From fe27af7a16d9bc56b0767f63d8f0490fcd2f13d1 Mon Sep 17 00:00:00 2001
From: Alex Auvolat <alex@adnab.me>
Date: Thu, 22 Dec 2022 17:56:58 +0100
Subject: =?UTF-8?q?Migration=20des=20derniers=20documents=20depuis=20op=5F?=
 =?UTF-8?q?guide=20(d=C3=A9p=C3=B4t=20infrastructure)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 content/operations/deploiement/app/_index.md       | 33 +++++++++++++++++++++
 .../operations/deploiement/app/create_database.md  | 34 ++++++++++++++++++++++
 2 files changed, 67 insertions(+)
 create mode 100644 content/operations/deploiement/app/_index.md
 create mode 100644 content/operations/deploiement/app/create_database.md

(limited to 'content/operations/deploiement/app')

diff --git a/content/operations/deploiement/app/_index.md b/content/operations/deploiement/app/_index.md
new file mode 100644
index 0000000..710e2e5
--- /dev/null
+++ b/content/operations/deploiement/app/_index.md
@@ -0,0 +1,33 @@
++++
+title = "Applications"
+description = "Déploiement d'une application"
+sort_by = "weight"
+date = 2022-12-22
+weight = 30
++++
+
+
+# Empaqueter
+
+Packager avec nix un conteneur Docker, le publier
+
+# Secrets
+
+Créer les secrets avec `secretmgr`
+
+# Service
+
+Créer un service Nomad
+
+Voir les différentes déclarations :
+  - diplonat
+  - tricot
+
+# Sauvegardes
+
+Voir la section appropriée
+
+# Surveillance
+
+Voir la section appropriée
+
diff --git a/content/operations/deploiement/app/create_database.md b/content/operations/deploiement/app/create_database.md
new file mode 100644
index 0000000..e5f8a72
--- /dev/null
+++ b/content/operations/deploiement/app/create_database.md
@@ -0,0 +1,34 @@
++++
+title = "Créer une BDD"
+description = "Création d'une base de données pour une nouvelle application"
+date = 2022-12-22
+dateCreated = 2022-12-22
+weight = 11
++++
+
+## 1. Create a LDAP user and assign a password for your service
+
+Go to guichet.deuxfleurs.fr
+
+  1. Everything takes place in `ou=services,ou=users,dc=deuxfleurs,dc=fr`
+  2. Create a new user, like `johny`
+  3. Generate a random password with `openssl rand -base64 32`
+  4. Hash it with `slappasswd`
+  5. Add a `userpassword` entry with the hash
+
+This step can also be done using the automated tool `secretmgr.py` in the app folder.
+
+## 2. Connect to postgres with the admin users
+
+```bash
+# 1. Launch ssh tunnel given in the README 
+# 2. Make sure you have postregsql client installed locally
+psql -h localhost -U postgres -W postgres
+```
+
+## 3. Create the binded users with LDAP in postgres + the database
+
+```sql
+CREATE USER sogo;
+Create database sogodb with owner sogo encoding 'utf8' LC_COLLATE = 'C' LC_CTYPE = 'C' TEMPLATE template0;
+```
-- 
cgit v1.2.3