From c71d1bf43964f84ef3a188e7a04cdeddee921ce4 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Mon, 22 Jan 2018 10:07:57 +0100 Subject: [PATCH] md1 --- global/overlay/etc/puppet/cosmos-rules.yaml | 3 + .../etc/puppet/manifests/cosmos-site.pp | 18 +++- .../overlay/etc/hiera/data/secrets.yaml.asc | 93 +++++++++++++++++++ 3 files changed, 109 insertions(+), 5 deletions(-) create mode 100644 md1.komreg.net/overlay/etc/hiera/data/secrets.yaml.asc diff --git a/global/overlay/etc/puppet/cosmos-rules.yaml b/global/overlay/etc/puppet/cosmos-rules.yaml index 3434cab5..18f49e8d 100644 --- a/global/overlay/etc/puppet/cosmos-rules.yaml +++ b/global/overlay/etc/puppet/cosmos-rules.yaml @@ -23,7 +23,10 @@ r1.komreg.net: sunet_iaas_cloud: autoupdate: md_repo_client: + +md1.komreg.net: md_signer: + name: natmd-qa '^eidas-node-[0-9]+\.qa\.sveidas\.se$': openstack_ubuntu_16_04_dockerhost: diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index f5ff9a3f..55852659 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -109,11 +109,8 @@ class md_repo_client { url => 'git@r1.komreg.net:komreg-metadata.git', id => 'komreg', manage_user => false - } -} - -class md_signer { - package { ['make']: ensure => latest } + } -> + package { ['make']: ensure => latest } -> sunet::scriptherder::cronjob { 'verify_and_update': cmd => '/var/cache/metadata_r1/scripts/do-update.sh', minute => '*/5', @@ -122,6 +119,17 @@ class md_signer { } } +class md_signer() { + sunet::snippets::secret_file {"/opt/metadata/metadata.key": + hiera_key => 'eidas_metadata_key', + base64 => true + } -> + sunet::pyff {$name: + pound_and_varnish => false, + pipeline => "${name}.fd" + } +} + class md_repo_server($hostname) { class {'openstack_ubuntu_16_04_dockerhost': } -> class {'sunet::gitolite': } -> diff --git a/md1.komreg.net/overlay/etc/hiera/data/secrets.yaml.asc b/md1.komreg.net/overlay/etc/hiera/data/secrets.yaml.asc new file mode 100644 index 00000000..3a224822 --- /dev/null +++ b/md1.komreg.net/overlay/etc/hiera/data/secrets.yaml.asc @@ -0,0 +1,93 @@ +STATUS=UPDATED + +-----BEGIN PGP MESSAGE----- +Version: GnuPG v2 + +hQEMA6XP3KQoA/YjAQgAkEIn2qdgWds+YwA8FXq2EMl7B5jyE8bLd+Yj8w6D+HJt +bv39fiuCDv3thi1/IGs68kl1BEPHI/evBA/z8YgtbkTTlifsxkKvJm4uYpYH6Uqi +xBxp1CERbcobp8gRKChkLxkDj2rBFi/uSuFadO9vNSdhdYc9yEaMENHHNQbDuuRI +q9rEMbaEm82vPzh8/P/O2899LYBXGZptIr9X4KfO93Ko4mjCZCyDz2HW17nneVEC +j1em7j/ABh6Iet/L68yskCPfpoFdmyf/Q10l+ZBJgc5tit9MVOkAyDevBlPHEFDR +y+IUkDPyGDYIg6Q7EooE8ERYYqjKvEJROkEVaF40adLrAUm6sgRmGZL/XAcJEPzQ +plgnztpRO/jFYw23NqDJztlwTB+RzvWzkbBcOGx4pQgHblCVYY1Oy7t88PupaU8A +tdNXIQg6ymQ3Em+qRG6UB/jjTpO9Z3TPN2B5jTs4fdgBhiZGboH+MblZD7Y5pbug +xlDQ8N6HXRg1meJvBFNJuMHwYSJ88VQeXMffmNe420GsDUOURj2MGdJSLHRMpUAk +O50/gAIN4RxEdAMaWihJ0G7OvuPdW/B/pi3n7zJ9vBuDjhvB2cD7U1380PG0FzOJ +PrWKmSWWHJMGzAeUYBMTt1UzvdYfbfhi+haxt2BQHmqQbmO+KVIrYk6d1QyN0bUM +cildOQ4puIjZUOwh0N1QOuoBJDfTA52aljwW02lHQmI+h1xqV9yoJnfASnj6IO4r +eOAEiB60MtjKghLNZwrSj0WsPu/JDw/L8hoe5F5YmRLIfkGNprjk26o3Np8mFNzB +n7zr/05kK1vKKDyeLpTYKwtQKdQgK8wFQHrZq522GVMrOpHWPYtMbli58qMu/JnW +Bnz3532VNMcYGIxT8u7PTTsz+dm49K7eDFH6FSah32XnaUj3tC9Z0SmShOdaT1EG +PzuDzMMqt4USK4vuJiEXJNsa1Z5f7/t7U0f3tsGnhqxQUKvCoKyZvrlj58TfJuf/ +5ifXqGwJ3JFCRa8HpxqhoDLLsyAUGAlHBHkKvWN/Jj59t2aDXY0Uqn+66beSYHLa +/06Jk0ltIVb9DvPNNqyJw1uzqGMxzaCoxuzffkGnfSh3vSgjsH5+rcHrp6NJ++X7 +i5X+xRREo+kzXDObbYIy//4CWzh6OdvWfzbb3qv8dq7dxBT+geV1V+QIsYKEpFiB +VA9ukr4UrKj2w8iOZSR80riq374og8k+dd3PvNVesnrhfLNGQ+MgCLIyGyWQ6Jgk +7/WJYKV/eb4L3xcUazaDXMgCD1dsG1iR68Vavr+nejXRPeBXC2C2X4arEqoLlDg7 +H05hKhCEt7oWhIqHhPowUI/3xUrk+yNkPDSUDyn5SHUOqCMJTfqMNF4Gv9TMCeXl +qPRK9UAvGckMh2WbfIAypaICg2CgHa5W6OkwPfBc3qbd+WLg/oKrRY2WTVYE4PrK +moDEoXgrKA3gWAtFD8u6CPIVVuWIbA7BofTnIcqMWmKGFIsWtagU2+aKKgQ40e8d +Q/5Kd1Kc692qiDbBQHqGeDqyQ85GxNcceQ38d/nC2ehkxj7oVYnK5g6h1TWoYvVu +YGXXrH2CwKa3hjW41DIZF0mDAnb8JPPOPr0oPJjUDuVkIM80XfZ4DKy2echt+Fhu +DXgfWtzuGvU+/ncUzRdsXSYLpb0814FsCWA3IuSS13CWzM2mRKEs1egGqnSAyw+K +vjJTKVH00X5vqSwap2Qz9nVoPsstWKR15jHUd15rOvCcB04wmEbkwb0PfhT/+VZ2 +ITVghj845EF0iL/XbJhTaPNY14t/P55buUYCU6TPJHALTs6kG4sqrUA7kSCcMeon +2IOmGNt1wRVDTTcQLcZzWLrXsKoTPo37jmildFC1hKCL/ypo3U140vbFAnY2eSqU +sH67eZpQ79OzpUVByvbO1pYcPwK9q2kp9GSibsB9VfZRHesbDGTfBvqIpAhY7ewo +LV/JGUAlPs6wf46gJLRcygtUcefaeQJoAPzjfQHyH5lfe4NEvUDMLkEsMvwyvQlG +OQKEG7oQDcPVPH0/i2q69LhYnDHSUjIleod/30+Jmgow40bYooeG9+7p8soPUEFM +pOblin5ycDmq6hhPkTYE/DMW+smrBMnRwE/Le97r46eYLIYcBCZiLsWZCjbX0pSb +NIxIA5wIo6HQ7ao0cShc8RazyKwP7w3UFQMb0QsVxsto/L8E9LUO2H23mWxszNRB +oiHE/OoV0/V2fK1iZAhUOU79VBO8/uELoppkOlc3OecsvfZ62Qn4OsKy2vJ/3Pjz +oQL6wowXUtOfbxvDXe7A0bWZJxK1K9NoalFH6O+KOCkIsNbyJISOwxzLKZORByGB +Q2n83lgKcyyp8gdBI+wNsiKFIir7VPw+5/Bnaub6F+2cYbLRtDNpww5YXKHFs2qG +9vBreeYsFQLytEWAzHaX4qdSabkvjfmwGa+V7zV+fcfXJk6SwJo5S8o0jV4NFmog +eNVizLJHf3kYn3oaLH0GfnGXk9mVexjH0QvnexsDXSmvgZC75NzfYSMcflOIscTe +Mu+3ZkNXc5KhKDuYN/YG60VDDcM9IPIWhoBKwxdlzIGyyLmBdy//dJDKuu4qq3ji +xzM2Xs6fJ9ds3Rhsrsf+896ZEzbgZqcpwej9k5LdsRPITevEoUPSr4E65Gblwg2a +ebtWH9K1P/Gwaxa6dn7OqBihzaYv9BRR+RvoB43wIXIu7QY35JP2bOXE/6hyJ4Cy +gvq6E2n1nl6eExqsrL7uqjGyujI8tMwRKZRn11WRRkqDpkWyjUIiDT90qitNc98o +01n6jU1jjOOIk2OODPqGUrcryGCVXrP2u57I69wh7Bqu+HHMz1/lE7Vqb+8c4NDP +zkLcr5KEn/1xLqOWN3VXuRbpWeq94tJwS8DibEj8WDkkZgpAW6jeHgoluqKJuzrr +g6foygVe/AakKtxiQTNCnM9wxlABgnbP0YwcTHTsuCBHhUgZpCcJJm4vJ0rQ0ZTa +/i6KrFIVkipqgggEbVI6Hj2heA3dLivxNSLWZgMKSMkOyOTHuWA7pScRnczbNBgP +WvfFgfvmMdCqWy1Iay8C0k/qQblW4GtL9lbtL/OvkQaYLnYo77PS9MTXDYiphszV +3zkmhIn70NMs2kZNUi4CH/sZKCcxDiGaCdGZceXu1KO6s5D+kdGzJvSbpI6MAqm7 +pwdoJIbI2D4bSDVHJ9v88CjCUixWpQXHtMRIp0ExTQX9wcRDvsN2LdrEkb0kYTgL +33STGOuxvrzYQK9vk6Xqp+6SJ07Q5dsdQr4uqdu8Y3uX/nDo8EgZFIGooQaeyE95 +rRzB00pI5DYN3hkzQ7H23Cd6Kl4gVhC2dBEjReJBfdqAbbr+QG9SpOEWcdGMWqqe +r7HqP57/OIvpy4ztRZWpVZfo4i4NYjLYqEMlyYGaQPs/UaWHzI95G0namUqCuqoE +IZAPfL6q9Sv+ctFWovfrk6oN6zNh4+grKECPqhbyHSmChS70eJWoaChXxCBxkkcp +VII+KfAoq5nc36y78NnRrDacke7a8txGhhSW1m4IYkQTUpzch3rQyXJL1MclkAkS +qCIjMI9E/291Hsm3yPd0+7bAHPfR5DuqgOXZttBV3mJ2ZMpwuvXwjj9LAhn6Hbpl +99DC6lG+k2YC6Cz/qu3JkS68lv4g5uQUeNGDzjo1uV18V3Tv4Fv3EGyPFPyjIFNr +SLa3dQUZZ1uWTe497iqOqJUE3IV/rpLXRPEAn+gfC5b13J3WWjWRM2jzR68uCTMQ +U0Oyhc8KoZ4gibCJ8soHMU9ziOxzln5ITTVAx+WnDyCw1fYrNStiPMVTuft//oEg +J9zbCAnY9P9Oppus0RjDGQML5pAhPN91NC70PpcEDDL4sOftAt+GuzdpMk+pa6vT +JJi5+O+HI729w8AkUnJjdINwjD52C80gxN/Ek9tY0Z8MTWXXcrpqsNTIlEFh65TF +/6oNX4DznPnhHqkP2RkoFHREwd4CUU+NX9ViSqA2IGOYzFlfHSlZ+M1lw3EmhjAE +be/gkRR3Dhneu7VzoJMYjtV5zhXOjhHI0/2GiwBtlSDxfH4mzyiHasbwMlM3Ty2x +lw6D62UemH3VSQt3/bCjSEqol5N//k6a/TC7m50kq5EIR9s2E5gVjXV88GJlt+Lm +qVUDVwzP119k8FNZ3OP+kcL4SFZJs5hlQTSTxp8OMS/S7FdmX9MFx/0Lpa/P8S2J +gWjBxYyvMjVyFDV1GWen38qXN2adt4ZO3w0XRT6qAeifSBLTm93YsSeUDlDcCPt+ +RLMaNK30oEvDW81/AGD02aqsnGDro5NThs4gkeEgf8/6obyXM/LJ1Z4ws/P6khRe +hBRvU1w2F42I8yY2MQAtNKLJzxsNKAcnCeYLU5qLfw+paEIla0TR17X9ivggWt6c +SAc/Gm+VU551L0utBu3mIvWaWbpylZdxT2ExwJS9x6DaXOnUOOvtrQZZJZnANAJG +HQz2RnTPx/8HrllsQFCziRWoadumVVUxIo/fbXRD37p26vrblFdfi3NmhC9TQLQv +bbiE3ZuUaJP/w6vk8B6laGDVcfrqpZFFEExpKKi1aaqQdCJbpsVfjF7UZT/GMuiE +JrKeCVzNsE1givwFXyAQJlCf347RjoxnCzOWdjGMrs0MoeZuFZArQLdXwMnFO7QR +U3/zvmspm88zOmTHBuHxTCYLVRQuXJsCJEFCYhRoYQ3HLGYaAa9dNZI21mdqMiE1 +Ejigr7pLloMgrwkLHT57R6sB7+p3/QSUknywLUZYcFdRNBLhXO4x5opsuSIJ27yY +z0sWpHAJdy/m9E6zZk5wIgjyfFpeUoEQjGDiM0ZRGatkFSjRT3D6OwcKPruJrLRo +hGS+F9ChB8PnGgiHAFpkRSlxs6pNuIEV2xHudKSdPrqQmEaJnQkG0nrX8u1KhEjF +X/yuJ1W5CDkQcRqZSlzL/khNTQq2/bJhpRwuYKU+azX1yxk9FN+at52Irlt3YNoN +hjZxAghDTP220K+kDoO4wUTYQE8YDuOIB2r3AeZxgMPDvcSIotMdgxKN9dZ57zXO +c4R7ZET2Y0ii7iFdILylVs0iFsP9BjHsgGkZU4M24nZAjZ7lM8ej/myIRbCYHxRd +yZQ2jiQ0T+zeQ62gT9FqpNPViMAhROYYSQFPERr4fvzLhrSSELHt+vZ/L5kiXfxf +4orOx2rvBNh+0GXdJKhZKCdSRFbw960Cb5kgnhUzJwNCAEfKib3GIdvJPBUrkWVt +G5jzthcKfzFDQ1kC7NtFOG3tMcw8uw2vUHpOr7TPf/0OAIeDkL60mp3uvhpcKge6 +LbgwvAJPAHNrBdFWsksPfFW7+H1SeMeDvvdd/7HTVRUleCY5NezRtyvl6tr95Rcu +lljmNPWiZ2HNekuYUZzH1ygNgXJzngYZQoRNMdhVyi+yPPcQWGYP64J3p3nGcZl3 +kmJ2bqEp +=asQ0 +-----END PGP MESSAGE-----