diff --git a/.gitignore b/.gitignore index 83242bf..4d84284 100644 --- a/.gitignore +++ b/.gitignore @@ -120,7 +120,7 @@ celerybeat.pid *.sage.py # Environments -# .env +.env .venv env/ venv/ diff --git a/secret_migrator/.env b/secret_migrator/.env deleted file mode 100644 index 62a8621..0000000 --- a/secret_migrator/.env +++ /dev/null @@ -1,153 +0,0 @@ -ENABLE_USER_ENDPOINT=true -ENABLE_ADMIN_ENDPOINT=true -PUBLIC_SWAGGER_SCHEMA=true - -# Redis -REDIS_USE_SENTINEL= -REDIS_SENTINEL_ENABLE_AUTHENTICATION= -REDIS_SENTINEL_PASSWORD= -REDIS_SENTINEL_SERVICE= -REDIS_SENTINELS= - -REDIS_HOST= -REDIS_PORT= -REDIS_PASSWORD= - -# Cache configurations -CACHING_REDIS_DISABLED=true -CACHING_REDIS_DATABASE=0 - -# Task configurations -TASK_WORKER_DISABLED=true -TASK_REDIS_DATABASE=0 - -# Lock configurations -LOCK_REDIS_DISABLED=true -LOCK_REDIS_DATABASE=2 -LOCK_EXPIRE_TIME=120 -LOCK_AUTO_RELEASE=false -LOCK_HOLD_TIME=5 -# Monitor -PROMETHEUS_MULTIPROC_DIR=/tmp/ -# Django configurations -DEBUG=on -SECRET_KEY=django-insecure-nr98kt6$s%^9=$j3=iyrqhx+6k73pm2+)-xdhp$ucje!-=h=_s -DISABLE_IAM=true - -# Database config -DB_NAME=admin -DB_USER=admin -DB_PASSWORD=admin -DB_HOST=localhost -DB_PORT=5432 - -# Cache configurations -## Redis common -CACHING_REDIS_USE_SENTINEL=false -CACHING_REDIS_DISABLE_VERIFY_SSL=true -CACHING_REDIS_PROTO=redis -CACHING_REDIS_DATABASE=0 - -## Redis single node only -CACHING_REDIS_PASSWORD= -CACHING_REDIS_HOST=127.0.0.1 -CACHING_REDIS_PORT=6379 - -## Redis sentinel only -CACHING_REDIS_SENTINEL_SERVICE=my-service -CACHING_REDIS_SENTINELS=sentinel-1:6379,sentinel-2:6379 a,sentinel-3:6379 - -# Task configurations -TASK_BROKER_USE_SENTINEL=false -TASK_BROKER_URL=redis://REDIS_PASSWORD@REDIS_HOST:REDIS_PORT/REDIS_DATABASE -#TASK_BROKER_URL=sentinel://sentinel-1:6379/0;sentinel://sentinel-2:6379/0;sentinel://sentinel-3:6379/0 - -# Email configurations -EMAIL_USE_FILE_BACKEND=true -EMAIL_FILE_PATH=/tmp/app-messages -EMAIL_HOST=localhost -EMAIL_PORT=465 -EMAIL_HOST_USER=user -EMAIL_HOST_PASSWORD=password -EMAIL_USE_SSL=true -DEFAULT_FROM_EMAIL=admin@localhost.com - -# Keycloak configurations -KEYCLOAK_SERVER_URL=https://10.61.123.211:8443/auth/ -KEYCLOAK_REALM_NAME=viettel-cloud -KEYCLOAK_CLIENT_ID=cmp-backend -KEYCLOAK_CLIENT_SECRET_KEY=jRVpdwmUg3cqwM2N5Z7febCREvseg2tH -KEYCLOAK_VERIFY_SSL=false - -# Container registry configurations -CONTAINER_REGISTRY_PRIVATE_URL=http://10.60.17.211:8088 -CONTAINER_REGISTRY_PUBLIC_URL="" -CONTAINER_REGISTRY_ADMIN_USER=admin -CONTAINER_REGISTRY_ADMIN_PASSWORD=Harbor12345 -CONTAINER_REGISTRY_API_VERSION=v2.0 -CONTAINER_REGISTRY_VERIFY_SSL=false - -# KAAS Configuration (base64-encoded version of the kubeconfig file) -KAAS_KUBE_CONFIG=YXBpVmVyc2lvbjogdjEKa2luZDogQ29uZmlnCnByZWZlcmVuY2VzOiB7fQpjdXJyZW50LWNvbnRleHQ6IGt1YmVybmV0ZXMtYWRtaW5AY2x1c3Rlci1rOHMtdnRuZXQtY2xvdWQtdGVhbQpjbHVzdGVyczoKICAtIG5hbWU6IGNsdXN0ZXItazhzLXZ0bmV0LWNsb3VkLXRlYW0KICAgIGNsdXN0ZXI6CiAgICAgIGNlcnRpZmljYXRlLWF1dGhvcml0eS1kYXRhOiA+LQogICAgICAgIExTMHRMUzFDUlVkSlRpQkRSVkpVU1VaSlEwRlVSUzB0TFMwdENrMUpTVU0xZWtORFFXTXJaMEYzU1VKQlowbENRVVJCVGtKbmEzRm9hMmxIT1hjd1FrRlJjMFpCUkVGV1RWSk5kMFZSV1VSV1VWRkVSWGR3Y21SWFNtd0tZMjAxYkdSSFZucE5RalJZUkZSSmVFMVVSWGhQUkVFeVRsUkJlazB4YjFoRVZFMTRUVlJGZUU1cVFUSk9WRUY2VFRGdmQwWlVSVlJOUWtWSFFURlZSUXBCZUUxTFlUTldhVnBZU25WYVdGSnNZM3BEUTBGVFNYZEVVVmxLUzI5YVNXaDJZMDVCVVVWQ1FsRkJSR2RuUlZCQlJFTkRRVkZ2UTJkblJVSkJUR2R4Q25aV1JYcG5kMjgzVm5oVmJVbGpZU3N5TldScU1IcG1lazR5ZUdGbU1UTk9RV3BzUlZGWVRWWkNUSFZ0V0RsUFZVbHJNMWsyZFVwT1YySllVRUY2Tm1ZS1dsZGhVMnd4VUc1S1RFMXBlR294VjBodWJqWlFSVk55UmxwM1FXaERha3R6WW5NNE9ETlBjVTFpU21KTGJVbHBkR1JPU1VaUmRIbG5jWEZQUzFONVRRcGlVVzF3Y0VjelUwdFVMMDlLVWpoemJuZzJWa2RKUTFCUVZIQkpPSEYwTXpSUWFrNDJUbmxoWVZkdFRHcEVUWHBZYldwUlRIUTRiMHA0YlZZeE56VnNDa1ZIT1VscVpqaFhRM0pQVm5wSWRrVjBlbWhSUVVaRmRUVkxabE5sTkdaWmFUZ3haMFk1TjI5UlRHdG1RVkJzUjBSNU9UazRWRWRVUkdJNVFsRkRiU3NLT0ZnNWREVmtSWGd6VkdSWk0zQm1WR3A0YlhvdmJHRjFMeXRvUkRkSmNEbE9jV2RFVldobWJIVk5ZemRPWlhkdGEwa3hLMDVQVm1aMlZYVXhNa3RCZGdwMVFuVmhWa0pIUWxoWU9WaEdaalJNZGxjNFEwRjNSVUZCWVU1RFRVVkJkMFJuV1VSV1VqQlFRVkZJTDBKQlVVUkJaMHRyVFVFNFIwRXhWV1JGZDBWQ0NpOTNVVVpOUVUxQ1FXWTRkMGhSV1VSV1VqQlBRa0paUlVaTlVWaG1SV1UzTDJSNmN6bDJjRzFoYVUxSWIzRlJiaTlNUXpkTlFUQkhRMU54UjFOSllqTUtSRkZGUWtOM1ZVRkJORWxDUVZGQ1IycGFTM0JMYWs4MVlrSlZiMmhLYkcwMVl5OUhWRkZKVjJ4U1ZuQkhVVVpxUzFacWEzWlpVeko1WlRaRlMyMVpTd28ySzFKeWJUUlZXVTlvWlRkUFRHOVRLek4xYlVWek9EZHZSMFZLTW1sdk5UVXdaVTh4UTNkc2JIUTFhakZtUTFwdlYwVnlaa2RYVEdObFZVTnJaR2h6Q25aQ2JHbFFWV2hQZUhGUlMzbENWVlJ4Ym5CR1RWVnRObkZxTm5oRE5XNVZaaTlDWWtoeFFqaGpSMDVSYjFRNVNUTTRkRUl2UTNwSk5YTlZkRFJIVFU4S05uZHZZVEZGZVZKTVl6Vm1TaXQ1UzNKUUt6ZEljbGRVTlVaWlVUaFNOVEJGWldGSmNsbFJUekJ6WW5jemIwbHlWbkJWWTFSa2EwcFVibWRDTmpJeVRRbzBkSGxJYVM5NE0wbGhORnBqVHpsVk5uZERaMjVYTVN0dmMxYzVjWGRPZVhreFQyY3ZUSFUwVVZaUVdVeEpkRlIwZGxScVpVOVJPV292YWxkVWRYaEZDbEIyTUd0UGVsZ3dUV2RZVWt4U2EyVnljMjUwWWxGcVdIbHNWVzlxWVRnclVTOUlZUW90TFMwdExVVk9SQ0JEUlZKVVNVWkpRMEZVUlMwdExTMHRDZz09CiAgICAgIHNlcnZlcjogJ2h0dHBzOi8vMTAuMjQwLjIwMy4yMTQ6ODA4NCcKICAgICAgaW5zZWN1cmUtc2tpcC10bHMtdmVyaWZ5OiBmYWxzZQpjb250ZXh0czoKICAtIG5hbWU6IGt1YmVybmV0ZXMtYWRtaW5AY2x1c3Rlci1rOHMtdnRuZXQtY2xvdWQtdGVhbQogICAgY29udGV4dDoKICAgICAgY2x1c3RlcjogY2x1c3Rlci1rOHMtdnRuZXQtY2xvdWQtdGVhbQogICAgICB1c2VyOiBrdWJlcm5ldGVzLWFkbWluCnVzZXJzOgogIC0gbmFtZToga3ViZXJuZXRlcy1hZG1pbgogICAgdXNlcjoKICAgICAgY2xpZW50LWNlcnRpZmljYXRlLWRhdGE6ID4tCiAgICAgICAgTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVUkZla05EUVdaMVowRjNTVUpCWjBsSlVGVmpVMlJyU0hGWVpUQjNSRkZaU2t0dldrbG9kbU5PUVZGRlRFSlJRWGRHVkVWVVRVSkZSMEV4VlVVS1FYaE5TMkV6Vm1sYVdFcDFXbGhTYkdONlFXVkdkekI1VFZSRmVFMVVaM2RPYWxWM1RYcE9ZVVozTUhsTmFrVjRUVlJuZDA1cVZYZE5lbEpoVFVSUmVBcEdla0ZXUW1kT1ZrSkJiMVJFYms0MVl6TlNiR0pVY0hSWldFNHdXbGhLZWsxU2EzZEdkMWxFVmxGUlJFVjRRbkprVjBwc1kyMDFiR1JIVm5wTVYwWnJDbUpYYkhWTlNVbENTV3BCVGtKbmEzRm9hMmxIT1hjd1FrRlJSVVpCUVU5RFFWRTRRVTFKU1VKRFowdERRVkZGUVc5MlNHUlNhamhVYms0dlpFcHdVa3NLY3pnMFQwRktUa3A0WTB0WFZWQTFibUZ1VW5Wc1lXWmFZMU53WWk5eUsxUlZibmR4TDJGSlQyaDJXVEJqWjJGMVZYZFFXbUpqY1U1dVJrMXlVbXhDVEFwUFdubzBWVmRXVFdOWFdqQmhZVEZFZDNOVWQzbFRSamM0SzJaRGRrNTVRa3RUYVhaU00ySkNPVFJUWmk5VFJrRlNUakF4SzFrNE1tZHhUamRpU1ZoakNrVllVVFYzVkZaNFppdDRhWHByUkRsSVpUTldVVkZNVTNVMVJpOVVjblI0TkZOb1VVSnRUVTU0TTAwMGFEZEJNMHRETVN0S2VqSnZZMGg1U2xKMmFVVUtNbXRMYld0RUt6QkJNa1U0Tm1WVlpYSjJOSFpyUmxSMFpFbDFRWGR1WVRGdlRYSktSMUZ0T1ZwTFNrWkRSMFk0ZUVsM01XWnpObEEzYnpKQk5UaHFMd3BtUW1oNmNFdDBPVkprS3pBd2NXdElNRUZxT1c1UE0zSlVkMmRHUTNrd2FEaHRXWEpFVTNadGEwTnNkMXBGVDFFNGFqZFljR2wyV0hSWk5tVnlOMWN2Q2tRMVZYaFBkMGxFUVZGQlFtOHdaM2RTYWtGUFFtZE9Wa2hST0VKQlpqaEZRa0ZOUTBKaFFYZEZkMWxFVmxJd2JFSkJkM2REWjFsSlMzZFpRa0pSVlVnS1FYZEpkMGgzV1VSV1VqQnFRa0puZDBadlFWVjRRbVE0VWpkMk9UTlBlaklyYlZweFNYZGxhWEJEWmpoelRITjNSRkZaU2t0dldrbG9kbU5PUVZGRlRBcENVVUZFWjJkRlFrRkpWME5NZEdNdllrTXpkQ3RYYzI1RmRWaFpLeXRVVVc5UGFFUkJZV1F4VXpoWlpXcDBTa1kwU1V0eWVraE9TMGN2UnpObk9TOTNDamh2Y1RCa2RGbDNaazVLTlVSNlEyTjFOa3d6VUhKWE5ISnBLMWROZVZvM2RTOVdkVmwxUWtOV05rVlJha3RhYVd4WGEzRmpRVXd4S3pWeVJEWkVkemdLY1dKUmNqTTRSVlJIWVdkWmNFNW5SblJTYW5OSmIzTXpVbVZwTms5WlZHbHNZemhrU0RBeGRGTklLM0kzZEhjeVRrdEpVbXAwWlZkRFlUUlZMMUF2UmdwdmNtNXZZVGh3TVZKVk0xUmhURnBZYlVObFVrSlNWMDFGYlRGbVZtSjJLM1pMZUM5eFVHSXJlR1J1TmpCT2VIUklabWxLZEM5VWVuZGFUVzVzZVVwdkNqZFVjMUZHTW05aFdUZzFOVTFJYVdGNlREVkZWbkppWjFCMlJuTm9MMXBxU0c1MWJ6QmhjM2RxTDJORWFFbElWRmw1Y2pGM2JHbDBVVTEyU0UxcFRFOEtLMHhEVEdSbFNWTnlSMFI1ZGtFNFNHOVJWekExVWxKdU9YQkdXbFpFYnowS0xTMHRMUzFGVGtRZ1EwVlNWRWxHU1VOQlZFVXRMUzB0TFFvPQogICAgICBjbGllbnQta2V5LWRhdGE6ID4tCiAgICAgICAgTFMwdExTMUNSVWRKVGlCU1UwRWdVRkpKVmtGVVJTQkxSVmt0TFMwdExRcE5TVWxGY0VGSlFrRkJTME5CVVVWQmIzWklaRkpxT0ZSdVRpOWtTbkJTUzNNNE5FOUJTazVLZUdOTFYxVlFOVzVoYmxKMWJHRm1XbU5UY0dJdmNpdFVDbFZ1ZDNFdllVbFBhSFpaTUdObllYVlZkMUJhWW1OeFRtNUdUWEpTYkVKTVQxcDZORlZYVmsxalYxb3dZV0V4UkhkelZIZDVVMFkzT0N0bVEzWk9lVUlLUzFOcGRsSXpZa0k1TkZObUwxTkdRVkpPTURFcldUZ3laM0ZPTjJKSldHTkZXRkUxZDFSV2VHWXJlR2w2YTBRNVNHVXpWbEZSVEZOMU5VWXZWSEowZUFvMFUyaFJRbTFOVG5nelRUUm9OMEV6UzBNeEswcDZNbTlqU0hsS1VuWnBSVEpyUzIxclJDc3dRVEpGT0RabFZXVnlkalIyYTBaVWRHUkpkVUYzYm1FeENtOU5ja3BIVVcwNVdrdEtSa05IUmpoNFNYY3habk0yVURkdk1rRTFPR292WmtKb2VuQkxkRGxTWkNzd01IRnJTREJCYWpsdVR6TnlWSGRuUmtONU1HZ0tPRzFaY2tSVGRtMXJRMngzV2tWUFVUaHFOMWh3YVhaWWRGazJaWEkzVnk5RU5WVjRUM2RKUkVGUlFVSkJiMGxDUVVONVlqbHhOVU50YjFnMlN6ZDBhUXBKWTJ3d1FXaFdZVkJZYjNOMVlWcFhNemd3Wmt4NE9EbHZjVkFyY1hONmJHVmtiVGxOU3k5aVlrRnhOalJOVkU4eU1qZFRkMUJZZWpORE1FNHZLM3A1Q2tWdldXeFhWRFF2WXpGM1oxcHZTaTg0ZFhOb2NUWkpSWHB6UTBwc1MwUk1OVmhvTVUxUVpIQndaRk42ZEVoR1ExcDVkbnBQT1VkcmVWcEhaVmhETTNJS2RqaElkbWhrYUVaWU1YUmpVbVpwWkdocE5YQmlSbUYxUWxNNVoxTkJVRWcyVlVOc09VRTRhVlV5Y1hJeVNHRXpjMlZoYjBkcldqRlhVVlIzYW5NMlJnb3JkV0ZGTmxSb0t6bElSRmRGT1VoaVExaFdhMWRpUlV0eVptdFVhMWRyVG1sNlVXSnFWR1EwWW1Sd1F6WXZRV3hGV0RWaVFWUnNkV3hHWlVOQmNGQnJDa3BVTlVnd2JUVkNPR0YyU0M5WlYxSlpPVUpWTlhKdUwxRlFUVTFJV0M5VlZIZG9iV3RLZWt4clFuQnFiMkpoTDBGeFpHTkhUVVJXY0cxU1VDdGFWMFVLUVd0RU9YaFVSVU5uV1VWQk1VeHhTMEU1Ym1GUVNqaHplbWxwWlV4MFJuSlJha2hOWlRKWVdGSjBSMDFTWVhkaFV6WkNOVUpxVG1KVFJsVlVSWGc0UWdwNWRUVmlZbVpJYzJzM1RucHdLMnhGWTFKWU5HdGxSamN4YVdFNFZFVXhPR3BxYVU1QmJqRjNVVEJyV1VKNmVXWjRUV0pHU3pCeU5USldWRUZIVVRReENtZDFia2d3WXpoTWEwRXpVbkp3VkdOTFZFNDFOVFJWU0RKQ2VGRlVTblI1VDAwclZtaEhTMVZDVUc5a2MxWnhjRWxJWTBSWFVUQkRaMWxGUVhoQ1luSUtWemROTDJkNGRVOWpiR2RNVUdGemVEWm5OVEp5TWxORk9EUllOWEF2YzBkU1RFTjZhMnN5U21oT1RVNW9UbkJ0VTJ4MVpXOWlTRFpqVlZkUmVtczVSUXBNTVdjcllqTkxXalZtUzJwQ1ltODFUemhhUzBwRk1razJSU3RzUjJVMGRYaDRiblE0U2trdllWRlRiSEp5Umpsa1YyZzRRbk0zY0dFMFVXdDFVbGQ0Q2pOdVVXbG1lakI2Y0hrMFZXMDNRbWhYVUZWd05rcDNOSEZzVFM4ek9UZE5NekYyT0d0WFkwTm5XVVZCYUdscmRrdGpZVmhOUjNocE5GcEpWVlZSY1dFS1ZIRkZRbWxWUm5SU05tbFpaM05vVEhaVE5YcHdWV3d5V2tkUWFrbzRaME5hVnpFeVJrSjZhbE42VGpreVdWQjNUMnBJVmtadmRsTm5abXByUVVkMFR3cENjRkEzZFc1d1NqbDFWaXRXWmtsVFFWSlJjUzlYWWtoMFFqQlVSMkp2ZDFoWFVEZE9XVTFUYXpoT2FsaHRkR0ptYkVOTmNsVnlhelkxVEZCM1kwTXpDbWhOVkVkVmVuVnZhRzl6U0dSMlluRmxlVTFVTlZoRlEyZFpRa0ZGZUd0MlMzTkNZazFDY2pRMVEyOTNTMWwxZVRWeE1FUnVVRFJSYzFSMWJVWXhSM2tLUTIxa2VreERSQ3R3VWxKeE1FRTNVM2d5VG5Kb1RWQkpWbUZ1SzNORmIyZHBiRFZGWm5CamNGYzBURWh6VmxaWldXWkJRMDF6TDBVd1dtMXhaMjVyU1FwdFJVWXlPV1ZOUVdoM1RUUjBWV3BCYmpkaEwxcHpaRUpYWW01RFVGRlBWa3BETDA1clozTmFNblZZYWtKa2VWcGxLM05KTVd4MGVERkxaM1p0UW1OeUNpdFdkbkpwZDB0Q1oxRkRSR3g0WVdaRWJWQm5jR3g1ZWl0cWFqaDVURUpXUVhsRFducExRMEl4WW00NU5XMUpSMWRMVVRSbU5VSTRWVE5EVDFSYVQzZ0tVVFpXZGpselMxcG5VM1JsU21KSmFITmFiRUpSY0dRM2Ftd3lRak14V0Rnd1NrdDNWRVZTZFdsbkwwUXplamN5Y1Rsd2JEYzNLMGh1WWk5clVrUktNd29yUVc5TWRuQnRUM3BYTW1vNVdFSk1lQzkxTTBoM1ZrZ3ljWFV6Y25sdWEydHZWMnBKU0ZaTUwybElWbTlFYjAxTGNHZFlRMEU5UFFvdExTMHRMVVZPUkNCU1UwRWdVRkpKVmtGVVJTQkxSVmt0TFMwdExRbz0K -KAAS_CLOUD_INFO=ewogICAgIlJlZ2lvbi1hYmMiOiB7CiAgICAgICAgImV4dGVybmFsX25ldHdvcmtfaWQiOiAiYWJjIiwKICAgICAgICAiZG5zX3NlcnZlciI6IFsiMTAuMC4wLjEiXSwKICAgICAgICAia2V5X3BhaXIiOiAiYWJjIiwKICAgICAgICAiazhzX2Nsb3VkX2NvbmZpZ19zZWNyZXQiOiAiYWJjLWNvbmZpZyIsCiAgICAgICAgIms4czJjbG91ZF9jcmVkX2Jhc2U2NCI6ICJZV0pqIiwKICAgICAgICAiZmFpbHVyZV9kb21haW4iOiBbImFiYyJdCiAgICB9Cn0= -KAAS_CONTROL_PLANE_FLAVOR=xxx -KAAS_MACHINE_IMAGE_PREFIX=xxx -KAAS_CLUSTER_IMAGE_REPOSITORY=xxx - -# IAAS configurations -IAAS_API_VERSION=v1 -IAAS_API_ENDPOINT=http://10.240.234.212:8000 -IAAS_API_TOKEN=33390b96f533551d26ebdba2637c366edd628227 -IAAS_DISABLE_SYNC_TENANT=false -IAAS_API_RETRY_STATUS_CODE_LIST="413,429,500,502,503,504" -IAAS_API_RETRY_TOTAL=0 - -# Object Storage Configuration -OBJECT_STORAGE_API_ENDPOINT=https://10.240.201.235:8888 -OBJECT_STORAGE_ADMIN_ACCESS_KEY=SQ45MB2LG6E1MBPQQXN4 -OBJECT_STORAGE_ADMIN_SECRET_KEY=RZDsp4FBEVHHGox3MqCCOjEG0Zz6a98R83k0sWjg -OBJECT_STORAGE_VERIFY_SSL=false -OBJECT_STORAGE_DOMAIN=https://10.240.201.235:8888 - -# Vault configuration -VAULT_URL=url -VAULT_TOKEN=token -VAULT_CMP_SECRET_ENGINE=cmp - -# Media storage configuration -USE_OBJECT_STORAGE=false -STORAGE_BACKEND=storages.backends.s3boto3.S3Boto3Storage -STORAGE_CONFIG_S3_ACCESS_KEY_ID=61O9GA9T0WIUVZJI0QR7 -STORAGE_CONFIG_S3_SECRET_ACCESS_KEY=vKkUfNyGOJ8rHDsAxT3I7W8c8BL43sHicBEl0RfO -STORAGE_CONFIG_S3_STORAGE_BUCKET_NAME=cmp-product -STORAGE_CONFIG_S3_ENDPOINT_URL=http://10.240.201.235:8892 -STORAGE_CONFIG_S3_FILE_OVERWRITE=false -OBJECT_STORAGE_VERIFY_SSL=false - - -# Key management configuration -SECRET_MANAGER_VAULT_URL=https://10.240.201.218:8200 -SECRET_MANAGER_VAULT_TOKEN=hvs.PFtlPPJ5Yt6u9tuBoSuIprzP -SECRET_MANAGER_VAULT_SECRET_ENGINE=secret-manager -SECRET_MANAGER_VAULT_VERIFY_SSL=false - -KAAS_OS_TOKEN= - - -CONTAINER_REGISTRY_DISABLE_SYNC_TENANT=true -KAAS_DISABLE_SYNC_TENANT=true -IAAS_DISABLE_SYNC_TENANT=true -DISABLE_IAM=true - -CONSUL_KV_HOST=10.255.186.51 -CONSUL_KV_PORT=8500 - -KEYCLOAK_PUBLIC_KEY=123 -KAAS_VAULT_SECRET_ENGINE= -LOCK_REDIS_URL= -# Flower API config -FLOWER_URL=http://127.0.0.1:5555 -ENABLE_ACTION_LOG=true -#ENABLE_ACTION_LOG=false -MAX_DAY_QUERY_ACTIVITY_LOG=20 -REDIS_PASSWORD=password \ No newline at end of file diff --git a/secret_migrator/common.env b/secret_migrator/common.env new file mode 100644 index 0000000..0e0b793 --- /dev/null +++ b/secret_migrator/common.env @@ -0,0 +1,262 @@ +# Django configurations +DEBUG=True +SECRET_KEY=django-insecure-nr98kt6$s%^9=$j3=iyrqhx+6k73pm2+)-xdhp$ucje!-=h=_s + +# Application configurations +DISABLE_IAM=False +DISABLE_SYNC_TENANT=false +ENABLE_USER_ENDPOINT=true +ENABLE_ADMIN_ENDPOINT=true +PUBLIC_SWAGGER_SCHEMA=True +PROMETHEUS_MULTIPROC_DIR=/tmp/ +SYSLOG_ADDRESS=127.0.0.1 +SYSLOG_PORT=5514 + +# Media file storage config +USE_OBJECT_STORAGE=True +STORAGE_CONFIG_S3_ACCESS_KEY_ID=61O9GA9T0WIUVZJI0QR7 +STORAGE_CONFIG_S3_SECRET_ACCESS_KEY=vKkUfNyGOJ8rHDsAxT3I7W8c8BL43sHicBEl0RfO +STORAGE_CONFIG_S3_STORAGE_BUCKET_NAME=cmp-product +STORAGE_CONFIG_S3_ENDPOINT_URL=https://10.240.201.233/ +STORAGE_CONFIG_S3_FILE_OVERWRITE=False + +# Database config +DB_NAME=backend +DB_USER=backend +DB_PASSWORD=password +DB_HOST=10.9.9.71 +DB_PORT=5433 + +# Redis config +REDIS_USE_SENTINEL=True + +## Sentinel configurations +REDIS_SENTINEL_SERVICE=mymaster +REDIS_SENTINELS=10.9.9.115:26379,10.9.9.22:26379,10.9.9.12:26379 + +## Redis-standalone configurations +REDIS_HOST=backend-redis +REDIS_PORT=6379 +REDIS_PASSWORD=password + +# Cache configurations +CACHING_REDIS_DISABLED=false +CACHING_REDIS_DATABASE=0 + +# Task configurations +TASK_WORKER_DISABLED=false +TASK_REDIS_DATABASE=1 + +# Lock configurations +LOCK_REDIS_DISABLED=false +LOCK_REDIS_DATABASE=2 +LOCK_EXPIRE_TIME=120 +LOCK_AUTO_RELEASE=false +LOCK_HOLD_TIME=5 + +# Email configurations +EMAIL_USE_FILE_BACKEND=False +EMAIL_FILE_PATH=/tmp/app-messages +EMAIL_HOST=10.240.201.49 +EMAIL_PORT=9011 +EMAIL_HOST_USER=cloud@viettel.com.vn +EMAIL_HOST_PASSWORD=WXbkk5gj5sTzupt932Vyow6B38PgcJR8MeqDCLg@ +EMAIL_USE_SSL=False +DEFAULT_FROM_EMAIL=cloud@viettel.com.vn + + +# Keycloak configurations +KEYCLOAK_SERVER_URL=https://10.240.234.20:8080/ +KEYCLOAK_REALM_NAME=viettel-cloud +KEYCLOAK_PUBLIC_KEY=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeacIBpoeol8uK811RtLOA7qo7qyGGvatf1G5RMuAW6EOmTRuk5H+qUqe4bJIFWygZ45RS49G47rVVn/EbflRNXCmoyoQSfP1dvU+XvzN5922IfO2AfAkUWqn/Nw0TNDeJ2naHXQynMbNytljzLDOiqlV90cDw3dgjJS5VcywJwkBMTEzGi8Zt9eoLZFH6WzbHK/q6gp/lWQMkFNlQyOGBbilsIdZ7KgqY2RFVf2yQUNe65RBu37zWpwWGEi6Qznny42ZDptFWdCzThPYPhDOu31o9kojyRoePI3tLj5OINUzLzYBonqEEnqyD8csamr+51d7zwusDQq45seewNsVQIDAQAB +KEYCLOAK_CLIENT_ID=cmp-backend +KEYCLOAK_CLIENT_SECRET_KEY=DpJiGn5RkyTxg8ILOVEfSQ5IQZHekixu +KEYCLOAK_VERIFY_SSL=False +KEYCLOAK_DISABLE_SYNC_TENANT=true + + +# Invitation configurations +INVITATION_EXPIRY_TIMEOUT=300 +INVITATION_BASE_URL=https://10.240.234.20/invitation/project-user +GROUP_USER_INVITATION_BASE_URL=https://10.240.234.20/invitation/group-user + + +# Container registry configurations +CONTAINER_REGISTRY_PRIVATE_URL=https://10.240.234.71:8003 +CONTAINER_REGISTRY_PUBLIC_URL= +CONTAINER_REGISTRY_ADMIN_USER=admin +CONTAINER_REGISTRY_ADMIN_PASSWORD=Harbor12345 +CONTAINER_REGISTRY_API_VERSION=v2.0 +CONTAINER_REGISTRY_VERIFY_SSL=False +CONTAINER_REGISTRY_DISABLE_SYNC_TENANT=True +CONTAINER_REGISTRY_ACTIVE_REGIONS=vn-central-1 + + +# KAAS Configuration (base64-encoded version of the kubeconfig