770a5ca3cc
Merge pull request #55 from SUNET/patlu-fleetlock-lock-timeouts
...
fleetlock: configurable lock/unlock timeout
2024-07-04 13:07:34 +02:00
aa88795ee0
sunet-fleetlock: also handle ReadTimeout
...
Turns out this was not caught by ConnectionError.
2024-07-03 14:13:22 +02:00
01768129f0
fleetlock: configurable lock/unlock timeout
...
While we already support setting a healthcheck timeout it probably
makes sense to be able to control how long we wait for a
fleetlock_lock() or fleetlock_unlock() call. This becomes important if
only running cosmos once a night or something like that. In that case we
you probably want to give a physical machine more than than 1 minute to
complete a reboot etc.
This can now be controlled by setting fleetlock_lock_timeout and
fleetlock_unlock_timeout in /etc/run-cosmos-fleetlock-conf. Keep in mind
that while it can make sense to increase the time for taking a lock,
releasing a lock should always be fast (either you have it and release
it, or you dont have it and it is a no-op) so setting a long unlock
timeout should probably never be done.
Since we also potentially wait the unlock timeout at boot (if the
fleetlock server is broken etc) that is another reason to keep it
short. The default 1m is probably OK for most uses.
2024-07-03 13:27:52 +02:00
443611dd3f
Merge pull request #49 from SUNET/john-permissions-fix
...
Enforce more strict permissions for files in Cosmos
2024-07-03 11:36:21 +02:00
52a30ae970
upgrade DEMW application in QA to 3.3.0
...
ref: SC-2296
2024-07-02 16:15:41 +02:00
022f29d7e8
enabling SP metadata signing in TEST connector service
2024-07-02 14:22:58 +02:00
ba5a53c1f0
made signing with HSm true in Test environment
2024-07-02 14:13:36 +02:00
994262fddc
let demw in test environement run eidas-test branch
2024-07-01 18:32:17 +02:00
a5a33e95a5
updating docker env parameters
2024-06-27 22:27:16 +02:00
249c690ddb
changed slot number
2024-06-20 16:53:15 +02:00
47dae869d3
New version for tests. SC-2354.
2024-06-20 08:10:21 +02:00
5518048d79
Merge pull request #54 from SUNET/pahol-ubuntu24
...
Ubuntu-24 fixes
2024-06-19 15:07:17 +02:00
4231b4ac1d
Migrate from legacy fact
...
This did not work on modern puppet in ubuntu24:
Warning: Interpolation failed with '::lsbdistcodename', but compilation continuing;
New syntax inspiration from:
https://www.puppet.com/docs/puppet/8/hiera_config_yaml_5#configuring_hiera
2024-06-19 14:07:13 +02:00
bc9d1dc960
Use upstream puppet modules for ubuntu24+.
...
This is how we do it in modern debian so it
makes sense to do it on modern ubuntu as well.
2024-06-19 14:02:24 +02:00
5d88e66379
Merge pull request #53 from SUNET/patlu-fleetlock-error-handling
...
sunet-fleetlock: handle connection errors
2024-06-17 13:27:11 +02:00
e315282bc5
Use more strict exception checking
...
This is probably wide enough and we do not need weird extra handling of
our own execption etc.
Thanks to @mickenordin for keeping me honest :).
2024-06-17 12:40:12 +02:00
4b8b8887f6
sunet-fleetlock: handle connection errors
...
In order to handle upgrades of the fleetlock server when running only
one server we need to handle connection errors like connection refused
or timed out errors gracefully.
Because there are several different ways the connection can fail and it
is hard to keep track of them all, just catch everything. We then also
need special handling of our own timeout execption so we are not
accidentally stuck retrying forever.
Also fix so we actually use the request_timeout arg for individual HTTP
requests instead of the global timeout.
While here run isort to keep imports tidy.
2024-06-17 12:07:22 +02:00
a1eafe1dd1
access for Patrik Holmqvist
...
ref: SC-2322
2024-06-11 18:19:37 +02:00
a91554f6a1
fixed name and description
2024-06-08 01:48:57 +02:00
5dd8351fc0
fixed named of the host
2024-06-08 01:41:57 +02:00
e19d98175b
fixed nagios checks for demw TEST
2024-06-08 01:37:37 +02:00
7404e8996f
fixed image name & removed slash in the end for a nagios check
2024-06-08 01:14:43 +02:00
39dbd29227
changed the stable tag for demw-1.test.sveidas.se
2024-06-08 00:53:54 +02:00
198ac615f1
fixed syntax
2024-06-08 00:51:07 +02:00
f0692f6354
new demw version 3.2.0 related changes
2024-06-08 00:46:46 +02:00
a3fb9dca52
Variable configuration
2024-06-04 14:31:32 +02:00
5a97372de4
Allow sunet frontend access to qa
2024-06-04 14:17:40 +02:00
062c8deb3b
cluster buddy
2024-06-03 13:01:02 +02:00
625ba6e642
Merge branch 'master' of gitops.sunet.se:eid-ops
2024-06-03 07:40:16 +02:00
7ad90c1f88
updated validity on gpg key.
2024-06-03 07:39:32 +02:00
510003043b
had to specifiy package name
2024-05-31 18:30:06 +02:00
5f738270e4
Some NRPE checks will get fishy results when using a PrivateTmp.
...
E.g check_apt:
https://askubuntu.com/questions/1415415/check-apt-issue-with-nagios
2024-05-31 17:39:33 +02:00
df750ff6a3
IPv6 is the future
2024-05-31 15:31:43 +02:00
d33aa5cd03
App servers need to notify users
2024-05-31 15:09:57 +02:00
d354b04c21
Use correct path
2024-05-31 15:05:11 +02:00
f4aff1ff11
Shared configuration
2024-05-31 15:01:23 +02:00
17a8addd7b
Correct IP
2024-05-31 13:43:14 +02:00
8f7f1fc952
Merge branch 'master' of gitops.sunet.se:eid-ops
2024-05-31 13:35:10 +02:00
46d9e4cde6
removed monitoring of old proxy metadata files
2024-05-31 13:34:38 +02:00
4544833a4b
Secrets
2024-05-31 13:24:33 +02:00
0b8094387c
add frontend for idm in qa. SC-2033.
2024-05-31 12:58:22 +02:00
a1962c7e84
Run site aswell
2024-05-31 12:26:08 +02:00
3233ea5e39
upgrade proxy in prod
...
SC-2309
2024-05-29 18:48:39 +02:00
bc1e1cda7b
upgrade proxy in Test
...
ref: SC-2309
2024-05-29 18:30:40 +02:00
15ff15c37f
add username/password for idm in qa. SC-1625.
2024-05-29 14:04:43 +02:00
95cd38700a
Merge branch 'master' of gitops.sunet.se:eid-ops
2024-05-29 13:57:55 +02:00
41f9c02b80
Add user/password for mailrelay for IDM. SC-1652
2024-05-29 13:57:45 +02:00
afbece12d5
Configure mail stuff
2024-05-29 13:57:13 +02:00
f8f6a7197a
psidp config upated
2024-05-28 09:34:01 +02:00
51c2e85eb7
new nrpe check
2024-05-27 23:03:57 +02:00
