Skip to content
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions src/features.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,11 @@ iop:
description: iop services
dependencies:
- rh-cloud
container-gateway:
description: Container registry gateway for smart proxy
internal: true
foreman_proxy:
plugin_name: container_gateway
bmc:
description: Power management for bare metal hosts (IPMI, Redfish)
foreman_proxy:
Expand Down
3 changes: 3 additions & 0 deletions src/roles/foreman_proxy/defaults/main.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,9 @@ foreman_proxy_disabled_features: "{{ foreman_proxy_available_features | differen

foreman_proxy_foreman_server_url: "https://{{ ansible_facts['fqdn'] }}"

# Container gateway settings
foreman_proxy_container_gateway_pulp_endpoint: "https://{{ ansible_facts['fqdn'] }}"

# BMC settings
foreman_proxy_bmc_ipmi_implementation: ipmitool
foreman_proxy_bmc_redfish_verify_ssl: true
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
---
:enabled: {{ feature_enabled }}
:pulp_endpoint: {{ foreman_proxy_container_gateway_pulp_endpoint }}
:db_connection_string: postgresql://{{ container_gateway_database_user }}:{{ container_gateway_database_password }}@{{ container_gateway_database_host }}:{{ container_gateway_database_port }}/{{ container_gateway_database_name }}
2 changes: 2 additions & 0 deletions src/roles/httpd/defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,8 @@ httpd_ipa_keytab: /etc/httpd/conf/http.keytab
httpd_ipa_pam_service: "{{ external_authentication_pam_service | default('foreman') }}"
httpd_ipa_gssapi_local_name: true

httpd_foreman_proxy_url: "https://{{ ansible_facts['fqdn'] }}:8443"

httpd_with_foreman: "{{ 'foreman' in enabled_features }}"
httpd_with_pulpcore: "{{ not httpd_with_foreman and not httpd_with_pulp_mirror }}"
httpd_with_pulp_mirror: "{{ pulp_mirror | default(false) }}"
8 changes: 8 additions & 0 deletions src/roles/httpd/templates/foreman-ssl-vhost.conf.j2
Original file line number Diff line number Diff line change
Expand Up @@ -127,6 +127,14 @@
ProxyPass / {{ httpd_foreman_backend }}/ retry=0 timeout=900 upgrade=websocket
ProxyPassReverse / {{ httpd_foreman_backend }}/
{% else %}
## Container Gateway
ProxyPass /v1/ {{ httpd_foreman_proxy_url }}/container_gateway/v1/
ProxyPassReverse /v1/ {{ httpd_foreman_proxy_url }}/container_gateway/v1/
ProxyPass /v2/ {{ httpd_foreman_proxy_url }}/container_gateway/v2/
ProxyPassReverse /v2/ {{ httpd_foreman_proxy_url }}/container_gateway/v2/
ProxyPass /index/ {{ httpd_foreman_proxy_url }}/container_gateway/index/
ProxyPassReverse /index/ {{ httpd_foreman_proxy_url }}/container_gateway/index/

ProxyPass /rhsm {{ httpd_foreman_url }}/rhsm disablereuse=on retry=0
ProxyPassReverse /rhsm {{ httpd_foreman_url }}/rhsm
ProxyPass /redhat_access {{ httpd_foreman_url }}/redhat_access disablereuse=on retry=0
Expand Down
1 change: 1 addition & 0 deletions src/vars/base.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ httpd_server_certificate: "{{ server_certificate }}"
httpd_server_key: "{{ server_key }}"
httpd_enabled_pulp_snippets: "{{ ['pypi'] if 'pulp_python' in pulp_plugins else [] }}"
httpd_foreman_url: "{{ foreman_url }}"
httpd_foreman_proxy_url: "{{ foreman_proxy_url }}"
httpd_pulp_trusted_hosts:
- "{{ foreman_name }}"

Expand Down
14 changes: 14 additions & 0 deletions src/vars/database.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,13 @@ pulp_database_user: pulp
pulp_database_password_file: "{{ obsah_state_path }}/pulp-db-password"
pulp_database_password: "{{ lookup('ansible.builtin.password', pulp_database_password_file, chars=['ascii_letters', 'digits']) }}"

container_gateway_database_name: container_gateway
container_gateway_database_user: container_gateway
container_gateway_database_password_file: "{{ obsah_state_path }}/container-gateway-db-password"
container_gateway_database_password: "{{ lookup('ansible.builtin.password', container_gateway_database_password_file, chars=['ascii_letters', 'digits']) }}"
container_gateway_database_host: "{{ database_host }}"
container_gateway_database_port: "{{ database_port }}"

postgresql_admin_password_file: "{{ obsah_state_path }}/postgresql-admin-password"
postgresql_admin_password: "{{ lookup('ansible.builtin.password', postgresql_admin_password_file, chars=['ascii_letters', 'digits']) }}"

Expand Down Expand Up @@ -101,6 +108,13 @@ databases:
ssl_mode: "{{ pulp_database_ssl_mode }}"
ssl_ca: "{{ pulp_database_ssl_ca }}"
feature: pulp
- name: container_gateway
database: "{{ container_gateway_database_name }}"
host: "{{ container_gateway_database_host }}"
port: "{{ container_gateway_database_port }}"
user: "{{ container_gateway_database_user }}"
password: "{{ container_gateway_database_password }}"
feature: container-gateway
- name: iop_advisor
database: "{{ iop_advisor_database_name }}"
host: "{{ iop_advisor_database_host }}"
Expand Down
1 change: 1 addition & 0 deletions src/vars/flavors/foreman-proxy-content.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
flavor_features:
- foreman-proxy
- container-gateway
- content/rpm
- content/deb
- content/container
Expand Down