From 236a80c93f41b14bc5abd4fa020523f3045ce797 Mon Sep 17 00:00:00 2001 From: "Al hel md. shahriar zaman" Date: Tue, 26 Nov 2024 17:54:26 +0600 Subject: [PATCH 01/21] backpu:ansible host updated, user shoumik added --- infrastructure/server-setup/inventory/backup.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/infrastructure/server-setup/inventory/backup.yml b/infrastructure/server-setup/inventory/backup.yml index e66679042..54c69eab0 100644 --- a/infrastructure/server-setup/inventory/backup.yml +++ b/infrastructure/server-setup/inventory/backup.yml @@ -33,8 +33,13 @@ all: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDGy93egakrVxXHb9LafRQ7T0Cl+p+gCTuymLyofTLK2ncwKhOZ/uV5SuzaKb4lJbBnpmxNdvAxsYXff5srvJfrV0ZZXFQdAAg0mmWuXxrhNfaE52S4s6WVKknTqDE5PhMxzVxzynBnaTdW9Cno7mO+rnS/VybjZIadpOuv5Bek1PztBmrUi4h0Qg1PxXNmFqzyc1dsil1T0nFeu5cH59G5fF1/oSUlC6CYBNoHdQ62IBoydBwMumk/trFoTlxPNK1wXgcUvsr8Sa5A4lN2Rrc6Y22CEGwomtyjHb2kDVbI+7B1Zq+S89yyyvkPFezEsCdK/Ehaj8HzfcsR/bassSn0/Xv3bL20eh7wv7cnut40kFizYifNGfpEqPvSzjfJbB4iG2WSKkW8F9t0/cvd0AdY/3jB0vXhvnRvCqHm1X6JVdGamF3GJeHUMk9JDg3rQdT47BZUtSJer4MGWWcNiALjeWPNLXK9cAvrI/6GbHbPyTzACfR6nhs03Z/eebuvpp0= state: present sudoer: true + - name: shoumik + ssh_keys: + - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINRSRTqm3vOfjyTutISEtbVp7ZddoWa9NZDZLeWZGzLy dsi@dsi-Inspiron-15-3511 + state: present + sudoer: true backups-host: hosts: backup: - ansible_host: '64.226.95.104' + ansible_host: '188.245.61.69' From 62fcfdfff450e094ba84f762a7287d95525bba1e Mon Sep 17 00:00:00 2001 From: "Al hel md. shahriar zaman" Date: Tue, 26 Nov 2024 18:04:59 +0600 Subject: [PATCH 02/21] prod:ansible host updated both prod1 and prod2, all the jump stuffs are been removed --- .../server-setup/inventory/production.yml | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/infrastructure/server-setup/inventory/production.yml b/infrastructure/server-setup/inventory/production.yml index d3153282c..61035aedf 100644 --- a/infrastructure/server-setup/inventory/production.yml +++ b/infrastructure/server-setup/inventory/production.yml @@ -12,8 +12,6 @@ all: # This configuration variable blocks all access to the server, including SSH, except from the IP addresses specified below. # This should always be set when configuring a production server if there is no other firewall in front of the server. # SSH and other services should never be exposed to the public internet. - only_allow_access_from_addresses: - - 159.89.14.13 # Enable backups enable_backups: true backup_server_remote_target_directory: /home/backup/backups @@ -36,13 +34,17 @@ all: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDGy93egakrVxXHb9LafRQ7T0Cl+p+gCTuymLyofTLK2ncwKhOZ/uV5SuzaKb4lJbBnpmxNdvAxsYXff5srvJfrV0ZZXFQdAAg0mmWuXxrhNfaE52S4s6WVKknTqDE5PhMxzVxzynBnaTdW9Cno7mO+rnS/VybjZIadpOuv5Bek1PztBmrUi4h0Qg1PxXNmFqzyc1dsil1T0nFeu5cH59G5fF1/oSUlC6CYBNoHdQ62IBoydBwMumk/trFoTlxPNK1wXgcUvsr8Sa5A4lN2Rrc6Y22CEGwomtyjHb2kDVbI+7B1Zq+S89yyyvkPFezEsCdK/Ehaj8HzfcsR/bassSn0/Xv3bL20eh7wv7cnut40kFizYifNGfpEqPvSzjfJbB4iG2WSKkW8F9t0/cvd0AdY/3jB0vXhvnRvCqHm1X6JVdGamF3GJeHUMk9JDg3rQdT47BZUtSJer4MGWWcNiALjeWPNLXK9cAvrI/6GbHbPyTzACfR6nhs03Z/eebuvpp0= state: present sudoer: true + - name: shoumik + ssh_keys: + - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINRSRTqm3vOfjyTutISEtbVp7ZddoWa9NZDZLeWZGzLy dsi@dsi-Inspiron-15-3511 + state: present + sudoer: true docker-manager-first: hosts: farajaland-prod: - ansible_host: '165.22.205.62' + ansible_host: '188.245.160.165' data_label: data1 - ansible_ssh_common_args: '-J jump@159.89.14.13 -o StrictHostKeyChecking=no' # We recommend you add 2-4 workers for a scaled production deployment # This should depend on the size of your country and the number of end users. @@ -50,14 +52,13 @@ docker-manager-first: docker-workers: hosts: farajaland-prod-02: - ansible_host: '178.128.245.255' + ansible_host: '49.13.124.87' data_label: data2 - ansible_ssh_common_args: '-J jump@159.89.14.13 -o StrictHostKeyChecking=no' backups: hosts: farajaland-backup: - ansible_host: '64.226.95.104' + ansible_host: '188.245.61.69' # Written by provision pipeline. Assumes "backup" environment # exists in Github environments ansible_ssh_private_key_file: /tmp/backup_ssh_private_key From f15cc7aadb09d928b4934d45cddf3e0c7d6dbaeb Mon Sep 17 00:00:00 2001 From: "Al hel md. shahriar zaman" Date: Tue, 26 Nov 2024 18:12:12 +0600 Subject: [PATCH 03/21] QA: ansible host updated and user shoumik added --- infrastructure/server-setup/inventory/qa.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/infrastructure/server-setup/inventory/qa.yml b/infrastructure/server-setup/inventory/qa.yml index 9c3761d8c..c8324c28c 100644 --- a/infrastructure/server-setup/inventory/qa.yml +++ b/infrastructure/server-setup/inventory/qa.yml @@ -58,6 +58,11 @@ all: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCWQihdKkwxTItN+rwYAX1vBg+8sv59sFsjYoVaO2mzS01rARfh+M+UVqpEv3zFT/3v6Dr5Z5VhzYvvbH8akiGQxURqie9quEi1iBCqcq+LApkMZxNm7yyvexlFsbkKMHsSZyVCzjE2Wt+6fwR1NqkMQgJjZS+b4CB+CUTNP2i6ytUTmck9K5iAOp1Gpm+Xgyvz6ZEJPkAJ16gV7gzNJUt/DSCkCyV8G2BqYLWeR2QxAbKyuf3LzO5i4XZdiZi9o60QAt3A6KGGLazd0UuYdehQDqVwXzwimLeeuZbaPNmwoAy7DeatOdurrWbnL7ytaiPvAbwai6Grt3PhhM41qO+uojnqTdnFdSOEPVIYMR7+mYu9tuwHZcMJIbbvMPD6EvKumD5Ndn5OxiLY/zQF5PuG89pBdTkTzzREvbV1Dkh2hwAIvgavlZl3P64On+4+FAgjrAx5U55khoRAe2FbEvB+EUGwro0bRffiM2NmxkUBraEuT2Xt5K01ZoBU6F4feO0= tareq.aziz@dsinnovators.com state: present sudoer: true + - name: shoumik + ssh_keys: + - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINRSRTqm3vOfjyTutISEtbVp7ZddoWa9NZDZLeWZGzLy dsi@dsi-Inspiron-15-3511 + state: present + sudoer: true # If the machine is repurposed to also be the backup host, we need to add more keys to the authorized_keys file so that # when the application servers get provisioned, the provision user of this machine can be used. additional_keys_for_provisioning_user: @@ -66,7 +71,7 @@ all: docker-manager-first: hosts: farajaland-qa: - ansible_host: '165.22.110.53' + ansible_host: '5.223.46.129' data_label: data1 # QA and staging servers are not configured to use workers. From 08170150f58f3899f88047c8ea3b3cb2a1327528 Mon Sep 17 00:00:00 2001 From: "Al hel md. shahriar zaman" Date: Tue, 26 Nov 2024 18:36:56 +0600 Subject: [PATCH 04/21] Staging: ansible host updated and user shoumik added --- infrastructure/server-setup/inventory/staging.yml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/infrastructure/server-setup/inventory/staging.yml b/infrastructure/server-setup/inventory/staging.yml index 56f371cd7..455211b09 100644 --- a/infrastructure/server-setup/inventory/staging.yml +++ b/infrastructure/server-setup/inventory/staging.yml @@ -64,19 +64,23 @@ all: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCWQihdKkwxTItN+rwYAX1vBg+8sv59sFsjYoVaO2mzS01rARfh+M+UVqpEv3zFT/3v6Dr5Z5VhzYvvbH8akiGQxURqie9quEi1iBCqcq+LApkMZxNm7yyvexlFsbkKMHsSZyVCzjE2Wt+6fwR1NqkMQgJjZS+b4CB+CUTNP2i6ytUTmck9K5iAOp1Gpm+Xgyvz6ZEJPkAJ16gV7gzNJUt/DSCkCyV8G2BqYLWeR2QxAbKyuf3LzO5i4XZdiZi9o60QAt3A6KGGLazd0UuYdehQDqVwXzwimLeeuZbaPNmwoAy7DeatOdurrWbnL7ytaiPvAbwai6Grt3PhhM41qO+uojnqTdnFdSOEPVIYMR7+mYu9tuwHZcMJIbbvMPD6EvKumD5Ndn5OxiLY/zQF5PuG89pBdTkTzzREvbV1Dkh2hwAIvgavlZl3P64On+4+FAgjrAx5U55khoRAe2FbEvB+EUGwro0bRffiM2NmxkUBraEuT2Xt5K01ZoBU6F4feO0= tareq.aziz@dsinnovators.com state: present sudoer: true + - name: shoumik + ssh_keys: + - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINRSRTqm3vOfjyTutISEtbVp7ZddoWa9NZDZLeWZGzLy dsi@dsi-Inspiron-15-3511 + state: present + sudoer: true docker-manager-first: hosts: farajaland-staging: - ansible_host: '167.172.105.70' + ansible_host: '5.223.47.53' data_label: data1 - ansible_ssh_common_args: '-J jump@159.89.14.13 -o StrictHostKeyChecking=no' # QA and staging servers are not configured to use workers. docker-workers: {} backups: hosts: farajaland-qa: - ansible_host: '64.226.95.104' + ansible_host: '188.245.61.69' # Written by provision pipeline. Assumes "backup" environment # exists in Github environments ansible_ssh_private_key_file: /tmp/backup_ssh_private_key From b71492f5f597b3fbfdcdb970caec7f3402f89654 Mon Sep 17 00:00:00 2001 From: "Al hel md. shahriar zaman" Date: Tue, 26 Nov 2024 18:42:47 +0600 Subject: [PATCH 05/21] Staging: removed only allow access line --- infrastructure/server-setup/inventory/staging.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/infrastructure/server-setup/inventory/staging.yml b/infrastructure/server-setup/inventory/staging.yml index 455211b09..591b259cd 100644 --- a/infrastructure/server-setup/inventory/staging.yml +++ b/infrastructure/server-setup/inventory/staging.yml @@ -13,8 +13,6 @@ all: # OpenCRVS should never be exposed to the public internet. If this is not possible to organise, # then this should always be set when configuring a production server if there is no other firewall in front of the server. # BE CAREFUL! This will block all SSH traffic except from the IP addresses listed here. - only_allow_access_from_addresses: - - 159.89.14.13 # Enable backups but write them to a different location from where production writes them enable_backups: true backup_server_remote_target_directory: /home/backup/staging-backups From 5ed0d6fb548cab13040e6fca108f0bbe7310b319 Mon Sep 17 00:00:00 2001 From: "Al hel md. shahriar zaman" Date: Tue, 26 Nov 2024 17:54:26 +0600 Subject: [PATCH 06/21] Known hosts are been updated --- infrastructure/known-hosts | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/infrastructure/known-hosts b/infrastructure/known-hosts index 1f44e5152..8627ad6cf 100644 --- a/infrastructure/known-hosts +++ b/infrastructure/known-hosts @@ -25,3 +25,9 @@ farajaland-staging.opencrvs.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGfDAGFF+Jox 159.89.14.13 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPKu2YyZ2niXGic9PZU+V1HppnRUPbXLF5WiQkSKg0hlwgwSawcraziuBmtrT29xJoXs88OKm2gHIwsIH04BbKY= 159.89.14.13 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCxAtyELjJseUKkHz7TaBARqig3XMI1mBYerN0zprmh7KVp+kcK/MVjvg73cjH5AnRUKksoD6dMCO4VP4b80sNyFhbBp8c4u3zyFFENZ0jiv46fdp0KS4jbczmcnwK/XfYVsnFP/EIYbvwNbAtlk6DOPAn8+VKy2ZRRNWwYtzpH/TFwbueX2xp/5L/OJTjsjPSzsxTuksQ1Tg9ahUsnA6jI6keyB1NLsHi5/E+HcExlArESiUChmlek5yNKGNChZE5mlmlpLm12f9LCEKrRykk0e44IjZc46YtFVrkCsYLXL2Z+oLgSlOH/xAU6I9NZnkYCy12Y1Fwac3JYNFwgCxoRMlYT23e3xTAZ5WQUFprjSY7v75HQVz0aYI4ZkpAAipNhM1+027I+ZVS9KEpdp+wwS02uamf0kM3afxqA1U3iNs5Z6zQwYeggrHPQBvt+P2x0ehkVFDNTEc0slgbLP+KugWsK98ezppjqizsNuw/7SuWF8gMVDbn/XKIGGaawlHU= 159.89.14.13 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF+MHhrQvwDOYP1pYFZ61WaYnr4vtgXtFuimxGCy4plV +188.245.61.69 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDjYsDKtnQQOCDQALAnsyqbesNPui82JolfgAAr5mHYuj3dpidPvjVB6ZsHN2RbigCmH3YGrGc+g9JNdTE3+0q7zNXup9ZEdVTBvts5RsxE4ztemHpmhshB1fT3Igi40Uamw/UpUQNw3lBpoeN8PCRM5QWQKScD4uPiDtfh7Ma9PCDCbEKyBOGI4GRj9nCeiKSp9uArl7PhEQHF2zD6yY5J6Cynnvdp4TCdqKsQcKf5nJMN+BUVcwrf1/o0A6cYbDPVnGXlR2C0tPDym+ffIOTnkaj4ekY2Fh7mSGoDFjvBATNSc5Jv5TkYeTHAyrdpLL+/8TDcuggAJ3w/iLh+Sgigv/78PvGNTH98PRM4ONCrQDwlx+Lgzq3wszrFr1GYapuCdAb44yKyYD8Y+7kRE0WqNVh5ToKuz+XJ4n2Ff4NHGTg8GLDTWHyWcolEI3nCo6Pf93YMJZ3PBcq/ATa5rUOj4+GLMd/lM7/9c/iA/wouYrN5xJsDAQIIIqr8FAwDBEs= +188.245.61.69 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCZB4NOBvOaYoVQBCMTpAWkFNA+slkroBHW4hndNRk21jUPY1x8ommbGX8cALmb6zbgWw3pgcMNc2k/QaTL6uZs= +188.245.61.69 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJTTic204SRitgcwPl3O0BM537JO3Ct15MkUUzxzqUP/ +188.245.61.69 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDjYsDKtnQQOCDQALAnsyqbesNPui82JolfgAAr5mHYuj3dpidPvjVB6ZsHN2RbigCmH3YGrGc+g9JNdTE3+0q7zNXup9ZEdVTBvts5RsxE4ztemHpmhshB1fT3Igi40Uamw/UpUQNw3lBpoeN8PCRM5QWQKScD4uPiDtfh7Ma9PCDCbEKyBOGI4GRj9nCeiKSp9uArl7PhEQHF2zD6yY5J6Cynnvdp4TCdqKsQcKf5nJMN+BUVcwrf1/o0A6cYbDPVnGXlR2C0tPDym+ffIOTnkaj4ekY2Fh7mSGoDFjvBATNSc5Jv5TkYeTHAyrdpLL+/8TDcuggAJ3w/iLh+Sgigv/78PvGNTH98PRM4ONCrQDwlx+Lgzq3wszrFr1GYapuCdAb44yKyYD8Y+7kRE0WqNVh5ToKuz+XJ4n2Ff4NHGTg8GLDTWHyWcolEI3nCo6Pf93YMJZ3PBcq/ATa5rUOj4+GLMd/lM7/9c/iA/wouYrN5xJsDAQIIIqr8FAwDBEs= +188.245.61.69 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCZB4NOBvOaYoVQBCMTpAWkFNA+slkroBHW4hndNRk21jUPY1x8ommbGX8cALmb6zbgWw3pgcMNc2k/QaTL6uZs= +188.245.61.69 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJTTic204SRitgcwPl3O0BM537JO3Ct15MkUUzxzqUP/ From db1e9c97c1d7f17bfaa55b98756e5fb54f1bb989 Mon Sep 17 00:00:00 2001 From: "Al hel md. shahriar zaman" Date: Wed, 27 Nov 2024 18:14:13 +0600 Subject: [PATCH 07/21] known host is updated for qa --- infrastructure/known-hosts | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/infrastructure/known-hosts b/infrastructure/known-hosts index 8627ad6cf..c1ab2f9af 100644 --- a/infrastructure/known-hosts +++ b/infrastructure/known-hosts @@ -31,3 +31,9 @@ farajaland-staging.opencrvs.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGfDAGFF+Jox 188.245.61.69 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDjYsDKtnQQOCDQALAnsyqbesNPui82JolfgAAr5mHYuj3dpidPvjVB6ZsHN2RbigCmH3YGrGc+g9JNdTE3+0q7zNXup9ZEdVTBvts5RsxE4ztemHpmhshB1fT3Igi40Uamw/UpUQNw3lBpoeN8PCRM5QWQKScD4uPiDtfh7Ma9PCDCbEKyBOGI4GRj9nCeiKSp9uArl7PhEQHF2zD6yY5J6Cynnvdp4TCdqKsQcKf5nJMN+BUVcwrf1/o0A6cYbDPVnGXlR2C0tPDym+ffIOTnkaj4ekY2Fh7mSGoDFjvBATNSc5Jv5TkYeTHAyrdpLL+/8TDcuggAJ3w/iLh+Sgigv/78PvGNTH98PRM4ONCrQDwlx+Lgzq3wszrFr1GYapuCdAb44yKyYD8Y+7kRE0WqNVh5ToKuz+XJ4n2Ff4NHGTg8GLDTWHyWcolEI3nCo6Pf93YMJZ3PBcq/ATa5rUOj4+GLMd/lM7/9c/iA/wouYrN5xJsDAQIIIqr8FAwDBEs= 188.245.61.69 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCZB4NOBvOaYoVQBCMTpAWkFNA+slkroBHW4hndNRk21jUPY1x8ommbGX8cALmb6zbgWw3pgcMNc2k/QaTL6uZs= 188.245.61.69 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJTTic204SRitgcwPl3O0BM537JO3Ct15MkUUzxzqUP/ +farajaland-qa-new.opencrvs.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCdxsUOL1IzVBm0FoiW1O4HRcaU1IMOZA90CSsOVAbbUC4WRp0e/wgVibWbS5Loja1G4wKohHd9jQTfDF7Y6MxIlQhFPtD2OAvkXci5jwg+9vNYafLXEzkRYisTbd8q1n/P7TjmcBl+3goE27OK05N4AAULM43RyRa0Mh2ntzz7qadYM0FTZ5niCjfuGL2RfkU2/joqI/1O8EKqxvMTajPefH+BWP8pBhZl33b+IbbXMgw3cDq88sCjGsvTlSm2f9kH0fLffDjPMdhJlwaEp9f7u3/jeQjN82JfMnEY54Lh6tIgrsQGGbfT9DtyHpRIo0ApWNdOiEQLTn2BeXxXL6IMZbR1qDs02eODLFVJ9pbmkyk1TRsjcuAKC3Z7fTfczgl9rlf3w0f89LkZLN9y3qR7DI/Lo+Idyc46DXBj11HFGjVSSZlbfo2T/NmTCiayA7G+jYBFghOqwW13ZgFF4Rxw8nKSaYwWYfBGhJcbQKMRDYl5z+EHiPt5sOyLYQLFqAM= +farajaland-qa-new.opencrvs.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBLM0HYX9qnFCIQEPM+Qz+/RtnkBly+YRqvHLJYSV3g0fU2RL3o+Mof9C1rtUvFKSjRYwu0TFKKaySBmZ3yc3aA= +farajaland-qa-new.opencrvs.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOCxp5U416Teyc6gXHppVle3D3k5LzLleQ+t4Q3KOBOP +5.223.46.129 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCdxsUOL1IzVBm0FoiW1O4HRcaU1IMOZA90CSsOVAbbUC4WRp0e/wgVibWbS5Loja1G4wKohHd9jQTfDF7Y6MxIlQhFPtD2OAvkXci5jwg+9vNYafLXEzkRYisTbd8q1n/P7TjmcBl+3goE27OK05N4AAULM43RyRa0Mh2ntzz7qadYM0FTZ5niCjfuGL2RfkU2/joqI/1O8EKqxvMTajPefH+BWP8pBhZl33b+IbbXMgw3cDq88sCjGsvTlSm2f9kH0fLffDjPMdhJlwaEp9f7u3/jeQjN82JfMnEY54Lh6tIgrsQGGbfT9DtyHpRIo0ApWNdOiEQLTn2BeXxXL6IMZbR1qDs02eODLFVJ9pbmkyk1TRsjcuAKC3Z7fTfczgl9rlf3w0f89LkZLN9y3qR7DI/Lo+Idyc46DXBj11HFGjVSSZlbfo2T/NmTCiayA7G+jYBFghOqwW13ZgFF4Rxw8nKSaYwWYfBGhJcbQKMRDYl5z+EHiPt5sOyLYQLFqAM= +5.223.46.129 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBLM0HYX9qnFCIQEPM+Qz+/RtnkBly+YRqvHLJYSV3g0fU2RL3o+Mof9C1rtUvFKSjRYwu0TFKKaySBmZ3yc3aA= +5.223.46.129 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOCxp5U416Teyc6gXHppVle3D3k5LzLleQ+t4Q3KOBOP From 3bfacbeec9d2f8809d561eb3693d1522f4038253 Mon Sep 17 00:00:00 2001 From: Riku Rouvila Date: Fri, 15 Nov 2024 07:59:25 +0200 Subject: [PATCH 08/21] ensure 'file' utility is installed on linux before referring to it On Hetzner (Ubuntu 24.04.1 LTS 6.8.0-45-generic) this was not the case --- infrastructure/server-setup/tasks/swap.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/infrastructure/server-setup/tasks/swap.yml b/infrastructure/server-setup/tasks/swap.yml index 9c732e3e7..08f6407b2 100644 --- a/infrastructure/server-setup/tasks/swap.yml +++ b/infrastructure/server-setup/tasks/swap.yml @@ -14,6 +14,13 @@ tags: - swap.file.permissions +- name: Ensure 'file' utility is installed + ansible.builtin.package: + name: file + state: present + tags: + - swap.file.mkswap + - name: 'Check swap file type' command: file {{ swap_file_path }} register: swapfile From 91a756b3d40100fa430ccb8d04057958e683f2a2 Mon Sep 17 00:00:00 2001 From: "Al hel md. shahriar zaman" Date: Tue, 26 Nov 2024 18:04:59 +0600 Subject: [PATCH 09/21] known host is updated for staging --- infrastructure/known-hosts | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/infrastructure/known-hosts b/infrastructure/known-hosts index c1ab2f9af..4e749b7ab 100644 --- a/infrastructure/known-hosts +++ b/infrastructure/known-hosts @@ -37,3 +37,9 @@ farajaland-qa-new.opencrvs.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOCxp5U416Tey 5.223.46.129 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCdxsUOL1IzVBm0FoiW1O4HRcaU1IMOZA90CSsOVAbbUC4WRp0e/wgVibWbS5Loja1G4wKohHd9jQTfDF7Y6MxIlQhFPtD2OAvkXci5jwg+9vNYafLXEzkRYisTbd8q1n/P7TjmcBl+3goE27OK05N4AAULM43RyRa0Mh2ntzz7qadYM0FTZ5niCjfuGL2RfkU2/joqI/1O8EKqxvMTajPefH+BWP8pBhZl33b+IbbXMgw3cDq88sCjGsvTlSm2f9kH0fLffDjPMdhJlwaEp9f7u3/jeQjN82JfMnEY54Lh6tIgrsQGGbfT9DtyHpRIo0ApWNdOiEQLTn2BeXxXL6IMZbR1qDs02eODLFVJ9pbmkyk1TRsjcuAKC3Z7fTfczgl9rlf3w0f89LkZLN9y3qR7DI/Lo+Idyc46DXBj11HFGjVSSZlbfo2T/NmTCiayA7G+jYBFghOqwW13ZgFF4Rxw8nKSaYwWYfBGhJcbQKMRDYl5z+EHiPt5sOyLYQLFqAM= 5.223.46.129 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBLM0HYX9qnFCIQEPM+Qz+/RtnkBly+YRqvHLJYSV3g0fU2RL3o+Mof9C1rtUvFKSjRYwu0TFKKaySBmZ3yc3aA= 5.223.46.129 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOCxp5U416Teyc6gXHppVle3D3k5LzLleQ+t4Q3KOBOP +farajaland-staging-new.opencrvs.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDzWeNbOz1NzYIGWgSpRe6aR2N7CnNqEXyjHzKXYQ4y4Zt20sGxZaevuXOf3byqxEP9ERnG8pwsOn5CwHLOCQdcglj0dVnKF67/GNkkaKvBGws444OQEj+81zFR8jOZh9Sb+6IDkbujgqEWi3fl/Nqrt7+1dtEK5+bTJaNi+vj8/huVPq4NKVnJuWKX0Lg8m82oyMvu8x1sj2Qcg2tPK8Rw1jVTEkmjiTJYb8FsfzlG9BZWpFHhlwf8p8x+wyzV4C5VEt40Xn6qat2enr9uZ1T7+WW1IJyy080/aaA0P1IIh1r8R8FG0gWkMQIs9mnfRkHz4C9XAUco52RfFvpUsURrBzczt7JQ+52eY042J8zXdK46caBBfv1P9zQ58xUbtJg2paoIGqPjYllnyXIHCnmdAuh+wqnJFwGHkxZimhi9SXOlnvmAOgxyMIXblmhnNU0W0wEE50a9VxGqzVkJ3Nv6CnhXP0zS7z+JKecB71rukJ0W8c4aCKLBTXOZqd0BERE= +farajaland-staging-new.opencrvs.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHTsaRzl0X0GDiqkpkLvEAyKBVnKw++meoJ2S3rxY3VuqjvjwU5t4gM3vW2F7+LkwYuDmOLDdDcqvuyUQkHjzHg= +farajaland-staging-new.opencrvs.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOWueyYkQj/JpsyqbWkR5/8ybhRhh8P1QJV7k2sV8mtS +5.223.47.53 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDzWeNbOz1NzYIGWgSpRe6aR2N7CnNqEXyjHzKXYQ4y4Zt20sGxZaevuXOf3byqxEP9ERnG8pwsOn5CwHLOCQdcglj0dVnKF67/GNkkaKvBGws444OQEj+81zFR8jOZh9Sb+6IDkbujgqEWi3fl/Nqrt7+1dtEK5+bTJaNi+vj8/huVPq4NKVnJuWKX0Lg8m82oyMvu8x1sj2Qcg2tPK8Rw1jVTEkmjiTJYb8FsfzlG9BZWpFHhlwf8p8x+wyzV4C5VEt40Xn6qat2enr9uZ1T7+WW1IJyy080/aaA0P1IIh1r8R8FG0gWkMQIs9mnfRkHz4C9XAUco52RfFvpUsURrBzczt7JQ+52eY042J8zXdK46caBBfv1P9zQ58xUbtJg2paoIGqPjYllnyXIHCnmdAuh+wqnJFwGHkxZimhi9SXOlnvmAOgxyMIXblmhnNU0W0wEE50a9VxGqzVkJ3Nv6CnhXP0zS7z+JKecB71rukJ0W8c4aCKLBTXOZqd0BERE= +5.223.47.53 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHTsaRzl0X0GDiqkpkLvEAyKBVnKw++meoJ2S3rxY3VuqjvjwU5t4gM3vW2F7+LkwYuDmOLDdDcqvuyUQkHjzHg= +5.223.47.53 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOWueyYkQj/JpsyqbWkR5/8ybhRhh8P1QJV7k2sV8mtS From 492332e0081b51bf1e431be701fd50a61c9df23e Mon Sep 17 00:00:00 2001 From: "Al hel md. shahriar zaman" Date: Thu, 28 Nov 2024 18:48:06 +0600 Subject: [PATCH 10/21] enable backup is set to false in staging and backup host correction made --- infrastructure/server-setup/inventory/staging.