Fixes med satosa.

2024-11-19 11:05:32 +01:00 · 2024-11-19 11:05:32 +01:00 · 503e8bd695
commit 503e8bd695
parent 17c75292ae
3 changed files with 4 additions and 30 deletions
--- a/global/overlay/etc/puppet/modules/soc/files/intelmq/eventdb-notifications.sql
+++ b/global/overlay/etc/puppet/modules/soc/files/intelmq/eventdb-notifications.sql
@ -8,21 +8,8 @@

 BEGIN;

-
-CREATE ROLE eventdb_owner
-    NOLOGIN NOSUPERUSER NOINHERIT NOCREATEDB CREATEROLE;
-CREATE ROLE eventdb_insert
-    NOLOGIN NOSUPERUSER NOINHERIT NOCREATEDB CREATEROLE;
-CREATE ROLE eventdb_send_notifications
-    NOLOGIN NOSUPERUSER NOINHERIT NOCREATEDB CREATEROLE;
-
 CREATE SEQUENCE intelmq_ticket_seq MINVALUE 10000001;

-GRANT INSERT ON events TO eventdb_insert;
-GRANT USAGE ON events_id_seq TO eventdb_insert;
-GRANT SELECT ON events TO eventdb_send_notifications;
-
-
 CREATE TYPE ip_endpoint AS ENUM ('source', 'destination');


@ -31,8 +18,6 @@ CREATE TABLE ticket_day (
        initialized_for_day DATE
 );
 INSERT INTO ticket_day (initialized_for_day) VALUES('20160101');
-GRANT SELECT, UPDATE ON ticket_day TO eventdb_send_notifications;
-

 CREATE TABLE sent (
    id BIGSERIAL UNIQUE PRIMARY KEY,
@ -40,11 +25,6 @@ CREATE TABLE sent (
    sent_at TIMESTAMP WITH TIME ZONE
 );

-
-GRANT SELECT, INSERT ON sent TO eventdb_send_notifications;
-GRANT USAGE ON sent_id_seq TO eventdb_send_notifications;
-
-
 CREATE TABLE directives (
    id BIGSERIAL UNIQUE PRIMARY KEY,
    events_id BIGINT NOT NULL,
@ -85,9 +65,6 @@ CREATE INDEX directives_recipient_group_idx
            gist_trgm_ops
          );

-GRANT SELECT, UPDATE ON directives TO eventdb_send_notifications;
-
-
 -- Converts a JSON object used as aggregate identifier to a
 -- 2-dimensional TEXT array usable as a value in the database for
 -- grouping. Doing this properly is a bit tricky. Requirements:
@ -219,14 +196,9 @@ BEGIN
 END
 $$ LANGUAGE plpgsql VOLATILE EXTERNAL SECURITY DEFINER;

-GRANT EXECUTE ON FUNCTION events_insert_directives_for_row()
-TO eventdb_insert;
-
-
 CREATE TRIGGER events_insert_directive_trigger
 AFTER INSERT ON events
 FOR EACH ROW
 EXECUTE PROCEDURE events_insert_directives_for_row();

-
 COMMIT;
--- a/global/overlay/etc/puppet/modules/soc/files/intelmq/setup-pgsql.sh
+++ b/global/overlay/etc/puppet/modules/soc/files/intelmq/setup-pgsql.sh
@ -23,4 +23,6 @@ sudo -u intelmq /opt/intelmq/venv/bin/intelmq_psql_initdb
 sudo -u intelmq psql eventdb -f /tmp/initdb.sql
 rm -f /tmp/initdb.sql

+sudo -u intelmq psql eventdb -f /opt/intelmq/install/eventdb-notifications.sql
+
 touch /opt/intelmq/.pgsql-installed
--- a/test-sso-proxy1.cert.sunet.se/overlay/etc/hiera/data/local.yaml
+++ b/test-sso-proxy1.cert.sunet.se/overlay/etc/hiera/data/local.yaml
@ -69,7 +69,7 @@ saml2_backend:
        mdq:
        - url: https://mds.swamid.se/
          cert: md-signer2.crt
-      entityid: https://test-sso-proxy1.cert.sunet.se/sp
+      entityid: https://test-sso-proxy.cert.sunet.se/sp
      service:
        sp:
          name_id_format: ['urn:oasis:names:tc:SAML:2.0:nameid-format:transient']
@ -100,7 +100,7 @@ saml2_frontend:
      metadata:
        local:
          - metadata/vul-dashboard-test.xml
-      entityid: https://test-sso-proxy1.cert.sunet.se/idp
+      entityid: https://test-sso-proxy.cert.sunet.se/idp
      service:
        idp:
          endpoints: