exit 1
fi
+USE_SSH_JUMPHOST=${USE_SSH_JUMPHOST:-}
+DISABLED_CONTROLLER=""
+DATABASE_POSTGRESQL_DEFAULT_VERSION=15
+
# Comma-separated list of nodes. This is used to dynamically adjust
# salt pillars.
NODELIST=""
fi
done
-# The mapping of roles to nodes. This is used to dinamically adjust
+# The mapping of roles to nodes. This is used to dynamically adjust
# salt pillars.
-declare -A ROLES
for node in "${!NODES[@]}"; do
roles="${NODES[$node]}"
IFS=',' read -ra roles_array <<< "$roles"
for role in "${roles_array[@]}"; do
- if [ -n "${ROLES[$role]:-}" ]; then
- ROLES["$role"]="${ROLES[$role]},$node"
+ if [ -n "${ROLE2NODES[$role]:-}" ]; then
+ ROLE2NODES["$role"]="${ROLE2NODES[$role]},$node"
else
- ROLES["$role"]=$node
+ ROLE2NODES["$role"]=$node
fi
done
done
+# Sets TLS certificate expiration thresholds
+TLS_EXPIRATION_YELLOW=5184000 # > 2 months
+TLS_EXPIRATION_GREEN=15552000 # > 6 months
+if [[ "${SSL_MODE}" == "lets-encrypt" ]]; then
+ TLS_EXPIRATION_YELLOW=1900800 # > 22 days
+ TLS_EXPIRATION_GREEN=2505600 # > 29 days
+fi
+
# Auto-detects load-balancing mode
-if [ -z "${ROLES['balancer']:-}" ]; then
+if [ -z "${ROLE2NODES['balancer']:-}" ]; then
ENABLE_BALANCER="no"
else
ENABLE_BALANCER="yes"
fi
+
+# Auto-sets PG version if needed
+if [[ -n "${ROLE2NODES['database']:-}" || "${NODELIST}" == "localhost" ]]; then
+ DATABASE_POSTGRESQL_VERSION="${DATABASE_POSTGRESQL_VERSION:-${DATABASE_POSTGRESQL_DEFAULT_VERSION}}"
+fi
\ No newline at end of file
projects / arvados.git / blobdiff