Skip to content

C
configuration
Commit 30b182b1 by Max Rothman
Options

Clean up and organize vars

parent 37e4594a
Showing with 52 additions and 66 deletions
playbooks/roles/credentials/defaults/main.yml
...@@ -23,7 +23,7 @@ CREDENTIALS_DEFAULT_DB_NAME: 'credentials' ...@@ -23,7 +23,7 @@ CREDENTIALS_DEFAULT_DB_NAME: 'credentials'
CREDENTIALS_MYSQL_HOST: 'localhost' CREDENTIALS_MYSQL_HOST: 'localhost'
# MySQL usernames are limited to 16 characters # MySQL usernames are limited to 16 characters
CREDENTIALS_MYSQL_USER: 'credentials001' CREDENTIALS_MYSQL_USER: 'credentials001'
CREDENTIALS_MYSQL_PASSWORD: 'password' CREDENTIALS_MYSQL_PASSWORD: 'SET ME TO A UNIQUE LONG RANDOM STRING'
CREDENTIALS_DATABASES: CREDENTIALS_DATABASES:
# rw user # rw user
...@@ -38,7 +38,7 @@ CREDENTIALS_DATABASES: ...@@ -38,7 +38,7 @@ CREDENTIALS_DATABASES:
CONN_MAX_AGE: 60 CONN_MAX_AGE: 60
CREDENTIALS_DB_ADMIN_USER: 'root' CREDENTIALS_DB_ADMIN_USER: 'root'
CREDENTIALS_DB_ADMIN_PASSWORD: '' CREDENTIALS_DB_ADMIN_PASSWORD: 'SET ME TO A UNIQUE LONG RANDOM STRING'
CREDENTIALS_MYSQL_MATCHER: '{{ CREDENTIALS_MYSQL_HOST }}' CREDENTIALS_MYSQL_MATCHER: '{{ CREDENTIALS_MYSQL_HOST }}'
CREDENTIALS_MEMCACHE: [ 'memcache' ] CREDENTIALS_MEMCACHE: [ 'memcache' ]
...@@ -49,24 +49,17 @@ CREDENTIALS_CACHES: ...@@ -49,24 +49,17 @@ CREDENTIALS_CACHES:
KEY_PREFIX: 'default' KEY_PREFIX: 'default'
LOCATION: '{{ CREDENTIALS_MEMCACHE }}' LOCATION: '{{ CREDENTIALS_MEMCACHE }}'
CREDENTIALS_VERSION: "master"
CREDENTIALS_DJANGO_SETTINGS_MODULE: "credentials.settings.production" CREDENTIALS_DJANGO_SETTINGS_MODULE: "credentials.settings.production"
CREDENTIALS_URL_ROOT: 'http://credentials:18150' CREDENTIALS_URL_ROOT: 'http://credentials:18150'
CREDENTIALS_OAUTH_URL_ROOT: 'http://127.0.0.1:8000' CREDENTIALS_OAUTH_URL_ROOT: 'http://127.0.0.1:8000'
CREDENTIALS_DATA_DIR: '{{ COMMON_DATA_DIR }}/{{ credentials_service_name }}' CREDENTIALS_SECRET_KEY: 'SET ME TO A UNIQUE LONG RANDOM STRING'
CREDENTIALS_MEDIA_ROOT: '{{ CREDENTIALS_DATA_DIR }}/media'
CREDENTIALS_MEDIA_URL: '/media/'
CREDENTIALS_STATIC_ROOT: '{{ CREDENTIALS_DATA_DIR }}/staticfiles'
CREDENTIALS_STATIC_URL: '/static/'
CREDENTIALS_SECRET_KEY: 'Your secret key here'
CREDENTIALS_TIME_ZONE: 'UTC' CREDENTIALS_TIME_ZONE: 'UTC'
CREDENTIALS_LANGUAGE_CODE: 'en_US.UTF-8' CREDENTIALS_LANGUAGE_CODE: 'en_US.UTF-8'
# Used to automatically configure OAuth2 Client # Used to automatically configure OAuth2 Client
CREDENTIALS_SOCIAL_AUTH_EDX_OIDC_KEY : 'credentials-key' CREDENTIALS_SOCIAL_AUTH_EDX_OIDC_KEY: 'SET ME TO A UNIQUE LONG RANDOM STRING'
CREDENTIALS_SOCIAL_AUTH_EDX_OIDC_SECRET : 'credentials-secret' CREDENTIALS_SOCIAL_AUTH_EDX_OIDC_SECRET: 'SET ME TO A UNIQUE LONG RANDOM STRING'
CREDENTIALS_SOCIAL_AUTH_REDIRECT_IS_HTTPS: false CREDENTIALS_SOCIAL_AUTH_REDIRECT_IS_HTTPS: false
CREDENTIALS_PLATFORM_NAME: 'Your Platform Name Here' CREDENTIALS_PLATFORM_NAME: 'Your Platform Name Here'
...@@ -76,53 +69,74 @@ CREDENTIALS_SERVICE_USER: 'credentials_service_user' ...@@ -76,53 +69,74 @@ CREDENTIALS_SERVICE_USER: 'credentials_service_user'
# Absolute URL used to get programs from the programs service. # Absolute URL used to get programs from the programs service.
