From 6cb7991ed4073d3b140444984f03f4b45606a3cc Mon Sep 17 00:00:00 2001
From: Leif Johansson <leifj@sunet.se>
Date: Tue, 14 Aug 2018 13:16:19 +0200
Subject: [PATCH] expose refidp on 8443 instead

---
 global/overlay/etc/puppet/manifests/cosmos-site.pp | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp
index f4aa744b..fbfacd25 100644
--- a/global/overlay/etc/puppet/manifests/cosmos-site.pp
+++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp
@@ -283,7 +283,7 @@ class swedenconnect_refidp($version="1.0.3",$hostname='localhost') {
       image    => 'docker.sunet.se/swedenconnect-idp',
       imagetag => $_version,
       hostname => "${::fqdn}",
-      ports    => ['443:8443'],
+      ports    => ['8443:8443'],
       volumes  => ['/var/log/swedenconnect-idp:/var/log/swedenconnect-idp',
                    '/etc/swedenconnect-idp:/etc/swedenconnect-idp',
                    '/dev/log:/dev/log',
@@ -294,8 +294,10 @@ class swedenconnect_refidp($version="1.0.3",$hostname='localhost') {
                    "IDP_PERSISTENT_ID_SALT=$idp_persistent_id_salt",
                    "IDP_FTICKS_SALT=$idp_fticks_salt"]
    }
-   ensure_resource('class','webserver',{})
-   ensure_resource('class','https_server',{})
+   ufw::allow { "allow-alt-https":
+      ip   => 'any',
+      port => '8443'
+   }
 }
 
 class eidas_connector($version="1.0.6",$hostname='localhost') {