Drive/sunetdrive
7
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Merge branch 'main' into stable

Browse source
This commit is contained in:
Micke Nordin 2024-05-21 17:48:21 +02:00
parent 6299dad4fd b3d9873176
commit 840d2000a6
9 changed files with 52 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
manifests/app_type.pp
View file

@ -60,6 +60,9 @@ define sunetdrive::app_type (
} else { } else {
$php_memory_limit_mb = 512 $php_memory_limit_mb = 512
} }
if $::facts['dockerhost2'] == 'yes' {
$hostnet = true
}
# These are encrypted values from local.eyaml # These are encrypted values from local.eyaml

4
manifests/lookup.pp
View file

@ -14,7 +14,7 @@ class sunetdrive::lookup (
$nextcloud_ip = hiera_array("${location}_app", []) $nextcloud_ip = hiera_array("${location}_app", [])
$tug_office = hiera_array('tug_office') $tug_office = hiera_array('tug_office')
$dbhost = 'proxysql_proxysql_1' $dbhost = '127.0.0.1'
$gss_jwt_key = safe_hiera('gss_jwt_key') $gss_jwt_key = safe_hiera('gss_jwt_key')
$replication_auth = safe_hiera('replication_auth') $replication_auth = safe_hiera('replication_auth')
$mysql_user_password = safe_hiera('mysql_user_password') $mysql_user_password = safe_hiera('mysql_user_password')
@ -25,7 +25,7 @@ class sunetdrive::lookup (
user { 'www-data': ensure => present, system => true } user { 'www-data': ensure => present, system => true }
file { '/opt/lookup/config.php': file { '/opt/lookup/config.php':
ensure => present, ensure => file,
owner => 'www-data', owner => 'www-data',
group => 'root', group => 'root',
content => template('sunetdrive/lookup/config.php.erb'), content => template('sunetdrive/lookup/config.php.erb'),

3
manifests/proxysql.pp
View file

@ -26,6 +26,9 @@ class sunetdrive::proxysql (
$mysql_user = safe_hiera('mysql_user') $mysql_user = safe_hiera('mysql_user')
$transaction_persistent = 1 $transaction_persistent = 1
if $::facts['dockerhost2'] == 'yes' {
$hostnet = true
}
file { '/usr/local/bin/proxysql': file { '/usr/local/bin/proxysql':
ensure => file, ensure => file,

23
templates/application/config.php.erb
View file

@ -25,7 +25,11 @@ $CONFIG = array (
'csrf.disabled' => true, 'csrf.disabled' => true,
'datadirectory' => '/var/www/html/data', 'datadirectory' => '/var/www/html/data',
'davstorage.request_timeout' => 86401, 'davstorage.request_timeout' => 86401,
<%- if @hostnet -%>
'dbhost' => '127.0.0.1',
<%- else -%>
'dbhost' => '<%= @dbhost %>', 'dbhost' => '<%= @dbhost %>',
<%- end -%>
'dbname' => '<%= @dbname %>', 'dbname' => '<%= @dbname %>',
'dbpassword' => '<%= @mysql_user_password %>', 'dbpassword' => '<%= @mysql_user_password %>',
'dbport' => '3306', 'dbport' => '3306',
@ -93,6 +97,7 @@ $CONFIG = array (
'region' => 'us-east-1', 'region' => 'us-east-1',
'hostname' => '<%= @s3_host %>', 'hostname' => '<%= @s3_host %>',
'port' => '', 'port' => '',
'useMultipartCopy' => false,
'objectPrefix' => 'urn:oid:', 'objectPrefix' => 'urn:oid:',
'autocreate' => false, 'autocreate' => false,
'use_ssl' => true, 'use_ssl' => true,
@ -122,6 +127,24 @@ $CONFIG = array (
], ],
'timeout' => 1.1 'timeout' => 1.1
], ],
<% elsif @location == 'gss-prod' -%>
'redis.cluster' => [
'failover_mode' => \RedisCluster::FAILOVER_ERROR,
'password' => '<%= @redis_cluster_password %>',
'read_timeout' => 0.0,
'seeds' => [
'redis1.drive.sunet.se:6379',
'redis2.drive.sunet.se:6379',
'redis3.drive.sunet.se:6379',
'redis1.drive.sunet.se:6380',
'redis2.drive.sunet.se:6380',
'redis3.drive.sunet.se:6380',
'redis1.drive.sunet.se:6381',
'redis2.drive.sunet.se:6381',
'redis3.drive.sunet.se:6381'
],
'timeout' => 1.1
],
<% elsif @environment == 'test' && ! @is_multinode -%> <% elsif @environment == 'test' && ! @is_multinode -%>
'redis.cluster' => [ 'redis.cluster' => [
'failover_mode' => \RedisCluster::FAILOVER_ERROR, 'failover_mode' => \RedisCluster::FAILOVER_ERROR,

9
templates/application/docker-compose_nextcloud.yml.erb
View file

@ -6,6 +6,9 @@ services:
image: docker.sunet.se/drive/nextcloud-custom:<%= @nextcloud_version %> image: docker.sunet.se/drive/nextcloud-custom:<%= @nextcloud_version %>
restart: always restart: always
container_name: nextcloud_app_1 container_name: nextcloud_app_1
<%- if @hostnet -%>
network_mode: host
<%- end -%>
environment: environment:
- NC_PASS=<%= @admin_password%> - NC_PASS=<%= @admin_password%>
volumes: volumes:
@ -28,18 +31,24 @@ services:
<% if @location =~ /^kau/ -%> <% if @location =~ /^kau/ -%>
- /mnt:/opt/tmp/ - /mnt:/opt/tmp/
<%- end -%> <%- end -%>
<%- if ! @hostnet -%>
networks: networks:
- default - default
- proxysql_proxysql - proxysql_proxysql
<%- end -%>
dns: dns:
- 89.46.20.75 - 89.46.20.75
- 89.46.21.29 - 89.46.21.29
- 89.32.32.32 - 89.32.32.32
<%- if !@hostnet -%>
ports: ports:
- 443:443 - 443:443
<%- end -%>
command: sh -c 'tail -f /var/www/html/data/nextcloud.log | tee -a /proc/1/fd/2 & apachectl -D FOREGROUND' command: sh -c 'tail -f /var/www/html/data/nextcloud.log | tee -a /proc/1/fd/2 & apachectl -D FOREGROUND'
tty: true tty: true
<%- if !@hostnet -%>
networks: networks:
proxysql_proxysql: proxysql_proxysql:
external: true external: true
<%- end -%>

9
templates/lookup/docker-compose_lookup.yml.erb
View file

@ -3,13 +3,12 @@ version: '3.2'
services: services:
app: app:
container_name: lookup_app_1
image: docker.sunet.se/drive/nextcloud-lookup:<%= @lookup_version %> image: docker.sunet.se/drive/nextcloud-lookup:<%= @lookup_version %>
restart: always restart: always
volumes: volumes:
- /opt/lookup/config.php:/var/www/html/config/config.php - /opt/lookup/config.php:/var/www/html/config/config.php
networks: network_mode: host
- default
- proxysql_proxysql
dns: dns:
- 89.46.20.75 - 89.46.20.75
- 89.46.21.29 - 89.46.21.29
@ -18,7 +17,3 @@ services:
- 443:443 - 443:443
command: apachectl -D FOREGROUND command: apachectl -D FOREGROUND
tty: true tty: true
networks:
proxysql_proxysql:
external: true