CREDENTIALS_PROGRAMS_API_URL: 'https://127.0.0.1:8004/api/v1/' CREDENTIALS_PROGRAMS_API_URL: 'https://127.0.0.1:8004/api/v1/'
CREDENTIALS_PROGRAMS_API_JWT_AUDIENCE: 'programs-key' CREDENTIALS_PROGRAMS_API_JWT_AUDIENCE: 'SET ME TO THE SAME AS PROGRAMS_SOCIAL_AUTH_EDX_OIDC_KEY'
CREDENTIALS_PROGRAMS_API_JWT_SECRET_KEY: 'programs-secret' CREDENTIALS_PROGRAMS_API_JWT_SECRET_KEY: 'SET ME TO THE SAME AS PROGRAMS_SOCIAL_AUTH_EDX_OIDC_SECRET'
# Absolute URL used to get organization data from the organizations api in LMS # Absolute URL used to get organization data from the organizations api in LMS
CREDENTIALS_ORGANIZATIONS_API_URL: 'https://127.0.0.1:8000/api/organizations/v0/' CREDENTIALS_ORGANIZATIONS_API_URL: 'https://127.0.0.1:8000/api/organizations/v0/'
CREDENTIALS_ORGANIZATIONS_API_AUDIENCE: 'lms-key' CREDENTIALS_ORGANIZATIONS_API_AUDIENCE: 'SET ME TO THE SAME AS EDXAPP_JWT_AUDIENCE'
CREDENTIALS_ORGANIZATIONS_API_SECRET_KEY: 'lms-secret' CREDENTIALS_ORGANIZATIONS_API_SECRET_KEY: 'SET ME TO THE SAME AS EDXAPP_JWT_SECRET_KEY'
# Absolute URL used to get user data from the user api in LMS # Absolute URL used to get user data from the user api in LMS
CREDENTIALS_USER_API_URL: 'https://127.0.0.1:8000/api/user/v1/' CREDENTIALS_USER_API_URL: 'https://127.0.0.1:8000/api/user/v1/'
CREDENTIALS_USER_API_JWT_AUDIENCE: 'lms-key' CREDENTIALS_USER_API_JWT_AUDIENCE: 'SET ME TO THE SAME AS EDXAPP_JWT_AUDIENCE'
CREDENTIALS_USER_API_JWT_SECRET_KEY: 'lms-secret' CREDENTIALS_USER_API_JWT_SECRET_KEY: 'SET ME TO THE SAME AS EDXAPP_JWT_SECRET_KEY'
CREDENTIALS_DATA_DIR: '{{ COMMON_DATA_DIR }}/{{ credentials_service_name }}'
CREDENTIALS_MEDIA_URL: '/media/'
CREDENTIALS_STATIC_URL: '/static/'
# Example settings to use Amazon S3 as files storage backend with django storages: # Example settings to use Amazon S3 as a storage backend with django storages:
# https://django-storages.readthedocs.org/en/latest/backends/amazon-S3.html#amazon-s3 # https://django-storages.readthedocs.org/en/latest/backends/amazon-S3.html#amazon-s3
# #
# CREDENTIALS_MEDIA_ROOT: 'media' # CREDENTIALS_BUCKET: mybucket
# CREDENTIALS_MEDIA_URL: 'https://mybucket.s3.amazonaws.com/media/' # credentials_s3_domain: s3.amazonaws.com
# CREDENTIALS_STATIC_ROOT: 'static'
# CREDENTIALS_STATIC_URL: 'https://mybucket.s3.amazonaws.com/static/'
# #
# CREDENTIALS_FILE_STORAGE_BACKEND: # CREDENTIALS_FILE_STORAGE_BACKEND:
# AWS_STORAGE_BUCKET_NAME: 'mybucket' # AWS_STORAGE_BUCKET_NAME: '{{ CREDENTIALS_BUCKET }}'
# AWS_CUSTOM_DOMAIN: 'mybucket.s3.amazonaws.com' # AWS_CUSTOM_DOMAIN: '{{ CREDENTIALS_BUCKET }}.