summaryrefslogtreecommitdiff
path: root/puppet/modules/site_webapp/templates
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/modules/site_webapp/templates')
-rw-r--r--puppet/modules/site_webapp/templates/config.yml.erb8
-rw-r--r--puppet/modules/site_webapp/templates/couchdb.yml.admin.erb9
-rw-r--r--puppet/modules/site_webapp/templates/haproxy_couchdb.cfg.erb25
3 files changed, 21 insertions, 21 deletions
diff --git a/puppet/modules/site_webapp/templates/config.yml.erb b/puppet/modules/site_webapp/templates/config.yml.erb
index df562cd9..98f8564e 100644
--- a/puppet/modules/site_webapp/templates/config.yml.erb
+++ b/puppet/modules/site_webapp/templates/config.yml.erb
@@ -1,9 +1,10 @@
<%- cert_options = @webapp['client_certificates'] -%>
production:
- admins: [admin]
+ admins: <%= @webapp['admins'].inspect %>
domain: <%= @provider_domain %>
- client_ca_key: <%= scope.lookupvar('site_webapp::client_ca::key_path') %>
- client_ca_cert: <%= scope.lookupvar('site_webapp::client_ca::cert_path') %>
+ force_ssl: <%= @webapp['secure'] %>
+ client_ca_key: <%= scope.lookupvar('x509::variables::keys') %>/<%= scope.lookupvar('site_config::params::client_ca_name') %>.key
+ client_ca_cert: <%= scope.lookupvar('x509::variables::local_CAs') %>/<%= scope.lookupvar('site_config::params::client_ca_name') %>.crt
secret_token: "<%= @secret_token %>"
client_cert_lifespan: <%= cert_options['life_span'].to_i %>
client_cert_bit_size: <%= cert_options['bit_size'].to_i %>
@@ -13,3 +14,4 @@ production:
allow_anonymous_certs: <%= @webapp['allow_anonymous_certs'].inspect %>
limited_cert_prefix: "<%= cert_options['limited_prefix'] %>"
unlimited_cert_prefix: "<%= cert_options['unlimited_prefix'] %>"
+ minimum_client_version: "<%= @webapp['client_version']['min'] %>"
diff --git a/puppet/modules/site_webapp/templates/couchdb.yml.admin.erb b/puppet/modules/site_webapp/templates/couchdb.yml.admin.erb
deleted file mode 100644
index a0921add..00000000
--- a/puppet/modules/site_webapp/templates/couchdb.yml.admin.erb
+++ /dev/null
@@ -1,9 +0,0 @@
-production:
- prefix: ""
- protocol: 'http'
- host: <%= @couchdb_host %>
- port: <%= @couchdb_port %>
- auto_update_design_doc: false
- username: <%= @couchdb_admin_user %>
- password: <%= @couchdb_admin_password %>
-
diff --git a/puppet/modules/site_webapp/templates/haproxy_couchdb.cfg.erb b/puppet/modules/site_webapp/templates/haproxy_couchdb.cfg.erb
index f08161ee..1fa01b96 100644
--- a/puppet/modules/site_webapp/templates/haproxy_couchdb.cfg.erb
+++ b/puppet/modules/site_webapp/templates/haproxy_couchdb.cfg.erb
@@ -1,16 +1,23 @@
listen bigcouch-in
- mode http
+ mode http
balance roundrobin
- option httplog
- option dontlognull
- option httpchk GET /
- option http-server-close
-
+ option httplog
+ option dontlognull
+ option httpchk GET / # health check using simple get to root
+ option http-server-close # use client keep-alive, but close server connection.
+ option allbackups # balance among all backups, not just one.
+
bind localhost:4096
-<% for port in @local_ports -%>
- server couchdb_<%=port%> localhost:<%=port%> check inter 3000 fastinter 1000 downinter 1000 rise 2 fall 1
-<% end -%>
+ default-server inter 3000 fastinter 1000 downinter 1000 rise 2 fall 1
+
+<%- if @haproxy['servers'] -%>
+<%- @haproxy['servers'].sort.each do |name,server| -%>
+<%- backup = server['backup'] ? 'backup' : '' -%>
+ # <%=name%>
+ server couchdb_<%=server['port']%> <%=server['host']%>:<%=server['port']%> <%=backup%> weight <%=server['weight']%> check
+<%- end -%>
+<%- end -%>
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-01 03:21:54 +0000