deploy validator
This commit is contained in:
parent
b82d6e57db
commit
a416084c1a
9 changed files with 112 additions and 1 deletions
|
|
@ -250,6 +250,15 @@ md-eu1.qa.komreg.net:
|
||||||
prid:
|
prid:
|
||||||
version: 1.0.1
|
version: 1.0.1
|
||||||
|
|
||||||
|
'^validator-[0-9]+\.qa\.komreg\.net$':
|
||||||
|
openstack_dockerhost:
|
||||||
|
konsulter:
|
||||||
|
sunet_iaas_cloud:
|
||||||
|
autoupdate:
|
||||||
|
servicemonitor:
|
||||||
|
validator:
|
||||||
|
version: 2.0.0
|
||||||
|
|
||||||
'^fe-.+-\d+\.komreg\.net$':
|
'^fe-.+-\d+\.komreg\.net$':
|
||||||
eid::dockerhost:
|
eid::dockerhost:
|
||||||
sunet::frontend::load_balancer:
|
sunet::frontend::load_balancer:
|
||||||
|
|
|
||||||
|
|
@ -298,7 +298,7 @@ class prid($version="1.0.0") {
|
||||||
image => 'docker.sunet.se/prid-service',
|
image => 'docker.sunet.se/prid-service',
|
||||||
imagetag => $_version,
|
imagetag => $_version,
|
||||||
hostname => "$hostname",
|
hostname => "$hostname",
|
||||||
ports => ['443:8443','127.0.0.01:444:8444'],
|
ports => ['443:8443','127.0.0.1:444:8444'],
|
||||||
volumes => ['/etc/prid-service:/etc/prid-service',
|
volumes => ['/etc/prid-service:/etc/prid-service',
|
||||||
'/etc/ssl:/etc/ssl'],
|
'/etc/ssl:/etc/ssl'],
|
||||||
env => ["PRID_SERVICE_POLICY_CONFIGURATION=file:///etc/prid-service/policy.properties",
|
env => ["PRID_SERVICE_POLICY_CONFIGURATION=file:///etc/prid-service/policy.properties",
|
||||||
|
|
@ -308,6 +308,24 @@ class prid($version="1.0.0") {
|
||||||
class {'https_server': }
|
class {'https_server': }
|
||||||
}
|
}
|
||||||
|
|
||||||
|
class validator($version="2.0.0") {
|
||||||
|
$_version = safe_hiera('validator_version',$version)
|
||||||
|
$hostname = $::fqdn
|
||||||
|
sunet::docker_run {'metadata-validator':
|
||||||
|
image => 'docker.sunet.se/metadata-validator',
|
||||||
|
imagetag => $_version,
|
||||||
|
hostname => "$hostname",
|
||||||
|
ports => ['443:8443','127.0.0.1:444:8009'],
|
||||||
|
volumes => ['/etc/ssl:/etc/ssl',
|
||||||
|
'/etc/metadata-validator:/opt/webapp/mdval',
|
||||||
|
'/etc/localtime:/etc/localtime:ro'],
|
||||||
|
env => ["SPRING_CONFIG_LOCATION=/opt/webapp/mdval/cfg/",
|
||||||
|
"CERTNAME=${hostname}_infra"]
|
||||||
|
} ->
|
||||||
|
class {'webserver': } ->
|
||||||
|
class {'https_server': }
|
||||||
|
}
|
||||||
|
|
||||||
class github_client_credential {
|
class github_client_credential {
|
||||||
sunet::ssh_host_credential { "github":
|
sunet::ssh_host_credential { "github":
|
||||||
hostname => "github.com",
|
hostname => "github.com",
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,49 @@
|
||||||
|
# Main service configurations
|
||||||
|
server.context-path=/
|
||||||
|
md-validator.path.prefix=${spring.config.location}..