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/infrastructure/server-setup/inventory/staging.yml b/infrastructure/server-setup/inventory/staging.yml index 591b259cd..54cc214fd 100644 --- a/infrastructure/server-setup/inventory/staging.yml +++ b/infrastructure/server-setup/inventory/staging.yml @@ -14,7 +14,7 @@ all: # then this should always be set when configuring a production server if there is no other firewall in front of the server. # BE CAREFUL! This will block all SSH traffic except from the IP addresses listed here. # Enable backups but write them to a different location from where production writes them - enable_backups: true + enable_backups: false backup_server_remote_target_directory: /home/backup/staging-backups backup_server_remote_source_directory: /home/backup/backups periodic_restore_from_backup: true @@ -78,7 +78,7 @@ docker-workers: {} backups: hosts: farajaland-qa: - ansible_host: '188.245.61.69' + ansible_host: '5.223.46.129' # Written by provision pipeline. Assumes "backup" environment # exists in Github environments ansible_ssh_private_key_file: /tmp/backup_ssh_private_key From a784ce9f2aba8d3236c27ba9890fd58d22c7e916 Mon Sep 17 00:00:00 2001 From: "Al hel md. shahriar zaman" Date: Fri, 29 Nov 2024 13:50:56 +0600 Subject: [PATCH 11/21] Revert "enable backup is set to false in staging and backup host correction made" This reverts commit 492332e0081b51bf1e431be701fd50a61c9df23e. --- infrastructure/server-setup/inventory/staging.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/infrastructure/server-setup/inventory/staging.yml b/infrastructure/server-setup/inventory/staging.yml index 54cc214fd..591b259cd 100644 --- a/infrastructure/server-setup/inventory/staging.yml +++ b/infrastructure/server-setup/inventory/staging.yml @@ -14,7 +14,7 @@ all: # then this should always be set when configuring a production server if there is no other firewall in front of the server. # BE CAREFUL! This will block all SSH traffic except from the IP addresses listed here. # Enable backups but write them to a different location from where production writes them - enable_backups: false + enable_backups: true backup_server_remote_target_directory: /home/backup/staging-backups backup_server_remote_source_directory: /home/backup/backups periodic_restore_from_backup: true @@ -78,7 +78,7 @@ docker-workers: {} backups: hosts: farajaland-qa: - ansible_host: '5.223.46.129' + ansible_host: '188.245.61.69' # Written by provision pipeline. Assumes "backup" environment # exists in Github environments ansible_ssh_private_key_file: /tmp/backup_ssh_private_key From b19c8404b663594f62a172649f7de0b00bf6a7c2 Mon Sep 17 00:00:00 2001 From: "Al hel md. shahriar zaman" Date: Fri, 29 Nov 2024 13:57:12 +0600 Subject: [PATCH 12/21] enable backup is set to false in staging and backup hostname & IP correction made --- infrastructure/server-setup/inventory/staging.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/infrastructure/server-setup/inventory/staging.yml b/infrastructure/server-setup/inventory/staging.yml index 591b259cd..4004024d8 100644 --- a/infrastructure/server-setup/inventory/staging.yml +++ b/infrastructure/server-setup/inventory/staging.yml @@ -14,7 +14,7 @@ all: # then this should always be set when configuring a production server if there is no other firewall in front of the server. # BE CAREFUL! This will block all SSH traffic except from the IP addresses listed here. # Enable backups but write them to a different location from where production writes them - enable_backups: true + enable_backups: false backup_server_remote_target_directory: /home/backup/staging-backups backup_server_remote_source_directory: /home/backup/backups periodic_restore_from_backup: true @@ -77,7 +77,7 @@ docker-manager-first: docker-workers: {} backups: hosts: - farajaland-qa: + farajaland-backup: ansible_host: '188.245.61.69' # Written by provision pipeline. Assumes "backup" environment # exists in Github environments From 1f41763a6b37ae557a5d871d122530d6200ccb8d Mon Sep 17 00:00:00 2001 From: "Al hel md. shahriar zaman" Date: Fri, 29 Nov 2024 17:43:40 +0600 Subject: [PATCH 13/21] Revert "enable backup is set to false in staging and backup hostname & IP correction made" This reverts commit b19c8404b663594f62a172649f7de0b00bf6a7c2. --- infrastructure/server-setup/inventory/staging.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/infrastructure/server-setup/inventory/staging.yml b/infrastructure/server-setup/inventory/staging.yml index 4004024d8..591b259cd 100644 --- a/infrastructure/server-setup/inventory/staging.yml +++ b/infrastructure/server-setup/inventory/staging.yml @@ -14,7 +14,7 @@ all: # then this should always be set when configuring a production server if there is no other firewall in front of the server. # BE CAREFUL! This will block all SSH traffic except from the IP addresses listed here. # Enable backups but write them to a different location from where production writes them - enable_backups: false + enable_backups: true backup_server_remote_target_directory: /home/backup/staging-backups backup_server_remote_source_directory: /home/backup/backups periodic_restore_from_backup: true @@ -77,7 +77,7 @@ docker-manager-first: docker-workers: {} backups: hosts: - farajaland-backup: + farajaland-qa: ansible_host: '188.245.61.69' # Written by provision pipeline. Assumes "backup" environment # exists in Github environments From cc0383f409f6c211afa3a12f021ee8b0a82c1b89 Mon Sep 17 00:00:00 2001 From: "Al hel md. shahriar zaman" Date: Fri, 29 Nov 2024 17:46:54 +0600 Subject: [PATCH 14/21] enable backup is remain true and qa is set as backup --- infrastructure/server-setup/inventory/staging.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infrastructure/server-setup/inventory/staging.yml b/infrastructure/server-setup/inventory/staging.yml index 591b259cd..6787b1d84 100644 --- a/infrastructure/server-setup/inventory/staging.yml +++ b/infrastructure/server-setup/inventory/staging.yml @@ -78,7 +78,7 @@ docker-workers: {} backups: hosts: farajaland-qa: - ansible_host: '188.245.61.69' + ansible_host: '5.223.46.129' # Written by provision pipeline. Assumes "backup" environment # exists in Github environments ansible_ssh_private_key_file: /tmp/backup_ssh_private_key From 2edc1682bbd25565c22d4b889b5612e54b0d3975 Mon Sep 17 00:00:00 2001 From: "Al hel md. shahriar zaman" Date: Fri, 29 Nov 2024 17:58:51 +0600 Subject: [PATCH 15/21] known hosts modified for prod --- infrastructure/known-hosts | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/infrastructure/known-hosts b/infrastructure/known-hosts index 4e749b7ab..9311c283a 100644 --- a/infrastructure/known-hosts +++ b/infrastructure/known-hosts @@ -43,3 +43,9 @@ farajaland-staging-new.opencrvs.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOWueyYk 5.223.47.53 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDzWeNbOz1NzYIGWgSpRe6aR2N7CnNqEXyjHzKXYQ4y4Zt20sGxZaevuXOf3byqxEP9ERnG8pwsOn5CwHLOCQdcglj0dVnKF67/GNkkaKvBGws444OQEj+81zFR8jOZh9Sb+6IDkbujgqEWi3fl/Nqrt7+1dtEK5+bTJaNi+vj8/huVPq4NKVnJuWKX0Lg8m82oyMvu8x1sj2Qcg2tPK8Rw1jVTEkmjiTJYb8FsfzlG9BZWpFHhlwf8p8x+wyzV4C5VEt40Xn6qat2enr9uZ1T7+WW1IJyy080/aaA0P1IIh1r8R8FG0gWkMQIs9mnfRkHz4C9XAUco52RfFvpUsURrBzczt7JQ+52eY042J8zXdK46caBBfv1P9zQ58xUbtJg2paoIGqPjYllnyXIHCnmdAuh+wqnJFwGHkxZimhi9SXOlnvmAOgxyMIXblmhnNU0W0wEE50a9VxGqzVkJ3Nv6CnhXP0zS7z+JKecB71rukJ0W8c4aCKLBTXOZqd0BERE= 5.223.47.53 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHTsaRzl0X0GDiqkpkLvEAyKBVnKw++meoJ2S3rxY3VuqjvjwU5t4gM3vW2F7+LkwYuDmOLDdDcqvuyUQkHjzHg= 5.223.47.53 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOWueyYkQj/JpsyqbWkR5/8ybhRhh8P1QJV7k2sV8mtS +farajaland-new.opencrvs.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC9I1ZqQRWEkXU0MZ4FJUaxSkVnxtjogNft/W6WxCVUaYHakXLZqrWMEbQgOY8RZgsNGJXMKQVhFR4NmMSvP3/eSvLNAtBStAkEqk3KHOb8r6/dRL0i9+IFpOIJuAYC/RbyqYEQyHm989GVYwd5QJLraObBmcFLERhl5eBIa/OaFMBMcL1iTseVDFMIIaVu/V5vlWH+08DmqluydGHtNqsbwuwuFR7k6lspzEvD6jYwE2dwxT+qg9d17aZmbLGWhH8YnJNjf8dkgFX3KKlLM7msyyUcBZaNzhYPZbGozzyYAqyUbxsvpg4srQnD3+TVKI9bOIrOVtWeD7y9fuHmji4R+QO5eNRM97WxMsqGyadXy01M9okiAj2KwhWvzSKUT9UFiiuN/zviXd1PqvbCqkQ7vKXHvAh3Y+mB4G30DGA+0xRHWzgNA1b9IBCSbSMsV1KrQj0jCpTfXkvC081KK5Lph/tRJtBolKbr2IuKEaeaDqJhEsS2zIkXht4+a6hx8Ec= +farajaland-new.opencrvs.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBZQ2LbjmgyBA56IAMSmG+GqraKhgHt+o22KDsj7mX1rR00FbZTfmlIXjb5W5Gf+pwhIGHMfk1jyAVWb4xiahuU= +farajaland-new.opencrvs.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICogAQju3/dugNOeKJTYQJXefgjvalRPdldP8fEivC7f +188.245.160.165 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC9I1ZqQRWEkXU0MZ4FJUaxSkVnxtjogNft/W6WxCVUaYHakXLZqrWMEbQgOY8RZgsNGJXMKQVhFR4NmMSvP3/eSvLNAtBStAkEqk3KHOb8r6/dRL0i9+IFpOIJuAYC/RbyqYEQyHm989GVYwd5QJLraObBmcFLERhl5eBIa/OaFMBMcL1iTseVDFMIIaVu/V5vlWH+08DmqluydGHtNqsbwuwuFR7k6lspzEvD6jYwE2dwxT+qg9d17aZmbLGWhH8YnJNjf8dkgFX3KKlLM7msyyUcBZaNzhYPZbGozzyYAqyUbxsvpg4srQnD3+TVKI9bOIrOVtWeD7y9fuHmji4R+QO5eNRM97WxMsqGyadXy01M9okiAj2KwhWvzSKUT9UFiiuN/zviXd1PqvbCqkQ7vKXHvAh3Y+mB4G30DGA+0xRHWzgNA1b9IBCSbSMsV1KrQj0jCpTfXkvC081KK5Lph/tRJtBolKbr2IuKEaeaDqJhEsS2zIkXht4+a6hx8Ec= +188.245.160.165 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBZQ2LbjmgyBA56IAMSmG+GqraKhgHt+o22KDsj7mX1rR00FbZTfmlIXjb5W5Gf+pwhIGHMfk1jyAVWb4xiahuU= +188.245.160.165 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICogAQju3/dugNOeKJTYQJXefgjvalRPdldP8fEivC7f From 8cae68f8be15bac5e8f976ae60c0c6f2b288f4d6 Mon Sep 17 00:00:00 2001 From: "Al hel md. shahriar zaman" Date: Mon, 2 Dec 2024 14:24:51 +0600 Subject: [PATCH 16/21] backup server name correction made --- infrastructure/server-setup/inventory/backup.