From 62a22812a36fc9fbe08ce8bfad8884f7d348f512 Mon Sep 17 00:00:00 2001 From: ilia Date: Sat, 10 Jan 2026 15:19:07 -0500 Subject: [PATCH] refactor(inventory): Update punimTag project configurations and environment variables - Renamed punimTagFE to punimTag for consistency in project naming. - Updated environment variable configurations for punimTag, including backend and frontend settings. - Added backend support for punimTag with appropriate commands for deployment and migration. - Adjusted environment variables for dev, qa, and prod environments to reflect new project structure. - Ensured all changes maintain backward compatibility with existing configurations. This refactor aims to streamline the project setup and improve clarity in the inventory structure. --- .../production/group_vars/all/main.yml | 105 +++++++----------- .../group_vars/all/vault.example.yml | 14 +++ 2 files changed, 55 insertions(+), 64 deletions(-) diff --git a/inventories/production/group_vars/all/main.yml b/inventories/production/group_vars/all/main.yml index 217e944..ffc80db 100644 --- a/inventories/production/group_vars/all/main.yml +++ b/inventories/production/group_vars/all/main.yml @@ -100,8 +100,7 @@ app_frontend_start_cmd: "npm start" # Proxmox IDs are global. Never reuse IDs across unrelated guests. # Suggested reservation table (edit to your preference): # - 9000-9099: pote -# - 9100-9199: punimTagFE -# - 9200-9299: punimTagBE +# - 9100-9199: punimTag (monorepo) # - 9300-9399: projectA (example) # ----------------------------------------------------------------------------- app_projects: @@ -205,59 +204,13 @@ app_projects: gateway: "10.0.10.1" branch: "main" - punimTagFE: - description: "punimTag frontend-only project (edit repo_url, IPs, secrets)." - repo_url: "git@github.com:example/punimTagFE.git" - repo_dest: "/srv/app" - components: - backend: false - frontend: true - guest_defaults: - guest_type: "{{ proxmox_guest_type }}" - cores: 2 - memory_mb: 2048 - swap_mb: 512 - rootfs_size_gb: 16 - deploy: - frontend_install_cmd: "{{ app_frontend_install_cmd }}" - frontend_build_cmd: "{{ app_frontend_build_cmd }}" - frontend_start_cmd: "{{ app_frontend_start_cmd }}" - envs: - dev: - name: "punimTagFE-dev" - vmid: 9101 - ip: "10.0.10.121/24" - gateway: "10.0.10.1" - branch: "dev" - env_vars: - APP_ENV: "dev" - SECRET_PLACEHOLDER: "change-me" - qa: - name: "punimTagFE-qa" - vmid: 9102 - ip: "10.0.10.122/24" - gateway: "10.0.10.1" - branch: "qa" - env_vars: - APP_ENV: "qa" - SECRET_PLACEHOLDER: "change-me" - prod: - name: "punimTagFE-prod" - vmid: 9103 - ip: "10.0.10.123/24" - gateway: "10.0.10.1" - branch: "main" - env_vars: - APP_ENV: "prod" - SECRET_PLACEHOLDER: "change-me" - - punimTagBE: - description: "punimTag backend-only project (edit repo_url, IPs, secrets)." - repo_url: "git@github.com:example/punimTagBE.git" + punimTag: + description: "punimTag monorepo (frontend + backend, edit repo_url, IPs, secrets)." + repo_url: "git@github.com:example/punimTag.git" repo_dest: "/srv/app" components: backend: true - frontend: false + frontend: true guest_defaults: guest_type: "{{ proxmox_guest_type }}" cores: 2 @@ -268,34 +221,58 @@ app_projects: backend_install_cmd: "{{ app_backend_install_cmd }}" backend_migrate_cmd: "{{ app_backend_migrate_cmd }}" backend_start_cmd: "{{ app_backend_start_cmd }}" + frontend_install_cmd: "{{ app_frontend_install_cmd }}" + frontend_build_cmd: "{{ app_frontend_build_cmd }}" + frontend_start_cmd: "{{ app_frontend_start_cmd }}" envs: dev: - name: "punimTagBE-dev" - vmid: 9201 - ip: "10.0.10.131/24" + name: "punimTag-dev" + vmid: 9101 + ip: "10.0.10.121/24" gateway: "10.0.10.1" branch: "dev" env_vars: APP_ENV: "dev" - SECRET_PLACEHOLDER: "change-me" + NODE_ENV: "production" + DATABASE_HOST: "10.0.10.181" + DATABASE_PORT: "5432" + DATABASE_URL: "{{ vault_punimtag_database_url_dev | default('postgresql://punimtag_dev_user:CHANGE_ME@10.0.10.181:5432/punimtag_dev') }}" + BACKEND_PORT: "{{ app_backend_port }}" + FRONTEND_PORT: "{{ app_frontend_port }}" + BACKEND_BASE_URL: "http://10.0.10.121:{{ app_backend_port }}" + FRONTEND_BASE_URL: "http://10.0.10.121:{{ app_frontend_port }}" qa: - name: "punimTagBE-qa" - vmid: 9202 - ip: "10.0.10.132/24" + name: "punimTag-qa" + vmid: 9102 + ip: "10.0.10.122/24" gateway: "10.0.10.1" branch: "qa" env_vars: APP_ENV: "qa" - SECRET_PLACEHOLDER: "change-me" + NODE_ENV: "production" + DATABASE_HOST: "10.0.10.181" + DATABASE_PORT: "5432" + DATABASE_URL: "{{ vault_punimtag_database_url_qa | default('postgresql://punimtag_qa_user:CHANGE_ME@10.0.10.181:5432/punimtag_qa') }}" + BACKEND_PORT: "{{ app_backend_port }}" + FRONTEND_PORT: "{{ app_frontend_port }}" + BACKEND_BASE_URL: "http://10.0.10.122:{{ app_backend_port }}" + FRONTEND_BASE_URL: "http://10.0.10.122:{{ app_frontend_port }}" prod: - name: "punimTagBE-prod" - vmid: 9203 - ip: "10.0.10.133/24" + name: "punimTag-prod" + vmid: 9103 + ip: "10.0.10.123/24" gateway: "10.0.10.1" branch: "main" env_vars: APP_ENV: "prod" - SECRET_PLACEHOLDER: "change-me" + NODE_ENV: "production" + DATABASE_HOST: "10.0.10.181" + DATABASE_PORT: "5432" + DATABASE_URL: "{{ vault_punimtag_database_url_prod | default('postgresql://punimtag_prod_user:CHANGE_ME@10.0.10.181:5432/punimtag_prod') }}" + BACKEND_PORT: "{{ app_backend_port }}" + FRONTEND_PORT: "{{ app_frontend_port }}" + BACKEND_BASE_URL: "http://10.0.10.123:{{ app_backend_port }}" + FRONTEND_BASE_URL: "http://10.0.10.123:{{ app_frontend_port }}" mirrormatch: description: "Mirrormatch Prisma/Node backend (dev/qa/prod)." diff --git a/inventories/production/group_vars/all/vault.example.yml b/inventories/production/group_vars/all/vault.example.yml index 7193bf9..b996499 100644 --- a/inventories/production/group_vars/all/vault.example.yml +++ b/inventories/production/group_vars/all/vault.example.yml @@ -70,4 +70,18 @@ vault_mirrormatch_smtp_user: "smtp-user" vault_mirrormatch_smtp_password: "CHANGE_ME" vault_mirrormatch_smtp_from: "MirrorMatch " +# ----------------------------------------------------------------------------- +# punimTag (monorepo) secrets +# ----------------------------------------------------------------------------- +# Optional deploy key for private repo access +vault_punimtag_git_ssh_key: | + -----BEGIN OPENSSH PRIVATE KEY----- + CHANGE_ME + -----END OPENSSH PRIVATE KEY----- + +# Per-environment database URLs (use external Postgres at 10.0.10.181:5432) +vault_punimtag_database_url_dev: "postgresql://punimtag_dev_user:CHANGE_ME@10.0.10.181:5432/punimtag_dev" +vault_punimtag_database_url_qa: "postgresql://punimtag_qa_user:CHANGE_ME@10.0.10.181:5432/punimtag_qa" +vault_punimtag_database_url_prod: "postgresql://punimtag_prod_user:CHANGE_ME@10.0.10.181:5432/punimtag_prod" +