IDM test frontends

This commit is contained in:
Maria Haider 2024-03-04 14:33:44 +01:00
parent 51237ed134
commit 7e31ea041e
Signed by: mariah
GPG key ID: 7414A760CA747E57
3 changed files with 48 additions and 0 deletions

View file

@ -172,3 +172,23 @@ sunet_frontend:
haproxy_imagetag: 'test'
frontendtools_image: docker.sunet.se/eidas-frontend-tools
frontendtools_imagetag: 'staging'
'idmtest':
site_name: 'test.idm.test.swedenconnect.se'
frontends:
'fe-fre-1.test.komreg.net':
ips: ['94.176.226.140', '2001:6b0:65:2::140']
'fe-tug-1.test.komreg.net':
ips: ['94.176.226.141', '2001:6b0:65:2::141']
backends:
default:
'idm-sto1-test-app-1.komreg.net':
ips: ['89.47.185.124']
server_args: 'ssl check verify none'
allow_ports:
- 443
letsencrypt_server: 'acme-c.sunet.se'
haproxy_image: docker.sunet.se/eidas-haproxy
haproxy_imagetag: 'test'
frontendtools_image: docker.sunet.se/eidas-frontend-tools
frontendtools_imagetag: 'staging'

View file

@ -0,0 +1,21 @@
{% extends 'common/haproxy_base.j2' %}
{% from "common/haproxy_macros.j2" import bind_ip_tls, web_security_options, acme_challenge, csp %}
{% block frontend %}
frontend {{ site_name }}
{{ bind_ip_tls(bind_ips, 443, tls_certificate_bundle) }}
timeout http-request 10s
timeout http-keep-alive 4s
option forwardfor
http-request set-header X-Forwarded-Proto https
{{ web_security_options(['no_frames', 'block_xss', 'hsts', 'no_sniff']) }}
{{ acme_challenge(letsencrypt_server) }}
use_backend {{ site_name }}__default
{% endblock frontend %}

View file

@ -1221,3 +1221,10 @@ idm-sto[13]-test-app-[123]\.komreg\.net:
idm-sto1-test-app-1\.komreg\.net:
eid::idm_app:
sunet::frontend::register_sites:
sites:
'test.idm.eidas.swedenconnect.se':
frontends:
- 'fe-fre-1.test.komreg.net'
- 'fe-tug-1.test.komreg.net'
port: '443'