 Jakub Sokołowski
|
1a9cb33b1b
|
bump referral host to s-4vcpu-8gb
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2021-01-25 19:36:32 +01:00 |
|
Jakub Sokołowski
|
c248cd23e6
|
update terraform versions
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2021-01-25 19:18:44 +01:00 |
|
Jakub Sokołowski
|
70b354ddd6
|
use bootstrap__active_extra_users variable, drop Andre
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2021-01-14 13:56:13 +01:00 |
|
Jakub Sokołowski
|
f2b43cd37a
|
install ThreatStack agent only on Prod hosts
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-10-19 21:14:57 +02:00 |
|
Jakub Sokołowski
|
7d32f3659f
|
fix name of nginx role
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-10-12 15:50:42 +02:00 |
|
Jakub Sokołowski
|
2566793996
|
deploy nginx-metrics on all hosts
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-10-12 15:44:10 +02:00 |
|
Jakub Sokołowski
|
efa009fcd7
|
use our own Nginx role to fix permissions
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-10-07 19:50:34 +02:00 |
|
Jakub Sokołowski
|
0f57e43cd4
|
return only the client IP via X-Forwarded-For header
This solves an issue with Ruby Rails showing CloudFlare proxy as the
client IP because it doesn't trust the range:
https://github.com/rails/rails/blob/11738e82/actionpack/lib/action_dispatch/middleware/remote_ip.rb#L35
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-09-30 19:58:35 +02:00 |
|
Jakub Sokołowski
|
c092cd2529
|
referral-service: add IP_SALT env variable from secrets
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-09-30 11:33:06 +02:00 |
|
Jakub Sokołowski
|
fe71cf861a
|
add andreap to active ssh users
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-09-22 14:41:14 +02:00 |
|
Jakub Sokołowski
|
55dbfb3ca2
|
readme: add deployments section
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-09-22 09:00:35 +02:00 |
|
Jakub Sokołowski
|
2b5252b028
|
use container tag based on stage
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-09-01 22:37:18 +02:00 |
|
Jakub Sokołowski
|
1d5c117e18
|
referral-service: expose PostgreSQL 5432 port to Tinc VPN
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-08-25 16:38:04 +02:00 |
|
Jakub Sokołowski
|
b904968a68
|
add get.status.im as prod domain
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-08-25 12:22:57 +02:00 |
|
Jakub Sokołowski
|
d324700ab6
|
use secrets based on stage
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-08-24 21:38:05 +02:00 |
|
Jakub Sokołowski
|
917a09a6e7
|
referral-service: add GoeIP auth for checking regions
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-08-07 17:05:36 +02:00 |
|
Jakub Sokołowski
|
a7a7f6e06c
|
referral-service: use same GID as UID for Postgres folder
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-07-20 13:44:47 +02:00 |
|
Jakub Sokołowski
|
15f3f12284
|
referral-service: move running migration to separate docker exec
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-07-07 20:54:21 +02:00 |
|
Jakub Sokołowski
|
64ac07efc0
|
add nginx headers to forward real client IPs
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-07-07 19:20:27 +02:00 |
|
Jakub Sokołowski
|
eb2c4a693b
|
referral-service: run migrations on container updates
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-07-07 18:16:23 +02:00 |
|
Jakub Sokołowski
|
f6ef3ef3da
|
referral-service: pull new image with docker_compose
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-07-07 17:48:49 +02:00 |
|
Jakub Sokołowski
|
526a959d3e
|
referral-service: support setting public domain
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-07-07 17:41:04 +02:00 |
|
Jakub Sokołowski
|
b7e2b3d8ca
|
add prod emergency inventory
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-07-07 16:51:58 +02:00 |
|
Jakub Sokołowski
|
2f2402da97
|
add versions.tf file
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-07-07 15:09:23 +02:00 |
|
Jakub Sokołowski
|
adde14eb1d
|
update README with admin paths
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-07-07 15:08:03 +02:00 |
|
Jakub Sokołowski
|
a773c91065
|
remove unused variable
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-07-07 15:03:27 +02:00 |
|
Jakub Sokołowski
|
0b143de915
|
referral-service: fix deploying of google credentials
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-07-07 15:02:00 +02:00 |
|
Jakub Sokołowski
|
334563e431
|
referral-service: fix credentials for googl, drop apple
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-07-06 22:59:42 +02:00 |
|
Jakub Sokołowski
|
1839887eea
|
add new node-01.do-ams3.referral.test host
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-07-06 18:02:23 +02:00 |
|
Jakub Sokołowski
|
7d574d6b40
|
add ssh key for andre@status.im
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-07-06 16:03:35 +02:00 |
|
Jakub Sokołowski
|
e3ac0abd93
|
rename starter-pack to referral-service
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-07-06 16:03:13 +02:00 |
|
Jakub Sokołowski
|
27bdb54fbc
|
add a cleanup and upgrade playbooks
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-04-29 14:10:35 +02:00 |
|
Jakub Sokołowski
|
d73dbf097f
|
remove igor
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-04-14 15:06:44 +02:00 |
|
Jakub Sokołowski
|
b4dfc3f92d
|
lower size of starter pack host to 1vcpu and 2gb ram
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-04-03 12:07:21 +02:00 |
|
Jakub Sokołowski
|
e978aeae54
|
add README for starterpack role
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-04-02 23:59:33 +02:00 |
|
Jakub Sokołowski
|
f2b636c95e
|
fix name of nginx config
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-04-02 20:52:54 +02:00 |
|
Jakub Sokołowski
|
ffd86af498
|
fix DNS record format
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-04-02 20:52:53 +02:00 |
|
Jakub Sokołowski
|
f1b6c9043c
|
rebuild image when repo changes
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-04-02 20:47:24 +02:00 |
|
Jakub Sokołowski
|
626f375a41
|
add queue container running sidekiq
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-04-02 20:47:04 +02:00 |
|
Jakub Sokołowski
|
49050aaddf
|
add depends_on for the compose file
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-04-02 20:01:49 +02:00 |
|
Jakub Sokołowski
|
a3b8e93b4e
|
add missing origin-certs role to playbook
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-04-02 20:00:20 +02:00 |
|
Jakub Sokołowski
|
505c67d654
|
use the correct port for starter pack proxy
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-04-02 19:50:53 +02:00 |
|
Jakub Sokołowski
|
6eda051b8a
|
set SECRET_KEY_BASE for ruby
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-04-02 19:50:05 +02:00 |
|
Jakub Sokołowski
|
25bfccbbed
|
add PIDFILE path for ruby
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-04-02 19:49:57 +02:00 |
|
Jakub Sokołowski
|
2d129f001e
|
drop double quotes from env files
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-04-02 19:49:48 +02:00 |
|
Jakub Sokołowski
|
f35f4241d7
|
fix db container name
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-04-02 19:41:01 +02:00 |
|
Jakub Sokołowski
|
acadcc529b
|
fix postgres data folder permissions
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-04-02 19:36:57 +02:00 |
|
Jakub Sokołowski
|
98857cab0a
|
add starterpack role
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-04-02 18:56:17 +02:00 |
|
Jakub Sokołowski
|
b0249f3a6f
|
add node-01.do-ams3.starter.test to emergency inventory
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-04-02 18:39:50 +02:00 |
|
Jakub Sokołowski
|
f1cb7240ff
|
add host.tf configuration
Signed-off-by: Jakub Sokołowski <jakub@status.im>
|
2020-04-02 18:34:00 +02:00 |