From 6d3f67fb9b70bb68086bbd92fad2df35d05c90bd Mon Sep 17 00:00:00 2001
From: Christa Hartsock <christa.hartsock@gmail.com>
Date: Thu, 23 Jun 2022 15:53:23 -0700
Subject: [PATCH] Initial config for local deployments

Not yet working properly on cloud.gov
---
 .gitignore                 |  1 +
 app/cloudfoundry_config.py |  2 +-
 app/config.py              | 14 +++++++-------
 manifest.yml               | 39 ++++++++++++++++++++++++++++++++++++++
 scripts/run_app_paas.sh    | 13 +++++++++----
 varsfile.sample            |  7 +++++++
 6 files changed, 64 insertions(+), 12 deletions(-)
 create mode 100644 manifest.yml
 create mode 100644 varsfile.sample

diff --git a/.gitignore b/.gitignore
index 66b1738a3..449df7b66 100644
--- a/.gitignore
+++ b/.gitignore
@@ -108,6 +108,7 @@ environment.sh
 .envrc
 .env
 .env*
+varsfile
 
 # CloudFoundry
 .cf
diff --git a/app/cloudfoundry_config.py b/app/cloudfoundry_config.py
index 917ef4297..25f460fdb 100644
--- a/app/cloudfoundry_config.py
+++ b/app/cloudfoundry_config.py
@@ -4,4 +4,4 @@ import os
 
 def extract_cloudfoundry_config():
     vcap_services = json.loads(os.environ['VCAP_SERVICES'])
-    os.environ['REDIS_URL'] = vcap_services['redis'][0]['credentials']['uri']
+    os.environ['REDIS_URL'] = vcap_services['aws-elasticache-redis'][0]['credentials']['uri']
diff --git a/app/config.py b/app/config.py
index 64742664e..33baca579 100644
--- a/app/config.py
+++ b/app/config.py
@@ -31,7 +31,7 @@ class Config(object):
     ANTIVIRUS_API_KEY = os.environ.get('ANTIVIRUS_API_KEY')
 
     ASSETS_DEBUG = False
-    AWS_REGION = 'us-west-2'
+    AWS_REGION = os.environ.get('AWS_REGION')
     DEFAULT_SERVICE_LIMIT = 50
 
