From aad69fcdb038bcebee29ecef76dab4d62e2cc482 Mon Sep 17 00:00:00 2001 From: Sven Ketelsen Date: Tue, 5 Oct 2021 21:20:00 +0200 Subject: [PATCH] feat: split management setup into own role (dev) - the smardigo management instance is now configured by group management. connect is now only for dynamic smardigo instances. - -management-01-connect. --- group_vars/stage_dev/plain.yml | 108 ++++++++++++++++++++++++--------- group_vars/stage_qa/plain.yml | 6 +- 2 files changed, 83 insertions(+), 31 deletions(-) diff --git a/group_vars/stage_dev/plain.yml b/group_vars/stage_dev/plain.yml index 7207fe9..1797d2e 100644 --- a/group_vars/stage_dev/plain.yml +++ b/group_vars/stage_dev/plain.yml @@ -4,33 +4,81 @@ stage: "dev" # TODO read configuration with hetzner rest api shared_service_network: "10.0.0.0/16" -shared_service_docker_ip: "10.0.0.7" -shared_service_elastic_01: "10.0.0.22" -shared_service_elastic_02: "10.0.0.23" -shared_service_elastic_03: "10.0.0.24" -shared_service_logstash_01: "10.0.0.26" -shared_service_iam_ip: "10.0.0.13" -shared_service_keycloak_ip: "10.0.0.6" -shared_service_mail_ip: "10.0.0.8" -shared_service_maria_ip: "10.0.0.11" -shared_service_pg_master_ip: "10.0.0.17" -shared_service_pg_slave_ip: "10.0.0.18" -shared_service_webdav_ip: "10.0.0.16" - -shared_service_maria_hostname: "dev-maria-01" -shared_service_postgres_01_hostname: "dev-postgres-01" +shared_service_elastic_01: "{{ stage_server_infos + | selectattr('name', 'match', stage + '-elastic-stack-elastic-01' ) + | map(attribute='private_ip') + | list + | first }}" +shared_service_elastic_02: "{{ stage_server_infos + | selectattr('name', 'match', stage + '-elastic-stack-elastic-02' ) + | map(attribute='private_ip') + | list + | first }}" +shared_service_elastic_03: "{{ stage_server_infos + | selectattr('name', 'match', stage + '-elastic-stack-elastic-03' ) + | map(attribute='private_ip') + | list + | first }}" +shared_service_logstash_01: "{{ stage_server_infos + | selectattr('name', 'match', stage + '-elastic-stack-logstash-01' ) + | map(attribute='private_ip') + | list + | first }}" +shared_service_docker_ip: "{{ stage_server_infos + | selectattr('name', 'match', stage + '-docker-registry-01' ) + | map(attribute='private_ip') + | list + | first }}" +shared_service_mail_ip: "{{ stage_server_infos + | selectattr('name', 'match', stage + '-mail-01' ) + | map(attribute='private_ip') + | list + | first }}" +shared_service_pg_master_ip: "{{ stage_server_infos + | selectattr('name', 'match', stage + '-postgres-01' ) + | map(attribute='private_ip') + | list + | first }}" +shared_service_pg_slave_ip: "{{ stage_server_infos + | selectattr('name', 'match', stage + '-postgres-02' ) + | map(attribute='private_ip') + | list + | first }}" +shared_service_maria_ip: "{{ stage_server_infos + | selectattr('name', 'match', stage + '-maria-01' ) + | map(attribute='private_ip') + | list + | first }}" +shared_service_keycloak_ip: "{{ stage_server_infos + | selectattr('name', 'match', stage + '-keycloak-01' ) + | map(attribute='private_ip') + | list + | first }}" +shared_service_iam_ip: "{{ stage_server_infos + | selectattr('name', 'match', stage + '-iam-01' ) + | map(attribute='private_ip') + | list + | first }}" +shared_service_webdav_ip: "{{ stage_server_infos + | selectattr('name', 'match', stage + '-webdav-01' ) + | map(attribute='private_ip') + | list + | first }}" + +shared_service_maria_hostname: "{{ stage }}-maria-01" +shared_service_postgres_01_hostname: "{{ stage }}-postgres-01" shared_service_elastic_stack_01_hostname: "{{ stage }}-elastic-stack-elastic-01" shared_service_elastic_stack_02_hostname: "{{ stage }}-elastic-stack-elastic-02" shared_service_elastic_stack_03_hostname: "{{ stage }}-elastic-stack-elastic-03" shared_service_elastic_stack_logstash_01_hostname: "{{ stage }}-elastic-stack-logstash-01" -shared_service_docker_registry_hostname: "dev-docker-registry-01.smardigo.digital" +shared_service_iam_hostname: "{{ stage }}-iam-01.