From f76ab4429aeb5db67b384bfa103b13caaaa09900 Mon Sep 17 00:00:00 2001 From: elijah Date: Fri, 8 Mar 2013 23:07:29 -0800 Subject: couch - explicitly configure couch port --- provider_base/services/couchdb.json | 1 + 1 file changed, 1 insertion(+) (limited to 'provider_base/services/couchdb.json') diff --git a/provider_base/services/couchdb.json b/provider_base/services/couchdb.json index 1c8005c2..ac84eeb2 100644 --- a/provider_base/services/couchdb.json +++ b/provider_base/services/couchdb.json @@ -4,6 +4,7 @@ "use": true }, "couch": { + "port": 5984, "users": { "admin": { "username": "admin", -- cgit v1.2.3 From 9ea188c22774607bd6914334daa3d303c041d9a4 Mon Sep 17 00:00:00 2001 From: varac Date: Sun, 10 Mar 2013 17:21:01 +0100 Subject: added bigcouch:cookie to services/couchdb.json --- provider_base/services/couchdb.json | 3 +++ 1 file changed, 3 insertions(+) (limited to 'provider_base/services/couchdb.json') diff --git a/provider_base/services/couchdb.json b/provider_base/services/couchdb.json index 1c8005c2..e7668286 100644 --- a/provider_base/services/couchdb.json +++ b/provider_base/services/couchdb.json @@ -4,6 +4,9 @@ "use": true }, "couch": { + "bigcouch": { + "cookie": "= secret :bigcouch_cookie" + }, "users": { "admin": { "username": "admin", -- cgit v1.2.3 From ffda76a47c7f9d5766325d8cdf13d289430456eb Mon Sep 17 00:00:00 2001 From: elijah Date: Thu, 28 Mar 2013 10:01:32 -0700 Subject: added stunnel_server --- provider_base/services/couchdb.json | 3 +++ 1 file changed, 3 insertions(+) (limited to 'provider_base/services/couchdb.json') diff --git a/provider_base/services/couchdb.json b/provider_base/services/couchdb.json index c3502c6b..0c407316 100644 --- a/provider_base/services/couchdb.json +++ b/provider_base/services/couchdb.json @@ -3,6 +3,9 @@ "x509": { "use": true }, + "stunnel": { + "couch_server": "= stunnel_server(couch.port)" + }, "couch": { "port": 5984, "bigcouch": { -- cgit v1.2.3 From 5bd90fd23c34874fa32880e27105b4bea130ec3b Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 18 Mar 2013 23:25:20 +0100 Subject: added stunnel config for bigcouch communication --- provider_base/services/couchdb.json | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'provider_base/services/couchdb.json') diff --git a/provider_base/services/couchdb.json b/provider_base/services/couchdb.json index 0c407316..41f9695f 100644 --- a/provider_base/services/couchdb.json +++ b/provider_base/services/couchdb.json @@ -4,11 +4,13 @@ "use": true }, "stunnel": { - "couch_server": "= stunnel_server(couch.port)" + "couch_server": "= stunnel_server(couch.port)", + "bigcouch_replication_server": "= stunnel_server(couch.bigcouch.port)" }, "couch": { "port": 5984, "bigcouch": { + "port": 4369, "cookie": "= secret :bigcouch_cookie" }, "users": { -- cgit v1.2.3 From af141e738c8b90a11ff8009e2eed602b168e4fc3 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 20 Mar 2013 19:28:48 +0100 Subject: add stunnel hiera values to provider_base/services/couchdb.json for bigcouch cluster protocol --- provider_base/services/couchdb.json | 1 + 1 file changed, 1 insertion(+) (limited to 'provider_base/services/couchdb.json') diff --git a/provider_base/services/couchdb.json b/provider_base/services/couchdb.json index 41f9695f..7b649da9 100644 --- a/provider_base/services/couchdb.json +++ b/provider_base/services/couchdb.json @@ -7,6 +7,7 @@ "couch_server": "= stunnel_server(couch.port)", "bigcouch_replication_server": "= stunnel_server(couch.bigcouch.port)" }, + "stunnel": "= nextport = 4000; nodes_like_me[:services => :couchdb].values.inject({}) {|hsh, node| hsh[node.name + node.couch.bigcouch.port.to_s] = {'accept_port' => nextport.to_s, 'connect' => node.domain.full }; nextport+=1; hsh}", "couch": { "port": 5984, "bigcouch": { -- cgit v1.2.3 From 6f422863966a7e361f1c52be33a50e55bb39b9ff Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 20 Mar 2013 20:28:08 +0100 Subject: updated shorewall dnat hiera values for bigcouch cluster protocol --- provider_base/services/couchdb.json | 1 - 1 file changed, 1 deletion(-) (limited to 'provider_base/services/couchdb.json') diff --git a/provider_base/services/couchdb.json b/provider_base/services/couchdb.json index 7b649da9..41f9695f 100644 --- a/provider_base/services/couchdb.json +++ b/provider_base/services/couchdb.json @@ -7,7 +7,6 @@ "couch_server": "= stunnel_server(couch.port)", "bigcouch_replication_server": "= stunnel_server(couch.bigcouch.port)" }, - "stunnel": "= nextport = 