::storage::db::user: swh-indexer swh::deploy::indexer::storage::db::dbname: swh-indexer swh::deploy::scheduler::db::host: db0.internal.staging.swh.network swh::deploy::scheduler::db::port: "%{alias('swh::deploy::db::pgbouncer::port')}" swh::deploy::scheduler::db::dbname: swh-scheduler swh::deploy::scheduler::db::user: swh-scheduler swh::deploy::deposit::db::host: deposit.internal.staging.swh.network swh::deploy::deposit::db::port: "%{alias('swh::deploy::db::pgbouncer::port')}" swh::deploy::deposit::db::dbuser: swh-deposit swh::deploy::deposit::db::dbname: swh-deposit swh::deploy::vault::db::host: db0.internal.staging.swh.network swh::deploy::vault::db::port: "%{alias('swh::deploy::db::pgbouncer::port')}" swh::deploy::vault::db::user: swh-vault swh::deploy::vault::db::dbname: swh-vault swh::deploy::worker::instances: - loader_git - vault_cooker #### Rabbitmq instance to use # swh::deploy::worker::task_broker::password in private data swh::deploy::worker::task_broker: "amqp://swhconsumer:%{hiera('swh::deploy::worker::task_broker::password')}@scheduler0.internal.staging.swh.network:5672//" #### Storage/Indexer/Vault/Scheduler services to use in staging area swh::remote_service::storage::config::storage0: cls: remote args: url: "http://storage0.internal.staging.swh.network:%{hiera('swh::remote_service::storage::port')}/" swh::remote_service::storage::config: "%{alias('swh::remote_service::storage::config::storage0')}" swh::remote_service::storage::config::writable: "%{alias('swh::remote_service::storage::config::storage0')}" swh::remote_service::vault::config::vault0: cls: remote args: url: "http://vault.internal.staging.swh.network:%{hiera('swh::remote_service::vault::port')}/" swh::remote_service::vault::config: "%{alias('swh::remote_service::vault::config::vault0')}" swh::remote_service::vault::config::writable: "%{alias('swh::remote_service::vault::config::vault0')}" swh::remote_service::indexer::config::storage0: cls: remote args: url: "http://storage0.internal.staging.swh.network:%{hiera('swh::remote_service::indexer::port')}/" swh::remote_service::indexer::config: "%{alias('swh::remote_service::indexer::config::storage0')}" swh::remote_service::indexer::config::writable: "%{alias('swh::remote_service::indexer::config::storage0')}" swh::remote_service::scheduler::config::scheduler0: cls: remote args: url: "http://scheduler0.internal.staging.swh.network:%{hiera('swh::remote_service::scheduler::port')}/" swh::remote_service::scheduler::config: "%{alias('swh::remote_service::scheduler::config::scheduler0')}" swh::remote_service::scheduler::config::writable: "%{alias('swh::remote_service::scheduler::config::scheduler0')}" +swh::deploy::webapp::deposit::private::url: http://deposit.internal.staging.swh.network/1/private/ + swh::deploy::worker::loader_git::config: storage: "%{alias('swh::remote_service::storage::config::writable')}" save_data: false directory_packet_size: 100 celery: task_broker: "%{alias('swh::deploy::worker::task_broker')}" task_modules: - swh.loader.git.tasks task_queues: - swh.loader.git.tasks.UpdateGitRepository - swh.loader.git.tasks.LoadDiskGitRepository - swh.loader.git.tasks.UncompressAndLoadDiskGitRepository