devops

2022-01-21 00:40:30 +03:30 · 2022-01-21 00:40:30 +03:30 · 693a48e2b4
parent 023e8b8652
commit 693a48e2b4
40 changed files with 1941 additions and 301 deletions
--- a/.DS_Store
+++ b/.DS_Store
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+.DS_*
--- a/config/sites-available/base.conf
+++ b/config/sites-available/base.conf
@ -31,11 +31,12 @@ server{

        
    listen 443 ssl http2; # managed by Certbot
-    ssl_certificate /etc/letsencrypt/live/demo.igarson.app/fullchain.pem; # managed by Certbot
-    ssl_certificate_key /etc/letsencrypt/live/demo.igarson.app/privkey.pem; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/igarson.app/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/igarson.app/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

+
 }

 server{
@ -243,3 +244,42 @@ server{
 }


+server{
+        server_name champions.of.galaxy.igarson.app;
+        access_log /var/log/nginx/ig/access.champions.of.galaxy.igarson.app.log;
+        
+        location / {
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_pass http://127.0.0.1:9000;
+            proxy_read_timeout 90;
+            proxy_redirect off;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection "upgrade";
+        }
+
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/champions.of.galaxy.igarson.app/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/champions.of.galaxy.igarson.app/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+
+}
+
+
+server{
+    if ($host = champions.of.galaxy.igarson.app) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+        server_name champions.of.galaxy.igarson.app;
+    listen 80;
+    return 404; # managed by Certbot
+
+
+}
--- a/config/sites-available/igarson.conf
+++ b/config/sites-available/igarson.conf
@ -1,3 +1,4 @@
 include /etc/nginx/sites-available/base.conf;
 include /etc/nginx/sites-available/apps.conf;
-include /etc/nginx/sites-available/games.conf;
+include /etc/nginx/sites-available/games.conf;
+include /etc/nginx/sites-available/watcher.conf;
--- a/config/sites-available/watcher.conf
+++ b/config/sites-available/watcher.conf
@ -0,0 +1,96 @@
+server{
+        server_name prometheus.watcher.igarson.app;
+        access_log /var/log/nginx/ig/access.prometheus.watcher.igarson.app.log;
+        
+        location / {
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_pass http://127.0.0.1:9090;
+            proxy_read_timeout 90;
+            proxy_redirect off;
+            proxy_http_version 1.1;
+        }
+    listen 80;
+
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/prometheus.watcher.igarson.app/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/prometheus.watcher.igarson.app/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+server{
+        server_name alertmanager.watcher.igarson.app;
+        access_log /var/log/nginx/ig/access.alertmanager.watcher.igarson.app.log;
+        
+        location / {
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_pass http://127.0.0.1:9093;
+            proxy_read_timeout 90;
+            proxy_redirect off;
+            proxy_http_version 1.1;
+        }
+    listen 80;
+
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/alertmanager.watcher.igarson.app/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/alertmanager.watcher.igarson.app/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+server{
+        server_name unsee.watcher.igarson.app;
+        access_log /var/log/nginx/ig/access.unsee.watcher.igarson.app.log;
+        
+        location / {
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_pass http://127.0.0.1:9094;
+            proxy_read_timeout 90;
+            proxy_redirect off;
+            proxy_http_version 1.1;
+        }
+    listen 80;
+
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/unsee.watcher.igarson.app/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/unsee.watcher.igarson.app/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+server{
+        server_name grafana.watcher.igarson.app;
+        access_log /var/log/nginx/ig/access.grafana.watcher.igarson.app.log;
+        
+        location / {
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_pass http://127.0.0.1:3000;
+            proxy_read_timeout 90;
+            proxy_redirect off;
+            proxy_http_version 1.1;
+        }
+    listen 80;
+
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/grafana.watcher.igarson.app/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/grafana.watcher.igarson.app/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
--- a/14
+++ b/14
@ -1,21 +1,19 @@
 #mongo
-MONGODB_IG_PASSWORD = jdZwyec3Yb0yaBr8BP+Joup1l/fovAbGT342I2pX8w+X+FqwCeLGvhXBLiL4vmhM
+MONGO_HOST=mongoprimary
+MONGODB_IG_USER=API
+MONGODB_IG_PASSWORD=QBtYse6FYRsM89AS0xGYKCfl7LrO40sbu7n1NU+xLbfoEnoLqmJ3zOG3m2RFOwLb
 MONGODB_ADVERTISED_HOSTNAME=mongoprimary
 MONGODB_REPLICA_SET_MODE=primary
 MONGODB_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l
 MONGODB_REPLICA_SET_KEY=gp39MND7udY6bt9V3h9u+dhxToop4WZTZ2Umn810snSYurlSIPqs/oy0YfjftsBz
 #pg
-POSTGRESQL_USERNAME=igarsonAgent
-POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
-POSTGRESQL_DATABASE=igarsonDB
-POSTGRESQL_REPLICATION_MODE=master
-POSTGRESQL_REPLICATION_USER=pgreplicator
-POSTGRESQL_REPLICATION_PASSWORD=ciXz6xmnEMZSO+0T8L6mGcFJrAvPzkTC04oh/WYIRi51gMQLPfW8tTEHALX6fhk4
+REPMGR_PASSWORD=UjvGvyYXZZTvL1GsST7AJrtmQjqSV+LOihKQaEGyUUtdQAUGSA3BsFEi5B4KoRBF 
+POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6 
 #rabbit
+RABBITMQ_HOST=rabbitmq
 RABBITMQ_PASSWORD=muyXH/zymcTYLzk3wYnIwG+UJWECKy0ViUDO+UlCmPF3XS+2kliuV0TaA0mWf6lT
 RABBITMQ_USERNAME=igarsonAgent
 #redis
-REDIS_REPLICATION_MODE=slave
 REDIS_MASTER_HOST=redismaster
 REDIS_MASTER_PORT_NUMBER=6379
 REDIS_MASTER_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
--- a/playbooks/server/addDomainAndEncrypt.yml
+++ b/playbooks/server/addDomainAndEncrypt.yml
@ -2,31 +2,46 @@
 - name: letsencrypt
  hosts: supermaster
  become: yes
-  vars_files:
-    - var/domains.yml
  tasks:
-    # - name: add domain to nginx with j2 block
-    #   template:
-    #     src: template/nginx-server-block.j2
-    #     dest: /tmp/new-nginx-server-block.{{item.server_name}}.conf
-    #   with_items:
-    #     - "{{ newDomains }}"
+    - name: add domain to nginx with j2 block
+      template:
+        src: template/nginx-server-block.j2
+        dest: /tmp/new-nginx-server-block.{{item.server_name}}.conf
+      with_items:
+        - server_name: mail.igarson.app
+          server_config: ""
+          service_port: 9999
+          conf_file: base.conf 
+
    
-    # - name: append /tmp/new-nginx-server-block.conf to specific conf
-    #   shell: |
-    #     cat /tmp/new-nginx-server-block.{{item.server_name}}.conf >> /etc/nginx/sites-available/{{ item.conf_file }}
-    #     rm -rf /tmp/new-nginx-server-block.{{item.server_name}}.conf
-    #   with_items:
-    #     - "{{ newDomains }}"
+    - name: append /tmp/new-nginx-server-block.conf to specific conf
+      shell: |
+        cat /tmp/new-nginx-server-block.{{item.server_name}}.conf >> /etc/nginx/sites-available/{{ item.conf_file }}
+        rm -rf /tmp/new-nginx-server-block.{{item.server_name}}.conf
+      with_items:
+        - server_name: mail.igarson.app
+          server_config: ""
+          service_port: 9999
+          conf_file: base.conf 
+

    - name: encrypt all domains 
-      expect:
-        command: certbot --nginx -d "{{ item.server_name }}"
-        responses:
-          Question:
-            - 2
-            - 2
+      shell: |
+        certbot --nginx -d {{item.server_name}} -n --redirect
      with_items:
-        - "{{ newDomains }}"
+        - server_name: mail.igarson.app
+          server_config: ""
+          service_port: 9999
+          conf_file: base.conf 
+
+    - name: Reload nginx to activate specified site
+      service: name=nginx state=restarted
+
+    - name: cron job for renew certificates
+      cron:
+        name: renew_certificates
+        special_time: weekly
+        job: certbot renew --post-hook "systemctl reload nginx"    
+

    
--- a/playbooks/server/build.yml
+++ b/playbooks/server/build.yml
@ -1,6 +1,6 @@
 ---
 - name: server initial command
-  hosts: 'all'
+  hosts: 'new'
  become: yes
  become_method: sudo
  become_user: root
@ -12,48 +12,20 @@
        src: hosts
        dest: /etc/hosts
        mode: '0644'
+
+    - name: set shecan dns
+      copy:
+        src: ../dns/resolv.conf
+        dest: /etc/resolv.conf
+        owner: root
+        group: root
+        mode: u=rwx,g=rwx,o=rwx
     
    - name: disable ufw
      shell: ufw disable
    
    - name: disable swap
      shell: swapoff -a
-    
-
-### sudo ufw allow 2376/tcp && sudo ufw allow 7946/udp && sudo ufw allow 7946/tcp && sudo ufw allow 80/tcp && sudo ufw allow 2377/tcp && sudo ufw allow 4789/udp
-
-    - name: flush iptables
-      shell: |
-        iptables -P INPUT ACCEPT
-        iptables -P FORWARD ACCEPT
-        iptables -P OUTPUT ACCEPT
-        iptables -t nat -F
-        iptables -t mangle -F
-        iptables -F
-        iptables -X
-
-    - name: iptables for masters
-      when: inventory_hostname in groups['masters']
-      shell: |
-        iptables -I INPUT -p tcp --dport 80 -j ACCEPT
-        iptables -I INPUT -p tcp --dport 443 -j ACCEPT
-        iptables -I INPUT -p tcp --dport 22 -j ACCEPT
-        iptables -I INPUT -p tcp --dport 53 -j ACCEPT
-        iptables -I INPUT -p tcp --dport 2376 -j ACCEPT
-        iptables -I INPUT -p tcp --dport 7946 -j ACCEPT
-        iptables -I INPUT -p udp --dport 7946 -j ACCEPT
-        iptables -I INPUT -p tcp --dport 2377 -j ACCEPT
-        iptables -I INPUT -p udp --dport 4789 -j ACCEPT
-        iptables -I INPUT -p tcp --dport 25196 -j ACCEPT 
-        iptables-save >> /etc/iptables.rules.v4
-
-    - name: iptables for workers
-      when: inventory_hostname in groups['workers']
-      shell: |
-        iptables -I INPUT -p tcp --dport 80 -j ACCEPT
-        iptables -I INPUT -p tcp --dport 25196 -j ACCEPT 
-        iptables-save >> /etc/iptables.rules.v4
-

    - name: sid swap off in fstab
      shell: sed -i '/swap/d' /etc/fstab 
@ -63,8 +35,13 @@
    
    - name: apt-get update
      apt: update_cache=yes force_apt_get=yes cache_valid_time=3600
-    

+    - name: add docker key  and add docker repo
+      shell: |
+        curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
+        sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"
+    
+    
    - name: installing docker dependencies
      apt:
        name: "{{item}}"
@ -77,12 +54,7 @@
        - lsb-release
  

-    - name: add docker key  and add docker repo
-      shell: |
-        curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
-        sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"
        
-
    - name: installing docker-ce and docker-ce-cli and
      apt:
        name: "{{item}}"
@ -103,8 +75,6 @@
        - docker
        - containerd
    
-    
-    
    - name: create the docker user account
      user: name=dockerman append=yes state=present createhome=yes shell=/bin/bash
    
@ -152,15 +122,16 @@
      become: dockerman
      shell: docker login -u {{ registry_user }} -p {{ registry_password }} {{ registry_url }}

+    - name: add enviroments to all servers
+      shell: |
+        echo "export ADMIN_USER=nerdguy" >> /etc/environment
+        echo "export ADMIN_PASSWORD=RbBmIu1LCgIqKcMmopc1Ie21+1OKsX1ktNCAeiViNIb6HAKkzjJ+GhZlLysItwgm" >> /etc/environment
+    
    - name: reboot
      shell: reboot
      ignore_errors: yes


-    - name: add enviroments to all servers
-      shell: |
-        echo "export ADMIN_USER=nerdguy" >> /etc/environment
-        echo "export ADMIN_PASSWORD=RbBmIu1LCgIqKcMmopc1Ie21+1OKsX1ktNCAeiViNIb6HAKkzjJ+GhZlLysItwgm" >> /etc/environment


      
--- a/playbooks/server/fetchimportant.yml
+++ b/playbooks/server/fetchimportant.yml
@ -0,0 +1,15 @@
+--- 
+- name: fetch important folder and files 
+  hosts: supermaster
+  become: true
+  vars_files:
+    - "var/nginx.yml"
+  tasks: 
+    - name: fetch nginx site-available
+      fetch: 
+        src: /etc/nginx/sites-available/{{ item }} 
+        dest: ../../config/sites-available/{{item}}
+        flat: yes
+      with_items:
+        - "{{ nginx_confs }}"
+    - name: backup from /volume
--- a/playbooks/server/hosts
+++ b/playbooks/server/hosts
@ -10,10 +10,10 @@ ff02::3 ip6-allhosts
 87.107.132.77   masterold
 87.107.132.78   workerold

-192.168.1.6    master1local
-192.168.1.73   worker1local
-192.168.1.254  worker2local
+192.168.1.6    master1
+192.168.1.73   worker1
+192.168.1.254  worker2
+192.168.1.254  worker3
+
+31.7.74.79      master1ip

-31.7.74.79      master1
-31.7.74.118     worker1
-31.7.74.96      worker2
--- a/playbooks/server/supermaster.yml
+++ b/playbooks/server/supermaster.yml
@ -62,11 +62,6 @@
    - name: exportfs
      shell: exportfs -a

-    - name: set iptables for clients ip for nfs
-      shell: |
-        iptables -A INPUT -s "{{ item.local }}"/32 -p tcp -m tcp --dport 2049 -j ACCEPT
-      with_items:
-        - "{{ clients }}"

    - name: create overlay network
      shell: |
--- a/playbooks/server/template/nginx-server-block.j2
+++ b/playbooks/server/template/nginx-server-block.j2
@ -14,4 +14,4 @@ server{
        }
    listen 80;

-}
+}
--- a/playbooks/server/var/domains.yml
+++ b/playbooks/server/var/domains.yml
@ -16,4 +16,8 @@ domains:
  - demo.igarson.app
  - terrace.kermanshah.igarson.app
  - champions.of.galaxy.igarson.app
-
+newDomains:
+  - server_name: champions.of.galaxy.igarson.app
+    server_config: null
+    service_port: 9000
+    conf_file: base.conf
--- a/playbooks/server/var/nginx.yml
+++ b/playbooks/server/var/nginx.yml
@ -0,0 +1,7 @@
+---
+nginx_confs:
+  - apps.conf
+  - base.conf
+  - games.conf
+  - igarson.conf
+  - watcher.conf
--- a/playbooks/server/var/swarm.yml
+++ b/playbooks/server/var/swarm.yml
@ -1,3 +1,3 @@
 ---
-manager_token: SWMTKN-1-2qwry99zn95r9ehs30mnyu6b526ccdwlk21ciwri15zjrwbmoj-8z1x15gas5ujyk860zvdbmdnk
-worker_token: SWMTKN-1-2qwry99zn95r9ehs30mnyu6b526ccdwlk21ciwri15zjrwbmoj-b0sesv6f6kntbfekxq0vf44os
+manager_token: SWMTKN-1-2lc4v06finh32fod6hm675cmfdjgo4eytnmwgyds9vwm0uu2ap-a6tlk6qvbep2q27amo37vzsfo
+worker_token: SWMTKN-1-2lc4v06finh32fod6hm675cmfdjgo4eytnmwgyds9vwm0uu2ap-8tcf02zncgup3vsn0rmoys3jg
--- a/playbooks/server/workers.yml
+++ b/playbooks/server/workers.yml
@ -1,12 +1,30 @@
 ---
 - name: configure worker for docker swarm 
  become: yes
-  hosts: workers
+  hosts: new
  # add var file
  vars_files:
    - "var/swarm.yml"
    - "var/hosts.yml"
+    - "var/registry.yml"
  tasks:
+    - name: nfs common
+      when: inventory_hostname in groups['workers']
+      apt:
+        name: nfs-common
+        state: present
+        update_cache: yes
+
+    - name: login docker
+      become: yes
+      become_user: dockerman
+      shell: docker login -u {{ registry_user }} -p {{ registry_password }} {{ registry_url }}
+
+    - name: add enviroments to all servers
+      shell: |
+        echo "export ADMIN_USER=nerdguy" >> /etc/environment
+        echo "export ADMIN_PASSWORD=RbBmIu1LCgIqKcMmopc1Ie21+1OKsX1ktNCAeiViNIb6HAKkzjJ+GhZlLysItwgm" >> /etc/environment
+      
    - name: join node in swarm as worker
      shell: docker swarm join --token {{ worker_token }} {{ item.local }}:2377
      with_items:
--- a/13
+++ b/13
@ -16,4 +16,15 @@
 8013  capitan.igarson.app
 8014  igarson.app
 6732  guardians.of.galaxy.igarson.app  ==> must change 8015
-}
+8016  yaus.ir
+}
+
+9000-x + {3000} = monitoring
+{
+ 3000 grafana
+ 9090 promateus
+ 9093 alertmanager
+ 9094 unsee
+}
+
+mailbox 9999
--- a/stack.test.yml
+++ b/stack.test.yml
@ -0,0 +1,36 @@
+version: "3.7"
+
+networks:
+  mother:
+    external: true
+
+
+services:
+  core:
+    image: registry.vnfco.ir/ig/api:0.4.4
+    environment:
+      - SPRING_ACTIVE_PROFILE=prod
+    volumes:
+      - /Users/amirmoghi3/application-prod.properties:/target/classes/application-prod.properties
+    deploy:
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: start-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        window: 120s 
+      resources:
+        limits:
+          cpus: '0.75'
+          memory: 400m
+      replicas: 1
+      mode: replicated
+    entrypoint: [ "java" ,"-jar","IGAPI.jar" , "--spring.config.location=/target/classes/application-prod.properties"]
+    ports:
+      - "8011:8080"
+    networks:
+      - mother
+  
+
--- a/stackDev/mongo/stack.yml
+++ b/stackDev/mongo/stack.yml
@ -0,0 +1,98 @@
+version: "3.7"
+
+networks:
+  mother:
+    external: true
+
+volumes:
+  mongoprimary-data:
+  mongosecondary-data:
+  
+services:
+  mongoprimary:
+    image: registry.vnfco.ir/library/bitnami/mongodb:4.4.11-debian-10-r5
+    volumes:
+      - mongoprimary-data:/bitnami/mongodb
+    environment:
+      - MONGODB_REPLICA_SET_MODE=primary
+      - MONGODB_REPLICA_SET_NAME=igrep
+      - MONGODB_ADVERTISED_HOSTNAME=mongoprimary
+      - MONGODB_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l
+      - MONGODB_REPLICA_SET_KEY=keyissetforlocalreplica
+    deploy:
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: start-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s 
+      replicas: 1
+      mode: replicated
+    ports:
+      - "27011:27017"
+    networks:
+      - mother
+      
+
+  mongosecondary:
+    image: registry.vnfco.ir/library/bitnami/mongodb:4.4.11-debian-10-r5
+    environment:
+      - MONGODB_REPLICA_SET_MODE=secondary
+      - MONGODB_REPLICA_SET_NAME=igrep
+      - MONGODB_ADVERTISED_HOSTNAME=mongosecondary
+      - MONGODB_INITIAL_PRIMARY_HOST=mongoprimary
+      - MONGODB_INITIAL_PRIMARY_PORT_NUMBER=27017
+      - MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l
+      - MONGODB_REPLICA_SET_KEY=keyissetforlocalreplica
+    volumes:
+      - mongosecondary-data:/bitnami/mongodb
+    deploy:
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: start-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s 
+      mode: replicated
+      replicas: 1
+    ports:
+      - "27012:27017"
+    networks:
+      - mother
+
+      
+
+  mongoarbiter:
+    image: registry.vnfco.ir/library/bitnami/mongodb:4.4.11-debian-10-r5
+    environment:
+      - MONGODB_REPLICA_SET_MODE=arbiter
+      - MONGODB_REPLICA_SET_NAME=igrep
+      - MONGODB_ADVERTISED_HOSTNAME=mongoarbiter
+      - MONGODB_INITIAL_PRIMARY_HOST=mongoprimary
+      - MONGODB_INITIAL_PRIMARY_PORT_NUMBER=27017
+      - MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l
+      - MONGODB_REPLICA_SET_KEY=keyissetforlocalreplica
+    deploy:
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: start-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s 
+      mode: replicated
+      replicas: 1
+    networks:
+      - mother
+
+
+
+
--- a/stackDev/pg/stack.yml
+++ b/stackDev/pg/stack.yml
@ -0,0 +1,130 @@
+version: "3.7"
+
+networks:
+  mother:
+    external: true
+volumes:
+  db-1-data:
+  db-0-data:
+
+services:
+  pg-0:
+    image: registry.vnfco.ir/library/bitnami/postgresql-repmgr:13.5.0-debian-10-r48
+    environment:
+     - REPMGR_PARTNER_NODES=pg-0,pg-1 
+     - REPMGR_NODE_NAME=pg-0 
+     - REPMGR_NODE_NETWORK_NAME=pg-0 
+     - REPMGR_PRIMARY_HOST=pg-0 
+     - REPMGR_PASSWORD=UjvGvyYXZZTvL1GsST7AJrtmQjqSV+LOihKQaEGyUUtdQAUGSA3BsFEi5B4KoRBF 
+     - POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6 
+    volumes:
+      - db-0-data:/bitnami/postgresql
+    ports:
+      - "5432:5432"
+    networks:
+      - mother
+    deploy:
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: stop-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s
+      
+  pg-1:
+    image: registry.vnfco.ir/library/bitnami/postgresql-repmgr:13.5.0-debian-10-r48
+    environment:
+      - REPMGR_PARTNER_NODES=pg-0,pg-1 
+      - REPMGR_NODE_NAME=pg-1 
+      - REPMGR_NODE_NETWORK_NAME=pg-1 
+      - REPMGR_PRIMARY_HOST=pg-0
+      - REPMGR_PASSWORD=UjvGvyYXZZTvL1GsST7AJrtmQjqSV+LOihKQaEGyUUtdQAUGSA3BsFEi5B4KoRBF 
+      - POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6 
+    volumes:
+      - db-1-data:/bitnami/postgresql
+    ports:
+      - "5433:5432"
+    networks:
+      - mother
+    deploy:
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: start-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s
+
+  # pgmaster:
+  #   image: registry.vnfco.ir/library/crunchydata/crunchy-postgres:centos7-13.1-4.5.1
+  #   volumes:
+  #       - '/volume/pg:/bitnami/postgresql'
+  #   environment:
+  #     - POSTGRESQL_USERNAME=igarsonAgent
+  #     - POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
+  #     - POSTGRESQL_DATABASE=igarsonDB
+  #     - POSTGRESQL_REPLICATION_MODE=master
+  #     - POSTGRESQL_REPLICATION_USER=pgreplicator
+  #     - POSTGRESQL_REPLICATION_PASSWORD=ciXz6xmnEMZSO+0T8L6mGcFJrAvPzkTC04oh/WYIRi51gMQLPfW8tTEHALX6fhk4
+  #   deploy:
+  #     update_config:
+  #       parallelism: 1
+  #       delay: 10s
+  #       order: start-first
+  #     restart_policy:
+  #       condition: any
+  #       delay: 5s
+  #       max_attempts: 3
+  #       window: 120s
+  #     resources:
+  #       limits:
+  #         cpus: '1'
+  #         memory: 300M
+  #     replicas: 1
+  #     mode: replicated
+  #     placement:
+  #       constraints:
+  #         - node.role == worker
+  #   ports:
+  #     - "5432:5432"
+  #   networks:
+  #     - mother
+
+  # pgslave:
+  #   image: registry.vnfco.ir/library/crunchydata/crunchy-postgres:centos7-13.1-4.5.1
+  #   environment:
+  #     - POSTGRESQL_REPLICATION_MODE=slave
+  #     - POSTGRESQL_REPLICATION_USER=pgreplicator
+  #     - POSTGRESQL_REPLICATION_PASSWORD=ciXz6xmnEMZSO+0T8L6mGcFJrAvPzkTC04oh/WYIRi51gMQLPfW8tTEHALX6fhk4
+  #     - POSTGRESQL_MASTER_HOST=pgmaster
+  #     - POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
+  #     - POSTGRESQL_MASTER_PORT_NUMBER=5432
+
+  #   deploy:
+  #     update_config:
+  #       parallelism: 1
+  #       delay: 10s
+  #       order: start-first
+  #     restart_policy:
+  #       condition: any
+  #       delay: 5s
+  #       max_attempts: 3
+  #       window: 120s
+  #     resources:
+  #       limits:
+  #         cpus: '0.7'
+  #         memory: 300M
+  #     mode: replicated
+  #     replicas: 1
+  #     placement:
+  #       constraints:
+  #            - node.role == worker
+  #   ports:
+  #     - "5433:5432"
+  #   networks:
+  #     - mother
--- a/stackDev/rabbitmq/stack.yml
+++ b/stackDev/rabbitmq/stack.yml
@ -0,0 +1,33 @@
+
+version: "3.7"
+
+networks:
+  mother:
+    external: true
+volumes:
+  rabbit-data:
+
+
+services:
+  rabbitmq:
+    image: registry.vnfco.ir/library/bitnami/rabbitmq:latest
+    ports:
+      - '5672'
+    environment:
+      - RABBITMQ_PASSWORD=muyXH/zymcTYLzk3wYnIwG+UJWECKy0ViUDO+UlCmPF3XS+2kliuV0TaA0mWf6lT
+      - RABBITMQ_USERNAME=igarsonAgent
+    volumes:
+      - rabbit-data:/bitnami
+    deploy:
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: start-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        window: 120s 
+      replicas: 1
+      mode: replicated
+    networks:
+      - mother
--- a/stackDev/redis/stack.yml
+++ b/stackDev/redis/stack.yml
@ -0,0 +1,102 @@
+
+version: "3.7"
+
+networks:
+  mother:
+    external: true
+
+
+volumes:
+  redis-data:
+
+
+services:
+  redismaster:
+    image: registry.vnfco.ir/library/bitnami/redis:5.0.14-debian-10-r90
+    ports:
+      - '6969:6379'
+    environment:
+      - REDIS_REPLICATION_MODE=master
+      - REDISCLI_AUTH=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
+      - REDIS_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
+      - REDIS_AOF_ENABLED=no
+    volumes:
+      - redis-data:/bitnami
+    deploy:
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: start-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s 
+      replicas: 1
+      mode: replicated
+    networks:
+      - mother
+    healthcheck:
+      test: ["CMD-SHELL", "redis-cli ping"]
+      interval: 5s
+      timeout: 2s
+      retries: 3
+      start_period: 10s
+
+  redisreplica:
+    image: registry.vnfco.ir/library/bitnami/redis:5.0.14-debian-10-r90
+    ports:
+      - '6970:6379'
+    environment:
+      - REDIS_REPLICATION_MODE=slave
+      - REDIS_MASTER_HOST=redismaster
+      - REDIS_MASTER_PORT_NUMBER=6379
+      - REDIS_MASTER_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
+      - REDIS_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
+      - REDIS_AOF_ENABLED=no
+      - REDISCLI_AUTH=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
+    deploy:
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: start-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s 
+      replicas: 1
+      mode: replicated
+    networks:
+      - mother
+    healthcheck:
+      test: ["CMD-SHELL", "redis-cli ping"]
+      interval: 5s
+      timeout: 2s
+      retries: 3
+      start_period: 10s
+
+  redissentinel:
+    image: registry.vnfco.ir/library/bitnami/redis-sentinel:5.0.14-debian-10-r87
+    ports:
+      - '26379:26379'
+    environment:
+      - REDIS_SENTINEL_PASSWORD=wgi4KDgvFXLIeB1aiYYYFgMJtOfEI/uGoBv4JrPnhvzdgJCvQidapI3TE/LpheUYwn4T8nmacbkoBasy4+vTNSGgfbntvskXV4LUUp/iByz+Ao61J2Bl9bVC7Tl29TXq5LGEQN4LyPMmLSthYOmFajSNcCEP0xIG
+      - REDIS_MASTER_HOST=redismaster
+      - REDIS_MASTER_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
+      - REDIS_SENTINEL_DOWN_AFTER_MILLISECONDS=2000
+      - REDIS_SENTINEL_FAILOVER_TIMEOUT=10000
+      - REDIS_SENTINEL_QUORUM=1
+      - REDISCLI_AUTH=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
+    deploy:
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: start-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        window: 120s 
+      mode: global
+    networks:
+      - mother
--- a/stacks/lvl1/swarmprom/docker-compose.yml
+++ b/stacks/lvl1/swarmprom/docker-compose.yml
@ -164,7 +164,7 @@ services:
          - node.role == manager
      resources:
        limits:
-          memory: 512M
+          memory: 1G
        reservations:
          memory: 128M

--- a/stacks/lvl2/mongo/stack.yml
+++ b/stacks/lvl2/mongo/stack.yml
@ -4,19 +4,18 @@ networks:
  mother:
    external: true

-
-
  
 services:
  mongoprimary:
-    image: registry.vnfco.ir/library/bitnami/mongodb:5.0-debian-10
+    image: registry.vnfco.ir/library/bitnami/mongodb:4.4.11-debian-10-r5
    volumes:
-      - /volume/mongo/primary:/data/db
+      - /volume/mongo/primary:/bitnami/mongodb
    environment:
-      - MONGODB_ADVERTISED_HOSTNAME=mongoprimary
      - MONGODB_REPLICA_SET_MODE=primary
+      - MONGODB_REPLICA_SET_NAME=igrep
+      - MONGODB_ADVERTISED_HOSTNAME=mongoprimary
      - MONGODB_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l
-      - MONGODB_REPLICA_SET_KEY=gp39MND7udY6bt9V3h9u+dhxToop4WZTZ2Umn810snSYurlSIPqs/oy0YfjftsBz
+      - MONGODB_REPLICA_SET_KEY=keyissetforlocalreplica
    deploy:
      update_config:
        parallelism: 1
@ -26,60 +25,82 @@ services:
        condition: any
        delay: 5s
        max_attempts: 3
-        window: 120s 
+        window: 120s
      resources:
        limits:
-          cpus: '0.25'
-          memory: 300M
+          cpus: '0.5'
+          memory: 350M
      replicas: 1
      mode: replicated
      placement:
        constraints:
-          - node.labels.mongo.replica == 1
-    networks:
-      - mother
-      
-
-  mongosecondary:
-    image: registry.vnfco.ir/library/bitnami/mongodb:5.0-debian-10
-    environment:
-      - MONGODB_REPLICA_SET_MODE=secondary
-      - MONGODB_INITIAL_PRIMARY_HOST=mongoprimary
-      - MONGODB_INITIAL_PRIMARY_PORT_NUMBER=27017
-      - MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l
-      - MONGODB_REPLICA_SET_KEY=gp39MND7udY6bt9V3h9u+dhxToop4WZTZ2Umn810snSYurlSIPqs/oy0YfjftsBz
-    deploy:
-      update_config:
-        parallelism: 1
-        delay: 10s
-        order: start-first
-      restart_policy:
-        condition: any
-        delay: 5s
-        max_attempts: 3
-        window: 120s 
-      resources:
-        limits:
-          cpus: '0.25'
-          memory: 300M
-      mode: replicated
-      replicas: 1
-      placement:
-        constraints:
-          - node.labels.mongo.replica == 2
-    port:
+          - node.role == worker
+    ports:
      - "27011:27017"
    networks:
      - mother
+    healthcheck:
+      test: ["CMD", "mongo", "--eval", "printjson(db.isMaster())" ]
+      interval: 10s
+      timeout: 5s
+      retries: 3
+      start_period: 5s
+      

-  mongoarbiter:
-    image: registry.vnfco.ir/library/bitnami/mongodb:5.0-debian-10
+  mongosecondary:
+    image: registry.vnfco.ir/library/bitnami/mongodb:4.4.11-debian-10-r5
    environment:
-      - MONGODB_REPLICA_SET_MODE=arbiter
+      - MONGODB_REPLICA_SET_MODE=secondary
+      - MONGODB_REPLICA_SET_NAME=igrep
+      - MONGODB_ADVERTISED_HOSTNAME=mongosecondary
      - MONGODB_INITIAL_PRIMARY_HOST=mongoprimary
      - MONGODB_INITIAL_PRIMARY_PORT_NUMBER=27017
      - MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l
-      - MONGODB_REPLICA_SET_KEY=gp39MND7udY6bt9V3h9u+dhxToop4WZTZ2Umn810snSYurlSIPqs/oy0YfjftsBz
+      - MONGODB_REPLICA_SET_KEY=keyissetforlocalreplica
+    volumes:
+      - /volume/mongo/secondary:/bitnami/mongodb
+    deploy:
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: start-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s 
+      resources:
+        limits:
+          cpus: '0.25'
+          memory: 350M
+      mode: replicated
+      replicas: 1
+      placement:
+        constraints:
+           - node.role == worker
+    ports:
+      - "27012:27017"
+    networks:
+      - mother
+    healthcheck:
+      test: ["CMD", "mongo", "--eval", "printjson(db.isMaster())" ]
+      interval: 10s
+      timeout: 5s
+      retries: 3
+      start_period: 5s
+
+      
+
+  mongoarbiter:
+    image: registry.vnfco.ir/library/bitnami/mongodb:4.4.11-debian-10-r5
+    environment:
+      - MONGODB_REPLICA_SET_MODE=arbiter
+      - MONGODB_REPLICA_SET_NAME=igrep
+      - MONGODB_ADVERTISED_HOSTNAME=mongoarbiter
+      - MONGODB_INITIAL_PRIMARY_HOST=mongoprimary
+      - MONGODB_INITIAL_PRIMARY_PORT_NUMBER=27017
+      - MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l
+      - MONGODB_REPLICA_SET_KEY=keyissetforlocalreplica
    deploy:
      update_config:
        parallelism: 1
@ -95,14 +116,18 @@ services:
          cpus: '0.2'
          memory: 100M
      mode: replicated
-      replicas: 0
+      replicas: 1
      placement:
        constraints:
-          - node.labels.mongo.replica == 2
-    port:
-      - "27012:27017"
+          - node.role == worker
    networks:
      - mother
+    healthcheck:
+      test: ["CMD", "mongo", "--eval", "printjson(db.isMaster())" ]
+      interval: 10s
+      timeout: 5s
+      retries: 3
+      start_period: 5s



