From d3f153c38482fea97a82bdde719c6fdf9783100a Mon Sep 17 00:00:00 2001 From: Adw8 Date: Thu, 26 Sep 2024 11:34:19 +0530 Subject: [PATCH] Couple domain name and domain extension in var --- service-provider-setup/README.md | 10 ++++---- service-provider-setup/deploy-backend.yml | 22 ++++++++--------- service-provider-setup/deploy-frontend.yml | 6 ++--- service-provider-setup/setup-dns.yml | 24 +++++++++---------- service-provider-setup/setup-k8s.yml | 2 +- .../configs/webapp-deployer-config.env.j2 | 8 +++---- .../templates/configs/webapp-ui-config.env.j2 | 2 +- service-provider-setup/templates/k8s.yml.j2 | 6 ++--- .../templates/laconic.yml.j2 | 4 ++-- service-provider-setup/templates/nginx.yml.j2 | 6 ++--- .../specs/container-registry.spec.j2 | 2 +- .../templates/specs/webapp-deployer.spec.j2 | 4 ++-- .../templates/wildcard-pwa-example.yml.j2 | 10 ++++---- .../vars/dns-vars.example.yml | 2 +- .../vars/k8s-vars.example.yml | 3 ++- 15 files changed, 56 insertions(+), 55 deletions(-) diff --git a/service-provider-setup/README.md b/service-provider-setup/README.md index 77fd87a..5ad4c98 100644 --- a/service-provider-setup/README.md +++ b/service-provider-setup/README.md @@ -101,9 +101,9 @@ To get started, follow the [installation](../README.md#installation) guide to se ```bash cd vars - cp dns-vars.example.yml dns1-vars.yml - cp k8s-vars.example.yml k8s1-vars.yml - cp container-vars.example.yml container1-vars.yml + cp dns-vars.example.yml dns-vars.yml + cp k8s-vars.example.yml k8s-vars.yml + cp container-vars.example.yml container-vars.yml cp webapp-vars.example.yml webapp-vars.yml ``` @@ -111,7 +111,7 @@ To get started, follow the [installation](../README.md#installation) guide to se ```bash # vars/dns-vars.yml - domain: "" # eg: laconic.com + full_domain: "" # eg: laconic.com subdomain_prefix: "" # eg: lcn-cad cluster_control_ip: "" # eg: 23.111.78.179 do_api_token: "" # eg: dop_v1... @@ -122,7 +122,7 @@ To get started, follow the [installation](../README.md#installation) guide to se vault_passphrase: "" # passphrase for GPG key org_id: "" # eg: lcn location_id: "" # eg: cad - dns_domain: "" # eg: laconic.com + base_domain: "" # eg: laconic # vars/container-vars.yml container_registry_username: "" # username to login to the container registry diff --git a/service-provider-setup/deploy-backend.yml b/service-provider-setup/deploy-backend.yml index d9bf91c..8fc79f1 100644 --- a/service-provider-setup/deploy-backend.yml +++ b/service-provider-setup/deploy-backend.yml @@ -19,15 +19,15 @@ mode: '0700' - name: Create a GPG key - shell: gpg --batch --passphrase "SECRET" --quick-generate-key webapp-deployer-api.{{ dns_domain }}.com default default never + shell: gpg --batch --passphrase "SECRET" --quick-generate-key webapp-deployer-api.{{ full_domain }} default default never - name: Export the public key - shell: gpg --export webapp-deployer-api.{{ dns_domain }}.com > ~/gpg-keys/webapp-deployer-api.{{ dns_domain }}.com.pgp.pub + shell: gpg --export webapp-deployer-api.{{ full_domain }} > ~/gpg-keys/webapp-deployer-api.