|
||||||
|
md-validator.domain.prefix=https://validator.qa.swedenconnect.se/
|
||||||
|
server.port=8443
|
||||||
|
md-validator.daemon.recache.delay.sec=600
|
||||||
|
md-validator.html.title=Metadata Validator - Swedenconnect Metadata
|
||||||
|
md-validator.title=Metadata Validator for Sweden Connect Metadata
|
||||||
|
md-validator.logo.location=${md-validator.path.prefix}/swecon-main.svg
|
||||||
|
md-validator.logo.height=60
|
||||||
|
|
||||||
|
# Metadata location for national metadata specified as either URL (http or https), "file://" or "classpath:"
|
||||||
|
# Multipple sources may be set ordered by index. Valid parameters are "location", "certFile" (optional),
|
||||||
|
# "cacheFile" (optional), "index" and "ignoreSignatureValidation" default false.
|
||||||
|
md-validator.nationalMetadata.qa.location=https://qa.md.swedenconnect.se/entities
|
||||||
|
md-validator.nationalMetadata.qa.certFile=${md-validator.path.prefix}/qa-metadata-cert.crt
|
||||||
|
md-validator.nationalMetadata.qa.cacheFile=${md-validator.path.prefix}/mdcache/qa-metadata-cache.xml
|
||||||
|
md-validator.nationalMetadata.qa.index=0
|
||||||
|
md-validator.nationalMetadata.qa.ignoreSignatureValidation=false
|
||||||
|
|
||||||
|
#md-validator.nationalMetadata.dev.location=http://eid.svelegtest.se/metadata/mdx/role/idp.xml
|
||||||
|
#md-validator.nationalMetadata.dev.certFile=${md-validator.path.prefix}/se-metadata-cert.crt
|
||||||
|
#md-validator.nationalMetadata.dev.cacheFile=${md-validator.path.prefix}/ps-mdcache/dev-metadata-cache.xml
|
||||||
|
#md-validator.nationalMetadata.dev.index=1
|
||||||
|
#md-validator.nationalMetadata.dev.ignoreSignatureValidation=false
|
||||||
|
|
||||||
|
|
||||||
|
# Service TLS settings
|
||||||
|
#server.ssl.key-store=${md-validator.path.prefix}/keystore/sslSnakeOil.p12
|
||||||
|
#server.ssl.key-store-type=PKCS12
|
||||||
|
#server.ssl.key-store-password=secret
|
||||||
|
#server.ssl.key-password=secret
|
||||||
|
|
||||||
|
#tomcat.ajp.port=8009
|
||||||
|
#tomcat.ajp.remoteauthentication=false
|
||||||
|
#tomcat.ajp.enabled=false
|
||||||
|
|
||||||
|
# Management
|
||||||
|
management.context-path=/manage
|
||||||
|
management.security.enabled=false
|
||||||
|
management.port=8008
|
||||||
|
#management.ssl.enabled=true
|
||||||
|
#management.ssl.key-store=${server.ssl.key-store}
|
||||||
|
#management.ssl.key-store-password=${server.ssl.key-store-password}
|
||||||
|
#management.ssl.key-password=${server.ssl.key-password}
|
||||||
|
#management.ssl.key-store-type=${server.ssl.key-store-type}
|
||||||
|
#management.ssl.key-alias=${server.ssl.key-alias}
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -0,0 +1,30 @@
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIFIjCCAwoCCQCVO3v9xSA+FDANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJT
|
||||||
|
RTEnMCUGA1UECgweU3dlZGlzaCBFLWlkZW50aWZpY2F0aW9uIEJvYXJkMRswGQYD
|
||||||
|
VQQDDBJRQSBNZXRhZGF0YSBTaWduZXIwHhcNMTcxMjE5MTIyMDI1WhcNMjcxMjE3
|
||||||
|
MTIyMDI1WjBTMQswCQYDVQQGEwJTRTEnMCUGA1UECgweU3dlZGlzaCBFLWlkZW50
|
||||||
|
aWZpY2F0aW9uIEJvYXJkMRswGQYDVQQDDBJRQSBNZXRhZGF0YSBTaWduZXIwggIi
|
||||||
|
MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDYzcmlNTMkBzIYUXxT13zNMakh
|
||||||
|
xR9BO1Qnlt2euUNdvL8FhgiNo+2AJDxFWts8nsg9Jam15F38nTqRMt4r1zFHYFJ5
|
||||||
|
22h8urckpwvFVu/kjQrY8pztLE/pPvGXLPlySDkiRifCGibXuACngZx5chCwNs2h
|
||||||
|
2OoMgKH7d5aZmUcB2mIc/Ybd98W9jtch1gh5/QM0aJsYnDTYuB840YGwHXCyiBUf
|
||||||
|
1teUT9bJ/Y90OSXBdib9kuOmtQNMTYtyX8FAodYXVx8ibXNDfhdGaBJh+2J4lFTA
|
||||||
|
DQQ1tM1YigZyvBuslBcuLDfZce0OaWPYPAf8PE8voxJhGkA026GGNjXP/9nRK146
|
||||||
|
bkN4nd/Aa6842aYEOjjcDAl43tjHKZBu0+pnq/2GRiN7Dw4Y+Td/2y8PqD/W87CV
|
||||||
|
ttrU6yniSMr7Y1+TfzzESSVPXs+csyatH9MJ2IA184Oh7TL6tPh5N96ugh7s85pN
|
||||||
|
zswG+Gouw1BVCfqpSJmmNMheEOr6igOYQ0LY5aOooLoqET9gu0ks9cixjANFhnhE
|
||||||
|
vRVkMfbnFVAnvXQEWPQY5NgqO4b0Z65ey011L+slNo6EIiw0FkznAwER0aYzrM2r
|
||||||
|
hs/hJAAbjnxEhgMKN9bdoXpnrAehwbTOTipOWwrdcd3IKNdDEyFY15j5rGgyIBcK
|
||||||
|
8gNnvGJLKcaC4vBd1QIDAQABMA0GCSqGSIb3DQEBCwUAA4ICAQBuws48HrfwW/Eq
|
||||||
|
WN4+VSZ1cMgkp/mgqyyDdXoCPUf5o7ro17oDSocmpdQypiCr6M88MACBX8cqKmie
|
||||||
|
kIyptrzp1x2seo8rTJpno97dt3hSwbe6+SbRh2bjDpDzL2ecrtv/GXjR41b2CbMO
|
||||||
|
wu4WTgiFhWmKGNDNcEem37VUpKEYe7u/ucie71AQi49jM0rJ5uSVdBONKj3iAH5d
|
||||||
|
mckw2nt6HKMJ0S+ckM/aq+m8ACgAyYmMr74Yt6wcpl/NORtIxaGUeT7Z8rN7TUmk
|
||||||
|
gP9scbYF16xJJkxtylnK2BrSwSFOIuB5KJo2xxhuMffxEgdy4711TfwMCUaTPKmF
|
||||||
|
dlYzPKeBaYzWFU42jcVsiQz4mSqgvS2dS8nZpYe2K0zHIzKwytn+HQ36KhRRDAVR
|
||||||
|
7aKH9S8FZJXC6wqXFdEwwZujkGhu/BxgfjGkde8qOQMUwHboX9+aflQ9okB1Tha6
|
||||||
|
xVB1kG86WdgJLmrsfqaX1FVyO761ZXYHTuoAZ0iuzIRhteUksfRZchnKpUX0fF1i
|
||||||
|
yB9M0E6JfqvFeVfLlo8c2FI4MUYFWgqciizaXSfw0waMFdX5+U33eXr1RWF0POZX
|
||||||
|
JERf83JkjVLanESP9/U9nsZYgIiSX88PahYtuSZLhqamzzFvK+wuVcNKark8s1kS
|
||||||
|
2d8EIOY6h4jmS2ds9ORaavkV/xxTAA==
|
||||||
|
-----END CERTIFICATE-----
|
||||||
File diff suppressed because one or more lines are too long
|
After Width: | Height: | Size: 5.9 KiB |
File diff suppressed because one or more lines are too long
|
After Width: | Height: | Size: 6 KiB |
File diff suppressed because one or more lines are too long
|
After Width: | Height: | Size: 5.6 KiB |
File diff suppressed because one or more lines are too long
|
After Width: | Height: | Size: 5.9 KiB |
File diff suppressed because one or more lines are too long
|
After Width: | Height: | Size: 5.8 KiB |
Loading…
Add table
Reference in a new issue