From e18b96ead3dad946d6b901c0e30abc352d391ef4 Mon Sep 17 00:00:00 2001 From: Maria Haider Date: Wed, 13 Jul 2022 07:25:37 +0200 Subject: [PATCH 01/16] upgrading proxy in QA and TEST --- global/overlay/etc/puppet/cosmos-rules.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/global/overlay/etc/puppet/cosmos-rules.yaml b/global/overlay/etc/puppet/cosmos-rules.yaml index 68e79d5f..b798ddf0 100644 --- a/global/overlay/etc/puppet/cosmos-rules.yaml +++ b/global/overlay/etc/puppet/cosmos-rules.yaml @@ -1080,7 +1080,7 @@ log-1.sveidas.se: autoupdate: servicemonitor: eidas_proxy: - version: 1.4.6_hsm2 + version: 1.4.7_hsm2 hostname: qa.proxy.eidas.swedenconnect.se spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION sunet::frontend::register_sites: @@ -1100,7 +1100,7 @@ log-1.sveidas.se: autoupdate: servicemonitor: eidas_proxy: - version: 1.4.6_hsm2 + version: 1.4.7_hsm2 hostname: test.proxy.eidas.swedenconnect.se spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION sunet::frontend::register_sites: From 94b7e4f8413ee90e3586acc4685e49f3d18ac251 Mon Sep 17 00:00:00 2001 From: Maria Haider Date: Wed, 13 Jul 2022 08:01:04 +0200 Subject: [PATCH 02/16] update db --- global/overlay/etc/puppet/cosmos-db.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/global/overlay/etc/puppet/cosmos-db.yaml b/global/overlay/etc/puppet/cosmos-db.yaml index b51b60c0..68e637cf 100644 --- a/global/overlay/etc/puppet/cosmos-db.yaml +++ b/global/overlay/etc/puppet/cosmos-db.yaml @@ -186,7 +186,7 @@ classes: eid::dockerhost: {version: '5:20.10.5~3-0~ubuntu-bionic'} eid::telegraf: null eidas_proxy: {hostname: qa.proxy.eidas.swedenconnect.se, spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION, - version: 1.4.6_hsm2} + version: 1.4.7_hsm2} entropyclient: null infra_ca_rp: null konsulter: null @@ -228,7 +228,7 @@ classes: eid::dockerhost: &id013 {version: '5:20.10.6~3-0~ubuntu-focal'} eid::telegraf: null eidas_proxy: &id014 {hostname: test.proxy.eidas.swedenconnect.se, spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION, - version: 1.4.6_hsm2} + version: 1.4.7_hsm2} entropyclient: null infra_ca_rp: null konsulter: null From 65751fc9f8d85acc8739aedf63cd3cb81b82cb05 Mon Sep 17 00:00:00 2001 From: Maria Haider Date: Mon, 18 Jul 2022 15:20:12 +0200 Subject: [PATCH 03/16] added new checks --- .../etc/puppet/manifests/cosmos-site.pp | 62 ++++++++++++++++--- 1 file changed, 55 insertions(+), 7 deletions(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 1393bd6c..18381646 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -1223,7 +1223,7 @@ class nagios_monitor { nagioscfg::command {'check_ssl_cert_3_without_ocsp': command_line => "/usr/lib/nagios/plugins/check_ssl_cert -A -H '\$HOSTNAME\$' --ignore-ocsp -c '\$ARG2\$' -w '\$ARG1\$' -p '\$ARG3\$'" } - $public_hosts = ['demw.eidas.swedenconnect.se','api.swedenconnect.se','qa.test.swedenconnect.se','qa.md.swedenconnect.se','md.swedenconnect.se','md.eidas.swedenconnect.se','qa.md.eidas.swedenconnect.se','qa.connector.eidas.swedenconnect.se','qa.proxy.eidas.swedenconnect.se','connector.eidas.swedenconnect.se','test.connector.eidas.swedenconnect.se'] + $public_hosts = ['proxy.eidas.swedenconnect.se','validator.swedenconnect.se','qa.demw.eidas.swedenconnect.se','demw.eidas.swedenconnect.se','api.swedenconnect.se','qa.test.swedenconnect.se','test.swedenconnect.se','qa.md.swedenconnect.se','md.swedenconnect.se','md.eidas.swedenconnect.se','qa.md.eidas.swedenconnect.se','qa.connector.eidas.swedenconnect.se','qa.proxy.eidas.swedenconnect.se','connector.eidas.swedenconnect.se','test.connector.eidas.swedenconnect.se'] nagioscfg::host {$public_hosts: } nagioscfg::service {'check_public_ssl_cert': host_name => $public_hosts, @@ -1251,16 +1251,16 @@ class nagios_monitor { nagioscfg::command {'check_website': command_line => "/usr/lib/nagios/plugins/check_http -H '\$HOSTNAME\$' -S -u '\$ARG1\$'" } - nagioscfg::service {'check_metadata_eIDAS': + nagioscfg::service {'check_idp_metadata_eIDAS': host_name => ['md.eidas.swedenconnect.se'], - check_command => 'check_website!https://md.eidas.swedenconnect.se/', - description => 'check metadata for eIDAS', + check_command => 'check_website!https://md.eidas.swedenconnect.se/role/idp.xml', + description => 'check IdP metadata for eIDAS', contact_groups => ['alerts'], } - nagioscfg::service {'check_metadata_swedenconnect': + nagioscfg::service {'check_idp_metadata_swedenconnect': host_name => ['md.swedenconnect.se'], - check_command => 'check_website!https://md.swedenconnect.se/', - description => 'check metadata for Sweden Connect', + check_command => 'check_website!https://md.swedenconnect.se/role/idp.xml/', + description => 'check IdP metadata for Sweden Connect', contact_groups => ['alerts'], } nagioscfg::service {'check_connector': @@ -1275,6 +1275,54 @@ class nagios_monitor { description => 'check metadata for DE middleware', contact_groups => ['alerts'], } + nagioscfg::service {'check_metadata_proxy': + host_name => ['proxy.eidas.swedenconnect.se'], + check_command => 'check_website!https://proxy.eidas.swedenconnect.se/eidas-ps/ServiceMetadata', + description => 'check metadata for Proxy', + contact_groups => ['alerts'], + } + nagioscfg::service {'check_api': + host_name => ['api.swedenconnect.se'], + check_command => 'check_website!https://api.swedenconnect.se/testid/', + description => 'check api', + contact_groups => ['alerts'], + } + nagioscfg::service {'check_metadata_DE_middleware_QA': + host_name => ['qa.demw.eidas.swedenconnect.se'], + check_command => 'check_website!https://qa.demw.eidas.swedenconnect.se/eidas-middleware/Metadata', + description => 'check metadata for DE middleware QA', + contact_groups => ['alerts'], + } + nagioscfg::service {'check_ref_idp': + host_name => ['qa.test.swedenconnect.se'], + check_command => 'check_website!https://qa.test.swedenconnect.se/idp/metadata/idp.xml', + description => 'check Reference IdP', + contact_groups => ['alerts'], + } + nagioscfg::service {'check_mdservicelist_metadata_eIDAS_QA': + host_name => ['qa.md.eidas.swedenconnect.se'], + check_command => 'check_website!https://qa.md.eidas.swedenconnect.se/mdservicelist-aggregate.xml/', + description => 'check MDSservicelist metadata for eIDAS', + contact_groups => ['alerts'], + } + nagioscfg::service {'check_sp_metadata_swedenconnect_QA': + host_name => ['qa.md.swedenconnect.se'], + check_command => 'check_website!https://qa.md.swedenconnect.se/role/sp.xml/', + description => 'check SP metadata for Sweden Connect', + contact_groups => ['alerts'], + } + nagioscfg::service {'check_connector_QA': + host_name => ['qa.connector.eidas.swedenconnect.se'], + check_command => 'check_website!https://qa.connector.eidas.swedenconnect.se/idp/metadata/sp', + description => 'check metadata for Sweden Connect', + contact_groups => ['alerts'], + } + nagioscfg::service {'check_metadata_proxy_QA': + host_name => ['qa.proxy.eidas.swedenconnect.se'], + check_command => 'check_website!https://qa.proxy.eidas.swedenconnect.se/eidas-ps/ServiceMetadata', + description => 'check metadata for Proxy', + contact_groups => ['alerts'], + } nagioscfg::command {'check_country_count': command_line => "/usr/lib/nagios/plugins/check_eidas_country_count.sh '\$ARG1\$' '\$ARG2\$' '\$ARG3\$' '\$ARG4\$'" } From 63aa447c714302b98e815a080a2c49e6d85a0dd5 Mon Sep 17 00:00:00 2001 From: Maria Haider Date: Wed, 20 Jul 2022 12:01:35 +0200 Subject: [PATCH 04/16] upgraded eIDAS PROXY in production environment Ref: SC-1055 --- global/overlay/etc/puppet/cosmos-rules.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/overlay/etc/puppet/cosmos-rules.yaml b/global/overlay/etc/puppet/cosmos-rules.yaml index b798ddf0..ba19bb7f 100644 --- a/global/overlay/etc/puppet/cosmos-rules.yaml +++ b/global/overlay/etc/puppet/cosmos-rules.yaml @@ -987,7 +987,7 @@ validator-test-1.komreg.net: autoupdate: servicemonitor: eidas_proxy: - version: 1.4.6_hsm2 + version: 1.4.7_hsm2 hostname: proxy.eidas.swedenconnect.se spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION sunet::frontend::register_sites: From d6462d2302fc594c9a7627dabf2fc931f0e65e73 Mon Sep 17 00:00:00 2001 From: Maria Haider Date: Wed, 20 Jul 2022 12:01:41 +0200 Subject: [PATCH 05/16] update db --- global/overlay/etc/puppet/cosmos-db.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/overlay/etc/puppet/cosmos-db.yaml b/global/overlay/etc/puppet/cosmos-db.yaml index 68e637cf..de4e3f30 100644 --- a/global/overlay/etc/puppet/cosmos-db.yaml +++ b/global/overlay/etc/puppet/cosmos-db.yaml @@ -207,7 +207,7 @@ classes: common: null eid::dockerhost: &id010 {version: '5:20.10.8~3-0~ubuntu-bionic'} eidas_proxy: &id011 {hostname: proxy.eidas.swedenconnect.se, spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION, - version: 1.4.6_hsm2} + version: 1.4.7_hsm2} entropyclient: null infra_ca_rp: null konsulter: null From 870973d4f01e594c77f79a991b3ae515da713e03 Mon Sep 17 00:00:00 2001 From: Maria Haider Date: Tue, 26 Jul 2022 09:56:06 +0200 Subject: [PATCH 06/16] upgrade demw in QA Ref: SC-1074 --- global/overlay/etc/puppet/cosmos-rules.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/overlay/etc/puppet/cosmos-rules.yaml b/global/overlay/etc/puppet/cosmos-rules.yaml index ba19bb7f..7f07bed5 100644 --- a/global/overlay/etc/puppet/cosmos-rules.yaml +++ b/global/overlay/etc/puppet/cosmos-rules.yaml @@ -814,7 +814,7 @@ test-1.test.sveidas.se: konsulter: autoupdate: eidas_de_middleware: - version: 227-sc-p11-rce_hsm2 + version: 228-sc-p11_hsm2 hostname: qa.demw.eidas.swedenconnect.se saml_metadata: filename: /opt/eidas-middleware/configuration/serviceprovider-metadata/connector-metadata.xml From c0da2fef5b4c24167cf2896b4c43bcacc5effeb0 Mon Sep 17 00:00:00 2001 From: Maria Haider Date: Tue, 26 Jul 2022 09:56:11 +0200 Subject: [PATCH 07/16] update db --- global/overlay/etc/puppet/cosmos-db.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/overlay/etc/puppet/cosmos-db.yaml b/global/overlay/etc/puppet/cosmos-db.yaml index de4e3f30..8c4a1ec9 100644 --- a/global/overlay/etc/puppet/cosmos-db.yaml +++ b/global/overlay/etc/puppet/cosmos-db.yaml @@ -3,7 +3,7 @@ classes: autoupdate: null common: null eid::dockerhost: {version: '5:20.10.8~3-0~ubuntu-bionic'} - eidas_de_middleware: {hostname: qa.demw.eidas.swedenconnect.se, version: 227-sc-p11-rce_hsm2} + eidas_de_middleware: {hostname: qa.demw.eidas.swedenconnect.se, version: 228-sc-p11_hsm2} entropyclient: null infra_ca_rp: null konsulter: null From c93cf9d2d89fafe2f9e6fae7a2c2226c28cc0ffd Mon Sep 17 00:00:00 2001 From: Maria Haider Date: Fri, 29 Jul 2022 08:11:06 +0200 Subject: [PATCH 08/16] upgrade DEMW in production Ref: SC-1074 --- global/overlay/etc/puppet/cosmos-rules.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/overlay/etc/puppet/cosmos-rules.yaml b/global/overlay/etc/puppet/cosmos-rules.yaml index 7f07bed5..b6d88d76 100644 --- a/global/overlay/etc/puppet/cosmos-rules.yaml +++ b/global/overlay/etc/puppet/cosmos-rules.yaml @@ -834,7 +834,7 @@ demw-1.sveidas.se: konsulter: autoupdate: eidas_de_middleware_hsm: - version: 227-sc-p11-rce_hsm2 + version: 228-sc-p11_hsm2 hostname: demw.eidas.swedenconnect.se saml_metadata: filename: /opt/eidas-middleware/configuration/serviceprovider-metadata/connector-metadata.xml From 28ccacd09abbb94b9777960fd3e54950e38fbf38 Mon Sep 17 00:00:00 2001 From: Maria Haider Date: Fri, 29 Jul 2022 08:11:12 +0200 Subject: [PATCH 09/16] update db --- global/overlay/etc/puppet/cosmos-db.