18830: fix nginx parameters for single-host/single-hostname provisioning

author Javier Bértoli <jbertoli@curii.com>

Thu, 3 Mar 2022 18:52:24 +0000 (15:52 -0300)

committer Javier Bértoli <jbertoli@curii.com>

Thu, 3 Mar 2022 18:52:24 +0000 (15:52 -0300)
author Javier Bértoli <jbertoli@curii.com>
Thu, 3 Mar 2022 18:52:24 +0000 (15:52 -0300)
committer Javier Bértoli <jbertoli@curii.com>
Thu, 3 Mar 2022 18:52:24 +0000 (15:52 -0300)
diff --git a/tools/salt-install/Vagrantfile b/tools/salt-install/Vagrantfile

index 27f1591c8f498c2112aa7178eba4003c5f999baa..a8dd34534303cb4266ed51c0bd19eae5f9d1c61f 100644 (file)
--- a/tools/salt-install/Vagrantfile
+++ b/tools/salt-install/Vagrantfile
@@ -81,6 +81,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
                        inline: "cp -vr /vagrant/config_examples/single_host/single_hostname /home/vagrant/local_config_dir;
                                 cp -vr /vagrant/tests /home/vagrant/tests;
                                 sed 's#HOSTNAME_EXT=\"hostname_ext_fixme_or_this_wont_work\"#HOSTNAME_EXT=\"zeppo.local\"#g;
+                                   's#IP_INT=\"ip_int_fixme_or_this_wont_work\"#IP_INT=\"127.0.0.1\"#g;
                                      s#cluster_fixme_or_this_wont_work#zeppo#g;
                                      s#domain_fixme_or_this_wont_work#local#g;' \
                                      /vagrant/local.params.example.single_host_single_hostname > /tmp/local.params.single_host_single_hostname"
diff --git a/tools/salt-install/config_examples/single_host/single_hostname/pillars/arvados.sls b/tools/salt-install/config_examples/single_host/single_hostname/pillars/arvados.sls

index 334edb946b28880336bf85683fc30a45eef815a1..8b8e4f7f9e1d05815c8d1ca698317221ea762796 100644 (file)
--- a/tools/salt-install/config_examples/single_host/single_hostname/pillars/arvados.sls
+++ b/tools/salt-install/config_examples/single_host/single_hostname/pillars/arvados.sls
@@ -1,3 +1,5 @@
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
  ---
  # Copyright (C) The Arvados Authors. All rights reserved.
  #
@@ -67,8 +69,15 @@ arvados:
        host: 127.0.0.1
        password: "__DATABASE_PASSWORD__"
        user: __CLUSTER___arvados
-      encoding: en_US.utf8
-      client_encoding: UTF8
+      extra_conn_params:
+        client_encoding: UTF8
+      # Centos7 does not enable SSL by default, so we disable
+      # it here just for testing of the formula purposes only.
+      # You should not do this in production, and should
+      # configure Postgres certificates correctly
+      {%- if grains.os_family in ('RedHat',) %}
+        sslmode: disable
+      {%- endif %}
  
      tls:
        # certificate: ''
@@ -76,6 +85,13 @@ arvados:
        # When using arvados-snakeoil certs set insecure: true
        insecure: true
  
+    resources:
+      virtual_machines:
+        shell:
+          name: webshell
+          backend: 127.0.1.1
+          port: 4200
+
      ### TOKENS
      tokens:
        system_root: __SYSTEM_ROOT_TOKEN__
diff --git a/tools/salt-install/config_examples/single_host/single_hostname/pillars/nginx_api_configuration.sls b/tools/salt-install/config_examples/single_host/single_hostname/pillars/nginx_api_configuration.sls

index ac3ba99f16cd5316bbe88f757c56502ab2499091..04195ae5b9b23e25f21ad1703b66c4a2116cfb21 100644 (file)
--- a/tools/salt-install/config_examples/single_host/single_hostname/pillars/nginx_api_configuration.sls
+++ b/tools/salt-install/config_examples/single_host/single_hostname/pillars/nginx_api_configuration.sls
@@ -3,10 +3,16 @@
  #
  # SPDX-License-Identifier: AGPL-3.0
  
+{%- if grains.os_family in ('RedHat',) %}
+  {%- set group = 'nginx' %}
+{%- else %}
+  {%- set group = 'www-data' %}
+{%- endif %}
+
  ### ARVADOS
  arvados:
    config:
-    group: www-data
+    group: {{ group }}
  
  ### NGINX
  nginx:
diff --git a/tools/salt-install/config_examples/single_host/single_hostname/pillars/nginx_workbench2_configuration.sls b/tools/salt-install/config_examples/single_host/single_hostname/pillars/nginx_workbench2_configuration.sls

index 8e4b9b4aa1d99b4e53dac95580e85f1dc79f2f2a..d28fe80278d0629588b5ac2d8f33b39665447936 100644 (file)
--- a/tools/salt-install/config_examples/single_host/single_hostname/pillars/nginx_workbench2_configuration.sls
+++ b/tools/salt-install/config_examples/single_host/single_hostname/pillars/nginx_workbench2_configuration.sls
@@ -1,18 +1,38 @@
  ---
  # Copyright (C) The Arvados Authors. All rights reserved.
  #
-# SPDX-License-Identifier: AGPL-3.0
+# SPDX-License-Identifier: Apache-2.0
+
+{%- if grains.os_family in ('RedHat',) %}
+  {%- set group = 'nginx' %}
+{%- else %}
+  {%- set group = 'www-data' %}
+{%- endif %}
  
  ### ARVADOS
  arvados:
    config:
-    group: www-data
+    group: {{ group }}
  
  ### NGINX
  nginx:
    ### SITES
    servers:
      managed:
+      ### DEFAULT
+      arvados_workbench2_default.conf:
+        enabled: true
+        overwrite: true
+        config:
+          - server:
+            - server_name: workbench2.__CLUSTER__.__DOMAIN__
+            - listen:
+              - 80
+            - location /.well-known:
+              - root: /var/www
+            - location /:
+              - return: '301 https://$host$request_uri'
+
        arvados_workbench2_ssl.conf:
          enabled: true
          overwrite: true
diff --git a/tools/salt-install/config_examples/single_host/single_hostname/pillars/nginx_workbench_configuration.sls b/tools/salt-install/config_examples/single_host/single_hostname/pillars/nginx_workbench_configuration.sls

index 3477c02750c98860ab555bb619b96cf1d9a450ff..59fb43e57af40d70736dc27822c304bdce76f1c6 100644 (file)
--- a/tools/salt-install/config_examples/single_host/single_hostname/pillars/nginx_workbench_configuration.sls
+++ b/tools/salt-install/config_examples/single_host/single_hostname/pillars/nginx_workbench_configuration.sls
@@ -3,10 +3,16 @@
  #
  # SPDX-License-Identifier: AGPL-3.0
  
+{%- if grains.os_family in ('RedHat',) %}
+  {%- set group = 'nginx' %}
+{%- else %}
+  {%- set group = 'www-data' %}
+{%- endif %}
+
  ### ARVADOS
  arvados:
    config:
-    group: www-data
+    group: {{ group }}
  
  ### NGINX
  nginx:
@@ -22,6 +28,20 @@ nginx:
    ### SITES
    servers:
      managed:
+      ### DEFAULT
+      arvados_workbench_default.conf:
+        enabled: true
+        overwrite: true
+        config:
+          - server:
+            - server_name: workbench.__CLUSTER__.__DOMAIN__
+            - listen:
+              - 80
+            - location /.well-known:
+              - root: /var/www
+            - location /:
+              - return: '301 https://$host$request_uri'
+
        arvados_workbench_ssl.conf:
          enabled: true
          overwrite: true
author	Javier Bértoli <jbertoli@curii.com>
	Thu, 3 Mar 2022 18:52:24 +0000 (15:52 -0300)
committer	Javier Bértoli <jbertoli@curii.com>
	Thu, 3 Mar 2022 18:52:24 +0000 (15:52 -0300)
tools/salt-install/Vagrantfile		patch \| blob \| history
tools/salt-install/config_examples/single_host/single_hostname/pillars/arvados.sls		patch \| blob \| history
tools/salt-install/config_examples/single_host/single_hostname/pillars/nginx_api_configuration.sls		patch \| blob \| history
tools/salt-install/config_examples/single_host/single_hostname/pillars/nginx_workbench2_configuration.sls		patch \| blob \| history
tools/salt-install/config_examples/single_host/single_hostname/pillars/nginx_workbench_configuration.sls		patch \| blob \| history