diff options
Diffstat (limited to 'test/leap_platform/provider_base')
-rw-r--r-- | test/leap_platform/provider_base/common.json | 15 | ||||
-rw-r--r-- | test/leap_platform/provider_base/provider.json | 36 | ||||
-rw-r--r-- | test/leap_platform/provider_base/services/couchdb.json | 7 | ||||
-rw-r--r-- | test/leap_platform/provider_base/services/webapp.json | 50 |
4 files changed, 83 insertions, 25 deletions
diff --git a/test/leap_platform/provider_base/common.json b/test/leap_platform/provider_base/common.json index f5093a5..653b9a0 100644 --- a/test/leap_platform/provider_base/common.json +++ b/test/leap_platform/provider_base/common.json @@ -1,9 +1,11 @@ { - "ip_address": "REQUIRED", + "ip_address": null, + "environment": null, "services": [], + "tags": [], "domain": { "full_suffix": "= global.provider.domain", - "internal_suffix": "= global.provider.internal_domain", + "internal_suffix": "= global.provider.domain_internal", "full": "= node.name + '.' + domain.full_suffix", "internal": "= node.name + '.' + domain.internal_suffix", "name": "= node.name + '.' + (dns.public ? domain.full_suffix : domain.internal_suffix)" @@ -13,13 +15,16 @@ }, "ssh": { "authorized_keys": "= file :authorized_keys", - "known_hosts": "= file :known_hosts", + "known_hosts": "=> known_hosts_file", "port": 22 }, + "hosts": "=> hosts_file", "x509": { "use": false, "cert": "= x509.use ? file(:node_x509_cert, :missing => 'x509 certificate for node $node. Run `leap cert update`') : nil", - "key": "= x509.use ? file(:node_x509_key, :missing => 'x509 key for node $node. Run `leap cert update`') : nil" + "key": "= x509.use ? file(:node_x509_key, :missing => 'x509 key for node $node. Run `leap cert update`') : nil", + "ca_cert": "= try_file :ca_cert" }, - "local": false + "service_type": "internal_service", + "name": "common" } diff --git a/test/leap_platform/provider_base/provider.json b/test/leap_platform/provider_base/provider.json index de5ad44..cf1baac 100644 --- a/test/leap_platform/provider_base/provider.json +++ b/test/leap_platform/provider_base/provider.json @@ -1,29 +1,53 @@ { "domain": "REQUIRED", - "internal_domain": "= domain.sub(/\\..*$/,'.i')", + "domain_internal": "= domain.sub(/\\..*$/,'.i')", "name": { "en": "REQUIRED" }, "description": { "en": "REQUIRED" }, + "contacts": { + "default": "REQUIRED" + }, "languages": ["en"], "default_language": "en", "enrollment_policy": "open", + "service": { + "levels": [ + // bandwidth limit is in Bytes, storage limit is in MB. + {"id": 1, "name": "free", "bandwidth":"limited", "storage":50}, + {"id": 2, "name": "basic", "storage":1000, "rate": ["US$10", "€10"]}, + {"id": 3, "name": "pro", "storage":10000, "rate": ["US$20", "€20"]} + ], + "default_service_level": 1, + "bandwidth_limit": 102400, + "allow_free": "= global.provider.service.levels.select {|l| l['rate'].nil?}.any?", + "allow_paid": "= global.provider.service.levels.select {|l| !l['rate'].nil?}.any?", + "allow_anonymous": "= global.provider.service.levels.select {|l| l['name'] == 'anonymous'}.any?", + "allow_registration": "= global.provider.service.levels.select {|l| l['name'] != 'anonymous'}.any?", + "allow_limited_bandwidth": "= global.provider.service.levels.select {|l| l['bandwidth'] == 'limited'}.any?", + "allow_unlimited_bandwidth": "= global.provider.service.levels.select {|l| l['bandwidth'].nil?