diff --git a/configure/Makefile b/configure/Makefile index a47c6c5..a035e70 100644 --- a/configure/Makefile +++ b/configure/Makefile @@ -122,6 +122,9 @@ encrypt: check-vault-pwd-file cp group_vars/vagrant-secret-vars.yml group_vars/vagrant-secret-vars.yml.enc cp group_vars/onpremise-secret-vars.yml group_vars/onpremise-secret-vars.yml.enc +etl-onpremise: check-app-zip-path check-vault-pwd-file + APPLICATION_ZIP_PATH=$(app_zip_path) APPLICATION_ZIP_FILE_NAME=etl-1.0.0-SNAPSHOT.jar ansible-playbook onpremise_etl_servers.yml -i inventory/onpremise --vault-password-file ${VAULT_PASSWORD_FILE} + etl-staging: check-app-zip-path check-vault-pwd-file APPLICATION_ZIP_PATH=$(app_zip_path) APPLICATION_ZIP_FILE_NAME=etl-1.0.0-SNAPSHOT.jar ansible-playbook staging_etl_servers.yml -i inventory/staging --vault-password-file ${VAULT_PASSWORD_FILE} diff --git a/configure/group_vars/onpremise_vars.yml b/configure/group_vars/onpremise_vars.yml index 5ff3e60..93a7c3f 100644 --- a/configure/group_vars/onpremise_vars.yml +++ b/configure/group_vars/onpremise_vars.yml @@ -8,13 +8,14 @@ ufw_allowed_ports: - "443" - "3000" - "8021" + - "8022" ## ETL server variables -etl_appserver_app_url: "app.security.lfe.avniproject.org" +etl_appserver_app_url: "etl.security.lfe.avniproject.org" bugsnag_stage: "on-premise" - -etl_allowed_origins: "app.security.lfe.avniproject.org" +int_appserver_app_url: "etl.security.lfe.avniproject.org" +etl_allowed_origins: "https://app.security.lfe.avniproject.org" avni_idp_type: "keycloak" scheduled_job_trigger_misfire_threshold: "2700000" scheduled_job_repeat_interval: "60" @@ -38,7 +39,7 @@ avni_server_cache_ttl_seconds: "600" avni_server_cache_max_weight: "1000" avni_server_show_sql: "false" avni_server_idp_type: "keycloak" -avni_server_etl_service_origin: "https://app.security.lfe.avniproject.org/etl" +avni_server_etl_service_origin: "https://etl.security.lfe.avniproject.org/etl" avni_csrf_enabled: "true" avni_web_validhosts: "app.security.lfe.avniproject.org" openchs_csp_enabled: "true" @@ -57,3 +58,4 @@ mb_jetty_port: "3000" mb_db_type: "postgres" mb_db_port: "5432" java_timezone: "Asia/Kolkata" +java_apt_package: openjdk-17-jdk #for ETL. Comment for avni-server \ No newline at end of file diff --git a/configure/inventory/onpremise b/configure/inventory/onpremise index e2de1a4..049cab2 100644 --- a/configure/inventory/onpremise +++ b/configure/inventory/onpremise @@ -2,7 +2,7 @@ ssh.app.security.lfe.avniproject.org ansible_user=ubuntu ansible_port=22 ansible_ssh_private_key_file=~/.ssh/lfe-infra.pem [etlservers] -ssh.app.security.lfe.avniproject.org ansible_user=ubuntu ansible_port=22 ansible_ssh_private_key_file=~/.ssh/lfe-infra.pem +etl.security.lfe.avniproject.org ansible_user=ubuntu ansible_port=22 ansible_ssh_private_key_file=~/.ssh/lfe-infra.pem [keycloak_server] keycloak.security.lfe.avniproject.org ansible_user=ubuntu ansible_port=22 ansible_ssh_private_key_file=~/.ssh/lfe-infra.pem diff --git a/configure/onpremise_etl_servers.yml b/configure/onpremise_etl_servers.yml new file mode 100644 index 0000000..cc99fd3 --- /dev/null +++ b/configure/onpremise_etl_servers.yml @@ -0,0 +1,21 @@ +--- + +- name: Configure etl servers + hosts: etlservers + become: yes + become_user: root + remote_user: "{{ etl_appserver_user }}" + vars: + update_apt_cache: yes + vars_files: + - group_vars/basic_vars.yml + - group_vars/onpremise_vars.yml + - group_vars/onpremise-secret-vars.yml.enc + roles: +# - base # Required if int server is not pre deployed. +# - security # Required if int server is not pre deployed. +# - jdk # Required if int server is not pre deployed. +# - nginx # Required if int server is not pre deployed. +# - certbot # Required if int server is not pre deployed. + - etl_appserver + - nginx_appserver