# Node-OS: xenial node /^health\d*\.openstack\.org$/ { $group = "health" class { 'openstack_project::server': } class { 'openstack_project::openstack_health_api': subunit2sql_db_host => hiera('subunit2sql_db_host', 'localhost'), hostname => 'health.openstack.org', } } # Node-OS: xenial node /^cacti\d+\.open.*\.org$/ { $group = "cacti" class { 'openstack_project::cacti': cacti_hosts => hiera_array('cacti_hosts'), vhost_name => 'cacti.openstack.org', } } # Node-OS: xenial node /^paste\d*\.open.*\.org$/ { $group = "paste" class { 'openstack_project::server': } class { 'openstack_project::paste': db_password => hiera('paste_db_password'), db_host => hiera('paste_db_host'), vhost_name => 'paste.openstack.org', } } # Node-OS: xenial node /^ethercalc\d+\.open.*\.org$/ { $group = "ethercalc" class { 'openstack_project::server': } class { 'openstack_project::ethercalc': vhost_name => 'ethercalc.openstack.org', ssl_cert_file => '/etc/letsencrypt-certs/ethercalc.openstack.org/ethercalc.openstack.org.cer', ssl_key_file => '/etc/letsencrypt-certs/ethercalc.openstack.org/ethercalc.openstack.org.key', ssl_chain_file => '/etc/letsencrypt-certs/ethercalc.openstack.org/ca.cer', } } # Node-OS: xenial node /^wiki\d+\.openstack\.org$/ { $group = "wiki" class { 'openstack_project::wiki': bup_user => 'bup-wiki', serveradmin => hiera('infra_apache_serveradmin'), site_hostname => 'wiki.openstack.org', ssl_cert_file_contents => hiera('ssl_cert_file_contents'), ssl_key_file_contents => hiera('ssl_key_file_contents'), ssl_chain_file_contents => hiera('ssl_chain_file_contents'), wg_dbserver => hiera('wg_dbserver'), wg_dbname => 'openstack_wiki', wg_dbuser => 'wikiuser', wg_dbpassword => hiera('wg_dbpassword'), wg_secretkey => hiera('wg_secretkey'), wg_upgradekey => hiera('wg_upgradekey'), wg_recaptchasitekey => hiera('wg_recaptchasitekey'), wg_recaptchasecretkey => hiera('wg_recaptchasecretkey'), wg_googleanalyticsaccount => hiera('wg_googleanalyticsaccount'), } } # Node-OS: xenial node /^wiki-dev\d+\.openstack\.org$/ { $group = "wiki-dev" class { 'openstack_project::wiki': serveradmin => hiera('infra_apache_serveradmin'), site_hostname => 'wiki-dev.openstack.org', wg_dbserver => hiera('wg_dbserver'), wg_dbname => 'openstack_wiki', wg_dbuser => 'wikiuser', wg_dbpassword => hiera('wg_dbpassword'), wg_secretkey => hiera('wg_secretkey'), wg_upgradekey => hiera('wg_upgradekey'), wg_recaptchasitekey => hiera('wg_recaptchasitekey'), wg_recaptchasecretkey => hiera('wg_recaptchasecretkey'), disallow_robots => true, } } # Node-OS: xenial node /^logstash\d*\.open.*\.org$/ { class { 'openstack_project::server': } class { 'openstack_project::logstash': discover_nodes => [ 'elasticsearch03.openstack.org:9200', 'elasticsearch04.openstack.org:9200', 'elasticsearch05.openstack.org:9200', 'elasticsearch06.openstack.org:9200', 'elasticsearch07.openstack.org:9200', 'elasticsearch02.openstack.org:9200', ], subunit2sql_db_host => hiera('subunit2sql_db_host', ''), subunit2sql_db_pass => hiera('subunit2sql_db_password', ''), } } # Node-OS: xenial node /^logstash-worker\d+\.open.*\.org$/ { $group = 'logstash-worker' $elasticsearch_nodes = [ 'elasticsearch02.openstack.org', 'elasticsearch03.openstack.org', 'elasticsearch04.openstack.org', 'elasticsearch05.openstack.org', 'elasticsearch06.openstack.org', 'elasticsearch07.openstack.org', ] class { 'openstack_project::server': } class { 'openstack_project::logstash_worker': discover_node => 'elasticsearch03.openstack.org', enable_mqtt => false, mqtt_password => hiera('mqtt_service_user_password'), mqtt_ca_cert_contents => hiera('mosquitto_tls_ca_file'), } } # Node-OS: xenial node /^subunit-worker\d+\.open.