From aeb09078c5e7638feca813492c021a64562de807 Mon Sep 17 00:00:00 2001
From: Maria Haider <mariah@sunet.se>
Date: Tue, 4 Mar 2025 16:55:01 +0100
Subject: [PATCH] fleetlock for connector-test-sto3-1.komreg.net

---
 .../overlay/etc/hiera/data/local.eyaml             |  9 +++++++++
 .../health-checks.d/check_website.check            | 14 ++++++++++++++
 global/overlay/etc/puppet/cosmos-rules.yaml        |  1 +
 3 files changed, 24 insertions(+)
 create mode 100644 eidas-test-connector/overlay/etc/sunet-machine-healthy/health-checks.d/check_website.check

diff --git a/connector-test-sto3-1.komreg.net/overlay/etc/hiera/data/local.eyaml b/connector-test-sto3-1.komreg.net/overlay/etc/hiera/data/local.eyaml
index f3f74fef..22415b80 100644
--- a/connector-test-sto3-1.komreg.net/overlay/etc/hiera/data/local.eyaml
+++ b/connector-test-sto3-1.komreg.net/overlay/etc/hiera/data/local.eyaml
@@ -2,3 +2,12 @@
 redict_password: ENC[PKCS7,MIIDBAYJKoZIhvcNAQcDoIIC9TCCAvECAQAxggKMMIICiAIBADBwMFgxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRVlBTUwxKTAnBgNVBAMMIGNvbm5lY3Rvci10ZXN0LXN0bzMtMS5rb21yZWcubmV0AhQFrTD42TKEAsSIuGwQ8+c06yNkqTANBgkqhkiG9w0BAQEFAASCAgADfdvsPnn7AscmS2q2/kndxwJ4P/+u7Lx6Ul9yTxOIcLaGCLo6jES/WfIsu91xsK16M2ZzT2uMcnS+5wc5+1xMsGfn1fWEldJw1ecfMTx89QoJuvh5jEjicA2Pnd0+KN7wj30+PgFHqdGARQKvO4rn6sWCJsdSwp9dS1lPBpW55nN1+HabwXlTMqKg2lThBjYTLlepw8aR43TFV5qc+lXARSYhnKfkUQScc51qrN40Jy1l+dnktPQtWMNlW7rcCqf3b6JczlsM1NTVbp+LKygIqU1eqJypdyAf0Rsdn39WDPP0t+R8mA+fVUHdqE0Plvj9k37dcqFfxZptJbokRStXPA5l2RYWduEE2fxFMf46dKxIeo6JH2BIOgS9jf3mandAUn3HSyumh/1K2HN56p+5Xx7nj/n1awDiYlWIUu4C1g5XUlhg5kXRvorDSzv9adkcEiyZL6E7LO2/QcSXAB+Q6HQVK1mwuMsBawjds9h08onMISjxFoAB3pE3xG8QBqGN8Rt5kg7cA4wHx8rWiLIcfkODHjuaTOG2wAFmmKSS3I4cCudXcahKY0ULs7ydK53NJyIldntoz8GC0g3nRwMq6t+i4Zq6r6u2/0vC57E1qHjyawHuWb41wdS3DbB+XSQoH/562Hx9mPbn/aR2F1Vqu0GEWAFa9zPDzPFNKL7/zDBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBB972FNQs/pl9QlkiQ6YKDdgDBVp1D+kQGaYzT/I/ZngtxUsZrJzfsF7HYH5O5quv51Rxfjg4Dlaw4D7FYXC+kMa9Q=]
 pkcs11_pin: ENC[PKCS7,MIIC9AYJKoZIhvcNAQcDoIIC5TCCAuECAQAxggKMMIICiAIBADBwMFgxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRVlBTUwxKTAnBgNVBAMMIGNvbm5lY3Rvci10ZXN0LXN0bzMtMS5rb21yZWcubmV0AhQFrTD42TKEAsSIuGwQ8+c06yNkqTANBgkqhkiG9w0BAQEFAASCAgBcsZfvfglpw8qTU5mLIsIMuEiTwnEBTakLp7olgTVYL5Ji1uPbr+8Fq6yEOakWioSNtbQGbnDH09/rN8rjZ3IrVYTli5SfAbisI+CXTUl1/sCXAVwqS+YamKj5wQeyuGMZPLmnTu+FrCOpQzcQPWmuqG2cxle89TLv1yX82mzhFGNoxbQ4qL4CGUDbHQziBX4u1EF3FM/4qpU4+wD+FJljKaoMBKCBMkVou4jA2dIjxIALO/7Q8oL6KxP2unZIZkd9oqKbBPGEMlW8X2qsZHfmYji0cDqzlUxU+cGSNhsTIZDGaxQaqncWYtDgL3gM+m4wMLgAcb31GI7LtPuhoabYBT5BCvewt3APelTVwO0sGMcy2Q4MR+hMuz/3ANWnH8UXfpcj6f+xTzrM3Uc7jHpmf1ihCoL1GR1gocQteLLbgI4Zc8FYLmANgX72DdzQp63FeLlwXkfKNYJDnVeb3wU7jJXVprC7dW2VOmr6f1/M3EZowy2Tx8QXxBT5ADcIDW/u8D6KwY7WBu038T5zlod3aKkDvH3wLa17X0ehBJQBfKpg7zRMnt77sCgL7v81kt0xvssrBtzGI6F5aL9zn20CmDPp1u88vm45nGYtkphASaxKfLvi3tgdMmtP2HOf2ORmxbdi3D1oD3mIiHjp/m5VkWN534547cmn/M9bcMZ84zBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCO4tmiMC6h7IXY/9ppyT/mgCC26xbOkZa3nHGHiNAKVPjrV1ddWxDI9TXcI/WgNmRmaw==]
 