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infrastructure/server-setup/inventory/backup.yml b/infrastructure/server-setup/inventory/backup.yml index 54c69eab0..740c896ab 100644 --- a/infrastructure/server-setup/inventory/backup.yml +++ b/infrastructure/server-setup/inventory/backup.yml @@ -41,5 +41,5 @@ all: backups-host: hosts: - backup: + farajaland-backup: ansible_host: '188.245.61.69' From 534869d47f6ca0840d53f716f67c6d458b95215e Mon Sep 17 00:00:00 2001 From: "Al hel md. shahriar zaman" Date: Mon, 2 Dec 2024 14:32:01 +0600 Subject: [PATCH 17/21] backup server is used for backup in staging --- infrastructure/server-setup/inventory/staging.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/infrastructure/server-setup/inventory/staging.yml b/infrastructure/server-setup/inventory/staging.yml index 6787b1d84..8c2c476c8 100644 --- a/infrastructure/server-setup/inventory/staging.yml +++ b/infrastructure/server-setup/inventory/staging.yml @@ -77,8 +77,8 @@ docker-manager-first: docker-workers: {} backups: hosts: - farajaland-qa: - ansible_host: '5.223.46.129' + farajaland-backup: + ansible_host: '188.245.61.69' # Written by provision pipeline. Assumes "backup" environment # exists in Github environments ansible_ssh_private_key_file: /tmp/backup_ssh_private_key From 6cd0aa15b679c5ddad1bb1d6ec1c1d11b0dc5089 Mon Sep 17 00:00:00 2001 From: "Al hel md. shahriar zaman" Date: Mon, 2 Dec 2024 19:10:23 +0600 Subject: [PATCH 18/21] known hosts modified for staging --- infrastructure/known-hosts | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/infrastructure/known-hosts b/infrastructure/known-hosts index 9311c283a..80e7e7c61 100644 --- a/infrastructure/known-hosts +++ b/infrastructure/known-hosts @@ -49,3 +49,9 @@ farajaland-new.opencrvs.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICogAQju3/dugNOe 188.245.160.165 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC9I1ZqQRWEkXU0MZ4FJUaxSkVnxtjogNft/W6WxCVUaYHakXLZqrWMEbQgOY8RZgsNGJXMKQVhFR4NmMSvP3/eSvLNAtBStAkEqk3KHOb8r6/dRL0i9+IFpOIJuAYC/RbyqYEQyHm989GVYwd5QJLraObBmcFLERhl5eBIa/OaFMBMcL1iTseVDFMIIaVu/V5vlWH+08DmqluydGHtNqsbwuwuFR7k6lspzEvD6jYwE2dwxT+qg9d17aZmbLGWhH8YnJNjf8dkgFX3KKlLM7msyyUcBZaNzhYPZbGozzyYAqyUbxsvpg4srQnD3+TVKI9bOIrOVtWeD7y9fuHmji4R+QO5eNRM97WxMsqGyadXy01M9okiAj2KwhWvzSKUT9UFiiuN/zviXd1PqvbCqkQ7vKXHvAh3Y+mB4G30DGA+0xRHWzgNA1b9IBCSbSMsV1KrQj0jCpTfXkvC081KK5Lph/tRJtBolKbr2IuKEaeaDqJhEsS2zIkXht4+a6hx8Ec= 188.245.160.165 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBZQ2LbjmgyBA56IAMSmG+GqraKhgHt+o22KDsj7mX1rR00FbZTfmlIXjb5W5Gf+pwhIGHMfk1jyAVWb4xiahuU= 188.245.160.165 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICogAQju3/dugNOeKJTYQJXefgjvalRPdldP8fEivC7f +farajaland-staging-new.opencrvs.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDzWeNbOz1NzYIGWgSpRe6aR2N7CnNqEXyjHzKXYQ4y4Zt20sGxZaevuXOf3byqxEP9ERnG8pwsOn5CwHLOCQdcglj0dVnKF67/GNkkaKvBGws444OQEj+81zFR8jOZh9Sb+6IDkbujgqEWi3fl/Nqrt7+1dtEK5+bTJaNi+vj8/huVPq4NKVnJuWKX0Lg8m82oyMvu8x1sj2Qcg2tPK8Rw1jVTEkmjiTJYb8FsfzlG9BZWpFHhlwf8p8x+wyzV4C5VEt40Xn6qat2enr9uZ1T7+WW1IJyy080/aaA0P1IIh1r8R8FG0gWkMQIs9mnfRkHz4C9XAUco52RfFvpUsURrBzczt7JQ+52eY042J8zXdK46caBBfv1P9zQ58xUbtJg2paoIGqPjYllnyXIHCnmdAuh+wqnJFwGHkxZimhi9SXOlnvmAOgxyMIXblmhnNU0W0wEE50a9VxGqzVkJ3Nv6CnhXP0zS7z+JKecB71rukJ0W8c4aCKLBTXOZqd0BERE= +farajaland-staging-new.opencrvs.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHTsaRzl0X0GDiqkpkLvEAyKBVnKw++meoJ2S3rxY3VuqjvjwU5t4gM3vW2F7+LkwYuDmOLDdDcqvuyUQkHjzHg= +farajaland-staging-new.opencrvs.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOWueyYkQj/JpsyqbWkR5/8ybhRhh8P1QJV7k2sV8mtS +5.223.47.53 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDzWeNbOz1NzYIGWgSpRe6aR2N7CnNqEXyjHzKXYQ4y4Zt20sGxZaevuXOf3byqxEP9ERnG8pwsOn5CwHLOCQdcglj0dVnKF67/GNkkaKvBGws444OQEj+81zFR8jOZh9Sb+6IDkbujgqEWi3fl/Nqrt7+1dtEK5+bTJaNi+vj8/huVPq4NKVnJuWKX0Lg8m82oyMvu8x1sj2Qcg2tPK8Rw1jVTEkmjiTJYb8FsfzlG9BZWpFHhlwf8p8x+wyzV4C5VEt40Xn6qat2enr9uZ1T7+WW1IJyy080/aaA0P1IIh1r8R8FG0gWkMQIs9mnfRkHz4C9XAUco52RfFvpUsURrBzczt7JQ+52eY042J8zXdK46caBBfv1P9zQ58xUbtJg2paoIGqPjYllnyXIHCnmdAuh+wqnJFwGHkxZimhi9SXOlnvmAOgxyMIXblmhnNU0W0wEE50a9VxGqzVkJ3Nv6CnhXP0zS7z+JKecB71rukJ0W8c4aCKLBTXOZqd0BERE= +5.223.47.53 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHTsaRzl0X0GDiqkpkLvEAyKBVnKw++meoJ2S3rxY3VuqjvjwU5t4gM3vW2F7+LkwYuDmOLDdDcqvuyUQkHjzHg= +5.223.47.53 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOWueyYkQj/JpsyqbWkR5/8ybhRhh8P1QJV7k2sV8mtS From 321bba09b61981c413b7bbc890f57b0a8e26ab6f Mon Sep 17 00:00:00 2001 From: "Al hel md. shahriar zaman" Date: Tue, 3 Dec 2024 14:06:54 +0600 Subject: [PATCH 19/21] Correction: prod2 hostname --- infrastructure/server-setup/inventory/production.