aboutsummaryrefslogtreecommitdiff
path: root/test/leap_platform/provider_base
diff options
context:
space:
mode:
Diffstat (limited to 'test/leap_platform/provider_base')
-rw-r--r--test/leap_platform/provider_base/common.json15
-rw-r--r--test/leap_platform/provider_base/provider.json36
-rw-r--r--test/leap_platform/provider_base/services/couchdb.json7
-rw-r--r--test/leap_platform/provider_base/services/webapp.json50
4 files changed, 83 insertions, 25 deletions
diff --git a/test/leap_platform/provider_base/common.json b/test/leap_platform/provider_base/common.json
index f5093a5..653b9a0 100644
--- a/test/leap_platform/provider_base/common.json
+++ b/test/leap_platform/provider_base/common.json
@@ -1,9 +1,11 @@
{
- "ip_address": "REQUIRED",
+ "ip_address": null,
+ "environment": null,
"services": [],
+ "tags": [],
"domain": {
"full_suffix": "= global.provider.domain",
- "internal_suffix": "= global.provider.internal_domain",
+ "internal_suffix": "= global.provider.domain_internal",
"full": "= node.name + '.' + domain.full_suffix",
"internal": "= node.name + '.' + domain.internal_suffix",
"name": "= node.name + '.' + (dns.public ? domain.full_suffix : domain.internal_suffix)"
@@ -13,13 +15,16 @@
},
"ssh": {
"authorized_keys": "= file :authorized_keys",
- "known_hosts": "= file :known_hosts",
+ "known_hosts": "=> known_hosts_file",
"port": 22
},
+ "hosts": "=> hosts_file",
"x509": {
"use": false,
"cert": "= x509.use ? file(:node_x509_cert, :missing => 'x509 certificate for node $node. Run `leap cert update`') : nil",
- "key": "= x509.use ? file(:node_x509_key, :missing => 'x509 key for node $node. Run `leap cert update`') : nil"
+ "key": "= x509.use ? file(:node_x509_key, :missing => 'x509 key for node $node. Run `leap cert update`') : nil",
+ "ca_cert": "= try_file :ca_cert"
},
- "local": false
+ "service_type": "internal_service",
+ "name": "common"
}
diff --git a/test/leap_platform/provider_base/provider.json b/test/leap_platform/provider_base/provider.json
index de5ad44..cf1baac 100644
--- a/test/leap_platform/provider_base/provider.json
+++ b/test/leap_platform/provider_base/provider.json
@@ -1,29 +1,53 @@
{
"domain": "REQUIRED",
- "internal_domain": "= domain.sub(/\\..*$/,'.i')",
+ "domain_internal": "= domain.sub(/\\..*$/,'.i')",
"name": {
"en": "REQUIRED"
},
"description": {
"en": "REQUIRED"
},
+ "contacts": {
+ "default": "REQUIRED"
+ },
"languages": ["en"],
"default_language": "en",
"enrollment_policy": "open",
+ "service": {
+ "levels": [
+ // bandwidth limit is in Bytes, storage limit is in MB.
+ {"id": 1, "name": "free", "bandwidth":"limited", "storage":50},
+ {"id": 2, "name": "basic", "storage":1000, "rate": ["US$10", "€10"]},
+ {"id": 3, "name": "pro", "storage":10000, "rate": ["US$20", "€20"]}
+ ],
+ "default_service_level": 1,
+ "bandwidth_limit": 102400,
+ "allow_free": "= global.provider.service.levels.select {|l| l['rate'].nil?}.any?",
+ "allow_paid": "= global.provider.service.levels.select {|l| !l['rate'].nil?}.any?",
+ "allow_anonymous": "= global.provider.service.levels.select {|l| l['name'] == 'anonymous'}.any?",
+ "allow_registration": "= global.provider.service.levels.select {|l| l['name'] != 'anonymous'}.any?",
+ "allow_limited_bandwidth": "= global.provider.service.levels.select {|l| l['bandwidth'] == 'limited'}.any?",
+ "allow_unlimited_bandwidth": "= global.provider.service.levels.select {|l| l['bandwidth'].nil?}.any?"
+ },
"ca": {
"name": "= global.provider.ca.organization + ' Root CA'",
"organization": "= global.provider.name[global.provider.default_language]",
- "organizational_unit": "= 'https://' + global.common.domain.full_suffix",
+ "organizational_unit": "= 'https://' + global.provider.domain",
"bit_size": 4096,
"digest": "SHA256",
"life_span": "10y",
"server_certificates": {
- "bit_size": 3248,
+ "bit_size": 2024,
"digest": "SHA256",
"life_span": "1y"
+ },
+ "client_certificates": {
+ "bit_size": 2024,
+ "digest": "SHA256",
+ "life_span": "2m",
+ "limited_prefix": "LIMITED",
+ "unlimited_prefix": "UNLIMITED"
}
},
- "vagrant":{
- "network":"10.5.5.0/24"
- }
+ "hiera_sync_destination": "/etc/leap"
}
diff --git a/test/leap_platform/provider_base/services/couchdb.json b/test/leap_platform/provider_base/services/couchdb.json
index 1c8005c..0c40731 100644
--- a/test/leap_platform/provider_base/services/couchdb.json
+++ b/test/leap_platform/provider_base/services/couchdb.json
@@ -3,7 +3,14 @@
"x509": {
"use": true
},
+ "stunnel": {
+ "couch_server": "= stunnel_server(couch.port)"
+ },
"couch": {
+ "port": 5984,
+ "bigcouch": {
+ "cookie": "= secret :bigcouch_cookie"
+ },
"users": {
"admin": {
"username": "admin",
diff --git a/test/leap_platform/provider_base/services/webapp.json b/test/leap_platform/provider_base/services/webapp.json
index cf023a9..895aa6e 100644
--- a/test/leap_platform/provider_base/services/webapp.json
+++ b/test/leap_platform/provider_base/services/webapp.json
@@ -1,21 +1,43 @@
{
- "service_type": "public_service",
- "x509": {
- "use": true,
- "commercial_cert": "= try_file [:commercial_cert, global.provider.domain]",
- "commercial_key": "= try_file [:commercial_key, global.provider.domain]"
- },
- "api_domain": "= 'api.' + domain.full_suffix",
- "dns": {
- "aliases": "= [domain.full, api_domain]"
- },
"webapp": {
"modules": ["user", "billing", "help"],
- "couchdb_hosts": "= nodes[:services => :couchdb].field('domain.name')",
- "couchdb_user": "= global.services[:couchdb].couch.users[:webapp]"
+ "couchdb_admin_user": "= global.services[:couchdb].couch.users[:admin]",
+ "couchdb_webapp_user": "= global.services[:couchdb].couch.users[:webapp]",
+ "favicon": "= file_path 'branding/favicon.ico'",
+ "tail_scss": "= file_path 'branding/tail.scss'",
+ "head_scss": "= file_path 'branding/head.scss'",
+ "img_dir": "= file_path 'branding/img'",
+ "client_certificates": "= global.provider.ca.client_certificates",
+ "allow_limited_certs": "= global.provider.service.allow_limited_bandwidth",
+ "allow_unlimited_certs": "= global.provider.service.allow_unlimited_bandwidth",
+ "allow_anonymous_certs": "= global.provider.service.allow_anonymous",
+ "secret_token": "= secret :webapp_secret_token"
+ },
+ "stunnel": {
+ "couch_client": "= stunnel_client(nodes_like_me[:services => :couchdb], global.services[:couchdb].couch.port)"
+ },
+ "haproxy": {
+ "local_ports": "= stunnel.couch_client.field(:accept_port)"
},
"definition_files": {
- "provider": "= file('service-definitions/provider.json.erb')",
- "eip_service": "file('service-definitions/eip-service.json.erb')"
+ "provider": "= file :provider_json_template",
+ "eip_service": "= file :eip_service_json_template"
+ },
+ "service_type": "public_service",
+ "api": {
+ "domain": "= 'api.' + domain.full_suffix",
+ "port": "4430"
+ },
+ "dns": {
+ "aliases": "= [domain.full, api.domain]"
+ },
+ "x509": {
+ "use": true,
+ "ca_cert": "= file :ca_cert, :missing => 'provider CA. Run `leap cert ca`'",
+ "client_ca_cert": "= file_path :client_ca_cert",
+ "client_ca_key": "= file_path :client_ca_key",
+ "commercial_cert": "= file [:commercial_cert, domain.full_suffix]",
+ "commercial_key": "= file [:commercial_key, domain.full_suffix]",
+ "commercial_ca_cert": "= try_file :commercial_ca_cert"
}
} \ No newline at end of file