{{ full_domain }}.pgp.pub args: - creates: ~/gpg-keys/webapp-deployer-api.{{ dns_domain }}.com.pgp.pub + creates: ~/gpg-keys/webapp-deployer-api.{{ full_domain }}.pgp.pub - name: Export the GPG private key with passphrase - shell: gpg --pinentry-mode=loopback --passphrase "SECRET" --export-secret-keys webapp-deployer-api.{{ dns_domain }}.com > ~/gpg-keys/webapp-deployer-api.{{ dns_domain }}.com.pgp.key + shell: gpg --pinentry-mode=loopback --passphrase "SECRET" --export-secret-keys webapp-deployer-api.{{ full_domain }} > ~/gpg-keys/webapp-deployer-api.{{ full_domain }}.pgp.key - name: Setup repositories for webapp-deployer-backend command: laconic-so --stack webapp-deployer-backend setup-repositories @@ -47,13 +47,13 @@ - name: Copy the gpg private key file to config dir copy: - src: "gpg-keys/webapp-deployer-api.{{ dns_domain }}.com.pgp.key" + src: "gpg-keys/webapp-deployer-api.{{ full_domain }}.pgp.key" dest: "config" remote_src: true - name: Copy the gpg public key file to config dir copy: - src: "gpg-keys/webapp-deployer-api.{{ dns_domain }}.com.pgp.pub" + src: "gpg-keys/webapp-deployer-api.{{ full_domain }}.pgp.pub" dest: "config" remote_src: true @@ -63,9 +63,9 @@ -v /home/{{ ansible_user }}/config:/home/root/config \ cerc/webapp-deployer-backend:local laconic-so publish-deployer-to-registry \ --laconic-config /home/root/config/laconic.yml \ - --api-url https://webapp-deployer-api.{{ dns_domain }}.com \ - --public-key-file /home/root/config/webapp-deployer-api.{{ dns_domain }}.com.pgp.pub \ - --lrn lrn://{{ authority_name }}/deployers/webapp-deployer-api.{{ dns_domain }}.com \ + --api-url https://webapp-deployer-api.{{ full_domain }} \ + --public-key-file /home/root/config/webapp-deployer-api.{{ full_domain }}.pgp.pub \ + --lrn lrn://{{ authority_name }}/deployers/webapp-deployer-api.{{ full_domain }} \ --min-required-payment 100 register: publish_output @@ -118,7 +118,7 @@ register: wait_result - name: Copy gpg private key file to webapp deployer pod - shell: kubectl cp gpg-keys/webapp-deployer-api.{{ dns_domain }}.com.pgp.key {{ pod_id }}:/app + shell: kubectl cp gpg-keys/webapp-deployer-api.{{ full_domain }}.pgp.key {{ pod_id }}:/app - name: Copy gpg public key file to webapp deployer pod - shell: kubectl cp gpg-keys/webapp-deployer-api.{{ dns_domain }}.com.pgp.pub {{ pod_id }}:/app + shell: kubectl cp gpg-keys/webapp-deployer-api.{{ full_domain }}.pgp.pub {{ pod_id }}:/app diff --git a/service-provider-setup/deploy-frontend.yml b/service-provider-setup/deploy-frontend.yml index 0946e99..855d61d 100644 --- a/service-provider-setup/deploy-frontend.yml +++ b/service-provider-setup/deploy-frontend.yml @@ -6,7 +6,7 @@ vars_files: - vars/webapp-vars.yml - - vars/k8s-vars.yml + - vars/dns-vars.yml tasks: - name: Clone webapp-deployment-status-ui repository @@ -21,8 +21,8 @@ - name: Create a deployment for webapp-ui command: | laconic-so deploy-webapp create --kube-config {{ ansible_env.HOME }}/.kube/config-default.yaml - --image-registry container-registry.pwa.