summaryrefslogtreecommitdiff
path: root/provider_base/services
diff options
context:
space:
mode:
Diffstat (limited to 'provider_base/services')
-rw-r--r--provider_base/services/ca.json11
-rw-r--r--provider_base/services/couchdb.json22
-rw-r--r--provider_base/services/dns.json7
-rw-r--r--provider_base/services/monitor.json6
-rw-r--r--provider_base/services/openvpn.json16
-rw-r--r--provider_base/services/tor.json6
-rw-r--r--provider_base/services/webapp.json34
7 files changed, 102 insertions, 0 deletions
diff --git a/provider_base/services/ca.json b/provider_base/services/ca.json
new file mode 100644
index 00000000..3fb8bf6c
--- /dev/null
+++ b/provider_base/services/ca.json
@@ -0,0 +1,11 @@
+{
+ "ca_daemon": {
+ "couchdb_hosts": "= hostnames nodes[:services => :couchdb][:local => local]",
+ "couchdb_user": "= global.services[:couchdb].couch.users[:ca_daemon]"
+ },
+ "service_type": "internal_service",
+ "x509": {
+ "use": true,
+ "ca_key": "= file(:ca_key, :missing => 'CA key. Run `leap cert ca` to create the Certificate Authority.')"
+ }
+}
diff --git a/provider_base/services/couchdb.json b/provider_base/services/couchdb.json
new file mode 100644
index 00000000..1c8005c2
--- /dev/null
+++ b/provider_base/services/couchdb.json
@@ -0,0 +1,22 @@
+{
+ "service_type": "internal_service",
+ "x509": {
+ "use": true
+ },
+ "couch": {
+ "users": {
+ "admin": {
+ "username": "admin",
+ "password": "= secret :couch_admin_password"
+ },
+ "webapp": {
+ "username": "webapp",
+ "password": "= secret :couch_webapp_password"
+ },
+ "ca_daemon": {
+ "username": "ca_daemon",
+ "password": "= secret :couch_ca_daemon_password"
+ }
+ }
+ }
+}
diff --git a/provider_base/services/dns.json b/provider_base/services/dns.json
new file mode 100644
index 00000000..677d9b2c
--- /dev/null
+++ b/provider_base/services/dns.json
@@ -0,0 +1,7 @@
+{
+ "hosts": {
+ "public": "= nodes['dns.public' => true].fields('domain.name', 'dns.aliases', 'ip_address')",
+ "private": "= nodes['dns.public' => false].fields('domain.name', 'dns.aliases', 'ip_address')"
+ },
+ "service_type": "public_service"
+} \ No newline at end of file
diff --git a/provider_base/services/monitor.json b/provider_base/services/monitor.json
new file mode 100644
index 00000000..f5e4d922
--- /dev/null
+++ b/provider_base/services/monitor.json
@@ -0,0 +1,6 @@
+{
+ "nagios": {
+ "nagiosadmin_pw": "= secret :nagios_admin_password",
+ "hosts": "= nodes_like_me.fields('domain.internal', 'ip_address', 'services', 'openvpn.gateway_address')"
+ }
+}
diff --git a/provider_base/services/openvpn.json b/provider_base/services/openvpn.json
new file mode 100644
index 00000000..7b67ccb3
--- /dev/null
+++ b/provider_base/services/openvpn.json
@@ -0,0 +1,16 @@
+{
+ "service_type": "user_service",
+ "x509": {
+ "use": true,
+ "client_ca_cert": "= file :client_ca_cert, :missing => 'Certificate Authority. Run `leap cert ca`'",
+ "dh": "= file :dh_params, :missing => 'Diffie-Hellman parameters. Run `leap cert dh`'"
+ },
+ "openvpn": {
+ "location": "Location Unknown",
+ "ports": ["80", "443", "53", "1194"],
+ "protocols": ["tcp", "udp"],
+ "filter_dns": false,
+ "adblock": false,
+ "user_ips": false
+ }
+}
diff --git a/provider_base/services/tor.json b/provider_base/services/tor.json
new file mode 100644
index 00000000..9173b8d4
--- /dev/null
+++ b/provider_base/services/tor.json
@@ -0,0 +1,6 @@
+{
+ "tor": {
+ "bandwidth_rate": 6550,
+ "contacts": "= global.provider.contacts['tor'] || global.provider.contacts.default"
+ }
+}
diff --git a/provider_base/services/webapp.json b/provider_base/services/webapp.json
new file mode 100644
index 00000000..e3055c6f
--- /dev/null
+++ b/provider_base/services/webapp.json
@@ -0,0 +1,34 @@
+{
+ "webapp": {
+ "modules": ["user", "billing", "help"],
+ "couchdb_hosts": "= hostnames nodes[:services => :couchdb][:local => local]",
+ # NOTE: this is bad, but pending a fix to https://leap.se/code/issues/1163
+ # before we can use user "webapp"
+ "couchdb_user": "= global.services[:couchdb].couch.users[:admin]",
+ "favicon": "= file_path 'branding/favicon.ico'",
+ "tail_scss": "= file_path 'branding/tail.scss'",
+ "head_scss": "= file_path 'branding/head.scss'",
+ "img_dir": "= file_path 'branding/img'"
+ },
+ "definition_files": {
+ "provider": "= file :provider_json_template",
+ "eip_service": "= file :eip_service_json_template"
+ },
+ "service_type": "public_service",
+ "api": {
+ "domain": "= 'api.' + domain.full_suffix",
+ "port": "4430"
+ },
+ "dns": {
+ "aliases": "= [domain.full, api.domain]"
+ },
+ "x509": {
+ "use": true,
+ "ca_cert": "= file :ca_cert, :missing => 'provider CA. Run `leap cert ca`'",
+ "client_ca_cert": "= file_path :client_ca_cert",
+ "client_ca_key": "= file_path :client_ca_key",
+ "commercial_cert": "= file [:commercial_cert, global.provider.domain]",
+ "commercial_key": "= file [:commercial_key, global.provider.domain]",
+ "commercial_ca_cert": "= try_file :commercial_ca_cert"
+ }
+} \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-27 20:22:41 +0000