diff --git a/ansible/artifacts/sunbird/login/login.ftl b/ansible/artifacts/sunbird/login/login.ftl index 22f6047014..fdf5abbbec 100644 --- a/ansible/artifacts/sunbird/login/login.ftl +++ b/ansible/artifacts/sunbird/login/login.ftl @@ -11,7 +11,7 @@
-
${msg("doSignIn")}
+
${msg("loginDiksha")}

${msg("mergeAccountMessage")}

${msg("migrateAccountMessage")}

@@ -39,10 +39,10 @@ <#if usernameEditDisabled??> - + <#-- TODO: need to find alternative for prepopulating username --> + <#else> - - +
@@ -51,7 +51,7 @@ <#if realm.resetPasswordAllowed> ${msg("doForgotPassword")} - +
- +
-

OR

+

OR

<#if realm.password && social.providers??> - - +
<#if realm.password && realm.registrationAllowed && !usernameEditDisabled??>
- ${msg("noAccount")} ${msg("doRegister")} to access relevant learning material and enroll for courses. + ${msg("noAccount")} ${msg("registerHere")}
diff --git a/ansible/artifacts/sunbird/login/messages/messages_en.properties b/ansible/artifacts/sunbird/login/messages/messages_en.properties index fbb920b630..b9d375c916 100644 --- a/ansible/artifacts/sunbird/login/messages/messages_en.properties +++ b/ansible/artifacts/sunbird/login/messages/messages_en.properties @@ -1,8 +1,8 @@ -doLogIn=Log In +doLogIn=Login doRegister=Sign Up doSignIn=Sign In doSignWithGoogle=with Google -doSignWithState=Sign In with State System +doSignWithState=Login with State System doCancel=Cancel doSubmit=Submit doReset=Reset @@ -38,7 +38,7 @@ emailVerifyTitle=Email verification emailForgotTitle=Forgot Your Password? updatePasswordTitle=Update Password newPasswordTitle=Create New Password -enterEmailPhonenumberToGetCode=Enter your Email ID/ Mobile number and we will send you instructions on how to reset your password +enterEmailPhonenumberToGetCode=Enter your Email Address/ Mobile number and we will send you instructions on how to reset your password codeSuccessTitle=Success code codeErrorTitle=Error code\: {0} @@ -53,11 +53,11 @@ consentDenied=Consent denied. noAccount=Don''t have an account? username=Username or Mobile number goBack=<<Go Back -mergeAccountMessage=Enter Mobile number / Email ID OR use Google Sign in to identify the account from which you want to merge usage details +mergeAccountMessage=Enter Mobile number / Email Address OR use Google Sign in to identify the account from which you want to merge usage details migrateAccountMessage=Confirm the password for the DIKSHA account you want to merge of cick Sign in with Google to sign in using your Gmail account inCorrectPasswordError=The password entered is incorrect. Enter the password again. -emailOrPhone=Mobile number / Email ID -placeholderForEmailOrPhone=Enter Mobile number / Email ID +emailOrPhone=Email Address / Mobile number +placeholderForEmailOrPhone=Enter Email Address / Mobile number firstName=First name givenName=Given name fullName=Full name @@ -135,7 +135,7 @@ client_admin-cli=Admin CLI client_realm-management=Realm Management client_broker=Broker -invalidUserMessage=Invalid email ID/Mobile number or password. Please try again with valid credentials +invalidUserMessage=Invalid Email Address/Mobile number or password. Please try again with valid credentials invalidEmailMessage=Invalid email address. accountDisabledMessage=Account is disabled, contact admin. accountTemporarilyDisabledMessage=Your account has been locked due to too many incorrect login attempts. You can re-attempt to login after 24 hours. Please get in touch with the help desk team for support @@ -265,6 +265,9 @@ requiredAction.terms_and_conditions=Terms and Conditions requiredAction.UPDATE_PASSWORD=Update Password requiredAction.UPDATE_PROFILE=Update Profile requiredAction.VERIFY_EMAIL=Verify Email -user_not_found=This email ID/mobile number doesn''t belong to a valid user +user_not_found=This Email Address/Mobile Number doesn''t belong to a valid user p3pPolicy=CP="This is not a P3P policy!" - +usernamePlaceholder = Enter your Registered Email address/Mobile number +passwordPlaceholder = Enter password +loginDiksha = Log into DIKSHA +registerHere = Register here diff --git a/ansible/artifacts/sunbird/login/resources/css/login.css b/ansible/artifacts/sunbird/login/resources/css/login.css index 71863254ae..f9255e2cf9 100644 --- a/ansible/artifacts/sunbird/login/resources/css/login.css +++ b/ansible/artifacts/sunbird/login/resources/css/login.css @@ -54,9 +54,9 @@ input:focus{ border: 1px solid #024f9d !important; } .signInWithGoogle{ - vertical-align: bottom; + /* vertical-align: bottom; */ height: 18px !important; - margin-right: 5px; + margin-right: 8px; } .ui.basic.blue.button.googleButton{ @@ -80,11 +80,13 @@ input:focus{ color: #F9F9F9; } .or{ - color: #9B9B9B; - background-image:linear-gradient(#979797,#979797),linear-gradient(#979797,#979797); + color: #333; + background-image:linear-gradient(#ccc,#ccc),linear-gradient(#ccc,#ccc); background-size:45% 1px; background-position:center left,center right; background-repeat:no-repeat; + font-weight: 700; + font-size: 12px; } .signUpMsg{ font-size: 12px; @@ -106,17 +108,17 @@ input:focus{ font-weight: 500; } .forgetPasswordLink{ - color: #9B9B9B !important; + color: #024f9d; font-size: 12px; line-height: 17px; float: right; } .forgetPasswordLink:hover, .forgetPasswordLink:focus{ - color:#024f9d !important; + color: #002e50; outline: none; cursor: pointer; - font-weight:bold; + /* font-weight:bold; */ } .textCenter { text-align: center !important; @@ -217,8 +219,9 @@ a{ color: #024f9d !important; } .registerLink{ - color: #024f9d !important; + color: #024f9d; font-weight: bold; + text-decoration: underline; } .registerLink:hover, .registerLink:focus{ @@ -292,3 +295,97 @@ h1, h2, h3, h4, h5, .cursor-pointer { cursor: pointer } + +.width-100 { + width: 100%; +} +/* Design System Utilities */ + +/* 1. Button Utilities */ + +.sb-btn { + -webkit-tap-highlight-color: transparent; + -webkit-user-select: none; + -moz-user-select: none; + -ms-user-select: none; + user-select: none; + outline: 0; + display: inline-block; + border: 1px solid; + color: var(--white); + cursor: pointer; + min-width: 64px; + border-radius: 3px; + -webkit-border-radius: 3px; + -moz-border-radius: 3px; + position: relative; + text-transform: capitalize; + text-decoration: none; +} + +.sb-btn-normal { + padding: 8px 16px; + height: 36px; + font-size: 12px; +} + +.sb-btn-primary { + border-color: #024f9d; + background-color: #024f9d; + color: white; +} + +.sb-btn-primary:hover { + background-color: #002e50; +} + +.sb-btn-success { + border-color: #07bc81; + background-color: #07bc81; + color: white; +} + +.sb-btn-success:hover { + background-color: #008840; + border-color: #008840; +} + +.sb-btn-outline-primary { + background-color: white; + color: #024f9d; + border-color: #024f9d; +} + +.sb-btn-outline-primary:hover { + border-color: #002e50; + color: #002e50; + background-color: #edf4f9; +} + +/* Margin Utilities */ + +.mb-16 { + margin-bottom: 16px !important; +} + +.my-16 { + margin: 16px 0 !important; +} + +.mx-16 { + margin: 0 16px !important; +} + +/* Flex Utilities */ + +.d-flex { + display: flex !important; +} + +.flex-ai-center { + align-items: center !important; +} + +.flex-jc-center { + justify-content: center !important; +} \ No newline at end of file diff --git a/ansible/artifacts/sunbird/login/resources/js/login.js b/ansible/artifacts/sunbird/login/resources/js/login.js index 5f50ca645b..8c4b5e5e0f 100644 --- a/ansible/artifacts/sunbird/login/resources/js/login.js +++ b/ansible/artifacts/sunbird/login/resources/js/login.js @@ -4,7 +4,8 @@ function getQueryStringValue (key) { window.onload = function(){ var mergeaccountprocess = (new URLSearchParams(window.location.search)).get('mergeaccountprocess'); - var version = (new URLSearchParams(window.location.search)).get('version'); + var version = getValueFromSession('version'); + var isForgetPasswordAllow = getValueFromSession('version'); var renderingType = 'queryParams'; if (!mergeaccountprocess) { mergeaccountprocess = localStorage.getItem('mergeaccountprocess'); @@ -26,7 +27,7 @@ window.onload = function(){ addVersionToURL(version); var error_message = (new URLSearchParams(window.location.search)).get('error_message'); var success_message = (new URLSearchParams(window.location.search)).get('success_message'); - var version = (new URLSearchParams(window.location.search)).get('version'); + if(error_message){ var error_msg = document.getElementById('error-msg'); error_msg.className = error_msg.className.replace("hide",""); @@ -38,13 +39,23 @@ window.onload = function(){ } if (version >= 4) { var forgotElement = document.getElementById("fgtPortalFlow"); - forgotElement.className = forgotElement.className.replace("hide",""); + if(forgotElement){ + forgotElement.className = forgotElement.className.replace("hide",""); + } } else { var forgotElement = document.getElementById("fgtKeycloakFlow"); - forgotElement.className = forgotElement.className.replace("hide",""); - forgotElement.href = forgotElement.href + '&version=' + version ; + if(forgotElement){ + forgotElement.className = forgotElement.className.replace("hide",""); + forgotElement.href = forgotElement.href + '&version=' + version ; + } + } + if(!version && isForgetPasswordAllow >=4 ){ + hideElement("fgtKeycloakFlow"); + var forgotElement = document.getElementById("fgtPortalFlow"); + if(forgotElement){ + forgotElement.className = forgotElement.className.replace("hide",""); + } } - if (mergeaccountprocess === '1') { hideElement("kc-registration"); hideElement("stateButton"); @@ -75,12 +86,7 @@ window.onload = function(){ mergeAccountMessage.className = mergeAccountMessage.className.replace("hide", ""); } } - - var response_type = (new URLSearchParams(window.location.search)).get('response_type'); - if ((new URLSearchParams(window.location.search)).get('automerge') !== '1' && response_type === 'code') { - localStorage.clear(); - } - var autoMerge = getValue('automerge'); + var autoMerge = getValueFromSession('automerge'); if (autoMerge === '1') { decoratePage('autoMerge'); storeValueForMigration(); @@ -88,13 +94,28 @@ window.onload = function(){ }; var storeValueForMigration = function () { - // storing values in localstorage for future references - localStorage.setItem('automerge', getValue('automerge')); - localStorage.setItem('goBackUrl', getValue('goBackUrl')); - localStorage.setItem('identifierValue', getValue('identifierValue')); - localStorage.setItem('identifierType', getValue('identifierType')); - localStorage.setItem('userId', getValue('userId')); + // storing values in sessionStorage for future references + sessionStorage.setItem('automerge', getValueFromSession('automerge')); + sessionStorage.setItem('goBackUrl', getValueFromSession('goBackUrl')); + sessionStorage.setItem('identifierValue', getValueFromSession('identifierValue')); + sessionStorage.setItem('identifierType', getValueFromSession('identifierType')); + sessionStorage.setItem('userId', getValueFromSession('userId')); }; +var getValueFromSession = function (valueId) { + var value = (new URLSearchParams(window.location.search)).get(valueId); + if (value) { + sessionStorage.setItem(valueId, value); + sessionStorage.setItem('renderingType', 'queryParams'); + return value + } else { + value = sessionStorage.getItem(valueId); + if (value) { + sessionStorage.setItem('renderingType', 'sessionStorage'); + } + return value + } +}; + var getValue = function (valueId) { var value = (new URLSearchParams(window.location.search)).get(valueId); @@ -113,13 +134,17 @@ var getValue = function (valueId) { var decoratePage = function (pageType) { if (pageType === 'autoMerge') { - var identifierValue = getValue('identifierValue'); - var goBackUrl = getValue('goBackUrl'); + var identifierValue = getValueFromSession('identifierValue'); + var goBackUrl = getValueFromSession('goBackUrl'); var signIn = document.getElementById("signIn"); if (signIn) { signIn.innerText = 'Merge Account'; signIn.classList.add('fs-22'); } + var loginButton = document.getElementById("login"); + if (loginButton) { + loginButton.innerText = 'Next'; + } setElementValue('username', identifierValue); var elementsToHide = ['kc-registration', 'stateButton', 'fgtKeycloakFlow', 'fgtPortalFlow', @@ -131,11 +156,12 @@ var decoratePage = function (pageType) { if (goBackElement) { goBackElement.href = goBackUrl; } - if (localStorage.getItem('renderingType') === 'localStorage') { + if (sessionStorage.getItem('renderingType') === 'sessionStorage') { unHideElement('selfSingUp'); var errorElement = document.getElementById('error-summary'); if (errorElement) { - if (errorElement.innerText === 'Invalid email ID/Mobile number or password. Please try again with valid credentials') { + var wrongPasswordError = 'Invalid Email Address/Mobile number or password. Please try again with valid credentials'; + if (errorElement.innerText.toLowerCase() === wrongPasswordError.toLowerCase()) { unHideElement('inCorrectPasswordError'); handlePasswordFailure(); } @@ -149,12 +175,12 @@ var decoratePage = function (pageType) { }; var handlePasswordFailure = function () { - var passwordFailCount = Number(localStorage.getItem('passwordFailCount') || 0); + var passwordFailCount = Number(sessionStorage.getItem('passwordFailCount') || 0); passwordFailCount = passwordFailCount + 1; - localStorage.setItem('passwordFailCount', passwordFailCount); + sessionStorage.setItem('passwordFailCount', passwordFailCount); if (passwordFailCount >= 2) { - const url = '/sign-in/sso/auth?status=error' + '&identifierType=' + getValue('identifierType'); - const query = '&userId=' + getValue('userId') + '&identifierValue=' + getValue('identifierValue'); + const url = '/sign-in/sso/auth?status=error' + '&identifierType=' + getValueFromSession('identifierType'); + const query = '&userId=' + getValueFromSession('userId') + '&identifierValue=' + getValueFromSession('identifierValue'); window.location.href = window.location.protocol + '//' + window.location.host + url + query; } }; @@ -199,7 +225,7 @@ var makeDivUnclickable = function() { }; var inputBoxFocusIn = function(currentElement){ - var autoMerge = getValue('automerge'); + var autoMerge = getValueFromSession('automerge'); if (autoMerge === '1') { return; } @@ -211,7 +237,7 @@ var inputBoxFocusIn = function(currentElement){ } }; var inputBoxFocusOut = function (currentElement) { - var autoMerge = getValue('automerge'); + var autoMerge = getValueFromSession('automerge'); if (autoMerge === '1') { return; } @@ -261,7 +287,7 @@ var urlMap = { self: '/signup' } var navigate = function(type) { - var version = getQueryStringValue("version"); + var version = getValueFromSession('version'); if(version == '1' || version == '2') { if(type == 'google' || type == 'self'){ redirect(urlMap[type]); @@ -276,30 +302,24 @@ var navigate = function(type) { } } } -var redirect = (redirectUrlPath) => { - console.log('redirect', redirectUrlPath) + +var initialize = () => { + getValueFromSession('redirect_uri'); + if (!sessionStorage.getItem('session_url')) { + sessionStorage.setItem('session_url', window.location.href); + } +}; + +initialize(); + +var forgetPassword = (redirectUrlPath) => { const curUrlObj = window.location; - var redirect_uri = (new URLSearchParams(curUrlObj.search)).get('redirect_uri'); + var redirect_uri = getValueFromSession('redirect_uri'); var client_id = (new URLSearchParams(curUrlObj.search)).get('client_id'); - const sessionUrl = sessionStorage.getItem('url'); - if (redirect_uri) { - const updatedQuery = curUrlObj.search + '&error_callback=' + curUrlObj.href.split('?')[0]; - const redirect_uriLocation = new URL(redirect_uri); - sessionStorage.setItem('url', window.location.href); - - if(client_id === 'android'){ - window.location.href = curUrlObj.protocol + '//' + curUrlObj.host + redirectUrlPath + updatedQuery; - } - else - { - window.location.href = redirect_uriLocation.protocol + '//' + redirect_uriLocation.host + redirectUrlPath + updatedQuery; - } - } else if (sessionUrl) { + const sessionUrl = sessionStorage.getItem('session_url'); + if (sessionUrl) { const sessionUrlObj = new URL(sessionUrl); const updatedQuery = sessionUrlObj.search + '&error_callback=' + sessionUrlObj.href.split('?')[0]; - redirect_uri = (new URLSearchParams(sessionUrlObj.search)).get('redirect_uri'); - client_id = (new URLSearchParams(sessionUrlObj.search)).get('client_id'); - if (redirect_uri) { const redirect_uriLocation = new URL(redirect_uri); if(client_id === 'android'){ @@ -307,7 +327,32 @@ var redirect = (redirectUrlPath) => { } else{ window.location.href = redirect_uriLocation.protocol + '//' + redirect_uriLocation.host + - redirectUrlPath + updatedQuery; + redirectUrlPath + updatedQuery; + } + } else { + redirectToLib(); + } + } else { + redirectToLib(); + } +} + +var redirect = (redirectUrlPath) => { + console.log('redirect', redirectUrlPath) + const curUrlObj = window.location; + var redirect_uri = getValueFromSession('redirect_uri'); + var client_id = (new URLSearchParams(curUrlObj.search)).get('client_id'); + const sessionUrl = sessionStorage.getItem('session_url'); + if (sessionUrl) { + const sessionUrlObj = new URL(sessionUrl); + const updatedQuery = sessionUrlObj.search + '&error_callback=' + sessionUrlObj.href.split('?')[0]; + if (redirect_uri) { + const redirect_uriLocation = new URL(redirect_uri); + if (client_id === 'android') { + window.location.href = sessionUrlObj.protocol + '//' + sessionUrlObj.host + redirectUrlPath + updatedQuery; + } else { + window.location.href = redirect_uriLocation.protocol + '//' + redirect_uriLocation.host + + redirectUrlPath + updatedQuery; } } else { redirectToLib(); @@ -317,109 +362,73 @@ var redirect = (redirectUrlPath) => { } }; var handleSsoEvent = () => { - const ssoPath = '/sign-in/sso/select-org'; - const curUrlObj = window.location; - let redirect_uri = (new URLSearchParams(curUrlObj.search)).get('redirect_uri'); - let client_id = (new URLSearchParams(curUrlObj.search)).get('client_id'); - const sessionUrl = sessionStorage.getItem('url'); - if (redirect_uri) { - const redirect_uriLocation = new URL(redirect_uri); - sessionStorage.setItem('url', window.location.href); - if (client_id === 'android') { - const ssoUrl = curUrlObj.protocol + '//' + curUrlObj.host + ssoPath; - window.location.href = redirect_uri + '?ssoUrl=' + ssoUrl; - } else { - window.location.href = redirect_uriLocation.protocol + '//' + redirect_uriLocation.host + ssoPath; - } - } else if (sessionUrl) { - const sessionUrlObj = new URL(sessionUrl); - redirect_uri = (new URLSearchParams(sessionUrlObj.search)).get('redirect_uri'); - client_id = (new URLSearchParams(sessionUrlObj.search)).get('client_id'); - if (redirect_uri) { - const redirect_uriLocation = new URL(redirect_uri); - if (client_id === 'android') { - const ssoUrl = sessionUrlObj.protocol + '//' + sessionUrlObj.host + ssoPath; - window.location.href = redirect_uri + '?ssoUrl=' + ssoUrl; - } else { - window.location.href = redirect_uriLocation.protocol + '//' + redirect_uriLocation.host + ssoPath; - } - } else { - redirectToLib(); - } - } else { - redirectToLib(); - } + const ssoPath = '/sign-in/sso/select-org'; + const curUrlObj = window.location; + let redirect_uri = getValueFromSession('redirect_uri'); + let client_id = (new URLSearchParams(curUrlObj.search)).get('client_id'); + const sessionUrl = sessionStorage.getItem('session_url'); + if (sessionUrl) { + const sessionUrlObj = new URL(sessionUrl); + if (redirect_uri) { + const redirect_uriLocation = new URL(redirect_uri); + if (client_id === 'android') { + const ssoUrl = sessionUrlObj.protocol + '//' + sessionUrlObj.host + ssoPath; + window.location.href = redirect_uri + '?ssoUrl=' + ssoUrl; + } else { + window.location.href = redirect_uriLocation.protocol + '//' + redirect_uriLocation.host + ssoPath; + } + } else { + redirectToLib(); + } + } else { + redirectToLib(); + } }; var handleGoogleAuthEvent = () => { - const googleAuthUrl = '/google/auth'; - const curUrlObj = window.location; - let redirect_uri = (new URLSearchParams(curUrlObj.search)).get('redirect_uri'); - let client_id = (new URLSearchParams(curUrlObj.search)).get('client_id'); - const updatedQuery = curUrlObj.search + '&error_callback=' + curUrlObj.href.split('?')[0]; - const sessionUrl = sessionStorage.getItem('url'); - if (redirect_uri) { - const redirect_uriLocation = new URL(redirect_uri); - sessionStorage.setItem('url', window.location.href); - if (client_id === 'android') { - const googleRedirectUrl = curUrlObj.protocol + '//' + curUrlObj.host + googleAuthUrl; - window.location.href = redirect_uri + '?googleRedirectUrl=' + googleRedirectUrl + updatedQuery; - } else { - window.location.href = redirect_uriLocation.protocol + '//' + redirect_uriLocation.host + googleAuthUrl + updatedQuery; - } - } else if (sessionUrl) { - const updatedQuery = sessionUrlObj.search + '&error_callback=' + sessionUrlObj.href.split('?')[0]; - const sessionUrlObj = new URL(sessionUrl); - redirect_uri = (new URLSearchParams(sessionUrlObj.search)).get('redirect_uri'); - client_id = (new URLSearchParams(sessionUrlObj.search)).get('client_id'); - if (redirect_uri) { - const redirect_uriLocation = new URL(redirect_uri); - if (client_id === 'android') { - const googleRedirectUrl = sessionUrlObj.protocol + '//' + sessionUrlObj.host + googleAuthUrl; - window.location.href = redirect_uri + '?googleRedirectUrl=' + googleRedirectUrl + updatedQuery; - } else { - window.location.href = redirect_uriLocation.protocol + '//' + redirect_uriLocation.host + googleAuthUrl + updatedQuery; - } - } else { - redirectToLib(); - } - } else { - redirectToLib(); - } + const googleAuthUrl = '/google/auth'; + const curUrlObj = window.location; + let redirect_uri = getValueFromSession('redirect_uri'); + let client_id = (new URLSearchParams(curUrlObj.search)).get('client_id'); + const updatedQuery = curUrlObj.search + '&error_callback=' + curUrlObj.href.split('?')[0]; + const sessionUrl = sessionStorage.getItem('session_url'); + if (sessionUrl) { + const sessionUrlObj = new URL(sessionUrl); + const updatedQuery = sessionUrlObj.search + '&error_callback=' + sessionUrlObj.href.split('?')[0]; + if (redirect_uri) { + const redirect_uriLocation = new URL(redirect_uri); + if (client_id === 'android') { + const googleRedirectUrl = sessionUrlObj.protocol + '//' + sessionUrlObj.host + googleAuthUrl; + window.location.href = redirect_uri + '?googleRedirectUrl=' + googleRedirectUrl + updatedQuery; + } else { + window.location.href = redirect_uriLocation.protocol + '//' + redirect_uriLocation.host + googleAuthUrl + updatedQuery; + } + } else { + redirectToLib(); + } + } else { + redirectToLib(); + } }; var redirectToPortal = (redirectUrlPath) => { // redirectUrlPath for sso and self signUp - const curUrlObj = window.location; - var redirect_uri = (new URLSearchParams(curUrlObj.search)).get('redirect_uri'); - var client_id = (new URLSearchParams(curUrlObj.search)).get('client_id'); - const sessionUrl = sessionStorage.getItem('url'); - if (redirect_uri) { - const updatedQuery = curUrlObj.search + '&error_callback=' + curUrlObj.href.split('?')[0]; - const redirect_uriLocation = new URL(redirect_uri); - sessionStorage.setItem('url', window.location.href); - - if (client_id === 'android') { - window.location.href = curUrlObj.protocol + '//' + curUrlObj.host + redirectUrlPath + updatedQuery; - } else { - window.location.href = redirect_uriLocation.protocol + '//' + redirect_uriLocation.host + redirectUrlPath + updatedQuery; - } - } else if (sessionUrl) { - const sessionUrlObj = new URL(sessionUrl); - const updatedQuery = sessionUrlObj.search + '&error_callback=' + sessionUrlObj.href.split('?')[0]; - redirect_uri = (new URLSearchParams(sessionUrlObj.search)).get('redirect_uri'); - client_id = (new URLSearchParams(sessionUrlObj.search)).get('client_id'); - - if (redirect_uri) { - const redirect_uriLocation = new URL(redirect_uri); - if (client_id === 'android') { - window.location.href = sessionUrlObj.protocol + '//' + sessionUrlObj.host + redirectUrlPath + updatedQuery; - } - else { - window.location.href = redirect_uriLocation.protocol + '//' + redirect_uriLocation.host + - redirectUrlPath + updatedQuery; - } - } else { - redirectToLib(); - } - } else { - redirectToLib(); - } + const curUrlObj = window.location; + var redirect_uri = getValueFromSession('redirect_uri'); + var client_id = (new URLSearchParams(curUrlObj.search)).get('client_id'); + const sessionUrl = sessionStorage.getItem('session_url'); + if (sessionUrl) { + const sessionUrlObj = new URL(sessionUrl); + const updatedQuery = sessionUrlObj.search + '&error_callback=' + sessionUrlObj.href.split('?')[0]; + if (redirect_uri) { + const redirect_uriLocation = new URL(redirect_uri); + if (client_id === 'android') { + window.location.href = sessionUrlObj.protocol + '//' + sessionUrlObj.host + redirectUrlPath + updatedQuery; + } else { + window.location.href = redirect_uriLocation.protocol + '//' + redirect_uriLocation.host + + redirectUrlPath + updatedQuery; + } + } else { + redirectToLib(); + } + } else { + redirectToLib(); + } }; diff --git a/ansible/es-restore.yml b/ansible/es-restore.yml new file mode 100644 index 0000000000..2b2bb48d15 --- /dev/null +++ b/ansible/es-restore.yml @@ -0,0 +1,25 @@ +- hosts: "{{remote}}" + gather_facts: no + become: yes + vars_files: + - ['{{inventory_dir}}/secrets.yml', 'secrets/{{env}}.yml'] + vars: + - es_restore_host: "{{remote}}" + - snapshot_base_path: "{{app_snapshot_base_path}}" + roles: + - es-azure-restore + tags: + - es_restore + +- hosts: "{{remote}}" + gather_facts: no + become: yes + vars_files: + - ['{{inventory_dir}}/secrets.yml', 'secrets/{{env}}.yml'] + vars: + - es_restore_host: "{{remote}}" + - snapshot_base_path: "{{log_snapshot_base_path}}" + roles: + - es-azure-restore + tags: + - log_es_restore diff --git a/ansible/es.yml b/ansible/es.yml index 52b9502a23..3aa369f112 100644 --- a/ansible/es.yml +++ b/ansible/es.yml @@ -1,5 +1,4 @@ - hosts: es-backup - gather_facts: no become: yes vars_files: - ['{{inventory_dir}}/secrets.yml', 'secrets/{{env}}.yml'] @@ -12,21 +11,7 @@ tags: - es_backup -- hosts: "{{remote}}" - gather_facts: no - become: yes - vars_files: - - ['{{inventory_dir}}/secrets.yml', 'secrets/{{env}}.yml'] - vars: - - es_restore_host: "{{remote}}" - - snapshot_base_path: "{{app_snapshot_base_path}}" - roles: - - es-azure-restore - tags: - - es_restore - - hosts: log-es-backup - gather_facts: no become: yes vars_files: - ['{{inventory_dir}}/secrets.yml', 'secrets/{{env}}.yml'] @@ -35,25 +20,11 @@ - snapshot_base_path: "{{log_snapshot_base_path}}" roles: - es-azure-snapshot - - es2-snapshot-purge + - es5-snapshot-purge tags: - log_es_backup -- hosts: "{{remote}}" - gather_facts: no - become: yes - vars_files: - - ['{{inventory_dir}}/secrets.yml', 'secrets/{{env}}.yml'] - vars: - - es_restore_host: "{{remote}}" - - snapshot_base_path: "{{log_snapshot_base_path}}" - roles: - - es-azure-restore - tags: - - log_es_restore - - hosts: log-es - gather_facts: no become: yes vars_files: - ['{{inventory_dir}}/secrets.yml', 'secrets/{{env}}.yml'] diff --git a/ansible/inventory/env/group_vars/all.yml b/ansible/inventory/env/group_vars/all.yml index a87be4ba43..59d1e70239 100644 --- a/ansible/inventory/env/group_vars/all.yml +++ b/ansible/inventory/env/group_vars/all.yml @@ -105,7 +105,7 @@ keystore_password: "{{core_vault_keystore_password}}" #Password to use for encr truststore_password: "{{core_vault_truststore_password}}" #Password to use for encrypting cassandra truststore. Use a strong password. # APPLICATION CONFIGURATION -kong_host: api-manager_kong +kong_host: kong ## DB address application_postgres_host: "{{groups['postgres'][0]}}" #Private IP of Postgres server @@ -166,8 +166,8 @@ cassandra_backup_dir: /data/cassandra/backup keycloak_realm: sunbird -sunbird_content_player_url: "http://api-manager_kong:8000/" -sunbird_learner_player_url: "http://api-manager_kong:8000/" +sunbird_content_player_url: "http://kong:8000/" +sunbird_learner_player_url: "http://kong:8000/" sunbird_sso_client_id: admin-cli sunbird_portal_realm: sunbird sunbird_portal_auth_server_client: portal @@ -564,7 +564,6 @@ player_limit_memory: 512M content_replicas: 1 content_reservation_memory: 1000M content_limit_memory: 1000M -learner_reservation_cpu: 1 badger_replicas: 1 badger_reservation_memory: 500MB badger_limit_memory: 500MB @@ -678,3 +677,18 @@ kafka_assessment_topic: "{{env_name}}.telemetry.assess" # Portal vars for reports sunbird_portal_azure_storage_account: "{{sunbird_azure_storage_account}}" sunbird_portal_azure_storage_key: "{{sunbird_azure_storage_key}}" +sunbird_device_api: "{{proto}}://{{ proxy_server_name }}/api/" +sunbird_quartz_shadow_user_migration_timer: "0 0 1 1/1 * ? *" + +# Learning-Service +lp_cassandra_connection: "{{groups['cassandra']|join(':9042,')}}:9042" +dp_cassandra_connection: "{{ groups['dp-cassandra'][0] }}:9042" +environment_id: 10000000 +graph_passport_key: abc123 +learning_neo4j_bolt_url: bolt://{{ groups['learning-neo4j-node1'][0] }}:7687 +language_neo4j_bolt_url: bolt://{{ groups['learning-neo4j-node1'][0] }}:8687 +learning_read_elb_url: bolt://{{ groups['learning-neo4j-node1'][0] }}:7687 +learning_write_elb_url: bolt://{{ groups['learning-neo4j-node1'][0] }}:7687 +language_read_elb_url: bolt://{{ groups['learning-neo4j-node1'][0] }}:8687 +language_write_elb_url: bolt://{{ groups['learning-neo4j-node1'][0] }}:8687 +mw_shard_id: 1 \ No newline at end of file diff --git a/ansible/keycloak.yml b/ansible/keycloak.yml index b26ac01a30..3ec94fd47e 100644 --- a/ansible/keycloak.yml +++ b/ansible/keycloak.yml @@ -5,8 +5,28 @@ - ['{{ inventory_dir }}/secrets.yml', 'secrets/{{ env }}.yml'] # --tags provision/deployment will trigger respective roles # --tags bootstrap will trigger user/realm creation + pre_tasks: + - name: Get the list of all the services running in our OS + become: yes + service_facts: + + - name: Stop the monit to ensure that it doesn't start keycloak + service: name=monit state=stopped + become: yes + when: ansible_facts.services.monit is defined + roles: - {role: openjdk, tags: provision} - {role: keycloak-provision, tags: provision} - keycloak-deploy -# - {role: monit, monit_checks: ['keycloak'], tags: deploy} + - {role: monit, monit_checks: ['keycloak'], tags: deploy} + + post_tasks: + - name: get the list of all services in the system + become: yes + service_facts: + + - name: After succesful migration and staring of keycloak, start back monit if installed + service: name=monit state=started + become: yes + when: ansible_facts.services.monit is defined \ No newline at end of file diff --git a/ansible/logging.yml b/ansible/logging.yml index 490398d2bb..ca8beb0e13 100644 --- a/ansible/logging.yml +++ b/ansible/logging.yml @@ -87,11 +87,21 @@ vars_files: - ['{{inventory_dir}}/secrets.yml', 'secrets/{{env}}.yml'] roles: - - { role: vm-agents-filebeat, filebeat_log_path: '/mount/data/analytics/logs/services/api-service.log' } + - { role: vm-agents-filebeat, filebeat_log_path: '/mount/data/analytics/logs/services/api-service.log, /var/log/logstash/logstash-plain.log' } tags: - analytics - filebeat +- hosts: dp-kafkaindexer-ps + become: yes + vars_files: + - ['{{inventory_dir}}/secrets.yml', 'secrets/{{env}}.yml'] + roles: + - { role: vm-agents-filebeat, filebeat_log_path: '/var/log/logstash/logstash-plain.log' } + tags: + - kafkaindexer + - filebeat + - hosts: zookeeper become: yes vars_files: diff --git a/ansible/postgresql-data-update-managed.yml b/ansible/postgresql-data-update-managed.yml index e8cd6b30f4..145efd0efc 100644 --- a/ansible/postgresql-data-update-managed.yml +++ b/ansible/postgresql-data-update-managed.yml @@ -4,4 +4,4 @@ vars_files: - ['{{inventory_dir}}/secrets.yml', 'secrets/{{env}}.yml'] roles: - - postgresql-data-update + - postgresql-data-update-managed diff --git a/ansible/roles/es-mapping/files/indices/cert-templates.json b/ansible/roles/es-mapping/files/indices/cert-templates.json new file mode 100644 index 0000000000..e8af59a9b7 --- /dev/null +++ b/ansible/roles/es-mapping/files/indices/cert-templates.json @@ -0,0 +1,177 @@ +{ + "settings": { + "index": { + "number_of_shards": "5", + "number_of_replicas": "1", + "analysis": { + "filter": { + "mynGram": { + "token_chars": [ + "letter", + "digit", + "whitespace", + "punctuation", + "symbol" + ], + "min_gram": "1", + "type": "ngram", + "max_gram": "20" + } + }, + "analyzer": { + "cs_index_analyzer": { + "filter": [ + "lowercase", + "mynGram" + ], + "type": "custom", + "tokenizer": "standard" + }, + "keylower": { + "filter": "lowercase", + "type": "custom", + "tokenizer": "keyword" + }, + "cs_search_analyzer": { + "filter": [ + "lowercase", + "standard" + ], + "type": "custom", + "tokenizer": "standard" + } + } + } + } + }, + "mappings": { + "_doc": { + "dynamic": false, + "properties": { + "all_fields": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower" + } + }, + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer" + }, + "identifier": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + }, + "name": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + }, + "template": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + }, + "params": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + }, + "createdBy": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + }, + "updatedBy": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + }, + "createdOn": { + "type": "date", + "fields": { + "raw": { + "type": "date" + } + } + }, + "updatedOn": { + "type": "date", + "fields": { + "raw": { + "type": "date" + } + } + } + } + } + } +} \ No newline at end of file diff --git a/ansible/roles/es-mapping/files/indices/certreg.json b/ansible/roles/es-mapping/files/indices/certreg.json new file mode 100755 index 0000000000..dcfa094de1 --- /dev/null +++ b/ansible/roles/es-mapping/files/indices/certreg.json @@ -0,0 +1,199 @@ +{ + "settings": { + "index": { + "number_of_shards": "5", + "number_of_replicas": "1", + "analysis": { + "filter": { + "mynGram": { + "token_chars": [ + "letter", + "digit", + "whitespace", + "punctuation", + "symbol" + ], + "min_gram": "1", + "type": "ngram", + "max_gram": "20" + } + }, + "analyzer": { + "cs_index_analyzer": { + "filter": [ + "lowercase", + "mynGram" + ], + "type": "custom", + "tokenizer": "standard" + }, + "keylower": { + "filter": "lowercase", + "type": "custom", + "tokenizer": "keyword" + }, + "cs_search_analyzer": { + "filter": [ + "lowercase", + "standard" + ], + "type": "custom", + "tokenizer": "standard" + } + } + } + } + }, + "mappings": { + "_doc": { + "dynamic": false, + "properties": { + "id": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + }, + "accessCode": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + }, + "related": { + "type": "object" + }, + "data": { + "type": "object" + }, + "recipient": { + "type": "object" + }, + "createdAt": { + "type": "date", + "fields": { + "raw": { + "type": "date" + } + } + }, + "updatedAt": { + "type": "date", + "fields": { + "raw": { + "type": "date" + } + } + }, + "pdfUrl": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + }, + "jsonUrl": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + }, + "createdBy": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + }, + "updatedBy": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + }, + "isRevoked": { + "type": "boolean", + "fields": { + "raw": { + "type": "boolean" + } + } + }, + "reason": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + } + } + } + } +} \ No newline at end of file diff --git a/ansible/roles/es-mapping/files/mappings/cert-templates-mapping.json b/ansible/roles/es-mapping/files/mappings/cert-templates-mapping.json new file mode 100644 index 0000000000..bdddd11afc --- /dev/null +++ b/ansible/roles/es-mapping/files/mappings/cert-templates-mapping.json @@ -0,0 +1,128 @@ +{ + "dynamic": "strict", + "properties": { + "all_fields": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower" + } + }, + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer" + }, + "identifier": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + }, + "name": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + }, + "template": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + }, + "params": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + }, + "createdBy": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + }, + "updatedBy": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + }, + "createdOn": { + "type": "date", + "fields": { + "raw": { + "type": "date" + } + } + }, + "updatedOn": { + "type": "date", + "fields": { + "raw": { + "type": "date" + } + } + } + } +} \ No newline at end of file diff --git a/ansible/roles/es-mapping/files/mappings/certreg-mapping.json b/ansible/roles/es-mapping/files/mappings/certreg-mapping.json new file mode 100755 index 0000000000..f3129c964e --- /dev/null +++ b/ansible/roles/es-mapping/files/mappings/certreg-mapping.json @@ -0,0 +1,150 @@ +{ + "dynamic": false, + "properties": { + "id": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + }, + "accessCode": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + }, + "related": { + "type": "object" + }, + "data": { + "type": "object" + }, + "recipient": { + "type": "object" + }, + "createdAt": { + "type": "date", + "fields": { + "raw": { + "type": "date" + } + } + }, + "updatedAt": { + "type": "date", + "fields": { + "raw": { + "type": "date" + } + } + }, + "pdfUrl": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + }, + "jsonUrl": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + }, + "createdBy": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + }, + "updatedBy": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + }, + "isRevoked": { + "type": "boolean", + "fields": { + "raw": { + "type": "boolean" + } + } + }, + "reason": { + "type": "text", + "fields": { + "raw": { + "type": "text", + "analyzer": "keylower", + "fielddata": true + } + }, + "copy_to": [ + "all_fields" + ], + "analyzer": "cs_index_analyzer", + "search_analyzer": "cs_search_analyzer", + "fielddata": true + } + } +} \ No newline at end of file diff --git a/ansible/roles/es-mapping/files/mappings/course-batch-mapping.json b/ansible/roles/es-mapping/files/mappings/course-batch-mapping.json index 722516897d..b94aad2590 100644 --- a/ansible/roles/es-mapping/files/mappings/course-batch-mapping.json +++ b/ansible/roles/es-mapping/files/mappings/course-batch-mapping.json @@ -259,6 +259,9 @@ "type": "date" } } + }, + "cert_templates": { + "type": "nested" } } } \ No newline at end of file diff --git a/ansible/roles/es5-snapshot-purge/meta/main.yml b/ansible/roles/es5-snapshot-purge/meta/main.yml index 1a1e252d00..e26db1f145 100644 --- a/ansible/roles/es5-snapshot-purge/meta/main.yml +++ b/ansible/roles/es5-snapshot-purge/meta/main.yml @@ -1,3 +1,3 @@ --- dependencies: - - { role: es-curator, es_curator_major_version: 5, es_curator_version: 5.7.6, python_es_curator_version: 3.4.1-1 } + - { role: es-curator, es_curator_major_version: 5, es_curator_version: 5.8.1, python_es_curator_version: 3.4.1-1 } diff --git a/ansible/roles/keycloak-deploy/files/python-keycloak-0.12.0/python_keycloak.egg-info/requires.txt b/ansible/roles/keycloak-deploy/files/python-keycloak-0.12.0/python_keycloak.egg-info/requires.txt index d6eafdf657..f3221c8ab6 100644 --- a/ansible/roles/keycloak-deploy/files/python-keycloak-0.12.0/python_keycloak.egg-info/requires.txt +++ b/ansible/roles/keycloak-deploy/files/python-keycloak-0.12.0/python_keycloak.egg-info/requires.txt @@ -1,3 +1,3 @@ -requests==2.18.4 +requests==2.20.0 httmock==1.2.5 python-jose==1.4.0 diff --git a/ansible/roles/keycloak-deploy/files/python-keycloak-0.12.0/setup.py b/ansible/roles/keycloak-deploy/files/python-keycloak-0.12.0/setup.py index bf6a505f0a..7f8e077f9a 100644 --- a/ansible/roles/keycloak-deploy/files/python-keycloak-0.12.0/setup.py +++ b/ansible/roles/keycloak-deploy/files/python-keycloak-0.12.0/setup.py @@ -12,7 +12,7 @@ keywords='keycloak openid', description=u'python-keycloak is a Python package providing access to the Keycloak API.', packages=['keycloak', 'keycloak.authorization', 'keycloak.tests'], - install_requires=['requests==2.18.4', 'httmock==1.2.5', 'python-jose==1.4.0'], + install_requires=['requests==2.20.0', 'httmock==1.2.5', 'python-jose==1.4.0'], classifiers=[ 'Programming Language :: Python :: 3', 'License :: OSI Approved :: GNU General Public License v3 (GPLv3)', diff --git a/ansible/roles/kong-api/defaults/main.yml b/ansible/roles/kong-api/defaults/main.yml index 95804f8b2b..4c750937b4 100644 --- a/ansible/roles/kong-api/defaults/main.yml +++ b/ansible/roles/kong-api/defaults/main.yml @@ -56,15 +56,16 @@ otp_service_prefix: /otp sso_service_prefix: /sso cert_service_prefix: /cert cert_registry_service_prefix: /certreg +desktop_app_prefix: /desktop # Service URLs -content_service_url: "http://content-service:5000" +content_service_url: "http://knowledge-mw-service:5000" learning_service_url: "http://learner-service:9000" vm_learning_service_url: "http://{{learningservice_ip}}:8080/learning-service" telemetry_service_url: "http://telemetry-service:9001" -player_service_url: "http://player_player:3000" -echo_service_url: "http://api-manager_echo:9595" -am_util_url: http://adminutil_adminutil:4000 +player_service_url: "http://player:3000" +echo_service_url: "http://echo:9595" +am_util_url: "http://adminutil:4000" config_service_url: "http://config-service:8080" user_org_service_url: "http://user-org-service:9000" lms_service_url: "http://lms-service:9000" @@ -3546,6 +3547,15 @@ kong_apis: - "{{ statsd_pulgin }}" - {name: 'rate-limiting', config.policy: "local", config.hour: "{{ medium_rate_limit_per_hour }}"} - {name: 'request-size-limiting', config.allowed_payload_size: "{{ small_request_size_limit }}" } + - name: "deviceProfile" + uris: "/v3/device/profile" + upstream_url: "{{ sunbird_analytics_api_base_url }}/v1/device/profile" + strip_uri: true + plugins: + - {name: 'cors'} + - "{{ statsd_pulgin }}" + - {name: 'rate-limiting', config.policy: "local", config.hour: "{{ medium_rate_limit_per_hour }}"} + - {name: 'request-size-limiting', config.allowed_payload_size: "{{ small_request_size_limit }}" } - name: "channelSpecificTelemetryExhaust" request_path: "{{ data_service_prefix }}/v3/dataset/get" upstream_url: "{{ sunbird_analytics_api_base_url }}/dataset/get" @@ -4424,6 +4434,54 @@ kong_apis: - {name: 'acl', config.whitelist: 'userUpdate'} - {name: 'rate-limiting', config.policy: "local", config.hour: "{{ medium_rate_limit_per_hour }}"} - {name: 'request-size-limiting', config.allowed_payload_size: "{{ small_request_size_limit }}" } + - name: createCertTemplate + uris: "{{ cert_service_prefix }}/v1/template/create" + upstream_url: "{{ cert_service_url }}/cert/v1/template/create" + strip_uri: true + plugins: + - name: jwt + - name: cors + - "{{ statsd_pulgin }}" + - name: acl + config.whitelist: orgUpdate + - name: rate-limiting + config.policy: local + config.hour: "{{ medium_rate_limit_per_hour }}" + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: "{{ medium_request_size_limit }}" + - name: updateCertTemplate + uris: "{{ cert_service_prefix }}/v1/template/update" + upstream_url: "{{ cert_service_url }}/cert/v1/template/update" + strip_uri: true + plugins: + - name: jwt + - name: cors + - "{{ statsd_pulgin }}" + - name: acl + config.whitelist: orgUpdate + - name: rate-limiting + config.policy: local + config.hour: "{{ medium_rate_limit_per_hour }}" + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: "{{ medium_request_size_limit }}" + - name: readCertTemplate + uris: "{{ cert_service_prefix }}/v1/template/read" + upstream_url: "{{ cert_service_url }}/cert/v1/template/read" + strip_uri: true + plugins: + - name: jwt + - name: cors + - "{{ statsd_pulgin }}" + - name: acl + config.whitelist: orgUpdate + - name: rate-limiting + config.policy: local + config.hour: "{{ medium_rate_limit_per_hour }}" + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: "orgAssignKeys" request_path: "{{ org_service_prefix }}/v1/assign/key" upstream_url: "{{ learning_service_url }}/v1/org/assign/key" @@ -4478,6 +4536,38 @@ kong_apis: config.limit_by: credential - name: request-size-limiting config.allowed_payload_size: "{{ small_request_size_limit }}" + - name: courseBatchAddCertificateTemplate + uris: "{{ course_service_prefix }}/batch/cert/v1/template/add" + upstream_url: "{{ lms_service_url }}/v1/course/batch/cert/template/add" + strip_uri: true + plugins: + - name: jwt + - name: cors + - "{{ statsd_pulgin }}" + - name: acl + config.whitelist: courseUser + - name: rate-limiting + config.policy: local + config.hour: "{{ medium_rate_limit_per_hour }}" + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: "{{ small_request_size_limit }}" + - name: courseBatchRemoveCertificateTemplate + uris: "{{ course_service_prefix }}/batch/cert/v1/template/remove" + upstream_url: "{{ lms_service_url }}/v1/course/batch/cert/template/remove" + strip_uri: true + plugins: + - name: jwt + - name: cors + - "{{ statsd_pulgin }}" + - name: acl + config.whitelist: courseUser + - name: rate-limiting + config.policy: local + config.hour: "{{ medium_rate_limit_per_hour }}" + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: downloadCertificate request_path: "{{ user_service_prefix }}/v1/certs/download" upstream_url: "{{ learning_service_url }}/v1/user/certs/download" @@ -4558,4 +4648,68 @@ kong_apis: config.limit_by: credential - name: request-size-limiting config.allowed_payload_size: "{{ small_request_size_limit }}" + - name: userMigrate + uris: "{{ user_service_prefix }}/v1/migrate" + upstream_url: "{{ learning_service_url }}/v1/user/migrate" + strip_uri: true + plugins: + - name: jwt + - name: cors + - "{{ statsd_pulgin }}" + - name: acl + config.whitelist: publicUser + - name: rate-limiting + config.policy: local + config.hour: "{{ medium_rate_limit_per_hour }}" + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: "{{ small_request_size_limit }}" + - name: verifyRegCertificate + uris: "{{ cert_registry_service_prefix }}/v1/certs/verify" + upstream_url: "{{ cert_registry_service_url }}/certs/v1/registry/verify" + strip_uri: true + plugins: + - name: jwt + - name: cors + - "{{ statsd_pulgin }}" + - name: acl + config.whitelist: publicUser + - name: rate-limiting + config.policy: local + config.hour: "{{ medium_rate_limit_per_hour }}" + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: "{{ small_request_size_limit }}" + - name: updateDesktopApp + uris: "{{ desktop_app_prefix }}/v1/update" + upstream_url: "{{ player_service_url }}/v1/desktop/update" + strip_uri: true + plugins: + - name: jwt + - name: cors + - "{{ statsd_pulgin }}" + - name: acl + config.whitelist: contentUser + - name: rate-limiting + config.policy: local + config.hour: "{{ large_rate_limit_per_hour }}" + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: "{{ small_request_size_limit }}" + - name: userFeed + uris: "{{ user_service_prefix }}/v1/feed" + upstream_url: "{{ learning_service_url }}/v1/user/feed" + strip_uri: true + plugins: + - name: jwt + - name: cors + - "{{ statsd_pulgin }}" + - name: acl + config.whitelist: publicUser + - name: rate-limiting + config.policy: local + config.hour: "{{ medium_rate_limit_per_hour }}" + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: "{{ small_request_size_limit }}" diff --git a/ansible/roles/offline-installer/tasks/main.yml b/ansible/roles/offline-installer/tasks/main.yml index c24130f041..31bc47f627 100644 --- a/ansible/roles/offline-installer/tasks/main.yml +++ b/ansible/roles/offline-installer/tasks/main.yml @@ -19,7 +19,6 @@ dest: "{{offline_repo_location}}/offline-installer-repo/{{item}}" mode: '0755' with_items: - - setupOfflineInstaller.sh - build.sh - envfile - 32-bit-prerequisite.sh @@ -32,6 +31,15 @@ recurse: yes when: uploadInstaller is not defined +- name: copy the installer script file and build script for building offline installer + template: + src: "{{item}}.j2" + dest: "{{offline_repo_location}}/offline-installer-repo/{{item}}" + mode: '0755' + with_items: + - setupOfflineInstaller.sh + when: uploadInstaller is not defined + - name: upload to azure include: uploadToAzure.yml when: uploadInstaller is defined @@ -39,3 +47,4 @@ - name: Delete offline installer folder if any issue include: remove.yml when: removeOfflineInstallerFolder is defined + diff --git a/ansible/roles/offline-installer/tasks/uploadToAzure.yml b/ansible/roles/offline-installer/tasks/uploadToAzure.yml index 0e3323837d..aa06b7e6d7 100644 --- a/ansible/roles/offline-installer/tasks/uploadToAzure.yml +++ b/ansible/roles/offline-installer/tasks/uploadToAzure.yml @@ -1,9 +1,61 @@ - name: Ensure azure blob storage container exists - command: az storage container create --name {{offline_installer_container_name}} --public-access off + command: az storage container create --name {{offline_installer_container_name}} --public-access blob environment: AZURE_STORAGE_ACCOUNT: "{{sunbird_offline_azure_storage_account}}" AZURE_STORAGE_KEY: "{{sunbird_offline_azure_storage_key}}" +- name: Get the environment name for the artifact name + shell: "cat {{offline_repo_location}}/offline-installer-repo/src/env.json | jq -r '.APP_NAME'" + register: env_name + +- name: Display the environment name of the installer + debug: + msg: "{{env_name.stdout}}" + +- name: Create a variable to inject environment name to upload to azure blob + set_fact: + environment_name: "{{ env_name.stdout }}" + +- name: Get the version from the package.json file + shell: "cat {{offline_repo_location}}/offline-installer-repo/src/package.json | jq -r '.version'" + register: version + +- name: Display the version number of the installer + debug: + msg: "{{version.stdout}}" + +- name: Create a variable to inject version in the template + set_fact: + installer_version: "{{ version.stdout }}" + +- name: get the directory name + shell: "ls {{offline_repo_location}}/offline-installer-repo/offline_artifacts/" + register: folderName + +- debug: + msg: "{{folderName.stdout}}" + +- name: set the folder name to copy the artifacts + set_fact: + time: "{{folderName.stdout}}" + +- name: copy the installer artifacts and metadata files to upload it to azure blob and generate latest.json file + template: + src: "{{item}}.j2" + dest: "{{offline_repo_location}}/offline-installer-repo/{{item}}" + mode: '0755' + with_items: + - artifacts.sh + - metadata.sh + +- name: copy the artifacts and generate the metadata file + shell: "bash {{offline_repo_location}}/offline-installer-repo/{{item}}" + args: + chdir: "{{offline_repo_location}}/offline-installer-repo/" + with_items: + - artifacts.sh + - metadata.sh + - name: Upload to azure blob storage command: az storage blob upload-batch --destination {{offline_installer_container_name}} --source "offline_artifacts" args: @@ -14,17 +66,38 @@ async: 60 poll: 10 -- name: get the directory name - shell: "ls {{offline_repo_location}}/offline-installer-repo/offline_artifacts/" - register: folderName - -- debug: - msg: "{{folderName.stdout}}" +- name: Upload to latest.json file to blob + command: az storage blob upload-batch --destination "{{offline_installer_container_name}}/latest" --source "{{folderName.stdout}}" + args: + chdir: "{{offline_repo_location}}/offline-installer-repo/offline_artifacts/" + environment: + AZURE_STORAGE_ACCOUNT: "{{sunbird_offline_azure_storage_account}}" + AZURE_STORAGE_KEY: "{{sunbird_offline_azure_storage_key}}" + async: 60 + poll: 10 - name: Create a zip of the folder to archieve the artifact archive: path: - "{{offline_repo_location}}/offline-installer-repo/offline_artifacts/{{folderName.stdout}}" dest: "{{offline_repo_location}}/{{offline_installer_type}}.zip" + owner: jenkins + group: jenkins format: zip +- name: copy latest.json file to archieve it in jenkins + copy: + src: "{{offline_repo_location}}/offline-installer-repo/offline_artifacts/{{folderName.stdout}}/latest.json" + dest: "{{offline_repo_location}}/latest.json" + owner: jenkins + group: jenkins + remote_src: yes + +- name: change the ownership of the directory to jenkins user + file: + path: "{{offline_repo_location}}" + state: directory + recurse: yes + owner: jenkins + group: jenkins + diff --git a/ansible/roles/offline-installer/templates/artifacts.sh.j2 b/ansible/roles/offline-installer/templates/artifacts.sh.j2 new file mode 100644 index 0000000000..ed3fa51a18 --- /dev/null +++ b/ansible/roles/offline-installer/templates/artifacts.sh.j2 @@ -0,0 +1,15 @@ +#!/bin/bash + + +if [ "{{offline_installer_type}}" == "windows32bit" ]; +then + cp '{{offline_repo_location}}/offline-installer-repo/src/dist/1.0.0/win/ia32/{{environment_name}} Setup 1.0.0.exe' offline_artifacts/{{time}}/{{environment_name}}_{{installer_version}}_windows32bit.exe +elif [ "{{offline_installer_type}}" == "windows64bit" ]; +then + cp '{{offline_repo_location}}/offline-installer-repo/src/dist/1.0.0/win/x64/{{environment_name}} Setup 1.0.0.exe' offline_artifacts/{{time}}/{{environment_name}}_{{installer_version}}_windows64bit.exe +elif [ "{{offline_installer_type}}" == "linux64bit" ]; +then + cp '{{offline_repo_location}}/offline-installer-repo/src/dist/1.0.0/linux/x64/{{environment_name}}_1.0.0_amd64.deb' offline_artifacts/{{time}}/{{environment_name}}_{{installer_version}}_linux64bit.deb +fi + + diff --git a/ansible/roles/offline-installer/templates/build.sh.j2 b/ansible/roles/offline-installer/templates/build.sh.j2 index be33e2a591..720b64b8c6 100644 --- a/ansible/roles/offline-installer/templates/build.sh.j2 +++ b/ansible/roles/offline-installer/templates/build.sh.j2 @@ -5,7 +5,7 @@ echo "Offline Installer for Sunbird" # Build script set -eo pipefail -if [ "{{offline_installer_type}}" == "windows32" ]; +if [ "{{offline_installer_type}}" == "windows32bit" ]; then docker run --rm -v ${PWD}:/private/ i386/node:8.16.2-stretch bash -x /private/32-bit-prerequisite.sh diff --git a/ansible/roles/offline-installer/templates/metadata.sh.j2 b/ansible/roles/offline-installer/templates/metadata.sh.j2 new file mode 100644 index 0000000000..9d7e7a0dd7 --- /dev/null +++ b/ansible/roles/offline-installer/templates/metadata.sh.j2 @@ -0,0 +1,8 @@ +#!/bin/bash + +env_name={{environment_name}} +version={{installer_version}} +artifactFolder=$(find offline_artifacts/* -type d) + +# constructing the latest.json file +echo "{\"version\":\"${version}\",\"windows\":{\"32bit\":\"${env_name}_${version}_windows32bit.exe\",\"64bit\":\"${env_name}_${version}_windows64bit.exe\"},\"linux\":{\"64bit\":\"${env_name}_${version}_linux64bit.deb\"}}" | jq '.' | tee -a {{offline_repo_location}}/offline-installer-repo/${artifactFolder}/latest.json diff --git a/ansible/roles/offline-installer/templates/setupOfflineInstaller.sh.j2 b/ansible/roles/offline-installer/templates/setupOfflineInstaller.sh.j2 index a7d0c718c0..64b5a019b8 100644 --- a/ansible/roles/offline-installer/templates/setupOfflineInstaller.sh.j2 +++ b/ansible/roles/offline-installer/templates/setupOfflineInstaller.sh.j2 @@ -5,24 +5,21 @@ npm install -g n n 8.16 cd /project/src -if [ "{{offline_installer_type}}" != "windows32" ]; +if [ "{{offline_installer_type}}" != "windows32bit" ]; then #Build the offline installer - npm install - npm run dist + npm install + npm run dist fi -if [ "{{offline_installer_type}}" == "windows32" ]; +if [ "{{offline_installer_type}}" == "windows32bit" ]; then -# npm run dist - npm run dist-win32 - cp '/project/src/dist/1.0.0/win/ia32/DIKSHA Setup 1.0.0.exe' ../offline_artifacts/{{time}}/ -elif [ "{{offline_installer_type}}" == "windows64" ]; +# npm run dist + npm run dist-win32 +elif [ "{{offline_installer_type}}" == "windows64bit" ]; then - npm run dist-win64 - cp '/project/src/dist/1.0.0/win/x64/DIKSHA Setup 1.0.0.exe' ../offline_artifacts/{{time}}/ -elif [ "{{offline_installer_type}}" == "debian" ]; + npm run dist-win64 +elif [ "{{offline_installer_type}}" == "linux64bit" ]; then - npm run dist-linux - cp '/project/src/dist/1.0.0/linux/x64/DIKSHA_1.0.0_amd64.deb' ../offline_artifacts/{{time}}/ + npm run dist-linux fi diff --git a/ansible/roles/postgresql-data-update-managed/defaults/main.yml b/ansible/roles/postgresql-data-update-managed/defaults/main.yml new file mode 100755 index 0000000000..9a65ac5302 --- /dev/null +++ b/ansible/roles/postgresql-data-update-managed/defaults/main.yml @@ -0,0 +1,114 @@ +--- +postgresql_user: postgres +postgresql_group: postgres +postgresql_unix_socket_directories: + - /var/run/postgresql + +############# Postgres users and databases ############### +postgresql_users: + - name: "{{kong_postgres_user}}" + login_host: "{{kong_postgres_host}}" + login_password: "{{kong_postgres_password}}" + password: "{{postgres_password}}" + db: "{{kong_postgres_database}}" + login_user: "{{kong_postgres_user}}" + priv: "ALL" + - name: "{{keycloak_postgres_user}}" + login_host: "{{keycloak_postgres_host}}" + login_password: "{{keycloak_postgres_password}}" + password: "{{postgres_password}}" + db: "{{keycloak_postgres_database}}" + login_user: "{{keycloak_postgres_user}}" + priv: "ALL" + - name: "{{application_postgres_user}}" + login_host: "{{application_postgres_host}}" + login_password: "{{application_postgres_password}}" + password: "{{postgres_password}}" + db: "{{application_postgres_database}}" + login_user: "{{application_postgres_user}}" + priv: "ALL" + - name: "{{badger_postgres_user}}" + login_host: "{{badger_postgres_host}}" + login_password: "{{badger_postgres_password}}" + password: "{{postgres_password}}" + login_user: "{{badger_postgres_user}}" + db: "{{badger_postgres_database}}" + priv: "ALL" + - name: "{{user_org_service_postgres_user}}" + login_host: "{{user_org_service_postgres_host}}" + login_password: "{{user_org_service_postgres_password}}" + password: "{{user_org_service_postgres_password}}" + db: "{{user_org_service_postgres_database}}" + login_user: "{{user_org_service_postgres_user}}" + priv: "ALL" + - name: "{{enc_postgres_user}}" + login_host: "{{enc_postgres_host}}" + login_password: "{{enc_postgres_password}}" + password: "{{enc_postgres_password}}" + db: "{{enc_postgres_database}}" + login_user: "{{enc_postgres_user}}" + priv: "ALL" + + +postgresql_databases: + - name: "{{kong_postgres_database}}" + login_host: "{{kong_postgres_host}}" + login_password: "{{kong_postgres_password}}" + owner: "{{kong_postgres_user}}" + login_user: "{{kong_postgres_user}}" + - name: "{{keycloak_postgres_database}}" + login_host: "{{keycloak_postgres_host}}" + login_password: "{{keycloak_postgres_password}}" + owner: "{{keycloak_postgres_user}}" + login_user: "{{keycloak_postgres_user}}" + - name: "{{application_postgres_database}}" + login_host: "{{application_postgres_host}}" + login_password: "{{application_postgres_password}}" + owner: "{{application_postgres_user}}" + login_user: "{{application_postgres_user}}" + - name: "{{badger_postgres_database}}" + login_host: "{{badger_postgres_host}}" + login_password: "{{badger_postgres_password}}" + owner: "{{badger_postgres_user}}" + login_user: "{{badger_postgres_user}}" + - name: "{{user_org_service_postgres_database}}" + login_host: "{{user_org_service_postgres_host}}" + login_password: "{{user_org_service_postgres_password}}" + owner: "{{user_org_service_postgres_user}}" + login_user: "{{user_org_service_postgres_user}}" + - name: "{{enc_postgres_database}}" + login_host: "{{enc_postgres_host}}" + login_password: "{{enc_postgres_password}}" + owner: "{{enc_postgres_user}}" + login_user: "{{enc_postgres_user}}" + +########################################################## + + +# Databases to ensure exist. +#postgresql_databases: [] + # - name: exampledb # required; the rest are optional + # lc_collate: # defaults to 'en_US.UTF-8' + # lc_ctype: # defaults to 'en_US.UTF-8' + # encoding: # defaults to 'UTF-8' + # template: # defaults to 'template0' + # login_host: # defaults to 'localhost' + # login_password: # defaults to not set + # login_user: # defaults to '{{ postgresql_user }}' + # login_unix_socket: # defaults to 1st of postgresql_unix_socket_directories + # port: # defaults to not set + # state: # defaults to 'present' + +# Users to ensure exist. +#postgresql_users: [] + # - name: jdoe #required; the rest are optional + # password: # defaults to not set + # priv: # defaults to not set + # role_attr_flags: # defaults to not set + # db: # defaults to not set + # login_host: # defaults to 'localhost' + # login_password: # defaults to not set + # login_user: # defaults to '{{ postgresql_user }}' + # login_unix_socket: # defaults to 1st of postgresql_unix_socket_directories + # port: # defaults to not set + # state: # defaults to 'present' diff --git a/ansible/roles/postgresql-data-update-managed/tasks/databases.yml b/ansible/roles/postgresql-data-update-managed/tasks/databases.yml new file mode 100644 index 0000000000..dc96ae4cc9 --- /dev/null +++ b/ansible/roles/postgresql-data-update-managed/tasks/databases.yml @@ -0,0 +1,14 @@ +--- +- name: Ensure PostgreSQL databases are present. + postgresql_db: + name: "{{ item.name }}" + login_host: "{{ item.login_host | default('localhost') }}" + login_password: "{{ item.login_password | default(omit) }}" + login_user: "{{ item.login_user | default(postgresql_user) }}" + login_unix_socket: "{{ item.login_unix_socket | default(postgresql_unix_socket_directories[0]) }}" + port: "{{ item.port | default(omit) }}" + owner: '{{ item.owner.split("@")[0] | default(postgresql_user) }}' + state: "{{ item.state | default('present') }}" + with_items: "{{ postgresql_databases }}" + vars: + ansible_ssh_pipelining: true diff --git a/ansible/roles/postgresql-data-update-managed/tasks/main.yml b/ansible/roles/postgresql-data-update-managed/tasks/main.yml new file mode 100644 index 0000000000..250de30d7d --- /dev/null +++ b/ansible/roles/postgresql-data-update-managed/tasks/main.yml @@ -0,0 +1,41 @@ +- name: install psycopg2 + package: + name: python-psycopg2 + state: present + +- name: Verifying db users are present else creating them + include: databases.yml + +- name: creating database + include: users.yml + +- name: Copy the templates + become: yes + template: src={{item}} dest=/tmp/{{item}} + with_items: + - tables_postgres.sql + - enc_postgres.sql + +- name: Install postgres client to create schema from file + apt: + name: postgresql-client + state: present + update_cache: yes + +- name: Dump api manager database to a file + postgresql_db: + login_user: "{{ application_postgres_user }}" + login_password: "{{ application_postgres_password }}" + login_host: "{{ application_postgres_host }}" + name: "{{ application_postgres_database }}" + state: restore + target: "/tmp/tables_postgres.sql" + +- name: Create the schema for encryption service + postgresql_db: + login_user: "{{ enc_postgres_user }}" + login_password: "{{ enc_postgres_password }}" + login_host: "{{ enc_postgres_host }}" + name: "{{ enc_postgres_database }}" + state: restore + target: "/tmp/enc_postgres.sql" diff --git a/ansible/roles/postgresql-data-update-managed/tasks/users.yml b/ansible/roles/postgresql-data-update-managed/tasks/users.yml new file mode 100755 index 0000000000..fdbb3b43dc --- /dev/null +++ b/ansible/roles/postgresql-data-update-managed/tasks/users.yml @@ -0,0 +1,17 @@ +--- +- name: Ensure PostgreSQL users are present. + postgresql_user: + name: "{{ item.name }}" + password: "{{ item.password | default(omit) }}" + priv: "{{ item.priv | default(omit) }}" + role_attr_flags: "{{ item.role_attr_flags | default(omit) }}" + db: "{{ item.db | default(omit) }}" + login_host: "{{ item.login_host | default('localhost') }}" + login_password: "{{ item.login_password | default(omit) }}" + login_user: "{{ item.login_user | default(postgresql_user) }}" + encrypted: "{{ item.encrypted | default('yes')}}" + state: "{{ item.state | default('present') }}" + with_items: "{{ postgresql_users }}" + vars: + ansible_ssh_pipelining: true + diff --git a/ansible/roles/postgresql-data-update-managed/templates/enc_postgres.sql b/ansible/roles/postgresql-data-update-managed/templates/enc_postgres.sql new file mode 100644 index 0000000000..ada819c60f --- /dev/null +++ b/ansible/roles/postgresql-data-update-managed/templates/enc_postgres.sql @@ -0,0 +1,12 @@ +CREATE TYPE "enum_Keys_type" AS ENUM ('MASTER','OTHER'); +CREATE TABLE "Keys" ( + id SERIAL PRIMARY KEY, + public text NOT NULL, + private text NOT NULL, + type "enum_Keys_type" NOT NULL, + active boolean DEFAULT true NOT NULL, + reserved boolean DEFAULT false NOT NULL, + "createdAt" timestamp with time zone NOT NULL, + "updatedAt" timestamp with time zone NOT NULL +); +commit; diff --git a/ansible/roles/postgresql-data-update-managed/templates/tables_postgres.sql b/ansible/roles/postgresql-data-update-managed/templates/tables_postgres.sql new file mode 100644 index 0000000000..e2da042a1a --- /dev/null +++ b/ansible/roles/postgresql-data-update-managed/templates/tables_postgres.sql @@ -0,0 +1,181 @@ +drop table qrtz_fired_triggers; +DROP TABLE QRTZ_PAUSED_TRIGGER_GRPS; +DROP TABLE QRTZ_SCHEDULER_STATE; +DROP TABLE QRTZ_LOCKS; +drop table qrtz_simple_triggers; +drop table qrtz_cron_triggers; +drop table qrtz_simprop_triggers; +DROP TABLE QRTZ_BLOB_TRIGGERS; +drop table qrtz_triggers; +drop table qrtz_job_details; +drop table qrtz_calendars; + +CREATE TABLE qrtz_job_details + ( + SCHED_NAME VARCHAR(120) NOT NULL, + JOB_NAME VARCHAR(200) NOT NULL, + JOB_GROUP VARCHAR(200) NOT NULL, + DESCRIPTION VARCHAR(250) NULL, + JOB_CLASS_NAME VARCHAR(250) NOT NULL, + IS_DURABLE BOOL NOT NULL, + IS_NONCONCURRENT BOOL NOT NULL, + IS_UPDATE_DATA BOOL NOT NULL, + REQUESTS_RECOVERY BOOL NOT NULL, + JOB_DATA BYTEA NULL, + PRIMARY KEY (SCHED_NAME,JOB_NAME,JOB_GROUP) +); + +CREATE TABLE qrtz_triggers + ( + SCHED_NAME VARCHAR(120) NOT NULL, + TRIGGER_NAME VARCHAR(200) NOT NULL, + TRIGGER_GROUP VARCHAR(200) NOT NULL, + JOB_NAME VARCHAR(200) NOT NULL, + JOB_GROUP VARCHAR(200) NOT NULL, + DESCRIPTION VARCHAR(250) NULL, + NEXT_FIRE_TIME BIGINT NULL, + PREV_FIRE_TIME BIGINT NULL, + PRIORITY INTEGER NULL, + TRIGGER_STATE VARCHAR(16) NOT NULL, + TRIGGER_TYPE VARCHAR(8) NOT NULL, + START_TIME BIGINT NOT NULL, + END_TIME BIGINT NULL, + CALENDAR_NAME VARCHAR(200) NULL, + MISFIRE_INSTR SMALLINT NULL, + JOB_DATA BYTEA NULL, + PRIMARY KEY (SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP), + FOREIGN KEY (SCHED_NAME,JOB_NAME,JOB_GROUP) + REFERENCES QRTZ_JOB_DETAILS(SCHED_NAME,JOB_NAME,JOB_GROUP) +); + +CREATE TABLE qrtz_simple_triggers + ( + SCHED_NAME VARCHAR(120) NOT NULL, + TRIGGER_NAME VARCHAR(200) NOT NULL, + TRIGGER_GROUP VARCHAR(200) NOT NULL, + REPEAT_COUNT BIGINT NOT NULL, + REPEAT_INTERVAL BIGINT NOT NULL, + TIMES_TRIGGERED BIGINT NOT NULL, + PRIMARY KEY (SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP), + FOREIGN KEY (SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP) + REFERENCES QRTZ_TRIGGERS(SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP) +); + +CREATE TABLE qrtz_cron_triggers + ( + SCHED_NAME VARCHAR(120) NOT NULL, + TRIGGER_NAME VARCHAR(200) NOT NULL, + TRIGGER_GROUP VARCHAR(200) NOT NULL, + CRON_EXPRESSION VARCHAR(120) NOT NULL, + TIME_ZONE_ID VARCHAR(80), + PRIMARY KEY (SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP), + FOREIGN KEY (SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP) + REFERENCES QRTZ_TRIGGERS(SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP) +); + +CREATE TABLE qrtz_simprop_triggers + ( + SCHED_NAME VARCHAR(120) NOT NULL, + TRIGGER_NAME VARCHAR(200) NOT NULL, + TRIGGER_GROUP VARCHAR(200) NOT NULL, + STR_PROP_1 VARCHAR(512) NULL, + STR_PROP_2 VARCHAR(512) NULL, + STR_PROP_3 VARCHAR(512) NULL, + INT_PROP_1 INT NULL, + INT_PROP_2 INT NULL, + LONG_PROP_1 BIGINT NULL, + LONG_PROP_2 BIGINT NULL, + DEC_PROP_1 NUMERIC(13,4) NULL, + DEC_PROP_2 NUMERIC(13,4) NULL, + BOOL_PROP_1 BOOL NULL, + BOOL_PROP_2 BOOL NULL, + PRIMARY KEY (SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP), + FOREIGN KEY (SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP) + REFERENCES QRTZ_TRIGGERS(SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP) +); + +CREATE TABLE qrtz_blob_triggers + ( + SCHED_NAME VARCHAR(120) NOT NULL, + TRIGGER_NAME VARCHAR(200) NOT NULL, + TRIGGER_GROUP VARCHAR(200) NOT NULL, + BLOB_DATA BYTEA NULL, + PRIMARY KEY (SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP), + FOREIGN KEY (SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP) + REFERENCES QRTZ_TRIGGERS(SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP) +); + +CREATE TABLE qrtz_calendars + ( + SCHED_NAME VARCHAR(120) NOT NULL, + CALENDAR_NAME VARCHAR(200) NOT NULL, + CALENDAR BYTEA NOT NULL, + PRIMARY KEY (SCHED_NAME,CALENDAR_NAME) +); + + +CREATE TABLE qrtz_paused_trigger_grps + ( + SCHED_NAME VARCHAR(120) NOT NULL, + TRIGGER_GROUP VARCHAR(200) NOT NULL, + PRIMARY KEY (SCHED_NAME,TRIGGER_GROUP) +); + +CREATE TABLE qrtz_fired_triggers + ( + SCHED_NAME VARCHAR(120) NOT NULL, + ENTRY_ID VARCHAR(95) NOT NULL, + TRIGGER_NAME VARCHAR(200) NOT NULL, + TRIGGER_GROUP VARCHAR(200) NOT NULL, + INSTANCE_NAME VARCHAR(200) NOT NULL, + FIRED_TIME BIGINT NOT NULL, + SCHED_TIME BIGINT NOT NULL, + PRIORITY INTEGER NOT NULL, + STATE VARCHAR(16) NOT NULL, + JOB_NAME VARCHAR(200) NULL, + JOB_GROUP VARCHAR(200) NULL, + IS_NONCONCURRENT BOOL NULL, + REQUESTS_RECOVERY BOOL NULL, + PRIMARY KEY (SCHED_NAME,ENTRY_ID) +); + +CREATE TABLE qrtz_scheduler_state + ( + SCHED_NAME VARCHAR(120) NOT NULL, + INSTANCE_NAME VARCHAR(200) NOT NULL, + LAST_CHECKIN_TIME BIGINT NOT NULL, + CHECKIN_INTERVAL BIGINT NOT NULL, + PRIMARY KEY (SCHED_NAME,INSTANCE_NAME) +); + +CREATE TABLE qrtz_locks + ( + SCHED_NAME VARCHAR(120) NOT NULL, + LOCK_NAME VARCHAR(40) NOT NULL, + PRIMARY KEY (SCHED_NAME,LOCK_NAME) +); + +create index idx_qrtz_j_req_recovery on qrtz_job_details(SCHED_NAME,REQUESTS_RECOVERY); +create index idx_qrtz_j_grp on qrtz_job_details(SCHED_NAME,JOB_GROUP); + +create index idx_qrtz_t_j on qrtz_triggers(SCHED_NAME,JOB_NAME,JOB_GROUP); +create index idx_qrtz_t_jg on qrtz_triggers(SCHED_NAME,JOB_GROUP); +create index idx_qrtz_t_c on qrtz_triggers(SCHED_NAME,CALENDAR_NAME); +create index idx_qrtz_t_g on qrtz_triggers(SCHED_NAME,TRIGGER_GROUP); +create index idx_qrtz_t_state on qrtz_triggers(SCHED_NAME,TRIGGER_STATE); +create index idx_qrtz_t_n_state on qrtz_triggers(SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP,TRIGGER_STATE); +create index idx_qrtz_t_n_g_state on qrtz_triggers(SCHED_NAME,TRIGGER_GROUP,TRIGGER_STATE); +create index idx_qrtz_t_next_fire_time on qrtz_triggers(SCHED_NAME,NEXT_FIRE_TIME); +create index idx_qrtz_t_nft_st on qrtz_triggers(SCHED_NAME,TRIGGER_STATE,NEXT_FIRE_TIME); +create index idx_qrtz_t_nft_misfire on qrtz_triggers(SCHED_NAME,MISFIRE_INSTR,NEXT_FIRE_TIME); +create index idx_qrtz_t_nft_st_misfire on qrtz_triggers(SCHED_NAME,MISFIRE_INSTR,NEXT_FIRE_TIME,TRIGGER_STATE); +create index idx_qrtz_t_nft_st_misfire_grp on qrtz_triggers(SCHED_NAME,MISFIRE_INSTR,NEXT_FIRE_TIME,TRIGGER_GROUP,TRIGGER_STATE); + +create index idx_qrtz_ft_trig_inst_name on qrtz_fired_triggers(SCHED_NAME,INSTANCE_NAME); +create index idx_qrtz_ft_inst_job_req_rcvry on qrtz_fired_triggers(SCHED_NAME,INSTANCE_NAME,REQUESTS_RECOVERY); +create index idx_qrtz_ft_j_g on qrtz_fired_triggers(SCHED_NAME,JOB_NAME,JOB_GROUP); +create index idx_qrtz_ft_jg on qrtz_fired_triggers(SCHED_NAME,JOB_GROUP); +create index idx_qrtz_ft_t_g on qrtz_fired_triggers(SCHED_NAME,TRIGGER_NAME,TRIGGER_GROUP); +create index idx_qrtz_ft_tg on qrtz_fired_triggers(SCHED_NAME,TRIGGER_GROUP); + +commit; diff --git a/ansible/roles/postgresql-data-update/defaults/main.yml b/ansible/roles/postgresql-data-update/defaults/main.yml index 9a65ac5302..998588f529 100755 --- a/ansible/roles/postgresql-data-update/defaults/main.yml +++ b/ansible/roles/postgresql-data-update/defaults/main.yml @@ -4,87 +4,6 @@ postgresql_group: postgres postgresql_unix_socket_directories: - /var/run/postgresql -############# Postgres users and databases ############### -postgresql_users: - - name: "{{kong_postgres_user}}" - login_host: "{{kong_postgres_host}}" - login_password: "{{kong_postgres_password}}" - password: "{{postgres_password}}" - db: "{{kong_postgres_database}}" - login_user: "{{kong_postgres_user}}" - priv: "ALL" - - name: "{{keycloak_postgres_user}}" - login_host: "{{keycloak_postgres_host}}" - login_password: "{{keycloak_postgres_password}}" - password: "{{postgres_password}}" - db: "{{keycloak_postgres_database}}" - login_user: "{{keycloak_postgres_user}}" - priv: "ALL" - - name: "{{application_postgres_user}}" - login_host: "{{application_postgres_host}}" - login_password: "{{application_postgres_password}}" - password: "{{postgres_password}}" - db: "{{application_postgres_database}}" - login_user: "{{application_postgres_user}}" - priv: "ALL" - - name: "{{badger_postgres_user}}" - login_host: "{{badger_postgres_host}}" - login_password: "{{badger_postgres_password}}" - password: "{{postgres_password}}" - login_user: "{{badger_postgres_user}}" - db: "{{badger_postgres_database}}" - priv: "ALL" - - name: "{{user_org_service_postgres_user}}" - login_host: "{{user_org_service_postgres_host}}" - login_password: "{{user_org_service_postgres_password}}" - password: "{{user_org_service_postgres_password}}" - db: "{{user_org_service_postgres_database}}" - login_user: "{{user_org_service_postgres_user}}" - priv: "ALL" - - name: "{{enc_postgres_user}}" - login_host: "{{enc_postgres_host}}" - login_password: "{{enc_postgres_password}}" - password: "{{enc_postgres_password}}" - db: "{{enc_postgres_database}}" - login_user: "{{enc_postgres_user}}" - priv: "ALL" - - -postgresql_databases: - - name: "{{kong_postgres_database}}" - login_host: "{{kong_postgres_host}}" - login_password: "{{kong_postgres_password}}" - owner: "{{kong_postgres_user}}" - login_user: "{{kong_postgres_user}}" - - name: "{{keycloak_postgres_database}}" - login_host: "{{keycloak_postgres_host}}" - login_password: "{{keycloak_postgres_password}}" - owner: "{{keycloak_postgres_user}}" - login_user: "{{keycloak_postgres_user}}" - - name: "{{application_postgres_database}}" - login_host: "{{application_postgres_host}}" - login_password: "{{application_postgres_password}}" - owner: "{{application_postgres_user}}" - login_user: "{{application_postgres_user}}" - - name: "{{badger_postgres_database}}" - login_host: "{{badger_postgres_host}}" - login_password: "{{badger_postgres_password}}" - owner: "{{badger_postgres_user}}" - login_user: "{{badger_postgres_user}}" - - name: "{{user_org_service_postgres_database}}" - login_host: "{{user_org_service_postgres_host}}" - login_password: "{{user_org_service_postgres_password}}" - owner: "{{user_org_service_postgres_user}}" - login_user: "{{user_org_service_postgres_user}}" - - name: "{{enc_postgres_database}}" - login_host: "{{enc_postgres_host}}" - login_password: "{{enc_postgres_password}}" - owner: "{{enc_postgres_user}}" - login_user: "{{enc_postgres_user}}" - -########################################################## - - # Databases to ensure exist. #postgresql_databases: [] # - name: exampledb # required; the rest are optional diff --git a/ansible/roles/postgresql-data-update/tasks/databases.yml b/ansible/roles/postgresql-data-update/tasks/databases.yml index dc96ae4cc9..1d9087d6a4 100644 --- a/ansible/roles/postgresql-data-update/tasks/databases.yml +++ b/ansible/roles/postgresql-data-update/tasks/databases.yml @@ -2,13 +2,15 @@ - name: Ensure PostgreSQL databases are present. postgresql_db: name: "{{ item.name }}" - login_host: "{{ item.login_host | default('localhost') }}" - login_password: "{{ item.login_password | default(omit) }}" + login_host: "localhost" + login_password: "{{ omit }}" login_user: "{{ item.login_user | default(postgresql_user) }}" login_unix_socket: "{{ item.login_unix_socket | default(postgresql_unix_socket_directories[0]) }}" port: "{{ item.port | default(omit) }}" owner: '{{ item.owner.split("@")[0] | default(postgresql_user) }}' state: "{{ item.state | default('present') }}" with_items: "{{ postgresql_databases }}" + become: yes + become_user: "{{ postgresql_user }}" vars: ansible_ssh_pipelining: true diff --git a/ansible/roles/postgresql-data-update/tasks/users.yml b/ansible/roles/postgresql-data-update/tasks/users.yml index fdbb3b43dc..fea2331ac5 100755 --- a/ansible/roles/postgresql-data-update/tasks/users.yml +++ b/ansible/roles/postgresql-data-update/tasks/users.yml @@ -6,12 +6,14 @@ priv: "{{ item.priv | default(omit) }}" role_attr_flags: "{{ item.role_attr_flags | default(omit) }}" db: "{{ item.db | default(omit) }}" - login_host: "{{ item.login_host | default('localhost') }}" - login_password: "{{ item.login_password | default(omit) }}" + login_host: "localhost" + login_password: "{{ omit }}" login_user: "{{ item.login_user | default(postgresql_user) }}" + login_unix_socket: "{{ item.login_unix_socket | default(postgresql_unix_socket_directories[0]) }}" encrypted: "{{ item.encrypted | default('yes')}}" state: "{{ item.state | default('present') }}" with_items: "{{ postgresql_users }}" + become: yes + become_user: "{{ postgresql_user }}" vars: ansible_ssh_pipelining: true - diff --git a/ansible/roles/samza-jobs/defaults/main.yml b/ansible/roles/samza-jobs/defaults/main.yml index 122263e128..bcf48ef719 100644 --- a/ansible/roles/samza-jobs/defaults/main.yml +++ b/ansible/roles/samza-jobs/defaults/main.yml @@ -7,6 +7,13 @@ __yarn_port__: 8000 cassandra_port: 9042 es_port: 9200 __fcm_account_key__: "{{sunbird_fcm_account_key}}" +__sunbird_msg_91_auth__: "{{sunbird_msg_91_auth}}" +__sunbird_notification_msg_default_sender__: "{{sunbird_msg_sender}}" +__sunbird_mail_server_from_email__: "{{sunbird_mail_server_from_email}}" +__sunbird_mail_server_host__: "{{sunbird_mail_server_host}}" +__sunbird_mail_server_port__: "{{sunbird_mail_server_port}}" +__sunbird_mail_server_username__: "{{sunbird_mail_server_username}}" +__sunbird_mail_server_password__: "{{sunbird_mail_server_password}}" samza_tar_files_localpath: roles/samza-jobs/defaults job_names: lms.user-account-merger_1: diff --git a/ansible/roles/stack-proxy/defaults/main.yml b/ansible/roles/stack-proxy/defaults/main.yml index 09d29817ec..8019d1971f 100644 --- a/ansible/roles/stack-proxy/defaults/main.yml +++ b/ansible/roles/stack-proxy/defaults/main.yml @@ -39,3 +39,4 @@ ep_es_host: upstream_url: "ekstep-public-{{ekstep_s3_env}}.s3-ap-south-1.amazonaws.com" plugin_upstream_url: "ekstep-public-{{ekstep_s3_env}}.s3-ap-south-1.amazonaws.com" +sunbird_offline_azure_storage_account_url: "{{ sunbird_offline_azure_storage_account }}.blob.core.windows.net/{{ offline_installer_container_name }}" diff --git a/ansible/roles/stack-proxy/templates/nginx.conf b/ansible/roles/stack-proxy/templates/nginx.conf index ff5ee83d09..075189a147 100644 --- a/ansible/roles/stack-proxy/templates/nginx.conf +++ b/ansible/roles/stack-proxy/templates/nginx.conf @@ -41,6 +41,10 @@ http { metric_latency:observe(tonumber(ngx.var.request_time), {ngx.var.server_name}) '; + header_filter_by_lua_block { + ngx.header["server"] = nil + } + sendfile on; #tcp_nopush on; client_max_body_size 60M; diff --git a/ansible/roles/stack-proxy/templates/proxy-default.conf b/ansible/roles/stack-proxy/templates/proxy-default.conf index 8152bb1686..6ac6da5375 100644 --- a/ansible/roles/stack-proxy/templates/proxy-default.conf +++ b/ansible/roles/stack-proxy/templates/proxy-default.conf @@ -107,6 +107,7 @@ server { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Scheme $scheme; + proxy_set_header X-Forwarded-For $remote_addr; proxy_connect_timeout 5; proxy_send_timeout 60; proxy_read_timeout 70; @@ -409,6 +410,46 @@ location ~* ^/content-plugins/(.*) { proxy_pass http://player; } +location ~* ^/desktop/(.*) { + # Enabling cache for Response code 200 + expires 1M; + add_header Pragma public; + add_header Cache-Control "public"; + + # Enabling compression + gzip on; + gzip_min_length 100000; + gzip_proxied expired no-cache no-store private auth; + gzip_types application/javascript application/x-javascript text/css text/javascript; + + if ($request_method = OPTIONS ) { + add_header Access-Control-Allow-Origin "*" ; + add_header Access-Control-Allow-Methods "GET, OPTIONS, PATCH, POST"; + add_header Access-Control-Allow-Headers "Access-Control-Allow-Origin, Authorization, Content-Type, user-id"; + # add_header Access-Control-Allow-Credentials "true"; + add_header Content-Length 0; + add_header Content-Type text/plain; + return 200; + } + set $offline_bucket "{{ sunbird_offline_azure_storage_account_url }}"; + + set $url_full '$1'; + proxy_http_version 1.1; + proxy_set_header Host "{{sunbird_offline_azure_storage_account_url.split('/')[0]|lower}}"; + proxy_set_header Authorization ''; + proxy_hide_header Access-Control-Allow-Origin; + proxy_hide_header Access-Control-Allow-Methods; + proxy_hide_header x-amz-id-2; + proxy_hide_header x-amz-request-id; + proxy_hide_header Set-Cookie; + proxy_ignore_headers "Set-Cookie"; + proxy_buffering off; + proxy_intercept_errors on; + add_header Access-Control-Allow-Origin "*"; + add_header Access-Control-Allow-Methods GET; + proxy_pass https://$offline_bucket/$url_full; +} + location / { rewrite ^/(.*) /$1 break; diff --git a/ansible/roles/stack-sunbird/defaults/main.yml b/ansible/roles/stack-sunbird/defaults/main.yml index dd49c4c338..56af749b5d 100644 --- a/ansible/roles/stack-sunbird/defaults/main.yml +++ b/ansible/roles/stack-sunbird/defaults/main.yml @@ -10,6 +10,7 @@ sunbird_keycloak_public: sunbird_cache_store: sunbird_cache_ttl: 1800 sunbird_es_port: 9300 # If this port is same for all the machines, single vaule is enough! else comma seperated values +sunbird_es_http_port: 9200 actor_replicas: 1 actor_reservation_memory: 768M actor_limit_memory: 1024M @@ -17,13 +18,14 @@ actor_limit_memory: 1024M learner_replicas: 1 learner_reservation_memory: 256M learner_limit_memory: 512M +learner_reservation_cpu: 0 #Config Service Vars config_replicas: 1 config_reservation_memory: 1024M config_limit_memory: 1024M config_limit_cpu: 1 -config_reservation_cpu: 1 +config_reservation_cpu: 0 # Notification Service vars notification_replicas: 1 @@ -32,7 +34,7 @@ notification_limit_cpu: 1 # This variable is not to access learner service but to call the api # learner-service:9000/org/v1/search -sunbird_learner_service_base_url: http://api-manager_kong:8000/ +sunbird_learner_service_base_url: http://kong:8000/ telemetry_replicas: 1 telemetry_reservation_memory: 300M @@ -67,7 +69,7 @@ sunbird_telemetry_dispatchers: kafka content_service_whitelisted_channels: content_service_blacklisted_channels: sunbird_env_logo_url: - +desktop_app_storage_url: "https://{{sunbird_offline_azure_storage_account}}.blob.core.windows.net/{{offline_installer_container_name}}" telemetry_logstash_heap_size: 512m telemetry_logstash_replicas: 1 @@ -76,19 +78,19 @@ telemetry_logstash_limit_memory: 2g sunbird_telemetry_api: sunbird_enable_signup: content_limit_cpu: 1 -content_reservation_cpu: 1 +content_reservation_cpu: 0 user_org_replicas: 1 user_org_reservation_memory: 750MB user_org_limit_memory: 800MB user_org_limit_cpu: 1 -user_org_reservation_cpu: 1 +user_org_reservation_cpu: 0 cert_replicas: 1 cert_reservation_memory: 500MB cert_limit_memory: 550MB cert_limit_cpu: 1 -cert_reservation_cpu: 1 +cert_reservation_cpu: 0 cert_registry_replicas: 1 cert_registry_limit_memory: 500MB @@ -99,7 +101,7 @@ enc_replicas: 1 enc_reservation_memory: 750MB enc_limit_memory: 800MB enc_limit_cpu: 1 -enc_reservation_cpu: 1 +enc_reservation_cpu: 0 postgres_port: 5432 enc_dialect: postgres enc_entry_passwod: password diff --git a/ansible/roles/stack-sunbird/tasks/content_service.yml b/ansible/roles/stack-sunbird/tasks/content_service.yml deleted file mode 100644 index d13f312179..0000000000 --- a/ansible/roles/stack-sunbird/tasks/content_service.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -- name: Remove content service from stack (previous mode of deploy) - shell: "docker service rm content_service_content_service" - ignore_errors: yes - -- name: Remove content service - shell: "docker service rm content-service" - ignore_errors: yes - -- name: Deploy content service - shell: "docker service create --with-registry-auth --replicas {{ content_replicas }} -p 5000:5000 --name content-service --hostname content-service --reserve-memory {{ content_reservation_memory }} --limit-memory {{ content_limit_memory }} --limit-cpu {{ content_limit_cpu }} --reserve-cpu {{ content_reservation_cpu }} --health-cmd 'wget -qO- content-service:5000/service/health || exit 1' --health-timeout 3s --health-retries 3 --network application_default --env-file /home/deployer/env/sunbird_content-service.env {{hub_org}}/{{image_name}}:{{image_tag}}" - args: - chdir: /home/deployer/stack diff --git a/ansible/roles/stack-sunbird/tasks/knowledge-mw-service.yml b/ansible/roles/stack-sunbird/tasks/knowledge-mw-service.yml new file mode 100644 index 0000000000..a855ca06db --- /dev/null +++ b/ansible/roles/stack-sunbird/tasks/knowledge-mw-service.yml @@ -0,0 +1,9 @@ +--- +- name: Remove knowledge-mw service + shell: "docker service rm knowledge-mw-service" + ignore_errors: yes + +- name: Deploy knowledge-mw service + shell: "docker service create --with-registry-auth --replicas {{ content_replicas }} -p 5000:5000 --name knowledge-mw-service --hostname knowledge-mw-service --reserve-memory {{ content_reservation_memory }} --limit-memory {{ content_limit_memory }} --limit-cpu {{ content_limit_cpu }} --reserve-cpu {{ content_reservation_cpu }} --health-cmd 'wget -qO- knowledge-mw-service:5000/service/health || exit 1' --health-timeout 3s --health-retries 3 --network application_default --env-file /home/deployer/env/sunbird_knowledge-mw-service.env {{hub_org}}/{{image_name}}:{{image_tag}}" + args: + chdir: /home/deployer/stack diff --git a/ansible/roles/stack-sunbird/tasks/learning-service.yml b/ansible/roles/stack-sunbird/tasks/learning-service.yml new file mode 100644 index 0000000000..4c2aa1bb43 --- /dev/null +++ b/ansible/roles/stack-sunbird/tasks/learning-service.yml @@ -0,0 +1,9 @@ +--- +- name: Remove learning service + shell: "docker service rm learning-service" + ignore_errors: yes + +- name: Deploy learning service + shell: "docker service create --with-registry-auth --replicas {{ learner_replicas }} -p 9696:9000 --name learning-service --hostname learning-service --reserve-memory {{ learner_reservation_memory }} --limit-memory {{ learner_limit_memory }} --limit-cpu {{ learner_limit_cpu }} --reserve-cpu {{ learner_reservation_cpu }} --health-cmd 'wget -qO- learning-service:9000/health || exit 1' --health-timeout 3s --health-retries 3 --network application_default --env-file /home/deployer/env/sunbird_learning-service.env {{hub_org}}/{{image_name}}:{{image_tag}}" + args: + chdir: /home/deployer/stack \ No newline at end of file diff --git a/ansible/roles/stack-sunbird/tasks/lms_service.yml b/ansible/roles/stack-sunbird/tasks/lms_service.yml index f99ef4502a..5388bb281a 100644 --- a/ansible/roles/stack-sunbird/tasks/lms_service.yml +++ b/ansible/roles/stack-sunbird/tasks/lms_service.yml @@ -6,4 +6,4 @@ - name: Deploy lms service shell: "docker service create --with-registry-auth --replicas {{ learner_replicas }} -p 9005:9000 --name lms-service --hostname lms-service --reserve-memory {{ learner_reservation_memory }} --limit-memory {{ learner_limit_memory }} --limit-cpu {{ learner_limit_cpu }} --reserve-cpu {{ learner_reservation_cpu }} --health-cmd 'wget -qO- lms-service:9000/service/health || exit 1' --health-timeout 3s --health-retries 3 --network application_default --env-file /home/deployer/env/sunbird_lms-service.env {{hub_org}}/{{image_name}}:{{image_tag}}" args: - chdir: /home/deployer/stack \ No newline at end of file + chdir: /home/deployer/stack diff --git a/ansible/roles/stack-sunbird/tasks/main.yml b/ansible/roles/stack-sunbird/tasks/main.yml index 8dafc5fde9..e691934b89 100644 --- a/ansible/roles/stack-sunbird/tasks/main.yml +++ b/ansible/roles/stack-sunbird/tasks/main.yml @@ -25,8 +25,8 @@ - include: notification_service.yml when: deploy_notification is defined - - include: content_service.yml - when: deploy_content is defined + - include: knowledge-mw-service.yml + when: deploy_knowledge_mw is defined - include: telemetry_service.yml when: deploy_telemetry is defined @@ -39,3 +39,6 @@ - include: telemetry_logstash_datapipeline.yml when: deploy_telemetry_logstash_datapipeline is defined + + - include: learning-service.yml + when: deploy_learning is defined diff --git a/ansible/roles/stack-sunbird/templates/sunbird_cert-registry-service.env b/ansible/roles/stack-sunbird/templates/sunbird_cert-registry-service.env index 92199b38e1..4f8512c702 100644 --- a/ansible/roles/stack-sunbird/templates/sunbird_cert-registry-service.env +++ b/ansible/roles/stack-sunbird/templates/sunbird_cert-registry-service.env @@ -1 +1,3 @@ cert_service_base_url=http://cert-service:9000 +sunbird_es_host={{sunbird_es_host}} +sunbird_es_port={{sunbird_es_port}} diff --git a/ansible/roles/stack-sunbird/templates/sunbird_cert-service.env b/ansible/roles/stack-sunbird/templates/sunbird_cert-service.env index 4f8b5dffbe..8bbafae36e 100644 --- a/ansible/roles/stack-sunbird/templates/sunbird_cert-service.env +++ b/ansible/roles/stack-sunbird/templates/sunbird_cert-service.env @@ -4,4 +4,5 @@ AZURE_STORAGE_SECRET={{sunbird_azure_storage_key}} AZURE_STORAGE_KEY={{sunbird_azure_storage_account}} sunbird_cert_domain_url={{proto}}://{{proxy_server_name}} sunbird_cert_enc_service_url=http://enc-service:8013 -download_link_expiry_timeout=600 \ No newline at end of file +download_link_expiry_timeout=600 +es_conn_info={{sunbird_es_host}}:{{sunbird_es_http_port}} \ No newline at end of file diff --git a/ansible/roles/stack-sunbird/templates/sunbird_content-service.env b/ansible/roles/stack-sunbird/templates/sunbird_knowledge-mw-service.env similarity index 100% rename from ansible/roles/stack-sunbird/templates/sunbird_content-service.env rename to ansible/roles/stack-sunbird/templates/sunbird_knowledge-mw-service.env diff --git a/ansible/roles/stack-sunbird/templates/sunbird_learner-service.env b/ansible/roles/stack-sunbird/templates/sunbird_learner-service.env index 8f67b05662..f24d32f01f 100644 --- a/ansible/roles/stack-sunbird/templates/sunbird_learner-service.env +++ b/ansible/roles/stack-sunbird/templates/sunbird_learner-service.env @@ -54,14 +54,14 @@ badging_authorization_key={{vault_badging_authorization_key}} sunbird_badger_baseurl=http://badger-service:8004 sunbird_remote_req_router_path=akka.tcp://SunbirdMWSystem@actor-service:8088/user/RequestRouter sunbird_remote_bg_req_router_path=akka.tcp://SunbirdMWSystem@actor-service:8088/user/BackgroundRequestRouter -sunbird_api_base_url=http://content-service:5000 +sunbird_api_base_url=http://knowledge-mw-service:5000 sunbird_authorization={{sunbird_api_auth_token}} telemetry_pdata_id={{sunbird_telemetry_pdata_id}} telemetry_pdata_pid=learner-service sunbird_telemetry_base_url=http://telemetry-service:9001 telemetry_queue_threshold_value=100 sunbird_default_channel={{sunbird_default_channel}} -sunbird_api_mgr_base_url=http://content-service:5000 +sunbird_api_mgr_base_url=http://knowledge-mw-service:5000 sunbird_cs_base_url={{sunbird_cs_base_url}} sunbird_cs_search_path=/v1/content/search @@ -106,3 +106,4 @@ sunbird_fuzzy_search_threshold={{sunbird_fuzzy_search_threshold | d('0.5')}} sunbird_subdomain_keycloak_base_url={{sunbird_subdomain_keycloak_base_url | d('')}}/ #Required by Learner-service to call cert service sunbird_cert_service_base_url=http://cert-service:9000 +quartz_shadow_user_migration_timer={{sunbird_quartz_shadow_user_migration_timer}} diff --git a/ansible/roles/stack-sunbird/templates/sunbird_learning-service.env b/ansible/roles/stack-sunbird/templates/sunbird_learning-service.env new file mode 100644 index 0000000000..8db5e1e1c3 --- /dev/null +++ b/ansible/roles/stack-sunbird/templates/sunbird_learning-service.env @@ -0,0 +1,48 @@ +# Cassandra Configuration +cassandra.lp.connection={{ lp_cassandra_connection }} +cassandra.lpa.connection={{ dp_cassandra_connection }} + +# Redis Configuration +redis.host=localhost +redis.port=6379 +redis.maxConnections=128 + +#--Maximum Content Package File Size Limit in Bytes (50 MB) +MAX_CONTENT_PACKAGE_FILE_SIZE_LIMIT=52428800 + +#--Maximum Asset File Size Limit in Bytes (20 MB) +MAX_ASSET_FILE_SIZE_LIMIT=20971520 + +#--No of Retry While File Download Fails +RETRY_ASSET_DOWNLOAD_COUNT=1 + +#Current environment +cloud_storage.env=dev + +# Configuration +graph.dir=/data/graphDB +akka.request_timeout=30 +environment.id={{ environment_id }} +graph.ids=["domain"] +graph.passport.key.base={{ graph_passport_key }} +route.domain={{ learning_neo4j_bolt_url }} +route.bolt.write.domain={{ learning_write_elb_url }} +route.bolt.read.domain={{ learning_read_elb_url }} +route.all={{ language_neo4j_bolt_url }} +route.bolt.write.all={{ language_write_elb_url }} +route.bolt.read.all={{ language_read_elb_url }} + +shard.id={{ mw_shard_id }} +platform.auth.check.enabled=false +platform.cache.ttl=3600000 + +#Top N Config for Search Telemetry +telemetry_env=dev + +installation.id=ekstep + +channel.default=in.ekstep + +content.cache.ttl=86400 +content.cache.read=true +content.cache.hierarchy=true \ No newline at end of file diff --git a/ansible/roles/stack-sunbird/templates/sunbird_lms-service.env b/ansible/roles/stack-sunbird/templates/sunbird_lms-service.env index 4a0efe1ace..67652c19db 100644 --- a/ansible/roles/stack-sunbird/templates/sunbird_lms-service.env +++ b/ansible/roles/stack-sunbird/templates/sunbird_lms-service.env @@ -54,14 +54,14 @@ badging_authorization_key={{vault_badging_authorization_key}} sunbird_badger_baseurl=http://badger-service:8004 sunbird_remote_req_router_path=akka.tcp://SunbirdMWSystem@actor-service:8088/user/RequestRouter sunbird_remote_bg_req_router_path=akka.tcp://SunbirdMWSystem@actor-service:8088/user/BackgroundRequestRouter -sunbird_api_base_url=http://content-service:5000 +sunbird_api_base_url=http://knowledge-mw-service:5000 sunbird_authorization={{sunbird_api_auth_token}} telemetry_pdata_id={{sunbird_telemetry_pdata_id}} telemetry_pdata_pid=lms-service sunbird_telemetry_base_url=http://telemetry-service:9001 telemetry_queue_threshold_value=100 sunbird_default_channel={{sunbird_default_channel}} -sunbird_api_mgr_base_url=http://content-service:5000 +sunbird_api_mgr_base_url=http://knowledge-mw-service:5000 sunbird_cs_base_url={{sunbird_cs_base_url}} sunbird_cs_search_path=/v1/content/search @@ -104,4 +104,6 @@ sunbird_user_org_api_base_url={{sunbird_user_org_api_base_url}} kafka_topics_instruction={{kafka_topics_instruction}} kafka_urls={{kafka_urls}} kafka_topics_certificate_instruction={{kafka_topics_certificate_instruction}} -kafka_assessment_topic={{kafka_assessment_topic}} \ No newline at end of file +kafka_assessment_topic={{kafka_assessment_topic}} +# Required by lms service to call cert service +sunbird_cert_service_base_url=http://cert-service:9000 \ No newline at end of file diff --git a/ansible/roles/stack-sunbird/templates/sunbird_notification-service.env b/ansible/roles/stack-sunbird/templates/sunbird_notification-service.env index 1f41fe5785..e1c441c995 100644 --- a/ansible/roles/stack-sunbird/templates/sunbird_notification-service.env +++ b/ansible/roles/stack-sunbird/templates/sunbird_notification-service.env @@ -1,3 +1,10 @@ sunbird_notification_fcm_account_key={{sunbird_fcm_account_key}} sunbird_notification_kafka_servers_config={{sunbird_processing_kafka_host}} sunbird_notification_kafka_topic={{env_name}}.lms.notification +sunbird_notification_msg_default_sender={{sunbird_msg_sender}} +sunbird_msg_91_auth={{sunbird_msg_91_auth}} +sunbird_mail_server_from_email={{sunbird_mail_server_from_email}} +sunbird_mail_server_host={{sunbird_mail_server_host}} +sunbird_mail_server_password={{sunbird_mail_server_password}} +sunbird_mail_server_username={{sunbird_mail_server_username}} +sunbird_mail_server_port={{sunbird_mail_server_port}} diff --git a/ansible/roles/stack-sunbird/templates/sunbird_player.env b/ansible/roles/stack-sunbird/templates/sunbird_player.env index c7191bcd50..571a02583c 100644 --- a/ansible/roles/stack-sunbird/templates/sunbird_player.env +++ b/ansible/roles/stack-sunbird/templates/sunbird_player.env @@ -1,7 +1,7 @@ sunbird_port=3000 sunbird_content_player_url={{sunbird_content_player_url}} sunbird_learner_player_url={{sunbird_learner_player_url}} -sunbird_content_proxy_url=http://content-service:5000 +sunbird_content_proxy_url=http://knowledge-mw-service:5000 sunbird_echo_api_url={{sunbird_echo_api_url}} sunbird_autocreate_trampoline_user=false sunbird_portal_realm={{keycloak_realm}} @@ -43,8 +43,8 @@ sunbird_google_keycloak_client_id={{sunbird_google_keycloak_client_id}} sunbird_google_keycloak_secret={{sunbird_google_keycloak_secret}} sunbird_help_link_visibility={{sunbird_help_link_visibility|default('FALSE')}} sunbird_azure_report_container_name={{sunbird_azure_report_container_name}} -sunbird_azure_account_name={{sunbird_azure_account_name}} -sunbird_azure_account_key={{sunbird_azure_storage_key}} +sunbird_azure_account_name={{sunbird_portal_azure_storage_account}} +sunbird_azure_account_key={{sunbird_portal_azure_storage_key}} sunbird_response_cache_ttl={{sunbird_response_cache_ttl}} sunbird_portal_preview_cdn_url={{sunbird_portal_preview_cdn_url}} @@ -74,3 +74,8 @@ sunbird_android_keycloak_client_id={{sunbird_android_keycloak_client_id}} #Release-2.3.5 sunbird_portal_merge_auth_server_url={{sunbird_subdomain_keycloak_base_url | d('')}} + +#Release-2.5.0 +sunbird_device_api={{sunbird_device_api}} +desktop_app_storage_url={{desktop_app_storage_url | d('')}} +sunbird_portal_base_url={{sunbird_portal_base_url | d('')}} diff --git a/pipelines/deploy/ContentFramework/Jenkinsfile b/pipelines/deploy/ContentFramework/Jenkinsfile index 6c18a855fe..1bfc4efe9a 100644 --- a/pipelines/deploy/ContentFramework/Jenkinsfile +++ b/pipelines/deploy/ContentFramework/Jenkinsfile @@ -18,7 +18,7 @@ node() { stage('get artifact') { currentWs = sh(returnStdout: true, script: 'pwd').trim() artifact = values.artifact_name + ":" + values.artifact_version - commit_hash = values.artifact_version.split('_')[1] + commit_hash = values.artifact_version.split('-')[1] values.put('currentWs', currentWs) values.put('artifact', artifact) artifact_download(values) diff --git a/pipelines/deploy/knowledge-mw-service/Jenkinsfile b/pipelines/deploy/knowledge-mw-service/Jenkinsfile new file mode 100644 index 0000000000..629ca40e07 --- /dev/null +++ b/pipelines/deploy/knowledge-mw-service/Jenkinsfile @@ -0,0 +1,30 @@ +@Library('deploy-conf') _ +node() { + try { + stage('checkout public repo') { + cleanWs() + checkout scm + } + + stage('deploy') { + values = docker_params() + currentWs = sh(returnStdout: true, script: 'pwd').trim() + ansiblePlaybook = "$currentWs/ansible/deploy.yml" + ansibleExtraArgs = "--tags \"stack-sunbird\" --extra-vars \"hub_org=$hub_org image_name=$values.image_name image_tag=$values.image_tag service_name=knowledge-mw-service deploy_knowledge_mw=True\" --vault-password-file /var/lib/jenkins/secrets/vault-pass" + values.put('currentWs', currentWs) + values.put('ansiblePlaybook', ansiblePlaybook) + values.put('ansibleExtraArgs', ansibleExtraArgs) + ansible_playbook_run(values) + archiveArtifacts 'metadata.json' + currentBuild.description = "Image: ${values.image_tag}, Private: ${params.private_branch}, Public: ${params.branch_or_tag}" + } + } + catch (err) { + currentBuild.result = "FAILURE" + throw err + } + finally { + slack_notify(currentBuild.result) + email_notify() + } +} diff --git a/pipelines/deploy/content/Jenkinsfile b/pipelines/deploy/learning/Jenkinsfile similarity index 88% rename from pipelines/deploy/content/Jenkinsfile rename to pipelines/deploy/learning/Jenkinsfile index 0be3b9cc35..e440154d5b 100644 --- a/pipelines/deploy/content/Jenkinsfile +++ b/pipelines/deploy/learning/Jenkinsfile @@ -10,7 +10,7 @@ node() { values = docker_params() currentWs = sh(returnStdout: true, script: 'pwd').trim() ansiblePlaybook = "$currentWs/ansible/deploy.yml" - ansibleExtraArgs = "--tags \"stack-sunbird\" --extra-vars \"hub_org=$hub_org image_name=$values.image_name image_tag=$values.image_tag service_name=content-service deploy_content=True\" --vault-password-file /var/lib/jenkins/secrets/vault-pass" + ansibleExtraArgs = "--tags \"stack-sunbird\" --extra-vars \"hub_org=$hub_org image_name=$values.image_name image_tag=$values.image_tag service_name=learning-service deploy_learning=True\" --vault-password-file /var/lib/jenkins/secrets/vault-pass" values.put('currentWs', currentWs) values.put('ansiblePlaybook', ansiblePlaybook) values.put('ansibleExtraArgs', ansibleExtraArgs) @@ -27,4 +27,4 @@ node() { slack_notify(currentBuild.result) email_notify() } -} +} \ No newline at end of file diff --git a/pipelines/offlineinstaller/Jenkinsfile b/pipelines/offlineinstaller/Jenkinsfile index c24ee78c22..1f5bda8075 100644 --- a/pipelines/offlineinstaller/Jenkinsfile +++ b/pipelines/offlineinstaller/Jenkinsfile @@ -52,6 +52,7 @@ node() { println values ansible_playbook_run(values) archiveArtifacts artifacts: '*.zip', onlyIfSuccessful: true + archiveArtifacts artifacts: 'latest.json', onlyIfSuccessful: true } } catch (err) { diff --git a/pipelines/provision/postgres/Jenkinsfile b/pipelines/provision/postgres/Jenkinsfile index dec776381b..5693fe7ec4 100644 --- a/pipelines/provision/postgres/Jenkinsfile +++ b/pipelines/provision/postgres/Jenkinsfile @@ -20,7 +20,7 @@ node() { module = sh(returnStdout: true, script: "echo $JOB_NAME").split('/')[-2].trim() jobName = sh(returnStdout: true, script: "echo $JOB_NAME").split('/')[-1].trim() ansiblePlaybook = "${currentWs}/ansible/provision.yml" - ansibleExtraArgs = "--tags postgresql-master --vault-password-file /var/lib/jenkins/secrets/vault-pass -v" + ansibleExtraArgs = "--skip-tags \"cassandra,es,log-es,postgresql-slave\" --vault-password-file /var/lib/jenkins/secrets/vault-pass -v" values.put('currentWs', currentWs) values.put('env', envDir) values.put('module', module) diff --git a/pipelines/release/Jenkinsfile.rc.tag b/pipelines/release/Jenkinsfile.rc.tag index f8fb3b631f..9ad9bbd2da 100644 --- a/pipelines/release/Jenkinsfile.rc.tag +++ b/pipelines/release/Jenkinsfile.rc.tag @@ -1,3 +1,4 @@ +@Library('deploy-conf') _ node { try { repositories = ['Sunbird-Ed/SunbirdEd-portal', diff --git a/private_repo/ansible/inventory/dev/Core/common.yml b/private_repo/ansible/inventory/dev/Core/common.yml index efabe3d7c9..0923e704f5 100644 --- a/private_repo/ansible/inventory/dev/Core/common.yml +++ b/private_repo/ansible/inventory/dev/Core/common.yml @@ -17,7 +17,7 @@ sunbird_default_channel: # Organization channel name which portal sunbird_app_name: # By default app name will be sunbird azure_account_name: # Storage account name for blobs sunbird_content_azure_storage_container: # Conatainer store assets/public -swarm_load_balancer: # Loadbalancer ip to push the logspout result to logstash in swarm +sunbird_swarm_manager_lb_ip: # Swarm manager load balancer private IP. If you don't have a load swarm manager load balancer, you can use swarm manager private ip. # Blob where data analytics pushing content # Check same variable in DP common.yml diff --git a/private_repo/ansible/inventory/dev/Core/hosts b/private_repo/ansible/inventory/dev/Core/hosts index dbf41b480c..ea0572cc61 100644 --- a/private_repo/ansible/inventory/dev/Core/hosts +++ b/private_repo/ansible/inventory/dev/Core/hosts @@ -18,6 +18,12 @@ swarm-agent-for-prometheus [swarm-manager:children] swarm-manager-1 +[swarm-node-1] +11.3.0.27 + +[swarm-worker:children] +swarm-node-1 + [keycloak-1] 18.0.0.9 @@ -128,7 +134,6 @@ swarm-manager swarm-manager swarm-bootstrap-manager swarm-agent-for-prometheus -swarm-agent-for-grafana swarm-agent-for-alertmanager [node-exporter:children] @@ -165,3 +170,4 @@ swarm-manager # ansible_ssh_user=deployer ansible_ssh_private_key_file=/var/lib/jenkins/secrets/deployer_ssh_key +logger_es6_host="{{ groups['log-es-2'][0] }}" diff --git a/private_repo/ansible/inventory/dev/DataPipeline/hosts b/private_repo/ansible/inventory/dev/DataPipeline/hosts index 129b0488ad..2ea13f6cb6 100644 --- a/private_repo/ansible/inventory/dev/DataPipeline/hosts +++ b/private_repo/ansible/inventory/dev/DataPipeline/hosts @@ -2,10 +2,6 @@ [swarm-bootstrap-manager] 15.0.1.4 -# Sunbird zookeeper -[ingestion-cluster-zookeepers] -15.0.0.8 - [core-cassandra] 15.0.0.7 diff --git a/private_repo/ansible/inventory/dev/KnowledgePlatform/hosts b/private_repo/ansible/inventory/dev/KnowledgePlatform/hosts index a0aad45eac..1d2c32b88e 100644 --- a/private_repo/ansible/inventory/dev/KnowledgePlatform/hosts +++ b/private_repo/ansible/inventory/dev/KnowledgePlatform/hosts @@ -43,6 +43,12 @@ cassandra-node-1 [core-cassandra] 15.0.2.5 +[core-es-1] +18.0.0.9 # This should be elasticsearch master IP of Core + +[core-es:children] +core-es-1 + [composite-search-cluster] 15.0.2.6