diff --git a/manifests/site.pp b/manifests/site.pp index f8972c1295..dad231edee 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -416,33 +416,44 @@ node /^backup\d+\..*\.ci\.open.*\.org$/ { node /^openstackid\d*(\.openstack)?\.org$/ { $group = "openstackid" class { 'openstack_project::openstackid_prod': - site_admin_password => hiera('openstackid_site_admin_password'), - id_mysql_host => hiera('openstackid_id_mysql_host', 'localhost'), - id_mysql_password => hiera('openstackid_id_mysql_password'), - id_mysql_user => hiera('openstackid_id_mysql_user', 'username'), - id_db_name => hiera('openstackid_id_db_name'), - redis_password => hiera('openstackid_redis_password'), - ssl_cert_file_contents => hiera('openstackid_ssl_cert_file_contents'), - ssl_key_file_contents => hiera('openstackid_ssl_key_file_contents'), - ssl_chain_file_contents => hiera('openstackid_ssl_chain_file_contents'), - id_recaptcha_public_key => hiera('openstackid_recaptcha_public_key'), - id_recaptcha_private_key => hiera('openstackid_recaptcha_private_key'), - vhost_name => 'openstackid.org', - session_cookie_domain => 'openstackid.org', - serveradmin => 'webmaster@openstackid.org', - canonicalweburl => 'https://openstackid.org/', - app_url => 'https://openstackid.org', - app_key => hiera('openstackid_app_key'), - id_log_error_to_email => 'openstack@tipit.net', - id_log_error_from_email => 'noreply@openstack.org', - email_driver => 'sendgrid', - email_send_grid_api_key => hiera('openstackid_send_grid_api_key'), - php_version => 7, - mysql_ssl_enabled => true, - mysql_ssl_ca_file_contents => hiera('openstackid_mysql_ssl_ca_file_contents'), - mysql_ssl_client_key_file_contents => hiera('openstackid_mysql_ssl_client_key_file_contents'), - mysql_ssl_client_cert_file_contents => hiera('openstackid_mysql_ssl_client_cert_file_contents'), - user_spam_processor_to => hiera('openstackid_user_spam_processor_to'), + site_admin_password => hiera('openstackid_site_admin_password'), + id_mysql_host => hiera('openstackid_id_mysql_host', 'localhost'), + id_mysql_password => hiera('openstackid_id_mysql_password'), + id_mysql_user => hiera('openstackid_id_mysql_user', 'username'), + id_db_name => hiera('openstackid_id_db_name'), + redis_password => hiera('openstackid_redis_password'), + ssl_cert_file_contents => hiera('openstackid_ssl_cert_file_contents'), + ssl_key_file_contents => hiera('openstackid_ssl_key_file_contents'), + ssl_chain_file_contents => hiera('openstackid_ssl_chain_file_contents'), + id_recaptcha_public_key => hiera('openstackid_recaptcha_public_key'), + id_recaptcha_private_key => hiera('openstackid_recaptcha_private_key'), + vhost_name => 'openstackid.org', + session_cookie_domain => 'openstackid.org', + serveradmin => 'webmaster@openstackid.org', + canonicalweburl => 'https://openstackid.org/', + app_url => 'https://openstackid.org', + app_key => hiera('openstackid_app_key'), + id_log_error_to_email => 'openstack@tipit.net', + id_log_error_from_email => 'noreply@openstack.org', + email_driver => 'sendgrid', + email_send_grid_api_key => hiera('openstackid_send_grid_api_key'), + php_version => 7, + mysql_ssl_enabled => true, + mysql_ssl_ca_file_contents => hiera('openstackid_mysql_ssl_ca_file_contents'), + mysql_ssl_client_key_file_contents => hiera('openstackid_mysql_ssl_client_key_file_contents'), + mysql_ssl_client_cert_file_contents => hiera('openstackid_mysql_ssl_client_cert_file_contents'), + user_spam_processor_to => hiera('openstackid_user_spam_processor_to'), + message_broker_exchange_name => 'message-broker', + message_broker_host => hiera('openstackid_message_broker_host'), + message_broker_port => 5671, + message_broker_vhost => 'databus', + message_broker_login => hiera('openstackid_message_broker_login'), + message_broker_password => hiera('openstackid_message_broker_password'), + message_broker_ssl_enabled => true, + message_broker_ssl_ca_file_contents => hiera('openstackid_message_broker_ssl_ca_file_contents'), + message_broker_ssl_client_cert_file_contents => hiera('openstackid_message_broker_ssl_client_cert_file_contents'), + message_broker_ssl_client_key_file_contents => hiera('openstackid_message_broker_ssl_client_key_file_contents'), + message_broker_enabled => true, } } @@ -450,32 +461,43 @@ node /^openstackid\d*(\.openstack)?