Merge branch 'master' of ssh://git.nordu.net/eid-ops
This commit is contained in:
Erik Bergström
commit
e3cbf83f7b
14 changed files with 294 additions and 77 deletions
eidas-connector-common/overlay/etc/Chrystoki.conf.d
eumd-2.komreg.net
eumd-common/overlay/etc
eupub-2.komreg.net
global/overlay/etc/puppet
natmd-common/overlay/etc
natpub-2.komreg.net
|
|
@ -0,0 +1,8 @@
|
||||||
|
VirtualToken = {
|
||||||
|
VirtualToken00Label = sc_ha;
|
||||||
|
VirtualToken00SN = 1462371088;
|
||||||
|
VirtualToken00Members = 462371088,462344047;
|
||||||
|
}
|
||||||
|
HASynchronize = {
|
||||||
|
sc_ha = 1;
|
||||||
|
}
|
||||||
3
eumd-2.komreg.net/README
Normal file
3
eumd-2.komreg.net/README
Normal file
|
|
@ -0,0 +1,3 @@
|
||||||
|
|
||||||
|
The system documentation is in the docs directory of the multiverse repository.
|
||||||
|
|
||||||
28
eumd-2.komreg.net/overlay/etc/hiera/data/secrets.yaml.asc
Normal file
28
eumd-2.komreg.net/overlay/etc/hiera/data/secrets.yaml.asc
Normal file
|
|
@ -0,0 +1,28 @@
|
||||||
|
STATUS=UPDATED
|
||||||
|
|
||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
Version: GnuPG v2
|
||||||
|
|
||||||
|
hQEMA/ni5nOCRnV1AQf8CmL02SoFvrAlqsks7MXhH5mX1ARXKj1MzufOu3hLH4Y9
|
||||||
|
itfz/Kgc96CLh9ssDQ0F/L+Vfdx3lXbK9WFEsnJm5h3qjshr31HX50h3H8emCyAd
|
||||||
|
SC7t+A22SyA4BfLq9ZOX3+fcfj4nsTmsEvDTgH92Rfg8dc5M7iG0ytNYG4s6Huxz
|
||||||
|
wWK9LseHr9OPBA02aVqBYAEnWWDsQMBZudiHJf2HnvKcbnz2jz7bTBDAClBh1hIR
|
||||||
|
xJYdU4zQ0a6d7JYn9Tw6hctFHqq+WPSuSRkzxPxf7/Z3ztdVzvKL4HNQjllxu2c1
|
||||||
|
SA4ANK/CWYUyvXInfercrou214WoXFqPbq5yf8KQLtLpAZsuOlPl6uqn+p30NVtp
|
||||||
|
wim+D04umHyDJbu7GZmSQUceQ+b4EDzUx1Tdy47rfaHQd/4zwSAQvGpCJ2v8cr3U
|
||||||
|
VQUfFAz8mnkAkdywHenJocn7bfihyvYZL+krgFAUCfikdeZLEAyNQneJhN1udHmh
|
||||||
|
8V4yyZXWfJKR0b2ln42EEqgmknNe/quYkUaEoih0L3otS+MraEeZQH9ix08zFLJQ
|
||||||
|
QX+TQYedrgA0jZ7vVa29oNYxt2cEjh4gXcqtgSlqL25T4+rzyhDTDsBTtCFHs52+
|
||||||
|
bZFM21xHr8qN1juiwAzv4sHbtaqEsi/Ua8iADoG4zk9ygvPV3Rb2Y2jNfFkR+Dvm
|
||||||
|
ZE4Yc4nMgR9GygN17Er1jP+A43wRSUkRmrdVQo1g7dofOUrIiuyC2j2Fg8VhSH+s
|
||||||
|
jGhrRvV37fDNIO6EWfsfyQgUdL4Rlo0sBFAZ8ltXtkceR+ssNjrXK6DwqSsB3hHO
|
||||||
|
wEpC9FJLURcnjw/sQ6T3GfCWnp7tLQtr65rSuG1y8X2ti+arZE07Xaa1IwsdfKAz
|
||||||
|
ISrBPM9Rzl/xVx7JB7Y8GibQ6WeTmZEe5jvfFSJDZxxYgRIN5BhQKiQd2OW5mGDc
|
||||||
|
GQmja7PrLoPzneeUTLEdDT7TTQFiNZbNrC4glArZ9f97Cc+7dkSiwJLzvgGX7yQd
|
||||||
|
qy4AOj0oYuvc9cRxLyS429fAF01shmbb+6KonKfoXjwgxWKs+yp4M1pxSMnEJzIn
|
||||||
|
WcbxfOqBDIaibtqhgkplqT5W3NAPV1ltAJcwP5P5CG245bo0gCdfVmgP0TmjI77J
|
||||||
|
B89kdLZSk6V4iBd39hFizs76RNIc4w48N7KuYCYQMNN0J2fGwfZMcSobjv7hgK31
|
||||||
|
gZiBGisM1US40p/TvhgSZBWjs84Y/wuG3IAd8tix4tad4jYAi/asKrMlrgTFGDgg
|
||||||
|
xoNGcEB1RiVdCjYJPISXCg+NhPzN+H7ZmoO2A3TmcedYAYlkns37rRwf
|
||||||
|
=BZxq
|
||||||
|
-----END PGP MESSAGE-----
|
||||||
8
eumd-common/overlay/etc/Chrystoki.conf.d/50-ha-slot.conf
Normal file
8
eumd-common/overlay/etc/Chrystoki.conf.d/50-ha-slot.conf
Normal file
|
|
@ -0,0 +1,8 @@
|
||||||
|
VirtualToken = {
|
||||||
|
VirtualToken00Label = sc_ha;
|
||||||
|
VirtualToken00SN = 1462371088;
|
||||||
|
VirtualToken00Members = 462371088,462344047;
|
||||||
|
}
|
||||||
|
HASynchronize = {
|
||||||
|
sc_ha = 1;
|
||||||
|
}
|
||||||
|
|
@ -1,3 +0,0 @@
|
||||||
/etc/luna/cert
|
|
||||||
/etc/metadata
|
|
||||||
|
|
||||||
3
eupub-2.komreg.net/README
Normal file
3
eupub-2.komreg.net/README
Normal file
|
|
@ -0,0 +1,3 @@
|
||||||
|
|
||||||
|
The system documentation is in the docs directory of the multiverse repository.
|
||||||
|
|
||||||
3
eupub-2.komreg.net/overlay/etc/hiera/data/local.yaml
Normal file
3
eupub-2.komreg.net/overlay/etc/hiera/data/local.yaml
Normal file
|
|
@ -0,0 +1,3 @@
|
||||||
|
---
|
||||||
|
publisher_ssh_key: AAAAC3NzaC1lZDI1NTE5AAAAIH3sk7S/Wb3RIGETd6st93OFaLihyy8u/2ZJOIIhlKTQ
|
||||||
|
publisher_ssh_key_type: ssh-ed25519
|
||||||
|
|
@ -173,6 +173,21 @@ classes:
|
||||||
nrpe: null
|
nrpe: null
|
||||||
sunet::rsyslog: null
|
sunet::rsyslog: null
|
||||||
sunetops: null
|
sunetops: null
|
||||||
|
eumd-2.komreg.net:
|
||||||
|
autoupdate: null
|
||||||
|
common: null
|
||||||
|
eid::dockerhost: null
|
||||||
|
eidas_hsm_client: null
|
||||||
|
entropyclient: null
|
||||||
|
infra_ca_rp: null
|
||||||
|
konsulter: null
|
||||||
|
mailclient: *id002
|
||||||
|
md_repo_client: null
|
||||||
|
md_signer: {dest_host: eupub-2.komreg.net, name: eidas-prod}
|
||||||
|
metadatamgrs: null
|
||||||
|
nrpe: null
|
||||||
|
sunet::rsyslog: null
|
||||||
|
sunetops: null
|
||||||
eupub-1.komreg.net:
|
eupub-1.komreg.net:
|
||||||
autoupdate: null
|
autoupdate: null
|
||||||
common: null
|
common: null
|
||||||
|
|
@ -188,6 +203,21 @@ classes:
|
||||||
port: '443'
|
port: '443'
|
||||||
sunet::rsyslog: null
|
sunet::rsyslog: null
|
||||||
sunetops: null
|
sunetops: null
|
||||||
|
eupub-2.komreg.net:
|
||||||
|
autoupdate: null
|
||||||
|
common: null
|
||||||
|
entropyclient: null
|
||||||
|
infra_ca_rp: null
|
||||||
|
mailclient: *id002
|
||||||
|
md_publisher: {keyname: eupub-2.komreg.net_infra}
|
||||||
|
nrpe: null
|
||||||
|
sunet::frontend::register_sites:
|
||||||
|
sites:
|
||||||
|
md.eidas.swedenconnect.se:
|
||||||
|
frontends: [fe-fre-3.komreg.net, fe-tug-3.komreg.net]
|
||||||
|
port: '443'
|
||||||
|
sunet::rsyslog: null
|
||||||
|
sunetops: null
|
||||||
fe-fre-3.komreg.net:
|
fe-fre-3.komreg.net:
|
||||||
common: null
|
common: null
|
||||||
eid::dockerhost: null
|
eid::dockerhost: null
|
||||||
|
|
@ -459,8 +489,8 @@ classes:
|
||||||
eumd-1.komreg.net: {bridge: br-meta, cpus: '4', description: eid fre european
|
eumd-1.komreg.net: {bridge: br-meta, cpus: '4', description: eid fre european
|
||||||
metadata signer, gateway: 94.176.224.193, ip: 94.176.224.198, mac: '52:54:20:01:01:02',
|
metadata signer, gateway: 94.176.224.193, ip: 94.176.224.198, mac: '52:54:20:01:01:02',
|
||||||
memory: '8192', netmask: 255.255.255.240}
|
memory: '8192', netmask: 255.255.255.240}
|
||||||
eupub-1.komreg.net: {bridge: br-meta, cpus: '4', description: eid fre european metadata
|
eupub-1.komreg.net: {bridge: br-meta, cpus: '4', description: eid fre european
|
||||||
publisher, gateway: 94.176.224.193, ip: 94.176.224.200, mac: '52:54:20:01:01:04',
|
metadata publisher, gateway: 94.176.224.193, ip: 94.176.224.200, mac: '52:54:20:01:01:04',
|
||||||
memory: '4096', netmask: 255.255.255.240}
|
memory: '4096', netmask: 255.255.255.240}
|
||||||
natmd-1.komreg.net: {bridge: br-meta, cpus: '4', description: eid fre swedish
|
natmd-1.komreg.net: {bridge: br-meta, cpus: '4', description: eid fre swedish
|
||||||
metadata signer, gateway: 94.176.224.193, ip: 94.176.224.197, mac: '52:54:20:01:01:01',
|
metadata signer, gateway: 94.176.224.193, ip: 94.176.224.197, mac: '52:54:20:01:01:01',
|
||||||
|
|
@ -478,9 +508,18 @@ classes:
|
||||||
common: null
|
common: null
|
||||||
eid::kvmhost:
|
eid::kvmhost:
|
||||||
vms:
|
vms:
|
||||||
|
eumd-2.komreg.net: {bridge: br-meta, cpus: '4', description: eid tug european
|
||||||
|
metadata signer, gateway: 94.176.224.65, ip: 94.176.224.70, mac: '52:54:20:02:03:02',
|
||||||
|
memory: '8192', netmask: 255.255.255.240}
|
||||||
|
eupub-2.komreg.net: {bridge: br-meta, cpus: '4', description: eid tug european
|
||||||
|
metadata publisher, gateway: 94.176.224.65, ip: 94.176.224.72, mac: '52:54:20:02:03:04',
|
||||||
|
memory: '4096', netmask: 255.255.255.240}
|
||||||
natmd-2.komreg.net: {bridge: br-meta, cpus: '4', description: eid tug swedish
|
natmd-2.komreg.net: {bridge: br-meta, cpus: '4', description: eid tug swedish
|
||||||
metadata signer, gateway: 94.176.224.65, ip: 94.176.224.69, mac: '52:54:20:02:03:01',
|
metadata signer, gateway: 94.176.224.65, ip: 94.176.224.69, mac: '52:54:20:02:03:01',
|
||||||
memory: '8192', netmask: 255.255.255.240}
|
memory: '8192', netmask: 255.255.255.240}
|
||||||
|
natpub-2.komreg.net: {bridge: br-meta, cpus: '4', description: eid tug swedish
|
||||||
|
metadata publisher, gateway: 94.176.224.65, ip: 94.176.224.71, mac: '52:54:20:02:03:03',
|
||||||
|
memory: '4096', netmask: 255.255.255.240}
|
||||||
entropyclient: null
|
entropyclient: null
|
||||||
infra_ca_rp: null
|
infra_ca_rp: null
|
||||||
mailclient: *id002
|
mailclient: *id002
|
||||||
|
|
@ -572,10 +611,17 @@ classes:
|
||||||
sunet::rsyslog: null
|
sunet::rsyslog: null
|
||||||
sunetops: null
|
sunetops: null
|
||||||
natmd-2.komreg.net:
|
natmd-2.komreg.net:
|
||||||
|
autoupdate: null
|
||||||
common: null
|
common: null
|
||||||
|
eid::dockerhost: null
|
||||||
|
eidas_hsm_client: null
|
||||||
entropyclient: null
|
entropyclient: null
|
||||||
infra_ca_rp: null
|
infra_ca_rp: null
|
||||||
|
konsulter: null
|
||||||
mailclient: *id002
|
mailclient: *id002
|
||||||
|
md_repo_client: null
|
||||||
|
md_signer: {dest_host: natpub-2.komreg.net, name: natmd-prod}
|
||||||
|
metadatamgrs: null
|
||||||
nrpe: null
|
nrpe: null
|
||||||
sunet::rsyslog: null
|
sunet::rsyslog: null
|
||||||
sunetops: null
|
sunetops: null
|
||||||
|
|
@ -594,6 +640,21 @@ classes:
|
||||||
port: '443'
|
port: '443'
|
||||||
sunet::rsyslog: null
|
sunet::rsyslog: null
|
||||||
sunetops: null
|
sunetops: null
|
||||||
|
natpub-2.komreg.net:
|
||||||
|
autoupdate: null
|
||||||
|
common: null
|
||||||
|
entropyclient: null
|
||||||
|
infra_ca_rp: null
|
||||||
|
mailclient: *id002
|
||||||
|
md_publisher: {keyname: natpub-2.komreg.net_infra}
|
||||||
|
nrpe: null
|
||||||
|
sunet::frontend::register_sites:
|
||||||
|
sites:
|
||||||
|
md.swedenconnect.se:
|
||||||
|
frontends: [fe-fre-3.komreg.net, fe-tug-3.komreg.net]
|
||||||
|
port: '443'
|
||||||
|
sunet::rsyslog: null
|
||||||
|
sunetops: null
|
||||||
nic.komreg.net:
|
nic.komreg.net:
|
||||||
autoupdate: null
|
autoupdate: null
|
||||||
common: null
|
common: null
|
||||||
|
|
@ -733,59 +794,64 @@ members:
|
||||||
eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
|
eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
|
||||||
eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
|
eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
|
||||||
eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
|
eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
|
||||||
eumd-1.komreg.net, eupub-1.komreg.net, fe-fre-3.komreg.net, fe-tug-3.komreg.net,
|
eumd-1.komreg.net, eumd-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net,
|
||||||
jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmeidas-fre-3.komreg.net,
|
fe-fre-3.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net,
|
||||||
kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net,
|
jump-tug-3.komreg.net, kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net,
|
||||||
kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net,
|
kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net,
|
||||||
log-1.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net,
|
kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-2.sveidas.se,
|
||||||
monitor-fre-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natpub-1.komreg.net,
|
log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net,
|
||||||
|
natmd-1.komreg.net, natmd-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net,
|
||||||
nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se,
|
nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se,
|
||||||
prid-2.sveidas.se, r1.komreg.net, validator-1.qa.komreg.net, web-1.qa.sveidas.se]
|
prid-2.sveidas.se, r1.komreg.net, validator-1.qa.komreg.net, web-1.qa.sveidas.se]
|
||||||
autoupdate: [eidas-connector-1.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-3.sveidas.se,
|
autoupdate: [eidas-connector-1.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-3.sveidas.se,
|
||||||
eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
|
eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
|
||||||
eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
|
eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
|
||||||
eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
|
eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
|
||||||
eumd-1.komreg.net, eupub-1.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net,
|
eumd-1.komreg.net, eumd-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net,
|
||||||
jump-tug-3.komreg.net, log-1.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se,
|
jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, log-1.sveidas.se,
|
||||||
md-eu1.qa.komreg.net, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net,
|
log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md-eu1.qa.komreg.net,
|
||||||
natmd-1.komreg.net, natpub-1.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net,
|
md1.komreg.net, monitor-fre-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net,
|
||||||
|
natpub-1.komreg.net, natpub-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net,
|
||||||
prid-1.qa.sveidas.se, prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, validator-1.qa.komreg.net,
|
prid-1.qa.sveidas.se, prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, validator-1.qa.komreg.net,
|
||||||
web-1.qa.sveidas.se]
|
web-1.qa.sveidas.se]
|
||||||
common: [eidas-connector-1.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-3.sveidas.se,
|
common: [eidas-connector-1.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-3.sveidas.se,
|
||||||
eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
|
eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
|
||||||
eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
|
eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
|
||||||
eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
|
eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
|
||||||
eumd-1.komreg.net, eupub-1.komreg.net, fe-fre-3.komreg.net, fe-tug-3.komreg.net,
|
eumd-1.komreg.net, eumd-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net,
|
||||||
jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmeidas-fre-3.komreg.net,
|
fe-fre-3.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net,
|
||||||
kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net,
|
jump-tug-3.komreg.net, kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net,
|
||||||
kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net,
|
kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net,
|
||||||
log-1.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net,
|
kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-2.sveidas.se,
|
||||||
monitor-fre-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natpub-1.komreg.net,
|
log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net,
|
||||||
|
natmd-1.komreg.net, natmd-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net,
|
||||||
nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se,
|
nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se,
|
||||||
prid-2.sveidas.se, r1.komreg.net, validator-1.qa.komreg.net, web-1.qa.sveidas.se]
|
prid-2.sveidas.se, r1.komreg.net, validator-1.qa.komreg.net, web-1.qa.sveidas.se]
|
||||||
eid::dockerhost: [eidas-connector-1.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-3.sveidas.se,
|
eid::dockerhost: [eidas-connector-1.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-3.sveidas.se,
|
||||||
eidas-connector-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se,
|
eidas-connector-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se,
|
||||||
eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se,
|
eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se,
|
||||||
eidas-redis-fe-2.sveidas.se, eumd-1.komreg.net, fe-fre-3.komreg.net, fe-tug-3.komreg.net,
|
eidas-redis-fe-2.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, fe-fre-3.komreg.net,
|
||||||
natmd-1.komreg.net, prid-1.sveidas.se, prid-2.sveidas.se]
|
fe-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, prid-1.sveidas.se,
|
||||||
|
prid-2.sveidas.se]
|
||||||
eid::kvmhost: [kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net,
|
eid::kvmhost: [kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net,
|
||||||
kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net,
|
kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net,
|
||||||
kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net]
|
kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net]
|
||||||
eidas_connector: [eidas-connector-1.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-3.sveidas.se,
|
eidas_connector: [eidas-connector-1.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-3.sveidas.se,
|
||||||
eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se]
|
eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se]
|
||||||
eidas_hsm_client: [eumd-1.komreg.net, natmd-1.komreg.net]
|
eidas_hsm_client: [eumd-1.komreg.net, eumd-2.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net]
|
||||||
eidas_metadata_key: [md-eu1.qa.komreg.net, md1.komreg.net]
|
eidas_metadata_key: [md-eu1.qa.komreg.net, md1.komreg.net]
|
||||||
eidas_proxy: [eidas-proxy-1.qa.sveidas.se]
|
eidas_proxy: [eidas-proxy-1.qa.sveidas.se]
|
||||||
entropyclient: [eidas-connector-1.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-3.sveidas.se,
|
entropyclient: [eidas-connector-1.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-3.sveidas.se,
|
||||||
eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
|
eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
|
||||||
eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
|
eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
|
||||||
eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
|
eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
|
||||||
eumd-1.komreg.net, eupub-1.komreg.net, fe-fre-3.komreg.net, fe-tug-3.komreg.net,
|
eumd-1.komreg.net, eumd-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net,
|
||||||
jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmeidas-fre-3.komreg.net,
|
fe-fre-3.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net,
|
||||||
kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net,
|
jump-tug-3.komreg.net, kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net,
|
||||||
kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net,
|
kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net,
|
||||||
log-1.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net,
|
kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-2.sveidas.se,
|
||||||
monitor-fre-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natpub-1.komreg.net,
|
log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net,
|
||||||
|
natmd-1.komreg.net, natmd-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net,
