Make redis or in memory configurable, SC-2670
This commit is contained in:
parent
a270a73da7
commit
57a46b79ce
GPG key ID:
5D5B0D4E93F77273
2 changed files with 17 additions and 8 deletions
|
|
@ -1,11 +1,13 @@
|
|||
# This puppet manifest is used to configure Sweden Connect proxy servers
|
||||
|
||||
# @param environment The environment that the server belongs to. (referenced in compose file)
|
||||
# @param session_backend Choose if it should run with a "redis" cluster (session synk) or without session synk
|
||||
# @param version Version of the docker image to use. (referenced in compose file)
|
||||
# @param server_fqdn The FQDN of the server. (referenced in compose file)
|
||||
# @param connector_directory The directory where all connector related config and files are stored. (referenced in compose file)
|
||||
class eid::connector (
|
||||
Enum['test', 'qa', 'prod'] $environment,
|
||||
Enum['redis', 'memory'] $session_backend = 'redis',
|
||||
String $version = '',
|
||||
#String $connector_hostname = '',
|
||||
String $server_fqdn = $facts['networking']['fqdn'],
|
||||
|
|
|
|||
|
|
@ -3,10 +3,6 @@
|
|||
#
|
||||
---
|
||||
spring:
|
||||
session:
|
||||
timeout: 15m
|
||||
redis:
|
||||
namespace: spring:session:connector
|
||||
ssl:
|
||||
bundle:
|
||||
pem:
|
||||
|
|
@ -15,11 +11,16 @@ spring:
|
|||
certificate: file:${CONNECTOR_DIRECTORY}/credentials/tomcat/tomcat-cert.pem
|
||||
private-key: file:${CONNECTOR_DIRECTORY}/credentials/tomcat/tomcat-key.pem
|
||||
sunet-tls-trust:
|
||||
truststore:
|
||||
certificate: file:/etc/ssl/certs/infra.crt
|
||||
<% if @session_backend == redis -%>
|
||||
keystore:
|
||||
certificate: file:/etc/ssl/certs/<%= @server_fqdn %>_infra.crt
|
||||
private-key: file:/etc/ssl/private/<%= @server_fqdn %>_infra.key
|
||||
truststore:
|
||||
certificate: file:/etc/ssl/certs/infra.crt
|
||||
session:
|
||||
timeout: 15m
|
||||
redis:
|
||||
namespace: spring:session:connector
|
||||
data:
|
||||
redis:
|
||||
cluster:
|
||||
|
|
@ -33,6 +34,7 @@ spring:
|
|||
bundle: sunet-tls-trust
|
||||
ssl-ext:
|
||||
enable-hostname-verification: false
|
||||
<% end -%>
|
||||
|
||||
server:
|
||||
port: 8443
|
||||
|
|
@ -49,7 +51,12 @@ management:
|
|||
port: 8444
|
||||
health:
|
||||
redis:
|
||||
<% if @session_backend == redis -%>
|
||||
enabled: true
|
||||
<% end %>
|
||||
<% if @session_backend == memory -%>
|
||||
enabled: false
|
||||
<% end %>
|
||||
|
||||
credential:
|
||||
bundles:
|
||||
|
|
@ -140,9 +147,9 @@ saml:
|
|||
entity-id: https://test.connector.eidas.swedenconnect.se/eidas
|
||||
base-url: ${connector.base-url}
|
||||
session:
|
||||
module: redis
|
||||
module: <%= @session_backend %>
|
||||
replay:
|
||||
type: redis
|
||||
type: <%= @session_backend %>
|
||||
context: "connector-replay-cache"
|
||||
metadata-providers:
|
||||
- location: https://test.md.swedenconnect.se/role/sp.xml
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue