| 1 |
# Sando topology config. |
| 2 |
# |
| 3 |
# Tiers run in declaration order. Each tier lists the gates that must pass to |
| 4 |
# unlock promotion *to* the next tier, the nodes it ships to, and the canary |
| 5 |
# policy for shipping within the tier. |
| 6 |
# |
| 7 |
# Day-one wiring: host (fw13, local) -> A (testnot.work) -> B (prod-1). C is |
| 8 |
# declared but not provisioned; adding the second prod node later is a config |
| 9 |
# edit (set provisioned = true, fill in [[tier.node]]). |
| 10 |
# |
| 11 |
# The first tier is "host" — it refers to whatever machine sandod runs on |
| 12 |
# (currently fw13). Renamed from the legacy "mm" name in Session 1 of |
| 13 |
# the sando bundle redesign. |
| 14 |
|
| 15 |
[repo] |
| 16 |
bare_path = "/srv/sando/mnw.git" |
| 17 |
branch = "main" |
| 18 |
|
| 19 |
[backup] |
| 20 |
# Source of the prod-backup clone used by migration_dry_run on the Sando host. |
| 21 |
# For localhost dev this can be a file:// path to a fixture dump. In prod we |
| 22 |
# pull directly from alpha-west-1 via a scoped `backup-puller` rrsync user. |
| 23 |
source = "ssh://backup-puller@alpha-west-1:2200/latest.sql.gz" |
| 24 |
local_path = "/srv/sando/backups/latest.sql.gz" |
| 25 |
|
| 26 |
# ---- host: fw13 local pre-staging gate ---- |
| 27 |
[[tier]] |
| 28 |
name = "host" |
| 29 |
provisioned = true |
| 30 |
canary = "sequential" |
| 31 |
gates = [ |
| 32 |
{ kind = "cargo_test" }, |
| 33 |
{ kind = "migration_dry_run" }, |
| 34 |
{ kind = "boot_smoke" }, |
| 35 |
] |
| 36 |
# Host is the daemon's own machine (fw13); no remote node row. |
| 37 |
|
| 38 |
# ---- A: testnot.work staging ---- |
| 39 |
[[tier]] |
| 40 |
name = "a" |
| 41 |
provisioned = true |
| 42 |
canary = "sequential" |
| 43 |
gates = [ |
| 44 |
{ kind = "boot_smoke" }, |
| 45 |
{ kind = "burn_in", hours = 48 }, |
| 46 |
] |
| 47 |
[[tier.node]] |
| 48 |
name = "testnot-1" |
| 49 |
ssh_target = "deploy@testnot" # tailnet name; never the public IP / testnot.work hostname |
| 50 |
release_root = "/opt/mnw" |
| 51 |
service_name = "makenotwork.service" |
| 52 |
|
| 53 |
# ---- B: prod-1 ---- |
| 54 |
[[tier]] |
| 55 |
name = "b" |
| 56 |
provisioned = true |
| 57 |
canary = "sequential" |
| 58 |
gates = [ |
| 59 |
{ kind = "boot_smoke" }, |
| 60 |
{ kind = "manual_confirm" }, |
| 61 |
] |
| 62 |
[[tier.node]] |
| 63 |
name = "prod-1" |
| 64 |
# Tailnet name; port 2200 supplied via /srv/sando/.ssh/config Host block. |
| 65 |
# Service user is "makenotwork" (pre-existing on prod), not "deploy" — chose |
| 66 |
# not to chown 885M of backups + redo postgres peer auth for a cosmetic rename. |
| 67 |
ssh_target = "makenotwork@alpha-west-1" |
| 68 |
release_root = "/opt/mnw" |
| 69 |
service_name = "makenotwork.service" |
| 70 |
|
| 71 |
# ---- C: prod-2 (declared, not yet provisioned) ---- |
| 72 |
[[tier]] |
| 73 |
name = "c" |
| 74 |
provisioned = false |
| 75 |
canary = "sequential" |
| 76 |
gates = [ |
| 77 |
{ kind = "boot_smoke" }, |
| 78 |
] |
| 79 |
# [[tier.node]] entries to be added when the second prod node ships. |
| 80 |
|