|
||||||
nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se,
|
nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se,
|
||||||
prid-2.sveidas.se, r1.komreg.net, validator-1.qa.komreg.net, web-1.qa.sveidas.se]
|
prid-2.sveidas.se, r1.komreg.net, validator-1.qa.komreg.net, web-1.qa.sveidas.se]
|
||||||
github_client_credential: [web-1.qa.sveidas.se]
|
github_client_credential: [web-1.qa.sveidas.se]
|
||||||
|
|
@ -793,48 +859,56 @@ members:
|
||||||
eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
|
eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
|
||||||
eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
|
eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
|
||||||
eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
|
eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
|
||||||
eumd-1.komreg.net, eupub-1.komreg.net, fe-fre-3.komreg.net, fe-tug-3.komreg.net,
|
eumd-1.komreg.net, eumd-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net,
|
||||||
jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmeidas-fre-3.komreg.net,
|
fe-fre-3.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net,
|
||||||
kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net,
|
jump-tug-3.komreg.net, kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net,
|
||||||
kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net,
|
kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net,
|
||||||
log-1.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net,
|
kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-2.sveidas.se,
|
||||||
monitor-fre-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natpub-1.komreg.net,
|
log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net,
|
||||||
|
natmd-1.komreg.net, natmd-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net,
|
||||||
nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se,
|
nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se,
|
||||||
prid-2.sveidas.se, r1.komreg.net, validator-1.qa.komreg.net, web-1.qa.sveidas.se]
|
prid-2.sveidas.se, r1.komreg.net, validator-1.qa.komreg.net, web-1.qa.sveidas.se]
|
||||||
konsulter: [eidas-connector-1.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-3.sveidas.se,
|
konsulter: [eidas-connector-1.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-3.sveidas.se,
|
||||||
eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
|
eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
|
||||||
eumd-1.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net,
|
eumd-1.komreg.net, eumd-2.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net,
|
||||||
md-eu1.qa.komreg.net, md-eu1.qa.komreg.net, md1.komreg.net, natmd-1.komreg.net,
|
md-eu1.qa.komreg.net, md-eu1.qa.komreg.net, md1.komreg.net, natmd-1.komreg.net,
|
||||||
nic.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, prid-2.sveidas.se, validator-1.qa.komreg.net]
|
natmd-2.komreg.net, nic.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, prid-2.sveidas.se,
|
||||||
|
validator-1.qa.komreg.net]
|
||||||
mailclient: [eidas-connector-1.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-3.sveidas.se,
|
mailclient: [eidas-connector-1.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-3.sveidas.se,
|
||||||
eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
|
eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
|
||||||
eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
|
eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
|
||||||
eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
|
eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
|
||||||
eumd-1.komreg.net, eupub-1.komreg.net, fe-fre-3.komreg.net, fe-tug-3.komreg.net,
|
eumd-1.komreg.net, eumd-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net,
|
||||||
jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmeidas-fre-3.komreg.net,
|
fe-fre-3.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net,
|
||||||
kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net,
|
jump-tug-3.komreg.net, kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net,
|
||||||
kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net,
|
kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net,
|
||||||
log-1.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net,
|
kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-2.sveidas.se,
|
||||||
monitor-fre-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natpub-1.komreg.net,
|
log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net,
|
||||||
|
natmd-1.komreg.net, natmd-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net,
|
||||||
nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se,
|
nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se,
|
||||||
prid-2.sveidas.se, r1.komreg.net, validator-1.qa.komreg.net, web-1.qa.sveidas.se]
|
prid-2.sveidas.se, r1.komreg.net, validator-1.qa.komreg.net, web-1.qa.sveidas.se]
|
||||||
md_publisher: [eupub-1.komreg.net, natpub-1.komreg.net, p1.komreg.net, p2.qa.komreg.net]
|
md_publisher: [eupub-1.komreg.net, eupub-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net,
|
||||||
md_repo_client: [eumd-1.komreg.net, md-eu1.qa.komreg.net, natmd-1.komreg.net]
|
p1.komreg.net, p2.qa.komreg.net]
|
||||||
|
md_repo_client: [eumd-1.komreg.net, eumd-2.komreg.net, md-eu1.qa.komreg.net, natmd-1.komreg.net,
|
||||||
|
natmd-2.komreg.net]
|
||||||
md_repo_server: [r1.komreg.net]
|
md_repo_server: [r1.komreg.net]
|
||||||
md_signer: [eumd-1.komreg.net, md-eu1.qa.komreg.net, md1.komreg.net, natmd-1.komreg.net]
|
md_signer: [eumd-1.komreg.net, eumd-2.komreg.net, md-eu1.qa.komreg.net, md1.komreg.net,
|
||||||
metadatamgrs: [eumd-1.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net,
|
natmd-1.komreg.net, natmd-2.komreg.net]
|
||||||
md-eu1.qa.komreg.net, md-eu1.qa.komreg.net, md1.komreg.net, natmd-1.komreg.net]
|
metadatamgrs: [eumd-1.komreg.net, eumd-2.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net,
|
||||||
|
jump-tug-3.komreg.net, md-eu1.qa.komreg.net, md-eu1.qa.komreg.net, md1.komreg.net,
|
||||||
|
natmd-1.komreg.net, natmd-2.komreg.net]
|
||||||
nagios_monitor: [monitor-fre-3.komreg.net, nic.komreg.net]
|
nagios_monitor: [monitor-fre-3.komreg.net, nic.komreg.net]
|
||||||
nrpe: [eidas-connector-1.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-3.sveidas.se,
|
nrpe: [eidas-connector-1.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-3.sveidas.se,
|
||||||
eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
|
eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
|
||||||
eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
|
eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
|
||||||
eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
|
eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
|
||||||
eumd-1.komreg.net, eupub-1.komreg.net, fe-fre-3.komreg.net, fe-tug-3.komreg.net,
|
eumd-1.komreg.net, eumd-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net,
|
||||||
jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmeidas-fre-3.komreg.net,
|
fe-fre-3.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net,
|
||||||
kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net,
|
jump-tug-3.komreg.net, kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net,
|
||||||
kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net,
|
kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net,
|
||||||
log-1.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net,
|
kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-2.sveidas.se,
|
||||||
monitor-fre-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natpub-1.komreg.net,
|
log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net,
|
||||||
|
natmd-1.komreg.net, natmd-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net,
|
||||||
nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se,
|
nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se,
|
||||||
prid-2.sveidas.se, r1.komreg.net, validator-1.qa.komreg.net, web-1.qa.sveidas.se]
|
prid-2.sveidas.se, r1.komreg.net, validator-1.qa.komreg.net, web-1.qa.sveidas.se]
|
||||||
openstack_dockerhost: [eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
|
openstack_dockerhost: [eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
|
||||||
|
|
@ -852,21 +926,23 @@ members:
|
||||||
sunet::frontend::load_balancer: [fe-fre-3.komreg.net, fe-tug-3.komreg.net]
|
sunet::frontend::load_balancer: [fe-fre-3.komreg.net, fe-tug-3.komreg.net]
|
||||||
sunet::frontend::register_sites: [eidas-connector-1.sveidas.se, eidas-connector-2.sveidas.se,
|
sunet::frontend::register_sites: [eidas-connector-1.sveidas.se, eidas-connector-2.sveidas.se,
|
||||||
eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se,
|
eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se,
|
||||||
eidas-proxy-1.qa.sveidas.se, eupub-1.komreg.net, natpub-1.komreg.net, p1.komreg.net,
|
eidas-proxy-1.qa.sveidas.se, eupub-1.komreg.net, eupub-2.komreg.net, natpub-1.komreg.net,
|
||||||
p2.qa.komreg.net, validator-1.qa.komreg.net, web-1.qa.sveidas.se]
|
natpub-2.komreg.net, p1.komreg.net, p2.qa.komreg.net, validator-1.qa.komreg.net,
|
||||||
|
web-1.qa.sveidas.se]
|
||||||
sunet::rsyslog: [eidas-connector-1.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-3.sveidas.se,
|
sunet::rsyslog: [eidas-connector-1.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-3.sveidas.se,
|
||||||
eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
|
eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
|
||||||
eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
|
eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
|
||||||
eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
|
eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
|
||||||
eumd-1.komreg.net, eupub-1.komreg.net, fe-fre-3.komreg.net, fe-tug-3.komreg.net,
|
eumd-1.komreg.net, eumd-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net,
|
||||||
jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmeidas-fre-3.komreg.net,
|
fe-fre-3.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net,
|
||||||
kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net,
|
jump-tug-3.komreg.net, kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net,
|
||||||
kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net,
|
kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net,
|
||||||
log-1.sveidas.se, log-1.sveidas.se, log-2.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se,
|
kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.sveidas.se,
|
||||||
log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net,
|
log-2.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net,
|
||||||
natmd-1.komreg.net, natmd-2.komreg.net, natpub-1.komreg.net, nic.komreg.net, p1.komreg.net,
|
md1.komreg.net, monitor-fre-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net,
|
||||||
p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, prid-2.sveidas.se,
|
natpub-1.komreg.net, natpub-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net,
|
||||||
r1.komreg.net, validator-1.qa.komreg.net, web-1.qa.sveidas.se]
|
prid-1.qa.sveidas.se, prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, validator-1.qa.komreg.net,
|
||||||
|
web-1.qa.sveidas.se]
|
||||||
sunet_iaas_cloud: [eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, jmp.komreg.net,
|
sunet_iaas_cloud: [eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, jmp.komreg.net,
|
||||||
log.qa.sveidas.se, md-eu1.qa.komreg.net, md-eu1.qa.komreg.net, md1.komreg.net,
|
log.qa.sveidas.se, md-eu1.qa.komreg.net, md-eu1.qa.komreg.net, md1.komreg.net,
|
||||||
nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, r1.komreg.net,
|
nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, r1.komreg.net,
|
||||||
|
|
@ -875,12 +951,13 @@ members:
|
||||||
eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
|
eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
|
||||||
eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
|
eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
|
||||||
eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
|
eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
|
||||||
eumd-1.komreg.net, eupub-1.komreg.net, fe-fre-3.komreg.net, fe-tug-3.komreg.net,
|
eumd-1.komreg.net, eumd-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net,
|
||||||
jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmeidas-fre-3.komreg.net,
|
fe-fre-3.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net,
|
||||||
kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net,
|
jump-tug-3.komreg.net, kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net,
|
||||||
kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net,
|
kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net,
|
||||||
log-1.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net,
|
kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-2.sveidas.se,
|
||||||
monitor-fre-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natpub-1.komreg.net,
|
log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net,
|
||||||
|
natmd-1.komreg.net, natmd-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net,
|
||||||
nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se,
|
nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se,
|
||||||
prid-2.sveidas.se, r1.komreg.net, validator-1.qa.komreg.net, web-1.qa.sveidas.se]
|
prid-2.sveidas.se, r1.komreg.net, validator-1.qa.komreg.net, web-1.qa.sveidas.se]
|
||||||
validator: [validator-1.qa.komreg.net]
|
validator: [validator-1.qa.komreg.net]
|
||||||
|
|
|
||||||
|
|
@ -59,6 +59,33 @@ kvmmeta-tug-3.komreg.net:
|
||||||
description: 'eid tug swedish metadata signer'
|
description: 'eid tug swedish metadata signer'
|
||||||
cpus: '4'
|
cpus: '4'
|
||||||
memory: '8192'
|
memory: '8192'
|
||||||
|
eumd-2.komreg.net:
|
||||||
|
mac: '52:54:20:02:03:02'
|
||||||
|
ip: '94.176.224.70'
|
||||||
|
netmask: '255.255.255.240'
|
||||||
|
gateway: '94.176.224.65'
|
||||||
|
bridge: 'br-meta'
|
||||||
|
description: 'eid tug european metadata signer'
|
||||||
|
cpus: '4'
|
||||||
|
memory: '8192'
|
||||||
|
natpub-2.komreg.net:
|
||||||
|
mac: '52:54:20:02:03:03'
|
||||||
|
ip: '94.176.224.71'
|
||||||
|
netmask: '255.255.255.240'
|
||||||
|
gateway: '94.176.224.65'
|
||||||
|
bridge: 'br-meta'
|
||||||
|
description: 'eid tug swedish metadata publisher'
|
||||||
|
cpus: '4'
|
||||||
|
memory: '4096'
|
||||||
|
eupub-2.komreg.net:
|
||||||
|
mac: '52:54:20:02:03:04'
|
||||||
|
ip: '94.176.224.72'
|
||||||
|
netmask: '255.255.255.240'
|
||||||
|
gateway: '94.176.224.65'
|
||||||
|
bridge: 'br-meta'
|
||||||
|
description: 'eid tug european metadata publisher'
|
||||||
|
cpus: '4'
|
||||||
|
memory: '4096'
|
||||||
|
|
||||||
kvmeidas-tug-3.komreg.net:
|
kvmeidas-tug-3.komreg.net:
|
||||||
eid::kvmhost:
|
eid::kvmhost:
|
||||||
|
|
@ -196,7 +223,7 @@ kvmmeta-fre-3.komreg.net:
|
||||||
netmask: '255.255.255.240'
|
netmask: '255.255.255.240'
|
||||||
gateway: '94.176.224.193'
|
gateway: '94.176.224.193'
|
||||||