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/overlay/etc/puppet/cosmos-db.yaml b/global/overlay/etc/puppet/cosmos-db.yaml index 8c4a1ec9..aae4ee60 100644 --- a/global/overlay/etc/puppet/cosmos-db.yaml +++ b/global/overlay/etc/puppet/cosmos-db.yaml @@ -25,7 +25,7 @@ classes: autoupdate: null common: null eid::dockerhost: null - eidas_de_middleware_hsm: {hostname: demw.eidas.swedenconnect.se, version: 227-sc-p11-rce_hsm2} + eidas_de_middleware_hsm: {hostname: demw.eidas.swedenconnect.se, version: 228-sc-p11_hsm2} entropyclient: null infra_ca_rp: null konsulter: null From dbdde31018124725bb7eb7e96150776beec14551 Mon Sep 17 00:00:00 2001 From: Fredrik Kjellman Date: Wed, 10 Aug 2022 16:45:58 +0200 Subject: [PATCH 10/16] country-test-1.test.komreg.net added --- country-test-1.test.komreg.net/README | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 country-test-1.test.komreg.net/README diff --git a/country-test-1.test.komreg.net/README b/country-test-1.test.komreg.net/README new file mode 100644 index 00000000..a18dac1c --- /dev/null +++ b/country-test-1.test.komreg.net/README @@ -0,0 +1,3 @@ + +The system documentation is in the docs directory of the multiverse repository. + From 8c29c1b29cc6b2ff5df2c9fe11ebbc167e03546c Mon Sep 17 00:00:00 2001 From: Fredrik Kjellman Date: Wed, 10 Aug 2022 16:48:00 +0200 Subject: [PATCH 11/16] update db --- global/overlay/etc/puppet/cosmos-db.yaml | 368 ++++++++++++----------- 1 file changed, 189 insertions(+), 179 deletions(-) diff --git a/global/overlay/etc/puppet/cosmos-db.yaml b/global/overlay/etc/puppet/cosmos-db.yaml index aae4ee60..ddd130b8 100644 --- a/global/overlay/etc/puppet/cosmos-db.yaml +++ b/global/overlay/etc/puppet/cosmos-db.yaml @@ -1,4 +1,13 @@ classes: + country-test-1.test.komreg.net: + common: null + entropyclient: null + infra_ca_rp: null + mailclient: &id001 {domain: sunet.se} + nrpe: null + sunet::rsyslog: null + sunet::server: &id002 {sshd_config: true} + sunetops: null demw-1.qa.sveidas.se: autoupdate: null common: null @@ -7,7 +16,7 @@ classes: entropyclient: null infra_ca_rp: null konsulter: null - mailclient: &id001 {domain: sunet.se} + mailclient: *id001 nrpe: null saml_metadata: {filename: /opt/eidas-middleware/configuration/serviceprovider-metadata/connector-metadata.xml, url: 'https://qa.connector.eidas.swedenconnect.se/idp/metadata/sp'} @@ -17,7 +26,7 @@ classes: frontends: [se-fre-lb-1.sunet.se, se-tug-lb-1.sunet.se] port: '443' sunet::rsyslog: null - sunet::server: &id002 {sshd_config: true} + sunet::server: *id002 sunet_iaas_cloud: null sunetops: null webserver: {enabled: true} @@ -1563,19 +1572,19 @@ classes: sunet_iaas_cloud: null sunetops: null members: - all: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, - eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, - eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, - eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, - eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, - eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, - eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, - eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, - eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, - eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, - eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, - fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, - kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, + all: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, + eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, + eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, + eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, + eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, + eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, + eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, + eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, + eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, + eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, + eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, + fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, + jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, @@ -1605,27 +1614,27 @@ members: prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] - common: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, - eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, - eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, - eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, - eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, - eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, - eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, - eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, - eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, - eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, - eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, - fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, - kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, - kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, - kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, - log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, - md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, - natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net, - natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, natpub-test-2.komreg.net, - nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, - prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, + common: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se, + demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se, + eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se, + eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, + eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se, + eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se, + eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se, + eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se, + eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net, + eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net, + eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, + fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, + jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, + kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, + kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net, + kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se, + log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, + monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, + natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, + natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, + prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] eid::dockerhost: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, @@ -1663,53 +1672,53 @@ members: eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se] eidastest: [eidastest-1.qa.sveidas.se] - entropyclient: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, - eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, - eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, - eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, - eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, - eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, - eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, - eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, - eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, - eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, - eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, - fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, - kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, - kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, - kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, - log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, - md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, - natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net, - natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, natpub-test-2.komreg.net, - nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, - prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, + entropyclient: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se, + demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se, + eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se, + eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, + eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se, + eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se, + eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se, + eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se, + eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net, + eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net, + eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, + fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, + jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, + kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, + kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net, + kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se, + log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, + monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, + natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, + natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, + prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] fe_servers: [fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net] github_client_credential: [web-1.qa.sveidas.se] - infra_ca_rp: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, - eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, - eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, - eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, - eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, - eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, - eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, - eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, - eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, - eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, - eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, - fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, - kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, - kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, - kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, - log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, - md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, - natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net, - natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, natpub-test-2.komreg.net, - nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, - prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, + infra_ca_rp: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se, + demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se, + eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se, + eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, + eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se, + eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se, + eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se, + eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se, + eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net, + eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net, + eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, + fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, + jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, + kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, + kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net, + kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se, + log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, + monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, + natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, + natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, + prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] jumphosts: [jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net] @@ -1726,27 +1735,27 @@ members: prid-1.sveidas.se, prid-2.sveidas.se, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, validator-2.komreg.net, validator-test-1.komreg.net] - mailclient: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, - eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, - eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, - eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, - eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, - eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, - eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, - eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, - eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, - eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, - eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, - fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, - kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, - kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, - kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, - log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, - md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, - natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net, - natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, natpub-test-2.komreg.net, - nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, - prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, + mailclient: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se, + demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se, + eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se, + eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, + eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se, + eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se, + eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se, + eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se, + eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net, + eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net, + eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, + fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, + jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, + kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, + kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net, + kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se, + log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, + monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, + natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, + natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, + prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] md_publisher: [eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, @@ -1766,27 +1775,27 @@ members: md1.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net] nagios_monitor: [monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, nic.komreg.net] - nrpe: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, - eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, - eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, - eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, - eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, - eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, - eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, - eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, - eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, - eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, - eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, - fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, - kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, - kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, - kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, - log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, - md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, - natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net, - natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, natpub-test-2.komreg.net, - nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, - prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, + nrpe: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se, + demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se, + eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se, + eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, + eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se, + eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se, + eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se, + eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se, + eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net, + eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net, + eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, + fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, + jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, + kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, + kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net, + kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se, + log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, + monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, + natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, + natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, + prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] openstack_dockerhost: [web-1.qa.sveidas.se] @@ -1819,73 +1828,44 @@ members: web-1.qa.sveidas.se] sunet::fticks: [log.qa.sveidas.se] sunet::nagiosapi: [nic.komreg.net] - sunet::rsyslog: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, - eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, - eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, - eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, - eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, - eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, - eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, - eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, - eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, - eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, - eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, - fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, - kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, - kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, - kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, - log-1.sveidas.se, log-1.sveidas.se, log-1.test.sveidas.se, log-1.test.sveidas.se, - log-2.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, - md1.komreg.net, monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, natmd-1.komreg.net, - natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net, natpub-1.komreg.net, - natpub-2.komreg.net, natpub-test-1.komreg.net, natpub-test-2.komreg.net, nic.komreg.net, - p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, prid-2.sveidas.se, - r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, test-1.qa.sveidas.se, - test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, validator-2.komreg.net, - validator-test-1.komreg.net, web-1.qa.sveidas.se] - sunet::server: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, - eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, - eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, - eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, - eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, - eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, - eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, - eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, - eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, - eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, - eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, - fe-tug-3.komreg.net, jmp.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-fre-3.komreg.net, - jump-tug-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, + sunet::rsyslog: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se, + demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se, + eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se, + eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, + eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se, + eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se, + eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se, + eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se, + eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net, + eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net, + eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, + fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, + jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net, - kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se, - log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, + kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.sveidas.se, + log-1.test.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log-2.sveidas.se, + log.qa.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] - sunet_iaas_cloud: [demw-1.qa.sveidas.se, eidas-connector-1.test.sveidas.se, eidas-connector-2.test.sveidas.se, - eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.test.sveidas.se, - eidas-proxy-2.test.sveidas.se, eidastest-1.qa.sveidas.se, jmp.komreg.net, log-1.test.sveidas.se, - log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, nic.komreg.net, p1.komreg.net, - p2.qa.komreg.net, prid-1.qa.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, - refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.qa.komreg.net, - web-1.qa.sveidas.se] - sunetops: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, - eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, - eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, - eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, - eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, - eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, - eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, - eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, - eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, - eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, - eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, - fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, - kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, + sunet::server: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se, + demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se, + eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se, + eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, + eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se, + eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se, + eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se, + eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se, + eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net, + eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net, + eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, + fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, + jmp.komreg.net, jump-fre-3.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, + jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, @@ -1896,6 +1876,36 @@ members: prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] + sunet_iaas_cloud: [demw-1.qa.sveidas.se, eidas-connector-1.test.sveidas.se, eidas-connector-2.test.sveidas.se, + eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.test.sveidas.se, + eidas-proxy-2.test.sveidas.se, eidastest-1.qa.sveidas.se, jmp.komreg.net, log-1.test.sveidas.se, + log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, nic.komreg.net, p1.komreg.net, + p2.qa.komreg.net, prid-1.qa.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, + refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.qa.komreg.net, + web-1.qa.sveidas.se] + sunetops: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se, + demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se, + eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se, + eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, + eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se, + eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se, + eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se, + eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se, + eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net, + eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net, + eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, + fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, + jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, + kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, + kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net, + kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se, + log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, + monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, + natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, + natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, + prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, + test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, + validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] swedenconnect_refidp: [refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se] test_my_eid: [eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se] From 44f2f1b2cff46c697bc13ba75e3d20a0cda871d8 Mon Sep 17 00:00:00 2001 From: Fredrik Kjellman Date: Wed, 10 Aug 2022 16:49:55 +0200 Subject: [PATCH 12/16] update db --- global/overlay/etc/puppet/cosmos-db.yaml | 35 ++++++++++++------------ 1 file changed, 18 insertions(+), 17 deletions(-) diff --git a/global/overlay/etc/puppet/cosmos-db.yaml b/global/overlay/etc/puppet/cosmos-db.yaml index ddd130b8..43566d09 100644 --- a/global/overlay/etc/puppet/cosmos-db.yaml +++ b/global/overlay/etc/puppet/cosmos-db.yaml @@ -1,5 +1,6 @@ classes: country-test-1.test.komreg.net: + autoupdate: null common: null entropyclient: null infra_ca_rp: null @@ -1595,23 +1596,23 @@ members: prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] - autoupdate: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, - eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, - eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, - eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, - eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, - eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, - eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, - eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, - eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, - eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, - eupub-test-2.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, - log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, - md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, - natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net, - natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, natpub-test-2.komreg.net, - nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, - prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, + autoupdate: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se, + demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se, + eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se, + eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, + eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se, + eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se, + eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se, + eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se, + eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net, + eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net, + eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, jmp.komreg.net, + jump-fre-3.komreg.net, jump-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se, + log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, + monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, + natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, + natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, + prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] common: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se, From 0ec8571aacdf0289c534be9318276cdb2cf1257e Mon Sep 17 00:00:00 2001 From: Fredrik Kjellman Date: Wed, 10 Aug 2022 16:50:15 +0200 Subject: [PATCH 13/16] Add new server for managing test countries. --- global/overlay/etc/puppet/cosmos-rules.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/global/overlay/etc/puppet/cosmos-rules.yaml b/global/overlay/etc/puppet/cosmos-rules.yaml index b6d88d76..87ec7e57 100644 --- a/global/overlay/etc/puppet/cosmos-rules.yaml +++ b/global/overlay/etc/puppet/cosmos-rules.yaml @@ -484,6 +484,9 @@ monitor-tug-3.komreg.net: eid::dockerhost: nagios_monitor: +country-test-1.test.komreg.net: + autoupdate: + natmd-1.komreg.net: autoupdate: eid::dockerhost: From 998f7ac8c13606fc330c44f105806ed1559586ed Mon Sep 17 00:00:00 2001 From: Maria Haider Date: Fri, 12 Aug 2022 12:18:40 +0200 Subject: [PATCH 14/16] SSH rules for allowing MD signers server to r1.komreg.net --- global/overlay/etc/hiera/data/common.yaml | 12 ++++++++++++ global/overlay/etc/puppet/manifests/cosmos-site.pp | 5 +++++ 2 files changed, 17 insertions(+) diff --git a/global/overlay/etc/hiera/data/common.yaml b/global/overlay/etc/hiera/data/common.yaml index 59ffc044..d418d68d 100644 --- a/global/overlay/etc/hiera/data/common.yaml +++ b/global/overlay/etc/hiera/data/common.yaml @@ -34,6 +34,18 @@ mgmt_addresses: - 2001:6b0:64:5::242 # jump-fre-3.komreg.net - 89.45.233.82 # jmp.komreg.net +md_signers: + - 94.176.224.197 #natmd-1.komreg.net + - 94.176.224.69 #natmd-2.komreg.net + - 94.176.224.198 #eumd-1.komreg.net + - 94.176.224.70 #eumd-2.komreg.net + - 89.45.233.92 #md1.komreg.net (QA) + - 89.45.233.208 #md-eu1.qa.komreg.net + - 89.45.236.215 #natmd-test-1.komreg.net + - 89.45.237.80 #natmd-test-2.komreg.net + - 89.45.237.138 #eumd-test-1.komreg.net + - 89.45.236.73 #eumd-test-2.komreg.net + ssh_authorized_keys: 'mariah+CA747E57': diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 18381646..49e5d9d0 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -313,6 +313,11 @@ class md_repo_server($hostname) { } ensure_resource('class','webserver',{}) ensure_resource('class','https_server',{}) + $md_signers_ip = hiera_array('md_signers',[]) + sunet::misc::ufw_allow { 'allow_ssh_md_signers': + from => $md_signers_ip, + port => '22', + } } class eidas_de_middleware_hsm($version="110-fixes-sc-p11",$hostname='localhost') { From 8cdc8572cde5dbe160b55ab0568d9ef752f872e2 Mon Sep 17 00:00:00 2001 From: Maria Haider Date: Fri, 12 Aug 2022 12:44:29 +0200 Subject: [PATCH 15/16] fixed the parameter name --- r1.komreg.net/overlay/etc/hiera/data/local.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/r1.komreg.net/overlay/etc/hiera/data/local.yaml b/r1.komreg.net/overlay/etc/hiera/data/local.yaml index 897aa934..3456aed9 100644 --- a/r1.komreg.net/overlay/etc/hiera/data/local.yaml +++ b/r1.komreg.net/overlay/etc/hiera/data/local.yaml @@ -1,2 +1,2 @@ --- -gitolite-initial-public-admin-key:: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVvB4gdJ6EWRmx8xUSxrhoUNnWxEf8ZwAqhzC1+7XBY/hSd/cbEotLB9gxgqt0CLW56VU4FPLTw8snD8tgsyZN6KH1Da7UXno8oMk8tJdwLQM0Ggx3aWuztItkDfBc3Lfvq5T07YfphqJO7rcSGbS4QQdflXuOM9JLi6NStVao0ia4aE6Tj68pVVb3++XYvqvbU6NtEICvkTxEY93YpnRSfeAi64hsbaqSTN4kpeltzoSD1Rikz2aQFtFXE03ZC48HtGGhdMFA/Ade6KWBDaXxHGARVQ9/UccfhaR2XSjVxSZ8FBNOzNsH4k9cQIb2ndkEOXZXnjF5ZjdI4ZU0F+t7 leifj+00060AD478D6@sunet.se +gitolite_initial_public_admin_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVvB4gdJ6EWRmx8xUSxrhoUNnWxEf8ZwAqhzC1+7XBY/hSd/cbEotLB9gxgqt0CLW56VU4FPLTw8snD8tgsyZN6KH1Da7UXno8oMk8tJdwLQM0Ggx3aWuztItkDfBc3Lfvq5T07YfphqJO7rcSGbS4QQdflXuOM9JLi6NStVao0ia4aE6Tj68pVVb3++XYvqvbU6NtEICvkTxEY93YpnRSfeAi64hsbaqSTN4kpeltzoSD1Rikz2aQFtFXE03ZC48HtGGhdMFA/Ade6KWBDaXxHGARVQ9/UccfhaR2XSjVxSZ8FBNOzNsH4k9cQIb2ndkEOXZXnjF5ZjdI4ZU0F+t7 leifj+00060AD478D6@sunet.se From 817ec5aeb748ae1a95794abc7a2fb2a31121f8a3 Mon Sep 17 00:00:00 2001 From: Maria Haider Date: Fri, 12 Aug 2022 12:51:32 +0200 Subject: [PATCH 16/16] fixed again as the old one was also wrong --- r1.komreg.net/overlay/etc/hiera/data/local.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/r1.komreg.net/overlay/etc/hiera/data/local.yaml b/r1.komreg.net/overlay/etc/hiera/data/local.yaml index 3456aed9..be582e3d 100644 --- a/r1.komreg.net/overlay/etc/hiera/data/local.yaml +++ b/r1.komreg.net/overlay/etc/hiera/data/local.yaml @@ -1,2 +1,2 @@ --- -gitolite_initial_public_admin_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVvB4gdJ6EWRmx8xUSxrhoUNnWxEf8ZwAqhzC1+7XBY/hSd/cbEotLB9gxgqt0CLW56VU4FPLTw8snD8tgsyZN6KH1Da7UXno8oMk8tJdwLQM0Ggx3aWuztItkDfBc3Lfvq5T07YfphqJO7rcSGbS4QQdflXuOM9JLi6NStVao0ia4aE6Tj68pVVb3++XYvqvbU6NtEICvkTxEY93YpnRSfeAi64hsbaqSTN4kpeltzoSD1Rikz2aQFtFXE03ZC48HtGGhdMFA/Ade6KWBDaXxHGARVQ9/UccfhaR2XSjVxSZ8FBNOzNsH4k9cQIb2ndkEOXZXnjF5ZjdI4ZU0F+t7 leifj+00060AD478D6@sunet.se +gitolite-initial-public-admin-key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVvB4gdJ6EWRmx8xUSxrhoUNnWxEf8ZwAqhzC1+7XBY/hSd/cbEotLB9gxgqt0CLW56VU4FPLTw8snD8tgsyZN6KH1Da7UXno8oMk8tJdwLQM0Ggx3aWuztItkDfBc3Lfvq5T07YfphqJO7rcSGbS4QQdflXuOM9JLi6NStVao0ia4aE6Tj68pVVb3++XYvqvbU6NtEICvkTxEY93YpnRSfeAi64hsbaqSTN4kpeltzoSD1Rikz2aQFtFXE03ZC48HtGGhdMFA/Ade6KWBDaXxHGARVQ9/UccfhaR2XSjVxSZ8FBNOzNsH4k9cQIb2ndkEOXZXnjF5ZjdI4ZU0F+t7 leifj+00060AD478D6@sunet.se