file) +KAAS_KUBE_CONFIG=YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIGNlcnRpZmljYXRlLWF1dGhvcml0eS1kYXRhOiBMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VNdmFrTkRRV1ZoWjBGM1NVSkJaMGxDUVVSQlRrSm5hM0ZvYTJsSE9YY3dRa0ZSYzBaQlJFRldUVkpOZDBWUldVUldVVkZFUlhkd2NtUlhTbXdLWTIwMWJHUkhWbnBOUWpSWVJGUkplazFFWTNoTlZFRTBUbFJKZWs1V2IxaEVWRTE2VFVSamQwOUVRVFJPVkVsNlRsWnZkMFpVUlZSTlFrVkhRVEZWUlFwQmVFMUxZVE5XYVZwWVNuVmFXRkpzWTNwRFEwRlRTWGRFVVZsS1MyOWFTV2gyWTA1QlVVVkNRbEZCUkdkblJWQkJSRU5EUVZGdlEyZG5SVUpCVEVreENrNTZWbWhqT1VKNWNXcDVSRlZyTW1WdU0yOXJXVXBWWTFCdFowODVjbVJwUXl0T1RFcFFaMEpzUlZCQ2FWSlhSbFZKZVROd2IyeHphV0psZWxkaGVra0taRGQxUmtReE1YUXlOMVJ5V2poaGFrNDBSMkpuZERSV2RHWXhjRVZ6UlZoWmVHbGFPR0ZxYTI1UVVWaDRUMlY0VkZKc2VESm9iVTVuVm5SUFdrOUdhUXB1VUROTlozTnJVMXBhY1hOUlZuQk1OVzkzYkdWMFZVNXdVMDF2T1U1WmRYSkZUMk5TTWk5RVkxQmlSVkpJZDJ0RWF6UlZTSFpyY3l0VWNYcFhjeXRLQ25kaFVXbEVkVVI1U2paSldITmtSMHhEZHk5UGJVVTVOWFpJZGl0a1NGaElPVXAwUXpGaVRFMHJiRWQ1YVRGTU4yc3dkVWt5YVhScGFGWTRWVUV4YVZBS09FNXVVbmxSU1U1T1QyNVVVMDgzY2s4NGFESmFRVE5DZFdKdU4xQjZNMVZyYmxRdk9XTkhhbW92ZEM5UVIyVlhXVFk1ZGpCbFNYWldUakpEWkRrd1p3cGFVM1F2VWxNNVdTOUxOMU1yTkRJMGJHZEZRMEYzUlVGQllVNWFUVVpqZDBSbldVUldVakJRUVZGSUwwSkJVVVJCWjB0clRVRTRSMEV4VldSRmQwVkNDaTkzVVVaTlFVMUNRV1k0ZDBoUldVUldVakJQUWtKWlJVWkNVMVp1VVRkM04wUnlLM1pJZW5KS1Z5dG1RWE42YTJseWJIWk5RbFZIUVRGVlpFVlJVVThLVFVGNVEwTnRkREZaYlZaNVltMVdNRnBZVFhkRVVWbEtTMjlhU1doMlkwNUJVVVZNUWxGQlJHZG5SVUpCUTNaWGF6SXdXbTFNVVVsbGVqVXhiSEJIZWdwUGJ6Rk5SalowU3pkNVFuWXJkMk5KVEZoUFdHTXZWVlY0Wm1oNmJVOUJRMWRTZURaYVdrdDFZV1ZSWVVobWJXVnZka2wzZDFKMlNIZDJSbmxEV0dKQ0NqZzRkVEJqYkZCQ1RIZ3lkRVJNVkhGMWRsWXZSM0JLWWprM1pGZExjbHBrVmpSSU1XOHZOM296T1N0Q01FbDNWbGxTVDJFdlQzQkJaR1psY2xsdVUxb0tOMDVCVEUxcGVXUk9XRGRyVkdWVVRrSjBTWFZGVldScFVFUndXR1Y1WkhoV0wya3ljbHBCZUZWc1VHc3hOek0xSzNCaWMzY3hkMHRwU20xSVlrY3dZd3A2TDFsdGMzWTVRa1V3VWpReFZFWjJZVzlXWVdkcWFXTmxWVEF5V1ZkV01YVkxjMlJTWjNKUlUwcHJNQzlsUW1kV2NUUmxja293V1haVlMxWnpWRVJZQ2toeFFWY3hObTE0VWxFelp6RjJaR05FWm1SWFN6Wk9hbUl3VkU0MU5XSjFTMnBRUTJaeEsxbENkakJ1ZFRoQ1MyVkNiVkZpWkRKYWJHUTVhak5oUWpNS1VsVnZQUW90TFMwdExVVk9SQ0JEUlZKVVNVWkpRMEZVUlMwdExTMHRDZz09CiAgICBzZXJ2ZXI6IGh0dHBzOi8vMTAuMjQwLjIwMS4xNDE6NjQ0NAogIG5hbWU6IGtpbmQta2luZApjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3Rlcjoga2luZC1raW5kCiAgICBuYW1lc3BhY2U6IGRlZmF1bHQKICAgIHVzZXI6IGtpbmQta2luZAogIG5hbWU6IGtpbmQta2luZApjdXJyZW50LWNvbnRleHQ6IGtpbmQta2luZApraW5kOiBDb25maWcKcHJlZmVyZW5jZXM6IHt9CnVzZXJzOgotIG5hbWU6IGtpbmQta2luZAogIHVzZXI6CiAgICBjbGllbnQtY2VydGlmaWNhdGUtZGF0YTogTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVUkpWRU5EUVdkdFowRjNTVUpCWjBsSlEwWjBhMDF5TTFONmFIZDNSRkZaU2t0dldrbG9kbU5PUVZGRlRFSlJRWGRHVkVWVVRVSkZSMEV4VlVVS1FYaE5TMkV6Vm1sYVdFcDFXbGhTYkdONlFXVkdkekI1VFhwQk0wMVVSWGRQUkZWNVRYcFdZVVozTUhsT1JFRXpUVlJCZDA5RVZYbE9SRVpoVFVSUmVBcEdla0ZXUW1kT1ZrSkJiMVJFYms0MVl6TlNiR0pVY0hSWldFNHdXbGhLZWsxU2EzZEdkMWxFVmxGUlJFVjRRbkprVjBwc1kyMDFiR1JIVm5wTVYwWnJDbUpYYkhWTlNVbENTV3BCVGtKbmEzRm9hMmxIT1hjd1FrRlJSVVpCUVU5RFFWRTRRVTFKU1VKRFowdERRVkZGUVhZclVHSkRPRmRyYWprdlFqTlJha1FLV0Zjd1J6bEZaMUJuYVVJNVZYcFZObkV2VFcwMFdHeHZkazlaU0dRNGVXTlZiSFpKVjFFMWVERTFPVEpJYzJkUGRFZ3dOVUZ3ZERaRlYwUXJhM0pJZEFwRGVVTjFaRFJvVlc5TFVERkJPWEJIUmtGS0x6SlNjRkl5V1RONGNFeE1PVU4wVVRkQlUxZG1kUzlMVGtvd2JrZFFXV1I2VG10NmJFcEthRlZ4TUdsWkNuVlZiak5FSzBsdVZGVm5XVlZFUW5sQlRIRkpPVXh4ZDNWa2NIQkVLMngyT0ZwNlYyZFJVa3hqZGpKMksyUm5WRmR1YVV0TE1rVnBlSGRDVUd0bVUwY0tPWFVyUnpKNlprSkRWV1ZaVW5wTmIyVlVObVoxUlVWbmJXeFNha0p4ZEVOUFUzazFXRWxTY3pGRGRERmpUbXgyWjNWdFRITkhTQ3M1VDJ4T0wzQjBiQW93TjNScWNtcGhabE13Tm1kR1YyeGhjM055WlZwTlRraHpSMk5IZVVKcVUwZG1PWGQ2ZUhOSFNrNVZMMmRvUkVac1RYbG9TV3hoZG5WalNqY3pZMlZCQ2xaemVrbHBVVWxFUVZGQlFtOHhXWGRXUkVGUFFtZE9Wa2hST0VKQlpqaEZRa0ZOUTBKaFFYZEZkMWxFVmxJd2JFSkJkM2REWjFsSlMzZFpRa0pSVlVnS1FYZEpkMFJCV1VSV1VqQlVRVkZJTDBKQlNYZEJSRUZtUW1kT1ZraFRUVVZIUkVGWFowSlJWV3hhTUU4NFQzYzJMM0o0T0RaNVZuWnVkMHhOTlVseE5RcGlla0ZPUW1kcmNXaHJhVWM1ZHpCQ1FWRnpSa0ZCVDBOQlVVVkJVVk0wYTJKU1NFdEljSFYxUzFOUGNWZDBlRXhQT1hrMWRteGFaamszYVVFd1lrWmFDamRMZFZkRmNuUTFiVk5IWVdsSU1tWlFWRVZ6YUdSSlJHODRhbkJEYW5JNVIxTkVNVWhQU210emNtUTRaMlprY2tFNVpVbDVUSGxDUjNKYVNFeGFXR01LT0ZVeWVFdE9lbmhJYTI1TFpIVlhObmhOZWt0cFdtcENWR1J6TDB4MWJHNTRSakpLU2xSNE1sQjNWMHBqV0VSUU5VMDRURTVXWlRaelpVVlFXRGxQT0FwNWJsSkRiM05UV2twdE5rRlZLMFp1VnpkNmFrcElaSEphSzNacFppdE5heXN4WkZBMlMwcDVkVU5oUWxNeFJIVmtNalJNU1ZFcmRUZHBNR3AyVlZodENscGtZVEZKTURSbmJHRjFLM05pT1ZKdFNtNTVVbkJxTkRVemJVbDZiRXBJUVdrck1VZDNORkpHUXpoWGMyZE5WV0Z4VEVoT2REWjBkbUpvVG5CQ1NsVUtTamxYYlRsQlpGWkVRaTlLU0RSeVZsUm1hakZCVTFsMmVuZDZXVk5GV2xjNFJuUnljMDhyVlVrM1l6TkpZMUo0VEVFOVBRb3RMUzB0TFVWT1JDQkRSVkpVU1VaSlEwRlVSUzB0TFMwdENnPT0KICAgIGNsaWVudC1rZXktZGF0YTogTFMwdExTMUNSVWRKVGlCU1UwRWdVRkpKVmtGVVJTQkxSVmt0TFMwdExRcE5TVWxGY0ZGSlFrRkJTME5CVVVWQmRpdFFZa000VjJ0cU9TOUNNMUZxUkZoWE1FYzVSV2RRWjJsQ09WVjZWVFp4TDAxdE5GaHNiM1pQV1Voa09IbGpDbFZzZGtsWFVUVjRNVFU1TWtoelowOTBTREExUVhCME5rVlhSQ3RyY2toMFEzbERkV1EwYUZWdlMxQXhRVGx3UjBaQlNpOHlVbkJTTWxremVIQk1URGtLUTNSUk4wRlRWMloxTDB0T1NqQnVSMUJaWkhwT2EzcHNTa3BvVlhFd2FWbDFWVzR6UkN0SmJsUlZaMWxWUkVKNVFVeHhTVGxNY1hkMVpIQndSQ3RzZGdvNFducFhaMUZTVEdOMk1uWXJaR2RVVjI1cFMwc3lSV2w0ZDBKUWEyWlRSemwxSzBjeWVtWkNRMVZsV1ZKNlRXOWxWRFptZFVWRloyMXNVbXBDY1hSRENrOVRlVFZZU1ZKek1VTjBNV05PYkhabmRXMU1jMGRJS3psUGJFNHZjSFJzTURkMGFuSnFZV1pUTURablJsZHNZWE56Y21WYVRVNUljMGRqUjNsQ2FsTUtSMlk1ZDNwNGMwZEtUbFV2WjJoRVJteE5lV2hKYkdGMmRXTktOek5qWlVGV2MzcEphVkZKUkVGUlFVSkJiMGxDUVZGRFMzaDBjSHBWUWxGemNsWklRd3BpYjFWRlR6QmhUbEYwVW1OamRYcFJWV0V6UjBRNGMzUjRRMVkwWjBKQmEyeDNhbnBGTUdZMVEwWmFVemhDVGpSUVdURk9RVlZrU3pKSVJGZDNjMUUyQ2tOWk16WjJlamhQVjJJeVEyeEVSWFZCVWpCMlpWbE9Seko0T0ZrM1QzY3pRbVVyTVdScWJtRkpXVU01V2pkVGIwWnNXRlo0TDBWT09ERjZRazAxTkVFS1dtcGtNWGRqVmpWaGEwTnpVbkJwTWpObFMwWkliVXhSVVROb2RWbEJTMUpYSzFkbGRURXpLMmxuTjNGbEwwOXBOVEpMY3l0aVpVZEpTRE51Y3poclF3cFlka0pVV1VvdlJtaGlXakpsV2xVeWRHNUZaR3d6WlZkdEwxaFZXRWMzZVV0T1duUnhXbG93UWl0d1dtUmxMelIyYW1KQ1dtNVFWbkE1ZUdoTlNFdG5DakZIVm1kcWVtNHdhWFpDYmpCR1NFcHpSMkoxV2pCbE1GTnJlSEk0VXpWaU9HOHdTMGxuYTBwQldIaGhlSG93Ym04MVNUVTVWbm81UkRWMVZHNTRUM1lLWlU0dmEyZFNSMEpCYjBkQ1FVMHdhWHBvT0UwemVTdHpkemsyU1hOWlJIcHRlRVJFVHpSSVJGVjJWRFpCZGtac2NYaDFhMlJHWXpSU1kzcG9iRkprZHdwbmEzYzRiRkUzYkhadlRVSlRhRWhJUmpKdlpuaE9LemREYzBvNGFHNDFhRXBSVUUxRk0zUlhjbTUwVjBKdVQwOXpZVGhwUWk5a2NsVktUVmhUTDFCVENsSktaa2h4VVdKcVltTnRVVnBDUzFFMlNYZG1SbmdyUlRKNk4wOHhPSG8yZDBSVEswZFNkWGhFTldRMWJUUnVPVGcxU25sSVZVbzFRVzlIUWtGUE9UUUtVVlZRVFUxeGIxazJjVzAwUW1sc09VdHljVFJtUjIwNUswNUxURGhsVnpGdmEwcDZTVVpFVkdSTWIzaHdWMFpOY2xKNlozb3JUR0UxTDFsTFdHUmllZ3BzV1VWdmREaHlaSE5QY21aeGNFMVljamg2VVU5NksxbEVlamx2Y0RFeVdIVkVVMDFKTUZOVVNFeHNhQ3RrZHpseUwyWmpjVlZzY0hjeE4yTnNlbU5EQ2pVNVVFeHRLMFZLWkhWc05YTmhORTlSYldveFpDOW1WR3hxTWtKMVdFaHRja2Q0VEd0eVMxSkJiMGRCWkRGdFUzUjZiMVFyU0dJMlJuUldUa0ZSZFRZS05HOTJWV0ZZUlhSTFRqY3hTekpJVG5CbE1rOTVkR2QzZEVReGFrMTRiMEZzVkRaRFRYZExNRlI1UWtjMloxUTVkVWczTTFkdWVFZHFSbFpNU1hWb0t3cFZja1V2Wmtock5GWjNXRGhDZFhVd2MxbExTbEpCYVhBdmIzRkdXa1I1YjB3ck5qUm9kM1F6WVhScFdtZE1kbE56VVU4NWRteGlZMEZNVkhwc1dUQnRDbTEzYTI1TWNHUmllbEJQZURkU01WWjNOVk5zVGxoRlEyZFpSVUZyYkZZMlJFZFJUREJqV0VsSlJUVkVPV0phTTBablRVZG5PV1ZETldGYUt5c3hRWG9LUWpCbmVYaDZSbmRqZUdSRVlVZElhWEF6VERWc2FtTlBOa1p6VGxoUU1HTnlkME5wZWpKVlNsb3pNbTFVY0hnMk5GUXlaRGwzTmtWM2MzSkJLelJDY2dwSlJFWkRiUzlWU2paSU4yMXZTamxTYlV4V1R5OVlNbFF4WWxGWE9EVmlhVGcxYmtsa05IWkNSRzl6S3l0Sk0yVktlVlphVjJsblFqbDZVQ3RxYjNaWUNtTmFXRGd6ZDBWRFoxbEZRWGQyZWxGdVVITmlXbmRvUzFkdGMzSXZRVEozY0hGbWFtdG1ja1F5ZVdaSk9HbHlURlkxTDBGeVdreHFUWEkwVTNsSGNFa0tkUzlSVlU1b2NucEZUbU5CWnpKSWJsZDBSR3RCZDB0aWVqaFFhVmREVUdRd2VrbExjRzlWVEdOck5YVnFZVlZJUmtwalNERnRaWEZDVG5aelJqazNRZ3BVUjFsU2RIcDVLekI1ZVV4Mk5GZFRhQzkyYUVWWVEyWnNjMUF2ZERaaVpqQXdNekI1TkM5V1FXcDRlbUZvY0Zod1ZXbHJjSEpaUFFvdExTMHRMVVZPUkNCU1UwRWdVRkpKVmtGVVJTQkxSVmt0TFMwdExRbz0K +KAAS_MACHINE_IMAGE_PREFIX=xxx +KAAS_CLUSTER_IMAGE_REPOSITORY=170.10.0.84/vke +KAAS_DISABLE_SYNC_TENANT=True +KAAS_WEB_LB=117.1.28.200 +KAAS_CLI_SERVER=https://172.20.0.6:32247 +KAAS_CLI_SERVER_VERIFY_SSL=False +KAAS_TERMINAL_BASE_ENDPOINT=https://10.240.234.71:8097 +KAAS_VAULT_SECRET_ENGINE=secret +KAAS_CMP_SYSTEM_USER=system_vke +KAAS_DEFAULT_ETCD_VERSION=3.5.6 +KAAS_DEFAULT_ETCD_VOLUME_SIZE=10 +KAAS_DEFAULT_STORAGE_CLASS=ssd-cinder-csi +KAAS_DEFAULT_MANAGED_CP_REPLICAS=1 + + +# IAAS configurations +IAAS_API_VERSION=v1 +IAAS_API_ENDPOINT=http://10.240.234.212:8000 +IAAS_API_TOKEN=33390b96f533551d26ebdba2637c366edd628227 +IAAS_API_RETRY_TOTAL=5 +IAAS_API_RETRY_BACKOFF_FACTOR=0.5 +IAAS_DISABLE_SYNC_TENANT=False +IAAS_POOL_CONNECTIONS=20 +IAAS_POOL_MAX_SIZE=20 +IAAS_VNC_URL_EXPIRE=60 +IAAS_VNC_DOMAIN=https://vnc.viettelcloud.vn + + +# DBAAS API config +DBAAS_API_URL=10.240.234.71:8083 +DBAAS_API_TOKEN=c8daf16524d0ca4aab9ba0bfc16598c837c31113 +DBAAS_API_RETRY_TOTAL=1 +DBAAS_API_RETRY_BACKOFF_FACTOR=5 +DBAAS_API_MAX_CONNECTION=5 +DBAAS_API_VERIFY_SSL=False +DBAAS_API_PAGE_SIZE=50 +DBAAS_MAX_ERROR_MSG_SIZE=1022 + + +# Object Storage Configuration +OBJECT_STORAGE_API_ENDPOINT=https://10.240.201.235:8888 +OBJECT_STORAGE_ADMIN_USERNAME=admin +OBJECT_STORAGE_ADMIN_ACCESS_KEY=RYXH4QZDQ4HZFMMA6T9X +OBJECT_STORAGE_ADMIN_SECRET_KEY=qhVC8G4xtE4DbnExP9DgP5iReMCm2ZnwbHXg8p05 +OBJECT_STORAGE_VERIFY_SSL=False +OBJECT_STORAGE_DOMAIN=https://10.240.201.233 +OBJECT_STORAGE_ZONEGROUP_DEFAULT=vn-central-1 +OBJECT_STORAGE_CMP_ADDRESS_BYPASS=10.240.234.71,10.240.201.200 + + +# Key management configuration +MAX_CERTIFICATE_COUNT=100 +MAX_SECRET_COUNT=100 + + +# Secret management configuration +SECRET_MANAGER_VAULT_SECRET_ENGINE=secret-manager + +# Vault configuration +VAULT_URL=http://10.240.201.233:8200 +VAULT_TOKEN=hvs.o1G1T8eThhMmGILF0NPl9YFp +VAULT_VERIFY_SSL=False + +# Consul KV configuration +CONSUL_KV_HOST=consul-server +CONSUL_KV_PORT=8500 + +# BCCS configuration +BCCS_MOCK_REQUESTS=False +BCCS_LOG_LEVEL=DEBUG +BCCS_USE_CACHE=True +BCCS_CACHE_TIMEOUT=86400 +BCCS_PAYMENT_TIMEOUT=300 +SEND_TRANSITION_EMAIL=True + +# Customer management API config +CM_API_WSDL=http://10.60.108.62:9130/SALE_SERVICE/bpm/sale/externalSystem/InterfaceSaleApi?wsdl +CM_API_USERNAME=sale +CM_API_PASSWORD=sale + +# Invoice management API config +IM_API_WSDL=http://10.58.71.238:8701/SALE_SERVICE/bpm/sale/externalSystem/InterfaceSaleSAP?wsdl +IM_API_USERNAME=sale +IM_API_PASSWORD=sale + +# Product API config +PRODUCT_API_WSDL=http://10.58.71.243:8888/PRODUCT_SERVICE/bpm/product/InterfaceProductService?wsdl +PRODUCT_API_USERNAME=product +PRODUCT_API_PASSWORD=product + + +# Admin division API config +AD_API_WSDL=http://10.58.71.243:8888/PRODUCT_SERVICE/bpm/product/ExternalServiceForSale?wsdl +AD_API_USERNAME=product +AD_API_PASSWORD=product + + +# Order API config +ORDER_API_WSDL=http://10.58.71.234:8918/services/order/OrderCMPService?wsdl +ORDER_API_USERNAME=order +ORDER_API_PASSWORD=order1234 +ORDER_SYSTEM_TYPE=CMP +ORDER_SYSTEM_STAFF_CODE=HANTT +ORDER_REC_TYPE_ID_GPKD=978 +ORDER_REC_TYPE_ID_CMNDMT=2103 +ORDER_REC_TYPE_ID_CMNDMS=2104 + + +# Payment API config +PAYMENT_API_URL=http://10.58.71.186:8282/myviettel.php/checkout +PAYMENT_API_USERNAME=myviettel +PAYMENT_API_PASSWORD=2be98594ef924bc7636ba74a21bc290873b5483d +PAYMENT_API_MERCHANT_CODE=CloudCMP + + +# MBCCS API config +MBCCS_API_WSDL=http://10.58.71.240:8230/BCCSGateway?wsdl +MBCCS_API_USERNAME=8e735d03f07850f234f8ee26b7aba35f +MBCCS_API_PASSWORD=e84f4947bd7e8e8af340ad200d8f7d03 +MBCCS_API_WSCODE=ndha_recognizeImageCustomer + + +# Document API config +DOCUMENT_FTP_HOST=10.58.71.240 +DOCUMENT_FTP_USERNAME=ftp_tula4 +DOCUMENT_FTP_PASSWORD=ftp#123 +DOCUMENT_FTP_BASE_DIR=/u01/app/ftp_tula4/CloudCMP + + +# Flower API config +FLOWER_URL=http://10.240.234.20:8085 +FLOWER_TIME_QUERY_MINUTES=30 + + +# API Gateway config +API_GATEWAY_VAULT_URL=http://10.240.201.215:8200 +API_GATEWAY_VAULT_TOKEN=hvs.o1G1T8eThhMmGILF0NPl9YFp +API_GATEWAY_API_KEY=edd1c9f034335f136f87ad84b625c8f1 +API_GATEWAY_API_SIX_URL=http://10.240.234.71:9180 +API_GATEWAY_DOMAIN_NAME=apigw.viettelcloud.vn +API_GATEWAY_PROMETHEUS_ENDPOINT=http://10.240.234.71:9092 +API_GATEWAY_RATE_LIMIT_POLICY=redis-cluster +API_GATEWAY_REDIS_CLUSTER_NODES=redis-cluster-0.redis-cluster-headless.apisix:6379,redis-cluster-1.redis-cluster-headless.apisix:6379,redis-cluster-2.redis-cluster-headless.apisix:6379,redis-cluster-3.redis-cluster-headless.apisix:6379,redis-cluster-4.redis-cluster-headless.apisix:6379,redis-cluster-5.redis-cluster-headless.apisix:6379 +API_GATEWAY_REDIS_CLUSTER_NAME=redis1 +API_GATEWAY_REDIS_PASSWORD=superuser@123 +API_GATEWAY_ALLOW_DEGRADATION=True + +# Support config +SUPPORT_MAX_ACTIVE_QUESTIONS=50 + + +# CI/CD Service config +CICD_IMAGE_REPOSITORY=10.60.129.132:8890 +CICD_KUBERNETES_CLUSTER_URL=https://10.240.234.71:8095 +CICD_KUBE_CONFIG_DICT=YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIGNlcnRpZmljYXRlLWF1dGhvcml0eS1kYXRhOiBMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VNdmFrTkRRV1ZoWjBGM1NVSkJaMGxDUVVSQlRrSm5hM0ZvYTJsSE9YY3dRa0ZSYzBaQlJFRldUVkpOZDBWUldVUldVVkZFUlhkd2NtUlhTbXdLWTIwMWJHUkhWbnBOUWpSWVJGUkplazFFVVhoUFZFRXpUVlJyZVUxV2IxaEVWRTE2VFVSUmVFNXFRVE5OVkd0NVRWWnZkMFpVUlZSTlFrVkhRVEZWUlFwQmVFMUxZVE5XYVZwWVNuVmFXRkpzWTNwRFEwRlRTWGRFVVZsS1MyOWFTV2gyWTA1QlVVVkNRbEZCUkdkblJWQkJSRU5EUVZGdlEyZG5SVUpCVEcwMENuQTROa2RuTWtOMlNXSmtVVklyVTJreE5FaE1URE5CU1dFM1dYVXlZbkp1VkdSV1VHMTVWMnRHUWtKbU4xQkhVbTU2TUVKU2JGZzJVeTkyVVhCR1J6VUtiMFIxTkVWak0wRXlaekpOWm5CQlNUSndkM0ZMWWtwdGFIbFpaR1pyVEdaaGNXNUhNRTFzV2tGMVlVaEpla3Q0TlVZMVFTdFFiR1ZHWkRScU9XWjVWUXBMVEhwUmNYTlVWalpTWW1sYVN6Vk1aVWt6VEhkeE5tNVlaRGQwWW5oVFMycDRPSFJQU0ZaNFpHd3hNVkJ3Wm5OMmNYQTFZbmxSUW5KVVpuQkJWMFJaQ2tWSmJtWklTVzh6VVZKQ01IUjVXbWR1Y0c5dVptdHRMMWRKYTA5UFJHdEhjRlUyZDFCMmJqRTFaV3hwUzBKNVIwTlBjMWRaYjJRNWJ6RndaMWh1WjFFS09XOXpiR1pTTTFKUVdVZDNTbW8yUWxGdlpITkpZWFJTTUc5VGVtczRja05KY21KVU1VWktTVmhDYzJ0d2F6QnhiVGRsVnpOVU1VZGhLM0F4WmpkcE9RbzVXRXQwWkhvemFFcHRWbWxET1VwNWEwMXJRMEYzUlVGQllVNWFUVVpqZDBSbldVUldVakJRUVZGSUwwSkJVVVJCWjB0clRVRTRSMEV4VldSRmQwVkNDaTkzVVVaTlFVMUNRV1k0ZDBoUldVUldVakJQUWtKWlJVWkNhSFJNVkdGdmQzUnNWM0JoU2tSc1J6TnhOMjFDZGt0TGRYbE5RbFZIUVRGVlpFVlJVVThLVFVGNVEwTnRkREZaYlZaNVltMVdNRnBZVFhkRVVWbEtTMjlhU1doMlkwNUJVVVZNUWxGQlJHZG5SVUpCUlUxWVUwTkNXRFJIUTJSaWJGUkVNa2RJUVFvemRHTTJUVTluUldkNVFuSTNXamd3Y1cxbE1ubHRkMmhoUmtGVVNVeHNSMjB6VXpSNFRGWnZZa0Y0Y1dSWk9HUlhORzlwYzNaclVHa3lRMmx5TkRobkNqWnpPRTB6YVZkcWRHOUZaU3M1ZUROd2VIRnBiVk0zTDAxT2EwWmhPVEJhY0ZwRVdIbEZkMlUxZEdOYVMxcFNiM2cwV1c1WlNtNWhWRTVxWXpKTVprMEtjVXBsUlhSdWVVZHNTMjFaVURCWGFWZzBRVXQzUWpob09ESkZVVmczVTA5U1pHZExTMDF4WVhKNFNXbDBPREUzWkZkc1FtaG5SVkZpTkdKTGMxWlZhZ3A1UVd3MFprcDZSa1ZGVGs5TVZVNUNLemt3YlUxemJtOVVhbXhMU2sxdmMxSXZSV3N4ZGtFNFlrMXFLMVZ0SzBabGRrSlBkVVJLUVhsNFVWWTJOak5MQ2xWVWFFYzBZekJSZUdScVIzWmFVVnBzVFZGalZsWnRORU5LTTBoMGFqSjZNVkIwYVdKbGFERm9PSFJQU0M5UE1XTmpRemQxYTNCeEsyRmlUWGxFTUhJS1ptMDRQUW90TFMwdExVVk9SQ0JEUlZKVVNVWkpRMEZVUlMwdExTMHRDZz09CiAgICBzZXJ2ZXI6IGh0dHBzOi8vMTAuMjQwLjIzNC43MTo4MDk1CiAgbmFtZToga2luZC1hcmdvCmNvbnRleHRzOgotIGNvbnRleHQ6CiAgICBjbHVzdGVyOiBraW5kLWFyZ28KICAgIHVzZXI6IGtpbmQtYXJnbwogIG5hbWU6IGtpbmQtYXJnbwpjdXJyZW50LWNvbnRleHQ6IGtpbmQtYXJnbwpraW5kOiBDb25maWcKcHJlZmVyZW5jZXM6IHt9CnVzZXJzOgotIG5hbWU6IGtpbmQtYXJnbwogIHVzZXI6CiAgICBjbGllbnQtY2VydGlmaWNhdGUtZGF0YTogTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVUkpWRU5EUVdkdFowRjNTVUpCWjBsSlIzbE9kMmM0T1VRdmN6UjNSRkZaU2t0dldrbG9kbU5PUVZGRlRFSlJRWGRHVkVWVVRVSkZSMEV4VlVVS1FYaE5TMkV6Vm1sYVdFcDFXbGhTYkdONlFXVkdkekI1VFhwQk1FMVVhM2RPZWtVMVRXcEdZVVozTUhsT1JFRXdUVlJuZDA1NlJUVk5hbHBoVFVSUmVBcEdla0ZXUW1kT1ZrSkJiMVJFYms0MVl6TlNiR0pVY0hSWldFNHdXbGhLZWsxU2EzZEdkMWxFVmxGUlJFVjRRbkprVjBwc1kyMDFiR1JIVm5wTVYwWnJDbUpYYkhWTlNVbENTV3BCVGtKbmEzRm9hMmxIT1hjd1FrRlJSVVpCUVU5RFFWRTRRVTFKU1VKRFowdERRVkZGUVhkWFIycGlhR2R6YlZGQk1uZFVTbG9LTDNCWlVqZGlSbVJFZGpocE56WmhPV3QyVUhWdWVrUXpOQ3RSUlhwa1NuTkliR1pFWWxKVFRtRjJURTlpV2k5MlVGcHFTVXh2VFRGaVlYaEZMMjFqTVFwQlZHUnhNeXR1ZWtFNFRHeGljblJxVFZWTVVFcE9RbFpCVTNnek1HaDFaa05xTTFVNVRGQTBRamRQWmxwbWIxaHRibkpLZWxJNGFuaDBWa3ROVkRKUkNscExlRTk2Y0dKSmFVNDBTM1ZOYlV3eWJHTjNlWGxJSzNoSmEzTklXVlI2V0VOa1kwbGxWWGM0YldNdlpqUlpNVU5VYzJKQlFuZEpUMjFzYm1obWJ5OEtWVUZtZVUxM1Mwc3dVVmt4VHpGM1FtbDNkRXRxUTNsNmVWTXdXbEpzYUZnMFdWQlVhQzgzWkU1TlMxWXdURFZ5Y0ZWdVFXbHFOa3hoVW10WFEzUlJUQXBHWmxZemQxcDRSVGg1T1dwdWNIQk9OWFZLZDFsalNtSkRZMnBCUmpaQmVYcFBSRWxDVVdGdFJrTlBaWFpJTkVSMWRWWkNPRmRTU1hkSFkwczBaVWRzQ2xCcWVYaGtkMGxFUVZGQlFtOHhXWGRXUkVGUFFtZE9Wa2hST0VKQlpqaEZRa0ZOUTBKaFFYZEZkMWxFVmxJd2JFSkJkM2REWjFsSlMzZFpRa0pSVlVnS1FYZEpkMFJCV1VSV1VqQlVRVkZJTDBKQlNYZEJSRUZtUW1kT1ZraFRUVVZIUkVGWFowSlJXV0pUTURKeFRVeGFWbkZYYVZFMVVuUTJkVFZuWW5scGNncHpha0ZPUW1kcmNXaHJhVWM1ZHpCQ1FWRnpSa0ZCVDBOQlVVVkJRaTkyU2pSRlZVRm1NMXB6Y1U5TFYzRnBNM0p4VlRsSVNVTXdZbTB5UzJvdlVtcFJDbFprUW0xT1MyaERaWEp4YUc5dWJWTkZiRGRtYkhSV09YVkJObGRYYWpseFptMUNMMFZQV201cGNrOURPRGt6S3pCakwyTnNZbGN4VjFob1NtbHNRblVLYlhSTGIyOUpSRmRsV0VoQk5XMXpVREkwVkhkWFIxaGpVVGxrTHpFMmJIaERjVFU1TjBkcWMxWm1lamR6WTJWTGEwMU5hbFUyZHpCNmNEWXpLMjU0WkFwYVp5dHJlbWxDTWxZclRqSkVWRE5MZWxGRFpURXpPRzV5YkZob2FXZDRaQ3RSVjFCb2FGUkxRMjlGTUdaTVNVUjViazlWTjFweFUydFpPRFIxZURVNUNsRlFTa1ZzYmpCQ1ZVWldUek5PY1Zad2JsTkRjRVpLV1dKR2JVVTFWMFV2TWxsc1lTOUJiM0Z3UjNwc04ycHpTemRRVEVKQ1oxWmhabU14YzFwaFFXd0tTWGhIWkVsa2RrOTNSMkZDVUU1eFRYcENTa3QzVVdOcFFsYzBVakZtZWtSblMyZEVibE5UYzBWVk9GbDROMXBPTTFFOVBRb3RMUzB0TFVWT1JDQkRSVkpVU1VaSlEwRlVSUzB0TFMwdENnPT0KICAgIGNsaWVudC1rZXktZGF0YTogTFMwdExTMUNSVWRKVGlCU1UwRWdVRkpKVmtGVVJTQkxSVmt0TFMwdExRcE5TVWxGY0ZGSlFrRkJTME5CVVVWQmQxZEhhbUpvWjNOdFVVRXlkMVJLV2k5d1dWSTNZa1prUkhZNGFUYzJZVGxyZGxCMWJucEVNelFyVVVWNlpFcHpDa2hzWmtSaVVsTk9ZWFpNVDJKYUwzWlFXbXBKVEc5Tk1XSmhlRVV2YldNeFFWUmtjVE1yYm5wQk9FeHNZbkowYWsxVlRGQktUa0pXUVZONE16Qm9kV1lLUTJvelZUbE1VRFJDTjA5bVdtWnZXRzF1Y2twNlVqaHFlSFJXUzAxVU1sRmFTM2hQZW5CaVNXbE9ORXQxVFcxTU1teGpkM2w1U0N0NFNXdHpTRmxVZWdwWVEyUmpTV1ZWZHpodFl5OW1ORmt4UTFSellrRkNkMGxQYld4dWFHWnZMMVZCWm5sTmQwdExNRkZaTVU4eGQwSnBkM1JMYWtONWVubFRNRnBTYkdoWUNqUlpVRlJvTHpka1RrMUxWakJNTlhKd1ZXNUJhV28yVEdGU2ExZERkRkZNUm1aV00zZGFlRVU0ZVRscWJuQndUalYxU25kWlkwcGlRMk5xUVVZMlFYa0tlazlFU1VKUllXMUdRMDlsZGtnMFJIVjFWa0k0VjFKSmQwZGpTelJsUjJ4UWFubDRaSGRKUkVGUlFVSkJiMGxDUVZGRE9URjVNVXRsYWpkc05FeHFad3BDY0RoclpEUjVXVXhKVFhadmNscFpWQzlrVWtkV2EweFFSbHBQYVZZeFVqbFNNbWN5UVZkSmQzbEdiR1ZaUnk5VGNpOW9WakpvUm1sU1pHUlhSRE5RQ2tKbFEyRkdhRFE0VUZBMFRteHFiMGczTjNWaU9ETjBTa28yUVdKaE9UQm9SRmMyWlRkcU5YVkVNMDFTYkVoMVNqY3JPVll2ZFRZelEweG1iR3BUVDNRS2JsVk9kMGxXZFc5SldYZDVSMDVEY25kWFoyazJNaXREUzNob2FFNUtWbkZqV1RSa1JtcFNNWGhJVFZSb05XNXhTWGt3UjFKSk9VcGpXazh2ZVUxSVdBcEllVFJzUkVoR01sQlBPVVp1YkhaNlJrRkNNV3g0ZFd4MmFFSllTRWt2YURBd01WaFRTbUp1TUZGVk1YcExlWE40ZGxsRUwxcG1VMEp3U25OeFNtdEZDbUp5V2poTE5FVXJRMmc0YVcxSWJXbGtUelF5Y0hnd2MyZ3dTbTFPVjJ3eGNsaEhXR1puY3pKelFuQXlPREJQVjA1clpHczNSMGRQTTJkWGRscExjRVVLVEU4eFYyOUxibEpCYjBkQ1FWQllZbXhxWXpJdlZGQTFVU3RxU21aTmRHSkxha2QyYzBkSGVYVnFXR1ZLWTA5c1dDOVphakZTVGxObmRrVm5XREJuTXdwMFFsSmxTVVJXU0RoTWFVWkdPVUZQZFhaSWVtTkdibHBuYWtKUlJYVkZRMGRqVmt4QlVtdEthVzlXVnpOc1FrUXhNbGhTWkRoc2VqRTRjWFJYV1dOWENtNUlSalExZGtFNVpVdHlTMHc0YUZKTmMxQkhkRFo1YjBGNlV6UllTV2xOU3pWTU4yVkZSSHB6ZDBWMVdEbG5TMFkxV0c0emFqRmFRVzlIUWtGTmJHSUtNMnA0VUhwWmJsUkdZbUZwVjI5eGMwcFBTRFo2YlM5cWFXcDRlbmt4WWxCNE0ybEplWFpUY2pWT1RrZDZOVkJZYTI5R1VFZzNhVkZOZHpsdFRrUkVOQXB4TW1SalRVVlNXRkZVUWtKSE4wRlVRbXRxV0ZoT01WcFNkbTVwTjJwcFVXdDRTR2RUVmk5d1JETkZlbTltT1d0V1ZXczBPRXczZUhsaWQwcFdkMnhRQ21ReE1VVkVWbWxxVWtOc1UxWlNOMmhxY1hjck5IcFZaMjlXVmxaRlZsZHZRVUZ4YlROdWRGQkJiMGRDUVVsNU1tRm5iMlZCWkhOMVZHZDVPSHBTTUVNS2FESnhObTFEVUVOcVJYSnhXWGRxVURkT1ZrOWxkRkU1VWtVMVNHSmxSa05oUjBoRU5GbEZPVTVIZDFoWFMwdDFNalZhUVRnd2RYQmljR0pEVEZwMk1BcG1UbFp5WTFONGIxSnZlVGhTUXpoRFRsSlVSVkl4TDFsWGJXaFpkMDFZVGxScGNYWjJUbFpDUTFsQlQybHFlVWhLU25acFluaDBNV0ZoYUZJMFJIZFRDbkJhYmxKTVYyeFlWVlowWVhSSFdrMXRSMVZ0ZFZFMk5VRnZSMEpCUzBGMGVYQTBhbmhhWmsxTFZYVTVNekZVVGtkQ1NVVlhSa0U1Y1N0MmJrZFhlVmdLYjFaQ1RGVldhRTV1V25oTmFXcG9UR3h4Ym5rM1dVd3JaM1l2VUVJNWJXeEdORlZFYlhkdWFXUXlUVkpwUW5OTVNqQmhkWFUxYzBKMVEzQXdNRnBwUWdwMVpIcFJiRTAwVGsxc1IxWkNNWFZKZW5sbFQyVnJWVXhTY2xkcmIwYzBlRzUyZVRoakwydzRPVEl6TDNCMVRVZ3ZNVEJoVFdSb1JHVjBVRTA1YUhONkNuQTRWRkprWXpaV1FXOUhRVmxMZFN0NmNHcEdaR1ZJWTFFdmIxbFpjVVJhTlVoS1lWb3pZa28zT0VkRlZDdEtVa3g0YzJ4aFJsSjZlR3RpYTBOb1FsSUtPSGhSUjBOVVZIRTNWemd4TmxsdU5rOURXazFtYVZCWmRsUjFiRlpuYVV0elR6RmhTVTR2YjNCVGQwZEVTbWRIVjJ0TVVtazVTRk0yTlhZdmVWRkplZ3BJWXpnMFJWVkZTbWx1WjJVMFN6RmtaR2RxT0VoclJqaEZTWEJ3WW13M1JtOVpNbnBzVjBwU1drWkVPRGh0Wm0xSVZ6QmxVMVV3UFFvdExTMHRMVVZPUkNCU1UwRWdVRkpKVmtGVVJTQkxSVmt0TFMwdExRbz0K +CICD_REQUEST_TIMEOUT=10 + +# Action Log config +ENABLE_ACTION_LOG=True +MAX_DAY_QUERY_ACTIVITY_LOG=7 + +UWSGI_PROCESSES=16 +UWSGI_THREADS=1 +UWSGI_MAX_REQUESTS=30000 +UWSGI_RELOAD_ON_RSS=1280 +UWSGI_EVIL_RELOAD_ON_RSS=1408 diff --git a/secret_migrator/env_interface.py b/secret_migrator/env_interface.py index 4c68b04..15c5c8e 100644 --- a/secret_migrator/env_interface.py +++ b/secret_migrator/env_interface.py @@ -2,60 +2,97 @@ import hvac import environ -# Authenticate with Vault -client = hvac.Client(url="http://localhost:8300/", token="hvs.Y30WrR6bAp7vtpaVBQlueAcn") -if not client.is_authenticated(): - print("Vault authentication failed, using .env file instead") - exit(1) +BASE_DIR = Path(__file__).resolve().parent - # BASE_DIR = Path(__file__).resolve().parent +try: + # set mount point to 'cmp-backend' for Vault, set to '' to use .env instead + VAULT_MOUNT_POINT = 'cmp-backend-local' + VAULT_ADDR = 'http://10.240.201.233:8200' + VAULT_TOKEN = 'hvs.o1G1T8eThhMmGILF0NPl9YFp' - # env = environ.Env() - # env.read_env(BASE_DIR / ".env") + client = hvac.Client(url=VAULT_ADDR, token=VAULT_TOKEN) + client.is_authenticated() + response = client.secrets.kv.v2.list_secrets( + mount_point=VAULT_MOUNT_POINT, path='') + print('Conected to Vault...') -else: - VAULT_MOUNT_POINT = "cmp-backend" secrets = {} + if response and response.get('data') and response['data'].get('keys'): + secret_keys = response['data']['keys'] + for key in secret_keys: + secret = ( + client.secrets.kv.v2.read_secret_version( + mount_point=VAULT_MOUNT_POINT, + path=key, + )['data']['data'], + ) - try: - # List all the secrets under the specified mount point - response = client.secrets.kv.v2.list_secrets( - mount_point=VAULT_MOUNT_POINT, path="" - ) - - if response and response.get("data") and response["data"].get("keys"): - secret_keys = response["data"]["keys"] - for key in secret_keys: - # Read the value of each secret - secret = ( - client.secrets.kv.v2.read_secret_version( - mount_point=VAULT_MOUNT_POINT, path=key - )["data"]["data"], - ) - - if secret: - if secret[0][key] == '""': - secret[0][key] = "" - secrets[key] = secret[0][key] - else: - print(f"Unable to read secret '{key}'.") - else: - print(f"No secrets found in '{VAULT_MOUNT_POINT}'.") - except hvac.exceptions.VaultError as e: - print(f"Error listing or reading secrets in Vault: {e}") - - def env(key, val_type, val): - if type(val) != val_type: - print("error: type mismatch") - exit(1) - - if val_type == str: - return secrets[key] if secrets[key] else val - if val_type == bool: - return True if secrets[key] else False - return int(secrets[key]) if secrets[key] else val - - -print(env("EMAIL_USE_FILE_BACKEND", bool, False)) -print(env("EMAIL_HOST", str, "localhost")) -print(env("EMAIL_PORT", int, 465)) + if secret: + if secret[0][key] == '""': + secret[0][key] = '' + secrets[key] = secret[0][key] + else: + print(f'Unable to read secret "{key}"') + else: + print(f'No secrets found in "{VAULT_MOUNT_POINT}"') + + def env(key, val_type=None, val=None): + if key in secrets: + secret = secrets[key] + if val_type == bool: + if secret.lower() == 'false': + return False + return True + if val_type == int: + return int(secret) + if val_type == list: + return secret.split(',') + return secret + + if val is None: + print('ImproperConfigured: ', key) + return + + return val + +except Exception: + print('Vault access failed, using .env file instead...') + +env = environ.Env() +env.read_env(BASE_DIR / '.env') + +# TODO: write unit tests +for key in secrets: + print(key) + assert env(key) == var(key) + + +# foo = env("IAAS_API_RETRY_STATUS_CODE_LIST", list, [500, 502, 503, 504]) +# print("0: ", foo, type(foo)) + +# foo = env("DEBUG", bool, False) +# print("0: ", foo, type(foo)) + +# foo = env("EMAIL_USE_FILE_BACKEND", bool, False) +# print("1: ", foo, type(foo)) + +# foo = env("EMAIL_HOST", str, "localhost") +# print("2: ", foo, type(foo)) + +# foo = env("EMAIL_PORT", int, 465) +# print("3: ", foo, type(foo)) + +# foo = env("EMAIL_PORT", int, True) +# print("4: ", foo, type(foo)) + +# foo = env("EMAIL_PORT", bool, "465") +# print("5: ", foo, type(foo)) + +# foo = env("EMAIL_PORT", str, 465) +# print("6: ", foo, type(foo)) + +# foo = env("REDIS_HOST") +# print("7: ", foo, type(foo)) + +# foo = env("xxx", bool, "True") +# print("8: ", foo, type(foo)) diff --git a/secret_migrator/migrate_to_env.py b/secret_migrator/migrate_to_env.py deleted file mode 100644 index 76d8a8b..0000000 --- a/secret_migrator/migrate_to_env.py +++ /dev/null @@ -1,39 +0,0 @@ -import os -import hvac -from dotenv import dotenv_values, set_key - -# Vault secret path -VAULT_MOUNT_POINT = "cmp-backend" # Replace with your desired mount point - -# Initialize the Vault client -client = hvac.Client( - url=os.environ["VAULT_ADDR"], token=os.environ["VAULT_TOKEN"]) - -# Check if Vault is sealed -if client.is_sealed(): - print("Vault is sealed. Unseal it before proceeding.") - exit(1) - -# Read all secrets at the specified mount point -secrets = client.secrets.kv.v2.read_secret_version(path=VAULT_MOUNT_POINT, path="") - -if not secrets: - print(f"No secrets found at mount point: {VAULT_MOUNT_POINT}") - exit(1) - -# Load the existing .env file if it exists -if os.path.exists('.env'): - env_data = dotenv_values('.env') -else: - env_data = {} - -# Add or update secrets in the .env file -for key, value in secrets['data']['data'].items(): - env_data[key] = value - -# Write the updated .env file -with open('.env', 'w') as env_file: - for key, value in env_data.items(): - set_key(env_file, key, value) - -print("Secrets have been written to .env file.") diff --git a/secret_migrator/migrate_to_vault.py b/secret_migrator/migrate_to_vault.py index 6ec7b86..0aceb22 100644 --- a/secret_migrator/migrate_to_vault.py +++ b/secret_migrator/migrate_to_vault.py @@ -19,8 +19,12 @@ import os import hvac +VAULT_MOUNT_POINT = "cmp-backend" +VAULT_ADDR = "http://10.240.201.233:8200" +VAULT_TOKEN = "hvs.o1G1T8eThhMmGILF0NPl9YFp" + # Load environment variables from .env file -env_file_path = ".env" +env_file_path = "common.env" if not os.path.exists(env_file_path): print(f"{env_file_path} does not exist.") @@ -35,19 +39,23 @@ line = line.strip() if not line or line.startswith("#"): continue + key, value = line.split("=", 1) + print("Parsing: ", key, "from .env") + if value == '""': value = "" + if value and value[0] == '"' and value[-1] == '"': + value = value[1:-1] env_vars[key] = value # Authenticate with Vault -client = hvac.Client(url=os.environ["VAULT_ADDR"], token=os.environ["VAULT_TOKEN"]) +# client = hvac.Client(url=os.environ["VAULT_ADDR"], token=os.environ["VAULT_TOKEN"]) +client = hvac.Client(url=VAULT_ADDR, token=VAULT_TOKEN) if not client.is_authenticated(): print("Vault authentication failed.") exit(1) -VAULT_MOUNT_POINT = "cmp-backend" - # Write environment variables to Vault's secret storage for key, value in env_vars.items(): secret = {}