\.org$/ { node /^openstackid-dev\d*\.openstack\.org$/ { $group = "openstackid-dev" class { 'openstack_project::openstackid_dev': - site_admin_password => hiera('openstackid_dev_site_admin_password'), - id_mysql_host => hiera('openstackid_dev_id_mysql_host', 'localhost'), - id_mysql_password => hiera('openstackid_dev_id_mysql_password'), - id_mysql_user => hiera('openstackid_dev_id_mysql_user', 'username'), - redis_password => hiera('openstackid_dev_redis_password'), - ssl_cert_file_contents => hiera('openstackid_dev_ssl_cert_file_contents'), - ssl_key_file_contents => hiera('openstackid_dev_ssl_key_file_contents'), - ssl_chain_file_contents => hiera('openstackid_dev_ssl_chain_file_contents'), - id_recaptcha_public_key => hiera('openstackid_dev_recaptcha_public_key'), - id_recaptcha_private_key => hiera('openstackid_dev_recaptcha_private_key'), - vhost_name => 'openstackid-dev.openstack.org', - session_cookie_domain => 'openstackid-dev.openstack.org', - serveradmin => 'webmaster@openstackid-dev.openstack.org', - canonicalweburl => 'https://openstackid-dev.openstack.org/', - app_url => 'https://openstackid-dev.openstack.org', - app_key => hiera('openstackid_dev_app_key'), - id_log_error_to_email => 'openstack@tipit.net', - id_log_error_from_email => 'noreply@openstack.org', - email_driver => 'sendgrid', - email_send_grid_api_key => hiera('openstackid_dev_send_grid_api_key'), - php_version => 7, - mysql_ssl_enabled => true, - mysql_ssl_ca_file_contents => hiera('openstackid_dev_mysql_ssl_ca_file_contents'), - mysql_ssl_client_key_file_contents => hiera('openstackid_dev_mysql_ssl_client_key_file_contents'), - mysql_ssl_client_cert_file_contents => hiera('openstackid_dev_mysql_ssl_client_cert_file_contents'), - user_spam_processor_to => hiera('openstackid_dev_user_spam_processor_to'), + site_admin_password => hiera('openstackid_dev_site_admin_password'), + id_mysql_host => hiera('openstackid_dev_id_mysql_host', 'localhost'), + id_mysql_password => hiera('openstackid_dev_id_mysql_password'), + id_mysql_user => hiera('openstackid_dev_id_mysql_user', 'username'), + redis_password => hiera('openstackid_dev_redis_password'), + ssl_cert_file_contents => hiera('openstackid_dev_ssl_cert_file_contents'), + ssl_key_file_contents => hiera('openstackid_dev_ssl_key_file_contents'), + ssl_chain_file_contents => hiera('openstackid_dev_ssl_chain_file_contents'), + id_recaptcha_public_key => hiera('openstackid_dev_recaptcha_public_key'), + id_recaptcha_private_key => hiera('openstackid_dev_recaptcha_private_key'), + vhost_name => 'openstackid-dev.openstack.org', + session_cookie_domain => 'openstackid-dev.openstack.org', + serveradmin => 'webmaster@openstackid-dev.openstack.org', + canonicalweburl => 'https://openstackid-dev.openstack.org/', + app_url => 'https://openstackid-dev.openstack.org', + app_key => hiera('openstackid_dev_app_key'), + id_log_error_to_email => 'openstack@tipit.net', + id_log_error_from_email => 'noreply@openstack.org', + email_driver => 'sendgrid', + email_send_grid_api_key => hiera('openstackid_dev_send_grid_api_key'), + php_version => 7, + mysql_ssl_enabled => true, + mysql_ssl_ca_file_contents => hiera('openstackid_dev_mysql_ssl_ca_file_contents'), + mysql_ssl_client_key_file_contents => hiera('openstackid_dev_mysql_ssl_client_key_file_contents'), + mysql_ssl_client_cert_file_contents => hiera('openstackid_dev_mysql_ssl_client_cert_file_contents'), + user_spam_processor_to => hiera('openstackid_dev_user_spam_processor_to'), + message_broker_exchange_name => 'message-broker', + message_broker_host => hiera('openstackid_dev_message_broker_host'), + message_broker_port => 5671, + message_broker_vhost => 'databus', + message_broker_login => hiera('openstackid_dev_message_broker_login'), + message_broker_password => hiera('openstackid_dev_message_broker_password'), + message_broker_ssl_enabled => true, + message_broker_ssl_ca_file_contents => hiera('openstackid_dev_message_broker_ssl_ca_file_contents'), + message_broker_ssl_client_cert_file_contents => hiera('openstackid_dev_message_broker_ssl_client_cert_file_contents'), + message_broker_ssl_client_key_file_contents => hiera('openstackid_dev_message_broker_ssl_client_key_file_contents'), + message_broker_enabled => true, } } diff --git a/modules/openstack_project/manifests/openstackid_dev.pp b/modules/openstack_project/manifests/openstackid_dev.pp index c4be24548a..3c798ab94b 100644 --- a/modules/openstack_project/manifests/openstackid_dev.pp +++ b/modules/openstack_project/manifests/openstackid_dev.pp @@ -69,66 +69,94 @@ class openstack_project::openstackid_dev ( $mysql_ssl_client_cert_file = '/etc/mysql-client-ssl/client-cert.pem', $mysql_ssl_client_cert_file_contents = '', $user_spam_processor_to = '', + $message_broker_exchange_name = 'message-broker', + $message_broker_host = '', + $message_broker_port = 5672, + $message_broker_vhost = 'databus', + $message_broker_login = '', + $message_broker_password = '', + $message_broker_ssl_enabled = false, + $message_broker_ssl_ca_file = '/etc/rabbitmq-client-ssl/ca-cert.pem', + $message_broker_ssl_ca_file_contents = '', + $message_broker_ssl_client_cert_file = '/etc/rabbitmq-client-ssl/client-cert.pem', + $message_broker_ssl_client_cert_file_contents = '', + $message_broker_ssl_client_key_file = '/etc/rabbitmq-client-ssl/client-key.pem', + $message_broker_ssl_client_key_file_contents = '', + $message_broker_enabled = false, ) { class { 'openstack_project::server': } class { 'openstackid': - site_admin_password => $site_admin_password, - id_mysql_host => $id_mysql_host, - id_mysql_user => $id_mysql_user, - id_mysql_password => $id_mysql_password, - id_db_name => $id_db_name, - redis_port => $redis_port, - redis_host => $redis_bind, - redis_password => $redis_password, - id_recaptcha_public_key => $id_recaptcha_public_key, - id_recaptcha_private_key => $id_recaptcha_private_key, - id_recaptcha_template => $id_recaptcha_template, - id_log_error_to_email => $id_log_error_to_email, - id_log_error_from_email => $id_log_error_from_email, - id_environment => $id_environment, - ssl_cert_file => "/etc/ssl/certs/${::fqdn}.pem", - ssl_key_file => "/etc/ssl/private/${::fqdn}.key", - ssl_chain_file => '/etc/ssl/certs/intermediate.pem', - ssl_cert_file_contents => $ssl_cert_file_contents, - ssl_key_file_contents => $ssl_key_file_contents, - ssl_chain_file_contents => $ssl_chain_file_contents, - vhost_name => $vhost_name, - serveradmin => $serveradmin, - canonicalweburl => $canonicalweburl, - session_cookie_domain => $session_cookie_domain, - app_url => $app_url, - app_key => $app_key, - email_driver => $email_driver, - email_send_grid_api_key => $email_send_grid_api_key, - email_smtp_server => $email_smtp_server, - email_smtp_server_port => $email_smtp_server_port, - email_smtp_server_user => $email_smtp_server_user, - email_smtp_server_password => $email_smtp_server_password, - laravel_version => $laravel_version, - app_log_level => $app_log_level, - app_log_email_level => $app_log_email_level, - db_log_enabled => $db_log_enabled, - banning_enabled => $banning_enabled, - app_debug => $app_debug, - app_locale => $app_locale, - curl_verify_ssl_cert => $curl_verify_ssl_cert, - curl_allow_redirect => $curl_allow_redirect, - curl_timeout => $curl_timeout, - assets_base_url => $assets_base_url, - cache_driver => $cache_driver, - session_driver => $session_driver, - session_cookie_secure => $session_cookie_secure, - php_version => $php_version, - mysql_ssl_enabled => $mysql_ssl_enabled, - mysql_ssl_ca_file => $mysql_ssl_ca_file, - mysql_ssl_ca_file_contents => $mysql_ssl_ca_file_contents, - mysql_ssl_client_key_file => $mysql_ssl_client_key_file, - mysql_ssl_client_key_file_contents => $mysql_ssl_client_key_file_contents, - mysql_ssl_client_cert_file => $mysql_ssl_client_cert_file, - mysql_ssl_client_cert_file_contents => $mysql_ssl_client_cert_file_contents, - user_spam_processor_to => $user_spam_processor_to + site_admin_password => $site_admin_password, + id_mysql_host => $id_mysql_host, + id_mysql_user => $id_mysql_user, + id_mysql_password => $id_mysql_password, + id_db_name => $id_db_name, + redis_port => $redis_port, + redis_host => $redis_bind, + redis_password => $redis_password, + id_recaptcha_public_key => $id_recaptcha_public_key, + id_recaptcha_private_key => $id_recaptcha_private_key, + id_recaptcha_template => $id_recaptcha_template, + id_log_error_to_email => $id_log_error_to_email, + id_log_error_from_email => $id_log_error_from_email, + id_environment => $id_environment, + ssl_cert_file => "/etc/ssl/certs/${::fqdn}.pem", + ssl_key_file => "/etc/ssl/private/${::fqdn}.key", + ssl_chain_file => '/etc/ssl/certs/intermediate.pem', + ssl_cert_file_contents => $ssl_cert_file_contents, + ssl_key_file_contents => $ssl_key_file_contents, + ssl_chain_file_contents => $ssl_chain_file_contents, + vhost_name => $vhost_name, + serveradmin => $serveradmin, + canonicalweburl => $canonicalweburl, + session_cookie_domain => $session_cookie_domain, + app_url => $app_url, + app_key => $app_key, + email_driver => $email_driver, + email_send_grid_api_key => $email_send_grid_api_key, + email_smtp_server => $email_smtp_server, + email_smtp_server_port => $email_smtp_server_port, + email_smtp_server_user => $email_smtp_server_user, + email_smtp_server_password => $email_smtp_server_password, + laravel_version => $laravel_version, + app_log_level => $app_log_level, + app_log_email_level => $app_log_email_level, + db_log_enabled => $db_log_enabled, + banning_enabled => $banning_enabled, + app_debug => $app_debug, + app_locale => $app_locale, + curl_verify_ssl_cert => $curl_verify_ssl_cert, + curl_allow_redirect => $curl_allow_redirect, + curl_timeout => $curl_timeout, + assets_base_url => $assets_base_url, + cache_driver => $cache_driver, + session_driver => $session_driver, + session_cookie_secure => $session_cookie_secure, + php_version => $php_version, + mysql_ssl_enabled => $mysql_ssl_enabled, + mysql_ssl_ca_file => $mysql_ssl_ca_file, + mysql_ssl_ca_file_contents => $mysql_ssl_ca_file_contents, + mysql_ssl_client_key_file => $mysql_ssl_client_key_file, + mysql_ssl_client_key_file_contents => $mysql_ssl_client_key_file_contents, + mysql_ssl_client_cert_file => $mysql_ssl_client_cert_file, + mysql_ssl_client_cert_file_contents => $mysql_ssl_client_cert_file_contents, + user_spam_processor_to => $user_spam_processor_to, + message_broker_exchange_name => $message_broker_exchange_name, + message_broker_host => $message_broker_host, + message_broker_port => $message_broker_port, + message_broker_vhost => $message_broker_vhost, + message_broker_login => $message_broker_login, + message_broker_password => $message_broker_password, + message_broker_ssl_enabled => $message_broker_ssl_enabled, + message_broker_ssl_ca_file => $message_broker_ssl_ca_file, + message_broker_ssl_ca_file_contents => $message_broker_ssl_ca_file_contents, + message_broker_ssl_client_cert_file => $message_broker_ssl_client_cert_file, + message_broker_ssl_client_cert_file_contents => $message_broker_ssl_client_cert_file_contents, + message_broker_ssl_client_key_file => $message_broker_ssl_client_key_file, + message_broker_ssl_client_key_file_contents => $message_broker_ssl_client_key_file_contents, + message_broker_enabled => $message_broker_enabled, } # redis (custom module written by tipit) diff --git a/modules/openstack_project/manifests/openstackid_prod.pp b/modules/openstack_project/manifests/openstackid_prod.pp index a3ba7194cc..23cb270637 100644 --- a/modules/openstack_project/manifests/openstackid_prod.pp +++ b/modules/openstack_project/manifests/openstackid_prod.pp @@ -70,68 +70,96 @@ class openstack_project::openstackid_prod ( $mysql_ssl_client_cert_file = '/etc/mysql-client-ssl/client-cert.pem', $mysql_ssl_client_cert_file_contents = '', $user_spam_processor_to = '', + $message_broker_exchange_name = 'message-broker', + $message_broker_host = '', + $message_broker_port = 5672, + $message_broker_vhost = 'databus', + $message_broker_login = '', + $message_broker_password = '', + $message_broker_ssl_enabled = false, + $message_broker_ssl_ca_file = '/etc/rabbitmq-client-ssl/ca-cert.pem', + $message_broker_ssl_ca_file_contents = '', + $message_broker_ssl_client_cert_file = '/etc/rabbitmq-client-ssl/client-cert.pem', + $message_broker_ssl_client_cert_file_contents = '', + $message_broker_ssl_client_key_file = '/etc/rabbitmq-client-ssl/client-key.pem', + $message_broker_ssl_client_key_file_contents = '', + $message_broker_enabled = false, ) { class { 'openstack_project::server': } class { 'openstackid': - site_admin_password => $site_admin_password, - id_mysql_host => $id_mysql_host, - id_mysql_user => $id_mysql_user, - id_mysql_password => $id_mysql_password, - id_db_name => $id_db_name, - redis_port => $redis_port, - redis_host => $redis_bind, - redis_password => $redis_password, - id_recaptcha_public_key => $id_recaptcha_public_key, - id_recaptcha_private_key => $id_recaptcha_private_key, - id_recaptcha_template => $id_recaptcha_template, - id_log_error_to_email => $id_log_error_to_email, - id_log_error_from_email => $id_log_error_from_email, - id_environment => $id_environment, - ssl_cert_file => "/etc/ssl/certs/${::fqdn}.pem", - ssl_key_file => "/etc/ssl/private/${::fqdn}.key", - ssl_chain_file => '/etc/ssl/certs/intermediate.pem', - ssl_cert_file_contents => $ssl_cert_file_contents, - ssl_key_file_contents => $ssl_key_file_contents, - ssl_chain_file_contents => $ssl_chain_file_contents, - vhost_name => $vhost_name, - serveradmin => $serveradmin, - canonicalweburl => $canonicalweburl, - session_cookie_domain => $session_cookie_domain, - openstackid_release => $release, - app_url => $app_url, - app_key => $app_key, - app_version => $release, - email_driver => $email_driver, - email_send_grid_api_key => $email_send_grid_api_key, - email_smtp_server => $email_smtp_server, - email_smtp_server_port => $email_smtp_server_port, - email_smtp_server_user => $email_smtp_server_user, - email_smtp_server_password => $email_smtp_server_password, - laravel_version => $laravel_version, - app_log_level => $app_log_level, - app_log_email_level => $app_log_email_level, - db_log_enabled => $db_log_enabled, - banning_enabled => $banning_enabled, - app_debug => $app_debug, - app_locale => $app_locale, - curl_verify_ssl_cert => $curl_verify_ssl_cert, - curl_allow_redirect => $curl_allow_redirect, - curl_timeout => $curl_timeout, - assets_base_url => $assets_base_url, - cache_driver => $cache_driver, - session_driver => $session_driver, - session_cookie_secure => $session_cookie_secure, - php_version => $php_version, - mysql_ssl_enabled => $mysql_ssl_enabled, - mysql_ssl_ca_file => $mysql_ssl_ca_file, - mysql_ssl_ca_file_contents => $mysql_ssl_ca_file_contents, - mysql_ssl_client_key_file => $mysql_ssl_client_key_file, - mysql_ssl_client_key_file_contents => $mysql_ssl_client_key_file_contents, - mysql_ssl_client_cert_file => $mysql_ssl_client_cert_file, - mysql_ssl_client_cert_file_contents => $mysql_ssl_client_cert_file_contents, - user_spam_processor_to => $user_spam_processor_to + site_admin_password => $site_admin_password, + id_mysql_host => $id_mysql_host, + id_mysql_user => $id_mysql_user, + id_mysql_password => $id_mysql_password, + id_db_name => $id_db_name, + redis_port => $redis_port, + redis_host => $redis_bind, + redis_password => $redis_password, + id_recaptcha_public_key => $id_recaptcha_public_key, + id_recaptcha_private_key => $id_recaptcha_private_key, + id_recaptcha_template => $id_recaptcha_template, + id_log_error_to_email => $id_log_error_to_email, + id_log_error_from_email => $id_log_error_from_email, + id_environment => $id_environment, + ssl_cert_file => "/etc/ssl/certs/${::fqdn}.pem", + ssl_key_file => "/etc/ssl/private/${::fqdn}.key", + ssl_chain_file => '/etc/ssl/certs/intermediate.pem', + ssl_cert_file_contents => $ssl_cert_file_contents, + ssl_key_file_contents => $ssl_key_file_contents, + ssl_chain_file_contents => $ssl_chain_file_contents, + vhost_name => $vhost_name, + serveradmin => $serveradmin, + canonicalweburl => $canonicalweburl, + session_cookie_domain => $session_cookie_domain, + openstackid_release => $release, + app_url => $app_url, + app_key => $app_key, + app_version => $release, + email_driver => $email_driver, + email_send_grid_api_key => $email_send_grid_api_key, + email_smtp_server => $email_smtp_server, + email_smtp_server_port => $email_smtp_server_port, + email_smtp_server_user => $email_smtp_server_user, + email_smtp_server_password => $email_smtp_server_password, + laravel_version => $laravel_version, + app_log_level => $app_log_level, + app_log_email_level => $app_log_email_level, + db_log_enabled => $db_log_enabled, + banning_enabled => $banning_enabled, + app_debug => $app_debug, + app_locale => $app_locale, + curl_verify_ssl_cert => $curl_verify_ssl_cert, + curl_allow_redirect => $curl_allow_redirect, + curl_timeout => $curl_timeout, + assets_base_url => $assets_base_url, + cache_driver => $cache_driver, + session_driver => $session_driver, + session_cookie_secure => $session_cookie_secure, + php_version => $php_version, + mysql_ssl_enabled => $mysql_ssl_enabled, + mysql_ssl_ca_file => $mysql_ssl_ca_file, + mysql_ssl_ca_file_contents => $mysql_ssl_ca_file_contents, + mysql_ssl_client_key_file => $mysql_ssl_client_key_file, + mysql_ssl_client_key_file_contents => $mysql_ssl_client_key_file_contents, + mysql_ssl_client_cert_file => $mysql_ssl_client_cert_file, + mysql_ssl_client_cert_file_contents => $mysql_ssl_client_cert_file_contents, + user_spam_processor_to => $user_spam_processor_to, + message_broker_exchange_name => $message_broker_exchange_name, + message_broker_host => $message_broker_host, + message_broker_port => $message_broker_port, + message_broker_vhost => $message_broker_vhost, + message_broker_login => $message_broker_login, + message_broker_password => $message_broker_password, + message_broker_ssl_enabled => $message_broker_ssl_enabled, + message_broker_ssl_ca_file => $message_broker_ssl_ca_file, + message_broker_ssl_ca_file_contents => $message_broker_ssl_ca_file_contents, + message_broker_ssl_client_cert_file => $message_broker_ssl_client_cert_file, + message_broker_ssl_client_cert_file_contents => $message_broker_ssl_client_cert_file_contents, + message_broker_ssl_client_key_file => $message_broker_ssl_client_key_file, + message_broker_ssl_client_key_file_contents => $message_broker_ssl_client_key_file_contents, + message_broker_enabled => $message_broker_enabled, } # redis (custom module written by tipit)