{{ domain }}" +shared_service_mail_hostname: "{{ stage }}-mail-01.{{ domain }}" +shared_service_webdav_hostname: "{{ stage }}-webdav-01.{{ domain }}" +shared_service_keycloak_hostname: "{{ stage }}-keycloak-01.{{ domain }}" +management_service_connect_hostname: "{{ stage }}-management-01-connect.{{ domain }}" -shared_service_iam_hostname: "dev-iam-01.smardigo.digital" -shared_service_keycloak_hostname: "dev-keycloak-01.smardigo.digital" -shared_service_mail_hostname: "dev-mail-01.smardigo.digital" -shared_service_webdav_hostname: "dev-webdav-01.smardigo.digital" -management_service_connect_hostname: "dev-management-01-connect.smardigo.digital" +shared_service_docker_registry_hostname: "{{ stage }}-docker-registry-01.{{ domain }}" keycloak_server_url: "https://{{ shared_service_keycloak_hostname }}" @@ -60,24 +108,24 @@ shared_service_hosts: [ name: "{{ shared_service_docker_registry_hostname }}" }, { - ip: "{{ shared_service_iam_ip }}", - name: "{{ shared_service_iam_hostname }}" + ip: "{{ shared_service_maria_ip }}", + name: "{{ shared_service_maria_hostname }}" }, { - ip: "{{ shared_service_keycloak_ip }}", - name: "{{ shared_service_keycloak_hostname }}" + ip: "{{ shared_service_pg_master_ip }}", + name: "{{ shared_service_postgres_01_hostname }}" }, { ip: "{{ shared_service_mail_ip }}", name: "{{ shared_service_mail_hostname }}" }, { - ip: "{{ shared_service_maria_ip }}", - name: "{{ shared_service_maria_hostname }}" + ip: "{{ shared_service_keycloak_ip }}", + name: "{{ shared_service_keycloak_hostname }}" }, { - ip: "{{ shared_service_pg_master_ip }}", - name: "{{ shared_service_postgres_01_hostname }}" + ip: "{{ shared_service_iam_ip }}", + name: "{{ shared_service_iam_hostname }}" }, { ip: "{{ shared_service_webdav_ip }}", @@ -104,7 +152,7 @@ management_oidc_realm: "management" management_oidc_client_id: "smardigo" smardigo_management_url: "{{ http_s }}://{{ management_service_connect_hostname }}/api/v1/scopes/{{ scope_id }}/processes/{{ process_instance_id }}/messages" -smardigo_management_token: "eyJlbmMiOiJBMTI4Q0JDLUhTMjU2IiwiYWxnIjoiZGlyIn0..rCRO1cVFgkyZ45D5cJNK5g.fc6JVOo5ja5sqe-0PQTfJGOivJ6tyiD-rwgY6rXJ3-U.tOgqgJ2zTjB3_M9BGtvVjQ" +smardigo_management_token: "{{ management_smardigo_user_token_vault }}" connect_element_template_enabled: "true" connect_external_task_script_worker_enabled: "true" diff --git a/group_vars/stage_qa/plain.yml b/group_vars/stage_qa/plain.yml index 22961e6..a97e686 100644 --- a/group_vars/stage_qa/plain.yml +++ b/group_vars/stage_qa/plain.yml @@ -152,7 +152,7 @@ management_oidc_realm: "management" management_oidc_client_id: "smardigo" smardigo_management_url: "{{ http_s }}://{{ management_service_connect_hostname }}/api/v1/scopes/{{ scope_id }}/processes/{{ process_instance_id }}/messages" -smardigo_management_token: "eyJlbmMiOiJBMTI4Q0JDLUhTMjU2IiwiYWxnIjoiZGlyIn0..ynbVHutFvwcnzGNpUrObEA.2kHkShTJHDQIRY5QVmwrC-pQOasbQeHb33L5W4wWDdw.OVghXkhWdkps0YYEomO-pg" +smardigo_management_token: "{{ management_smardigo_user_token_vault }}" connect_element_template_enabled: "true" connect_external_task_script_worker_enabled: "true" @@ -175,6 +175,8 @@ docker_admin_password: "{{ docker_admin_password_vault }}" management_admin_username: "management-admin" management_admin_password: "{{ management_admin_password_vault }}" +management_realm_admin_username: "management-realm-admin" +management_realm_admin_password: "{{ management_realm_admin_password_vault }}" harbor_admin_username: "{{ harbor_admin_username_vault }}" harbor_admin_password: "{{ harbor_admin_password_vault }}" @@ -198,3 +200,5 @@ netgo_msteams_hook_alerting: "{{ netgo_msteams_hook_alerting_vault }}" docker_registry_oidc_client_secret: "{{ docker_registry_oidc_client_secret_vault }}" management_oidc_client_secret: "{{ management_oidc_client_secret_vault }}" + +management_smardigo_user_token: "{{ management_smardigo_user_token_vault }}"