8
templates/proxysql/docker-compose_proxysql.yml.erb
View file

@ -5,18 +5,24 @@ services:
proxysql: proxysql:
image: docker.sunet.se/drive/proxysql:<%= @proxysql_version %> image: docker.sunet.se/drive/proxysql:<%= @proxysql_version %>
container_name: proxysql_proxysql_1 container_name: proxysql_proxysql_1
<%- if @hostnet -%>
network_mode: host
<%- else -%>
ports: ports:
- 3306:3306 - 3306:3306
- 6032:6032 - 6032:6032
- 6080:6080 - 6080:6080
<%- end -%>
environment: environment:
INITIALIZE: 1 INITIALIZE: 1
dns: dns:
- 89.46.20.75 - 89.46.20.75
- 89.46.21.29 - 89.46.21.29
- 89.32.32.32 - 89.32.32.32
<%- if !@hostnet -%>
networks: networks:
- proxysql - proxysql
<%- end -%>
restart: unless-stopped restart: unless-stopped
volumes: volumes:
- proxysql:/var/lib/proxysql - proxysql:/var/lib/proxysql
@ -26,6 +32,8 @@ services:
volumes: volumes:
proxysql: proxysql:
<%- if !@hostnet -%>
networks: networks:
proxysql: proxysql:
driver: bridge driver: bridge
<%- end -%>

2
templates/scriptreceiver/create_bucket.erb.sh
View file

@ -38,7 +38,7 @@ preexisting="$(docker exec -u www-data -i "${container}" php --define apc.enable
if [[ -z ${preexisting} ]]; then if [[ -z ${preexisting} ]]; then
docker exec -u www-data -i "${container}" php --define apc.enable_cli=1 /var/www/html/occ files_external:create "${user_bucket_name}" \ docker exec -u www-data -i "${container}" php --define apc.enable_cli=1 /var/www/html/occ files_external:create "${user_bucket_name}" \
amazons3 -c bucket="${bucket}" -c key="${key}" -c secret="${secret}" -c hostname="${endpoint}" -c use_ssl=true -c use_path_style=true -c region=us-east-1 \ amazons3 -c bucket="${bucket}" -c key="${key}" -c secret="${secret}" -c hostname="${endpoint}" -c use_ssl=true -c use_path_style=true -c region=us-east-1 \
amazons3::accesskey --user ${user} -c useMultipartCopy=false amazons3::accesskey --user ${user}
for shareid in $(docker exec -u www-data -i ${container} php --define apc.enable_cli=1 /var/www/html/occ files_external:export ${user} | jq -r '.[].mount_id'); do for shareid in $(docker exec -u www-data -i ${container} php --define apc.enable_cli=1 /var/www/html/occ files_external:export ${user} | jq -r '.[].mount_id'); do
docker exec -u www-data -i ${container} php --define apc.enable_cli=1 /var/www/html/occ files_external:option ${shareid} enable_sharing true docker exec -u www-data -i ${container} php --define apc.enable_cli=1 /var/www/html/occ files_external:option ${shareid} enable_sharing true
done done

2
templates/scriptreceiver/create_bucket_without_question.sh
View file

@ -7,7 +7,7 @@ bucket=${4}
user=${5} user=${5}
/usr/local/bin/occ files_external:create "${bucket}" \ /usr/local/bin/occ files_external:create "${bucket}" \
amazons3 -c bucket="${bucket}" -c key="${key}" -c secret="${secret}" -c hostname="${endpoint}" -c use_ssl=true -c use_path_style=true -c region=us-east-1 \ amazons3 -c bucket="${bucket}" -c key="${key}" -c secret="${secret}" -c hostname="${endpoint}" -c use_ssl=true -c use_path_style=true -c region=us-east-1 \
amazons3::accesskey --user "${user}" -c useMultipartCopy=false amazons3::accesskey --user "${user}"
for shareid in $(/usr/local/bin/occ files_external:export "${user}" | jq -r '.[].mount_id'); do for shareid in $(/usr/local/bin/occ files_external:export "${user}" | jq -r '.[].mount_id'); do
/usr/local/bin/occ files_external:option "${shareid}" enable_sharing true /usr/local/bin/occ files_external:option "${shareid}" enable_sharing true
done done