     EMAIL_EXPIRY_SECONDS = 3600  # 1 hour
@@ -180,13 +180,13 @@ class Staging(Config):
 class Live(Config):
     HEADER_COLOUR = '#005EA5'  # $govuk-blue
     HTTP_PROTOCOL = 'https'
-    CSV_UPLOAD_BUCKET_NAME = 'live-notifications-csv-upload'
-    CONTACT_LIST_UPLOAD_BUCKET_NAME = 'production-contact-list'
-    LOGO_UPLOAD_BUCKET_NAME = 'public-logos-production'
+    CSV_UPLOAD_BUCKET_NAME = 'notifications.prototype.csv_upload'
+    CONTACT_LIST_UPLOAD_BUCKET_NAME = 'notifications.prototype.contact_list_upload'
+    LOGO_UPLOAD_BUCKET_NAME = 'notifications.prototype.logo_upload'
     LOGO_CDN_DOMAIN = 'static-logos.notifications.service.gov.uk'
-    MOU_BUCKET_NAME = 'notifications.service.gov.uk-mou'
-    TRANSIENT_UPLOADED_LETTERS = 'production-transient-uploaded-letters'
-    PRECOMPILED_ORIGINALS_BACKUP_LETTERS = 'production-letters-precompiled-originals-backup'
+    MOU_BUCKET_NAME = 'notifications.prototype.mou'
+    TRANSIENT_UPLOADED_LETTERS = 'prototype-transient-uploaded-letters'
+    PRECOMPILED_ORIGINALS_BACKUP_LETTERS = 'prototype-letters-precompiled-originals-backup'
     NOTIFY_ENVIRONMENT = 'live'
     CHECK_PROXY_HEADER = False
     ASSET_DOMAIN = 'static.notifications.service.gov.uk'
diff --git a/manifest.yml b/manifest.yml
new file mode 100644
index 000000000..7b0b9704b
--- /dev/null
+++ b/manifest.yml
@@ -0,0 +1,39 @@
+---
+applications:
+  - name: notifications-admin
+    buildpack: python_buildpack
+    memory: 1G
+    health-check-type: http
+    health-check-http-endpoint: '/_status?simple=true'
+    health-check-invocation-timeout: 10
+    routes:
+      - route: notifications-admin.app.cloud.gov
+
+    services:
+      # - logit-ssl-syslog-drain
+      # - notify-prometheus
+      # - notify-splunk
+      - api-redis
+
+    env:
+      NOTIFY_APP_NAME: admin
+      NOTIFY_LOG_PATH: /home/vcap/logs/app.log
+      FLASK_APP: application.py
+      FLASK_ENV: production
+
+      NOTIFY_ENVIRONMENT: live
+
+      # Credentials variables
+      ADMIN_CLIENT_SECRET: ((ADMIN_CLIENT_SECRET))
+      ADMIN_BASE_URL: notifications-admin.app.cloud.gov
+      API_HOST_NAME: notifications-api.app.cloud.gov
+      DANGEROUS_SALT: ((DANGEROUS_SALT))
+      SECRET_KEY: ((SECRET_KEY))
+      ROUTE_SECRET_KEY_1: ((ROUTE_SECRET_KEY_1))
+      ROUTE_SECRET_KEY_2: ((ROUTE_SECRET_KEY_2))
+
+      AWS_REGION: us-west-2
+      AWS_ACCESS_KEY_ID: ((AWS_ACCESS_KEY_ID))
+      AWS_SECRET_ACCESS_KEY: ((AWS_SECRET_ACCESS_KEY))
+
+      NOTIFY_BILLING_DETAILS: []
diff --git a/scripts/run_app_paas.sh b/scripts/run_app_paas.sh
index 3016f2db1..54a8f513d 100755
--- a/scripts/run_app_paas.sh
+++ b/scripts/run_app_paas.sh
@@ -3,6 +3,7 @@
 set -e -o pipefail
 
 TERMINATE_TIMEOUT=30
+readonly LOGS_DIR="/home/vcap/logs"
 
 function check_params {
   if [ -z "${NOTIFY_APP_NAME}" ]; then
@@ -16,19 +17,23 @@ function check_params {
 }
 
 function configure_aws_logs {
+    # create files so that aws logs agent doesn't complain
+  touch ${LOGS_DIR}/gunicorn_error.log
+  touch ${LOGS_DIR}/app.log.json
+
   aws configure set plugins.cwlogs cwlogs
 
   cat > /home/vcap/app/awslogs.conf << EOF
 [general]
 state_file = /home/vcap/logs/awslogs-state
 
-[/home/vcap/logs/app.log]
-file = /home/vcap/logs/app.log*
+[${LOGS_DIR}/app.log]
+file = ${LOGS_DIR}/app.log.json
 log_group_name = paas-${CW_APP_NAME}-application
 log_stream_name = {hostname}
 
-[/home/vcap/logs/gunicorn_error.log]
-file = /home/vcap/logs/gunicorn_error.log
+[${LOGS_DIR}/gunicorn_error.log]
+file = ${LOGS_DIR}/gunicorn_error.log
 log_group_name = paas-${CW_APP_NAME}-gunicorn
 log_stream_name = {hostname}
 EOF
diff --git a/varsfile.sample b/varsfile.sample
new file mode 100644
index 000000000..4045654e7
--- /dev/null
+++ b/varsfile.sample
@@ -0,0 +1,7 @@
+ADMIN_CLIENT_SECRET: asdf
+DANGEROUS_SALT: asdf
+SECRET_KEY: asdf
+ROUTE_SECRET_KEY_1: asdf
+ROUTE_SECRET_KEY_2: asdf
+AWS_ACCESS_KEY_ID: asdf
+AWS_SECRET_ACCESS_KEY: asdf