demwtest frontend setup plus install demw application in backend

This commit is contained in:
Maria Haider 2024-03-21 18:19:48 +01:00
parent ed1bec53aa
commit 7323c75cee
Signed by: mariah
GPG key ID: 7414A760CA747E57
3 changed files with 44 additions and 0 deletions

View file

@ -192,3 +192,23 @@ sunet_frontend:
haproxy_imagetag: 'test'
frontendtools_image: docker.sunet.se/eidas-frontend-tools
frontendtools_imagetag: 'staging'
'demwtest':
site_name: 'test.demw.eidas.swedenconnect.se'
frontends:
'fe-fre-1.test.komreg.net':
ips: ['94.176.226.142', '2001:6b0:65:2::142']
'fe-tug-1.test.komreg.net':
ips: ['94.176.226.143', '2001:6b0:65:2::143']
backends:
default:
'demw-1.test.sveidas.se':
ips: ['89.45.236.166']
server_args: 'ssl check verify none'
allow_ports:
- 443
letsencrypt_server: 'acme-c.sunet.se'
haproxy_image: docker.sunet.se/eidas-haproxy
haproxy_imagetag: 'test'
frontendtools_image: docker.sunet.se/eidas-frontend-tools
frontendtools_imagetag: 'staging'

View file

@ -0,0 +1,21 @@
{% extends 'common/haproxy_base.j2' %}
{% from "common/haproxy_macros.j2" import bind_ip_tls, web_security_options, acme_challenge, csp %}
{% block frontend %}
frontend {{ site_name }}
{{ bind_ip_tls(bind_ips, 443, tls_certificate_bundle) }}
timeout http-request 10s
timeout http-keep-alive 4s
option forwardfor
http-request set-header X-Forwarded-Proto https
{{ web_security_options(['no_frames', 'block_xss', 'hsts', 'no_sniff']) }}
{{ acme_challenge(letsencrypt_server) }}
use_backend {{ site_name }}__default
{% endblock frontend %}

View file

@ -848,6 +848,9 @@ demw-1.test.sveidas.se:
storage_driver: 'overlay2'
konsulter:
autoupdate:
eidas_de_middleware_hsm:
version: 320-sc_hsm2
hostname: test.demw.eidas.swedenconnect.se
saml_metadata:
filename: /opt/eidas-middleware/configuration/serviceprovider-metadata/connector-metadata.xml
url: https://test.connector.eidas.swedenconnect.se/idp/metadata/sp