chore(deploy): co-locate api + worker on anjie

nikola and frootmig are flagging power events and drive warnings on the iLO interface and need drive replacement. Move both moments components onto anjie.kosherinata.internal until those hosts are back in service. Update the nginx upstream and the readme topology table to match; the postgres pg_ident.conf on magrathea now needs to map anjie's cert CN to both moments_ro and moments_rw (two lines for the same cert_cn). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-04 08:24:21 +03:00
parent c81512fa3e
commit 7843c2c13f
3 changed files with 12 additions and 13 deletions
--- a/asset/manifest.yml
+++ b/asset/manifest.yml
@@ -3,18 +3,15 @@ environments:
  prod:
    components:
      api:
-        hosts: [nikola.kosherinata.internal]
+        hosts: [anjie.kosherinata.internal]
        config:
-          # Reachable across the WG mesh from oolon (the per-site nginx
-          # ingress for rob.tn). Firewalld restricts ingress; see
-          # asset/firewalld/moments-api.xml.
          bind: 0.0.0.0:42424
          db_role: moments_ro
          db_host: magrathea.kosherinata.internal
          db_port: 5432
          db_name: moments
      worker:
-        hosts: [frootmig.kosherinata.internal]
+        hosts: [anjie.kosherinata.internal]
        config:
          db_role: moments_rw
          db_host: magrathea.kosherinata.internal
@@ -36,4 +33,4 @@ environments:
        config:
          server_name: rob.tn
          root: /var/www/rob.tn
-          api_upstream: http://nikola.kosherinata.internal:42424
+          api_upstream: http://anjie.kosherinata.internal:42424
--- a/asset/nginx/rob.tn.conf
+++ b/asset/nginx/rob.tn.conf
@@ -1,5 +1,5 @@
 upstream moments_api {
-    server nikola.kosherinata.internal:42424 max_fails=3 fail_timeout=30s;
+    server anjie.kosherinata.internal:42424 max_fails=3 fail_timeout=30s;
    keepalive 8;
 }