Merge pull request #229 from vimc/vimc-7064

hillalex · web-flow · commit 6780399ed8d3 · 2023-03-30T12:04:38.000+01:00
Add support for new servers
diff --git a/settings/production-v2.json b/settings/production-v2.json
@@ -0,0 +1,25 @@
+{
+  "password_group": "production",
+  "vault_address": "https://vault.dide.ic.ac.uk:8200",
+  "instance_name": "Production",
+  "require_clean_git": false,
+  "notify_channel": "montagu-deploy",
+  "port": 443,
+  "initial_data_source": "bb8_restore",
+  "update_on_deploy": false,
+  "bb8_backup": false,
+  "certificate": "production2",
+  "include_guidance_reports": true,
+  "clone_reports": true,
+  "persist_data": true,
+  "add_test_user": false,
+  "hostname": "production2.montagu.dide.ic.ac.uk",
+  "open_browser": false,
+  "copy_static_files": true,
+  "use_production_db_config": true,
+  "enable_db_replication": true,
+  "orderly_web_api_url": "https://production2.montagu.dide.ic.ac.uk/reports/api/v2",
+  "use_real_diagnostic_reports": true,
+  "email_burden_estimate_uploader": false,
+  "fake_smtp": false
+}
diff --git a/settings/production.json b/settings/production.json
@@ -5,7 +5,7 @@
   "require_clean_git": false,
   "notify_channel": "montagu-deploy",
   "port": 443,
-  "initial_data_source": "restore",
+  "initial_data_source": "bb8_restore",
   "update_on_deploy": false,
   "bb8_backup": true,
   "certificate": "production",
diff --git a/settings/science-v2.json b/settings/science-v2.json
@@ -0,0 +1,25 @@
+{
+  "add_test_user": true,
+  "clone_reports": true,
+  "bb8_backup": false,
+  "open_browser": false,
+  "hostname": "science.montagu.dide.ic.ac.uk",
+  "enable_db_replication": false,
+  "include_guidance_reports": true,
+  "vault_address": "https://vault.dide.ic.ac.uk:8200",
+  "port": 443,
+  "require_clean_git": false,
+  "instance_name": "science",
+  "certificate": "science",
+  "password_group": "science",
+  "initial_data_source": "bb8_restore",
+  "notify_channel": "montagu-deploy",
+  "update_on_deploy": true,
+  "copy_static_files": true,
+  "use_production_db_config": true,
+  "persist_data": true,
+  "orderly_web_api_url": "https://science.montagu.dide.ic.ac.uk/reports/api/v2",
+  "use_real_diagnostic_reports": true,
+  "email_burden_estimate_uploader": false,
+  "fake_smtp": true
+}
diff --git a/settings/uat-v2.json b/settings/uat-v2.json
@@ -0,0 +1,25 @@
+{
+  "add_test_user": true,
+  "bb8_backup": false,
+  "certificate": "uat",
+  "clone_reports": true,
+  "enable_db_replication": false,
+  "hostname": "uat.montagu.dide.ic.ac.uk",
+  "include_guidance_reports": true,
+  "initial_data_source": "bb8_restore",
+  "instance_name": "uat",
+  "notify_channel": "montagu-deploy",
+  "open_browser": false,
+  "password_group": "fake",
+  "persist_data": true,
+  "port": 443,
+  "require_clean_git": false,
+  "update_on_deploy": false,
+  "copy_static_files": true,
+  "use_production_db_config": false,
+  "vault_address": "https://vault.dide.ic.ac.uk:8200",
+  "orderly_web_api_url": "https://uat.montagu.dide.ic.ac.uk/reports/api/v2",
+  "use_real_diagnostic_reports": true,
+  "email_burden_estimate_uploader": false,
+  "fake_smtp": true
+}
diff --git a/src/certificates.py b/src/certificates.py
@@ -18,6 +18,12 @@ def get_ssl_certificate(certificate_type: str):
         result = production()
     elif certificate_type == "support":
         result = support()
+    elif certificate_type == "science":
+        result = science()
+    elif certificate_type == "uat":
+        result = uat()
+    elif certificate_type == "production2":
+        result = production2()
     elif certificate_type == "self_signed_fresh":
         result = self_signed_fresh()
     elif certificate_type == "self_signed":
@@ -66,6 +72,21 @@ def support():
     return real_certificate("support", "support.montagu.crt", "ssl/v2/support/")
 
 
+def science():
+    print("- Using science certificate (science.montagu.dide.ic.ac.uk)")
+    return real_certificate2("science")
+
+
+def uat():
+    print("- Using uat certificate (uat.montagu.dide.ic.ac.uk)")
+    return real_certificate2("uat")
+
+
+def production2():
+    print("- Using production2 certificate (production2.montagu.dide.ic.ac.uk)")
+    return real_certificate2("production2")
+
+
 def real_certificate(local_folder, local_name, vault_path):
     copy(cert_path(local_folder, local_name), paths.ssl)
 
@@ -80,3 +101,21 @@ def real_certificate(local_folder, local_name, vault_path):
         "key": key_path,
         "dhparam": dhparam_path
     }
+
+def real_certificate2(instance_name):
+    vault_path = f"ssl/v2/{instance_name}/"
+
+    cert_path = join(paths.ssl, "ssl.cert")
+    save_secret_to_file(vault_path + "cert", field="value", output=cert_path)
+
+    key_path = join(paths.ssl, "ssl.key")
+    save_secret_to_file(vault_path + "key", field="value", output=key_path)
+
+    dhparam_path = join(paths.ssl, "dhparam.pem")
+    save_secret_to_file(vault_path + "dhparam", field="value", output=dhparam_path)
+
+    return {
+        "certificate": cert_path,
+        "key": key_path,
+        "dhparam": dhparam_path
+    }
