diff --git a/country-test-1.test.komreg.net/README b/country-test-1.test.komreg.net/README new file mode 100644 index 00000000..a18dac1c --- /dev/null +++ b/country-test-1.test.komreg.net/README @@ -0,0 +1,3 @@ + +The system documentation is in the docs directory of the multiverse repository. + diff --git a/global/overlay/etc/hiera/data/common.yaml b/global/overlay/etc/hiera/data/common.yaml index 59ffc044..d418d68d 100644 --- a/global/overlay/etc/hiera/data/common.yaml +++ b/global/overlay/etc/hiera/data/common.yaml @@ -34,6 +34,18 @@ mgmt_addresses: - 2001:6b0:64:5::242 # jump-fre-3.komreg.net - 89.45.233.82 # jmp.komreg.net +md_signers: + - 94.176.224.197 #natmd-1.komreg.net + - 94.176.224.69 #natmd-2.komreg.net + - 94.176.224.198 #eumd-1.komreg.net + - 94.176.224.70 #eumd-2.komreg.net + - 89.45.233.92 #md1.komreg.net (QA) + - 89.45.233.208 #md-eu1.qa.komreg.net + - 89.45.236.215 #natmd-test-1.komreg.net + - 89.45.237.80 #natmd-test-2.komreg.net + - 89.45.237.138 #eumd-test-1.komreg.net + - 89.45.236.73 #eumd-test-2.komreg.net + ssh_authorized_keys: 'mariah+CA747E57': diff --git a/global/overlay/etc/puppet/cosmos-db.yaml b/global/overlay/etc/puppet/cosmos-db.yaml index b51b60c0..43566d09 100644 --- a/global/overlay/etc/puppet/cosmos-db.yaml +++ b/global/overlay/etc/puppet/cosmos-db.yaml @@ -1,13 +1,23 @@ classes: + country-test-1.test.komreg.net: + autoupdate: null + common: null + entropyclient: null + infra_ca_rp: null + mailclient: &id001 {domain: sunet.se} + nrpe: null + sunet::rsyslog: null + sunet::server: &id002 {sshd_config: true} + sunetops: null demw-1.qa.sveidas.se: autoupdate: null common: null eid::dockerhost: {version: '5:20.10.8~3-0~ubuntu-bionic'} - eidas_de_middleware: {hostname: qa.demw.eidas.swedenconnect.se, version: 227-sc-p11-rce_hsm2} + eidas_de_middleware: {hostname: qa.demw.eidas.swedenconnect.se, version: 228-sc-p11_hsm2} entropyclient: null infra_ca_rp: null konsulter: null - mailclient: &id001 {domain: sunet.se} + mailclient: *id001 nrpe: null saml_metadata: {filename: /opt/eidas-middleware/configuration/serviceprovider-metadata/connector-metadata.xml, url: 'https://qa.connector.eidas.swedenconnect.se/idp/metadata/sp'} @@ -17,7 +27,7 @@ classes: frontends: [se-fre-lb-1.sunet.se, se-tug-lb-1.sunet.se] port: '443' sunet::rsyslog: null - sunet::server: &id002 {sshd_config: true} + sunet::server: *id002 sunet_iaas_cloud: null sunetops: null webserver: {enabled: true} @@ -25,7 +35,7 @@ classes: autoupdate: null common: null eid::dockerhost: null - eidas_de_middleware_hsm: {hostname: demw.eidas.swedenconnect.se, version: 227-sc-p11-rce_hsm2} + eidas_de_middleware_hsm: {hostname: demw.eidas.swedenconnect.se, version: 228-sc-p11_hsm2} entropyclient: null infra_ca_rp: null konsulter: null @@ -186,7 +196,7 @@ classes: eid::dockerhost: {version: '5:20.10.5~3-0~ubuntu-bionic'} eid::telegraf: null eidas_proxy: {hostname: qa.proxy.eidas.swedenconnect.se, spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION, - version: 1.4.6_hsm2} + version: 1.4.7_hsm2} entropyclient: null infra_ca_rp: null konsulter: null @@ -207,7 +217,7 @@ classes: common: null eid::dockerhost: &id010 {version: '5:20.10.8~3-0~ubuntu-bionic'} eidas_proxy: &id011 {hostname: proxy.eidas.swedenconnect.se, spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION, - version: 1.4.6_hsm2} + version: 1.4.7_hsm2} entropyclient: null infra_ca_rp: null konsulter: null @@ -228,7 +238,7 @@ classes: eid::dockerhost: &id013 {version: '5:20.10.6~3-0~ubuntu-focal'} eid::telegraf: null eidas_proxy: &id014 {hostname: test.proxy.eidas.swedenconnect.se, spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION, - version: 1.4.6_hsm2} + version: 1.4.7_hsm2} entropyclient: null infra_ca_rp: null konsulter: null @@ -1563,19 +1573,19 @@ classes: sunet_iaas_cloud: null sunetops: null members: - all: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, - eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, - eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, - eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, - eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, - eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, - eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, - eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, - eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, - eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, - eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, - fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, - kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, + all: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, + eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, + eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, + eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, + eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, + eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, + eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, + eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, + eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, + eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, + eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, + fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, + jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, @@ -1586,46 +1596,46 @@ members: prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] - autoupdate: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, - eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, - eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, - eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, - eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, - eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, - eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, - eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, - eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, - eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, - eupub-test-2.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, - log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, - md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, - natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net, - natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, natpub-test-2.komreg.net, - nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, - prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, + autoupdate: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se, + demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se, + eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se, + eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, + eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se, + eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se, + eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se, + eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se, + eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net, + eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net, + eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, jmp.komreg.net, + jump-fre-3.komreg.net, jump-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se, + log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, + monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, + natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, + natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, + prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] - common: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, - eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, - eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, - eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, - eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, - eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, - eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, - eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, - eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, - eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, - eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, - fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, - kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, - kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, - kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, - log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, - md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, - natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net, - natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, natpub-test-2.komreg.net, - nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, - prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, + common: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se, + demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se, + eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se, + eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, + eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se, + eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se, + eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se, + eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se, + eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net, + eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net, + eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, + fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, + jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, + kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, + kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net, + kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se, + log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, + monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, + natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, + natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, + prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] eid::dockerhost: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, @@ -1663,53 +1673,53 @@ members: eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se] eidastest: [eidastest-1.qa.sveidas.se] - entropyclient: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, - eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, - eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, - eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, - eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, - eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, - eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, - eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, - eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, - eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, - eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, - fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, - kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, - kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, - kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, - log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, - md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, - natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net, - natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, natpub-test-2.komreg.net, - nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, - prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, + entropyclient: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se, + demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se, + eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se, + eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, + eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se, + eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se, + eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se, + eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se, + eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net, + eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net, + eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, + fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, + jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, + kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, + kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net, + kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se, + log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, + monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, + natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, + natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, + prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] fe_servers: [fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net] github_client_credential: [web-1.qa.sveidas.se] - infra_ca_rp: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, - eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, - eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, - eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, - eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, - eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, - eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, - eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, - eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, - eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, - eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, - fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, - kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, - kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, - kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, - log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, - md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, - natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net, - natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, natpub-test-2.komreg.net, - nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, - prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, + infra_ca_rp: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se, + demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se, + eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se, + eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, + eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se, + eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se, + eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se, + eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se, + eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net, + eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net, + eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, + fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, + jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, + kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, + kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net, + kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se, + log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, + monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, + natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, + natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, + prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] jumphosts: [jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net] @@ -1726,27 +1736,27 @@ members: prid-1.sveidas.se, prid-2.sveidas.se, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, validator-2.komreg.net, validator-test-1.komreg.net] - mailclient: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, - eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, - eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, - eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, - eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, - eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, - eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, - eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, - eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, - eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, - eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, - fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, - kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, - kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, - kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, - log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, - md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, - natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net, - natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, natpub-test-2.komreg.net, - nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, - prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, + mailclient: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se, + demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se, + eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se, + eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, + eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se, + eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se, + eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se, + eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se, + eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net, + eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net, + eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, + fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, + jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, + kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, + kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net, + kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se, + log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, + monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, + natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, + natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, + prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] md_publisher: [eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, @@ -1766,27 +1776,27 @@ members: md1.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net] nagios_monitor: [monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, nic.komreg.net] - nrpe: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, - eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, - eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, - eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, - eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, - eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, - eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, - eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, - eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, - eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, - eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, - fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, - kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, - kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, - kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, - log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, - md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, - natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net, - natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, natpub-test-2.komreg.net, - nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, - prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, + nrpe: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se, + demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se, + eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se, + eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, + eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se, + eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se, + eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se, + eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se, + eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net, + eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net, + eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, + fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, + jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, + kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, + kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net, + kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se, + log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, + monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, + natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, + natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, + prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] openstack_dockerhost: [web-1.qa.sveidas.se] @@ -1819,73 +1829,44 @@ members: web-1.qa.sveidas.se] sunet::fticks: [log.qa.sveidas.se] sunet::nagiosapi: [nic.komreg.net] - sunet::rsyslog: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, - eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, - eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, - eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, - eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, - eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, - eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, - eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, - eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, - eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, - eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, - fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, - kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, - kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, - kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, - log-1.sveidas.se, log-1.sveidas.se, log-1.test.sveidas.se, log-1.test.sveidas.se, - log-2.