swedenconnect/eid-ops
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Make connector yml file a template, SC-2670

Browse source 
This way we can add redis password to the file.
This commit is contained in:
Patrik Holmqvist 2025-02-05 10:43:05 +01:00
parent e5d2b50da6
commit 236bb8e867
Signed by: pahol
GPG key ID: 5D5B0D4E93F77273
2 changed files with 28 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
global/overlay/etc/puppet/modules/eid/manifests/connector.pp
View file

@ -35,6 +35,11 @@ class eid::connector (
base64 => true base64 => true
} }
file { "${connector_directory}/application-${environment}.yml":
ensure => 'file',
content => template("eid/connector/application-${environment}.yml.erb")
}
sunet::docker_compose { 'eidas-connector': sunet::docker_compose { 'eidas-connector':
content => template('eid/connector/docker-compose.yml.erb'), content => template('eid/connector/docker-compose.yml.erb'),
service_name => 'eidas-connector', service_name => 'eidas-connector',

26
eidas-test-connector/overlay/opt/eidas-connector/application-test.yml → global/overlay/etc/puppet/modules/eid/templates/connector/application-test.yml.erb
View file

@ -3,6 +3,10 @@
# #
--- ---
spring: spring:
session:
timeout: 15m
redis:
namespace: spring:session:connector
ssl: ssl:
bundle: bundle:
pem: pem:
@ -11,8 +15,24 @@ spring:
certificate: file:${CONNECTOR_DIRECTORY}/credentials/tomcat/tomcat-cert.pem certificate: file:${CONNECTOR_DIRECTORY}/credentials/tomcat/tomcat-cert.pem
private-key: file:${CONNECTOR_DIRECTORY}/credentials/tomcat/tomcat-key.pem private-key: file:${CONNECTOR_DIRECTORY}/credentials/tomcat/tomcat-key.pem
sunet-tls-trust: sunet-tls-trust:
keystore:
certificate: file:/etc/ssl/certs/connector-test-sto3-1.komreg.net_infra.crt
private-key: file:/etc/ssl/private/connector-test-sto3-1.komreg.net_infra.key
truststore: truststore:
certificate: file:/etc/ssl/certs/infra.crt certificate: file:/etc/ssl/certs/infra.crt
data:
redis:
cluster:
nodes:
- 89.45.236.201:6379
- 89.45.237.40:6379
- 89.45.237.212:6379
password: '<%= scope.call_function('safe_hiera', ['redict_password']) %>'
ssl:
enabled: true
bundle: sunet-tls-trust
ssl-ext:
enable-hostname-verification: false
server: server:
port: 8443 port: 8443
@ -29,7 +49,7 @@ management:
port: 8444 port: 8444
health: health:
redis: redis:
enabled: false enabled: true
credential: credential:
bundles: bundles:
@ -120,9 +140,9 @@ saml:
entity-id: https://test.connector.eidas.swedenconnect.se/eidas entity-id: https://test.connector.eidas.swedenconnect.se/eidas
base-url: ${connector.base-url} base-url: ${connector.base-url}
session: session:
module: memory module: redis
replay: replay:
type: memory type: redis
context: "connector-replay-cache" context: "connector-replay-cache"
metadata-providers: metadata-providers:
- location: https://test.md.swedenconnect.se/role/sp.xml - location: https://test.md.swedenconnect.se/role/sp.xml