swedenconnect/eid-ops
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

update logging config for docker containers

Browse source
This commit is contained in:
Leif Johansson 2018-12-11 13:23:08 +01:00
parent f019705ad6
commit 60f10dd71b
1 changed files with 16 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
global/overlay/etc/puppet/manifests/cosmos-site.pp
View file

@ -164,7 +164,8 @@ class eidas_hsm_client($luna_version="6.2") {
image => 'docker.sunet.se/luna-client',
imagetag => $luna_version,
volumes => ['/dev/log:/dev/log','/etc/Chrystoki.conf.d:/etc/Chrystoki.conf.d','/etc/luna/cert:/usr/safenet/lunaclient/cert'],
env => ["PKCS11PIN=${pkcs11pin}"]
env => ["PKCS11PIN=${pkcs11pin}"],
extra_parameters => ["--log-driver=syslog"]
}
sunet::scriptherder::cronjob { "${name}_restart_hsmproxy":
cmd => "/usr/sbin/service docker-${name}_hsmproxy restart",
@ -372,7 +373,8 @@ class swedenconnect_refidp($version="1.0.3",$hostname='localhost') {
"TOMCAT_TLS_SERVER_CERTIFICATE=/etc/ssl/certs/${::fqdn}_infra.crt",
"TOMCAT_PROXY_SHARED_SECRET=$proxy_header_secret",
"IDP_PERSISTENT_ID_SALT=$idp_persistent_id_salt",
"IDP_FTICKS_SALT=$idp_fticks_salt"]
"IDP_FTICKS_SALT=$idp_fticks_salt"],
extra_parameters => ["--log-driver=syslog"]
}
ensure_resource('class','webserver',{})
ensure_resource('class','https_server',{})
@ -425,7 +427,8 @@ class eidas_connector($version="1.0.6",$hostname='localhost') {
"SP_ENTITY_ID=https://$_hostname/idp/metadata/sp",
"IDP_PERSISTENT_ID_SALT=$idp_persistent_id_salt",
"IDP_SEALER_PASSWORD=$idp_sealer_password",
"IDP_FTICKS_SALT=$idp_fticks_salt"]
"IDP_FTICKS_SALT=$idp_fticks_salt"],
extra_parameters => ["--log-driver=syslog"]
}
ensure_resource('class','webserver',{})
ensure_resource('class','https_server',{})
@ -463,7 +466,8 @@ class eidas_proxy($version='1.0.0',$country='se',$hostname='localhost') {
"CERTNAME=${::fqdn}_infra",
"PKCS11_PIN=${_pkcs11pin}",
"SPRING_CONFIG_LOCATION=/etc/eidas-proxy/$_country/cfg/",
"PROXY_SERVICE_COOKIEENCRYPTPW=$proxy_service_cookie_encrypt_pw"]
"PROXY_SERVICE_COOKIEENCRYPTPW=$proxy_service_cookie_encrypt_pw"],
extra_parameters => ["--log-driver=syslog"]
}
ensure_resource('class','webserver',{})
ensure_resource('class','https_server',{})
@ -481,7 +485,8 @@ class prid($version="1.0.0",$clients) {
volumes => ['/etc/prid-service:/etc/prid-service',
'/etc/ssl:/etc/ssl'],
env => ["PRID_SERVICE_POLICY_CONFIGURATION=file:///etc/prid-service/policy.properties",
"CERTNAME=${hostname}_infra"]
"CERTNAME=${hostname}_infra"],
extra_parameters => ["--log-driver=syslog"]
} ->
sunet::misc::ufw_allow {'allow-prid':
from => $_allow_clients,
@ -502,7 +507,8 @@ class validator($version="2.0.0") {
'/etc/metadata-validator:/opt/webapp/mdval',
'/etc/localtime:/etc/localtime:ro'],
env => ["SPRING_CONFIG_LOCATION=/opt/webapp/mdval/cfg/",
"CERTNAME=${hostname}_infra"]
"CERTNAME=${hostname}_infra"],
extra_parameters => ["--log-driver=syslog"]
}
ensure_resource('class','webserver',{})
ensure_resource('class','https_server',{})
@ -526,7 +532,8 @@ class proxy_testsp($version="1.0.1",$public_hostname=undef,$uri_path="/testps",$
"SP_ACCESS_ALLOW_ALL=true",
"SP_BASE_URI=https://$_public_hostname",
"SERVER_SERVLET_CONTEXT_PATH=$uri_path",
"SPRING_PROFILES_ACTIVE=$profile"]
"SPRING_PROFILES_ACTIVE=$profile"],
extra_parameters => ["--log-driver=syslog"]
}
}
@ -543,7 +550,8 @@ class pages($version=undef) {
sunet::docker_run {'people-sunet-se':
image => 'docker.sunet.se/static-vhosts',
ports => ['80:80'],
volumes => ['/var/www:/usr/local/apache2/vhosts']
volumes => ['/var/www:/usr/local/apache2/vhosts'],
extra_parameters => ["--log-driver=syslog"]
}
ensure_resource('class','webserver',{})
}