4b93d9c426
run-cosmos: support fleetlock unlocking at boot
...
This extends run-cosmos with a new argument that calls the unlock
function already included in the script as well as using the already
existing lock() function to make sure there is no race between the
bootup process and cron starting a normal run-cosmos process at the same
time.
The oexit() function is added to support exiting with a OK exit value
the same way eexit() is used to signal something is wrong.
This change also adds the systemd unit file that runs run-cosmos with the
new fleetlock-unlock argument at boot if fleetlock is configured.
While here fix indentation that was mixed between 3 and 4 spaces: it is
now 4 spaces everywhere.
2024-01-24 15:36:34 +01:00
4e4f69a9e9
Secrets!
2024-01-22 10:48:46 +01:00
b48fcd2c5e
No need of nat in host mode
2024-01-22 10:24:39 +01:00
634e6398c7
Get config from hiera
2024-01-22 10:21:56 +01:00
2caddfe2e8
Messes with 22.04 which as default doesn't have /usr/lib/ruby/vendor_ruby/gpgme.rb
2024-01-22 10:11:45 +01:00
94fb6d74e0
Handle updates
2024-01-22 08:10:08 +01:00
524e43b97b
updated postfix settings for relay
2024-01-19 16:12:57 +01:00
6cdf636d72
updated postfix settings for relay
2024-01-19 15:55:17 +01:00
b3359bb18d
updated nagios to monitor certificates on relay-hosts
2024-01-19 15:51:24 +01:00
3a2425ebc5
Lets go node
2024-01-19 15:34:53 +01:00
c837aa31a3
Another cluster node
2024-01-19 15:32:49 +01:00
3fe108cc3d
Use correct variable
2024-01-19 15:28:40 +01:00
1c3a95a61a
Correct varible
2024-01-19 15:27:10 +01:00
d9a59e82ea
Forward clients
2024-01-19 15:07:45 +01:00
d2aa92334d
Allow clients access
2024-01-19 14:49:32 +01:00
96516c43c4
updated submission hosts for relay-1/2
2024-01-19 14:06:18 +01:00
08f4b262c7
relay-2, updated hostname in postfix settings
2024-01-19 13:08:21 +01:00
818b053223
dkim settings for relay-1/2
2024-01-19 13:06:07 +01:00
ce39367d0b
db3 is under reinstall
2024-01-19 12:16:37 +01:00
b17d10ba78
Relay on defaults
2024-01-19 12:15:27 +01:00
9ab7e6e86c
sunet::mariadb was a define
2024-01-19 10:12:01 +01:00
2d940e2028
Class from upstream instead
2024-01-19 10:06:01 +01:00
1512ac38a9
No need to allow port 80 now
2024-01-19 10:03:07 +01:00
0b060a4e63
Docker stuff merged
2024-01-19 09:46:24 +01:00
4369e88929
eidas proxy, create oidc-rp.jks if set in hiera
2024-01-19 09:40:25 +01:00
391b3ecb1f
oidc config for proxy qa
2024-01-19 09:37:20 +01:00
bdb91ce0e7
invent class for all hosts
2024-01-18 15:00:49 +01:00
735b8a2bd4
Handled by facts
2024-01-18 10:58:03 +01:00
c60d24270e
Expose stuff
2024-01-18 10:32:14 +01:00
cf401ed95f
Test with a working service
2024-01-18 10:10:28 +01:00
9111bc7592
Test new compose
2024-01-18 10:08:01 +01:00
fe3cc1efde
Test new firewall setup
2024-01-17 20:01:21 +01:00
ec82e0657c
Merge branch 'master' of gitops.sunet.se:eid-ops
2024-01-17 16:05:05 +01:00
4a16314843
added oidc stuff for test proxy
2024-01-17 16:04:51 +01:00
d5b5ad9fe6
testing invent class
2024-01-17 16:04:47 +01:00
fcf717b9a8
updated secrets for eidas-proxy-2.test.sveidas.se
2024-01-17 15:37:05 +01:00
7c87351661
Merge branch 'master' of gitops.sunet.se:eid-ops
2024-01-17 15:00:37 +01:00
e6dbf2697e
updated secrets for eidas-proxy-1.test.sveidas.se
2024-01-17 15:00:04 +01:00
52a4af8eee
Test new stuff
2024-01-17 13:38:24 +01:00
67f5b92537
Trying stuff
2024-01-16 14:37:25 +01:00
6d29f11de1
updated metadata validator in prod
2024-01-16 14:28:06 +01:00
46c1ab7b91
updated Björns SSH key
2024-01-16 14:27:12 +01:00
141b299b5e
Lets try with the daemon file
2024-01-16 14:24:41 +01:00
39433fdc85
upgrade metadata validator in test
2024-01-16 14:20:02 +01:00
b8ea060650
We need to resolve stuff
2024-01-16 13:45:23 +01:00
1f39f13a6d
Need to bind mariadb to the real ip
2024-01-16 13:30:45 +01:00
19ef604c0b
Use the correct class
2024-01-16 13:09:55 +01:00
9ebc1bfae2
Test new code
2024-01-16 13:08:48 +01:00
4d954d021e
updated publisher ssh config for eupub-2.komreg.net
2024-01-16 10:35:47 +01:00
9903a96e79
Get and install docker
2024-01-16 10:21:43 +01:00