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, - md1.komreg.net, monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, natmd-1.komreg.net, - natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net, natpub-1.komreg.net, - natpub-2.komreg.net, natpub-test-1.komreg.net, natpub-test-2.komreg.net, nic.komreg.net, - p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, prid-2.sveidas.se, - r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, test-1.qa.sveidas.se, - test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, validator-2.komreg.net, - validator-test-1.komreg.net, web-1.qa.sveidas.se] - sunet::server: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, - eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, - eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, - eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, - eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, - eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, - eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, - eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, - eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, - eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, - eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, - fe-tug-3.komreg.net, jmp.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-fre-3.komreg.net, - jump-tug-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, + sunet::rsyslog: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se, + demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se, + eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se, + eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, + eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se, + eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se, + eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se, + eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se, + eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net, + eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net, + eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, + fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, + jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net, - kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se, - log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, + kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.sveidas.se, + log-1.test.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log-2.sveidas.se, + log.qa.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] - sunet_iaas_cloud: [demw-1.qa.sveidas.se, eidas-connector-1.test.sveidas.se, eidas-connector-2.test.sveidas.se, - eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.test.sveidas.se, - eidas-proxy-2.test.sveidas.se, eidastest-1.qa.sveidas.se, jmp.komreg.net, log-1.test.sveidas.se, - log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, nic.komreg.net, p1.komreg.net, - p2.qa.komreg.net, prid-1.qa.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, - refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.qa.komreg.net, - web-1.qa.sveidas.se] - sunetops: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, - eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, - eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, - eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, - eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, - eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, - eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, - eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, - eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, - eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, - eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, - fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, - kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, + sunet::server: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se, + demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se, + eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se, + eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, + eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se, + eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se, + eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se, + eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se, + eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net, + eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net, + eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, + fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, + jmp.komreg.net, jump-fre-3.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, + jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, @@ -1896,6 +1877,36 @@ members: prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] + sunet_iaas_cloud: [demw-1.qa.sveidas.se, eidas-connector-1.test.sveidas.se, eidas-connector-2.test.sveidas.se, + eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.test.sveidas.se, + eidas-proxy-2.test.sveidas.se, eidastest-1.qa.sveidas.se, jmp.komreg.net, log-1.test.sveidas.se, + log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, nic.komreg.net, p1.komreg.net, + p2.qa.komreg.net, prid-1.qa.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, + refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.qa.komreg.net, + web-1.qa.sveidas.se] + sunetops: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se, + demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se, + eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se, + eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, + eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se, + eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se, + eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se, + eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se, + eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net, + eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net, + eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, + fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, + jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, + kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, + kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net, + kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se, + log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, + monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, + natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, + natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, + prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, + test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, + validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] swedenconnect_refidp: [refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se] test_my_eid: [eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se] diff --git a/global/overlay/etc/puppet/cosmos-rules.yaml b/global/overlay/etc/puppet/cosmos-rules.yaml index 68e79d5f..87ec7e57 100644 --- a/global/overlay/etc/puppet/cosmos-rules.yaml +++ b/global/overlay/etc/puppet/cosmos-rules.yaml @@ -484,6 +484,9 @@ monitor-tug-3.komreg.net: eid::dockerhost: nagios_monitor: +country-test-1.test.komreg.net: + autoupdate: + natmd-1.komreg.net: autoupdate: eid::dockerhost: @@ -814,7 +817,7 @@ test-1.test.sveidas.se: konsulter: autoupdate: eidas_de_middleware: - version: 227-sc-p11-rce_hsm2 + version: 228-sc-p11_hsm2 hostname: qa.demw.eidas.swedenconnect.se saml_metadata: filename: /opt/eidas-middleware/configuration/serviceprovider-metadata/connector-metadata.xml @@ -834,7 +837,7 @@ demw-1.sveidas.se: konsulter: autoupdate: eidas_de_middleware_hsm: - version: 227-sc-p11-rce_hsm2 + version: 228-sc-p11_hsm2 hostname: demw.eidas.swedenconnect.se saml_metadata: filename: /opt/eidas-middleware/configuration/serviceprovider-metadata/connector-metadata.xml @@ -987,7 +990,7 @@ validator-test-1.komreg.net: autoupdate: servicemonitor: eidas_proxy: - version: 1.4.6_hsm2 + version: 1.4.7_hsm2 hostname: proxy.eidas.swedenconnect.se spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION sunet::frontend::register_sites: @@ -1080,7 +1083,7 @@ log-1.sveidas.se: autoupdate: servicemonitor: eidas_proxy: - version: 1.4.6_hsm2 + version: 1.4.7_hsm2 hostname: qa.proxy.eidas.swedenconnect.se spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION sunet::frontend::register_sites: @@ -1100,7 +1103,7 @@ log-1.sveidas.se: autoupdate: servicemonitor: eidas_proxy: - version: 1.4.6_hsm2 + version: 1.4.7_hsm2 hostname: test.proxy.eidas.swedenconnect.se spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION sunet::frontend::register_sites: diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 65a36326..d6fd8a55 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -313,6 +313,11 @@ class md_repo_server($hostname) { } ensure_resource('class','webserver',{}) ensure_resource('class','https_server',{}) + $md_signers_ip = hiera_array('md_signers',[]) + sunet::misc::ufw_allow { 'allow_ssh_md_signers': + from => $md_signers_ip, + port => '22', + } } class eidas_de_middleware_hsm($version="110-fixes-sc-p11",$hostname='localhost') { @@ -1230,7 +1235,7 @@ class nagios_monitor { nagioscfg::command {'check_ssl_cert_3_without_ocsp': command_line => "/usr/lib/nagios/plugins/check_ssl_cert -A -H '\$HOSTNAME\$' --ignore-ocsp -c '\$ARG2\$' -w '\$ARG1\$' -p '\$ARG3\$'" } - $public_hosts = ['demw.eidas.swedenconnect.se','api.swedenconnect.se','qa.test.swedenconnect.se','qa.md.swedenconnect.se','md.swedenconnect.se','md.eidas.swedenconnect.se','qa.md.eidas.swedenconnect.se','qa.connector.eidas.swedenconnect.se','qa.proxy.eidas.swedenconnect.se','connector.eidas.swedenconnect.se','test.connector.eidas.swedenconnect.se'] + $public_hosts = ['proxy.eidas.swedenconnect.se','validator.swedenconnect.se','qa.demw.eidas.swedenconnect.se','demw.eidas.swedenconnect.se','api.swedenconnect.se','qa.test.swedenconnect.se','test.swedenconnect.se','qa.md.swedenconnect.se','md.swedenconnect.se','md.eidas.swedenconnect.se','qa.md.eidas.swedenconnect.se','qa.connector.eidas.swedenconnect.se','qa.proxy.eidas.swedenconnect.se','connector.eidas.swedenconnect.se','test.connector.eidas.swedenconnect.se'] nagioscfg::host {$public_hosts: } nagioscfg::service {'check_public_ssl_cert': host_name => $public_hosts, @@ -1258,16 +1263,16 @@ class nagios_monitor { nagioscfg::command {'check_website': command_line => "/usr/lib/nagios/plugins/check_http -H '\$HOSTNAME\$' -S -u '\$ARG1\$'" } - nagioscfg::service {'check_metadata_eIDAS': + nagioscfg::service {'check_idp_metadata_eIDAS': host_name => ['md.eidas.swedenconnect.se'], - check_command => 'check_website!https://md.eidas.swedenconnect.se/', - description => 'check metadata for eIDAS', + check_command => 'check_website!https://md.eidas.swedenconnect.se/role/idp.xml', + description => 'check IdP metadata for eIDAS', contact_groups => ['alerts'], } - nagioscfg::service {'check_metadata_swedenconnect': + nagioscfg::service {'check_idp_metadata_swedenconnect': host_name => ['md.swedenconnect.se'], - check_command => 'check_website!https://md.swedenconnect.se/', - description => 'check metadata for Sweden Connect', + check_command => 'check_website!https://md.swedenconnect.se/role/idp.xml/', + description => 'check IdP metadata for Sweden Connect', contact_groups => ['alerts'], } nagioscfg::service {'check_connector': @@ -1282,6 +1287,54 @@ class nagios_monitor { description => 'check metadata for DE middleware', contact_groups => ['alerts'], } + nagioscfg::service {'check_metadata_proxy': + host_name => ['proxy.eidas.swedenconnect.se'], + check_command => 'check_website!https://proxy.eidas.swedenconnect.se/eidas-ps/ServiceMetadata', + description => 'check metadata for Proxy', + contact_groups => ['alerts'], + } + nagioscfg::service {'check_api': + host_name => ['api.swedenconnect.se'], + check_command => 'check_website!https://api.swedenconnect.se/testid/', + description => 'check api', + contact_groups => ['alerts'], + } + nagioscfg::service {'check_metadata_DE_middleware_QA': + host_name => ['qa.demw.eidas.swedenconnect.se'], + check_command => 'check_website!https://qa.demw.eidas.swedenconnect.se/eidas-middleware/Metadata', + description => 'check metadata for DE middleware QA', + contact_groups => ['alerts'], + } + nagioscfg::service {'check_ref_idp': + host_name => ['qa.test.swedenconnect.se'], + check_command => 'check_website!https://qa.test.swedenconnect.se/idp/metadata/idp.xml', + description => 'check Reference IdP', + contact_groups => ['alerts'], + } + nagioscfg::service {'check_mdservicelist_metadata_eIDAS_QA': + host_name => ['qa.md.eidas.swedenconnect.se'], + check_command => 'check_website!https://qa.md.eidas.swedenconnect.se/mdservicelist-aggregate.xml/', + description => 'check MDSservicelist metadata for eIDAS', + contact_groups => ['alerts'], + } + nagioscfg::service {'check_sp_metadata_swedenconnect_QA': + host_name => ['qa.md.swedenconnect.se'], + check_command => 'check_website!https://qa.md.swedenconnect.se/role/sp.xml/', + description => 'check SP metadata for Sweden Connect', + contact_groups => ['alerts'], + } + nagioscfg::service {'check_connector_QA': + host_name => ['qa.connector.eidas.swedenconnect.se'], + check_command => 'check_website!https://qa.connector.eidas.swedenconnect.se/idp/metadata/sp', + description => 'check metadata for Sweden Connect', + contact_groups => ['alerts'], + } + nagioscfg::service {'check_metadata_proxy_QA': + host_name => ['qa.proxy.eidas.swedenconnect.se'], + check_command => 'check_website!https://qa.proxy.eidas.swedenconnect.se/eidas-ps/ServiceMetadata', + description => 'check metadata for Proxy', + contact_groups => ['alerts'], + } nagioscfg::command {'check_country_count': command_line => "/usr/lib/nagios/plugins/check_eidas_country_count.sh '\$ARG1\$' '\$ARG2\$' '\$ARG3\$' '\$ARG4\$'" } diff --git a/r1.komreg.net/overlay/etc/hiera/data/local.yaml b/r1.komreg.net/overlay/etc/hiera/data/local.yaml index 897aa934..be582e3d 100644 --- a/r1.komreg.net/overlay/etc/hiera/data/local.yaml +++ b/r1.komreg.net/overlay/etc/hiera/data/local.yaml @@ -1,2 +1,2 @@ --- -gitolite-initial-public-admin-key:: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVvB4gdJ6EWRmx8xUSxrhoUNnWxEf8ZwAqhzC1+7XBY/hSd/cbEotLB9gxgqt0CLW56VU4FPLTw8snD8tgsyZN6KH1Da7UXno8oMk8tJdwLQM0Ggx3aWuztItkDfBc3Lfvq5T07YfphqJO7rcSGbS4QQdflXuOM9JLi6NStVao0ia4aE6Tj68pVVb3++XYvqvbU6NtEICvkTxEY93YpnRSfeAi64hsbaqSTN4kpeltzoSD1Rikz2aQFtFXE03ZC48HtGGhdMFA/Ade6KWBDaXxHGARVQ9/UccfhaR2XSjVxSZ8FBNOzNsH4k9cQIb2ndkEOXZXnjF5ZjdI4ZU0F+t7 leifj+00060AD478D6@sunet.se +gitolite-initial-public-admin-key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVvB4gdJ6EWRmx8xUSxrhoUNnWxEf8ZwAqhzC1+7XBY/hSd/cbEotLB9gxgqt0CLW56VU4FPLTw8snD8tgsyZN6KH1Da7UXno8oMk8tJdwLQM0Ggx3aWuztItkDfBc3Lfvq5T07YfphqJO7rcSGbS4QQdflXuOM9JLi6NStVao0ia4aE6Tj68pVVb3++XYvqvbU6NtEICvkTxEY93YpnRSfeAi64hsbaqSTN4kpeltzoSD1Rikz2aQFtFXE03ZC48HtGGhdMFA/Ade6KWBDaXxHGARVQ9/UccfhaR2XSjVxSZ8FBNOzNsH4k9cQIb2ndkEOXZXnjF5ZjdI4ZU0F+t7 leifj+00060AD478D6@sunet.se