From fa953f2bfc2b799ca04c6d5fb90d0c2e338f9eb7 Mon Sep 17 00:00:00 2001
From: Kristofer Hallin <kristofer@sunet.se>
Date: Mon, 30 Sep 2024 14:22:45 +0200
Subject: [PATCH] Added karchive related manifest etc.

---
 global/overlay/etc/puppet/cosmos-rules.yaml      | 11 +++++++++++
 .../etc/puppet/modules/net/manifests/karchive.pp | 16 ++++++++++++++++
 .../net/templates/karchive/karchive.yaml.erb     | 12 ++++++++++++
 .../overlay/etc/hiera/data/local.yaml            |  7 +++++++
 4 files changed, 46 insertions(+)
 create mode 100644 global/overlay/etc/puppet/modules/net/manifests/karchive.pp
 create mode 100644 global/overlay/etc/puppet/modules/net/templates/karchive/karchive.yaml.erb
 create mode 100644 karchive.sunet.se/overlay/etc/hiera/data/local.yaml

diff --git a/global/overlay/etc/puppet/cosmos-rules.yaml b/global/overlay/etc/puppet/cosmos-rules.yaml
index 6742ba7..06c71ea 100644
--- a/global/overlay/etc/puppet/cosmos-rules.yaml
+++ b/global/overlay/etc/puppet/cosmos-rules.yaml
@@ -27,3 +27,14 @@ pahol-test4.sunet.se:
 
 test-das-federator.lab.sunet.se:
    sunet::certbot::acmed:
+
+karchive.sunet.se:
+   autoupdate:
+   nunoc::dockerhost:
+    version: '5:24.0.1-1~ubuntu.22.04~jammy'
+   nunoc::config:
+   sunet_config:
+   nunoc::karchive:
+      docker_tag: latest
+      git_repo_url: ssh://git@platform.sunet.se:22022/Network/configuration-backup.git
+      git_user: /root
diff --git a/global/overlay/etc/puppet/modules/net/manifests/karchive.pp b/global/overlay/etc/puppet/modules/net/manifests/karchive.pp
new file mode 100644
index 0000000..16bbf29
--- /dev/null
+++ b/global/overlay/etc/puppet/modules/net/manifests/karchive.pp
@@ -0,0 +1,16 @@
+class net::karchive($docker_tag='latest', $git_repo_url='', $git_user='') {
+  # Allow routers to push config over HTTP
+  $allow_http = hiera_array('allow_http',[])
+  sunet::misc::ufw_allow { 'allow_http':
+    from  => $allow_http,
+    port  => '80',
+    proto => tcp,
+  }
+
+  sunet::docker_compose {
+    'karchive_docker_compose': service_name => 'karchive',
+    description  => 'karchive',
+    compose_dir  => '/opt/',
+    content      => template('net/karchive/karchive.yaml.erb'),
+  }
+}
diff --git a/global/overlay/etc/puppet/modules/net/templates/karchive/karchive.yaml.erb b/global/overlay/etc/puppet/modules/net/templates/karchive/karchive.yaml.erb
new file mode 100644
index 0000000..72a71b1
--- /dev/null
+++ b/global/overlay/etc/puppet/modules/net/templates/karchive/karchive.yaml.erb
@@ -0,0 +1,12 @@
+version: "3.3"
+services:
+  app:
+    image: docker.sunet.se/karchive/app:<%= @docker_tag %>
+    environment:
+    - GIT_REPO_URL=<%= @git_repo_url %>
+    volumes:
+      - <%= @git_user %>/.ssh:/root/.ssh
+  nginx:
+    image: docker.sunet.se/karchive/nginx:<%= @docker_tag %>
+    ports:
+      - "80:80"
diff --git a/karchive.sunet.se/overlay/etc/hiera/data/local.yaml b/karchive.sunet.se/overlay/etc/hiera/data/local.yaml
new file mode 100644
index 0000000..3e43dcf
--- /dev/null
+++ b/karchive.sunet.se/overlay/etc/hiera/data/local.yaml
@@ -0,0 +1,7 @@
+---
+allow_http:
+  - 127.0.0.1/32
+  - 86.104.200.0/24
+  - 130.242.1.0/24
+  - 2001:6b0:2000::/48
+  - 2001:6b0:8:4::68