aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--README.md29
-rw-r--r--cluster/prod/app/core/deploy/core.hcl2
2 files changed, 1 insertions, 30 deletions
diff --git a/README.md b/README.md
index ef3f082..11b0346 100644
--- a/README.md
+++ b/README.md
@@ -58,35 +58,6 @@ To upgrade NixOS, use the `./upgrade_nixos` script instead (it has the same synt
**When adding a node to the cluster:** just do `./deploy_nixos <cluster_name> <name_of_new_node>`
-### Deploying Wesher
-
-We use Wesher to provide an encrypted overlay network between nodes in the cluster.
-This is usefull in particular for securing services that are not able to do mTLS,
-but as a security-in-depth measure, we make all traffic go through Wesher even when
-TLS is done correctly. It is thus mandatory to have a working Wesher installation
-in the cluster for it to run correctly.
-
-First, if no Wesher shared secret key has been generated for this cluster yet,
-generate it with:
-
-```
-./gen_wesher_key <cluster_name>
-```
-
-This key will be stored in `pass`, so you must have a working `pass` installation
-for this script to run correctly.
-
-Then, deploy the key on all nodes with:
-
-```
-./deploy_wesher_key <cluster_name>
-```
-
-This should be done after `./deploy_nixos` has run successfully on all nodes.
-You should now have a working Wesher network between all your nodes!
-
-**When adding a node to the cluster:** just do `./deploy_wesher_key <cluster_name> <name_of_new_node>`
-
### Generating and deploying a PKI for Consul and Nomad
This is very similar to how we do for Wesher.
diff --git a/cluster/prod/app/core/deploy/core.hcl b/cluster/prod/app/core/deploy/core.hcl
index 7449740..5c9f9c0 100644
--- a/cluster/prod/app/core/deploy/core.hcl
+++ b/cluster/prod/app/core/deploy/core.hcl
@@ -90,7 +90,7 @@ EOH
}
resources {
- cpu = 2000
+ cpu = 500
memory = 200
}