4000; nodes_like_me[:services => :couchdb].values.inject({}) {|hsh, node| hsh[node.name + node.couch.bigcouch.port.to_s] = {'accept_port' => nextport.to_s, 'connect' => node.domain.full }; nextport+=1; hsh}", "couch": { "port": 5984, "bigcouch": { -- cgit v1.2.3 From baf3ed5b6db4e8af052564864d8c3e426cf5d9d0 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Sun, 31 Mar 2013 12:32:42 -0400 Subject: switch to using stunnel_client and stunnel_server leap_cli macros add bigcouch_replication_clients to couchdb.json change site_couchdb/manifests/stunnel to use stunnel_client and stunnel_server generated hiera values to setup the stunnels for the couch_server connections, and the bigcouch_replication_server and bigcouch_replication_clients tunnels instead of using hard-coded ips and ports. also change the pid names to be more consistent with what the tunnels are and are named --- provider_base/services/couchdb.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'provider_base/services/couchdb.json') diff --git a/provider_base/services/couchdb.json b/provider_base/services/couchdb.json index 41f9695f..c00f08cd 100644 --- a/provider_base/services/couchdb.json +++ b/provider_base/services/couchdb.json @@ -5,7 +5,8 @@ }, "stunnel": { "couch_server": "= stunnel_server(couch.port)", - "bigcouch_replication_server": "= stunnel_server(couch.bigcouch.port)" + "bigcouch_replication_server": "= stunnel_server(couch.bigcouch.port)", + "bigcouch_replication_clients": "= stunnel_client(nodes_like_me[:services => :couchdb], global.services[:couchdb].couch.bigcouch.port)" }, "couch": { "port": 5984, -- cgit v1.2.3 From 4ed5d33f33c488a6a6d5f6a5e8f57b74ecd53a7d Mon Sep 17 00:00:00 2001 From: elijah Date: Tue, 2 Apr 2013 15:38:44 -0700 Subject: added password salt to services/couchdb.json (requires latest leap_cli) --- provider_base/services/couchdb.json | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'provider_base/services/couchdb.json') diff --git a/provider_base/services/couchdb.json b/provider_base/services/couchdb.json index 0c407316..e60f4e0f 100644 --- a/provider_base/services/couchdb.json +++ b/provider_base/services/couchdb.json @@ -14,15 +14,18 @@ "users": { "admin": { "username": "admin", - "password": "= secret :couch_admin_password" + "password": "= secret :couch_admin_password", + "salt": "= hex_secret :couch_admin_password_salt, 128" }, "webapp": { "username": "webapp", - "password": "= secret :couch_webapp_password" + "password": "= secret :couch_webapp_password", + "salt": "= hex_secret :couch_webapp_password_salt, 128" }, "ca_daemon": { "username": "ca_daemon", - "password": "= secret :couch_ca_daemon_password" + "password": "= secret :couch_ca_daemon_password", + "salt": "= hex_secret :couch_ca_daemon_password_salt, 128" } } } -- cgit v1.2.3 From 264e63967d9247e42662182aec771fbfb81e8e8e Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 4 Apr 2013 11:27:59 -0400 Subject: rename the bigcouch_replication_[server,client] to be the more accurately, and shorter named epmd (erlang port mapper daemon) --- provider_base/services/couchdb.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'provider_base/services/couchdb.json') diff --git a/provider_base/services/couchdb.json b/provider_base/services/couchdb.json index ce46e3bb..111baf08 100644 --- a/provider_base/services/couchdb.json +++ b/provider_base/services/couchdb.json @@ -5,8 +5,8 @@ }, "stunnel": { "couch_server": "= stunnel_server(couch.port)", - "bigcouch_replication_server": "= stunnel_server(couch.bigcouch.port)", - "bigcouch_replication_clients": "= stunnel_client(nodes_like_me[:services => :couchdb], global.services[:couchdb].couch.bigcouch.port)" + "epmd_server": "= stunnel_server(couch.bigcouch.port)", + "epmd_clients": "= stunnel_client(nodes_like_me[:services => :couchdb], global.services[:couchdb].couch.bigcouch.port)" }, "couch": { "port": 5984, -- cgit v1.2.3 From e530f0c1d1a0a26bd277b70197b1f26871d92b1b Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 4 Apr 2013 11:40:12 -0400 Subject: rename bigcouch.port to more accurate bigcouch.epmd_port --- provider_base/services/couchdb.