{{ credentials_s3_domain }}'
# AWS_ACCESS_KEY_ID: 'XXXAWS_ACCESS_KEYXXX' # AWS_ACCESS_KEY_ID: 'XXXAWS_ACCESS_KEYXXX'
# AWS_SECRET_ACCESS_KEY: 'XXXAWS_SECRETY_KEYXXX' # AWS_SECRET_ACCESS_KEY: 'XXXAWS_SECRET_KEYXXX'
# AWS_QUERYSTRING_AUTH: False # AWS_QUERYSTRING_AUTH: false
# AWS_QUERYSTRING_EXPIRE: False # AWS_QUERYSTRING_EXPIRE: false
# AWS_DEFAULT_ACL: '' # AWS_DEFAULT_ACL: ''
# AWS_HEADERS: # AWS_HEADERS:
# Cache-Control: max-age-31536000
# Access-Control-Allow-Origin: 'PUT-YOUR-HOSTNAME-HERE' # Access-Control-Allow-Origin: 'PUT-YOUR-HOSTNAME-HERE'
# #
# COMPRESS_URL: 'https://mybucket.s3.amazonaws.com/staticfiles/' # MEDIA_URL: 'https://{{ CREDENTIALS_BUCKET }}.{{ credentials_s3_domain }}/{{ CREDENTIALS_MEDIA_URL }}/'
# STATIC_URL: 'https://mybucket.s3.amazonaws.com/staticfiles/' # STATIC_URL: 'https://{{ CREDENTIALS_BUCKET }}.{{ credentials_s3_domain }}/{{ CREDENTIALS_STATIC_URL }}/'
# MEDIA_URL: 'https://mybucket.s3.amazonaws.com/media/'
# COMPRESS_STORAGE: 'credentials.apps.core.s3utils.StaticS3BotoStorage' # DEFAULT_FILE_STORAGE: 'credentials.apps.core.s3utils.MediaRootS3BotoStorage'
# STATICFILES_STORAGE: 'credentials.apps.core.s3utils.StaticS3BotoStorage' # STATICFILES_STORAGE: 'credentials.apps.core.s3utils.StaticS3BotoStorage'
# DEFAULT_FILE_STORAGE: 'credentials.apps.core.s3utils.MediaRootS3BotoStorage'
CREDENTIALS_FILE_STORAGE_BACKEND: CREDENTIALS_FILE_STORAGE_BACKEND:
MEDIA_ROOT: '{{ CREDENTIALS_MEDIA_ROOT }}'
MEDIA_URL: '{{ CREDENTIALS_MEDIA_URL }}' MEDIA_URL: '{{ CREDENTIALS_MEDIA_URL }}'
STATIC_ROOT: '{{ CREDENTIALS_STATIC_ROOT }}' MEDIA_ROOT: '{{ CREDENTIALS_DATA_DIR }}/media'
STATIC_URL: '{{ CREDENTIALS_STATIC_URL }}' STATIC_URL: '{{ CREDENTIALS_STATIC_URL }}'
STATIC_ROOT: '{{ CREDENTIALS_DATA_DIR }}/staticfiles'
DEFAULT_FILE_STORAGE: 'django.core.files.storage.DefaultStorage' DEFAULT_FILE_STORAGE: 'django.core.files.storage.DefaultStorage'
CREDENTIALS_VERSION: "master"
CREDENTIALS_REPOS:
- PROTOCOL: "{{ COMMON_GIT_PROTOCOL }}"
DOMAIN: "{{ COMMON_GIT_MIRROR }}"
PATH: "{{ COMMON_GIT_PATH }}"
REPO: credentials.git
VERSION: "{{ CREDENTIALS_VERSION }}"
DESTINATION: "{{ credentials_code_dir }}"
SSH_KEY: "{{ CREDENTIALS_GIT_IDENTITY }}"
CREDENTIALS_GUNICORN_WORKERS: "2"
CREDENTIALS_GUNICORN_EXTRA: ""
CREDENTIALS_GUNICORN_EXTRA_CONF: ""
CREDENTIALS_GUNICORN_WORKER_CLASS: "gevent"
CREDENTIALS_HOSTNAME: '~^((stage|prod)-)?credentials.*'
NGINX_CREDENTIALS_GUNICORN_HOSTS:
- 127.0.0.1
CREDENTIALS_SERVICE_CONFIG: CREDENTIALS_SERVICE_CONFIG:
