kosmos/chef
kosmos/chef
8
3
Fork 0
Code Issues 30 Pull Requests 3 Projects 2 Activity

Add S3/Garage config for akkounts

Browse Source
This commit is contained in:
Râu Cao 2024-01-26 10:40:36 +03:00
parent 98543f3e7d
commit 5c1c63f94e
Signed by: raucao
GPG Key ID: 37036C356E56CC51
5 changed files with 64 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
data_bags/credentials/akkounts.json
View File

@ -1,51 +1,65 @@
{
"id": "akkounts",
"postgresql_username": {
"encrypted_data": "/Idxzq83imf6o6pbmFAk7bgxg69N7/1KNhgj\n",
"iv": "34BrmVmlxzuA7IJG\n",
"auth_tag": "VyLpWDshrOd417ZiY3432w==\n",
"encrypted_data": "l00Lmdbl5xNq07XU4XmcnRxXsIJaYyMQQ6xI\n",
"iv": "yxvL6hKwlVWmdMzl\n",
"auth_tag": "mMCV9ewJW/0TfVE76WBSZw==\n",
"version": 3,
"cipher": "aes-256-gcm"
},
"postgresql_password": {
"encrypted_data": "XqEmt+yu7mB6vBOUCT/5AtIptdUamfniz+PrFYCP0A==\n",
"iv": "2XdVUHkeeS1LHzMx\n",
"auth_tag": "mq0v9ikHD7pxTUrGO+VF9A==\n",
"encrypted_data": "Q6xWsH6bmI1GfMzme3mBRYrt3XmDwFJ7E4FjYg2Rrw==\n",
"iv": "jcQmuT7Jz3g3XE8d\n",
"auth_tag": "nNMvf9UmP6ikf1BW93QZIw==\n",
"version": 3,
"cipher": "aes-256-gcm"
},
"sentry_dsn": {
"encrypted_data": "u82JsPq5HvQRE2eWIbVp73LdqffyuTTylbURtM7XRJ6AXyKp1WD/iwVhNnL7\n/NKSWR24/u63WJCP4rXpW7293ZRU5UW/W3GwlOjNtbdxcaQ=\n",
"iv": "0GIV8v92dh4+Ma/Z\n",
"auth_tag": "XbuxPIZ5VxuMjw/f+usCgA==\n",
"encrypted_data": "V7cqlH2baN1Ix/ggQFeo9PY6dNKKpnDECaB1cO3XuCfy74oN2ot44nbpCQTA\nUl0+1LQv/qNn/L4gmJkqZfdIXZQqhR+iTc06UJxe3aTKJDw=\n",
"iv": "HJtdKYcApwaxhTXI\n",
"auth_tag": "qyIYK9h6nciJTFXBWOjVOA==\n",
"version": 3,
"cipher": "aes-256-gcm"
},
"rails_master_key": {
"encrypted_data": "31N79um4TTD0tuDurrZVztoSv0sxZ70paV7AhD8P4+lX8kUkfhiugCbdhst0\n12YP5v/8\n",
"iv": "l4qanaerdou8AApw\n",
"auth_tag": "yvkcM4on1EMm1LhmmZ+O+g==\n",
"encrypted_data": "KAl2Kgq1TXjOm4TNxGwZkPwJeOSNLbLLKiRdb4fTyBFfUhIGGeCS9VvV9kIb\n9sQZ6HLU\n",
"iv": "BBPvDNs6nBXDti5I\n",
"auth_tag": "yjM/0nyUwt+5SSGuLC5qWA==\n",
"version": 3,
"cipher": "aes-256-gcm"
},
"discourse_connect_secret": {
"encrypted_data": "Ebs8KVEA0r4nFxYNjxxZFUWndxwoKes/9ihEgqgKLN76t6yzCUONeJZBMl0G\nXLdI8A==\n",
"iv": "ob8KBWeoHXFlZ7Nk\n",
"auth_tag": "motppQbVEhg6qyKRYpqctA==\n",
"encrypted_data": "YHkZGzXeK3nDHaXt3JKmGtCcvMfgvv3yHbvS2C+CLKagOIOe+0+2/CiNuh4U\nxO1Pug==\n",
"iv": "SnUxDpIMQum8ySfN\n",
"auth_tag": "Ny6I+3EoCA1s74JLjjbbyQ==\n",
"version": 3,
"cipher": "aes-256-gcm"
},
"lndhub_admin_token": {
"encrypted_data": "I2hSF6X9L3OWbet5QWzrCyA3XyGFhFBgHh/uFr5dQ3RB\n",
"iv": "Kr8u2j5napFSamYc\n",
"auth_tag": "t93UNWomf+6WaZF7VVzTeQ==\n",
"encrypted_data": "dJHxB80Enwkm+2aNuIrp7lILAy2J5tQaChPJCl/BHwMo\n",
"iv": "zHLtD1jTIwvjMt1l\n",
"auth_tag": "IC0adEzsS5YF5YHqabWw2A==\n",
"version": 3,
"cipher": "aes-256-gcm"
},
"btcpay_auth_token": {
"encrypted_data": "0qesJ5KMvU2DlKdz7lExJWq0X9XYjpsqw61kLXWw4UNYwpNxPyFJSjbR9yKh\ntu0zMdtMB9Vur9izWBY=\n",
"iv": "gw2oAyeF2Kuvb3Em\n",
"auth_tag": "zMtos/E3e3XXeTlAY7o0lg==\n",
"encrypted_data": "YbM0HvgIijluKQBcgfKn6hmWvdbhr0ijR1xKc+BRZCZJsRaJBHTjCbwhH8T9\nVnBESruyjhxphtBetcc=\n",
"iv": "3107v/c2Tonx6/cP\n",
"auth_tag": "jnO9fvoXJW5gbDMRjkdMPA==\n",
"version": 3,
"cipher": "aes-256-gcm"
},
"s3_access_key": {
"encrypted_data": "PFjQKe1us12SNHlReQ4f0qctulPp4d2F3t5t+AGocp87PS/kZx77rtHQtruK\n",
"iv": "BGD8+XchqwPmhhwi\n",
"auth_tag": "XefaZKCVs8hotszALN+kxQ==\n",
"version": 3,
"cipher": "aes-256-gcm"
},
"s3_secret_key": {
"encrypted_data": "ziO35x8P1YMaSeenMNQoTWug62b5ZVLFlkMlJEFGnYjHK5qTAn6ir06WnMJC\n0zErzTZsPpcr7KpE/ipWgWHRy7qVbGnd6iVO4t9tf5NjiU2OXfA=\n",
"iv": "S3syCCxh2m+mylLu\n",
"auth_tag": "ZMkyBqXMXr3K3LGqxWvbtA==\n",
"version": 3,
"cipher": "aes-256-gcm"
}

