pvc-ansible/roles/pvc/templates/pvc/pvcapid.yaml.j2

---
# pvcapid configuration
# {{ ansible_managed }}
pvc:
    debug: False
    coordinators:
{% for node in pvc_nodes if node.is_coordinator %}
        - {{ node.hostname.split('.')[0] }}
{% endfor %}
    # api: Configuration of the API listener
    api:
        # listen_address: IP address(es) to listen on; use 0.0.0.0 for all interfaces
        listen_address: "{{ pvc_api_listen_address }}"
        # listen_port: TCP port to listen on, usually 7370
        listen_port: "{{ pvc_api_listen_port }}"
        # authentication: Authentication and security settings
        authentication:
            # enabled: Enable or disable authentication (True/False)
            enabled: {{ pvc_api_enable_authentication }}
            # secret_key: Per-cluster secret key for API cookies; generate with uuidgen or pwgen
            secret_key: "{{ pvc_api_secret_key }}"
            # tokens: a list of authentication tokens; leave as an empty list to disable authentication
            tokens:
{% for token in pvc_api_tokens %}
                - description: "{{ token.description }}"
                  token: "{{ token.token }}"
{% endfor %}
        # ssl: SSL configuration
        ssl:
            # enabled: Enabled or disable SSL operation (True/False)
            enabled: {{ pvc_api_enable_ssl }}
            # cert_file: SSL certificate file
{% if pvc_api_ssl_cert_path is defined and pvc_api_ssl_cert_path %}
            cert_file: "{{ pvc_api_ssl_cert_path }}"
{% else %}
            cert_file: "/etc/pvc/api-cert.pem"
{% endif %}
            # key_file: SSL certificate key file
{% if pvc_api_ssl_key_path is defined and pvc_api_ssl_key_path %}
            key_file: "{{ pvc_api_ssl_key_path }}"
{% else %}
            key_file: "/etc/pvc/api-key.pem"
{% endif %}
    # provisioner: Configuration of the Provisioner API listener
    provisioner:
        # database: Backend database configuration
        database:
            # host: PostgreSQL hostname, usually 'localhost'
            host: localhost
            # port: PostgreSQL port, invariably '5432'
            port: 5432
            # name: PostgreSQL database name, invariably 'pvcapi'
            name: {{ pvc_api_database_name }}
            # user: PostgreSQL username, invariable 'pvcapi'
            user: {{ pvc_api_database_user }}
            # pass: PostgreSQL user password, randomly generated
            pass: {{ pvc_api_database_password }}
        # queue: Celery backend queue using the PVC Zookeeper cluster
        queue:
            # host: Redis hostname, usually 'localhost'
            host: localhost
            # port: Redis port, invariably '6279'
            port: 6379
            # path: Redis queue path, invariably '/0'
            path: /0
        # ceph_cluster: Information about the Ceph storage cluster
        ceph_cluster:
            # storage_hosts: The list of hosts that the Ceph monitors are valid on; if empty (the default),
            #                uses the list of coordinators
            storage_hosts:
{% for node in pvc_nodes if node.is_coordinator %}
              - {{ node.hostname.split('.')[0] }}
{% endfor %}
            # storage_domain: The storage domain name, concatenated with the coordinators list names
            #                 to form monitor access strings
            storage_domain: {{ pvc_storage_domain }}
            # ceph_monitor_port: The port that the Ceph monitor on each coordinator listens on
            ceph_monitor_port: 6789
            # ceph_storage_secret_uuid: Libvirt secret UUID for Ceph storage access
            ceph_storage_secret_uuid: {{ pvc_ceph_storage_secret_uuid }}
Add client API to configuration 2019-07-06 02:49:25 -04:00			`---`