bridge: 'br-meta'
|
bridge: 'br-meta'
|
||||||
description: 'eid fre european metadata publisher'
|
description: 'eid fre european metadata publisher'
|
||||||
cpus: '4'
|
cpus: '4'
|
||||||
memory: '4096'
|
memory: '4096'
|
||||||
|
|
||||||
|
|
@ -278,6 +305,7 @@ natmd-1.komreg.net:
|
||||||
md_signer:
|
md_signer:
|
||||||
name: natmd-prod
|
name: natmd-prod
|
||||||
dest_host: natpub-1.komreg.net
|
dest_host: natpub-1.komreg.net
|
||||||
|
md_repo_client:
|
||||||
|
|
||||||
eumd-1.komreg.net:
|
eumd-1.komreg.net:
|
||||||
autoupdate:
|
autoupdate:
|
||||||
|
|
@ -289,6 +317,7 @@ eumd-1.komreg.net:
|
||||||
md_signer:
|
md_signer:
|
||||||
name: eidas-prod
|
name: eidas-prod
|
||||||
dest_host: eupub-1.komreg.net
|
dest_host: eupub-1.komreg.net
|
||||||
|
md_repo_client:
|
||||||
|
|
||||||
natpub-1.komreg.net:
|
natpub-1.komreg.net:
|
||||||
autoupdate:
|
autoupdate:
|
||||||
|
|
@ -314,6 +343,54 @@ eupub-1.komreg.net:
|
||||||
- 'fe-tug-3.komreg.net'
|
- 'fe-tug-3.komreg.net'
|
||||||
port: '443'
|
port: '443'
|
||||||
|
|
||||||
|
natmd-2.komreg.net:
|
||||||
|
autoupdate:
|
||||||
|
eid::dockerhost:
|
||||||
|
metadatamgrs:
|
||||||
|
konsulter:
|
||||||
|
eidas_hsm_client:
|
||||||
|
md_repo_client:
|
||||||
|
md_signer:
|
||||||
|
name: natmd-prod
|
||||||
|
dest_host: natpub-2.komreg.net
|
||||||
|
md_repo_client:
|
||||||
|
|
||||||
|
eumd-2.komreg.net:
|
||||||
|
autoupdate:
|
||||||
|
eid::dockerhost:
|
||||||
|
metadatamgrs:
|
||||||
|
konsulter:
|
||||||
|
eidas_hsm_client:
|
||||||
|
md_repo_client:
|
||||||
|
md_signer:
|
||||||
|
name: eidas-prod
|
||||||
|
dest_host: eupub-2.komreg.net
|
||||||
|
md_repo_client:
|
||||||
|
|
||||||
|
natpub-2.komreg.net:
|
||||||
|
autoupdate:
|
||||||
|
md_publisher:
|
||||||
|
keyname: natpub-2.komreg.net_infra
|
||||||
|
sunet::frontend::register_sites:
|
||||||
|
sites:
|
||||||
|
'md.swedenconnect.se':
|
||||||
|
frontends:
|
||||||
|
- 'fe-fre-3.komreg.net'
|
||||||
|
- 'fe-tug-3.komreg.net'
|
||||||
|
port: '443'
|
||||||
|
|
||||||
|
eupub-2.komreg.net:
|
||||||
|
autoupdate:
|
||||||
|
md_publisher:
|
||||||
|
keyname: eupub-2.komreg.net_infra
|
||||||
|
sunet::frontend::register_sites:
|
||||||
|
sites:
|
||||||
|
'md.eidas.swedenconnect.se':
|
||||||
|
frontends:
|
||||||
|
- 'fe-fre-3.komreg.net'
|
||||||
|
- 'fe-tug-3.komreg.net'
|
||||||
|
port: '443'
|
||||||
|
|
||||||
nic.komreg.net:
|
nic.komreg.net:
|
||||||
sunet_iaas_cloud:
|
sunet_iaas_cloud:
|
||||||
autoupdate:
|
autoupdate:
|
||||||
|
|
|
||||||
|
|
@ -120,6 +120,7 @@ class saml_metadata($filename=undef, $cert=undef, $url=undef) {
|
||||||
}
|
}
|
||||||
|
|
||||||
class md_repo_client {
|
class md_repo_client {
|
||||||
|
sunet::snippets::reinstall::keep {'/etc/metadata': } ->
|
||||||
sunet::ssh_git_repo {'/var/cache/metadata_r1':
|
sunet::ssh_git_repo {'/var/cache/metadata_r1':
|
||||||
username => 'root',
|
username => 'root',
|
||||||
group => 'root',
|
group => 'root',
|
||||||
|
|
@ -146,12 +147,13 @@ class eidas_metadata_key {
|
||||||
|
|
||||||
class eidas_hsm_client($luna_version="6.2") {
|
class eidas_hsm_client($luna_version="6.2") {
|
||||||
$pkcs11pin = hiera('pkcs11pin',"")
|
$pkcs11pin = hiera('pkcs11pin',"")
|
||||||
|
sunet::snippets::reinstall::keep {['/etc/luna','/etc/Chrystoki.conf.d']: } ->
|
||||||
file {['/etc/luna','/etc/luna/cert']: ensure => directory } ->
|
file {['/etc/luna','/etc/luna/cert']: ensure => directory } ->
|
||||||
sunet::docker_run {"${name}_hsmproxy":
|
sunet::docker_run {"${name}_hsmproxy":
|
||||||
hostname => "${::fqdn}",
|
hostname => "${::fqdn}",
|
||||||
image => 'docker.sunet.se/luna-client',
|
image => 'docker.sunet.se/luna-client',
|
||||||
imagetag => $luna_version,
|
imagetag => $luna_version,
|
||||||
volumes => ['/dev/log:/dev/log','/etc/luna/cert:/usr/safenet/lunaclient/cert'],
|
volumes => ['/dev/log:/dev/log','/etc/Chrystoki.conf.d:/etc/Chrystoki.conf.d','/etc/luna/cert:/usr/safenet/lunaclient/cert'],
|
||||||
env => ["PKCS11PIN=${pkcs11pin}"]
|
env => ["PKCS11PIN=${pkcs11pin}"]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,8 @@
|
||||||
|
VirtualToken = {
|
||||||
|
VirtualToken00Label = sc_ha;
|
||||||
|
VirtualToken00SN = 1462371088;
|
||||||
|
VirtualToken00Members = 462371088,462344047;
|
||||||
|
}
|
||||||
|
HASynchronize = {
|
||||||
|
sc_ha = 1;
|
||||||
|
}
|
||||||
|
|
@ -1,3 +0,0 @@
|
||||||
/etc/luna/cert
|
|
||||||
/etc/metadata
|
|
||||||
|
|
||||||
3
natpub-2.komreg.net/README
Normal file
3
natpub-2.komreg.net/README
Normal file
|
|
@ -0,0 +1,3 @@
|
||||||
|
|
||||||
|
The system documentation is in the docs directory of the multiverse repository.
|
||||||
|
|
||||||
3
natpub-2.komreg.net/overlay/etc/hiera/data/local.yaml
Normal file
3
natpub-2.komreg.net/overlay/etc/hiera/data/local.yaml
Normal file
|
|
@ -0,0 +1,3 @@
|
||||||
|
---
|
||||||
|
publisher_ssh_key: AAAAC3NzaC1lZDI1NTE5AAAAIH3sk7S/Wb3RIGETd6st93OFaLihyy8u/2ZJOIIhlKTQ
|
||||||
|
publisher_ssh_key_type: ssh-ed25519
|
||||||
Loading…
Add table
Reference in a new issue