+fleetlock_config:
+  sunet-frontends:
+    server: https://fl-test.knubbis.sunet.se
+    password: ENC[PKCS7,MIIC5AYJKoZIhvcNAQcDoIIC1TCCAtECAQAxggKMMIICiAIBADBwMFgxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRVlBTUwxKTAnBgNVBAMMIGNvbm5lY3Rvci10ZXN0LXN0bzMtMS5rb21yZWcubmV0AhQFrTD42TKEAsSIuGwQ8+c06yNkqTANBgkqhkiG9w0BAQEFAASCAgAlWjYaTQ0GLGBCb8a8Fy6oPBTSBFC7gIRr06jn4oDM21BCEOuAkQbO/X+acbauF8cr3fYTluUo2QZvMrfOSIiI8pXrDOIufLuYOJmNRJ5hURC5YllHo+yiSuhIQxd95A5gTQf9MQcpj9nH1dh8ELOdEf4imOAxwEGPDrGYq7fJWPkp6UZNC0RQjmYwrPXp8TtcV0Sl9eBuqFCkv5ubF22A8wuBmz4ZC3J7cLxSyBLnhA4qvp4K2+JorobF2/ypsXNgmOK+xl69fyGfUhONJEnWvjaBTHWKcfMAtWAZKXIELaz6mOtJqqdButZwEDeJO+zJp8HaGZStWuy90X6bzGK6dpiH1+Uc2bZCgpos4ByofBN9ltl0n8o6P20L7DNJwq0JwGER13Kz8gIlmEckJYGFq9G55ZKqaUG7G/TN9dY3u/TSRdXxZcWBGMp600VRj+Sjuq7vhxfbOUqVNcvP/tOmY4vtw9ndRooiSt/qvE1+GjeRO+b7mZU0rK1GeLWnOCTxLePYiprIujbGtPYZrd2UhU2okQNmA9EE7OGnDcAo0nLhbka+bg7TaevXoNVroaVxLTViWqJIR155fcE0nqbo6A6rN3rhEfu+ss/GxjrpimAaX3wT7yMg1DzsWLUrX+/RpUsJp/8+y7nNujr/anbb1XcZ6gH1QJ73oYX/5OpmczA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDTABlyX6b1uFyHQoA+uDt9gBCNyu2ylfb/6sdJscIQgbzt]
+cosmos_fleetlock_config:
+  fleetlock_group: sunet-frontends
+  fleetlock_healthcheck_timeout: 300
+  fleetlock_lock_timeout: 300
+
diff --git a/eidas-test-connector/overlay/etc/sunet-machine-healthy/health-checks.d/check_website.check b/eidas-test-connector/overlay/etc/sunet-machine-healthy/health-checks.d/check_website.check
new file mode 100644
index 00000000..2c4fbc87
--- /dev/null
+++ b/eidas-test-connector/overlay/etc/sunet-machine-healthy/health-checks.d/check_website.check
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+while true
+do
+  exec=$(/usr/lib/nagios/plugins/check_http -H localhost -S -u https://localhost/idp/metadata/sp)
+  exec_result=$?
+  if [[ $exec_result -ne 0 ]]; then
+        echo "Service is not working!"
+  else
+     echo "$exec: Service is working!"
+     exit 0
+  fi
+  sleep 1
+done
diff --git a/global/overlay/etc/puppet/cosmos-rules.yaml b/global/overlay/etc/puppet/cosmos-rules.yaml
index 7328344e..dd67cf27 100644
--- a/global/overlay/etc/puppet/cosmos-rules.yaml
+++ b/global/overlay/etc/puppet/cosmos-rules.yaml
@@ -1321,6 +1321,7 @@ proxy-qa-sto1-1.komreg.net:
      maxmemory: 1gb
      maxmemory_policy: volatile-ttl
      automatic_rectify: true
+   sunet::fleetlock_client:
    sunet::frontend::register_sites:
      sites:
        'test.connector.eidas.swedenconnect.se':