From efd244b2cb2eda5b15d6935f699ec37017b2c5c1 Mon Sep 17 00:00:00 2001 From: Maria Haider Date: Thu, 30 Jan 2025 14:40:00 +0100 Subject: [PATCH] added secrets and overlay files --- .../overlay/etc/hiera/data/local.eyaml | 274 ++++++++++++++++++ .../overlay/etc/hiera/data/local.yaml | 189 ++++++++++++ .../overlay/etc/satosa/backend.crt | 29 ++ .../overlay/etc/satosa/frontend.crt | 29 ++ .../overlay/etc/satosa/md-signer2.crt | 33 +++ .../overlay/etc/satosa/metadata.crt | 29 ++ 6 files changed, 583 insertions(+) create mode 100644 zoomproxy-sto1-prod-1.sunet.se/overlay/etc/hiera/data/local.eyaml create mode 100644 zoomproxy-sto1-prod-1.sunet.se/overlay/etc/hiera/data/local.yaml create mode 100644 zoomproxy-sto1-prod-1.sunet.se/overlay/etc/satosa/backend.crt create mode 100644 zoomproxy-sto1-prod-1.sunet.se/overlay/etc/satosa/frontend.crt create mode 100644 zoomproxy-sto1-prod-1.sunet.se/overlay/etc/satosa/md-signer2.crt create mode 100644 zoomproxy-sto1-prod-1.sunet.se/overlay/etc/satosa/metadata.crt diff --git a/zoomproxy-sto1-prod-1.sunet.se/overlay/etc/hiera/data/local.eyaml b/zoomproxy-sto1-prod-1.sunet.se/overlay/etc/hiera/data/local.eyaml new file mode 100644 index 0000000..bf0e9e7 --- /dev/null +++ b/zoomproxy-sto1-prod-1.sunet.se/overlay/etc/hiera/data/local.eyaml @@ -0,0 +1,274 @@ +--- + +satosa_state_encryption_key: ENC[PKCS7,MIIDAgYJKoZIhvcNAQcDoIIC8zCCAu8CAQAxggKKMIIChgIBADBuMFYxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRVlBTUwxJzAlBgNVBAMMHnpvb21wcm94eS1zdG8xLXByb2QtMS5zdW5ldC5zZQIUBppdrYop275+4acxFXLClz3hW0EwDQYJKoZIhvcNAQEBBQAEggIAcS6J2ApQypvtOjz0/XPdYoB3h8P6rRjjsnagJ2eK8FLVHJxtm+C8zd9NV4NlgDHNCtZ0GP4heltANLlhnX2rGhhRJh+BJIFFtyyj8eymD/DUSrekG/yehKdXeUK4psNemNENZN1fGscxm/e3mczz24Mq3Kn/m1TgNsg1mUxUGDq6fqJ10wx64bSKUyuSfx+MNk7rshH9Vgk2VIC7/IKLWMLh8GdhhBbbbl4QPeuJ+zeUDua8AyEBQOoNj7UPKTyL3GRP8eiCqB0dS+okdVZCr3x2XrWgGh5Zn0grt4VfPT8Cczbzk9zKWGqNR2lIAqWtJxy2Oga0B7XN+Q8LuswesJ19LAtk+gV8NziF25EXeInHI9GCXLmeEyZmQnt+9jhFNSGeh73/mqSAG/T4M5GvS0LZRLtseATiLa399r1YkrbfKKyZW3hm19otuto9ai3t6KrrBv/LTia6YSowE+0uD2AiskFfENQILM9Ym+ULswvUn2QD7T5nsNrZzdCh8VisM6TgMfp0AMQPnzo8OwZO9UYXrkdYC7oBxhJaAz1MP+h1cIpE7cD5loKsCPc/VejKQoaj7yCF2gUeSQ6dGa1CXej1txHkncsGTrXRF+Eukig8HxgK7NY6UjUfl1VOIYDbnICTvlHxnov8YJ3WQpwSOTeovUHQKikEYRwUVNW7x68wXAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQ3b7ymHb8bbN5rHgXfDNZpoAwHuzDvR3zdLdYCoeUzLjZkFuOWHxpZIfpqM9PpG6Se1swHmUT8aogkEDz2DrQoeh+] +satosa_user_id_hash_salt: ENC[PKCS7,MIIDAgYJKoZIhvcNAQcDoIIC8zCCAu8CAQAxggKKMIIChgIBADBuMFYxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRVlBTUwxJzAlBgNVBAMMHnpvb21wcm94eS1zdG8xLXByb2QtMS5zdW5ldC5zZQIUBppdrYop275+4acxFXLClz3hW0EwDQYJKoZIhvcNAQEBBQAEggIAJGnXfwwa4d7YOMB01yZh+IFK/jmGsvViwAbygb81430lSQA7A0KFRIgaS9MQ3o6Q5b/hRkSUEaxMCTYBKHay/jo1MwuXGXocTWBu7kSucRrYnvWN/gTXX0yZf05CEdUWkn9QqQD2Cwcum6hQVueCvN8WiyZm87V6Uxzm7qVpdiqWwLCLweZvmi/TqMkPN7EatOyPGkwenN0EtIvVtITByEecI2Xzw1wjaItBlvcedrG9NtLofSdKbuvJEllbvcfpIhoFQk8fKDsxpOE0g0HVinpWWcrRylAxCjmWIdWtJzEUaq2XqK4JpaFMP1PbR8RBWwtb3Bpo3QaJ8++Ot55lv49zE2u2uky9P1L+e+AYh2+GP7qOYYX9x23mlueMA15C5fKj5uE2NL8ds+xV3SRdUdXsWHu5LLwb/Sk62IWPVtnX9z15mpTsqfhevJt+lkp7MdnE0LEo9NGia8FcFz7F4ZkAUEXgxFhynXu6r+jnASkiiNBz+Udyn4aN8DZjuli1+dmODI3kW5B0vs8ePF0Ka8Mdwsope0xtkBqXkgKfxLknXzLGGvDXQN63SOLkgST/wd+cgVmBBaRYJVbIPQwZy4BWy2BcyAODMw8+sN9GkIak/YmJg4lYiAPOOf4Emf9FfCQc+wjJA+r+rNTHu8bFjdrtwoewnD5eq3zFumQnwFkwXAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQ3D44Y5wG79olKW5Rl8TDVoAwhk63lqnEagvVKkfAN+K/tuRz2hkhEr06HdrhkTNUNyOnxhVyvgAUBQQN1mrkq4/w] +satosa_frontend_key: > + ENC[PKCS7,MIIPhgYJKoZIhvcNAQcDoIIPdzCCD3MCAQAxggKKMIIChgIBAD + BuMFYxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRV + lBTUwxJzAlBgNVBAMMHnpvb21wcm94eS1zdG8xLXByb2QtMS5zdW5ldC5zZQ + IUBppdrYop275+4acxFXLClz3hW0EwDQYJKoZIhvcNAQEBBQAEggIAasPNuV + jK2boXYuxwOX/sbxv8UITJA2GVhsa3GVkI7gNOh/aw10U0+hF2pGtqdDK3Pe + VbOenv34Qjael+l2K+LV0rmP7/JjUs0GMBdeDKbLvRpSIfmMsA8eAvXIylAQ + iW7VFXjS1H2GYs7gcMj+a+ZL60e8xkkluOdswMM6yermQGkiV52+gEyG+9gS + fsF9xgDunkIStd5wwL5indIlTmiyEzWAYiTfwo3WH7atUgh7sZA+OdVK9HN+ + 2SDArBdsMgEWGWr3Vf8xXuFoKxKMGRc3kK3fMELjOQ7ygac2xyEfuDtOqby+ + zEg4C+Kzu6gN9XKEX7fhaeYwvvmPTbdfqV8E5R7WkAbrosbSVzkwqNMJAMob + wcJ0LsjvhcSvugA5koHntCi0eyiSmVP5nFjIWC75V8Fu4hbzEdgTeQy4XIxJ + S+knLmLaqrV7HMiySVTqYFfpHBtbr7diCAntFDIwka+M12aQNQmKBH0/ctMY + cXImlqlMOF8XrxRSHKfQ0FVmOaIruw1I8nO2i4OXW2UdHKx7gozmZehN0rsa + WYxbARZMjwvOtrCqSsK0s+inBa/ee0CU4jdDpnR21UyQInfri6FxJmKe1FRr + CMu10D66bncFLyugpH1BQ00b9RBLGyX49SZ0+NqEnOYYvz6iTA8raDOEWaED + eNDKkwg3+hEiHMF4YwggzeBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBD6a2 + 7xsIJnJxvD/9RklU9ugIIMsEcJyvZcrDCNnzo4gZPjlJ5GPzkPSTa8PdNGYs + yPmFQJTkks5rS2pfrYOR1jvkNzq32r1BpiMTt1BjhTOVJX4FxL/XfqcwxaK4 + 8jLjEh0woBFuT1dNJgs/je9DdQgK/Q8NZxqDT88zPb/vBB8CETAQLB57Zs4m + RLn9ZvxdhTBGt84sIU+SrB3mFwnF+XhsxrAlbZeI8ElCzLolbHwNgHxYxTaV + inranEdZf6L5eUcS+TXEhJBkNXzNOrGXL5sLU8xvp6ipScjdI6TZu9Y1ONOT + KpAdymunQvxkBrBFfIDyQhdmrcCeWBbKSx1rqXfLf6RNUlnj2vmcOeAAfjQu + GZZkQ6twKoEi61uMtNGbB5bm52k1Q8dFMdvKA0sJwa3/Sx6uSOWounF3j5ec + 5PD/GR6ZSzj12nrKp/Xb4jWsNU0w5vVjA/117o6ZymauGIa12M9syjrWs56f + M09lG76bV25QpA5sGVgTzTHf13dp9o4bjnjrMBvJYN7SmZY0FI8R2OSIZiFc + MDILWo9qY587sgR7rh0sh7Zc1LH4SGQk7e9kfGl8K34fG4A+gCh/nCkzInge + AOxoXgshfoTGhy/iwV3kAXXWn7d8Q0J3emczGHR+1Br4nzuBqdFsIUSoV04y + KmukYBW+VokOog2Z5nS0FQCxLsMUVdnffdocsDgYuz7Qnf1GG7sbNp2CBXFF + zoSZN5pkD3lOUvTJdRsBhR9G1fgzhzc1nfNtPDdiuqHN0qdsPuyLIJWu1Lcg + 9woEpD6XzXTIsZzGLS00Y8ZWTPwnzw63YFuwb9ON2Y4zKgOLQN0z0/rJ6a0X + vKGwMjPHREHQpF031CZnF/V4/2R+nJgUhNUp9mWnAi33xt9XghpnxBAzcE0y + KnhpBzJdoUPHQZ8pBN2MaRbRroGOwOG048gSo6y+n2W/us+aDLymRbHDbb7Q + A/YQxKo6D66rlzy/O0QE3XjOwlk+L6ZV1qA7bHQvqyNYAhl6QueOX1O54RHG + Fv3uHpJxH1j/fWHIhE2pvcvs0raqBVNvbjvYjBMWUbmdOh5eDj7cq9fJZKyM + 9sGygSor9SAXfX+80JgB05omo1Rovtg+ag8ILy9hM7SP67ef0AuyvBoUclOH + U7XCCGelCAlSilnkN9X5Y3zBY5fZ9SP54VNJaq+uo9da2nafLkgqEilY1tUe + 2iwAZDdk2vUJMpH+oiBHaf1OZlsZOEbvdg/3QEg5u0wvm5nMwotbq8f4svna + mvfnBloMH5A056MGc1xZxIcKJGcFWKxhYRhbncKJJk6oK7zjgTBDxS/V3zs4 + t+DCS2k6jq6FQSWRVdovJmMg3uYpSqsCK0HZv+HkXWnxW3JVxoJDDB4lbo+Q + xGS0ZQWV3nsUlKQ7HVIxvu3ecW7XjcT8YbvQhTyaKcRaYEfGp2iw0osbApAX + slWWecXxOTm6pZ4n8jd+tRgrdtlrTK5rUZb+9hDka6L/zRrYKWpUTLTcotT4 + zGo1yMkYpU07wsLbCA1DdeQIkA8zeZ2k5sATI/p1kLTW/FrNgWsde70tJ1J3 + b55NVw5RV/8S9EeOdDT9aiYFTyddpdPmVFu9Jt8ntm1V0XHsPgQOAcqHx4// + NOAP7oKUy4xBVadzjf9QtprHwRpC4Ns4VyVdhlTz1X5RnKL5RqiT0Qpn+/UW + R79AETjUus/3PNjCHmQLbdUghuPPOFwn8t/T3jrFZthzrglyZssrIzNM/Hre + YhJU9g/oN219vgKkXxlBCVPV4eUATfEqlphk/slPvmyylsZenpMV1QrQBpjd + AByeRqySgwAi28gmHLRamskjXVwEZuSQ5ePDswQh6ib4IdLu6Aicg7qI6wql + A9qrEIzXTlGDrZSyAi/QJqAnpcrdX/eCzh/GJ5WXrWSqtYm0270Dk3Ye8C7+ + MscjY9vhBa2O1A7z+nGk8RB29/ljHJ7DIpHBK8J17+TtE2eR4EtcOSTInxhf + P0C0D2KB9TNmesjC/puyIWYP6EQ+4gR5Iq3CeWn5bmkNANb0GbqFt5yNWhUt + 0cutq5lS0JCqxOHk2zQSDHoehCAI/DNZkLAbk61ddluWXO/ir8x0wDGq+rrC + lBbLS7LjUwcvHUQeNo3NxFYrfF9Ys/wltXIsGCzYv0TiGOvkQkjhZO9vfgpw + DAuRKLSO61MBQyib+MagwqXYQjJHqjmzmzNuMfO/w+lLPv3O6bI4U1WskH5c + 0i1q9MkNdQE6I1FPVqfQ57dfjAZk56yozBpMi7HWcbiD0Ojvumf6dJy1rKqE + +cyA1dgnJA3rDcc+HV4+gt314e0k5JdEHO03nVetCGl50jcQJChxfyCXmxMl + bupqvNtNpQ0FP2cFJaP7VbjAGhZATj+Opasi8d8lvU/Gf9YfD0RLsiUqSlpl + 4QERGapjZD9bTExPxKvhlerUNE6TY0f3JkcZQmU/SPDFlP3c7Gh0Few0WMqm + 89OeGB1BD8+lToSt+XXkQ2QrawN9ZvKFa00LJeVuJpmhBqOrHxm7AeLjaaYq + zxJjF5GbpnXo6IS10ifT0L841BC1y4pGq9Ud6cZvjbEzyeWA5Hog1jGXOs6w + qyG7rNCoaHOh5XE2EcMXX1L7/rWp8d7TO8bZeGeX9OFnQhvmG23M9P17RO+0 + g1Dfe80QJH2D/ngrNuR9Ux0QnccFIwkebDan9rtY2E13El2vxUJ4HqevAN0d + /JIU2RWcYSxWFdByeqN25/7EeQw1e3MVRkxwdFlYnETrt6bNCdlrwsJ8EUAG + l1bjZqgN1SwdpZ96qqbTJJwWeWwvewZzI/IfzVtYk72b5BIWBwt3q1LLWMIZ + 1vHlGht8xhdmo0H9ADZWqkcvmn/fpO5eAT/+YlxXJFB5GrrInUav9uRiPOaq + FueIQR6X3ay55OJ9hv7HrKHqOkVy0CTR6pok5D5D+meaeaPg1FKS85hgRvOk + lHB029bhyKFRS908lnhNt+FRwU6Ek6gV++unNRxQh9rOr+I8eDC4jlkBmeKW + 0CiuDN3uZbOjZ2mWGOuEL8UcyF2UA6OAk5eaUnAuWcwnx+Ryh3W5f8qHiOgR + K2bKYhx8ol1aQtpipMQPcbYLF1yNRJdu6LH11neFmpyIurlZLkMbT1v8vUUP + K8Z7uy2tcWlHJgJElKL2GjgedWxWlgFWkP/ZajVaILXjGmPKwFVXJDbGAL99 + MqKkvEhA1FhRSqiEYmJROwDQdtlYRWJKOgElvSHbl+A8E56o6Bm/3BSouF/8 + zRF6HJDfhkPzTQjTkZgspN90SzPS6l5zYPyb9hv0Leb0KQavR5dfSe+pW4P4 + nBCukvDfyvSyOH4AZ1hCQXS0bGudOTNxQyaV4/I+y83vYLAbwDVtIuTqyxIF + TsMsnNmIYhirtOqkfRCnJh9QQh4z0jRr+R15PSGBDQj6to5mu25A5FkgTbvk + kQN1pqsG6z0O4iCF3bDz9Q9tu9IO+BIeXctQZUxzFki/WclmUK6f0d96fHET + mtSRscyGaTDME3GwTFbcUNBIOVGYDd8LThyzhLFqalT7b2f4HwgBuocOC69E + CNPNrqCQqdY8eHr9Dx4eFgXf506vyoZU/jro+QfxSb3j4ecy8+MtH7fze0Q6 + kWvpYL7rcwjzb1Pkz3ZVT+iRIBTJ7YwIuvTF3xbHp2c02vinVHbbORsuif5s + +0kGAGxVHX0oQ+qSMLxgVs5cYz3kHuORy7BVDsVRhpDsGzbf90yC4u1lr5jI + 6jRKLPVIoKf2slxdspJHDu7wLN1GQqNECFL3XsIkuWsxhJMlbaVQCeUUjAQ8 + d1bP9FGwu3wZR42fzIL8sgmkdAmvt4/YVfw2A59pMuUFsECegxJbHHr3TMHp + F7La9PzcSBZdfRMmBcHWueymhe9x5bNSVaiaaIofZwc2cZ5fUAACVgQGReT9 + VZoGrdNVwLTZl8u9ZoscGzkwCzghHwbRHkKbe77s7pZVL8eKda5aJpaeQO3X + eUwhlzE1E4Pn98mpB+dTnJ+YFOVpkU93ALHuq/ItcZlH3QYR6Z5+rbLDHcG5 + Im3gXDM8FqswyNMYFAyABBCSpLGnCQgLBtkbh2Yvxdi1nvp1lxTbz8D+Ita0 + rOUf7ob6++ubJ3xHK82s0uXJdHY4arPsBFvEqh9VN/Ye9cQNjR39wxxQp+CE + WTQPKTUBXTHnq1x0oWFsdE6tTbqoxJVAAhe7JX0lCcGr5OgsY1sejewk+ecj + iuBXwlQ8BJCwv4BkQUHnUXuARc+VRAe4RWwv6C0B/1R0ivXQAFdrbjkC3sip + pMrOO8Jl/bWjD1vCNjRPkT9c1RnFBLm8PK/I3zzelVPEpTD20dSUaNi3zoSo + WTYwJiIE0DmbDI21qmpGucLHgb4hD5DWpI] +satosa_backend_key: > + ENC[PKCS7,MIIPhgYJKoZIhvcNAQcDoIIPdzCCD3MCAQAxggKKMIIChgIBAD + BuMFYxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRV + lBTUwxJzAlBgNVBAMMHnpvb21wcm94eS1zdG8xLXByb2QtMS5zdW5ldC5zZQ + IUBppdrYop275+4acxFXLClz3hW0EwDQYJKoZIhvcNAQEBBQAEggIAJARKAg + OpSVW0IVnDAkoDrjGZNGLyjLJW5/g74mwKE2VwhEaduuO0dC1N7ZQnhtNS0s + kQH34kPX4yJcsF7Ll4zDgl6LU1+PSB6xCizJMig+J3QDkusO5lZM/AN0LmSq + iebAziPTsCP+YW3SooRevyY4cLQ0+JINAYKWsKY1UsZuMZ0EPspu7g0e17Dt + LgUZlOnoqga2zkawQ5Zwe4cOJ/dYAuR4jMS3VfvEH7GPdgwne+Yeem6/yYgi + E4kR2KkIU3+siO72gvVE/OqwPLs9lryYXAqks9+ei/uHPJZ/TUL/1z84DYnE + 3sD3Jql6igVC5GnhIPz0/clRul7L+k01PPTrSvcprBfOmVIxTyVELW0BOgZI + YdmopT9gGN+bPDIeuiYpp6th/V6S2Kf+qNwzE+Q+JNamM2i2kLMn1kA+Gj8W + iVa0zdnOd58wIfM47+UvoATvHZ4WjeLNExNfo3UUc42DCUC73cdQEfKjSFGq + turN31dHG5/vgR5ybrYwyZ79K9WbqXLcReapR4D2HKdyj438jJ57sGa02gL/ + 6Uz7gy2FnnsL2n7AyeuxG50g1GYsx4t64e3B61/d3QD3Ng5V60SXAiTah09C + GGoSeNBUT5TT2Sc5qtV4z71D+HkLmhjQlrsy2vj3Y9CjtNjv0YkjUwoQ8NOE + Gx7RNcyfGcHGqXNi4wggzeBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBB10J + Hr5xN3KVNA7onoXKTGgIIMsKHzKzgiOtcVIQXq+7eq81SHGRGH7xJSBRl9zO + odA+L2omWxYjkdGEDLe67FDXomOPlA5viKbozhbhzP5BQkz41C2KLbi+nSkg + G/tx6wogE/YQXkCVYrYiWpl/ydt+eIwMbQWf2WYjGIdko4z27AyPBn+w2L7Y + jItqbK47eF7YNZ1O7Lxw6oo9hG4ecj5RLLnDx7RNnDfbBnbiKmUAicdum4rF + 81d4Ay9XZJ+4fMdcMLpRPn880bmaWya+3vwBcDlS9QtSpxiKWpCG6YVNtZ6T + OW2wLD6OpuGdk+7elxjAUiwdZRFhgMAPZSRbM11lQwQ/4MEi4Cm4jRoEDslT + JZvBD7SX5UWK//7PEo59J3+zRqyE4mrwV1DQXEVFuDxRAgiXEB5YdYEK5s2L + dqjAo1b+HMlzFzdPkBKzMUWs/tGelY6o2/L1gSJUFfj5aVdFP8tVTS2jK0bC + Btg7Z1v9SMpWS/jX7bTtDcIDUs1YE63LX8ybJfw9kZm3rMYyT8h+ZZtsv/U2 + +BxQSUdXomce1bjNYRnb8zFbt9NdPx0Qo8eyc8+rXeFb1UIe7uDWMP31QTeW + w5wttKpHwPuy+aBYtc7gVdMq10zYdwiMCYScjZCaBuO7ltLMVfl5SBks+lnr + m6EaZUIfaOL2MensGzZoLHvcQnDCzxj7rtOSGI/O/qKVoPTGdZOAh/1bNDS3 + XpRfiTbAYSIOflPakTqZtJlYBJpJuAuRarDeBgObRg8L3CDTk4i7w8xL5NIy + 0kYaN5ntr0UtTyzbx6uhQgUyRo7R54MsyjwkFrA5fr8ZWS7vNJhTbVBBOhkC + 6m89psP1z4nUELoF6Cn5Tc5Yq7mbFdSB5lCsYFdlPV6xWxhLZn3M63QMMF5g + s/cyALKtCHsZIcPLEf/FYKoib1hfYlMj35rj7WqMCYlIVJiWnhlHvVl4U3tc + s087/rfs+wGt4jJZmoqcFy5p3tr4FhqmbJqtgZxZP6uD99C9yy1KTDY8Xx5I + 1Mry53aM8aWUz+6fjpuy/GJDKqF/6nj47e6dZm5hW8AT+fZe0INq0Az8qHtX + NsuIMxDFmKCDNg0hBZdnibXT/rxcyawIRyCHIAymBM1XfpOUbQvP/9Gl0EgI + hMX3vTEnaFgkYYnhiqNYOyVaJoOjmaJeo48bFsOl70Bm/LFWWrgYgA1awBCN + vB97zLxbqjmz3IOXFGRqGynolXMUcoegXD7fOXbwVap76TAMKCvA9bzixDRU + qGoqh1KfTTLvhk4Wd0mtZ54PbQ7nXb+dp1GapFhXMVJWFAN3Swnf9t05NH6s + oi3tS8Mby8ls+eEO/SzmDvx2nxT95OKtf0Ec+wED/PbTo2kNWjf0SRAkGzfo + aEWAkDR9VL5ZtzHEyOECaicvsAbhvwdVMnjHVXSzv4CQHrNshusCUKot8hCQ + MC6jI1dJwz+qDEfuh7okCpSVk6lfsFd2UFiK9P0OYFi5jx92zNBEdzzcb8Xf + MvBPYQB1D/8NR0v5XcmL60wIgbVVF7KNWcxN/IvvTAkLYxft5+oM01/apYAN + pB8v5czGKV6lzUmWjSsNvlWukV7DNTs6ggn2FdHC5oIEVlW/DrD+mMr9/dul + zEKEXbunxRsH7bbmeEvafsovygW2Wu2krTr26aWxw09FoS/z/3folHKSqADc + gUJDeVXA8Ufa0PfxLCd+/Hq1KVG7zODiGV4AUGYPm9c7DLj7EOr38R1h1x9+ + Hnx8FwHqy2Vu8G/QJpjyOUQjRm1UHLqvE0LW3LKjLqiPw7wFoLErM5v6Q2Eq + Sn6HDmCimMnQ3l5iBtJ4rTuuPfCZQsIIbHdqLWFv75KUl+iNb1w3/P0jf/CC + a8WBjvBMLECHj9z8YdSJDyc5r1F9eYRsCIeBBRgjjwpLAR7xhvKwL1WMvK0k + 1t+E8LpD/OhPUNsQlf5OhzOem44CASuIAdWeGvUHu/3jKiJ+cJWCvSjbnmgn + CL5LoYMwJXYv6ACg4+fElnRWACJYBfzoYH+HetL2eGpcfxYZl+6MH+5ArzUe + 60CMDFBaiHflPmUKionWhcOcvrdy86pPsrjeuQm+Z6ggofqawrmtzKTxOIoC + 2PEk06/YZSuI5nexbyk7C+Pjgj7fHANxrw8W8gsKDXmhSkdWFei2646W+61/ + DihXzD3OBKYneVMrulnr7b3uxslFfWdhh65LMlBRMUfPWc+0b1S6ACWVQsE5 + YfjN5YMygIexiAGDD0c4cAIWEIakc/ek/bE6OgZKWwg2/3bE8LghXqAI+XtU + ah9TKO5V6jHtadPZGctcj6FFqYULDk3SACXu4HrgLOZV1oWS+MIPnBrrSVMf + AgSIlWLqbnEIuIglOv/JjICvLjSHV75HJOt8zqq4YMaEESyM3Cuh9WifJlNQ + G/sTMSb1nXbUHzC0Kv1KmgLJ7krvmvvDa2yyuuuucyD8YBHdQB4NI/kJzJ2V + Quwpbmc61iYi1BEvVIMvRP/OiFYEZL0ez7ot2dnUIzmfdHJtZ8MLzTEB6hXQ + CRSsaeL7GdwsgqXhYzBAXl7sxRQfYsVJN1jHbpCoxW/UV2HJ84i2ls/R/hoo + Nj/jhcQ2UK28pQHofvKbqi7fDuy+3+OKwYRFFawxUnTpOmQcFWSi1+kvwpNE + mRg/MkGTccDPCQzDeru+KudVk8iqryhw11RBGw6/agrzIsTdZf2jXQdu3luw + 4ENEFWloIsDQ3FAT1SZkLkms+XuAaHp8ywfPaajo3grZk48xeQxEvfTGgLQZ + Sg5yJJmqxjbileWhFkUEHID110fnjf9pwcEeO1mxIId55Gylhcdza/puP2le + I4yEGhh0tOn2Z78ECISojmLiM+boSDlDyu76/fWreUEHoXf18YoLMUmAeDZW + 4dg2snTBYVNGzeFAkG85YPh/gwk3O7FsXhg66NVVc7X3E7jSTYmPqdDQmgrW + IEt0ECG7EKBOkwONbDTUCFDEluNybT8rkYNkFH+TTNfx0v4EKmL90w+mAuui + +67XWXreqOuICUmX/7QeapIz63zr9ZMh+iL0EVVSzhht4X7LZBe25dsgmUjS + y7ZK+9hGMBNf8B0hGSVXd5cq/kAZBX2KqTF/K3jcb6mN9aQOqssfZyDFzjSg + OTqz3H4oND0n8zYvAx0o30M2wScLQq0PKB9h8vLNKOenAve2yxGjnQJtPAlk + DO93VTSvE4zUUOQBgv8/8lRxAVbCDhb7a/+1lo8EiDa3YaM+OhXwpVHJ4ebC + OIiNtI7P8aE3ccVrxBYtBL/GvJvdqYph4IL9sTKTPhZ0WcSXkaCEA222+m7k + B1a/Q1DoJYxPuLKdHUHh1vtN07cFkPLfhPUIMTzLHW6iA2xSR/UhEnM+bUd/ + 6TJ45g7VOY5NZWI6qrw3K97YmHGGoSWhrpm1lyoI/152fXR1shFJJtxh0tXB + FeWFpn/UDEQvKAtrrY3JeoD0Ex75yGCnjTUhfQGuB1BMQ7aZxfXM7zRjg6ga + E6/xB/mPzB/7eoCGEYYO9rCDU2SrcWWW1ylxYkVG9OZSHGmNbbnu8oMIw8sY + KhgJ8Ahvz5wGwDQAd7Z081eFKVlcLU57wnhw5LfEPlD4bLZmgD/U+5pKC69H + i3bt/FZxDu+1Zb6piQ31H+5k+G9G7rFpd+D1NqSOgvRO2zBF0AT3xoQLDa/J + OlSVEcFjRRDYc39Ou96XBz7ZXWQjxpdhMDGI2bkx5c3KrGeETq0Sp5jGDBK8 + CDQ6QvLv2QXf27f7AoMYNXZMu99NvqhZgXfjyNrMHEj673S4ywK9/BgZEp0S + AgofjKSuHQUtCBS2jTPwSZUrJHxgAVnpUQEgl4JRdro+A8upVQ+yd188sQXD + gc5IL5p1nWa/DGiY3A5UW3PyU5Yr4bO/M40gZ1Yr9Fc5QVPwWyvBf1PaGO4Z + j6byOzgF11Alocyc3r/bAduMrN2tu773jgTa4kaLcX7RrQ3WJTsWnU8KpmEz + lnbky3abQG9zC721zsQ8+nO+/BftN30kTdbrh3foxnAdgj4Ua4NLsbI9b9QM + PWmQmFQjSUlHtYyFQUsKZ+WbU3pANFLZOWvWY0B2t3JM1rESKYjR6Afl2e6c + HMF3Bf2EdHqbLR1zQ/SAYTdP/lM+V6zsqHOpsd/5UqkyK7T+z3TcvIOVQdSQ + 3k2PvkxN8qyjMUL3y78/GB0YPUHfcz97G0y0SOAlrP3cfNNJa7MC9LSBqyuf + ZBn7VU8e1wZks/A4yM8dcWBgQyd3nIrjYim1y8ymTbE1mo2BEStLdpbP+xUx + ENK/EJ0/QcMHSuX3q9VAZ+24lbbx13Bm/Tswx2TRFyYDFb4XK61hoBZODZh+ + R5FpoLrXC9uAHN+wwR6rkKHeqijIAFNUTh] +satosa_metadata_key: > + ENC[PKCS7,MIIPhgYJKoZIhvcNAQcDoIIPdzCCD3MCAQAxggKKMIIChgIBAD + BuMFYxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRV + lBTUwxJzAlBgNVBAMMHnpvb21wcm94eS1zdG8xLXByb2QtMS5zdW5ldC5zZQ + IUBppdrYop275+4acxFXLClz3hW0EwDQYJKoZIhvcNAQEBBQAEggIASRBHAl + qamrhgIhkm97W4SaHKwCSJ7I6uETpGuXJTDn/2ZwnKNIlBSTZj6GlSdIIrdn + pd8ORDH2p2jicxRZ0jWpLjKUMHSFuhNlzh7tWk9RbFRkCKl+GrksLkt5sKuq + 2/wtie9jjCJIQcPB+rPtPKUOp3N0TG0t0Hls/4y5J09SPxXPgw70Jj8FPyBS + xYVFDAn5na4FbDuEkfqvRzfpHSBiHKPB64DK3zNORlFdul6Zbcj6A39r3DyE + LbIuScLoz7zKyO/yffwX4y06QiUSAlZjnhq4K0LUJuQOQnWLS9U3QgbHBuZf + ZKyGggJW9rhByD7bdKq3yvlfgr9am4Xr72JuGY8E7DVp657w7GY1iD5tnVwF + K8sWmNi/WYptHORrMRG1VY97xA1biwqmEjY8i1BhwTGtMzkuIdQYVy+HUIR6 + z0AkSF2z9sUU7efsrUEaX8K5k5j4ZJk0xgRIiC9wCneISsJNp+ocye2C3V8+ + eXyLWTE9sQwxDo1aSn525wJYwHBg6VELMGnj1CJUawhnx0L6/g1edI5LhX1g + LFyt+c8Hqm31cgClP8voyj/6ZpE+F5OIXxOjysjUHoKux3s9F4EnsSIUr9/t + 8tHrbnABewrpI3WAMyou2hkg3JdbI/HaqQ3my/pC+fumpiJuOOHV7TgDZXJr + 9bL0Out/bu3GYpYJAwggzeBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBpUC + 5JWMXK/OctXfHrOmIJgIIMsFxQ39mfk+AuFhuqHisikjTTjiQV4JKnGqN7E3 + Z9xEFQsYtqNDeGYD1A7nqrmfEBJPmxWnJQBpzcDosX7UEjFtLjaOVQFb4al1 + 4T8e7pB02DRteMSzaPKzn3j944a+Sy8rd0HP0EFVQHUrP68N9qCtoQnS21k7 + q6jWgQoNPoKxbcRFYRx1FI2O+GL14gfI/s874YRao96OS2zTDFnKMVppJqMD + ew1yvTbbKLMsfZ+llOohkRzmX9HPEVopsUqvbdDBXDNY6vX8bZ/tEnDfiM0E + xiIq4bt/hdFgLVrjp/1nSqhT/UBinQBatI42J4dkdEPziWc/ndti8an4zPTE + wJFQJtT7hdAX6jpj6le5lQBhb9v4lEhnAYZ+MQy7NwTMuO1FyHs7X5B4eQfg + E5cKmXZXBNWIFAJOIv2NL8FgXn4iwsbdbtk1BHOaFT3m2px+GWLChMS+xSLO + rJlC98JdCPAPUHfBUyG2xH390O0lCR9Ns34XJxSuC7Ry+CsC7wD8nmeEUgkC + zaP5dUTJuImgRdKTf3dI0UbZeJNpt0NLw+W6dhE8Bdwx+LhM9EODLRX5CAED + pnDuOoT62qjhJdCCVSCFRQTku4WSr0p1vScN6FYuzQYu5RRyeLdIGyST4R85 + 6JXoLfqAXG5/gvAdia1rhxEUPeISjbYGVpdxpAxbMXALyNSxxhV63bMEBP6g + d0Swick75gi9GF9AySaZVX3aZdw/CFS4CVwo22CqkkLWz1iXY5CWI+Py/ifL + i5Gsie66jnZPh+L+HEeRVwIaPPlDlDgiDzHA/70JjTirQK/0RJJFmGS1iYc/ + msmfJ1wEUBPFC9Pklg/nP6TpbyaRWj/UwWeEIGLH6EVNLCVDUEh3iXt4GyoC + 8WwWTNkfCGMDcGBrckW2t2ZOl3Y/OzNjs8r2tnKeVimdM+LkyCCMZ6H+/s/j + k5px3wiJxXeJukLTi51w/cwx44whIjG3O6beXIFLmqBjlIpweAkAOyGXri8u + YNpkjgk9rpvvijBHEHM/SesvVXJURNh8vATa3ucByrqiQo5fvxzEp3mRiVZZ + c2690moMvxeYSfSW2G6iHblHR94RsAd6EO+Zabk3e5s+2Y771eyXGchfXk4d + DyrhWHaUD21Lf1zwO7MF2jzhQCd3gXSPsUDUNbQM7vf0IGmS5owEvec52+Xt + iC+juZJPMsPy+0wpolVh+I8bNQMIdbFbdDHkp0FV45slWf9sdLI9YLpd6qsp + /rrGulxn4SUxuNyuebjhGPTg+dEcbL+dEDY2D48Xt/uaLEAPAhOUazF0rLAt + M7Hmi7aHCxITUecV8KtjMNwLi5iw3LuiSCIYy596JW+tu58humO577DRqaEN + aQLUw3v4WbaUqT8vwybTVDRpZkzj+kA5VI1qL/VUAaXSfz9mnJiNogwdnh/H + PuNaN3ygXYqmXyVKwPU8sPCUUv7TCJyFZIO5cjtT2I6qUPg2ChSR61GFC7cj + 0qnN0rVVx+cGwp4NkfKQ77W27l5Qq3ida/ibScySCgK8/V6CXsroWtrLAU/h + IEW+qpY3ewjy2VJHv7yfRqiE+ArMMiM46H2YvhRBhl83sron11B8vhJQWorF + guYNkrBIRHCiWlMRTjJZ3l+CdAymGScbt+l3ChdgWDEGVR9QBh9DH26PDU1J + NQSYC9xVYI4HLUhBfFVb+TmmUVRZcUMb/0RxpcVgMq5pQs6jBDiLNaY9tOhg + NKqzq/N8Fzfm7OlQu79UIIYDChnP8Btf3nCYzJx8AnkgH2ZvWPx/caMJGU3j + zdfJ9PBkBrMrSmsnYFvhDPZtAOTrYNaFp0SQEgRJU/z6og3mmidnqKXSIzwc + xH3VvGM5pag3eQoMk4w4h5RjfGHfNn6Al0hNoNhxQHYZxMULxC2Rwv4DEiUT + PLIcUUQNWS2T2R4XxY+SgEfD5RNj6h92szbvg+rWtlmE4/4shKpKZH3I7ZBw + aMUQOaN4MOcM7RdqNccJoOzVjsVvw34BJF3tSIBp8ANQoUA94MMPFDMSsSs/ + vzVy+k9NGPL324041+DXx2pj15x1xS7xfFn5CCILZ5orvBP7ms+5xRA4nVCN + FZpMNHhdB9r8DUN9vZdyqM/8CNeGLPLMXfsIzCEih+kIhuR2BTw4zBMq9ssN + H7kcB2VLmHujnLQwRd0ExAEX2CwPiFOnLM64RTjJO8YfPT1wPM0+6lPknRPo + PwlAzw/fXQWzpeOKMrDmdHjOQCC+jtopb9nAja5GICYCNREOzWno9xYfRkSr + s1BOeipXLM5iZ8OAZ6X1rcNYapGL2Bt5E8Royp4yjDVgeymP74u6kWBQTl6H + Si/l39pQWaVF7Wux2s2sBPM3DQggroKOxVzqAXCG4mVCs3RYmz1EUsIVBgyH + IX3xenv0TrTDSIQa0GdwLakuaOsgzRxl1IJxVSlxklmM6i98s04q40ETRn7l + uOx39dplaAmqeWFDnC+KrX4G9ntenoc0Jpo43sA3UMWtf2O0aAvxRgKZAhPp + usC3ZNe9qpFLJtvPr3uqDLO8HrcJMsS4RR94kXSuAP4YzhwDFEJLmcQ8GdGr + /lNpSh3SXeWPUo9JIyZRD9QzqfEu/nJ94pZIs4YWgixFMlVdCFoUIo5NDYxe + FrpzXqzCpkzKJEg0LWyZv+13vdUSRWqz4lK3hNXtUn/2B3g6vS/CQOuinlp7 + TbPPFgM3UHzPdYF22+Vvs8QSTrcy0fdjZDnI/Z3fPYx5QTdV/681AlG23WQz + MksVAdiIrWaXBq5bU0mXfg6tzspJJUA7vvtQSFOoIuaaQ7Bg0DpiZROdSppO + npcstZmd8GMy+J5Ihy+QYTU3GYbKP5zZGlVgDSOYb11QVshByVCLS3wiG7OU + F/l4TqWz8Yt4+jkqdr8j+kGUgQaa6abQX3qSUqjqPzN7nD/6q7Vqm/ziL3bd + qd4UeL9a7mOz5U5Lp+RLmYDOxMGlN3NvMrHTHfi3oGZyWZSsPWMYKju37it0 + ZxJ7xxdrh+zcsnh8J5mOlzqr7Eav8LX6K2oL85IPzO5g5aXkB1cTjxKHmqJj + ip2sdV/b6Udt9svndZk61oOpTHSKsA8KVa2ZlwqHMvt2aAOKU+z7boE7Vg6H + 77yItoy8a0yjZog2FfRlaU0kd9gyjloo+itVd0aPvXNHEIuVpEX2CDZoEJss + b7+dTILB+LV03BNsEeH40kBesyOcw6RDkXB7lq1J0BGPMMvpJYe9PdJud3li + 89XOH9ZUDzIasynQqRyf0yo3GoBveEMwKTi6sK4euuHbPRR0vt4LvEUg2idW + U9PZskbjiIRQelC53AzUm1azaqsPm4oEuOSH2+RnqE3U++zqFJ9yKqcOcwif + u0U8oqzP9eDolnm7jAGwye0Rmrp7UL0x8ypqhpQONimCRKeI8HrlhoKhoK// + sDCgwIM3v+imLIc+PL71wpU3ZwOKsxDltJj3V2oEo7ouMG2pdV5orHpKgGVo + fjKd9BiDrSsC80Kc1uqGujL1GO+O3GCmziQIJZPgeFsP1dyFS8zVfyIGCA6n + 5BfftWTLf10JJP3IaawUQHDcseUuSpGKLVpy27WpnFdmATlOIAAdQAhaReeH + RcofsGlmVi/vgrSMtrpleelCnLSxrBp/uaqwXDnlw4StReDX5aDu0CNX8TMT + nT5rLavF0v1pUh3ny/4GWOlNMXzMPKKyzW6F0AnlCPkb8aBBoX+D1NozHZDa + /9A3G9Zz5WkQkIy1PVlw2XduhnK63zcujYmiAoVAS6wGyWBVTSmLGvZF+pqJ + 8yCBsYmQgLVjdT3Ns9dC4RBRargt7Q+bXGAwnkUYwu9mq7bn3nv0b6Wgz+ZR + Z1ayhh/CSxk2z6dTwtkA2bVEuQmhFC65e3npF5O5OsMFfQkIwtDb6UhO700G + TwHMKlDeDZF9XWFQ4euSPP7AVBI4OKFSQ8dkiW49C/6RB/HZws9kMfI/DXIB + wtnef9z9bU/SmZ9SGhP8OgqSrODOp4fsvpLN4ydKcAffgi3JLOCkX/o9Q9/o + jWl+dIx1HVDbYponuToIiHVReY3jIDAdgmrrZTMMWY3uDUu0Rmx3dkoGib07 + JMv0P2H/m76F+n+aabqyijyy5L6Q2Gy3RBs3JrjcR2UQSCgfzydI+QGTmfyC + B99HElzlTHx0rqzSpcypoQ4JHHRzJAx41VJkAwGa2k1K7mfqfFj00GOSjUWY + vTGSc2Z/GleNs4M68KWKhAP7L28VtIsR7jWphMG/BLNWQbzxywMfrM9KxMBm + C3/DQkGJNoYqgMcpb6U5nUSeEJgEqKzv1VfRyxITiosNDOrzjf1NpX6jKJ47 + ZZput1uATVQsq/CohV/ObLuBenfLoZJtzZ] diff --git a/zoomproxy-sto1-prod-1.sunet.se/overlay/etc/hiera/data/local.yaml b/zoomproxy-sto1-prod-1.sunet.se/overlay/etc/hiera/data/local.yaml new file mode 100644 index 0000000..2968af7 --- /dev/null +++ b/zoomproxy-sto1-prod-1.sunet.se/overlay/etc/hiera/data/local.yaml @@ -0,0 +1,189 @@ +--- +satosa_config: + saml2_backend: "/etc/satosa/plugins/saml2_backend.yaml" + saml2_frontend: "/etc/satosa/plugins/saml2_frontend.yaml" + generated_attributes: "/etc/satosa/plugins/generated_attributes.yaml" + internal_attributes: "/etc/satosa/internal_attributes.yaml" + attribute_authorization: "/etc/satosa/plugins/attribute_authorization.yaml" + attribute_filter: "/etc/satosa/plugins/attribute_filter.yaml" + healthcheck: "/etc/satosa/plugins/healthcheck.yaml" +generated_attributes: + module: satosa.micro_services.attribute_generation.AddSyntheticAttributes + plugin: AddSyntheticAttributes + name: AddSyntheticAttributes + config: + synthetic_attributes: + default: + default: + schachomeorganization: "{{edupersonprincipalname.scope}}" +attribute_authorization: + module: satosa.micro_services.attribute_authorization.AttributeAuthorization + plugin: AttributeAuthorization + name: AttributeAuthorization + config: + force_attributes_presence_on_allow: true + attribute_allow: + default: + default: + edupersonscopedaffiliation: + - "^(member|employee)@sunet.se$" +attribute_filter: + module: satosa.micro_services.attribute_modifications.FilterAttributeValues + name: AttributeFilter + config: + attribute_filters: + default: + default: + edupersonscopedaffiliation: "^(member|employee|student)@" +internal_attributes: + attributes: + displayname: + saml: [displayName] + adfs: [displayName] + commonname: + saml: [cn] + adfs: [displayName] + givenname: + saml: [givenName] + adfs: [givenName] + surname: + saml: [sn] + adfs: [sn] + mail: + saml: [mail] + adfs: [mail] + edupersonprincipalname: + saml: [eduPersonPrincipalName] + adfs: [eduPersonPrincipalName] + edupersonscopedaffiliation: + saml: [eduPersonScopedAffiliation] + adfs: [eduPersonScopedAffiliation] + noredupersonnin: + saml: [norEduPersonNIN] + adfs: [norEduPersonNIN] + edupersonentitlement: + saml: [eduPersonEntitlement] + adfs: [eduPersonEntitlement] + schachomeorganization: + saml: [schacHomeOrganization] + schachomeorganizationtype: + saml: [schacHomeOrganizationType] + organizationname: + saml: [ou] + noreduorgacronym: + saml: [norEduOrgAcronym] + countryname: + saml: [c] + friendlycountryname: + saml: [co] + edupersontargetedid: + saml: [eduPersonTargetedID] + user_id_to_attr: edupersontargetedid +healthcheck: + module: swamid_plugins.healthcheck.HealthCheck + name: HealthCheck +satosa_proxy_conf: + BASE: https://zoom-saas-idp-proxy.sunet.se + INTERNAL_ATTRIBUTES: "internal_attributes.yaml" + BACKEND_MODULES: + - "plugins/saml2_backend.yaml" + FRONTEND_MODULES: + - "plugins/saml2_frontend.yaml" + MICRO_SERVICES: + - "plugins/generated_attributes.yaml" + - "plugins/attribute_authorization.yaml" + - "plugins/attribute_filter.yaml" + - "plugins/healthcheck.yaml" + LOGGING: + version: 1 + formatters: + default: + format: "%(asctime)s [%(process)d] [%(levelname)s] %(message)s" + handlers: + console: + class: logging.StreamHandler + level: DEBUG + formatter: default + stream: ext://sys.stdout + loggers: + satosa: + level: DEBUG + handlers: [console] + saml2: + level: DEBUG + handlers: [console] +saml2_backend: + config: + sp_config: + organization: {display_name: SUNET Zoom, name: SUNET Zoom, url: 'https://sunet.se'} + contact_person: + - {contact_type: technical, email_address: noc@sunet.se, given_name: Technical} + - {contact_type: support, email_address: noc@sunet.se, given_name: Support} + key_file: backend.key + cert_file: backend.crt + encryption_keypairs: + - { key_file: backend.key, cert_file: backend.crt } + allow_unknown_attributes: true + metadata: + mdq: + - url: https://mds.swamid.se + cert: "/etc/satosa/md-signer2.crt" + entityid: https://zoom-saas-idp-proxy.sunet.se/sp + service: + sp: + name_id_format: ['urn:oasis:names:tc:SAML:2.0:nameid-format:transient'] + allow_unsolicited: true + endpoints: + assertion_consumer_service: + - [//acs/post, 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST'] + - [//acs/redirect, 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'] + discovery_response: + - [//disco, 'urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol'] + want_response_signed: False + want_assertions_signed: False + want_assertions_or_response_signed: True + xmlsec_binary: /usr/bin/xmlsec1 + attribute_map_dir: attributemaps + disco_srv: https://service.seamlessaccess.org/ds + attribute_profile: saml + module: satosa.backends.saml2.SAMLBackend + name: Saml2SP + plugin: BackendModulePlugin +saml2_frontend: + config: + custom_attribute_release: + default: + default: + exclude: ["eduPersonTargetedID","eduPersonAffiliation"] + idp_config: + organization: {display_name: SWAMID, name: SWAMID, url: 'https://sunet.se'} + contact_person: + - {contact_type: technical, email_address: noc@sunet.se, given_name: Technical} + - {contact_type: support, email_address: noc@sunet.se, given_name: Support} + key_file: frontend.key + cert_file: frontend.crt + metadata: + local: [metadata/zoom.xml] + entityid: https://zoom-saas-idp-proxy.sunet.se/idp + accepted_time_diff: 300 + service: + idp: + endpoints: + single_sign_on_service: [] + name: SWAMID + name_id_format: ['urn:oasis:names:tc:SAML:2.0:nameid-format:transient'] + policy: + default: + attribute_restrictions: null + fail_on_missing_requested: false + lifetime: {minutes: 15} + name_form: urn:oasis:names:tc:SAML:2.0:attrname-format:uri + want_authn_requests_signed: false + xmlsec_binary: /usr/bin/xmlsec1 + endpoints: + single_sign_on_service: {'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST': sso/post, + 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect': sso/redirect} + attribute_profile: saml + module: satosa.frontends.saml2.SAMLFrontend + plugin: FrontendModulePlugin + name: Saml2IDP diff --git a/zoomproxy-sto1-prod-1.sunet.se/overlay/etc/satosa/backend.crt b/zoomproxy-sto1-prod-1.sunet.se/overlay/etc/satosa/backend.crt new file mode 100644 index 0000000..2fef9c3 --- /dev/null +++ b/zoomproxy-sto1-prod-1.sunet.se/overlay/etc/satosa/backend.crt @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIFBTCCAu2gAwIBAgIJAPSHarYbYh/jMA0GCSqGSIb3DQEBCwUAMBkxFzAVBgNV +BAMMDnNhdG9zYV9iYWNrZW5kMB4XDTE3MDgyOTA4MTU0NFoXDTI3MDgyNzA4MTU0 +NFowGTEXMBUGA1UEAwwOc2F0b3NhX2JhY2tlbmQwggIiMA0GCSqGSIb3DQEBAQUA +A4ICDwAwggIKAoICAQCdP/NkGz/PXwB+vN9qgaEXkyKIKUXsesQFv0tx9ivrr9vW +jp5nIQG5OBPlKurw9lyYGKSF8npVdlx+6MBvizn50TxXt4s0DzoPOVyVQM21wA9D +p2Mbxq+Tx4zmHadyY+5upKxAtKwCpygHsgyyQ5okT09FVz6q+yp2xROjbtGx65FF +UwMiJWalfWlJ8E2Vbi4To6rURvSHik7fDMw2geBFntRs0NNniEU9PecJseI0vtzv +/L2JGFJKQzvZ538NtBF0cYWs11J0PfvT5XZyr4GVZSUdqmHsq4KxnGuAKkgnyefG +q8PFdHXEVcobnl3L1iPf1bTs2OiiBzzz0LgmdWHOAYo6gVdpkSdb1pzF1IUCUOhP +BC+8vHZjNnfVyP8wxChLNP559KrJJmHTsp9AetR14WsirNkH5lH/oj35VEioWMR4 +1Win3pT94RErVjKdCmJFNy14NCs3+M2VMmy3jsIL/VSY0ocZ0tdQhSkSm5YDRyOC +KrZcKjdwyie8Rrn3mpctllklkusZAkgf8iq/vhnj/x/jryt5/dUlqrCZ5Lwjp5gf +o8HC56Jw8N0AQldEwvoU1plm82ji/OO/ITZ+cpZ5pCMwIF6X4F6fKTCAtGis/sJy +XSoPt6taVOhJu79B2OE4b7mA8FZFB8xtSI97UaHIR4LYNo1bZGC+Oii98rL9OwID +AQABo1AwTjAdBgNVHQ4EFgQUbIky0J1V8GO64V4tVVaryNOXYK8wHwYDVR0jBBgw +FoAUbIky0J1V8GO64V4tVVaryNOXYK8wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B +AQsFAAOCAgEAFh05O9tWYZpvmhI8Ru3mjDpOSkgWdfZIATJ6L35bQnW8J9/DL9yE +a58QQ4xCQm1U0yFr3ssDc5bD/Zvco0pq+RPiyR/ydY+4Ld9HtQjaYYYVTvfv6Vsc +X+UpHVsd0MhMUiFQo1Gq40vTMfenPg2lgzLdqiCorA/l9a3+G1dFIXw7Ro+4LTHZ +lCc+u+yQSkQsBHcVyYCW3UdNKSdGl3u99DY+BXO1aG/J11qvynjkC8o3PvMc39BQ +ryvonVkeIp+DPK2080HUjDpSiXKQElniDeZWkQin5/ra45rLS/23/jkqiOfUrSIu +WdYYGOgXOXU69PM71onMCNJK+MQQOuGky+y5LybunxiDdw0V9Ay1zRrjfUtV1EiD +EA5q2DuTAnkBTvwChA/DPRq7o3/Dw3JajVRN39lXjXcYczeBnTAXrNlCwJMtWQ1o +ZHmcDHEOnUQ6oSlXbWhAOOUQw+0z+RQLYbkK5AMFmUqLEYKIgx6asdxUtvwf4PxQ +6xHYyip9FvJ5GQcwNQpJ06xDeBi5D9wJ8/N2E6LV+7y5prqVvYWQCs5jCEJ+FSWH +5slPKSklNu3s4Ul4D6pqU32243+LNROyRaUuy3wXDfLiZLQa17QAhlim6RWpaplq +Mxe0+tX0hEXUAHD3qoocrc5Nn5gXeDpmZA4Ik8dtzyPj8AkGUtekHt8= +-----END CERTIFICATE----- diff --git a/zoomproxy-sto1-prod-1.sunet.se/overlay/etc/satosa/frontend.crt b/zoomproxy-sto1-prod-1.sunet.se/overlay/etc/satosa/frontend.crt new file mode 100644 index 0000000..b7f1c19 --- /dev/null +++ b/zoomproxy-sto1-prod-1.sunet.se/overlay/etc/satosa/frontend.crt @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIFBzCCAu+gAwIBAgIJAKGw1jEdxh7jMA0GCSqGSIb3DQEBCwUAMBoxGDAWBgNV +BAMMD3NhdG9zYV9mcm9udGVuZDAeFw0xNzA4MjkwODAwNDlaFw0yNzA4MjcwODAw +NDlaMBoxGDAWBgNVBAMMD3NhdG9zYV9mcm9udGVuZDCCAiIwDQYJKoZIhvcNAQEB +BQADggIPADCCAgoCggIBAMNmUZ4Fvt64HiJCgIytEN2AohTuNs6MWmOUyHj3Gq7J +TO3JmemKCg9MzR4s0dELfm5zd0/yq6EkeYitg2zrY2+87ue1H1wNDCBdq7msjCys +hW0h9bn/7MbwdfePJyyHxROZp+AB5r1mJCQHC8AAJDtVe7Th4A8K2ctC2XIuQn7A +im0giPP5EdKPKvNb+TuZ0yd6KfoX37ZMLSbacJPXs/3t/9e5Alv7wqpV7vUOxPu8 +uyC1yw7t8pMbU+MDskBt0Z+VZP/h8zZNmAtWjAc/1EddhFFyjIDUA9Xbh+yvIonR +CfrbdmxrkFjOXuhNgagJJBfDw4VUfokFa46DwlxgXqaZ8fsVj/n/p8bIdkITtaMw +/WIGs84JjZZd8BDsgFtUj4SJ8uO+4pdPl6yZKQ2CuLHvBdWvDleXUkIoMadkUqg/ +3hzdW8zNXNMFw9kmD3fSvYK89+JGc6Z74N6LnAAZqlQSYXYanKKHuHxTIY2HpiIk +nSzHx5uN3aKJCHA4uSNN7y0/Grlea6CN5OO6ZrWrSo2+MdNsQA2PDJOyoL9wvDav +B/NbOd12QtLSjbCwYqR9sCLm7u870w1UlKUMjJq9H01QpKqavsO3hSnx0av0JU8z +Ft5x6Ipgm0rsjVpgOjv5drxGTEViBRI6vsee5EAzZ0i3Bb/JXe/jswFpBimLeDLB +AgMBAAGjUDBOMB0GA1UdDgQWBBRZUcpJzK4O0vC9E5hylZX7C/2G3TAfBgNVHSME +GDAWgBRZUcpJzK4O0vC9E5hylZX7C/2G3TAMBgNVHRMEBTADAQH/MA0GCSqGSIb3 +DQEBCwUAA4ICAQAQkBpOJ24TuuRH84kuQBr5SMccn+NAHrAlW48NEWZ9UrRJpvo4 +Kf3zOyb9USd+bYlz5y6ThQtfYrDmCmtGWisRIrTLML17D5ffWe4fNmKhbpsL1MSJ +ozPbsCIjeqKLXTTfmnKr3NbW5x0GOowKhz+egVbYrrACupjuo4T7rM6oYV/O38b0 +h+U2vL4KlqZFmZ0Dnn0GibSWnejwZT4ZF7VuuO3YCbLoFLgOOh4Fg3pGmYPxJpVy +rTm7tpyMfhi1QAr0akuTVaV7A81frshPMw29JjUF3DARjaQL8FcPJf7sWGV1kIol +6cAA/iwmXwJ+ZdXNz2Tj7axp17wl03HOOczG2HbXblajwSrjTllXzoj9T+ZViGe2 +XtrnNXAg4IkC7SU14ba3lIlxP3VX5e2kvlTHlTqRcZCnAz5+FNKe4KRDNkSdN1RE +ljGL73m6LxFg0bA8wtwb/KkM3eS1YrxFccys3/GDLkU7wvfpuyprV7USHb9g02IE +i2Xovs/ly4/omWjdj9kN/iVqZB26Pv9bFxClTiJD2sbvmz0Z3O3qBg6VEyyen1Ql +agQ8QFJNklstQD+ZH354h1emKW3J/9DwGkxST+wqpPNjvJDU9nBWSbh/xFvspsBh +aiUovcRg/mWVPPDYc5Lj0ct472HsRavlTTa7p0egzN+FF4Je34IGiRTz0A== +-----END CERTIFICATE----- diff --git a/zoomproxy-sto1-prod-1.sunet.se/overlay/etc/satosa/md-signer2.crt b/zoomproxy-sto1-prod-1.sunet.se/overlay/etc/satosa/md-signer2.crt new file mode 100644 index 0000000..f182c7a --- /dev/null +++ b/zoomproxy-sto1-prod-1.sunet.se/overlay/etc/satosa/md-signer2.crt @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFyzCCA7OgAwIBAgIJAI9LJsUJXDMVMA0GCSqGSIb3DQEBCwUAMHwxCzAJBgNV +BAYTAlNFMRIwEAYDVQQIDAlTdG9ja2hvbG0xEjAQBgNVBAcMCVN0b2NraG9sbTEO +MAwGA1UECgwFU1VORVQxDzANBgNVBAsMBlNXQU1JRDEkMCIGA1UEAwwbU1dBTUlE +IG1ldGFkYXRhIHNpZ25lciB2Mi4wMB4XDTE2MTIwNjA5MjgyMFoXDTM2MTIwNjA5 +MjgyMFowfDELMAkGA1UEBhMCU0UxEjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UE +BwwJU3RvY2tob2xtMQ4wDAYDVQQKDAVTVU5FVDEPMA0GA1UECwwGU1dBTUlEMSQw +IgYDVQQDDBtTV0FNSUQgbWV0YWRhdGEgc2lnbmVyIHYyLjAwggIiMA0GCSqGSIb3 +DQEBAQUAA4ICDwAwggIKAoICAQDQVw72PnIo9QIeV439kQnPcxZh/LddKw86eIU+ +nMfl4TpjSIyqTu4KJSnXbJyqXg+jQj3RzE9BUblpGrR7okmQwOh2nh+5A6SmyTOR +p7VEVT/Zw0GNnQi9gAW7J8Cy+Gnok4LeILI5u43hPylNKAnvs1+bo0ZlbHM6U5jm +6MlO+lrYA9dZzoPQqoCQbr3OweAaq5g8H54HuZacpYa3Q2GnUa4v+xywjntPdSQU +RTAbWWyJl3cHctX5+8UnX8nGCaxoBZqNp9PcEopyYJX8O1nrLumBMqu9Uh6GW1nx +OHfKDLvUoykG3Dm704ENVs88KaJXB1qQNsjdlm14UI9XCZbHfnFVnQ53ehsGFMha +Bf/Abd6v2wnhBLH/RxEUlw347qSeokw+SdDTSdW8jOEBiSqP/8BUzpCcbGlgAsVO +NKUS0K7IB2Bb79YYhyMvmJl24BGtkX+VM/mv47dxOtfzNFCMtUcJ2Dluv0xJG8xI +ot7umx/kbMBLuq7WdWELZJrgpt2bb9sXtYBpuxtGCW5g7+U7MNN1aKCiCSfq09YH +qu2DsU7HHAxEcGFXBiepBliCwZ24WLQh53bA3rihaln7SjdapT9VuSTpCvytb9RX +rq39mVuHMXvWYOG20XTV0+8U2vnsjAwsy28xPAcrLWRWoZbRJ+RoGp6L3GACq+t+ +HPIukwIDAQABo1AwTjAdBgNVHQ4EFgQUQ2iqKQV/mMZDeJDtLXvy0Bsn/BQwHwYD +VR0jBBgwFoAUQ2iqKQV/mMZDeJDtLXvy0Bsn/BQwDAYDVR0TBAUwAwEB/zANBgkq +hkiG9w0BAQsFAAOCAgEAHviIAfS8viUN8Qk//U1p6Z1VK5718NeS7uqabug/SwhL +Vxtg/0x9FPJYf05HXj4moAf2W1ZLnhr0pnEPGDbdHAgDC672fpaAV7DO95d7xubc +rofR7Of2fehYSUZbXBWFiQ+xB5QfRsUFgB/qgHUolgn+4RXniiBYlWe6QJVncHx+ +FtxD+vh1l5rLNkJgJLw2Lt3pbemSxUvv0CJtnK4jt2y95GsWGu1uSsVLrs0PR1Lj +kuxL6zZH4Pp9yjRDOUhbVYAnQ017mdcjvHYtp7c4GIWgyaBkDoMtU6fAt70QpeGj +XhecXk7Llx+oYNdZn14ZdFPRGMyAESLrT4Zf9M7QS3ypnWn/Ux0SwKWbnPUeRVbO +VZZ+M0jmdYK6o+UU5xH3peRWSJIjjRaKjbVlW5GgHwGFmQc/LN+va2jjThRsQWWt +zEwObijedInQ6wfL/VzFAwlWWoDAzKK9qnK4Rf3ORKkvhKrUa//2OYnZD0kHtHiC +OL+iFRLtJ/DQP5iZAF+M1Hta7acLmQ8v7Mn1ZR9lyDWzFx57VOKKtJ6RAmBvxOdP +8cIgBNvLAEdXh2knOLqYU/CeaGkxTD7Y0SEKx6OxEEdafba//MBkVLt4bRoLXts6 +6JY25FqFh3eJZjR6h4W1NW8KnBWuy+ITGfXxoJSsX78/pwAY+v32jRxMZGUi1J4= +-----END CERTIFICATE----- diff --git a/zoomproxy-sto1-prod-1.sunet.se/overlay/etc/satosa/metadata.crt b/zoomproxy-sto1-prod-1.sunet.se/overlay/etc/satosa/metadata.crt new file mode 100644 index 0000000..b0c82e0 --- /dev/null +++ b/zoomproxy-sto1-prod-1.sunet.se/overlay/etc/satosa/metadata.crt @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIFBzCCAu+gAwIBAgIJAO2iLzrmv26eMA0GCSqGSIb3DQEBCwUAMBoxGDAWBgNV +BAMMD3NhdG9zYV9tZXRhZGF0YTAeFw0xNzA4MjkwODAxMjlaFw0yNzA4MjcwODAx +MjlaMBoxGDAWBgNVBAMMD3NhdG9zYV9tZXRhZGF0YTCCAiIwDQYJKoZIhvcNAQEB +BQADggIPADCCAgoCggIBAK8z4ImxS6seGpMECgEuRjQxsEzCSahfvaKe6cfFvvof +1yPKzuBeBoDneQJWhH8L/DePZigNqit33PUJARrkgKbCGsdrElIg8zo2aSPohr3Q +3WXXBRUZyBExEXd/uC3nBWeE1XoccwEOwqRmaP5g9ubH3fmVozM9qWVP4vG+XFRL +b/XVh1k83V7UePHgIaaB2cbjjXwZBneUeTwf9GymTxpa0eJQjGqA0EvfWRTvGoop +nMX6WrMdX2RuxA2Eb1gBbzdXnsWchDcQD5Z2NyWFvzxPBuLnxgxKlBC+rPr/J10w +c9MO/jgq4VimmKWhTz1JwvcBSRmB47xWDmWzjBMOBFpEh9E2YgB2ugKyjvVRnRRF +qoEoNcQvnC/5rChnh8QxxYDMePB8NYL5iwqwYOFqxcjj+dX/ZF9CmBMIP4EFqXr8 +SCdnzz+QAAoLbV6MTQ/Fx1KBPGSO4E1b2/xtJDqyK/qcwWmmcIOWfW75GZeMFZNz +BauPaCfwmlCRqLel2EcPPhjJxgi45fEE7aEGA0HfDxqwVJwsNjD/SVp/cV2pYbvu +t9iip6jmIriw+KsSpCvRrDWCUeMi9YgvuvJaJd+ZG+Ej7d4WALQQDleBEGNybqDw +X7bJEv+BTxDioYb9onXBIZQYNqL69V29FMh8rUMTvKSC5xlFxmmG/XfyhRJItl/p +AgMBAAGjUDBOMB0GA1UdDgQWBBS0yk9TqlMkPqWQU/a+6MNZRaNm5DAfBgNVHSME +GDAWgBS0yk9TqlMkPqWQU/a+6MNZRaNm5DAMBgNVHRMEBTADAQH/MA0GCSqGSIb3 +DQEBCwUAA4ICAQA5H+B9bq7oQVMHvhyheNk46LKzgNgtktU026dyOGvUET1qdizk +HNFTzVfSXVYPLItFDHypGlS38PkmSXSkoAnDC1mNWP73NzNTyTcx6wamjrIPk7w8 +tzN4ZGL3G8irbiUqZg0SCdS/UdAZarsJTF/UpyF+jHsMYtXXJ6mKHftm75F480ip +gSuPXa/hFN5cj9EbQM9lm+Xfy+NjV4pM2JCWTGlzSrIxStk91oBn0T3EmCDmI+mG +mfV8j+AzRMdK/+rLbTPBA1qRnlEt5PXuqPh9zEd1Ipw+yY4SqaXBZCOOpaH0k3l1 +7bhmnhuQutTvEZlmrtYfrL2+MRqmvNfbXyZWPKCw4+H66NUcVD6jpX0/5qomGQt8 +sHHR4igdjyDbrBbiU0AS4spgATDfK05NG/bCIcUGfUlYDYFCViJVbvUUVp7cGlI3 +Ptjv1TXtKOLgehFrbwGHHvzpCrpMjfzttlShqKw/7V30EhgKzXymMvqEGVbTjehh +WoRodEqXKt34iVBEvKWdhSWHTkqTJDGb7ZEgOuQV7r7HPe2UHsYLxRXdArbTAcZg +Ffmq5eZTK7ZNOSTX3sCg/a8pZFN/z14DFiSsdxErgnJlVCsjQrI51iB4QhMWlDHW +3dmaODsyIoA5iaLPRPiFLyq1S1rclzj5dgW29vuLeHDNzZqLTtcdIfNUVg== +-----END CERTIFICATE-----