}.any?" + }, "ca": { "name": "= global.provider.ca.organization + ' Root CA'", "organization": "= global.provider.name[global.provider.default_language]", - "organizational_unit": "= 'https://' + global.common.domain.full_suffix", + "organizational_unit": "= 'https://' + global.provider.domain", "bit_size": 4096, "digest": "SHA256", "life_span": "10y", "server_certificates": { - "bit_size": 3248, + "bit_size": 2024, "digest": "SHA256", "life_span": "1y" + }, + "client_certificates": { + "bit_size": 2024, + "digest": "SHA256", + "life_span": "2m", + "limited_prefix": "LIMITED", + "unlimited_prefix": "UNLIMITED" } }, - "vagrant":{ - "network":"10.5.5.0/24" - } + "hiera_sync_destination": "/etc/leap" } diff --git a/test/leap_platform/provider_base/services/couchdb.json b/test/leap_platform/provider_base/services/couchdb.json index 1c8005c..0c40731 100644 --- a/test/leap_platform/provider_base/services/couchdb.json +++ b/test/leap_platform/provider_base/services/couchdb.json @@ -3,7 +3,14 @@ "x509": { "use": true }, + "stunnel": { + "couch_server": "= stunnel_server(couch.port)" + }, "couch": { + "port": 5984, + "bigcouch": { + "cookie": "= secret :bigcouch_cookie" + }, "users": { "admin": { "username": "admin", diff --git a/test/leap_platform/provider_base/services/webapp.json b/test/leap_platform/provider_base/services/webapp.json index cf023a9..895aa6e 100644 --- a/test/leap_platform/provider_base/services/webapp.json +++ b/test/leap_platform/provider_base/services/webapp.json @@ -1,21 +1,43 @@ { - "service_type": "public_service", - "x509": { - "use": true, - "commercial_cert": "= try_file [:commercial_cert, global.provider.domain]", - "commercial_key": "= try_file [:commercial_key, global.provider.domain]" - }, - "api_domain": "= 'api.' + domain.full_suffix", - "dns": { - "aliases": "= [domain.full, api_domain]" - }, "webapp": { "modules": ["user", "billing", "help"], - "couchdb_hosts": "= nodes[:services => :couchdb].field('domain.name')", - "couchdb_user": "= global.services[:couchdb].couch.users[:webapp]" + "couchdb_admin_user": "= global.services[:couchdb].couch.users[:admin]", + "couchdb_webapp_user": "= global.services[:couchdb].couch.users[:webapp]", + "favicon": "= file_path 'branding/favicon.ico'", + "tail_scss": "= file_path 'branding/tail.scss'", + "head_scss": "= file_path 'branding/head.scss'", + "img_dir": "= file_path 'branding/img'", + "client_certificates": "= global.provider.ca.client_certificates", + "allow_limited_certs": "= global.provider.service.allow_limited_bandwidth", + "allow_unlimited_certs": "= global.provider.service.allow_unlimited_bandwidth", + "allow_anonymous_certs": "= global.provider.service.allow_anonymous", + "secret_token": "= secret :webapp_secret_token" + }, + "stunnel": { + "couch_client": "= stunnel_client(nodes_like_me[:services => :couchdb], global.services[:couchdb].couch.port)" + }, + "haproxy": { + "local_ports": "= stunnel.couch_client.field(:accept_port)" }, "definition_files": { - "provider": "= file('service-definitions/provider.json.erb')", - "eip_service": "file('service-definitions/eip-service.json.erb')" + "provider": "= file :provider_json_template", + "eip_service": "= file :eip_service_json_template" + }, + "service_type": "public_service", + "api": { + "domain": "= 'api.' + domain.full_suffix", + "port": "4430" + }, + "dns": { + "aliases": "= [domain.full, api.domain]" + }, + "x509": { + "use": true, + "ca_cert": "= file :ca_cert, :missing => 'provider CA. Run `leap cert ca`'", + "client_ca_cert": "= file_path :client_ca_cert", + "client_ca_key": "= file_path :client_ca_key", + "commercial_cert": "= file [:commercial_cert, domain.full_suffix]", + "commercial_key": "= file [:commercial_key, domain.full_suffix]", + "commercial_ca_cert": "= try_file :commercial_ca_cert" } }
\ No newline at end of file |