-
Notifications
You must be signed in to change notification settings - Fork 7
Production Configuration
Environment Variable | Where set | Defaults to |
---|---|---|
Vault Values | ||
DATACITE_ENDPOINT | vault secret/app/scholarsphere/prod | |
DATACITE_PREFIX | vault secret/app/scholarsphere/prod | |
DATACITE_PUBLISHER | vault secret/app/scholarsphere/prod | |
DATACITE_PASSWORD | vault secret/app/scholarsphere/prod | |
DATACITE_USERNAME | vault secret/app/scholarsphere/prod | |
DEFAULT_URL_HOST | vault secret/app/scholarsphere/prod | |
OAUTH_APP_ID | vault secret/app/scholarsphere/prod | |
OAUTH_APP_SECRET | vault secret/app/scholarsphere/prod | |
SECRET_KEY_BASE | vault secret/app/scholarsphere/prod | |
POSTGRES_DB | vault secret/app/scholarsphere/prod | |
POSTGRES_HOST | vault secret/app/scholarsphere/prod | |
POSTGRES_PASSWORD | vault secret/app/scholarsphere/prod | |
POSTGRES_USER | vault secret/app/scholarsphere/prod | |
Helm App Values | ||
SMTP_ADDRESS | .Values.mail.server | smtp.psu.edu |
SMTP_PORT | .Values.mail.port | 25 |
MAIL_DELIVERY_METHOD | .Values.mail.deliveryMethod | smtp |
DEFAULT_URL_PROTOCOL | .Values.default_url_protocol | https |
SOLR_USERNAME | auto generated secret "scholarsphere-solr" | |
SOLR_PASSWORD | auto generated secret "scholarsphere-solr" | |
REDIS_HOST | auto generated based off deployment | |
SOLR_COLLECTION | .Values.solr.collection | scholarsphere |
SOLR_HOST | auto generated based off deployment | |
AWS_BUCKET | auto generated secret "scholarsphere-aws-prod" | |
AWS_REGION | auto generated secret "scholarsphere-aws-prod" | |
AWS_ACCESS_KEY_ID | auto generated secret "scholarsphere-aws-prod" | |
AWS_SECRET_ACCESS_KEY | auto generated secret "scholarsphere-aws-prod" | |
LOGRAGE_ENABLED | .Values.logging.lograge | true |
RAILS_LOG_JSON | .Values.logging.json | true |
DD_ENV | set based off env | prod |
DD_AGENT_HOST | set based of host pod is running on |
Any value that gets set via vault will trump any value set via the deployment. If we want to override SMTP_ADDRESS for a short time, we could do it in vault and perform a rollout on the deployments
You can override any of the app values in the scholarsphere-config repository, by adding the values to the argocd application object. for example, the file ./argocd-prod/prod.yaml
in the scholarsphere-config
to turn off json logging you'd issue a PR :
---
apiVersion: argoproj.io/v1alpha1
...
spec:
...
source:
...
helm:
values: |
logging:
json: false
...
...
All other overridables, can be found here: https://github.com/psu-stewardship/scholarsphere-config/blob/main/chart/values.yaml
we shouldn't need to change too many of these, but this is where we would do things like add replicas for workers, or disable datadog, for example.
References:
Vault Client setup: https://sites.psu.edu/dltdocs/?p=5380
Vault k/v secret engine https://sites.psu.edu/dltdocs/?p=5399
Helm Values: https://helm.sh/docs/chart_template_guide/values_files/