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infrastructure/server-setup/inventory/production.yml b/infrastructure/server-setup/inventory/production.yml index 61035aedf..a0f849dd5 100644 --- a/infrastructure/server-setup/inventory/production.yml +++ b/infrastructure/server-setup/inventory/production.yml @@ -51,7 +51,7 @@ docker-manager-first: # If you are only using one production worker for very small countries or small pilot projects, replace with an empty block like so: docker-workers: {} docker-workers: hosts: - farajaland-prod-02: + farajaland-prod-2: ansible_host: '49.13.124.87' data_label: data2 From dd7daf56c2c776c9d1f246846b59d2173a2ccd5f Mon Sep 17 00:00:00 2001 From: "Al hel md. shahriar zaman" Date: Tue, 3 Dec 2024 15:23:21 +0600 Subject: [PATCH 20/21] known host edited for prod --- infrastructure/known-hosts | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/infrastructure/known-hosts b/infrastructure/known-hosts index 80e7e7c61..77b0d3c12 100644 --- a/infrastructure/known-hosts +++ b/infrastructure/known-hosts @@ -55,3 +55,9 @@ farajaland-staging-new.opencrvs.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOWueyYk 5.223.47.53 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDzWeNbOz1NzYIGWgSpRe6aR2N7CnNqEXyjHzKXYQ4y4Zt20sGxZaevuXOf3byqxEP9ERnG8pwsOn5CwHLOCQdcglj0dVnKF67/GNkkaKvBGws444OQEj+81zFR8jOZh9Sb+6IDkbujgqEWi3fl/Nqrt7+1dtEK5+bTJaNi+vj8/huVPq4NKVnJuWKX0Lg8m82oyMvu8x1sj2Qcg2tPK8Rw1jVTEkmjiTJYb8FsfzlG9BZWpFHhlwf8p8x+wyzV4C5VEt40Xn6qat2enr9uZ1T7+WW1IJyy080/aaA0P1IIh1r8R8FG0gWkMQIs9mnfRkHz4C9XAUco52RfFvpUsURrBzczt7JQ+52eY042J8zXdK46caBBfv1P9zQ58xUbtJg2paoIGqPjYllnyXIHCnmdAuh+wqnJFwGHkxZimhi9SXOlnvmAOgxyMIXblmhnNU0W0wEE50a9VxGqzVkJ3Nv6CnhXP0zS7z+JKecB71rukJ0W8c4aCKLBTXOZqd0BERE= 5.223.47.53 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHTsaRzl0X0GDiqkpkLvEAyKBVnKw++meoJ2S3rxY3VuqjvjwU5t4gM3vW2F7+LkwYuDmOLDdDcqvuyUQkHjzHg= 5.223.47.53 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOWueyYkQj/JpsyqbWkR5/8ybhRhh8P1QJV7k2sV8mtS +farajaland-new.opencrvs.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC9I1ZqQRWEkXU0MZ4FJUaxSkVnxtjogNft/W6WxCVUaYHakXLZqrWMEbQgOY8RZgsNGJXMKQVhFR4NmMSvP3/eSvLNAtBStAkEqk3KHOb8r6/dRL0i9+IFpOIJuAYC/RbyqYEQyHm989GVYwd5QJLraObBmcFLERhl5eBIa/OaFMBMcL1iTseVDFMIIaVu/V5vlWH+08DmqluydGHtNqsbwuwuFR7k6lspzEvD6jYwE2dwxT+qg9d17aZmbLGWhH8YnJNjf8dkgFX3KKlLM7msyyUcBZaNzhYPZbGozzyYAqyUbxsvpg4srQnD3+TVKI9bOIrOVtWeD7y9fuHmji4R+QO5eNRM97WxMsqGyadXy01M9okiAj2KwhWvzSKUT9UFiiuN/zviXd1PqvbCqkQ7vKXHvAh3Y+mB4G30DGA+0xRHWzgNA1b9IBCSbSMsV1KrQj0jCpTfXkvC081KK5Lph/tRJtBolKbr2IuKEaeaDqJhEsS2zIkXht4+a6hx8Ec= +farajaland-new.opencrvs.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBZQ2LbjmgyBA56IAMSmG+GqraKhgHt+o22KDsj7mX1rR00FbZTfmlIXjb5W5Gf+pwhIGHMfk1jyAVWb4xiahuU= +farajaland-new.opencrvs.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICogAQju3/dugNOeKJTYQJXefgjvalRPdldP8fEivC7f +188.245.160.165 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC9I1ZqQRWEkXU0MZ4FJUaxSkVnxtjogNft/W6WxCVUaYHakXLZqrWMEbQgOY8RZgsNGJXMKQVhFR4NmMSvP3/eSvLNAtBStAkEqk3KHOb8r6/dRL0i9+IFpOIJuAYC/RbyqYEQyHm989GVYwd5QJLraObBmcFLERhl5eBIa/OaFMBMcL1iTseVDFMIIaVu/V5vlWH+08DmqluydGHtNqsbwuwuFR7k6lspzEvD6jYwE2dwxT+qg9d17aZmbLGWhH8YnJNjf8dkgFX3KKlLM7msyyUcBZaNzhYPZbGozzyYAqyUbxsvpg4srQnD3+TVKI9bOIrOVtWeD7y9fuHmji4R+QO5eNRM97WxMsqGyadXy01M9okiAj2KwhWvzSKUT9UFiiuN/zviXd1PqvbCqkQ7vKXHvAh3Y+mB4G30DGA+0xRHWzgNA1b9IBCSbSMsV1KrQj0jCpTfXkvC081KK5Lph/tRJtBolKbr2IuKEaeaDqJhEsS2zIkXht4+a6hx8Ec= +188.245.160.165 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBZQ2LbjmgyBA56IAMSmG+GqraKhgHt+o22KDsj7mX1rR00FbZTfmlIXjb5W5Gf+pwhIGHMfk1jyAVWb4xiahuU= +188.245.160.165 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICogAQju3/dugNOeKJTYQJXefgjvalRPdldP8fEivC7f From e82ffd8ebe53b15cd98d5183ea90ef952127e409 Mon Sep 17 00:00:00 2001 From: "Al hel md. shahriar zaman" Date: Tue, 3 Dec 2024 15:23:59 +0600 Subject: [PATCH 21/21] correction:production host name --- infrastructure/server-setup/inventory/production.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infrastructure/server-setup/inventory/production.yml b/infrastructure/server-setup/inventory/production.yml index a0f849dd5..3a0944e8f 100644 --- a/infrastructure/server-setup/inventory/production.yml +++ b/infrastructure/server-setup/inventory/production.yml @@ -42,7 +42,7 @@ all: docker-manager-first: hosts: - farajaland-prod: + farajaland-prod-1: ansible_host: '188.245.160.165' data_label: data1