*\.org$/ { $group = "subunit-worker" class { 'openstack_project::server': } class { 'openstack_project::subunit_worker': subunit2sql_db_host => hiera('subunit2sql_db_host', ''), subunit2sql_db_pass => hiera('subunit2sql_db_password', ''), mqtt_pass => hiera('mqtt_service_user_password'), mqtt_ca_cert_contents => hiera('mosquitto_tls_ca_file'), } } # Node-OS: xenial node /^elasticsearch\d+\.open.*\.org$/ { $group = "elasticsearch" $elasticsearch_nodes = [ 'elasticsearch02.openstack.org', 'elasticsearch03.openstack.org', 'elasticsearch04.openstack.org', 'elasticsearch05.openstack.org', 'elasticsearch06.openstack.org', 'elasticsearch07.openstack.org', ] class { 'openstack_project::server': } class { 'openstack_project::elasticsearch_node': discover_nodes => $elasticsearch_nodes, } } # A machine to run Storyboard # Node-OS: xenial node /^storyboard\d+\.opendev\.org$/ { $group = "storyboard" class { 'openstack_project::storyboard': project_config_repo => 'https://opendev.org/openstack/project-config', mysql_host => hiera('storyboard_db_host', 'localhost'), mysql_user => hiera('storyboard_db_user', 'username'), mysql_password => hiera('storyboard_db_password'), rabbitmq_user => hiera('storyboard_rabbit_user', 'username'), rabbitmq_password => hiera('storyboard_rabbit_password'), ssl_cert => '/etc/letsencrypt-certs/storyboard.openstack.org/storyboard.openstack.org.cer', ssl_key => '/etc/letsencrypt-certs/storyboard.openstack.org/storyboard.openstack.org.key', ssl_ca => '/etc/letsencrypt-certs/storyboard.openstack.org/ca.cer', hostname => 'storyboard.openstack.org', valid_oauth_clients => ['storyboard.openstack.org',], cors_allowed_origins => ['https://storyboard.openstack.org',], sender_email_address => 'storyboard@storyboard.openstack.org', default_url => 'https://storyboard.openstack.org', } } # A machine to run Storyboard devel # Node-OS: xenial node /^storyboard-dev\d+\.opendev\.org$/ { $group = "storyboard-dev" class { 'openstack_project::storyboard::dev': project_config_repo => 'https://opendev.org/openstack/project-config', mysql_host => hiera('storyboard_db_host', 'localhost'), mysql_user => hiera('storyboard_db_user', 'username'), mysql_password => hiera('storyboard_db_password'), rabbitmq_user => hiera('storyboard_rabbit_user', 'username'), rabbitmq_password => hiera('storyboard_rabbit_password'), hostname => 'storyboard-dev.openstack.org', valid_oauth_clients => ['^.*',], cors_allowed_origins => ['^.*',], sender_email_address => 'storyboard-dev@storyboard-dev.openstack.org', default_url => 'https://storyboard-dev.openstack.org', } } # A machine to serve various project status updates. # Node-OS: xenial node /^status\d*\.open.*\.org$/ { $group = 'status' class { 'openstack_project::server': } class { 'openstack_project::status': gerrit_host => 'review.opendev.org', gerrit_ssh_host_key => hiera('gerrit_ssh_rsa_pubkey_contents'), reviewday_ssh_public_key => hiera('reviewday_rsa_pubkey_contents'), reviewday_ssh_private_key => hiera('reviewday_rsa_key_contents'), recheck_ssh_public_key => hiera('elastic-recheck_gerrit_ssh_public_key'), recheck_ssh_private_key => hiera('elastic-recheck_gerrit_ssh_private_key'), recheck_bot_nick => 'openstackrecheck', recheck_bot_passwd => hiera('elastic-recheck_ircbot_password'), } } # Node-OS: xenial node /^openstackid\d*(\.openstack)?\.org$/ { $group = "openstackid" class { 'openstack_project::openstackid_prod': site_admin_password => hiera('openstackid_site_admin_password'), id_mysql_host => hiera('openstackid_id_mysql_host', 'localhost'), id_mysql_password => hiera('openstackid_id_mysql_password'), id_mysql_user => hiera('openstackid_id_mysql_user', 'username'), id_db_name => hiera('openstackid_id_db_name'), redis_password => hiera('openstackid_redis_password'), ssl_cert_file => '/etc/letsencrypt-certs/openstackid.org/openstackid.org.cer', ssl_key_file => '/etc/letsencrypt-certs/openstackid.org/openstackid.org.key', ssl_chain_file => '/etc/letsencrypt-certs/openstackid.org/ca.cer', id_recaptcha_public_key => hiera('openstackid_recaptcha_public_key'), id_recaptcha_private_key => hiera('openstackid_recaptcha_private_key'), vhost_name => 'openstackid.org', session_cookie_domain => 'openstackid.org', serveradmin => 'webmaster@openstackid.org', canonicalweburl => 'https://openstackid.org/', app_url => 'https://openstackid.org', app_key => hiera('openstackid_app_key'), id_log_error_to_email => 'openstack@tipit.net', id_log_error_from_email => 'noreply@openstack.org', email_driver => 'sendgrid', email_send_grid_api_key => hiera('openstackid_send_grid_api_key'), php_version => 7, mysql_ssl_enabled => true, mysql_ssl_ca_file_contents => hiera('openstackid_mysql_ssl_ca_file_contents'), mysql_ssl_client_key_file_contents => hiera('openstackid_mysql_ssl_client_key_file_contents'), mysql_ssl_client_cert_file_contents => hiera('openstackid_mysql_ssl_client_cert_file_contents'), user_spam_processor_to => hiera('openstackid_user_spam_processor_to'), message_broker_exchange_name => 'message-broker', message_broker_host => hiera('openstackid_message_broker_host'), message_broker_port => 5671, message_broker_vhost => 'databus', message_broker_login => hiera('openstackid_message_broker_login'), message_broker_password => hiera('openstackid_message_broker_password'), message_broker_ssl_enabled => true, message_broker_ssl_ca_file_contents => hiera('openstackid_message_broker_ssl_ca_file_contents'), message_broker_ssl_client_cert_file_contents => hiera('openstackid_message_broker_ssl_client_cert_file_contents'), message_broker_ssl_client_key_file_contents => hiera('openstackid_message_broker_ssl_client_key_file_contents'), message_broker_enabled => true, cloud_storage_base_url => hiera('openstackid_cloud_storage_base_url'), cloud_storage_auth_url => 'https://auth.vexxhost.net/v3', cloud_storage_app_credential_id => hiera('openstackid_cloud_storage_app_credential_id'), cloud_storage_app_credential_secret => hiera('openstackid_cloud_storage_app_credential_secret'), cloud_storage_project_name => hiera('openstackid_cloud_storage_project_name'), cloud_storage_region => 'ca-ymq-1', cloud_storage_container => 'idp-osf', } } # Node-OS: xenial node /^openstackid-dev\d*\.openstack\.org$/ { $group = "openstackid-dev" class { 'openstack_project::openstackid_dev': site_admin_password => hiera('openstackid_dev_site_admin_password'), id_mysql_host => hiera('openstackid_dev_id_mysql_host', 'localhost'), id_mysql_password => hiera('openstackid_dev_id_mysql_password'), id_mysql_user => hiera('openstackid_dev_id_mysql_user', 'username'), redis_password => hiera('openstackid_dev_redis_password'), ssl_cert_file_contents => hiera('openstackid_dev_ssl_cert_file_contents'), ssl_key_file_contents => hiera('openstackid_dev_ssl_key_file_contents'), ssl_chain_file_contents => hiera('openstackid_dev_ssl_chain_file_contents'), id_recaptcha_public_key => hiera('openstackid_dev_recaptcha_public_key'), id_recaptcha_private_key => hiera('openstackid_dev_recaptcha_private_key'), vhost_name => 'openstackid-dev.openstack.org', session_cookie_domain => 'openstackid-dev.openstack.org', serveradmin => 'webmaster@openstackid-dev.openstack.org', canonicalweburl => 'https://openstackid-dev.openstack.org/', app_url => 'https://openstackid-dev.openstack.org', app_key => hiera('openstackid_dev_app_key'), id_log_error_to_email => 'openstack@tipit.net', id_log_error_from_email => 'noreply@openstack.org', email_driver => 'sendgrid', email_send_grid_api_key => hiera('openstackid_dev_send_grid_api_key'), php_version => 7, mysql_ssl_enabled => true, mysql_ssl_ca_file_contents => hiera('openstackid_dev_mysql_ssl_ca_file_contents'), mysql_ssl_client_key_file_contents => hiera('openstackid_dev_mysql_ssl_client_key_file_contents'), mysql_ssl_client_cert_file_contents => hiera('openstackid_dev_mysql_ssl_client_cert_file_contents'), user_spam_processor_to => hiera('openstackid_dev_user_spam_processor_to'), message_broker_exchange_name => 'message-broker', message_broker_host => hiera('openstackid_dev_message_broker_host'), message_broker_port => 5671, message_broker_vhost => 'databus', message_broker_login => hiera('openstackid_dev_message_broker_login'), message_broker_password => hiera('openstackid_dev_message_broker_password'), message_broker_ssl_enabled => true, message_broker_ssl_ca_file_contents => hiera('openstackid_dev_message_broker_ssl_ca_file_contents'), message_broker_ssl_client_cert_file_contents => hiera('openstackid_dev_message_broker_ssl_client_cert_file_contents'), message_broker_ssl_client_key_file_contents => hiera('openstackid_dev_message_broker_ssl_client_key_file_contents'), message_broker_enabled => true, cloud_storage_base_url => hiera('openstackid_dev_cloud_storage_base_url'), cloud_storage_auth_url => 'https://auth.vexxhost.net/v3', cloud_storage_app_credential_id => hiera('openstackid_dev_cloud_storage_app_credential_id'), cloud_storage_app_credential_secret => hiera('openstackid_dev_cloud_storage_app_credential_secret'), cloud_storage_project_name => hiera('openstackid_dev_cloud_storage_project_name'), cloud_storage_region => 'ca-ymq-1', cloud_storage_container => 'idp-osf', } } # Node-OS: xenial node /^translate\d+\.open.*\.org$/ { $group = "translate" class { 'openstack_project::server': } class { 'openstack_project::translate': admin_users => 'aeng,cboylan,eumel8,ianw,ianychoi,infra,jaegerandi,mordred,stevenk', openid_url => 'https://openstackid.org', listeners => ['ajp'], from_address => 'noreply@openstack.org', mysql_host => hiera('translate_mysql_host', 'localhost'), mysql_password => hiera('translate_mysql_password'), zanata_server_user => hiera('proposal_zanata_user'), zanata_server_api_key => hiera('proposal_zanata_api_key'), zanata_wildfly_version => '10.1.0', zanata_wildfly_install_url => 'https://repo1.maven.org/maven2/org/wildfly/wildfly-dist/10.1.0.Final/wildfly-dist-10.1.0.Final.tar.gz', zanata_main_version => 4, zanata_url => 'https://github.com/zanata/zanata-platform/releases/download/platform-4.3.3/zanata-4.3.3-wildfly.zip', zanata_checksum => 'eaf8bd07401dade758b677007d2358f173193d17', project_config_repo => 'https://opendev.org/openstack/project-config', ssl_cert_file => '/etc/letsencrypt-certs/translate.openstack.org/translate.openstack.org.cer', ssl_key_file => '/etc/letsencrypt-certs/translate.openstack.org/translate.openstack.org.key', ssl_chain_file => '/etc/letsencrypt-certs/translate.openstack.org/ca.cer', vhost_name => 'translate.openstack.org', } } # Node-OS: xenial node /^translate-dev\d*\.open.*\.org$/ { $group = "translate-dev" class { 'openstack_project::translate_dev': admin_users => 'aeng,cboylan,eumel,eumel8,ianw,ianychoi,infra,jaegerandi,mordred,stevenk', openid_url => 'https://openstackid-dev.openstack.org', listeners => ['ajp'], from_address => 'noreply@openstack.org', mysql_host => hiera('translate_dev_mysql_host', 'localhost'), mysql_password => hiera('translate_dev_mysql_password'), zanata_server_user => hiera('proposal_zanata_user'), zanata_server_api_key => hiera('proposal_zanata_api_key'), project_config_repo => 'https://opendev.org/openstack/project-config', vhost_name => 'translate-dev.openstack.org', } } # vim:sw=2:ts=2:expandtab:textwidth=79