Added karchive related manifest etc.

global/overlay/etc/puppet/cosmos-rules.yaml

@@ -27,3 +27,14 @@ pahol-test4.sunet.se:
 
 test-das-federator.lab.sunet.se:
    sunet::certbot::acmed:
+
+karchive.sunet.se:
+   autoupdate:
+   nunoc::dockerhost:
+    version: '5:24.0.1-1~ubuntu.22.04~jammy'
+   nunoc::config:
+   sunet_config:
+   nunoc::karchive:
+      docker_tag: latest
+      git_repo_url: ssh://git@platform.sunet.se:22022/Network/configuration-backup.git
+      git_user: /root

global/overlay/etc/puppet/modules/net/manifests/karchive.pp

@@ -0,0 +1,16 @@
+class net::karchive($docker_tag='latest', $git_repo_url='', $git_user='') {
+  # Allow routers to push config over HTTP
+  $allow_http = hiera_array('allow_http',[])
+  sunet::misc::ufw_allow { 'allow_http':
+    from  => $allow_http,
+    port  => '80',
+    proto => tcp,
+  }
+
+  sunet::docker_compose {
+    'karchive_docker_compose': service_name => 'karchive',
+    description  => 'karchive',
+    compose_dir  => '/opt/',
+    content      => template('net/karchive/karchive.yaml.erb'),
+  }
+}

global/overlay/etc/puppet/modules/net/templates/karchive/karchive.yaml.erb

@@ -0,0 +1,12 @@
+version: "3.3"
+services:
+  app:
+    image: docker.sunet.se/karchive/app:<%= @docker_tag %>
+    environment:
+    - GIT_REPO_URL=<%= @git_repo_url %>
+    volumes:
+      - <%= @git_user %>/.ssh:/root/.ssh
+  nginx:
+    image: docker.sunet.se/karchive/nginx:<%= @docker_tag %>
+    ports:
+      - "80:80"

karchive.sunet.se/overlay/etc/hiera/data/local.yaml

@@ -0,0 +1,7 @@
+---
+allow_http:
+  - 127.0.0.1/32
+  - 86.104.200.0/24
+  - 130.242.1.0/24
+  - 2001:6b0:2000::/48
+  - 2001:6b0:8:4::68