5
environments/production.json
View File

@ -43,8 +43,9 @@
"s3_web_root_domain": "web.s3.kosmos.org",
"s3_web_domains": [
"media.kosmos.chat",
"s3.kosmos.social",
"s3.community.kosmos.org"
"s3.accounts.kosmos.org",
"s3.community.kosmos.org",
"s3.kosmos.social"
],
"xmpp_upload_bucket": "kosmos-xmpp-uploads"
},

6
nodes/akkounts-1.json
View File

@ -17,6 +17,7 @@
"kvm_guest",
"ldap_client",
"sentry_client",
"garage_gateway",
"akkounts",
"postgresql_client"
],
@ -26,6 +27,9 @@
"kosmos_kvm::guest",
"kosmos-dirsrv::hostsfile",
"kosmos_sentry::client",
"kosmos_garage",
"kosmos_garage::default",
"kosmos_garage::firewall_rpc",
"kosmos_postgresql::hostsfile",
"kosmos-akkounts",
"kosmos-akkounts::default",
@ -43,6 +47,7 @@
"postfix::_attributes",
"postfix::sasl_auth",
"hostname::default",
"firewall::default",
"redisio::default",
"redisio::_install_prereqs",
"redisio::install",
@ -76,6 +81,7 @@
"role[kvm_guest]",
"role[ldap_client]",
"role[sentry_client]",
"role[garage_gateway]",
"role[akkounts]"
]
}

6
site-cookbooks/kosmos-akkounts/attributes/default.rb
View File

@ -19,3 +19,9 @@ node.default['akkounts']['lndhub']['api_url'] = nil
node.default['akkounts']['lndhub']['public_url'] = nil
node.default['akkounts']['lndhub']['public_key'] = nil
node.default['akkounts']['lndhub']['postgres_db'] = 'lndhub'
node.default['akkounts']['s3_enabled'] = true
node.default['akkounts']['s3_endpoint'] = "http://localhost:3900"
node.default['akkounts']['s3_region'] = "garage"
node.default['akkounts']['s3_bucket'] = "akkounts-production"
node.default['akkounts']['s3_alias_host'] = "https://s3.accounts.kosmos.org"

14
site-cookbooks/kosmos-akkounts/recipes/default.rb
View File

@ -168,6 +168,20 @@ if rs_redis_host
env[:rs_redis_url] = "redis://#{rs_redis_host}:#{rs_redis_port}/#{rs_redis_db}"
end
#
# S3
#
if node['akkounts']['s3_enabled']
env[:s3_enabled] = true
env[:s3_endpoint] = node['akkounts']['s3_endpoint']
env[:s3_region] = node['akkounts']['s3_region']
env[:s3_bucket] = node['akkounts']['s3_bucket']
env[:s3_alias_host] = node['akkounts']['s3_alias_host']
env[:s3_access_key] = credentials['s3_access_key']
env[:s3_secret_key] = credentials['s3_secret_key']
end
#
# Akkounts Deployment
#