This is an internal documentation. There is a good chance you’re looking for something else. See Disclaimer.
Ansible: Ingress/Route Settings¶
Add Route / Endpoint¶
Add the necessary DNS entries.
Add the route to
config.yml
:abc: # <- customer installations: abc: # <- installation routes: abc.ch: www.abc.ch: xyz.ch: # <= add the new routes here www.xyz.ch: # <= abctest:
The default route ${INSTALLATION}.tocco.ch is added implicitly. Only add it explicitly if you wish to override the default settings.
Technical note: the default route, if absent, is added by the inventory script (
inventory.py
).Hint
If a reverse proxy is in front of Nice (e.g. Cloudflare), a route needs to be added still:
abc: # <- customer installations: abc: # <- installation routes: example.net: create_ingress: false monitoring_enabled: false
Proxy should use ${INSTALLATION}.tocco.ch as upstream.
Apply change:
ansible-playbook playbook.yml -t route -l ${INSTALLATION}
Hint
The required TLS certificates are issued automatically in the background. This can take some time though. See Troubleshooting if you run into any issues.
Remove Route / Endpoint¶
Remove route from
config.yml
Apply change:
ansible-playbook playbook.yml -t route -l ${INSTALLATION}
Configure Monitoring¶
There are three variables for configuring monitoring:
monitoring_enabled |
Whether to enabled monitoring. |
monitoring_alert_tocco |
Whether to send alerts to Tocco. As of now, alerts are mailed to the admin inbox. |
monitoring_alert_vshn |
Whether VSHN should be alerted. (Currently unused) |
By default, monitoring is enabled and alerts are sent to Tocco. You can override the default per customer, installation or route in config.yml:
abc:
monitoring_enabled: false # disable for customer
installations:
abc:
monitoring_enabled: true # re-enable for installation
routes:
abc.org:
www.abc.org:
monitoring_alert_tocco: false # do not send alerts for www.abc.org
abctest: