diff --git a/global/overlay/etc/puppet/modules/soc/files/intelmq/eventdb-notifications.sql b/global/overlay/etc/puppet/modules/soc/files/intelmq/eventdb-notifications.sql index a86f3f0..16c6d4e 100644 --- a/global/overlay/etc/puppet/modules/soc/files/intelmq/eventdb-notifications.sql +++ b/global/overlay/etc/puppet/modules/soc/files/intelmq/eventdb-notifications.sql @@ -8,21 +8,8 @@ BEGIN; - -CREATE ROLE eventdb_owner - NOLOGIN NOSUPERUSER NOINHERIT NOCREATEDB CREATEROLE; -CREATE ROLE eventdb_insert - NOLOGIN NOSUPERUSER NOINHERIT NOCREATEDB CREATEROLE; -CREATE ROLE eventdb_send_notifications - NOLOGIN NOSUPERUSER NOINHERIT NOCREATEDB CREATEROLE; - CREATE SEQUENCE intelmq_ticket_seq MINVALUE 10000001; -GRANT INSERT ON events TO eventdb_insert; -GRANT USAGE ON events_id_seq TO eventdb_insert; -GRANT SELECT ON events TO eventdb_send_notifications; - - CREATE TYPE ip_endpoint AS ENUM ('source', 'destination'); @@ -31,8 +18,6 @@ CREATE TABLE ticket_day ( initialized_for_day DATE ); INSERT INTO ticket_day (initialized_for_day) VALUES('20160101'); -GRANT SELECT, UPDATE ON ticket_day TO eventdb_send_notifications; - CREATE TABLE sent ( id BIGSERIAL UNIQUE PRIMARY KEY, @@ -40,11 +25,6 @@ CREATE TABLE sent ( sent_at TIMESTAMP WITH TIME ZONE ); - -GRANT SELECT, INSERT ON sent TO eventdb_send_notifications; -GRANT USAGE ON sent_id_seq TO eventdb_send_notifications; - - CREATE TABLE directives ( id BIGSERIAL UNIQUE PRIMARY KEY, events_id BIGINT NOT NULL, @@ -85,9 +65,6 @@ CREATE INDEX directives_recipient_group_idx gist_trgm_ops ); -GRANT SELECT, UPDATE ON directives TO eventdb_send_notifications; - - -- Converts a JSON object used as aggregate identifier to a -- 2-dimensional TEXT array usable as a value in the database for -- grouping. Doing this properly is a bit tricky. Requirements: @@ -219,14 +196,9 @@ BEGIN END $$ LANGUAGE plpgsql VOLATILE EXTERNAL SECURITY DEFINER; -GRANT EXECUTE ON FUNCTION events_insert_directives_for_row() -TO eventdb_insert; - - CREATE TRIGGER events_insert_directive_trigger AFTER INSERT ON events FOR EACH ROW EXECUTE PROCEDURE events_insert_directives_for_row(); - COMMIT; diff --git a/global/overlay/etc/puppet/modules/soc/files/intelmq/setup-pgsql.sh b/global/overlay/etc/puppet/modules/soc/files/intelmq/setup-pgsql.sh index ad780e5..aa79f50 100644 --- a/global/overlay/etc/puppet/modules/soc/files/intelmq/setup-pgsql.sh +++ b/global/overlay/etc/puppet/modules/soc/files/intelmq/setup-pgsql.sh @@ -23,4 +23,6 @@ sudo -u intelmq /opt/intelmq/venv/bin/intelmq_psql_initdb sudo -u intelmq psql eventdb -f /tmp/initdb.sql rm -f /tmp/initdb.sql +sudo -u intelmq psql eventdb -f /opt/intelmq/install/eventdb-notifications.sql + touch /opt/intelmq/.pgsql-installed diff --git a/test-sso-proxy1.cert.sunet.se/overlay/etc/hiera/data/local.yaml b/test-sso-proxy1.cert.sunet.se/overlay/etc/hiera/data/local.yaml index 1828489..34b7ef8 100644 --- a/test-sso-proxy1.cert.sunet.se/overlay/etc/hiera/data/local.yaml +++ b/test-sso-proxy1.cert.sunet.se/overlay/etc/hiera/data/local.yaml @@ -69,7 +69,7 @@ saml2_backend: mdq: - url: https://mds.swamid.se/ cert: md-signer2.crt - entityid: https://test-sso-proxy1.cert.sunet.se/sp + entityid: https://test-sso-proxy.cert.sunet.se/sp service: sp: name_id_format: ['urn:oasis:names:tc:SAML:2.0:nameid-format:transient'] @@ -100,7 +100,7 @@ saml2_frontend: metadata: local: - metadata/vul-dashboard-test.xml - entityid: https://test-sso-proxy1.cert.sunet.se/idp + entityid: https://test-sso-proxy.cert.sunet.se/idp service: idp: endpoints: