# Note that the matching is done with re.match()
'.*\.cert\.sunet\.se$':
  soc:
  sunet::server:
    fail2ban: false
    ssh_allow_from_anywhere: false

'^internal-sto1-dev-vulndash-1.cert.sunet.se$':
  soc::sso:
    hostname: 'vd-dev.cert.sunet.se'
    email: 'cert@cert.sunet.se'
    service_endpoint: 'http://nginx:80'
    x_remote_user: true
    groups:
      - 'sunet-cert'
    certbot: false