--- a/stacks/lvl2/pg/stack.yml
+++ b/stacks/lvl2/pg/stack.yml
@ -1,61 +1,72 @@
-
 version: "3.7"

 networks:
  mother:
    external: true

-
-
-  
 services:
-  pgmaster:
-    image: registry.vnfco.ir/library/bitnami/postgresql:13
-    volumes:
-        - '/volume/pg:/bitnami/postgresql'
+  pg-0:
+    image: registry.vnfco.ir/library/bitnami/postgresql-repmgr:13.5.0-debian-10-r48
    environment:
-      - POSTGRESQL_USERNAME=igarsonAgent
+      - REPMGR_PARTNER_NODES=pg-0,pg-1
+      - REPMGR_NODE_NAME=pg-0
+      - REPMGR_NODE_NETWORK_NAME=pg-0
+      - REPMGR_PRIMARY_HOST=pg-0
+      - REPMGR_PASSWORD=UjvGvyYXZZTvL1GsST7AJrtmQjqSV+LOihKQaEGyUUtdQAUGSA3BsFEi5B4KoRBF
      - POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
+      - POSTGRESQL_POSTGRES_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
+      - POSTGRESQL_USERNAME=igarsonAgent
      - POSTGRESQL_DATABASE=igarsonDB
-      - POSTGRESQL_REPLICATION_MODE=master
-      - POSTGRESQL_REPLICATION_USER=pgreplicator
-      - POSTGRESQL_REPLICATION_PASSWORD=ciXz6xmnEMZSO+0T8L6mGcFJrAvPzkTC04oh/WYIRi51gMQLPfW8tTEHALX6fhk4
+    volumes:
+      - /volume/pg/pg_0_data:/bitnami/postgresql
+    ports:
+      - "5432:5432"
+    networks:
+      - mother
    deploy:
-      update_config:
-        parallelism: 1
-        delay: 10s
-        order: start-first
-      restart_policy:
-        condition: any
-        delay: 5s
-        max_attempts: 3
-        window: 120s 
-      resources:
-        limits:
-          cpus: '0.7'
-          memory: 500M
-      replicas: 1
-      mode: replicated
      placement:
        constraints:
-          - node.labels.mongo.replica == 1
+          - node.role == worker
+      resources:
+        limits:
+          cpus: "1"
+          memory: 300M
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: stop-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s
+
+  pg-1:
+    image: registry.vnfco.ir/library/bitnami/postgresql-repmgr:13.5.0-debian-10-r48
+    environment:
+      - REPMGR_PARTNER_NODES=pg-0,pg-1
+      - REPMGR_NODE_NAME=pg-1
+      - REPMGR_NODE_NETWORK_NAME=pg-1
+      - REPMGR_PRIMARY_HOST=pg-0
+      - REPMGR_PASSWORD=UjvGvyYXZZTvL1GsST7AJrtmQjqSV+LOihKQaEGyUUtdQAUGSA3BsFEi5B4KoRBF
+      - POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
+      - POSTGRESQL_POSTGRES_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
+      - POSTGRESQL_USERNAME=igarsonAgent
+      - POSTGRESQL_DATABASE=igarsonDB
+    volumes:
+      - /volume/pg/pg_1_data:/bitnami/postgresql
    ports:
-      - 5432
+      - "5433:5432"
    networks:
      - mother
-      
-
-  pgslave1:
-    image: registry.vnfco.ir/library/bitnami/postgresql:13  
-    environment:
-      - POSTGRESQL_REPLICATION_MODE=slave
-      - POSTGRESQL_REPLICATION_USER=pgreplicator
-      - POSTGRESQL_REPLICATION_PASSWORD=ciXz6xmnEMZSO+0T8L6mGcFJrAvPzkTC04oh/WYIRi51gMQLPfW8tTEHALX6fhk4
-      - POSTGRESQL_MASTER_HOST=pgmaster
-      - POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
-      - POSTGRESQL_MASTER_PORT_NUMBER=5432
-
    deploy:
+      placement:
+        constraints:
+          - node.role == worker
+      resources:
+        limits:
+          cpus: "0.5"
+          memory: 300M
      update_config:
        parallelism: 1
        delay: 10s
@ -64,22 +75,74 @@ services:
        condition: any
        delay: 5s
        max_attempts: 3
-        window: 120s 
-      resources:
-        limits:
-          cpus: '0.3'
-          memory: 300M
-      mode: replicated
-      replicas: 1
-      placement:
-        constraints: 
-            - node.labels.mongo.replica == 2
-    ports:
-      - 5432
-    networks:
-      - mother
-
+        window: 120s


+  # pgmaster:
+  #   image: registry.vnfco.ir/library/crunchydata/crunchy-postgres:centos7-13.1-4.5.1
+  #   volumes:
+  #       - '/volume/pg:/bitnami/postgresql'
+  #   environment:
+  #     - POSTGRESQL_USERNAME=igarsonAgent
+  #     - POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
+  #     - POSTGRESQL_DATABASE=igarsonDB
+  #     - POSTGRESQL_REPLICATION_MODE=master
+  #     - POSTGRESQL_REPLICATION_USER=pgreplicator
+  #     - POSTGRESQL_REPLICATION_PASSWORD=ciXz6xmnEMZSO+0T8L6mGcFJrAvPzkTC04oh/WYIRi51gMQLPfW8tTEHALX6fhk4
+  #   deploy:
+  #     update_config:
+  #       parallelism: 1
+  #       delay: 10s
+  #       order: start-first
+  #     restart_policy:
+  #       condition: any
+  #       delay: 5s
+  #       max_attempts: 3
+  #       window: 120s
+  #     resources:
+  #       limits:
+  #         cpus: '1'
+  #         memory: 300M
+  #     replicas: 1
+  #     mode: replicated
+  #     placement:
+  #       constraints:
+  #         - node.role == worker
+  #   ports:
+  #     - "5432:5432"
+  #   networks:
+  #     - mother

+  # pgslave:
+  #   image: registry.vnfco.ir/library/crunchydata/crunchy-postgres:centos7-13.1-4.5.1
+  #   environment:
+  #     - POSTGRESQL_REPLICATION_MODE=slave
+  #     - POSTGRESQL_REPLICATION_USER=pgreplicator
+  #     - POSTGRESQL_REPLICATION_PASSWORD=ciXz6xmnEMZSO+0T8L6mGcFJrAvPzkTC04oh/WYIRi51gMQLPfW8tTEHALX6fhk4
+  #     - POSTGRESQL_MASTER_HOST=pgmaster
+  #     - POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
+  #     - POSTGRESQL_MASTER_PORT_NUMBER=5432

+  #   deploy:
+  #     update_config:
+  #       parallelism: 1
+  #       delay: 10s
+  #       order: start-first
+  #     restart_policy:
+  #       condition: any
+  #       delay: 5s
+  #       max_attempts: 3
+  #       window: 120s
+  #     resources:
+  #       limits:
+  #         cpus: '0.7'
+  #         memory: 300M
+  #     mode: replicated
+  #     replicas: 1
+  #     placement:
+  #       constraints:
+  #            - node.role == worker
+  #   ports:
+  #     - "5433:5432"
+  #   networks:
+  #     - mother
--- a/stacks/lvl2/rabbitmq/stack.yml
+++ b/stacks/lvl2/rabbitmq/stack.yml
@ -11,15 +11,10 @@ services:
    ports:
      - '5672'
    environment:
-      - RABBITMQ_PASSWORD=muyXH/zymcTYLzk3wYnIwG+UJWECKy0ViUDO+UlCmPF3XS+2kliuV0TaA0mWf6lT
+      - RABBITMQ_PASSWORD=muyXHzymcTYLzk3wYnIwG+UJWECKy0ViUDO+UlCmPF3XS+2kliuV0TaA0mWf6lT
      - RABBITMQ_USERNAME=igarsonAgent
    volumes:
      - '/volume/rabbit:/bitnami'
-    healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost:5672"]
-      interval: 10s
-      timeout: 3s
-      retries: 5
    deploy:
      update_config:
        parallelism: 1
@ -36,4 +31,10 @@ services:
      replicas: 1
      mode: replicated
    networks:
-      - mother
+      - mother
+    healthcheck:
+      test: ["CMD", "rabbitmqctl", "status"]
+      interval: 10s
+      timeout: 5s
+      retries: 3
+      start_period: 5s
--- a/stacks/lvl2/redis/stack.yml
+++ b/stacks/lvl2/redis/stack.yml
@ -7,12 +7,14 @@ networks:

 services:
  redismaster:
-    image: registry.vnfco.ir/library/bitnami/redis:latest
+    image: registry.vnfco.ir/library/bitnami/redis:5.0.14-debian-10-r90
    ports:
      - '6969:6379'
    environment:
      - REDIS_REPLICATION_MODE=master
+      - REDISCLI_AUTH=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
      - REDIS_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
+      - REDIS_AOF_ENABLED=no
    volumes:
      - '/volume/redis:/bitnami'
    deploy:
@ -27,44 +29,85 @@ services:
        window: 120s 
      resources:
        limits:
-          cpus: '0.4'
-          memory: 500M
+          cpus: '0.5'
      replicas: 1
      mode: replicated
      placement:
        constraints:
-          - node.labels.mongo.replica == 1
+           - node.role == worker
    networks:
      - mother
+    healthcheck:
+      test: ["CMD-SHELL", "redis-cli ping"]
+      interval: 5s
+      timeout: 2s
+      retries: 3
+      start_period: 10s

-  redisreplica:
-    image: registry.vnfco.ir/library/bitnami/redis:latest
-    ports:
-      - '6379'
-    environment:
-      - REDIS_REPLICATION_MODE=slave
-      - REDIS_MASTER_HOST=redismaster
-      - REDIS_MASTER_PORT_NUMBER=6379
-      - REDIS_MASTER_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
-      - REDIS_PASSWORD=gpGS7RezaKsWRH+qga95z6JTTxvecrpFShRR9IXqWZO2o5Kf8YAoNvGni9Zh5GGIM0Oz+e9+Cph9XDjfs3phgauiFtsEDkAf/1dxR8CixIzddcXKXgaawiqfwB8WCuM/2k8Iw7cv2wqoIdWrhdHbn96N//Su57Ri4hy5CRbUAl7VmGd9EL1sGytOJmXzQOi3lJBWvfVWbYBmgALwVQSads6g+OHmP2wpXsTsYMG1thppJVGo7i5Rh515hAuAGWTed4Ayqoe1muRR1L1Rs8pdA7IH/u4kOL1758Idd3BfTTRkr7xfjXY40dM0BkUqL5E4rOga38ThaVC99g==
-    deploy:
-      update_config:
-        parallelism: 1
-        delay: 10s
-        order: start-first
-      restart_policy:
-        condition: any
-        delay: 5s
-        max_attempts: 3
-        window: 120s 
-      resources:
-        limits:
-          cpus: '0.3'
-          memory: 300M
-      replicas: 1
-      mode: replicated
-      placement:
-        constraints:
-          - node.labels.mongo.replica == 2
-    networks:
-      - mother
+  # redisreplica:
+  #   image: registry.vnfco.ir/library/bitnami/redis:5.0.14-debian-10-r90
+  #   ports:
+  #     - '6970:6379'
+  #   environment:
+  #     - REDIS_REPLICATION_MODE=slave
+  #     - REDIS_MASTER_HOST=redismaster
+  #     - REDIS_MASTER_PORT_NUMBER=6379
+  #     - REDIS_MASTER_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
+  #     - REDIS_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
+  #     - REDIS_AOF_ENABLED=no
+  #     - REDISCLI_AUTH=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
+  #   deploy:
+  #     update_config:
+  #       parallelism: 1
+  #       delay: 10s
+  #       order: start-first
+  #     restart_policy:
+  #       condition: any
+  #       delay: 5s
+  #       max_attempts: 3
+  #       window: 120s 
+  #     resources:
+  #       limits:
+  #         cpus: '0.5'
+  #     replicas: 1
+  #     mode: replicated
+  #     placement:
+  #       constraints:
+  #          - node.role == worker
+  #   networks:
+  #     - mother
+  #   healthcheck:
+  #     test: ["CMD-SHELL", "redis-cli ping"]
+  #     interval: 5s
+  #     timeout: 2s
+  #     retries: 3
+  #     start_period: 10s
+
+  # redissentinel:
+  #   image: registry.vnfco.ir/library/bitnami/redis-sentinel:5.0.14-debian-10-r87
+  #   ports:
+  #     - '26379:26379'
+  #   environment:
+  #     - REDIS_SENTINEL_PASSWORD=wgi4KDgvFXLIeB1aiYYYFgMJtOfEI/uGoBv4JrPnhvzdgJCvQidapI3TE/LpheUYwn4T8nmacbkoBasy4+vTNSGgfbntvskXV4LUUp/iByz+Ao61J2Bl9bVC7Tl29TXq5LGEQN4LyPMmLSthYOmFajSNcCEP0xIG
+  #     - REDIS_MASTER_HOST=redismaster
+  #     - REDIS_MASTER_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
+  #     - REDIS_SENTINEL_DOWN_AFTER_MILLISECONDS=2000
+  #     - REDIS_SENTINEL_FAILOVER_TIMEOUT=10000
+  #     - REDIS_SENTINEL_QUORUM=1
+  #     - REDISCLI_AUTH=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
+  #   deploy:
+  #     update_config:
+  #       parallelism: 1
+  #       delay: 10s
+  #       order: start-first
+  #     restart_policy:
+  #       condition: any
+  #       delay: 5s
+  #       window: 120s 
+  #     resources:
+  #       limits:
+  #         cpus: '0.3'
+  #         memory: 10M
+  #     mode: global
+  #   networks:
+  #     - mother
--- a/stacks/lvl3/stack.yml
+++ b/stacks/lvl3/stack.yml
@ -9,18 +9,10 @@ networks:

  
 services:
-
  ls:
-    image: registry.vnfco.ir/ig/ls:test
-    # environment:
-    #   - NODE_ENV=production
-    #   - REACT_APP_SIGNAL_URL=https://ls.igarson.app
-    #   - REACT_APP_PATH_URL=/api/v1
-    #   - REACT_APP_STORAGE_URL=https://storage.igarson.app
-    #   - REACT_APP_SIGNAL_URL_PATH=/restauranthub
-    #   - REACT_APP_LOG_LENGTH=20
-    #   - REACT_APP_SOCKET_SECRET=GodProtectedKeyTools
-    #   - REACT_APP_SECRET_KEY_GAME=6JCvBmi1ADry5Qk0bLaV+5klnAqYaVtjn+HSHG4N4pOAEl480saobylNWcudDxhvgw6q0yzVmbYH+lQIS3RmEHLXRHYAHxsdXl5MBuqU/p1oCC3SWmYke1SWHkoTUOm1f8SBZ1HucOxBHv7psqFUu5lG38P/EPiozv6/0qDU+vVFFp6v9ZTigBihLll0mU6qR14krot8+y9tOnrLDkHxw3wLvWsB4wgd9+RAY97Gzzs7ix3nAXthsT+jPWdyuENiKSuKEyHKbDqciJRBGqktgYU9XkYIfZzEm4cxhscT9jqNsUg2ml+uJdDQOps2mL5LgNetWWmcP43xPIkxAwu5oK873GV3uZOdQqYE2CBYT66+/+Yp5xzoL4+qZUUiDEpfWKm+clRlAm1Keiur
+    image: registry.vnfco.ir/ig/localserver:latest
+    environment:
+      - ASPNETCORE_ENVIRONMENT=Production
    deploy:
      update_config:
        parallelism: 1
@ -36,29 +28,25 @@ services:
          memory: 1Gi
      replicas: 1
      mode: replicated
-    #   placement:
-    #     constraints:
-    #       - node.labels.overload == 1
+      placement:
+        constraints:
+          - node.role == worker
    volumes:
      - type: bind
        source: /volume/ig/ls/wwwroot
-        target: /publish/wwwroot
+        target: /app/wwwroot
+      - type: bind
+        source: /volume/config/ls/appsettings.Production.json
+        target: /app/appsettings.Production.json
    ports:
      - 8010:8010
    networks:
      - mother

  core:
-    image: registry.vnfco.ir/ig/api:test
-    # environment:
-    #   - NODE_ENV=production
-    #   - REACT_APP_SIGNAL_URL=https://ls.igarson.app
-    #   - REACT_APP_PATH_URL=/api/v1
-    #   - REACT_APP_STORAGE_URL=https://storage.igarson.app
-    #   - REACT_APP_SIGNAL_URL_PATH=/restauranthub
-    #   - REACT_APP_LOG_LENGTH=20
-    #   - REACT_APP_SOCKET_SECRET=GodProtectedKeyTools
-    #   - REACT_APP_SECRET_KEY_GAME=6JCvBmi1ADry5Qk0bLaV+5klnAqYaVtjn+HSHG4N4pOAEl480saobylNWcudDxhvgw6q0yzVmbYH+lQIS3RmEHLXRHYAHxsdXl5MBuqU/p1oCC3SWmYke1SWHkoTUOm1f8SBZ1HucOxBHv7psqFUu5lG38P/EPiozv6/0qDU+vVFFp6v9ZTigBihLll0mU6qR14krot8+y9tOnrLDkHxw3wLvWsB4wgd9+RAY97Gzzs7ix3nAXthsT+jPWdyuENiKSuKEyHKbDqciJRBGqktgYU9XkYIfZzEm4cxhscT9jqNsUg2ml+uJdDQOps2mL5LgNetWWmcP43xPIkxAwu5oK873GV3uZOdQqYE2CBYT66+/+Yp5xzoL4+qZUUiDEpfWKm+clRlAm1Keiur
+    image: registry.vnfco.ir/ig/api:latest
+    environment:
+      - SPRING_PROFILES_ACTIVE=prod
    deploy:
      update_config:
        parallelism: 1
@ -71,32 +59,35 @@ services:
      resources:
        limits:
          cpus: '1'
-          memory: 1Gi
+          memory: 500m
      replicas: 1
      mode: replicated
-    #   placement:
-        # constraints:
-        #   - node.labels.overload == 1
+      placement:
+        constraints:
+          - node.role == worker
    volumes:
      - type: bind
        source: /volume/ig/api/storage
        target: /target/storage
+      - type: bind
+        source: /volume/config/core/application-prod.properties
+        target: /target/classes/application-prod.properties
    ports:
-      - 8011:8011
+      - 8011:8080
    networks:
      - mother

+    
+
  sms:
-    image: registry.vnfco.ir/ig/sms:test
-    # environment:
-    #   - NODE_ENV=production
-    #   - REACT_APP_SIGNAL_URL=https://ls.igarson.app
-    #   - REACT_APP_PATH_URL=/api/v1
-    #   - REACT_APP_STORAGE_URL=https://storage.igarson.app
-    #   - REACT_APP_SIGNAL_URL_PATH=/restauranthub
-    #   - REACT_APP_LOG_LENGTH=20
-    #   - REACT_APP_SOCKET_SECRET=GodProtectedKeyTools
-    #   - REACT_APP_SECRET_KEY_GAME=6JCvBmi1ADry5Qk0bLaV+5klnAqYaVtjn+HSHG4N4pOAEl480saobylNWcudDxhvgw6q0yzVmbYH+lQIS3RmEHLXRHYAHxsdXl5MBuqU/p1oCC3SWmYke1SWHkoTUOm1f8SBZ1HucOxBHv7psqFUu5lG38P/EPiozv6/0qDU+vVFFp6v9ZTigBihLll0mU6qR14krot8+y9tOnrLDkHxw3wLvWsB4wgd9+RAY97Gzzs7ix3nAXthsT+jPWdyuENiKSuKEyHKbDqciJRBGqktgYU9XkYIfZzEm4cxhscT9jqNsUg2ml+uJdDQOps2mL5LgNetWWmcP43xPIkxAwu5oK873GV3uZOdQqYE2CBYT66+/+Yp5xzoL4+qZUUiDEpfWKm+clRlAm1Keiur
+    image: registry.vnfco.ir/ig/sms:latest
+    environment:
+      - QUEUE_NAME=ig-sms
+      - RABBIT_URI=amqp://igarsonAgent:muyXHzymcTYLzk3wYnIwG+UJWECKy0ViUDO+UlCmPF3XS+2kliuV0TaA0mWf6lT@rabbitmq:5672
+      - SMS_SERVICE_URI=https://api.kavenegar.com/v1/
+      - SMS_SERVICE_CONTEXT_PATH=/sms/send.json
+      - USERAPIKEY=7461633837643439575446434F7161634F676C58426E674B396A5356586A3173
+      - SECRETKEY=!#u*(!@ofOAJDU31y+
    deploy:
      update_config:
        parallelism: 1
@ -109,7 +100,7 @@ services:
      resources:
        limits:
          cpus: '0.5'
-          memory: 50M
+          memory: 10m
      replicas: 1
      mode: replicated
      placement:
@ -117,12 +108,41 @@ services:
          - node.role == worker
    networks:
      - mother
-
-
+      
+  yaus:
+    image: registry.vnfco.ir/ig/yaus:latest
+    environment:
+      - MONGO_URL=mongodb://API:dljHVOHjf6123HDHWADOU8123@mongoprimary:27017,mongosecondary:27017/yaus?authSource=yaus
+      - URL_NOTFOUND=https://igarson.app/notfound
+      - TOLL=https://igarson.app/goto?dest=
+      - COLLECTION_MONGO="urls"
+      - DATABASE_MONGO=yaus
+      - DOMAIN=qr.igarson.app
+    deploy:
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: start-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        window: 120s 
+      resources:
+        limits:
+          cpus: '0.5'
+          memory: 10m
+      replicas: 1
+      mode: replicated
+      placement:
+        constraints:
+          - node.role == worker
+    ports:
+      - "8016:8000"
+    networks:
+      - mother

      




-
--- a/stacks/lvl4/stack.yml
+++ b/stacks/lvl4/stack.yml
@ -11,7 +11,7 @@ networks:
 services:

  menu:
-    image: registry.vnfco.ir/ig/pwa:test
+    image: registry.vnfco.ir/ig/pwa:latest
    # environment:
    #   - NODE_ENV=production
    #   - REACT_APP_SIGNAL_URL=https://ls.igarson.app
@ -32,7 +32,7 @@ services:
        window: 120s 
      resources:
        limits:
-          cpus: '0.5'
+          cpus: '0.3'
          memory: 50M
      replicas: 1
      mode: replicated
@ -47,7 +47,7 @@ services:


  capitan:
-    image: registry.vnfco.ir/ig/garson:test
+    image: registry.vnfco.ir/ig/garson:latest
    # environment:
    #   - NODE_ENV=production
    #   - REACT_APP_SIGNAL_URL=https://ls.igarson.app
@ -68,7 +68,7 @@ services:
        window: 120s 
      resources:
        limits:
-          cpus: '0.5'
+          cpus: '0.3'
          memory: 50M
      replicas: 1
      mode: replicated
@ -83,7 +83,7 @@ services:


  website:
-    image: registry.vnfco.ir/ig/website:test
+    image: registry.vnfco.ir/ig/website:latest
    # environment:
    #   - NODE_ENV=production
    #   - REACT_APP_SIGNAL_URL=https://ls.igarson.app
@ -104,7 +104,7 @@ services:
        window: 120s 
      resources:
        limits:
-          cpus: '0.5'
+          cpus: '0.3'
          memory: 50M
      replicas: 1
      mode: replicated
@ -116,8 +116,8 @@ services:
    networks:
      - mother

-  adminpanel:
-    image: registry.vnfco.ir/ig/admin:test
+  admin:
+    image: registry.vnfco.ir/ig/admin:latest
    # environment:
    #   - NODE_ENV=production
    #   - REACT_APP_SIGNAL_URL=https://ls.igarson.app
@ -138,7 +138,7 @@ services:
        window: 120s 
      resources:
        limits:
-          cpus: '0.5'
+          cpus: '0.3'
          memory: 50M
      replicas: 1
      mode: replicated
@ -151,7 +151,7 @@ services:
      - mother

 #   shop:
-#     image: registry.vnfco.ir/ig/shop:test
+#     image: registry.vnfco.ir/ig/shop:latest
 #     # environment:
 #     #   - NODE_ENV=production
 #     #   - REACT_APP_SIGNAL_URL=https://ls.igarson.app
--- a/stacks/lvl5/poste.io/stack.yml
+++ b/stacks/lvl5/poste.io/stack.yml
@ -0,0 +1,50 @@
+version: "3.7"
+
+networks:
+  mother:
+    external: true
+
+services:
+    poste:
+      image: registry.vnfco.ir/library/analogic/poste.io:latest
+      environment:
+        - HTTPS=OFF
+        - HTTP_PORT=9090
+        - DISABLE_CLAMAV=TRUE
+        - DISABLE_RSPAMD=TRUE
+        - TZ=Asia/Tehran
+        - VIRTUAL_HOST=mail.igarson.app
+        - LETSENCRYPT_EMAIL=admin@igarson.app
+        - LETSENCRYPT_HOST=mail.igarson.app
+      deploy:
+        update_config:
+          parallelism: 1
+          delay: 10s
+          order: start-first
+        restart_policy:
+          condition: any
+          delay: 5s
+          window: 120s 
+        resources:
+          limits:
+            cpus: '0.5'
+            memory: 200m
+        replicas: 1
+        mode: replicated
+        placement:
+          constraints:
+            - node.role == worker
+      volumes:
+        - /etc/localtime:/etc/localtime:ro
+        - /volume/poste/data:/data
+      ports:
+        - "25:25"
+        - "110:110"
+        - "143:143"
+        - "587:587"
+        - "993:993"
+        - "995:995"
+        - "4190:4190"
+        - "9090:9090"
+      networks:
+        - mother
--- a/stacks/lvlTest/IGTEST/stack.yml
+++ b/stacks/lvlTest/IGTEST/stack.yml
--- a/stacks/lvlTest/MOTHER/stack.test.yml
+++ b/stacks/lvlTest/MOTHER/stack.test.yml
@ -0,0 +1,113 @@
+version: "3.7"
+
+networks:
+  mother:
+    external: true
+
+
+services:
+  mongo1:
+    image: registry.vnfco.ir/library/bitnami/mongodb:4.4.11-debian-10-r5
+    volumes:
+      - /volume/mongo/primary:/bitnami/mongodb
+    environment:
+      - MONGODB_ADVERTISED_HOSTNAME=mongoprimary
+      - MONGODB_ROOT_PASSWORD=cWv1WQvWEp+LPdax9WeM6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l
+    deploy:
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: start-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s 
+      resources:
+        limits:
+          cpus: '0.5'
+          memory: 350M
+      replicas: 1
+      mode: replicated
+      placement:
+        constraints:
+          - node.role == worker
+    ports:
+      - "27011:27017"
+    networks:
+      - mother
+#REDIS
+  redis:
+    image: registry.vnfco.ir/library/redis:primary
+    deploy:
+      placement:
+        constraints:
+          - node.role==worker
+      resources:
+        limits:
+          cpus: '0.30'
+          memory: 20M
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: stop-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 10
+        window: 120s
+    networks:
+      - mother
+    volumes:
+      - /volume/redis:/data
+    ports:
+      - "6969:6379"
+
+# RABBIT
+  rabbit:
+    image: registry.vnfco.ir/library/rabbitmq:3.8.19-management-alpine
+    deploy:
+      placement:
+        constraints:
+          - node.role==worker
+      resources:
+        reservations:
+          cpus: '0.25'
+          memory: 100M
+      restart_policy:
+        condition: any
+        delay: 10s
+        max_attempts: 5
+    environment:
+      - RABBITMQ_DEFAULT_PASS=22102210aA
+      - RABBITMQ_DEFAULT_USER=MyNameIsAdmin
+    networks:
+      - mother
+    ports:
+      - "5672:5672"
+      - "15672:15672"
+  pg:
+    image: registry.vnfco.ir/library/bitnami/postgresql:12
+    deploy:
+      placement:
+        constraints:
+          - node.role==worker
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: stop-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 10
+        window: 120s
+    environment:
+      - POSTGRESQL_USERNAME=igarsonAgent
+      - POSTGRESQL_PASSWORD=aXysDgz7Nfr55dT5VEXmTDoqsUOG/gl4kmEe6QD/oqwna95RiYXrAyy8
+      - POSTGRESQL_DATABASE=igarsonDB
+    networks:
+      - mother
+    volumes:
+      - /volume/postgres:/bitnami/postgresql
+    ports:
+      - "5431:5432"
--- a/stacks/lvlTest/singlemongonode/Dockerfile
+++ b/stacks/lvlTest/singlemongonode/Dockerfile
@ -0,0 +1,4 @@
+FROM mongo:4.4-rc-focal
+COPY docker-entrypoint.sh /usr/local/bin/
+RUN chmod 777 /usr/local/bin/docker-entrypoint.sh
+ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
--- a/stacks/lvlTest/singlemongonode/docker-entrypoint.sh
+++ b/stacks/lvlTest/singlemongonode/docker-entrypoint.sh
@ -0,0 +1,341 @@
+#!/bin/bash
+set -Eeuo pipefail
+
+if [ "${1:0:1}" = '-' ]; then
+        set -- mongod "$@"
+fi
+
+originalArgOne="$1"
+
+# allow the container to be started with `--user`
+# all mongo* commands should be dropped to the correct user
+if [[ "$originalArgOne" == mongo* ]] && [ "$(id -u)" = '0' ]; then
+        if [ "$originalArgOne" = 'mongod' ]; then
+                find /data/configdb /data/db \! -user mongodb -exec chown mongodb '{}' +
+        fi
+
+        # make sure we can write to stdout and stderr as "mongodb"
+        # (for our "initdb" code later; see "--logpath" below)
+        chown --dereference mongodb "/proc/$$/fd/1" "/proc/$$/fd/2" || :
+        # ignore errors thanks to https://github.com/docker-library/mongo/issues/149
+
+        exec gosu mongodb "$BASH_SOURCE" "$@"
+fi
+
+# you should use numactl to start your mongod instances, including the config servers, mongos instances, and any clients.
+# https://docs.mongodb.com/manual/administration/production-notes/#configuring-numa-on-linux
+if [[ "$originalArgOne" == mongo* ]]; then
+        numa='numactl --interleave=all'
+        if $numa true &> /dev/null; then
+                set -- $numa "$@"
+        fi
+fi
+
+# usage: file_env VAR [DEFAULT]
+#    ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+#  "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+        local var="$1"
+        local fileVar="${var}_FILE"
+        local def="${2:-}"
+        if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+                echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
+                exit 1
+        fi
+        local val="$def"
+        if [ "${!var:-}" ]; then
+                val="${!var}"
+        elif [ "${!fileVar:-}" ]; then
+                val="$(< "${!fileVar}")"
+        fi
+        export "$var"="$val"
+        unset "$fileVar"
+}
+
+# see https://github.com/docker-library/mongo/issues/147 (mongod is picky about duplicated arguments)
+_mongod_hack_have_arg() {
+        local checkArg="$1"; shift
+        local arg
+        for arg; do
+                case "$arg" in
+                        "$checkArg"|"$checkArg"=*)
+                                return 0
+                                ;;
+                esac
+        done
+        return 1
+}
+# _mongod_hack_get_arg_val '--some-arg' "$@"
+_mongod_hack_get_arg_val() {
+        local checkArg="$1"; shift
+        while [ "$#" -gt 0 ]; do
+                local arg="$1"; shift
+                case "$arg" in
+                        "$checkArg")
+                                echo "$1"
+                                return 0
+                                ;;
+                        "$checkArg"=*)
+                                echo "${arg#$checkArg=}"
+                                return 0
+                                ;;
+                esac
+        done
+        return 1
+}
+declare -a mongodHackedArgs
+# _mongod_hack_ensure_arg '--some-arg' "$@"
+# set -- "${mongodHackedArgs[@]}"
+_mongod_hack_ensure_arg() {
+        local ensureArg="$1"; shift
+        mongodHackedArgs=( "$@" )
+        if ! _mongod_hack_have_arg "$ensureArg" "$@"; then
+                mongodHackedArgs+=( "$ensureArg" )
+        fi
+}
+# _mongod_hack_ensure_no_arg '--some-unwanted-arg' "$@"
+# set -- "${mongodHackedArgs[@]}"
+_mongod_hack_ensure_no_arg() {
+        local ensureNoArg="$1"; shift
+        mongodHackedArgs=()
+        while [ "$#" -gt 0 ]; do
+                local arg="$1"; shift
+                if [ "$arg" = "$ensureNoArg" ]; then
+                        continue
+                fi
+                mongodHackedArgs+=( "$arg" )
+        done
+}
+# _mongod_hack_ensure_no_arg '--some-unwanted-arg' "$@"
+# set -- "${mongodHackedArgs[@]}"
+_mongod_hack_ensure_no_arg_val() {
+        local ensureNoArg="$1"; shift
+        mongodHackedArgs=()
+        while [ "$#" -gt 0 ]; do
+                local arg="$1"; shift
+                case "$arg" in
+                        "$ensureNoArg")
+                                shift # also skip the value
+                                continue
+                                ;;
+                        "$ensureNoArg"=*)
+                                # value is already included
+                                continue
+                                ;;
+                esac
+                mongodHackedArgs+=( "$arg" )
+        done
+}
+# _mongod_hack_ensure_arg_val '--some-arg' 'some-val' "$@"
+# set -- "${mongodHackedArgs[@]}"
+_mongod_hack_ensure_arg_val() {
+        local ensureArg="$1"; shift
+        local ensureVal="$1"; shift
+        _mongod_hack_ensure_no_arg_val "$ensureArg" "$@"
+        mongodHackedArgs+=( "$ensureArg" "$ensureVal" )
+}
+
+# _js_escape 'some "string" value'
+_js_escape() {
+        jq --null-input --arg 'str' "$1" '$str'
+}
+
+jsonConfigFile="${TMPDIR:-/tmp}/docker-entrypoint-config.json"
+tempConfigFile="${TMPDIR:-/tmp}/docker-entrypoint-temp-config.json"
+_parse_config() {
+        if [ -s "$tempConfigFile" ]; then
+                return 0
+        fi
+
+        local configPath
+        if configPath="$(_mongod_hack_get_arg_val --config "$@")"; then
+                # if --config is specified, parse it into a JSON file so we can remove a few problematic keys (especially SSL-related keys)
+                # see https://docs.mongodb.com/manual/reference/configuration-options/
+                mongo --norc --nodb --quiet --eval "load('/js-yaml.js'); printjson(jsyaml.load(cat($(_js_escape "$configPath"))))" > "$jsonConfigFile"
+                jq 'del(.systemLog, .processManagement, .net, .security)' "$jsonConfigFile" > "$tempConfigFile"
+                return 0
+        fi
+
+        return 1
+}
+dbPath=
+_dbPath() {
+        if [ -n "$dbPath" ]; then
+                echo "$dbPath"
+                return
+        fi
+
+        if ! dbPath="$(_mongod_hack_get_arg_val --dbpath "$@")"; then
+                if _parse_config "$@"; then
+                        dbPath="$(jq -r '.storage.dbPath // empty' "$jsonConfigFile")"
+                fi
+        fi
+
+        : "${dbPath:=/data/db}"
+
+        echo "$dbPath"
+}
+
+if [ "$originalArgOne" = 'mongod' ]; then
+        file_env 'MONGO_INITDB_ROOT_USERNAME'
+        file_env 'MONGO_INITDB_ROOT_PASSWORD'
+        # pre-check a few factors to see if it's even worth bothering with initdb
+        shouldPerformInitdb=
+        if [ "$MONGO_INITDB_ROOT_USERNAME" ] && [ "$MONGO_INITDB_ROOT_PASSWORD" ]; then
+                # if we have a username/password, let's set "--auth"
+                _mongod_hack_ensure_arg '--auth' "$@"
+                set -- "${mongodHackedArgs[@]}"
+                shouldPerformInitdb='true'
+        elif [ "$MONGO_INITDB_ROOT_USERNAME" ] || [ "$MONGO_INITDB_ROOT_PASSWORD" ]; then
+                cat >&2 <<-'EOF'
+                        error: missing 'MONGO_INITDB_ROOT_USERNAME' or 'MONGO_INITDB_ROOT_PASSWORD'
+                               both must be specified for a user to be created
+                EOF
+                exit 1
+        fi
+
+        if [ -z "$shouldPerformInitdb" ]; then
+                # if we've got any /docker-entrypoint-initdb.d/* files to parse later, we should initdb
+                for f in /docker-entrypoint-initdb.d/*; do
+                        case "$f" in
+                                *.sh|*.js) # this should match the set of files we check for below
+                                        shouldPerformInitdb="$f"
+                                        break
+                                        ;;
+                        esac
+                done
+        fi
+
+        # check for a few known paths (to determine whether we've already initialized and should thus skip our initdb scripts)
+        if [ -n "$shouldPerformInitdb" ]; then
+                dbPath="$(_dbPath "$@")"
+                for path in \
+                        "$dbPath/WiredTiger" \
+                        "$dbPath/journal" \
+                        "$dbPath/local.0" \
+                        "$dbPath/storage.bson" \
+                ; do
+                        if [ -e "$path" ]; then
+                                shouldPerformInitdb=
+                                break
+                        fi
+                done
+        fi
+
+        if [ -n "$shouldPerformInitdb" ]; then
+                mongodHackedArgs=( "$@" )
+                if _parse_config "$@"; then
+                        _mongod_hack_ensure_arg_val --config "$tempConfigFile" "${mongodHackedArgs[@]}"
+                fi
+                _mongod_hack_ensure_arg_val --bind_ip 127.0.0.1 "${mongodHackedArgs[@]}"
+                _mongod_hack_ensure_arg_val --port 27017 "${mongodHackedArgs[@]}"
+                _mongod_hack_ensure_no_arg --bind_ip_all "${mongodHackedArgs[@]}"
+
+                # remove "--auth" and "--replSet" for our initial startup (see https://docs.mongodb.com/manual/tutorial/enable-authentication/#start-mongodb-without-access-control)
+                # https://github.com/docker-library/mongo/issues/211
+                _mongod_hack_ensure_no_arg --auth "${mongodHackedArgs[@]}"
+                if [ "$MONGO_INITDB_ROOT_USERNAME" ] && [ "$MONGO_INITDB_ROOT_PASSWORD" ]; then
+                        _mongod_hack_ensure_no_arg_val --replSet "${mongodHackedArgs[@]}"
+                fi
+
+                sslMode="$(_mongod_hack_have_arg '--sslPEMKeyFile' "$@" && echo 'allowSSL' || echo 'disabled')" # "BadValue: need sslPEMKeyFile when SSL is enabled" vs "BadValue: need to enable SSL via the sslMode flag when using SSL configuration parameters"
+                _mongod_hack_ensure_arg_val --sslMode "$sslMode" "${mongodHackedArgs[@]}"
+
+                if stat "/proc/$$/fd/1" > /dev/null && [ -w "/proc/$$/fd/1" ]; then
+                        # https://github.com/mongodb/mongo/blob/38c0eb538d0fd390c6cb9ce9ae9894153f6e8ef5/src/mongo/db/initialize_server_global_state.cpp#L237-L251
+                        # https://github.com/docker-library/mongo/issues/164#issuecomment-293965668
+                        _mongod_hack_ensure_arg_val --logpath "/proc/$$/fd/1" "${mongodHackedArgs[@]}"
+                else
+                        initdbLogPath="$(_dbPath "$@")/docker-initdb.log"
+                        echo >&2 "warning: initdb logs cannot write to '/proc/$$/fd/1', so they are in '$initdbLogPath' instead"
+                        _mongod_hack_ensure_arg_val --logpath "$initdbLogPath" "${mongodHackedArgs[@]}"
+                fi
+                _mongod_hack_ensure_arg --logappend "${mongodHackedArgs[@]}"
+
+                pidfile="${TMPDIR:-/tmp}/docker-entrypoint-temp-mongod.pid"
+                rm -f "$pidfile"
+                _mongod_hack_ensure_arg_val --pidfilepath "$pidfile" "${mongodHackedArgs[@]}"
+
+                "${mongodHackedArgs[@]}" --fork
+
+                mongo=( mongo --host 127.0.0.1 --port 27017 --quiet )
+
+                # check to see that our "mongod" actually did start up (catches "--help", "--version", MongoDB 3.2 being silly, slow prealloc, etc)
+                # https://jira.mongodb.org/browse/SERVER-16292
+                tries=30
+                while true; do
+                        if ! { [ -s "$pidfile" ] && ps "$(< "$pidfile")" &> /dev/null; }; then
+                                # bail ASAP if "mongod" isn't even running
+                                echo >&2
+                                echo >&2 "error: $originalArgOne does not appear to have stayed running -- perhaps it had an error?"
+                                echo >&2
+                                exit 1
+                        fi
+                        if "${mongo[@]}" 'admin' --eval 'quit(0)' &> /dev/null; then
+                                # success!
+                                break
+                        fi
+                        (( tries-- ))
+                        if [ "$tries" -le 0 ]; then
+                                echo >&2
+                                echo >&2 "error: $originalArgOne does not appear to have accepted connections quickly enough -- perhaps it had an error?"
+                                echo >&2
+                                exit 1
+                        fi
+                        sleep 1
+                done
+
+                if [ "$MONGO_INITDB_ROOT_USERNAME" ] && [ "$MONGO_INITDB_ROOT_PASSWORD" ]; then
+                        rootAuthDatabase='admin'
+
+                        "${mongo[@]}" "$rootAuthDatabase" <<-EOJS
+                                db.createUser({
+                                        user: $(_js_escape "$MONGO_INITDB_ROOT_USERNAME"),
+                                        pwd: $(_js_escape "$MONGO_INITDB_ROOT_PASSWORD"),
+                                        roles: [ { role: 'root', db: $(_js_escape "$rootAuthDatabase") } ]
+                                })
+                        EOJS
+                fi
+        echo "Heydaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaar"
+
+                export MONGO_INITDB_DATABASE="${MONGO_INITDB_DATABASE:-test}"
+
+                echo
+                for f in /docker-entrypoint-initdb.d/*; do
+                        case "$f" in
+                                *.sh) echo "$0: running $f"; . "$f" ;;
+                                *.js) echo "$0: running $f"; "${mongo[@]}" "$MONGO_INITDB_DATABASE" "$f"; echo ;;
+                                *)    echo "$0: ignoring $f" ;;
+                        esac
+                        echo
+                done
+
+                "${mongodHackedArgs[@]}" --shutdown
+                rm -f "$pidfile"
+
+                echo
+                echo 'MongoDB init process complete; ready for start up.'
+                echo
+        fi
+
+        # MongoDB 3.6+ defaults to localhost-only binding
+        if mongod --help 2>&1 | grep -q -- --bind_ip_all; then # TODO remove this conditional when 3.4 is no longer supported
+                haveBindIp=
+                if _mongod_hack_have_arg --bind_ip "$@" || _mongod_hack_have_arg --bind_ip_all "$@"; then
+                        haveBindIp=1
+                elif _parse_config "$@" && jq --exit-status '.net.bindIp // .net.bindIpAll' "$jsonConfigFile" > /dev/null; then
+                        haveBindIp=1
+                fi
+                if [ -z "$haveBindIp" ]; then
+                        # so if no "--bind_ip" is specified, let's add "--bind_ip_all"
+                        set -- "$@" --bind_ip_all
+                fi
+        fi
+
+        unset "${!MONGO_INITDB_@}"
+fi
+
+rm -f "$jsonConfigFile" "$tempConfigFile"
+
+exec "$@"%    
--- a/stacks/lvlTest/singlemongonode/mongod.env
+++ b/stacks/lvlTest/singlemongonode/mongod.env
@ -0,0 +1,2 @@
+MONGO_INITDB_ROOT_USERNAME=admin
+MONGO_INITDB_ROOT_PASSWORD=22102210aA
--- a/stacks/lvldebug.zip
+++ b/stacks/lvldebug.zip
--- a/stacks/lvldebug/mongo/stack.yml
+++ b/stacks/lvldebug/mongo/stack.yml
@ -0,0 +1,115 @@
+version: "3.7"
+
+networks:
+  mother:
+    external: true
+
+volumes:
+   db-01:
+   db-02:
+  
+services:
+  mongoprimary:
+    image: registry.vnfco.ir/library/bitnami/mongodb:4.4.11-debian-10-r5
+    volumes:
+      - db-01:/bitnami/mongodb
+    environment:
+      - MONGODB_REPLICA_SET_MODE=primary
+      - MONGODB_REPLICA_SET_NAME=igrep
+      - MONGODB_ADVERTISED_HOSTNAME=mongoprimary
+      - MONGODB_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l
+      - MONGODB_REPLICA_SET_KEY=keyissetforlocalreplica
+    deploy:
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: start-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s 
+      replicas: 1
+      mode: replicated
+    ports:
+      - "27011:27017"
+    networks:
+      - mother
+    healthcheck:
+      test: ["CMD", "mongo", "--eval", "printjson(db.isMaster())" ]
+      interval: 10s
+      timeout: 5s
+      retries: 3
+      start_period: 5s
+      
+
+  mongosecondary:
+    image: registry.vnfco.ir/library/bitnami/mongodb:4.4.11-debian-10-r5
+    environment:
+      - MONGODB_REPLICA_SET_MODE=secondary
+      - MONGODB_REPLICA_SET_NAME=igrep
+      - MONGODB_ADVERTISED_HOSTNAME=mongosecondary
+      - MONGODB_INITIAL_PRIMARY_HOST=mongoprimary
+      - MONGODB_INITIAL_PRIMARY_PORT_NUMBER=27017
+      - MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l
+      - MONGODB_REPLICA_SET_KEY=keyissetforlocalreplica
+    volumes:
+      - db-02:/bitnami/mongodb
+    deploy:
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: start-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s 
+      mode: replicated
+      replicas: 1
+    ports:
+      - "27012:27017"
+    networks:
+      - mother
+    healthcheck:
+      test: ["CMD", "mongo", "--eval", "printjson(db.isMaster())" ]
+      interval: 10s
+      timeout: 5s
+      retries: 3
+      start_period: 5s
+
+      
+
+  mongoarbiter:
+    image: registry.vnfco.ir/library/bitnami/mongodb:4.4.11-debian-10-r5
+    environment:
+      - MONGODB_REPLICA_SET_MODE=arbiter
+      - MONGODB_REPLICA_SET_NAME=igrep
+      - MONGODB_ADVERTISED_HOSTNAME=mongoarbiter
+      - MONGODB_INITIAL_PRIMARY_HOST=mongoprimary
+      - MONGODB_INITIAL_PRIMARY_PORT_NUMBER=27017
+      - MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l
+      - MONGODB_REPLICA_SET_KEY=keyissetforlocalreplica
+    deploy:
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: start-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s 
+      mode: replicated
+      replicas: 1
+    networks:
+      - mother
+    healthcheck:
+      test: ["CMD", "mongo", "--eval", "printjson(db.isMaster())" ]
+      interval: 10s
+      timeout: 5s
+      retries: 3
+      start_period: 5s
+
+
+
--- a/stacks/lvldebug/pg/stack.yml
+++ b/stacks/lvldebug/pg/stack.yml
@ -0,0 +1,154 @@
+version: "3.7"
+
+networks:
+  mother:
+    external: true
+
+services:
+  pg-0:
+    image: registry.vnfco.ir/library/bitnami/postgresql-repmgr:13.5.0-debian-10-r48
+    environment:
+     - REPMGR_PARTNER_NODES=pg-0,pg-1 
+     - REPMGR_NODE_NAME=pg-0 
+     - REPMGR_NODE_NETWORK_NAME=pg-0 
+     - REPMGR_PRIMARY_HOST=pg-0 
+     - REPMGR_PASSWORD=UjvGvyYXZZTvL1GsST7AJrtmQjqSV+LOihKQaEGyUUtdQAUGSA3BsFEi5B4KoRBF 
+     - POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6 
+    volumes:
+      - /Users/amirmoghi3/volume/pg/pg_0_data:/bitnami/postgresql
+    ports:
+      - "5432:5432"
+    networks:
+      - mother
+    deploy:
+      placement:
+        constraints:
+          - node.role == worker
+      resources:
+        limits:
+          cpus: "1"
+          memory: 300M
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: stop-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s
+    healthcheck:
+      test: ["CMD", "curl", "--fail", "--silent", "--output", "/dev/null", "--write-out", "HTTPSTATUS:%{http_code}", "http://localhost:5432/"]
+      interval: 10s
+      timeout: 5s
+      retries: 3
+      start_period: 5s
+      
+  pg-1:
+    image: registry.vnfco.ir/library/bitnami/postgresql-repmgr:13.5.0-debian-10-r48
+    environment:
+      - REPMGR_PARTNER_NODES=pg-0,pg-1 
+      - REPMGR_NODE_NAME=pg-1 
+      - REPMGR_NODE_NETWORK_NAME=pg-1 
+      - REPMGR_PRIMARY_HOST=pg-0
+      - REPMGR_PASSWORD=UjvGvyYXZZTvL1GsST7AJrtmQjqSV+LOihKQaEGyUUtdQAUGSA3BsFEi5B4KoRBF 
+      - POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6 
+    volumes:
+      - /Users/amirmoghi3/volume/pg/pg_1_data:/bitnami/postgresql
+    ports:
+      - "5433:5432"
+    networks:
+      - mother
+    deploy:
+      placement:
+        constraints:
+
+          - node.role == worker
+      resources:
+        limits:
+          cpus: "0.5"
+          memory: 300M
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: start-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s
+    healthcheck:
+      test: ["CMD", "curl", "--fail", "--silent", "--output", "/dev/null", "--write-out", "HTTPSTATUS:%{http_code}", "http://localhost:5432/"]
+      interval: 10s
+      timeout: 5s
+      retries: 3
+      start_period: 5s
+
+  # pgmaster:
+  #   image: registry.vnfco.ir/library/crunchydata/crunchy-postgres:centos7-13.1-4.5.1
+  #   volumes:
+  #       - '/Users/amirmoghi3/volume/pg:/bitnami/postgresql'
+  #   environment:
+  #     - POSTGRESQL_USERNAME=igarsonAgent
+  #     - POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
+  #     - POSTGRESQL_DATABASE=igarsonDB
+  #     - POSTGRESQL_REPLICATION_MODE=master
+  #     - POSTGRESQL_REPLICATION_USER=pgreplicator
+  #     - POSTGRESQL_REPLICATION_PASSWORD=ciXz6xmnEMZSO+0T8L6mGcFJrAvPzkTC04oh/WYIRi51gMQLPfW8tTEHALX6fhk4
+  #   deploy:
+  #     update_config:
+  #       parallelism: 1
+  #       delay: 10s
+  #       order: start-first
+  #     restart_policy:
+  #       condition: any
+  #       delay: 5s
+  #       max_attempts: 3
+  #       window: 120s
+  #     resources:
+  #       limits:
+  #         cpus: '1'
+  #         memory: 300M
+  #     replicas: 1
+  #     mode: replicated
+  #     placement:
+  #       constraints:
+  #         - node.role == worker
+  #   ports:
+  #     - "5432:5432"
+  #   networks:
+  #     - mother
+
+  # pgslave:
+  #   image: registry.vnfco.ir/library/crunchydata/crunchy-postgres:centos7-13.1-4.5.1
+  #   environment:
+  #     - POSTGRESQL_REPLICATION_MODE=slave
+  #     - POSTGRESQL_REPLICATION_USER=pgreplicator
+  #     - POSTGRESQL_REPLICATION_PASSWORD=ciXz6xmnEMZSO+0T8L6mGcFJrAvPzkTC04oh/WYIRi51gMQLPfW8tTEHALX6fhk4
+  #     - POSTGRESQL_MASTER_HOST=pgmaster
+  #     - POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
+  #     - POSTGRESQL_MASTER_PORT_NUMBER=5432
+
+  #   deploy:
+  #     update_config:
+  #       parallelism: 1
+  #       delay: 10s
+  #       order: start-first
+  #     restart_policy:
+  #       condition: any
+  #       delay: 5s
+  #       max_attempts: 3
+  #       window: 120s
+  #     resources:
+  #       limits:
+  #         cpus: '0.7'
+  #         memory: 300M
+  #     mode: replicated
+  #     replicas: 1
+  #     placement:
+  #       constraints:
+  #            - node.role == worker
+  #   ports:
+  #     - "5433:5432"
+  #   networks:
+  #     - mother
--- a/stacks/lvldebug/rabbitmq/stack.yml
+++ b/stacks/lvldebug/rabbitmq/stack.yml
@ -0,0 +1,38 @@
+
+version: "3.7"
+
+networks:
+  mother:
+    external: true
+
+
+
+
+
+volumes:
+  rabbit-data:
+
+services:
+  rabbitmq:
+    image: registry.vnfco.ir/library/rabbitmq:3.8.19-management-alpine
+    ports:
+      - '5672:5672'
+      - '15672:15672'
+    environment:
+      - RABBITMQ_PASSWORD=muyXHymcTYLzk3wYnIwGUJWECKy0ViUDOUlCmPF3XS2kliuV0TaA0mWf6lT
+      - RABBITMQ_USERNAME=igarsonAgent
+    volumes:
+      - rabbit-data:/bitnami
+    deploy:
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: start-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        window: 120s 
+      replicas: 1
+      mode: replicated
+    networks:
+      - mother
--- a/stacks/lvldebug/redis/stack.yml
+++ b/stacks/lvldebug/redis/stack.yml
@ -0,0 +1,100 @@
+
+version: "3.7"
+
+networks:
+  mother:
+    external: true
+
+
+
+volumes:
+  redis-data:
+
+services:
+  redismaster:
+    image: registry.vnfco.ir/library/bitnami/redis:5.0.14-debian-10-r90
+    ports:
+      - '6969:6379'
+    environment:
+      - REDIS_REPLICATION_MODE=master
+      - REDISCLI_AUTH=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
+      - REDIS_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
+    volumes:
+      - redis-data:/bitnami
+    deploy:
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: start-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s 
+      replicas: 1
+      mode: replicated
+    networks:
+      - mother
+    healthcheck:
+      test: ["CMD-SHELL", "redis-cli ping"]
+      interval: 5s
+      timeout: 2s
+      retries: 3
+      start_period: 10s
+
+  # redisreplica:
+  #   image: registry.vnfco.ir/library/bitnami/redis:5.0.14-debian-10-r90
+  #   ports:
+  #     - '6970:6379'
+  #   environment:
+  #     - REDIS_REPLICATION_MODE=slave
+  #     - REDIS_MASTER_HOST=redismaster
+  #     - REDIS_MASTER_PORT_NUMBER=6379
+  #     - REDIS_MASTER_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
+  #     - REDIS_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
+  #     - REDISCLI_AUTH=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
+  #   deploy:
+  #     update_config:
+  #       parallelism: 1
+  #       delay: 10s
+  #       order: start-first
+  #     restart_policy:
+  #       condition: any
+  #       delay: 5s
+  #       max_attempts: 3
+  #       window: 120s 
+  #     replicas: 1
+  #     mode: replicated
+  #   networks:
+  #     - mother
+  #   healthcheck:
+  #     test: ["CMD-SHELL", "redis-cli ping"]
+  #     interval: 5s
+  #     timeout: 2s
+  #     retries: 3
+  #     start_period: 10s
+
+  # redissentinel:
+  #   image: registry.vnfco.ir/library/bitnami/redis-sentinel:5.0.14-debian-10-r87
+  #   ports:
+  #     - '26379:26379'
+  #   environment:
+  #     - REDIS_SENTINEL_PASSWORD=wgi4KDgvFXLIeB1aiYYYFgMJtOfEI/uGoBv4JrPnhvzdgJCvQidapI3TE/LpheUYwn4T8nmacbkoBasy4+vTNSGgfbntvskXV4LUUp/iByz+Ao61J2Bl9bVC7Tl29TXq5LGEQN4LyPMmLSthYOmFajSNcCEP0xIG
+  #     - REDIS_MASTER_HOST=redismaster
+  #     - REDIS_MASTER_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
+  #     - REDIS_SENTINEL_DOWN_AFTER_MILLISECONDS=2000
+  #     - REDIS_SENTINEL_FAILOVER_TIMEOUT=10000
+  #     - REDIS_SENTINEL_QUORUM=1
+  #     - REDISCLI_AUTH=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
+  #   deploy:
+  #     update_config:
+  #       parallelism: 1
+  #       delay: 10s
+  #       order: start-first
+  #     restart_policy:
+  #       condition: any
+  #       delay: 5s
+  #       window: 120s 
+  #     mode: global
+  #   networks:
+  #     - mother