{{ dns_domain }}.com --deployment-dir webapp-ui - --image cerc/webapp-deployment-status-ui:local --url https://webapp-deployer-ui.pwa.{{ dns_domain }}.com + --image-registry container-registry.pwa.{{ full_domain }} --deployment-dir webapp-ui + --image cerc/webapp-deployment-status-ui:local --url https://webapp-deployer-ui.pwa.{{ full_domain }} --env-file ~/cerc/webapp-deployment-status-ui/.env - name: Push image to container registry diff --git a/service-provider-setup/setup-dns.yml b/service-provider-setup/setup-dns.yml index cf5d33a..c5280a0 100644 --- a/service-provider-setup/setup-dns.yml +++ b/service-provider-setup/setup-dns.yml @@ -9,14 +9,14 @@ community.digitalocean.digital_ocean_domain: state: present oauth_token: "{{ do_api_token }}" - name: "{{ domain }}" + name: "{{ full_domain }}" ip: "{{ cluster_control_ip }}" - name: Create record for cluster control machine community.digitalocean.digital_ocean_domain_record: state: present oauth_token: "{{ do_api_token }}" - domain: "{{ domain }}" + domain: "{{ full_domain }}" type: A name: "{{ subdomain_prefix }}-cluster-control" data: "{{ cluster_control_ip }}" @@ -25,8 +25,8 @@ community.digitalocean.digital_ocean_domain_record: state: present oauth_token: "{{ do_api_token }}" - data: "{{ domain }}" - domain: "{{ domain }}" + data: "{{ full_domain }}" + domain: "{{ full_domain }}" type: CNAME name: www ttl: 43200 @@ -35,8 +35,8 @@ community.digitalocean.digital_ocean_domain_record: state: present oauth_token: "{{ do_api_token }}" - data: "{{ subdomain_cluster_control }}.{{ domain }}" - domain: "{{ domain }}" + data: "{{ subdomain_cluster_control }}.{{ full_domain }}" + domain: "{{ full_domain }}" type: CNAME name: "{{ subdomain_prefix }}" ttl: 43200 @@ -45,8 +45,8 @@ community.digitalocean.digital_ocean_domain_record: state: present oauth_token: "{{ do_api_token }}" - data: "{{ subdomain_cluster_control }}.{{ domain }}" - domain: "{{ domain }}" + data: "{{ subdomain_cluster_control }}.{{ full_domain }}" + domain: "{{ full_domain }}" type: CNAME name: "*.{{ subdomain_prefix }}" ttl: 43200 @@ -55,8 +55,8 @@ community.digitalocean.digital_ocean_domain_record: state: present oauth_token: "{{ do_api_token }}" - data: "{{ subdomain_cluster_control }}.{{ domain }}" - domain: "{{ domain }}" + data: "{{ subdomain_cluster_control }}.{{ full_domain }}" + domain: "{{ full_domain }}" type: CNAME name: "pwa" ttl: 43200 @@ -65,8 +65,8 @@ community.digitalocean.digital_ocean_domain_record: state: present oauth_token: "{{ do_api_token }}" - data: "{{ subdomain_cluster_control }}.{{ domain }}" - domain: "{{ domain }}" + data: "{{ subdomain_cluster_control }}.{{ full_domain }}" + domain: "{{ full_domain }}" type: CNAME name: "*.pwa" ttl: 43200 diff --git a/service-provider-setup/setup-k8s.yml b/service-provider-setup/setup-k8s.yml index ca799f8..37cc574 100644 --- a/service-provider-setup/setup-k8s.yml +++ b/service-provider-setup/setup-k8s.yml @@ -119,7 +119,7 @@ - name: Copy wildcard-pwa-example.yml to the remote VM template: src: ./templates/wildcard-pwa-example.yml.j2 - dest: "{{ ansible_env.HOME }}/service-provider-template/files/manifests/wildcard-pwa-{{dns_domain}}.yaml" + dest: "{{ ansible_env.HOME }}/service-provider-template/files/manifests/wildcard-pwa-{{ base_domain }}.yaml" - name: Delete old wildcard-pwa file file: diff --git a/service-provider-setup/templates/configs/webapp-deployer-config.env.j2 b/service-provider-setup/templates/configs/webapp-deployer-config.env.j2 index 8b2c130..33b4ab0 100644 --- a/service-provider-setup/templates/configs/webapp-deployer-config.env.j2 +++ b/service-provider-setup/templates/configs/webapp-deployer-config.env.j2 @@ -1,10 +1,10 @@ -DEPLOYMENT_DNS_SUFFIX="pwa.{{ dns_domain }}.com" +DEPLOYMENT_DNS_SUFFIX="pwa.{{ full_domain }}" # Name of reserved authority DEPLOYMENT_RECORD_NAMESPACE="{{ authority_name }}" # url of the deployed docker image registry -IMAGE_REGISTRY="container-registry.pwa.{{ dns_domain }}.com" +IMAGE_REGISTRY="container-registry.pwa.{{ full_domain }}" # htpasswd credentials IMAGE_REGISTRY_USER="{{ container_registry_username }}" @@ -20,8 +20,8 @@ CHECK_INTERVAL=5 FQDN_POLICY="allow" # lrn of the webapp deployer -LRN="lrn://{{ authority_name }}/deployers/webapp-deployer-api.{{ dns_domain }}.com" -export OPENPGP_PRIVATE_KEY_FILE="webapp-deployer-api.{{ dns_domain }}.com.pgp.key" +LRN="lrn://{{ authority_name }}/deployers/webapp-deployer-api.{{ full_domain }}" +export OPENPGP_PRIVATE_KEY_FILE="webapp-deployer-api.{{ full_domain }}.pgp.key" export OPENPGP_PASSPHRASE="SECRET" export DEPLOYER_STATE="srv-test/deployments/autodeploy.state" export UNDEPLOYER_STATE="srv-test/deployments/autoundeploy.state" diff --git a/service-provider-setup/templates/configs/webapp-ui-config.env.j2 b/service-provider-setup/templates/configs/webapp-ui-config.env.j2 index 38697fb..c1fa0c7 100644 --- a/service-provider-setup/templates/configs/webapp-ui-config.env.j2 +++ b/service-provider-setup/templates/configs/webapp-ui-config.env.j2 @@ -1,3 +1,3 @@ CERC_WEBAPP_DEBUG=0.1.0 -LACONIC_HOSTED_CONFIG_app_api_url=https://webapp-deployer-api.pwa.{{ dns_domain }}.com +LACONIC_HOSTED_CONFIG_app_api_url=https://webapp-deployer-api.pwa.{{ full_domain }} LACONIC_HOSTED_CONFIG_app_console_link=https://laconicd.laconic.com/console?query=%0A%20%20fragment%20ValueParts%20on%20Value%20%7B%0A%20%20%20%20...%20on%20BooleanValue%20%7B%0A%20%20%20%20%20%20bool%3A%20value%0A%20%20%20%20%7D%0A%20%20%20%20...%20on%20IntValue%20%7B%0A%20%20%20%20%20%20int%3A%20value%0A%20%20%20%20%7D%0A%20%20%20%20...%20on%20FloatValue%20%7B%0A%20%20%20%20%20%20float%3A%20value%0A%20%20%20%20%7D%0A%20%20%20%20...%20on%20StringValue%20%7B%0A%20%20%20%20%20%20string%3A%20value%0A%20%20%20%20%7D%0A%20%20%20%20...%20on%20BytesValue%20%7B%0A%20%20%20%20%20%20bytes%3A%20value%0A%20%20%20%20%7D%0A%20%20%20%20...%20on%20LinkValue%20%7B%0A%20%20%20%20%20%20link%3A%20value%0A%20%20%20%20%7D%0A%20%20%7D%0A%0A%20%20fragment%20AttrParts%20on%20Attribute%20%7B%0A%20%20%20%20key%0A%20%20%20%20value%20%7B%0A%20%20%20%20%20%20...ValueParts%0A%20%20%20%20%20%20...