swedenconnect/eid-ops
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

set cert and hostname

Browse source
This commit is contained in:
Leif Johansson 2017-12-16 20:56:46 +01:00
parent 33637aaa4e
commit ba9c5b5186
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
global/overlay/etc/puppet/manifests/cosmos-site.pp
View file

@ -225,6 +225,7 @@ class eidas_connector($version="1.0.6") {
class eidas_proxy($version='1.0.0') { class eidas_proxy($version='1.0.0') {
$_version = safe_hiera('eidas_proxy_version',$version) $_version = safe_hiera('eidas_proxy_version',$version)
$hostname = $::fqdn
$hostname = safe_hiera('eidas_proxy_hostname'); $hostname = safe_hiera('eidas_proxy_hostname');
$country = safe_hiera('eidas_proxy_country'); $country = safe_hiera('eidas_proxy_country');
$proxy_service_cookie_encrypt_pw = safe_hiera('proxy_service_cookie_encrypt_pw',NOT_SET); $proxy_service_cookie_encrypt_pw = safe_hiera('proxy_service_cookie_encrypt_pw',NOT_SET);
@ -237,12 +238,14 @@ class eidas_proxy($version='1.0.0') {
image => 'docker.sunet.se/eidas-proxy', image => 'docker.sunet.se/eidas-proxy',
imagetag => $_version, imagetag => $_version,
ports => ['443:8443'], ports => ['443:8443'],
hostname => "$hostname",
volumes => ['/var/log/eidas-proxy:/var/log/eidas-proxy', volumes => ['/var/log/eidas-proxy:/var/log/eidas-proxy',
'/etc/eidas-proxy:/etc/eidas-proxy', '/etc/eidas-proxy:/etc/eidas-proxy',
'/etc/ssl:/etc/ssl'], '/etc/ssl:/etc/ssl'],
env => ["PROXY_SERVICE_PATH_PREFIX=/etc/eidas-proxy/$country", env => ["PROXY_SERVICE_PATH_PREFIX=/etc/eidas-proxy/$country",
"PROXY_SERVICE_DOMAIN_PREFIX=https://$hostname/eidas-ps", "PROXY_SERVICE_DOMAIN_PREFIX=https://$hostname/eidas-ps",
"SPRING_PROFILES_ACTIVE=se", "SPRING_PROFILES_ACTIVE=se",
"CERTNAME=${hostname}_infra",
"SPRING_CONFIG_LOCATION=/etc/eidas-proxy/$country/cfg/", "SPRING_CONFIG_LOCATION=/etc/eidas-proxy/$country/cfg/",
"PROXY_SERVICE_COOKIEENCRYPTPW=$proxy_service_cookie_encrypt_pw"] "PROXY_SERVICE_COOKIEENCRYPTPW=$proxy_service_cookie_encrypt_pw"]
} -> } ->