Use new package and file names References parallelvirtualclient/pvc#79 2020-02-08 19:26:51 -05:00			`# pvcapid configuration`
Add client API to configuration 2019-07-06 02:49:25 -04:00			`# {{ ansible_managed }}`
			`pvc:`
Set debug value in API config 2019-07-26 11:44:08 -04:00			`debug: False`
Add client API to configuration 2019-07-06 02:49:25 -04:00			`coordinators:`
			`{% for node in pvc_nodes if node.is_coordinator %}`
Use short names in PVC configs 2020-04-06 13:53:05 -04:00			`- {{ node.hostname.split('.')[0] }}`
Add client API to configuration 2019-07-06 02:49:25 -04:00			`{% endfor %}`
Complete configuration of API via Ansible 2019-07-08 11:33:14 -04:00			`# api: Configuration of the API listener`
Add client API to configuration 2019-07-06 02:49:25 -04:00			`api:`
Complete configuration of API via Ansible 2019-07-08 11:33:14 -04:00			`# listen_address: IP address(es) to listen on; use 0.0.0.0 for all interfaces`
Add client API to configuration 2019-07-06 02:49:25 -04:00			`listen_address: "{{ pvc_api_listen_address }}"`
Complete configuration of API via Ansible 2019-07-08 11:33:14 -04:00			`# listen_port: TCP port to listen on, usually 7370`
Add client API to configuration 2019-07-06 02:49:25 -04:00			`listen_port: "{{ pvc_api_listen_port }}"`
Complete configuration of API via Ansible 2019-07-08 11:33:14 -04:00			`# authentication: Authentication and security settings`
Add client API to configuration 2019-07-06 02:49:25 -04:00			`authentication:`
Complete configuration of API via Ansible 2019-07-08 11:33:14 -04:00			`# enabled: Enable or disable authentication (True/False)`
			`enabled: {{ pvc_api_enable_authentication }}`
			`# secret_key: Per-cluster secret key for API cookies; generate with uuidgen or pwgen`
			`secret_key: "{{ pvc_api_secret_key }}"`
			`# tokens: a list of authentication tokens; leave as an empty list to disable authentication`
			`tokens:`
			`{% for token in pvc_api_tokens %}`
Replace tabs with spaces 2019-07-08 19:24:59 -04:00			`- description: "{{ token.description }}"`
			`token: "{{ token.token }}"`
Complete configuration of API via Ansible 2019-07-08 11:33:14 -04:00			`{% endfor %}`
			`# ssl: SSL configuration`
			`ssl:`
			`# enabled: Enabled or disable SSL operation (True/False)`
			`enabled: {{ pvc_api_enable_ssl }}`
			`# cert_file: SSL certificate file`
Support using existing SSL certs on system Add the additional pvc_api_ssl_cert_path and pvc_api_ssl_key_path group_vars options, which can be used to set the SSL details to existing files on the filesystem if desired. If these are empty (or nonexistent), the original pvc_api_ssl_cert and pvc_api_ssl_key raw format options will be used as they were. Allows the administrator to use outside methods (such as Let's Encrypt) to obtain the certs locally on the system, avoiding changes to the group_vars and redeployment to manage SSL keys. 2020-08-26 14:08:58 -04:00			`{% if pvc_api_ssl_cert_path is defined and pvc_api_ssl_cert_path %}`
			`cert_file: "{{ pvc_api_ssl_cert_path }}"`
			`{% else %}`
Complete configuration of API via Ansible 2019-07-08 11:33:14 -04:00			`cert_file: "/etc/pvc/api-cert.pem"`
Support using existing SSL certs on system Add the additional pvc_api_ssl_cert_path and pvc_api_ssl_key_path group_vars options, which can be used to set the SSL details to existing files on the filesystem if desired. If these are empty (or nonexistent), the original pvc_api_ssl_cert and pvc_api_ssl_key raw format options will be used as they were. Allows the administrator to use outside methods (such as Let's Encrypt) to obtain the certs locally on the system, avoiding changes to the group_vars and redeployment to manage SSL keys. 2020-08-26 14:08:58 -04:00			`{% endif %}`
Complete configuration of API via Ansible 2019-07-08 11:33:14 -04:00			`# key_file: SSL certificate key file`
Support using existing SSL certs on system Add the additional pvc_api_ssl_cert_path and pvc_api_ssl_key_path group_vars options, which can be used to set the SSL details to existing files on the filesystem if desired. If these are empty (or nonexistent), the original pvc_api_ssl_cert and pvc_api_ssl_key raw format options will be used as they were. Allows the administrator to use outside methods (such as Let's Encrypt) to obtain the certs locally on the system, avoiding changes to the group_vars and redeployment to manage SSL keys. 2020-08-26 14:08:58 -04:00			`{% if pvc_api_ssl_key_path is defined and pvc_api_ssl_key_path %}`
			`key_file: "{{ pvc_api_ssl_key_path }}"`
			`{% else %}`
Complete configuration of API via Ansible 2019-07-08 11:33:14 -04:00			`key_file: "/etc/pvc/api-key.pem"`
Support using existing SSL certs on system Add the additional pvc_api_ssl_cert_path and pvc_api_ssl_key_path group_vars options, which can be used to set the SSL details to existing files on the filesystem if desired. If these are empty (or nonexistent), the original pvc_api_ssl_cert and pvc_api_ssl_key raw format options will be used as they were. Allows the administrator to use outside methods (such as Let's Encrypt) to obtain the certs locally on the system, avoiding changes to the group_vars and redeployment to manage SSL keys. 2020-08-26 14:08:58 -04:00			`{% endif %}`
Add additional API configuration 2019-12-23 23:25:27 -05:00			`# provisioner: Configuration of the Provisioner API listener`
			`provisioner:`
			`# database: Backend database configuration`
			`database:`
			`# host: PostgreSQL hostname, usually 'localhost'`
			`host: localhost`
			`# port: PostgreSQL port, invariably '5432'`
			`port: 5432`
Change name of default API database From pvcprov to pvcapi to reflect the changing use of this database. 2020-08-25 02:00:29 -04:00			`# name: PostgreSQL database name, invariably 'pvcapi'`
Rename remaining "pvc_prov" items to pvc_api 2020-08-25 13:01:48 -04:00			`name: {{ pvc_api_database_name }}`
Change name of default API database From pvcprov to pvcapi to reflect the changing use of this database. 2020-08-25 02:00:29 -04:00			`# user: PostgreSQL username, invariable 'pvcapi'`
Rename remaining "pvc_prov" items to pvc_api 2020-08-25 13:01:48 -04:00			`user: {{ pvc_api_database_user }}`
Add additional API configuration 2019-12-23 23:25:27 -05:00			`# pass: PostgreSQL user password, randomly generated`
Rename remaining "pvc_prov" items to pvc_api 2020-08-25 13:01:48 -04:00			`pass: {{ pvc_api_database_password }}`
Add additional API configuration 2019-12-23 23:25:27 -05:00			`# queue: Celery backend queue using the PVC Zookeeper cluster`
			`queue:`
			`# host: Redis hostname, usually 'localhost'`
			`host: localhost`
			`# port: Redis port, invariably '6279'`
			`port: 6379`
			`# path: Redis queue path, invariably '/0'`
			`path: /0`
			`# ceph_cluster: Information about the Ceph storage cluster`
			`ceph_cluster:`
			`# storage_hosts: The list of hosts that the Ceph monitors are valid on; if empty (the default),`
			`# uses the list of coordinators`
			`storage_hosts:`
			`{% for node in pvc_nodes if node.is_coordinator %}`
Use short names in PVC configs 2020-04-06 13:53:05 -04:00			`- {{ node.hostname.split('.')[0] }}`
Add additional API configuration 2019-12-23 23:25:27 -05:00			`{% endfor %}`
			`# storage_domain: The storage domain name, concatenated with the coordinators list names`
			`# to form monitor access strings`
			`storage_domain: {{ pvc_storage_domain }}`
			`# ceph_monitor_port: The port that the Ceph monitor on each coordinator listens on`
			`ceph_monitor_port: 6789`
			`# ceph_storage_secret_uuid: Libvirt secret UUID for Ceph storage access`
			`ceph_storage_secret_uuid: {{ pvc_ceph_storage_secret_uuid }}`