help, Ive torn my acl

notch8 · Jul 15, 2021 · f0f05fc · f0f05fc
1 parent 5f13436
commit f0f05fc
Show file tree

Hide file tree

Showing 4 changed files with 46 additions and 31 deletions.
diff --git a/app/middleware/account_elevator.rb b/app/middleware/account_elevator.rb
@@ -17,7 +17,7 @@ def self.switch!(cname)
     elsif Account.any?
       raise "No tenant found for #{cname}"
     else
-      logger.info "It looks like we're in single tenant mode. No tenant found for #{cname}"
+      Rails.logger.info "It looks like we're in single tenant mode. No tenant found for #{cname}"
     end
   end
 end
diff --git a/config/initializers/carrierwave_config.rb b/config/initializers/carrierwave_config.rb
@@ -11,4 +11,9 @@
     config.aws_bucket = Settings.s3.upload_bucket
     config.aws_acl = 'bucket-owner-full-control'
   end
+elsif !Settings.file_acl || Settings.file_acl == 'false'
+  CarrierWave.configure do |config|
+    config.permissions = nil
+    config.directory_permissions = nil
+  end
 end
diff --git a/config/settings.yml b/config/settings.yml
@@ -11,6 +11,7 @@ multitenancy:
   root_host:
 
 ssl_configured: false
+file_acl: true
 
 action_controller:
   asset_host:

diff --git a/ops/staging-deploy.yaml b/ops/staging-deploy.yaml
@@ -15,20 +15,20 @@ uploadsVolume:
 ingress:
   enabled: true
   hosts:
-    - host: hyku-staging.20.90.72.114.xip.io
+    - host: bl-staging.notch8.cloud
       paths:
         - path: /
-    - host: "*.hyku-staging.20.90.72.114.xip.io"
+    - host: "*.bl-staging.notch8.cloud"
       paths:
         - path: /
 
 extraEnvVars:
   - name: SETTINGS__MULTITENANCY__ADMIN_HOST
-    value: hyku-staging.20.90.72.114.xip.io
+    value: bl-staging.notch8.cloud
   - name: SETTINGS__MULTITENANCY__ROOT_HOST
-    value: hyku-staging.20.90.72.114.xip.io
+    value: bl-staging.notch8.cloud
   - name: SETTINGS__MULTITENANCY__DEFAULT_HOST
-    value: "%{tenant}.hyku-staging.20.90.72.114.xip.io"
+    value: "%{tenant}.bl-staging.notch8.cloud"
   - name: SETTINGS__MULTITENANCY__ADMIN_ONLY_TENANT_CREATION
     value: "false"
   - name: CONFDIR
@@ -40,19 +40,19 @@ extraEnvVars:
   - name: DATABASE_ADAPTER
     value: postgresql
   - name: DATABASE_HOST
-    value: pg-postgresql.staging-postgres.svc.cluster.local
+    value: pg.postgres.svc.cluster.local
   - name: DATABASE_NAME
     value: bl
   - name: DATABASE_USER
     value: postgres
   - name: FCREPO_BASE_PATH
     value: /bl
   - name: FCREPO_HOST
-    value: fcrepo.staging-fcrepo.svc.cluster.local:8080
+    value: hyku-staging-fcrepo:8080
   - name: FCREPO_PATH
     value: /rest
   - name: FEDORA_URL
-    value: http://fcrepo.staging-fcrepo.svc.cluster.local:8080/rest
+    value: http://hyku-staging-fcrepo:8080/rest
   - name: IN_DOCKER
     value: "true"
   - name: LD_LIBRARY_PATH
@@ -82,33 +82,33 @@ extraEnvVars:
   - name: SETTINGS__FITS_PATH
     value: /app/fits/fits.sh
   - name: SETTINGS__MULTITENANCY__ADMIN_HOST
-    value: staging-nnp-web.notch8.cloud
+    value: bl-staging.notch8.cloud
   - name: SETTINGS__MULTITENANCY__ADMIN_ONLY_TENANT_CREATION
     value: "true"
   - name: SETTINGS__MULTITENANCY__DEFAULT_HOST
-    value: staging-nnp-web.notch8.cloud
+    value: "%{tenant}.bl-staging.notch8.cloud"
   - name: SETTINGS__MULTITENANCY__ENABLED
-    value: "false"
+    value: "true"
   - name: SETTINGS__SOLR__COLLECTION_OPTIONS__COLLECTION__CONFIG_NAME
     value: hyku-bl
   - name: SETTINGS__SOLR__CONFIGSET
     value: hyku-bl
   - name: SETTINGS__SOLR__URL
-    value: http://admin:***REMOVED***@solr.staging-solr:8983/solr/
+    value: http://admin:admin@hyku-staging-solr:8983/solr/
   - name: SETTINGS__ZOOKEEPER__CONNECTION_STR
-    value: solr-zookeeper-headless.default:2181/configs
+    value: hyku-solr-zookeeper-headless:2181/configs
   - name: SOLR_ADMIN_USER
     value: admin
   - name: SOLR_COLLECTION_NAME
     value: hyku-bl
   - name: SOLR_CONFIGSET_NAME
     value: hyku-bl
   - name: SOLR_HOST
-    value: solr.staging-solr
+    value: hyku-staging-solr
   - name: SOLR_PORT
     value: "8983"
   - name: SOLR_URL
-    value: http://admin:***REMOVED***@solr.staging-solr:8983/solr/
+    value: http://admin:admin@hyku-staging-solr:8983/solr/
   - name: SMTP_ENABLED
     value: "true"
   - name: SMTP_USER_NAME
@@ -123,6 +123,8 @@ extraEnvVars:
     value: "2525"
   - name: SMTP_TYPE
     value: cram_md5
+  - name: SETTINGS__FILE_ACL
+    value: "false"
 
 worker:
   replicaCount: 1
@@ -133,11 +135,11 @@ worker:
     fsGroupChangePolicy: "OnRootMismatch"
   extraEnvVars:
   - name: SETTINGS__MULTITENANCY__ADMIN_HOST
-    value: adl-hyku-staging.notch8.cloud
+    value: bl-staging.notch8.cloud
   - name: SETTINGS__MULTITENANCY__ROOT_HOST
-    value: adl-hyku-staging.notch8.cloud
+    value: bl-staging.notch8.cloud
   - name: SETTINGS__MULTITENANCY__DEFAULT_HOST
-    value: "%{tenant}.adl-hyku-staging.notch8.cloud"
+    value: "%{tenant}.bl-staging.notch8.cloud"
   - name: SETTINGS__MULTITENANCY__ADMIN_ONLY_TENANT_CREATION
     value: "false"
   - name: CONFDIR
@@ -157,11 +159,11 @@ worker:
   - name: FCREPO_BASE_PATH
     value: /bl
   - name: FCREPO_HOST
-    value: fcrepo.staging-fcrepo.svc.cluster.local:8080
+    value: hyku-staging-fcrepo:8080
   - name: FCREPO_PATH
     value: /rest
   - name: FEDORA_URL
-    value: http://fcrepo.staging-fcrepo.svc.cluster.local:8080/rest
+    value: http://hyku-staging-fcrepo:8080/rest
   - name: IN_DOCKER
     value: "true"
   - name: LD_LIBRARY_PATH
@@ -191,21 +193,21 @@ worker:
   - name: SETTINGS__FITS_PATH
     value: /app/fits/fits.sh
   - name: SETTINGS__MULTITENANCY__ADMIN_HOST
-    value: staging-nnp-web.notch8.cloud
+    value: bl-staging.notch8.cloud
   - name: SETTINGS__MULTITENANCY__ADMIN_ONLY_TENANT_CREATION
     value: "true"
   - name: SETTINGS__MULTITENANCY__DEFAULT_HOST
-    value: staging-nnp-web.notch8.cloud
+    value: "%{tenant}.bl-staging.notch8.cloud"
   - name: SETTINGS__MULTITENANCY__ENABLED
-    value: "false"
+    value: "true"
   - name: SETTINGS__SOLR__COLLECTION_OPTIONS__COLLECTION__CONFIG_NAME
     value: hyku-bl
   - name: SETTINGS__SOLR__CONFIGSET
     value: hyku-bl
   - name: SETTINGS__SOLR__URL
-    value: http://admin:***REMOVED***@solr.staging-solr:8983/solr/
+    value: http://admin:admin@hyku-staging-solr:8983/solr/
   - name: SETTINGS__ZOOKEEPER__CONNECTION_STR
-    value: solr-zookeeper-headless.default:2181/configs
+    value: hyku-solr-zookeeper-headless:2181/configs
   - name: SOLR_ADMIN_USER
     value: admin
   - name: SOLR_COLLECTION_NAME
@@ -217,7 +219,7 @@ worker:
   - name: SOLR_PORT
     value: "8983"
   - name: SOLR_URL
-    value: http://admin:***REMOVED***@solr.staging-solr:8983/solr/
+    value: http://admin:admin@hyku-staging-solr:8983/solr/
   - name: SMTP_ENABLED
     value: "true"
   - name: SMTP_USER_NAME
@@ -232,6 +234,8 @@ worker:
     value: "2525"
   - name: SMTP_TYPE
     value: cram_md5
+  - name: SETTINGS__FILE_ACL
+    value: "false"
 
 podSecurityContext:
   runAsUser: 1001
@@ -244,11 +248,16 @@ embargoRelease:
 leaseRelease:
   enabled: false
 
-imagePullSecrets:
-  - name: gitlab-registry
-
 redis:
-  architecture: standalone
+  cluster:
+    enabled: false
+  password: staging
 
 imagePullSecrets:
   - name: gitlab-registry
+
+solr:
+  replicaCount: 2
+  collectionReplicas: 1
+  zookeeper:
+    replicaCount: 1