%20on%20ArrayValue%20%7B%0A%20%20%20%20%20%20%20%20value%20%7B%0A%20%20%20%20%20%20%20%20%20%20...ValueParts%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%7D%0A%0A%20%20%7B%0A%20%20%20%20getRecordsByIds(ids%3A%20%5B%22#RQID#%22%5D)%20%7B%0A%20%20%20%20%20%20id%0A%20%20%20%20%20%20names%0A%20%20%20%20%20%20bondId%0A%20%20%20%20%20%20createTime%0A%20%20%20%20%20%20expiryTime%0A%20%20%20%20%20%20owners%0A%20%20%20%20%20%20attributes%20%7B%0A%20%20%20%20%20%20%20%20...AttrParts%0A%20%20%20%20%20%20%20%20value%20%7B%0A%20%20%20%20%20%20%20%20%20%20...%20on%20MapValue%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20map%3A%20value%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20...AttrParts%0A%20%20%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%7D%0A diff --git a/service-provider-setup/templates/k8s.yml.j2 b/service-provider-setup/templates/k8s.yml.j2 index 8d586a9..e6c35f7 100644 --- a/service-provider-setup/templates/k8s.yml.j2 +++ b/service-provider-setup/templates/k8s.yml.j2 @@ -2,7 +2,7 @@ # default context is used for stack orchestrator deployments, for testing a custom context name can be usefull #k8s_cluster_name: {{ org_id }}-{{ location_id }}-cluster k8s_cluster_name: default -k8s_cluster_url: {{ org_id }}-{{ location_id }}-cluster-control.{{ dns_domain }}.com +k8s_cluster_url: {{ org_id }}-{{ location_id }}-cluster-control.{{ full_domain }} k8s_taint_servers: false k8s_acme_email: "{{ support_email }}" @@ -50,6 +50,6 @@ k8s_manifests: secret_key: access-token # initiate wildcard cert - - name: pwa.{{ dns_domain }}.com + - name: pwa.{{ full_domain }} type: file - source: wildcard-pwa-{{ dns_domain }}.yaml + source: wildcard-pwa-{{ base_domain }}.yaml diff --git a/service-provider-setup/templates/laconic.yml.j2 b/service-provider-setup/templates/laconic.yml.j2 index 6c65e77..cb07978 100644 --- a/service-provider-setup/templates/laconic.yml.j2 +++ b/service-provider-setup/templates/laconic.yml.j2 @@ -1,7 +1,7 @@ services: registry: - rpcEndpoint: 'http://{{ subdomain_cluster_control }}.{{ dns_domain }}.com:26657' - gqlEndpoint: 'http://{{ subdomain_cluster_control}}.{{ dns_domain }}.com:9473/api' + rpcEndpoint: 'http://{{ subdomain_cluster_control }}.{{ full_domain }}:26657' + gqlEndpoint: 'http://{{ subdomain_cluster_control}}.{{ full_domain }}:9473/api' userKey: "{{ ALICE_PK }}" bondId: "{{ BOND_ID }}" chainId: lorotestnet-1 diff --git a/service-provider-setup/templates/nginx.yml.j2 b/service-provider-setup/templates/nginx.yml.j2 index a432670..694d5a7 100644 --- a/service-provider-setup/templates/nginx.yml.j2 +++ b/service-provider-setup/templates/nginx.yml.j2 @@ -7,15 +7,15 @@ nginx_proxy_connection_timeout: 75 nginx_sites: - name: {{ org_id }}-console - url: {{ org_id }}-console.{{ dns_domain }}.com + url: {{ org_id }}-console.{{ full_domain }} upstream: http://localhost:8080 template: basic-proxy ssl: true - name: {{ org_id }}-daemon - url: {{ org_id }}-daemon.{{ dns_domain }}.com + url: {{ org_id }}-daemon.{{ full_domain }} upstream: http://localhost:9473 configs: - - rewrite ^/deployer(/.*)? https://webapp-deployer.pwa.{{dns_domain}}.com permanent + - rewrite ^/deployer(/.*)? https://webapp-deployer.pwa.{{full_domain}} permanent template: websocket-proxy ssl: true diff --git a/service-provider-setup/templates/specs/container-registry.spec.j2 b/service-provider-setup/templates/specs/container-registry.spec.j2 index 4f55bae..ee3d1e1 100644 --- a/service-provider-setup/templates/specs/container-registry.spec.j2 +++ b/service-provider-setup/templates/specs/container-registry.spec.j2 @@ -6,7 +6,7 @@ network: registry: - '5000' http-proxy: - - host-name: container-registry.pwa.{{dns_domain}}.com + - host-name: container-registry.pwa.{{full_domain}} routes: - path: '/' proxy-to: registry:5000 diff --git a/service-provider-setup/templates/specs/webapp-deployer.spec.j2 b/service-provider-setup/templates/specs/webapp-deployer.spec.j2 index 6a76349..d0191c7 100644 --- a/service-provider-setup/templates/specs/webapp-deployer.spec.j2 +++ b/service-provider-setup/templates/specs/webapp-deployer.spec.j2 @@ -1,13 +1,13 @@ stack: webapp-deployer-backend deploy-to: k8s kube-config: {{ansible_env.HOME}}/.kube/config-default.yaml -image-registry: container-registry.pwa.{{dns_domain}}.com/laconic-registry +image-registry: container-registry.pwa.{{full_domain}}/laconic-registry network: ports: server: - '9555' http-proxy: - - host-name: webapp-deployer-api.pwa.{{ dns_domain }}.com + - host-name: webapp-deployer-api.pwa.{{ full_domain }} routes: - path: '/' proxy-to: server:9555 diff --git a/service-provider-setup/templates/wildcard-pwa-example.yml.j2 b/service-provider-setup/templates/wildcard-pwa-example.yml.j2 index a9920bc..2326cd1 100644 --- a/service-provider-setup/templates/wildcard-pwa-example.yml.j2 +++ b/service-provider-setup/templates/wildcard-pwa-example.yml.j2 @@ -1,15 +1,15 @@ apiVersion: cert-manager.io/v1 kind: Certificate metadata: - name: pwa.{{ dns_domain }}.com + name: pwa.{{ full_domain }} namespace: default spec: - secretName: pwa.{{ dns_domain }}.com + secretName: pwa.{{ full_domain }} issuerRef: name: letsencrypt-prod-wild kind: ClusterIssuer group: cert-manager.io - commonName: *.pwa.{{ dns_domain }}.com + commonName: *.pwa.{{ full_domain }} dnsNames: - - pwa.{{ dns_domain }}.com - - *.pwa.{{ dns_domain }}.com + - pwa.{{ full_domain }} + - *.pwa.{{ full_domain }} diff --git a/service-provider-setup/vars/dns-vars.example.yml b/service-provider-setup/vars/dns-vars.example.yml index a0b441b..a09aa41 100644 --- a/service-provider-setup/vars/dns-vars.example.yml +++ b/service-provider-setup/vars/dns-vars.example.yml @@ -1,4 +1,4 @@ -domain: "" +full_domain: "" subdomain_prefix: "" subdomain_cluster_control: "{{ subdomain_prefix }}-cluster-control" cluster_control_ip: "" diff --git a/service-provider-setup/vars/k8s-vars.example.yml b/service-provider-setup/vars/k8s-vars.example.yml index 53b09d7..87e5a48 100644 --- a/service-provider-setup/vars/k8s-vars.example.yml +++ b/service-provider-setup/vars/k8s-vars.example.yml @@ -3,4 +3,5 @@ gpg_key_id: "" vault_passphrase: "" org_id: "" location_id: "" -dns_domain: "" +base_domain: "" +ansible_ssh_extra_args: '-o StrictHostKeyChecking=no'