swedenconnect/eid-ops
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

test metdata sites config

Browse source
This commit is contained in:
Maria Haider 2022-03-11 21:10:42 +01:00
parent 8b90248ce8
commit be2cb9f7b6
Signed by: mariah
GPG key ID: 7414A760CA747E57
4 changed files with 103 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

46
fe-test-common/overlay/etc/hiera/data/group.yaml
View file

@ -70,7 +70,7 @@ sunet_frontend:
site_name: 'test.proxy.eidas.swedenconnect.se'
frontends:
'fe-fre-1.test.komreg.net':
ips: ['94.176.226.133', '2001:6b0:65:2::132']
ips: ['94.176.226.132', '2001:6b0:65:2::132']
'fe-tug-1.test.komreg.net':
ips: ['94.176.226.133', '2001:6b0:65:2::133']
backends:
@ -87,3 +87,47 @@ sunet_frontend:
haproxy_image: docker.sunet.se/eduid/haproxy
haproxy_imagetag: 'stable-tug'
frontendtools_imagetag: 'stable'
'mdeidastest':
site_name: 'test.md.eidas.swedenconnect.se'
frontends:
'fe-fre-1.test.komreg.net':
ips: ['94.176.226.134', '2001:6b0:65:2::134']
'fe-tug-1.test.komreg.net':
ips: ['94.176.226.135', '2001:6b0:65:2::135']
backends:
default:
'eupub-test-1.komreg.net':
ips: ['89.45.236.252']
server_args: 'ssl check verify none'
'eupub-test-2.komreg.net':
ips: ['89.45.237.8']
server_args: 'ssl check verify none'
allow_ports:
- 443
letsencrypt_server: 'acme-c.sunet.se'
haproxy_image: docker.sunet.se/eduid/haproxy
haproxy_imagetag: 'stable-tug'
frontendtools_imagetag: 'stable'
'mdtest':
site_name: 'test.md.swedenconnect.se'
frontends:
'fe-fre-1.test.komreg.net':
ips: ['94.176.226.136', '2001:6b0:65:2::136']
'fe-tug-1.test.komreg.net':
ips: ['94.176.226.137', '2001:6b0:65:2::137']
backends:
default:
'natpub-test-1.komreg.net':
ips: ['89.45.237.190']
server_args: 'ssl check verify none'
'natpub-test-2.komreg.net':
ips: ['89.45.237.23']
server_args: 'ssl check verify none'
allow_ports:
- 443
letsencrypt_server: 'acme-c.sunet.se'
haproxy_image: docker.sunet.se/eduid/haproxy
haproxy_imagetag: 'stable-tug'
frontendtools_imagetag: 'stable'

22
fe-test-common/overlay/opt/frontend/config/mdeidastest/haproxy.j2 Normal file
View file

@ -0,0 +1,22 @@
{% extends 'common/haproxy_base.j2' %}
{% from "common/haproxy_macros.j2" import bind_ip_tls, web_security_options, acme_challenge, csp %}
{% block frontend %}
frontend {{ site_name }}
{{ bind_ip_tls(bind_ips, 443, tls_certificate_bundle) }}
stats enable
timeout http-request 10s
timeout http-keep-alive 4s
option forwardfor
http-request set-header X-Forwarded-Proto https
{{ web_security_options(['no_frames', 'block_xss', 'hsts', 'no_sniff']) }}
{{ acme_challenge(letsencrypt_server) }}
use_backend {{ site_name }}__default
{% endblock frontend %}

22
fe-test-common/overlay/opt/frontend/config/mdtest/haproxy.j2 Normal file
View file

@ -0,0 +1,22 @@
{% extends 'common/haproxy_base.j2' %}
{% from "common/haproxy_macros.j2" import bind_ip_tls, web_security_options, acme_challenge, csp %}
{% block frontend %}
frontend {{ site_name }}
{{ bind_ip_tls(bind_ips, 443, tls_certificate_bundle) }}
stats enable
timeout http-request 10s
timeout http-keep-alive 4s
option forwardfor
http-request set-header X-Forwarded-Proto https
{{ web_security_options(['no_frames', 'block_xss', 'hsts', 'no_sniff']) }}
{{ acme_challenge(letsencrypt_server) }}
use_backend {{ site_name }}__default
{% endblock frontend %}

14
global/overlay/etc/puppet/cosmos-rules.yaml
View file

@ -578,6 +578,13 @@ eupub-test-1.komreg.net:
md_publisher:
keyname: eupub-test-1.komreg.net_infra
mdsl_publisher:
sunet::frontend::register_sites:
sites:
'test.md.eidas.swedenconnect.se':
frontends:
- 'fe-fre-1.test.komreg.net'
- 'fe-tug-1.test.komreg.net'
port: '443'
natmd-2.komreg.net:
autoupdate:
@ -673,6 +680,13 @@ eupub-test-2.komreg.net:
md_publisher:
keyname: eupub-test-2.komreg.net_infra
mdsl_publisher:
sunet::frontend::register_sites:
sites:
'test.md.eidas.swedenconnect.se':
frontends:
- 'fe-fre-1.test.komreg.net'
- 'fe-tug-1.test.komreg.net'
port: '443'
nic.komreg.net:
sunet_iaas_cloud: