swedenconnect/eid-ops
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'master' of gitops.sunet.se:eid-ops

Browse source
This commit is contained in:
Björn Mattsson 2022-08-19 14:30:27 +02:00
commit fcea84b38c
6 changed files with 296 additions and 214 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
country-test-1.test.komreg.net/README Normal file
View file

@ -0,0 +1,3 @@
The system documentation is in the docs directory of the multiverse repository.

12
global/overlay/etc/hiera/data/common.yaml
View file

@ -34,6 +34,18 @@ mgmt_addresses:
- 2001:6b0:64:5::242 # jump-fre-3.komreg.net - 2001:6b0:64:5::242 # jump-fre-3.komreg.net
- 89.45.233.82 # jmp.komreg.net - 89.45.233.82 # jmp.komreg.net
md_signers:
- 94.176.224.197 #natmd-1.komreg.net
- 94.176.224.69 #natmd-2.komreg.net
- 94.176.224.198 #eumd-1.komreg.net
- 94.176.224.70 #eumd-2.komreg.net
- 89.45.233.92 #md1.komreg.net (QA)
- 89.45.233.208 #md-eu1.qa.komreg.net
- 89.45.236.215 #natmd-test-1.komreg.net
- 89.45.237.80 #natmd-test-2.komreg.net
- 89.45.237.138 #eumd-test-1.komreg.net
- 89.45.236.73 #eumd-test-2.komreg.net
ssh_authorized_keys: ssh_authorized_keys:
'mariah+CA747E57': 'mariah+CA747E57':

413
global/overlay/etc/puppet/cosmos-db.yaml
View file

@ -1,13 +1,23 @@
classes: classes:
country-test-1.test.komreg.net:
autoupdate: null
common: null
entropyclient: null
infra_ca_rp: null
mailclient: &id001 {domain: sunet.se}
nrpe: null
sunet::rsyslog: null
sunet::server: &id002 {sshd_config: true}
sunetops: null
demw-1.qa.sveidas.se: demw-1.qa.sveidas.se:
autoupdate: null autoupdate: null
common: null common: null
eid::dockerhost: {version: '5:20.10.8~3-0~ubuntu-bionic'} eid::dockerhost: {version: '5:20.10.8~3-0~ubuntu-bionic'}
eidas_de_middleware: {hostname: qa.demw.eidas.swedenconnect.se, version: 227-sc-p11-rce_hsm2} eidas_de_middleware: {hostname: qa.demw.eidas.swedenconnect.se, version: 228-sc-p11_hsm2}
entropyclient: null entropyclient: null
infra_ca_rp: null infra_ca_rp: null
konsulter: null konsulter: null
mailclient: &id001 {domain: sunet.se} mailclient: *id001
nrpe: null nrpe: null
saml_metadata: {filename: /opt/eidas-middleware/configuration/serviceprovider-metadata/connector-metadata.xml, saml_metadata: {filename: /opt/eidas-middleware/configuration/serviceprovider-metadata/connector-metadata.xml,
url: 'https://qa.connector.eidas.swedenconnect.se/idp/metadata/sp'} url: 'https://qa.connector.eidas.swedenconnect.se/idp/metadata/sp'}
@ -17,7 +27,7 @@ classes:
frontends: [se-fre-lb-1.sunet.se, se-tug-lb-1.sunet.se] frontends: [se-fre-lb-1.sunet.se, se-tug-lb-1.sunet.se]
port: '443' port: '443'
sunet::rsyslog: null sunet::rsyslog: null
sunet::server: &id002 {sshd_config: true} sunet::server: *id002
sunet_iaas_cloud: null sunet_iaas_cloud: null
sunetops: null sunetops: null
webserver: {enabled: true} webserver: {enabled: true}
@ -25,7 +35,7 @@ classes:
autoupdate: null autoupdate: null
common: null common: null
eid::dockerhost: null eid::dockerhost: null
eidas_de_middleware_hsm: {hostname: demw.eidas.swedenconnect.se, version: 227-sc-p11-rce_hsm2} eidas_de_middleware_hsm: {hostname: demw.eidas.swedenconnect.se, version: 228-sc-p11_hsm2}
entropyclient: null entropyclient: null
infra_ca_rp: null infra_ca_rp: null
konsulter: null konsulter: null
@ -186,7 +196,7 @@ classes:
eid::dockerhost: {version: '5:20.10.5~3-0~ubuntu-bionic'} eid::dockerhost: {version: '5:20.10.5~3-0~ubuntu-bionic'}
eid::telegraf: null eid::telegraf: null
eidas_proxy: {hostname: qa.proxy.eidas.swedenconnect.se, spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION, eidas_proxy: {hostname: qa.proxy.eidas.swedenconnect.se, spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION,
version: 1.4.6_hsm2} version: 1.4.7_hsm2}
entropyclient: null entropyclient: null
infra_ca_rp: null infra_ca_rp: null
konsulter: null konsulter: null
@ -207,7 +217,7 @@ classes:
common: null common: null
eid::dockerhost: &id010 {version: '5:20.10.8~3-0~ubuntu-bionic'} eid::dockerhost: &id010 {version: '5:20.10.8~3-0~ubuntu-bionic'}
eidas_proxy: &id011 {hostname: proxy.eidas.swedenconnect.se, spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION, eidas_proxy: &id011 {hostname: proxy.eidas.swedenconnect.se, spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION,
version: 1.4.6_hsm2} version: 1.4.7_hsm2}
entropyclient: null entropyclient: null
infra_ca_rp: null infra_ca_rp: null
konsulter: null konsulter: null
@ -228,7 +238,7 @@ classes:
eid::dockerhost: &id013 {version: '5:20.10.6~3-0~ubuntu-focal'} eid::dockerhost: &id013 {version: '5:20.10.6~3-0~ubuntu-focal'}
eid::telegraf: null eid::telegraf: null
eidas_proxy: &id014 {hostname: test.proxy.eidas.swedenconnect.se, spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION, eidas_proxy: &id014 {hostname: test.proxy.eidas.swedenconnect.se, spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION,
version: 1.4.6_hsm2} version: 1.4.7_hsm2}
entropyclient: null entropyclient: null
infra_ca_rp: null infra_ca_rp: null
konsulter: null konsulter: null
@ -1563,19 +1573,19 @@ classes:
sunet_iaas_cloud: null sunet_iaas_cloud: null
sunetops: null sunetops: null
members: members:
all: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, all: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se,
eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se,
eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se,
eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se,
eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se,
eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se,
eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se,
eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se,
eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net,
eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net,
eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net,
fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net,
kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net,
kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net,
kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net,
log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se,
@ -1586,46 +1596,46 @@ members:
prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se,
test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net,
validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se]
autoupdate: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, autoupdate: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se,
eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se,
eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se,
eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se,
eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se,
eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net,
eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net,
eupub-test-2.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, jmp.komreg.net,
log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, jump-fre-3.komreg.net, jump-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se,
md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net,
natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net, monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net,
natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, natpub-test-2.komreg.net, natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net,
nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se,
prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se,
test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net,
validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se]
common: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, common: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se,
eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se,
eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se,
eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se,
eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se,
eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net,
eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net,
eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net,
fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net,
kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net,
kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net,
kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net,
log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se,
md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net,
natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net, monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net,
natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, natpub-test-2.komreg.net, natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net,
nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se,
prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se,
test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net,
validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se]
eid::dockerhost: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, eid::dockerhost: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se,
@ -1663,53 +1673,53 @@ members:
eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se,
eidas-proxy-4.sveidas.se] eidas-proxy-4.sveidas.se]
eidastest: [eidastest-1.qa.sveidas.se] eidastest: [eidastest-1.qa.sveidas.se]
entropyclient: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, entropyclient: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se,
eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se,
eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se,
eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se,
eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se,
eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net,
eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net,
eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net,
fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net,
kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net,
kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net,
kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net,
log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se,
md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net,
natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net, monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net,
natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, natpub-test-2.komreg.net, natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net,
nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se,
prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se,
test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net,
validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se]
fe_servers: [fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe_servers: [fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net,
fe-tug-3.komreg.net] fe-tug-3.komreg.net]
github_client_credential: [web-1.qa.sveidas.se] github_client_credential: [web-1.qa.sveidas.se]
infra_ca_rp: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, infra_ca_rp: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se,
eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se,
eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se,
eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se,
eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se,
eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net,
eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net,
eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net,
fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net,
kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net,
kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net,
kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net,
log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se,
md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net,
natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net, monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net,
natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, natpub-test-2.komreg.net, natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net,
nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se,
prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se,
test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net,
validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se]
jumphosts: [jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net] jumphosts: [jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net]
@ -1726,27 +1736,27 @@ members:
prid-1.sveidas.se, prid-2.sveidas.se, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, prid-1.sveidas.se, prid-2.sveidas.se, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se,
test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net,
validator-2.komreg.net, validator-test-1.komreg.net] validator-2.komreg.net, validator-test-1.komreg.net]
mailclient: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, mailclient: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se,
eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se,
eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se,
eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se,
eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se,
eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net,
eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net,
eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net,
fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net,
kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net,
kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net,
kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net,
log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se,
md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net,
natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net, monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net,
natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, natpub-test-2.komreg.net, natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net,
nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se,
prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se,
test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net,
validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se]
md_publisher: [eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, md_publisher: [eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net,
@ -1766,27 +1776,27 @@ members:
md1.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, md1.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net,
natmd-test-2.komreg.net] natmd-test-2.komreg.net]
nagios_monitor: [monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, nic.komreg.net] nagios_monitor: [monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, nic.komreg.net]
nrpe: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, nrpe: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se,
eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se,
eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se,
eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se,
eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se,
eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net,
eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net,
eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net,
fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net,
kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net,
kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net,
kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net,
log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se,
md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net,
natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net, monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net,
natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, natpub-test-2.komreg.net, natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net,
nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se,
prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se,
test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net,
validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se]
openstack_dockerhost: [web-1.qa.sveidas.se] openstack_dockerhost: [web-1.qa.sveidas.se]
@ -1819,73 +1829,44 @@ members:
web-1.qa.sveidas.se] web-1.qa.sveidas.se]
sunet::fticks: [log.qa.sveidas.se] sunet::fticks: [log.qa.sveidas.se]
sunet::nagiosapi: [nic.komreg.net] sunet::nagiosapi: [nic.komreg.net]
sunet::rsyslog: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, sunet::rsyslog: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se,
eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se,
eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se,
eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se,
eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se,
eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net,
eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net,
eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net,
fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net,
kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net,
kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net,
kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net,
log-1.sveidas.se, log-1.sveidas.se, log-1.test.sveidas.se, log-1.test.sveidas.se,
log-2.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net,
md1.komreg.net, monitor-fre-3.komreg.net, monitor-tug-3.komreg.net, natmd-1.komreg.net,
natmd-2.komreg.net, natmd-test-1.komreg.net, natmd-test-2.komreg.net, natpub-1.komreg.net,
natpub-2.komreg.net, natpub-test-1.komreg.net, natpub-test-2.komreg.net, nic.komreg.net,
p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, prid-1.sveidas.se, prid-2.sveidas.se,
r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, test-1.qa.sveidas.se,
test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, validator-2.komreg.net,
validator-test-1.komreg.net, web-1.qa.sveidas.se]
sunet::server: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se,
eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se,
eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se,
eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se,
eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se,
eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se,
eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se,
eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se,
eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net,
eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net,
eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net,
fe-tug-3.komreg.net, jmp.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-fre-3.komreg.net,
jump-tug-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net,
kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net,
kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net,
kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.sveidas.se,
log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net, log-1.test.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log-2.sveidas.se,
log.qa.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net,
monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net, monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net,
natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net, natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net,
natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se,
prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se,
test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net,
validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se]
sunet_iaas_cloud: [demw-1.qa.sveidas.se, eidas-connector-1.test.sveidas.se, eidas-connector-2.test.sveidas.se, sunet::server: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se,
eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.test.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se,
eidas-proxy-2.test.sveidas.se, eidastest-1.qa.sveidas.se, jmp.komreg.net, log-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se,
log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, nic.komreg.net, p1.komreg.net, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
p2.qa.komreg.net, prid-1.qa.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se,
refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.qa.komreg.net, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se,
web-1.qa.sveidas.se] eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
sunetops: [demw-1.qa.sveidas.se, demw-1.sveidas.se, demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
eidas-connector-1.test.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net,
eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net,
eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net,
eidas-proxy-2.sveidas.se, eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net,
eidas-proxy-4.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, jmp.komreg.net, jump-fre-3.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net,
eidas-redis-3.sveidas.se, eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net,
eidas-redis-fe-2.sveidas.se, eidas-test-1.sveidas.se, eidas-test-2.sveidas.se,
eidastest-1.qa.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, eumd-test-1.komreg.net,
eumd-test-2.komreg.net, eupub-1.komreg.net, eupub-2.komreg.net, eupub-test-1.komreg.net,
eupub-test-2.komreg.net, fe-fre-1.test.komreg.net, fe-fre-3.komreg.net, fe-tug-1.test.komreg.net,
fe-tug-3.komreg.net, jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net,
kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net, kvmeidas-fre-3.komreg.net,
kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net,
kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net,
log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, log-1.sveidas.se, log-1.test.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se,
@ -1896,6 +1877,36 @@ members:
prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se,
test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net,
validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se] validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se]
sunet_iaas_cloud: [demw-1.qa.sveidas.se, eidas-connector-1.test.sveidas.se, eidas-connector-2.test.sveidas.se,
eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, eidas-proxy-1.test.sveidas.se,
eidas-proxy-2.test.sveidas.se, eidastest-1.qa.sveidas.se, jmp.komreg.net, log-1.test.sveidas.se,
log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, nic.komreg.net, p1.komreg.net,
p2.qa.komreg.net, prid-1.qa.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se,
refidp-1.test.sveidas.se, test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.qa.komreg.net,
web-1.qa.sveidas.se]
sunetops: [country-test-1.test.komreg.net, demw-1.qa.sveidas.se, demw-1.sveidas.se,
demw-2.sveidas.se, eidas-connector-1.sveidas.se, eidas-connector-1.test.sveidas.se,
eidas-connector-2.sveidas.se, eidas-connector-2.test.sveidas.se, eidas-connector-3.sveidas.se,
eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se,
eidas-proxy-1.sveidas.se, eidas-proxy-1.test.sveidas.se, eidas-proxy-2.sveidas.se,
eidas-proxy-2.test.sveidas.se, eidas-proxy-3.sveidas.se, eidas-proxy-4.sveidas.se,
eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,
eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se,
eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eidastest-1.qa.sveidas.se, eumd-1.komreg.net,
eumd-2.komreg.net, eumd-test-1.komreg.net, eumd-test-2.komreg.net, eupub-1.komreg.net,
eupub-2.komreg.net, eupub-test-1.komreg.net, eupub-test-2.komreg.net, fe-fre-1.test.komreg.net,
fe-fre-3.komreg.net, fe-tug-1.test.komreg.net, fe-tug-3.komreg.net, jmp.komreg.net,
jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmdemw-fre-3a.komreg.net, kvmdemw-fre-3b.komreg.net,
kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net,
kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net,
kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, log-1.sveidas.se, log-1.test.sveidas.se,
log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, monitor-fre-3.komreg.net,
monitor-tug-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natmd-test-1.komreg.net,
natmd-test-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, natpub-test-1.komreg.net,
natpub-test-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se,
prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se,
test-1.qa.sveidas.se, test-1.test.sveidas.se, validator-1.komreg.net, validator-1.qa.komreg.net,
validator-2.komreg.net, validator-test-1.komreg.net, web-1.qa.sveidas.se]
swedenconnect_refidp: [refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se] swedenconnect_refidp: [refidp-1.qa.sveidas.se, refidp-1.test.sveidas.se]
test_my_eid: [eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, test-1.qa.sveidas.se, test_my_eid: [eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, test-1.qa.sveidas.se,
test-1.test.sveidas.se] test-1.test.sveidas.se]

13
global/overlay/etc/puppet/cosmos-rules.yaml
View file

@ -484,6 +484,9 @@ monitor-tug-3.komreg.net:
eid::dockerhost: eid::dockerhost:
nagios_monitor: nagios_monitor:
country-test-1.test.komreg.net:
autoupdate:
natmd-1.komreg.net: natmd-1.komreg.net:
autoupdate: autoupdate:
eid::dockerhost: eid::dockerhost:
@ -814,7 +817,7 @@ test-1.test.sveidas.se:
konsulter: konsulter:
autoupdate: autoupdate:
eidas_de_middleware: eidas_de_middleware:
version: 227-sc-p11-rce_hsm2 version: 228-sc-p11_hsm2
hostname: qa.demw.eidas.swedenconnect.se hostname: qa.demw.eidas.swedenconnect.se
saml_metadata: saml_metadata:
filename: /opt/eidas-middleware/configuration/serviceprovider-metadata/connector-metadata.xml filename: /opt/eidas-middleware/configuration/serviceprovider-metadata/connector-metadata.xml
@ -834,7 +837,7 @@ demw-1.sveidas.se:
konsulter: konsulter:
autoupdate: autoupdate:
eidas_de_middleware_hsm: eidas_de_middleware_hsm:
version: 227-sc-p11-rce_hsm2 version: 228-sc-p11_hsm2
hostname: demw.eidas.swedenconnect.se hostname: demw.eidas.swedenconnect.se
saml_metadata: saml_metadata:
filename: /opt/eidas-middleware/configuration/serviceprovider-metadata/connector-metadata.xml filename: /opt/eidas-middleware/configuration/serviceprovider-metadata/connector-metadata.xml
@ -987,7 +990,7 @@ validator-test-1.komreg.net:
autoupdate: autoupdate:
servicemonitor: servicemonitor:
eidas_proxy: eidas_proxy:
version: 1.4.6_hsm2 version: 1.4.7_hsm2
hostname: proxy.eidas.swedenconnect.se hostname: proxy.eidas.swedenconnect.se
spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION
sunet::frontend::register_sites: sunet::frontend::register_sites:
@ -1080,7 +1083,7 @@ log-1.sveidas.se:
autoupdate: autoupdate:
servicemonitor: servicemonitor:
eidas_proxy: eidas_proxy:
version: 1.4.6_hsm2 version: 1.4.7_hsm2
hostname: qa.proxy.eidas.swedenconnect.se hostname: qa.proxy.eidas.swedenconnect.se
spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION
sunet::frontend::register_sites: sunet::frontend::register_sites:
@ -1100,7 +1103,7 @@ log-1.sveidas.se:
autoupdate: autoupdate:
servicemonitor: servicemonitor:
eidas_proxy: eidas_proxy:
version: 1.4.6_hsm2 version: 1.4.7_hsm2
hostname: test.proxy.eidas.swedenconnect.se hostname: test.proxy.eidas.swedenconnect.se
spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION
sunet::frontend::register_sites: sunet::frontend::register_sites:

67
global/overlay/etc/puppet/manifests/cosmos-site.pp
View file

@ -313,6 +313,11 @@ class md_repo_server($hostname) {
} }
ensure_resource('class','webserver',{}) ensure_resource('class','webserver',{})
ensure_resource('class','https_server',{}) ensure_resource('class','https_server',{})
$md_signers_ip = hiera_array('md_signers',[])
sunet::misc::ufw_allow { 'allow_ssh_md_signers':
from => $md_signers_ip,
port => '22',
}
} }
class eidas_de_middleware_hsm($version="110-fixes-sc-p11",$hostname='localhost') { class eidas_de_middleware_hsm($version="110-fixes-sc-p11",$hostname='localhost') {
@ -1230,7 +1235,7 @@ class nagios_monitor {
nagioscfg::command {'check_ssl_cert_3_without_ocsp': nagioscfg::command {'check_ssl_cert_3_without_ocsp':
command_line => "/usr/lib/nagios/plugins/check_ssl_cert -A -H '\$HOSTNAME\$' --ignore-ocsp -c '\$ARG2\$' -w '\$ARG1\$' -p '\$ARG3\$'" command_line => "/usr/lib/nagios/plugins/check_ssl_cert -A -H '\$HOSTNAME\$' --ignore-ocsp -c '\$ARG2\$' -w '\$ARG1\$' -p '\$ARG3\$'"
} }
$public_hosts = ['demw.eidas.swedenconnect.se','api.swedenconnect.se','qa.test.swedenconnect.se','qa.md.swedenconnect.se','md.swedenconnect.se','md.eidas.swedenconnect.se','qa.md.eidas.swedenconnect.se','qa.connector.eidas.swedenconnect.se','qa.proxy.eidas.swedenconnect.se','connector.eidas.swedenconnect.se','test.connector.eidas.swedenconnect.se'] $public_hosts = ['proxy.eidas.swedenconnect.se','validator.swedenconnect.se','qa.demw.eidas.swedenconnect.se','demw.eidas.swedenconnect.se','api.swedenconnect.se','qa.test.swedenconnect.se','test.swedenconnect.se','qa.md.swedenconnect.se','md.swedenconnect.se','md.eidas.swedenconnect.se','qa.md.eidas.swedenconnect.se','qa.connector.eidas.swedenconnect.se','qa.proxy.eidas.swedenconnect.se','connector.eidas.swedenconnect.se','test.connector.eidas.swedenconnect.se']
nagioscfg::host {$public_hosts: } nagioscfg::host {$public_hosts: }
nagioscfg::service {'check_public_ssl_cert': nagioscfg::service {'check_public_ssl_cert':
host_name => $public_hosts, host_name => $public_hosts,
@ -1258,16 +1263,16 @@ class nagios_monitor {
nagioscfg::command {'check_website': nagioscfg::command {'check_website':
command_line => "/usr/lib/nagios/plugins/check_http -H '\$HOSTNAME\$' -S -u '\$ARG1\$'" command_line => "/usr/lib/nagios/plugins/check_http -H '\$HOSTNAME\$' -S -u '\$ARG1\$'"
} }
nagioscfg::service {'check_metadata_eIDAS': nagioscfg::service {'check_idp_metadata_eIDAS':
host_name => ['md.eidas.swedenconnect.se'], host_name => ['md.eidas.swedenconnect.se'],
check_command => 'check_website!https://md.eidas.swedenconnect.se/', check_command => 'check_website!https://md.eidas.swedenconnect.se/role/idp.xml',
description => 'check metadata for eIDAS', description => 'check IdP metadata for eIDAS',
contact_groups => ['alerts'], contact_groups => ['alerts'],
} }
nagioscfg::service {'check_metadata_swedenconnect': nagioscfg::service {'check_idp_metadata_swedenconnect':
host_name => ['md.swedenconnect.se'], host_name => ['md.swedenconnect.se'],
check_command => 'check_website!https://md.swedenconnect.se/', check_command => 'check_website!https://md.swedenconnect.se/role/idp.xml/',
description => 'check metadata for Sweden Connect', description => 'check IdP metadata for Sweden Connect',
contact_groups => ['alerts'], contact_groups => ['alerts'],
} }
nagioscfg::service {'check_connector': nagioscfg::service {'check_connector':
@ -1282,6 +1287,54 @@ class nagios_monitor {
description => 'check metadata for DE middleware', description => 'check metadata for DE middleware',
contact_groups => ['alerts'], contact_groups => ['alerts'],
} }
nagioscfg::service {'check_metadata_proxy':
host_name => ['proxy.eidas.swedenconnect.se'],
check_command => 'check_website!https://proxy.eidas.swedenconnect.se/eidas-ps/ServiceMetadata',
description => 'check metadata for Proxy',
contact_groups => ['alerts'],
}
nagioscfg::service {'check_api':
host_name => ['api.swedenconnect.se'],
check_command => 'check_website!https://api.swedenconnect.se/testid/',
description => 'check api',
contact_groups => ['alerts'],
}
nagioscfg::service {'check_metadata_DE_middleware_QA':
host_name => ['qa.demw.eidas.swedenconnect.se'],
check_command => 'check_website!https://qa.demw.eidas.swedenconnect.se/eidas-middleware/Metadata',
description => 'check metadata for DE middleware QA',
contact_groups => ['alerts'],
}
nagioscfg::service {'check_ref_idp':
host_name => ['qa.test.swedenconnect.se'],
check_command => 'check_website!https://qa.test.swedenconnect.se/idp/metadata/idp.xml',
description => 'check Reference IdP',
contact_groups => ['alerts'],
}
nagioscfg::service {'check_mdservicelist_metadata_eIDAS_QA':
host_name => ['qa.md.eidas.swedenconnect.se'],
check_command => 'check_website!https://qa.md.eidas.swedenconnect.se/mdservicelist-aggregate.xml/',
description => 'check MDSservicelist metadata for eIDAS',
contact_groups => ['alerts'],
}
nagioscfg::service {'check_sp_metadata_swedenconnect_QA':
host_name => ['qa.md.swedenconnect.se'],
check_command => 'check_website!https://qa.md.swedenconnect.se/role/sp.xml/',
description => 'check SP metadata for Sweden Connect',
contact_groups => ['alerts'],
}
nagioscfg::service {'check_connector_QA':
host_name => ['qa.connector.eidas.swedenconnect.se'],
check_command => 'check_website!https://qa.connector.eidas.swedenconnect.se/idp/metadata/sp',
description => 'check metadata for Sweden Connect',
contact_groups => ['alerts'],
}
nagioscfg::service {'check_metadata_proxy_QA':
host_name => ['qa.proxy.eidas.swedenconnect.se'],
check_command => 'check_website!https://qa.proxy.eidas.swedenconnect.se/eidas-ps/ServiceMetadata',
description => 'check metadata for Proxy',
contact_groups => ['alerts'],
}
nagioscfg::command {'check_country_count': nagioscfg::command {'check_country_count':
command_line => "/usr/lib/nagios/plugins/check_eidas_country_count.sh '\$ARG1\$' '\$ARG2\$' '\$ARG3\$' '\$ARG4\$'" command_line => "/usr/lib/nagios/plugins/check_eidas_country_count.sh '\$ARG1\$' '\$ARG2\$' '\$ARG3\$' '\$ARG4\$'"
} }

2
r1.komreg.net/overlay/etc/hiera/data/local.yaml
View file

@ -1,2 +1,2 @@
--- ---
gitolite-initial-public-admin-key:: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVvB4gdJ6EWRmx8xUSxrhoUNnWxEf8ZwAqhzC1+7XBY/hSd/cbEotLB9gxgqt0CLW56VU4FPLTw8snD8tgsyZN6KH1Da7UXno8oMk8tJdwLQM0Ggx3aWuztItkDfBc3Lfvq5T07YfphqJO7rcSGbS4QQdflXuOM9JLi6NStVao0ia4aE6Tj68pVVb3++XYvqvbU6NtEICvkTxEY93YpnRSfeAi64hsbaqSTN4kpeltzoSD1Rikz2aQFtFXE03ZC48HtGGhdMFA/Ade6KWBDaXxHGARVQ9/UccfhaR2XSjVxSZ8FBNOzNsH4k9cQIb2ndkEOXZXnjF5ZjdI4ZU0F+t7 leifj+00060AD478D6@sunet.se gitolite-initial-public-admin-key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVvB4gdJ6EWRmx8xUSxrhoUNnWxEf8ZwAqhzC1+7XBY/hSd/cbEotLB9gxgqt0CLW56VU4FPLTw8snD8tgsyZN6KH1Da7UXno8oMk8tJdwLQM0Ggx3aWuztItkDfBc3Lfvq5T07YfphqJO7rcSGbS4QQdflXuOM9JLi6NStVao0ia4aE6Tj68pVVb3++XYvqvbU6NtEICvkTxEY93YpnRSfeAi64hsbaqSTN4kpeltzoSD1Rikz2aQFtFXE03ZC48HtGGhdMFA/Ade6KWBDaXxHGARVQ9/UccfhaR2XSjVxSZ8FBNOzNsH4k9cQIb2ndkEOXZXnjF5ZjdI4ZU0F+t7 leifj+00060AD478D6@sunet.se