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'provider_base/services/couchdb.json') diff --git a/provider_base/services/couchdb.json b/provider_base/services/couchdb.json index 111baf08..3ef4c213 100644 --- a/provider_base/services/couchdb.json +++ b/provider_base/services/couchdb.json @@ -5,13 +5,13 @@ }, "stunnel": { "couch_server": "= stunnel_server(couch.port)", - "epmd_server": "= stunnel_server(couch.bigcouch.port)", - "epmd_clients": "= stunnel_client(nodes_like_me[:services => :couchdb], global.services[:couchdb].couch.bigcouch.port)" + "epmd_server": "= stunnel_server(couch.bigcouch.epmd_port)", + "epmd_clients": "= stunnel_client(nodes_like_me[:services => :couchdb], global.services[:couchdb].couch.bigcouch.epmd_port)", }, "couch": { "port": 5984, "bigcouch": { - "port": 4369, + "epmd_port": 4369, "cookie": "= secret :bigcouch_cookie" }, "users": { -- cgit v1.2.3 From 2c53c5023b925cb596e3f450f194482eade1fbeb Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 4 Apr 2013 12:50:30 -0400 Subject: add Erlang Distributed Node Protocol Port json entry under bigcouch setup ednp_server and ednp_client stunnels update couchdb puppet submodule to support configurable ednp_port parameter and general module cleanup pass ednp_port to couchdb setup so that it is configured in the vm.args template clarify in comments the difference between the epmd and ednp ports remove hard-coded erlang_vm_port variable and instead setup shorewall to allow for the stunnel connection only setup dnat rules for the ednp client connections --- provider_base/services/couchdb.json | 3 +++ 1 file changed, 3 insertions(+) (limited to 'provider_base/services/couchdb.json') diff --git a/provider_base/services/couchdb.json b/provider_base/services/couchdb.json index 3ef4c213..22578a70 100644 --- a/provider_base/services/couchdb.json +++ b/provider_base/services/couchdb.json @@ -7,11 +7,14 @@ "couch_server": "= stunnel_server(couch.port)", "epmd_server": "= stunnel_server(couch.bigcouch.epmd_port)", "epmd_clients": "= stunnel_client(nodes_like_me[:services => :couchdb], global.services[:couchdb].couch.bigcouch.epmd_port)", + "ednp_server": "= stunnel_server(couch.bigcouch.ednp_port)", + "ednp_clients": "= stunnel_client(nodes_like_me[:services => :couchdb], global.services[:couchdb].couch.bigcouch.ednp_port)" }, "couch": { "port": 5984, "bigcouch": { "epmd_port": 4369, + "ednp_port": 9002, "cookie": "= secret :bigcouch_cookie" }, "users": { -- cgit v1.2.3 From 3ced5ec963311c45cf359803727bd18fe6e23b69 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 24 Apr 2013 15:53:05 +0200 Subject: updated needed couchdb users and DBs --- provider_base/services/couchdb.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'provider_base/services/couchdb.json') diff --git a/provider_base/services/couchdb.json b/provider_base/services/couchdb.json index 22578a70..43a6c650 100644 --- a/provider_base/services/couchdb.json +++ b/provider_base/services/couchdb.json @@ -28,10 +28,10 @@ "password": "= secret :couch_webapp_password", "salt": "= hex_secret :couch_webapp_password_salt, 128" }, - "ca_daemon": { - "username": "ca_daemon", - "password": "= secret :couch_ca_daemon_password", - "salt": "= hex_secret :couch_ca_daemon_password_salt, 128" + "soledad": { + "username": "soledad", + "password": "= secret :couch_soledad_password", + "salt": "= hex_secret :couch_soledad_password_salt, 128" } } } -- cgit v1.2.3 From ddb899b650e63c5557370fb7a3b2c3bfd14b1ce7 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 23 May 2013 18:51:13 +0200 Subject: added couch.bigcouch.neighbors to provider_base/services/couchdb.json --- provider_base/services/couchdb.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'provider_base/services/couchdb.json') diff --git a/provider_base/services/couchdb.json b/provider_base/services/couchdb.json index 43a6c650..ba07733c 100644 --- a/provider_base/services/couchdb.json +++ b/provider_base/services/couchdb.json @@ -15,7 +15,8 @@ "bigcouch": { "epmd_port": 4369, "ednp_port": 9002, - "cookie": "= secret :bigcouch_cookie" + "cookie": "= secret :bigcouch_cookie", + "neighbors": "= nodes_like_me[:services => :couchdb].exclude(self).field('domain.full')" }, "users": { "admin": { -- cgit v1.2.3 From 8d71649f1dcfcae30ec278e31bc7fc4d7dede80f Mon Sep 17 00:00:00 2001 From: elijah Date: Thu, 4 Jul 2013 12:35:24 -0700 Subject: couchdb.json should not set service_type, since internal_service is the default. --- provider_base/services/couchdb.json | 1 - 1 file changed, 1 deletion(-) (limited to 'provider_base/services/couchdb.json') diff --git a/provider_base/services/couchdb.json b/provider_base/services/couchdb.json index ba07733c..a26579c8 100644 --- a/provider_base/services/couchdb.json +++ b/provider_base/services/couchdb.json @@ -1,5 +1,4 @@ { - "service_type": "internal_service", "x509": { "use": true }, -- cgit v1.2.3