SECRET_KEY: '{{ CREDENTIALS_SECRET_KEY }}' SECRET_KEY: '{{ CREDENTIALS_SECRET_KEY }}'
TIME_ZONE: '{{ CREDENTIALS_TIME_ZONE }}' TIME_ZONE: '{{ CREDENTIALS_TIME_ZONE }}'
...@@ -164,31 +178,10 @@ CREDENTIALS_SERVICE_CONFIG: ...@@ -164,31 +178,10 @@ CREDENTIALS_SERVICE_CONFIG:
USER_JWT_AUDIENCE: '{{ CREDENTIALS_USER_API_JWT_AUDIENCE }}' USER_JWT_AUDIENCE: '{{ CREDENTIALS_USER_API_JWT_AUDIENCE }}'
USER_JWT_SECRET_KEY: '{{ CREDENTIALS_USER_API_JWT_SECRET_KEY }}' USER_JWT_SECRET_KEY: '{{ CREDENTIALS_USER_API_JWT_SECRET_KEY }}'
CREDENTIALS_REPOS:
- PROTOCOL: "{{ COMMON_GIT_PROTOCOL }}"
DOMAIN: "{{ COMMON_GIT_MIRROR }}"
PATH: "{{ COMMON_GIT_PATH }}"
REPO: credentials.git
VERSION: "{{ CREDENTIALS_VERSION }}"
DESTINATION: "{{ credentials_code_dir }}"
SSH_KEY: "{{ CREDENTIALS_GIT_IDENTITY }}"
CREDENTIALS_GUNICORN_WORKERS: "2"
CREDENTIALS_GUNICORN_EXTRA: ""
CREDENTIALS_GUNICORN_EXTRA_CONF: ""
CREDENTIALS_GUNICORN_WORKER_CLASS: "gevent"
CREDENTIALS_HOSTNAME: '~^((stage|prod)-)?credentials.*'
NGINX_CREDENTIALS_GUNICORN_HOSTS:
- 127.0.0.1
# #
# vars are namespace with the module name. # vars are namespace with the module name.
# #
credentials_role_name: credentials credentials_service_name: "credentials"
credentials_venv_dir: "{{ credentials_home }}/venvs/{{ credentials_service_name }}" credentials_venv_dir: "{{ credentials_home }}/venvs/{{ credentials_service_name }}"
credentials_migration_environment: credentials_migration_environment:
...@@ -198,7 +191,6 @@ credentials_migration_environment: ...@@ -198,7 +191,6 @@ credentials_migration_environment:
DB_MIGRATION_USER: "{{ COMMON_MYSQL_MIGRATE_USER }}" DB_MIGRATION_USER: "{{ COMMON_MYSQL_MIGRATE_USER }}"
DB_MIGRATION_PASS: "{{ COMMON_MYSQL_MIGRATE_PASS }}" DB_MIGRATION_PASS: "{{ COMMON_MYSQL_MIGRATE_PASS }}"
credentials_service_name: "{{ credentials_role_name }}"
credentials_user: "{{ credentials_service_name }}" credentials_user: "{{ credentials_service_name }}"
credentials_home: "{{ COMMON_APP_DIR }}/{{ credentials_service_name }}" credentials_home: "{{ COMMON_APP_DIR }}/{{ credentials_service_name }}"
credentials_code_dir: "{{ credentials_home }}/{{ credentials_service_name }}" credentials_code_dir: "{{ credentials_home }}/{{ credentials_service_name }}"
...@@ -231,9 +223,3 @@ credentials_debian_pkgs: ...@@ -231,9 +223,3 @@ credentials_debian_pkgs:
- libpng12-dev - libpng12-dev
credentials_redhat_pkgs: [] credentials_redhat_pkgs: []
"JWT_AUTH": {
"JWT_AUDIENCE": "lms-key",
"JWT_ISSUER": "https://certs.sandbox.edx.org/oauth2",
"JWT_SECRET_KEY": "lms-secret"
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment