swedenconnect/eid-ops
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
eid-ops/global/overlay/etc/puppet/cosmos-rules.yaml

1400 lines
39 KiB
YAML
Raw Blame History

'.+':
common:
nrpe:
entropyclient:
infra_ca_rp:
sunetops:
mailclient:
domain: sunet.se
sunet::rsyslog:
sunet::server:
sshd_config: true
ssh_allow_from_anywhere: true
sunet::invent::client:
export_endpoint: https://ni-frontend-test.sunet.se
invent_retention_days: 1
jmp.komreg.net:
konsulter:
sunet_iaas_cloud:
autoupdate:
sunet::auditd:
jumphosts:
sunet::server:
ssh_allow_from_anywhere: true
'^jump-.+\.komreg\.net$':
konsulter:
autoupdate:
jumphosts:
sunet::server:
ssh_allow_from_anywhere: true
kvmfe-tug-3.komreg.net:
eid::kvmhost:
vms:
fe-tug-3.komreg.net:
mac: '52:54:20:02:01:01'
ip: '94.176.224.37'
netmask: '255.255.255.240'
gateway: '94.176.224.33'
ip6: '2001:6b0:63:2::37'
gateway6: '2001:6b0:63:2::1'
bridge: 'br-fe'
description: 'eid tug prod frontend'
cpus: '15'
memory: '30720'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
fe-tug-1.test.komreg.net:
mac: '52:54:20:02:01:02'
ip: '94.176.224.38'
netmask: '255.255.255.240'
gateway: '94.176.224.33'
ip6: '2001:6b0:63:2::38'
gateway6: '2001:6b0:63:2::1'
bridge: 'br-fe'
description: 'eid tug test frontend'
cpus: '15'
memory: '30720'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
kvminfra-tug-3.komreg.net:
eid::kvmhost:
vms:
log-2.sveidas.se:
mac: '52:54:20:02:02:01'
ip: '94.176.224.102'
netmask: '255.255.255.240'
gateway: '94.176.224.97'
bridge: 'br-infra'
search: ['sveidas.se']
description: 'eid tug log'
cpus: '10'
memory: '20480'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
monitor-tug-3.komreg.net:
mac: '52:54:20:02:02:02'
ip: '94.176.224.101'
netmask: '255.255.255.240'
gateway: '94.176.224.97'
ip6: '2001:6b0:63:4::101'
gateway6: '2001:6b0:63:4::1'
bridge: 'br-infra'
description: 'eid tug monitor'
cpus: '10'
memory: '20480'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
validator-2.komreg.net:
mac: '52:54:20:02:02:03'
ip: '94.176.224.106'
netmask: '255.255.255.240'
gateway: '94.176.224.97'
bridge: 'br-infra'
description: 'eid tug validator'
cpus: '8'
memory: '8192'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
kvmmeta-tug-3.komreg.net:
eid::kvmhost:
vms:
natmd-2.komreg.net:
mac: '52:54:20:02:03:01'
ip: '94.176.224.69'
netmask: '255.255.255.240'
gateway: '94.176.224.65'
bridge: 'br-meta'
description: 'eid tug swedish metadata signer'
cpus: '10'
memory: '15360'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
eumd-2.komreg.net:
mac: '52:54:20:02:03:02'
ip: '94.176.224.70'
netmask: '255.255.255.240'
gateway: '94.176.224.65'
bridge: 'br-meta'
description: 'eid tug european metadata signer'
cpus: '10'
memory: '15360'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
natpub-2.komreg.net:
mac: '52:54:20:02:03:03'
ip: '94.176.224.71'
netmask: '255.255.255.240'
gateway: '94.176.224.65'
bridge: 'br-meta'
description: 'eid tug swedish metadata publisher'
cpus: '10'
memory: '15360'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
eupub-2.komreg.net:
mac: '52:54:20:02:03:04'
ip: '94.176.224.72'
netmask: '255.255.255.240'
gateway: '94.176.224.65'
bridge: 'br-meta'
description: 'eid tug european metadata publisher'
cpus: '10'
memory: '15360'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
kvmeidas-tug-3.komreg.net:
eid::kvmhost:
vms:
eidas-connector-2.sveidas.se:
mac: '52:54:20:02:04:01'
ip: '94.176.224.5'
netmask: '255.255.255.240'
gateway: '94.176.224.1'
bridge: 'br-eidas'
search: ['sveidas.se']
description: 'eid connector'
cpus: '8'
memory: '8192'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
eidas-connector-4.sveidas.se:
mac: '52:54:20:02:04:02'
ip: '94.176.224.6'
netmask: '255.255.255.240'
gateway: '94.176.224.1'
bridge: 'br-eidas'
search: ['sveidas.se']
description: 'eid connector'
cpus: '8'
memory: '8192'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
prid-2.sveidas.se:
mac: '52:54:20:02:04:04'
ip: '94.176.224.8'
netmask: '255.255.255.240'
gateway: '94.176.224.1'
bridge: 'br-eidas'
search: ['sveidas.se']
description: 'eid prid'
cpus: '8'
memory: '8192'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
eidas-test-2.sveidas.se:
mac: '52:54:20:02:04:07'
ip: '94.176.224.11'
netmask: '255.255.255.240'
gateway: '94.176.224.1'
bridge: 'br-eidas'
search: ['sveidas.se']
description: 'eid tug test SP'
cpus: '8'
memory: '8192'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
eidas-proxy-2.sveidas.se:
mac: '52:54:20:02:04:08'
ip: '94.176.224.12'
netmask: '255.255.255.240'
gateway: '94.176.224.1'
bridge: 'br-eidas'
search: ['sveidas.se']
description: 'eid tug proxy'
cpus: '8'
memory: '8192'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
eidas-proxy-4.sveidas.se:
mac: '52:54:20:02:04:09'
ip: '94.176.224.13'
netmask: '255.255.255.240'
gateway: '94.176.224.1'
bridge: 'br-eidas'
search: ['sveidas.se']
description: 'eid tug proxy'
cpus: '8'
memory: '8192'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
kvmfe-fre-3.komreg.net:
eid::kvmhost:
vms:
fe-fre-3.komreg.net:
mac: '52:54:20:01:00:01'
ip: '94.176.224.165'
netmask: '255.255.255.240'
gateway: '94.176.224.161'
ip6: '2001:6b0:64:2::165'
gateway6: '2001:6b0:64:2::1'
bridge: 'br-fe'
description: 'eid fre prod frontend'
cpus: '15'
memory: '30720'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
fe-fre-1.test.komreg.net:
mac: '52:54:20:01:00:02'
ip: '94.176.224.166'
netmask: '255.255.255.240'
gateway: '94.176.224.161'
ip6: '2001:6b0:64:2::166'
gateway6: '2001:6b0:64:2::1'
bridge: 'br-fe'
description: 'eid fre sthb frontend'
cpus: '15'
memory: '30720'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
kvminfra-fre-3.komreg.net:
eid::kvmhost:
vms:
monitor-fre-3.komreg.net:
mac: '52:54:20:01:00:02'
ip: '94.176.224.229'
netmask: '255.255.255.240'
gateway: '94.176.224.225'
ip6: '2001:6b0:64:4::229'
gateway6: '2001:6b0:64:4::1'
bridge: 'br-infra'
description: 'eid fre monitor'
cpus: '10'
memory: '20480'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
log-1.sveidas.se:
mac: '52:54:20:01:00:03'
ip: '94.176.224.230'
netmask: '255.255.255.240'
gateway: '94.176.224.225'
bridge: 'br-infra'
search: ['sveidas.se']
description: 'eid fre log'
cpus: '10'
memory: '20480'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
validator-1.komreg.net:
mac: '52:54:20:01:00:04'
ip: '94.176.224.234'
netmask: '255.255.255.240'
gateway: '94.176.224.225'
bridge: 'br-infra'
description: 'eid fre validator'
cpus: '8'
memory: '8192'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
kvmmeta-fre-3.komreg.net:
eid::kvmhost:
vms:
natmd-1.komreg.net:
mac: '52:54:20:01:01:01'
ip: '94.176.224.197'
netmask: '255.255.255.240'
gateway: '94.176.224.193'
bridge: 'br-meta'
description: 'eid fre swedish metadata signer'
cpus: '10'
memory: '15360'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
eumd-1.komreg.net:
mac: '52:54:20:01:01:02'
ip: '94.176.224.198'
netmask: '255.255.255.240'
gateway: '94.176.224.193'
bridge: 'br-meta'
description: 'eid fre european metadata signer'
cpus: '10'
memory: '15360'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
natpub-1.komreg.net:
mac: '52:54:20:01:01:03'
ip: '94.176.224.199'
netmask: '255.255.255.240'
gateway: '94.176.224.193'
bridge: 'br-meta'
description: 'eid fre swedish metadata publisher'
cpus: '10'
memory: '15360'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
eupub-1.komreg.net:
mac: '52:54:20:01:01:04'
ip: '94.176.224.200'
netmask: '255.255.255.240'
gateway: '94.176.224.193'
bridge: 'br-meta'
description: 'eid fre european metadata publisher'
cpus: '10'
memory: '15360'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
kvmeidas-fre-3.komreg.net:
eid::kvmhost:
vms:
eidas-connector-1.sveidas.se:
mac: '52:54:20:01:04:01'
ip: '94.176.224.133'
netmask: '255.255.255.240'
gateway: '94.176.224.129'
bridge: 'br-eidas'
search: ['sveidas.se']
description: 'eid connector'
cpus: '8'
memory: '8192'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
eidas-connector-3.sveidas.se:
mac: '52:54:20:01:04:02'
ip: '94.176.224.134'
netmask: '255.255.255.240'
gateway: '94.176.224.129'
bridge: 'br-eidas'
search: ['sveidas.se']
description: 'eid connector'
cpus: '8'
memory: '8192'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
prid-1.sveidas.se:
mac: '52:54:20:01:04:04'
ip: '94.176.224.136'
netmask: '255.255.255.240'
gateway: '94.176.224.129'
bridge: 'br-eidas'
search: ['sveidas.se']
description: 'eid prid'
cpus: '8'
memory: '8192'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
eidas-test-1.sveidas.se:
mac: '52:54:20:01:04:07'
ip: '94.176.224.139'
netmask: '255.255.255.240'
gateway: '94.176.224.129'
bridge: 'br-eidas'
search: ['sveidas.se']
description: 'eid fre test SP'
cpus: '8'
memory: '8192'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
eidas-proxy-1.sveidas.se:
mac: '52:54:20:01:04:08'
ip: '94.176.224.140'
netmask: '255.255.255.240'
gateway: '94.176.224.129'
bridge: 'br-eidas'
search: ['sveidas.se']
description: 'eid fre proxy'
cpus: '8'
memory: '8192'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
eidas-proxy-3.sveidas.se:
mac: '52:54:20:01:04:09'
ip: '94.176.224.141'
netmask: '255.255.255.240'
gateway: '94.176.224.129'
bridge: 'br-eidas'
search: ['sveidas.se']
description: 'eid fre proxy'
cpus: '8'
memory: '8192'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
kvmdemw-fre-3a.komreg.net:
eid::kvmhost:
vms:
demw-1.sveidas.se:
mac: '52:54:20:01:05:01'
ip: '94.176.224.252'
netmask: '255.255.255.248'
gateway: '94.176.224.249'
bridge: 'br-demw'
description: 'eid deutsche middleware'
cpus: '16'
memory: '32768'
size: '100G'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
kvmdemw-fre-3b.komreg.net:
eid::kvmhost:
vms:
demw-2.sveidas.se:
mac: '52:54:20:01:05:02'
ip: '94.176.224.125'
netmask: '255.255.255.248'
gateway: '94.176.224.121'
bridge: 'br-demw'
description: 'eid deutsche middleware'
cpus: '16'
memory: '32768'
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
monitor-fre-3.komreg.net:
autoupdate:
eid::nagios_monitor:
monitor-tug-3.komreg.net:
autoupdate:
eid::nagios_monitor:
country-test-1.test.komreg.net:
autoupdate:
eid::dockerhost:
version: '5:24.0.5-1~ubuntu.20.04~focal'
storage_driver: 'overlay2'
natmd-1.komreg.net:
autoupdate:
eid::dockerhost:
version: '5:24.0.7-1~ubuntu.20.04~focal'
storage_driver: 'overlay2'
write_daemon_config: true
konsulter:
sunet::metadata::pyff_compose:
pyff_imagetag: 2.1.3
pyff_pipeline: natmd-prod-ng.fd
pyff_update_frequency: 1800
pyff_extra_volumes:
- "/etc/credentials:/etc/credentials"
hsm_client: true
luna_imagetag: 7.4-dev
sunet::metadata::mdqp:
imagetag: v2023-11-01-01
mdq_service: http://pyff_pyff_1:8080
sunet::metadata::metadata_repo:
hostname: r1.komreg.net
repo: komreg-metadata.git
signed_repo: true
natmd-test-1.komreg.net:
autoupdate:
eid::dockerhost:
version: '5:24.0.7-1~ubuntu.20.04~focal'
storage_driver: 'overlay2'
write_daemon_config: true
konsulter:
sunet::metadata::pyff_compose:
pyff_imagetag: 2.1.3
pyff_pipeline: natmd-test-ng.fd
pyff_update_frequency: 1800
pyff_extra_volumes:
- "/etc/credentials:/etc/credentials"
hsm_client: true
luna_imagetag: 7.4-dev
sunet::metadata::mdqp:
imagetag: v2023-11-01-01
mdq_service: http://pyff_pyff_1:8080
sunet::metadata::metadata_repo:
hostname: r1.komreg.net
repo: komreg-metadata.git
signed_repo: true
eumd-1.komreg.net:
autoupdate:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
konsulter:
eidas_hsm_client:
md_signer:
name: eidas-prod
dest_host: eupub-1.komreg.net
version: 1.1.5-eidas
md_repo_client:
eid::de_client:
eumd-test-1.komreg.net:
autoupdate:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
konsulter:
md_repo_client:
eidas_hsm_client:
md_signer:
name: eidas-test
dest_host: eupub-test-1.komreg.net
version: 1.1.5-eidas
eid::de_client:
natpub-1.komreg.net:
autoupdate:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
sunet::metadata::mdq_publisher:
valid_until: 7
xml_dir: role
validate_cert: '/var/www/html/swedenconnect.se.cert'
imagetag: v2024-04-08-01
infra_cert_from_this_class: false
sunet::frontend::register_sites:
sites:
'md.swedenconnect.se':
frontends:
- 'fe-fre-3.komreg.net'
- 'fe-tug-3.komreg.net'
port: '443'
natpub-test-1.komreg.net:
autoupdate:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
sunet::metadata::mdq_publisher:
valid_until: 7
xml_dir: role
validate_cert: '/var/www/html/md-signer.crt'
imagetag: v2024-04-08-01
infra_cert_from_this_class: false
sunet::frontend::register_sites:
sites:
'test.md.swedenconnect.se':
frontends:
- 'fe-fre-1.test.komreg.net'
- 'fe-tug-1.test.komreg.net'
port: '443'
eupub-1.komreg.net:
autoupdate:
infra_ca_rp:
monitor_infra_cert: false
md_publisher:
keyname: eupub-1.komreg.net_infra
signer_ip_adress: '94.176.224.198'
mdsl_publisher:
sunet::frontend::register_sites:
sites:
'md.eidas.swedenconnect.se':
frontends:
- 'fe-fre-3.komreg.net'
- 'fe-tug-3.komreg.net'
port: '443'
eupub-test-1.komreg.net:
autoupdate:
infra_ca_rp:
monitor_infra_cert: false
md_publisher:
keyname: eupub-test-1.komreg.net_infra
signer_ip_adress: '89.45.237.138'
mdsl_publisher:
sunet::frontend::register_sites:
sites:
'test.md.eidas.swedenconnect.se':
frontends:
- 'fe-fre-1.test.komreg.net'
- 'fe-tug-1.test.komreg.net'
port: '443'
natmd-2.komreg.net:
autoupdate:
eid::dockerhost:
version: '5:24.0.7-1~ubuntu.20.04~focal'
storage_driver: 'overlay2'
write_daemon_config: true
konsulter:
sunet::metadata::pyff_compose:
pyff_imagetag: 2.1.3
pyff_pipeline: natmd-prod-ng.fd
pyff_update_frequency: 1800
pyff_extra_volumes:
- "/etc/credentials:/etc/credentials"
hsm_client: true
luna_imagetag: 7.4-dev
sunet::metadata::mdqp:
imagetag: v2023-11-01-01
mdq_service: http://pyff_pyff_1:8080
sunet::metadata::metadata_repo:
hostname: r1.komreg.net
repo: komreg-metadata.git
signed_repo: true
natmd-test-2.komreg.net:
autoupdate:
eid::dockerhost:
version: '5:24.0.7-1~ubuntu.20.04~focal'
storage_driver: 'overlay2'
write_daemon_config: true
konsulter:
sunet::metadata::pyff_compose:
pyff_imagetag: 2.1.3
pyff_pipeline: natmd-test-ng.fd
pyff_update_frequency: 1800
pyff_extra_volumes:
- "/etc/credentials:/etc/credentials"
hsm_client: true
luna_imagetag: 7.4-dev
sunet::metadata::mdqp:
imagetag: v2023-11-01-01
mdq_service: http://pyff_pyff_1:8080
sunet::metadata::metadata_repo:
hostname: r1.komreg.net
repo: komreg-metadata.git
signed_repo: true
eumd-2.komreg.net:
autoupdate:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
konsulter:
eidas_hsm_client:
md_signer:
name: eidas-prod
dest_host: eupub-2.komreg.net
version: 1.1.5-eidas
md_repo_client:
eid::de_client:
eumd-test-2.komreg.net:
autoupdate:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
konsulter:
md_repo_client:
eidas_hsm_client:
md_signer:
name: eidas-test
dest_host: eupub-test-2.komreg.net
version: 1.1.5-eidas
eid::de_client:
natpub-2.komreg.net:
autoupdate:
eid::dockerhost:
version: '5:24.0.7-1~ubuntu.20.04~focal'
storage_driver: 'overlay2'
sunet::metadata::mdq_publisher:
valid_until: 7
xml_dir: role
validate_cert: '/var/www/html/swedenconnect.se.cert'
imagetag: v2024-04-08-01
infra_cert_from_this_class: false
sunet::frontend::register_sites:
sites:
'md.swedenconnect.se':
frontends:
- 'fe-fre-3.komreg.net'
- 'fe-tug-3.komreg.net'
port: '443'
natpub-test-2.komreg.net:
autoupdate:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
sunet::metadata::mdq_publisher:
valid_until: 7
xml_dir: role
validate_cert: '/var/www/html/md-signer.crt'
imagetag: v2024-04-08-01
infra_cert_from_this_class: false
sunet::frontend::register_sites:
sites:
'test.md.swedenconnect.se':
frontends:
- 'fe-fre-1.test.komreg.net'
- 'fe-tug-1.test.komreg.net'
port: '443'
eupub-2.komreg.net:
autoupdate:
infra_ca_rp:
monitor_infra_cert: false
md_publisher:
keyname: eupub-2.komreg.net_infra
signer_ip_adress: '94.176.224.70'
mdsl_publisher:
sunet::frontend::register_sites:
sites:
'md.eidas.swedenconnect.se':
frontends:
- 'fe-fre-3.komreg.net'
- 'fe-tug-3.komreg.net'
port: '443'
eupub-test-2.komreg.net:
autoupdate:
infra_ca_rp:
monitor_infra_cert: false
md_publisher:
keyname: eupub-test-2.komreg.net_infra
signer_ip_adress: '89.45.236.73'
mdsl_publisher:
sunet::frontend::register_sites:
sites:
'test.md.eidas.swedenconnect.se':
frontends:
- 'fe-fre-1.test.komreg.net'
- 'fe-tug-1.test.komreg.net'
port: '443'
nic.komreg.net:
sunet_iaas_cloud:
autoupdate:
konsulter:
eid::nagios_monitor:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
r1.komreg.net:
sunet_iaas_cloud:
autoupdate:
infra_ca_rp:
monitor_infra_cert: false
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
md_repo_server:
hostname: r1.komreg.net
p1.komreg.net:
sunet_iaas_cloud:
sunet::frontend::register_sites:
sites:
'qa.md.swedenconnect.se':
frontends:
- 'sthb-lb-1.sunet.se'
- 'tug-lb-1.sunet.se'
port: '443'
autoupdate:
eid::dockerhost:
version: '5:24.0.7-1~ubuntu.20.04~focal'
storage_driver: 'overlay2'
sunet::metadata::mdq_publisher:
valid_until: 7
xml_dir: role
validate_cert: '/var/www/html/qa.swedenconnect.se.cert'
imagetag: v2024-04-08-01
infra_cert_from_this_class: false
p2.qa.komreg.net:
sunet_iaas_cloud:
infra_ca_rp:
monitor_infra_cert: false
autoupdate:
md_publisher:
keyname: p2.qa.komreg.net_infra
signer_ip_adress: '89.47.185.47'
mdsl_publisher:
sunet::frontend::register_sites:
sites:
'qa.md.eidas.swedenconnect.se':
frontends:
- 'sthb-lb-1.sunet.se'
- 'tug-lb-1.sunet.se'
port: '443'
md1.komreg.net:
autoupdate:
eidas_metadata_key:
eid::dockerhost:
version: '5:24.0.7-1~ubuntu.20.04~focal'
storage_driver: 'overlay2'
write_daemon_config: true
konsulter:
sunet::metadata::pyff_compose:
pyff_imagetag: 2.1.3
pyff_pipeline: natmd-qa-ng.fd
pyff_update_frequency: 1800
pyff_extra_volumes:
- "/etc/credentials:/etc/credentials"
sunet::metadata::mdqp:
imagetag: v2023-11-01-01
mdq_service: http://pyff_pyff_1:8080
sunet::metadata::metadata_repo:
hostname: r1.komreg.net
repo: komreg-metadata.git
signed_repo: true
md-eu1.qa.komreg.net:
sunet_iaas_cloud:
autoupdate:
infra_ca_rp:
monitor_infra_cert: false
konsulter:
eidas_metadata_key:
md_signer:
name: eidas-qa
dest_host: p2.qa.komreg.net
version: 1.1.5-eidas
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
md_repo_client:
eid::de_client:
make_target: "DE-qa"
'^test-[0-9]+\.qa\.sveidas\.se$':
sunet_iaas_cloud:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
konsulter:
autoupdate:
infra_ca_rp:
monitor_infra_cert: false
test_my_eid:
version: 2.0.1
hostname: qa.test.swedenconnect.se
test-1.test.sveidas.se:
sunet_iaas_cloud:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
konsulter:
autoupdate:
test_my_eid:
version: 2.0.1
hostname: test.test.swedenconnect.se
environment: default
'^demw-[0-9]+\.qa\.sveidas\.se$':
sunet_iaas_cloud:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
konsulter:
autoupdate:
eidas_de_middleware:
version: 330-sc_hsm2
hostname: qa.demw.eidas.swedenconnect.se
webserver:
enabled: true
sunet::frontend::register_sites:
sites:
'qa.demw.eidas.swedenconnect.se':
frontends:
- 'tug-lb-1.sunet.se'
- 'sthb-lb-1.sunet.se'
port: '443'
demw-1.test.sveidas.se:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.22.04~jammy'
storage_driver: 'overlay2'
konsulter:
autoupdate:
eidas_de_middleware_hsm_test:
version: 330-sc_hsm2
hostname: test.demw.eidas.swedenconnect.se
sunet::frontend::register_sites:
sites:
'test.demw.eidas.swedenconnect.se':
frontends:
- 'fe-fre-1.test.komreg.net'
- 'fe-tug-1.test.komreg.net'
port: '443'
demw-1.sveidas.se:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
docker_repo: stable
konsulter:
autoupdate:
eidas_de_middleware_hsm:
version: 330-sc_hsm2
hostname: demw.eidas.swedenconnect.se
webserver:
enabled: true
sunet::frontend::register_sites:
sites:
'demw.eidas.swedenconnect.se':
frontends:
- 'fe-fre-3.komreg.net'
- 'fe-tug-3.komreg.net'
port: '443'
demw-2.sveidas.se:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
docker_repo: stable
konsulter:
autoupdate:
eidas_de_middleware_hsm:
version: 227-sc-p11-rce_hsm2
hostname: demw.eidas.swedenconnect.se
saml_metadata:
filename: /opt/eidas-middleware/configuration/serviceprovider-metadata/connector-metadata.xml
url: https://connector.eidas.swedenconnect.se/idp/metadata/sp
webserver:
enabled: false
'^refidp-[0-9]+\.qa\.sveidas\.se$':
sunet_iaas_cloud:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
konsulter:
autoupdate:
infra_ca_rp:
monitor_infra_cert: false
swedenconnect_refidp:
version: 1.3.1
hostname: qa.test.swedenconnect.se
env: qa
sunet::frontend::register_sites:
sites:
'qa.test.swedenconnect.se':
frontends:
- 'sthb-lb-1.sunet.se'
- 'tug-lb-1.sunet.se'
port: '443'
'^refidp-[0-9]+\.test\.sveidas\.se$':
sunet_iaas_cloud:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
konsulter:
autoupdate:
infra_ca_rp:
monitor_infra_cert: false
swedenconnect_refidp:
version: 1.3.1
hostname: test.test.swedenconnect.se
env: test
sunet::frontend::register_sites:
sites:
'test.test.swedenconnect.se':
frontends:
- 'fe-tug-1.test.komreg.net'
- 'fe-fre-1.test.komreg.net'
port: '443'
'^eidas-test-[0-9]+\.sveidas\.se$':
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
konsulter:
autoupdate:
test_my_eid:
version: 2.0.1
hostname: test.swedenconnect.se
environment: prod
sunet::frontend::register_sites:
sites:
'test.swedenconnect.se':
frontends:
- 'fe-fre-3.komreg.net'
- 'fe-tug-3.komreg.net'
port: '443'
'^eidas-connector-[0-9]+\.sveidas\.se$':
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
docker_repo: stable
infra_ca_rp:
monitor_infra_cert: false
konsulter:
autoupdate:
eidas_connector:
version: 1.7.1_hsm2_ubuntu
hostname: connector.eidas.swedenconnect.se
sunet::frontend::register_sites:
sites:
'connector.eidas.swedenconnect.se':
frontends:
- 'fe-fre-3.komreg.net'
- 'fe-tug-3.komreg.net'
port: '443'
'^prid-[0-9]+\.sveidas\.se$':
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
docker_repo: stable
konsulter:
autoupdate:
servicemonitor:
prid:
version: 2.0.0_ubuntu
clients: 'prid_prod_clients'
mdsl: https://md.eidas.swedenconnect.se/mdservicelist-aggregate.xml
'^validator-[0-9]+\.komreg\.net$':
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
konsulter:
autoupdate:
validator:
version: 3.2.1
sunet::frontend::register_sites:
sites:
'validator.swedenconnect.se':
frontends:
- 'fe-fre-3.komreg.net'
- 'fe-tug-3.komreg.net'
port: '443'
validator-test-1.komreg.net:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
konsulter:
autoupdate:
validator:
version: 3.2.1
sunet::frontend::register_sites:
sites:
'test.validator.swedenconnect.se':
frontends:
- 'fe-fre-1.test.komreg.net'
- 'fe-tug-1.test.komreg.net'
port: '443'
'^eidas-proxy-[0-9]+\.sveidas\.se$':
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
konsulter:
autoupdate:
proxy_eidas_metadata:
eidas_proxy:
version: 3.0.10_hsm2
hostname: proxy.eidas.swedenconnect.se
spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION
sunet::frontend::register_sites:
sites:
'proxy.eidas.swedenconnect.se':
frontends:
- 'fe-fre-3.komreg.net'
- 'fe-tug-3.komreg.net'
port: '443'
log-2.sveidas.se:
autoupdate:
konsulter:
eidas_log:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
eid::telegraf:
sunet::rsyslog:
udp_port: 514
udp_client: 94.176.224.0/24
log-1.sveidas.se:
autoupdate:
konsulter:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
eidas_log:
eid::telegraf:
sunet::rsyslog:
udp_port: 514
udp_client: 94.176.224.0/24
'^eidas-node-[0-9]+\.qa\.sveidas\.se$':
konsulter:
sunet_iaas_cloud:
infra_ca_rp:
monitor_infra_cert: false
autoupdate:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
eidas_connector:
version: 1.7.1_hsm2_ubuntu
hostname: qa.connector.eidas.swedenconnect.se
'^eidas-connector-[0-9]+\.test\.sveidas\.se$':
sunet_iaas_cloud:
infra_ca_rp:
monitor_infra_cert: false
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
konsulter:
autoupdate:
eidas_connector:
version: 1.7.1_hsm2_ubuntu
hostname: test.connector.eidas.swedenconnect.se
luna_debug: yes
prid_local:
version: 2.0.0_ubuntu
clients: 'prid_qa_clients'
mdsl: https://test.md.eidas.swedenconnect.se/mdservicelist-aggregate.xml
sunet::frontend::register_sites:
sites:
'test.connector.eidas.swedenconnect.se':
frontends:
- 'fe-fre-1.test.komreg.net'
- 'fe-tug-1.test.komreg.net'
port: '443'
'^eidas-proxy-[0-9]+\.qa\.sveidas\.se$':
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
konsulter:
infra_ca_rp:
monitor_infra_cert: false
eid::telegraf:
sunet_iaas_cloud:
autoupdate:
proxy_eidas_metadata:
eidas_proxy:
version: 3.0.8_hsm2
hostname: qa.proxy.eidas.swedenconnect.se
spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION
'^eidas-proxy-[0-9]+\.test\.sveidas\.se$':
sunet_iaas_cloud:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
eid::telegraf:
konsulter:
autoupdate:
proxy_eidas_metadata:
eidas_proxy:
version: 3.0.8_hsm2
hostname: test.proxy.eidas.swedenconnect.se
spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION
'^prid-[0-9]+\.qa\.sveidas\.se$':
konsulter:
sunet_iaas_cloud:
autoupdate:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
servicemonitor:
prid:
version: 2.0.0_ubuntu
clients: 'prid_qa_clients'
mdsl: https://qa.md.eidas.swedenconnect.se/mdservicelist-aggregate.xml
'^fe-.+-\d+\.komreg\.net$':
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
docker_repo: stable
sunet::frontend::load_balancer:
fe_servers:
'^fe-.+-\d+\.test\.komreg\.net$':
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
sunet::frontend::load_balancer:
fe_servers:
log.qa.sveidas.se:
sunet_iaas_cloud:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
eid::telegraf:
ports: ['127.0.0.1:9999:9999']
sunet::fticks:
args: -j
url: http://127.0.0.1:9999/telegraf
autoupdate:
eidas_log:
sunet::rsyslog:
udp_port: 514
log-1.test.sveidas.se:
autoupdate:
sunet_iaas_cloud:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
eidas_log:
eid::telegraf:
sunet::rsyslog:
udp_port: 514
eidastest-1.qa.sveidas.se:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
sunet_iaas_cloud:
autoupdate:
eidastest:
sunet::frontend::register_sites:
sites:
'api.swedenconnect.se':
frontends:
- 'sthb-lb-1.sunet.se'
- 'tug-lb-1.sunet.se'
port: '443'
'^relay-[0-9]+\.swedenconnect\.se$':
sunet_iaas_cloud:
autoupdate:
eid::relay:
sunet::server:
sshd_config: true
ssh_allow_from_anywhere: false
idm-sto[13]-test-db-[123]\.komreg\.net:
autoupdate:
sunet::dockerhost2:
nat: false
eid::idm_db:
idm-sto[13]-test-redis-[123]\.komreg\.net:
autoupdate:
sunet::dockerhost2:
nat: false
eid::idm_redis:
idm-sto[13]-test-app-[123]\.komreg\.net:
autoupdate:
sunet::dockerhost2:
eid::idm_app:
sunet::frontend::register_sites:
sites:
'test.idm.eidas.swedenconnect.se':
frontends:
- 'fe-fre-1.test.komreg.net'
- 'fe-tug-1.test.komreg.net'
port: '443'
idm-sto[13]-qa-app-[123]\.komreg\.net:
autoupdate:
sunet::dockerhost2:
sunet::frontend::register_sites:
sites:
'qa.idm.eidas.swedenconnect.se':
frontends:
- 'sthb-lb-1.sunet.se'
- 'tug-lb-1.sunet.se'
port: '443'
eid::idm_app:
idm-sto[13]-qa-db-[123]\.komreg\.net:
autoupdate:
sunet::dockerhost2:
nat: false
eid::idm_db:
idm-sto[13]-qa-redis-[123]\.komreg\.net:
autoupdate:
sunet::dockerhost2:
nat: false
eid::idm_redis:
### QA environment ###
connector-qa-sto1-1.komreg.net:
autoupdate:
sunet::dockerhost2:
eid::connector:
environment: qa
session_backend: memory
use_hsm: false
version: 2.0.4_hsm2_ubuntu
sunet::frontend::register_sites:
sites:
'qa.connector.eidas.swedenconnect.se':
frontends:
- 'sthb-lb-1.sunet.se'
- 'tug-lb-1.sunet.se'
port: '443'
log-qa-sto1-1.komreg.net:
autoupdate:
sunet::dockerhost2:
eid::telegraf2:
server_type: 'log'
ports: ['127.0.0.1:9999:9999']
sunet::fticks:
args: -j
url: http://127.0.0.1:9999/telegraf
sunet::rsyslog:
udp_port: 514
udp_client:
- 89.47.185.121/32 # proxy-qa-sto1-1.komreg.net
- 2001:6b0:5a:4020::ea/128 # proxy-qa-sto1-1.komreg.net
- 89.47.184.242/32 # connector-qa-sto1-1.komreg.net
- 2001:6b0:5a:4020::12b/128 # connector-qa-sto1-1.komreg.net
eid::log:
proxy-qa-sto1-1.komreg.net:
autoupdate:
sunet::dockerhost2:
eid::telegraf2:
server_type: 'proxy'
eid::proxy:
version: 3.0.10_hsm2
service_name: qa.proxy.eidas.swedenconnect.se
environment: qa
use_hsm: false
sunet::frontend::register_sites:
sites:
'qa.proxy.eidas.swedenconnect.se':
frontends:
- 'sthb-lb-1.sunet.se'
- 'tug-lb-1.sunet.se'
port: '443'
testmyeid-qa-sto1-1.komreg.net:
autoupdate:
sunet::dockerhost2:
eid::test_my_eid:
environment: qa
service_name: qa.test.swedenconnect.se
version: 3.1.1
sunet::frontend::register_sites:
sites:
'qa.test.swedenconnect.se':
frontends:
- 'sthb-lb-1.sunet.se'
- 'tug-lb-1.sunet.se'
port: '443'
### TEST environment ####
'^connector-test-.+-\d+\.komreg\.net$':
autoupdate:
sunet::dockerhost2:
eid::connector:
environment: test
version: 2.0.5_hsm2_ubuntu
sunet::redictcluster:
hostmode: true
tls: true
maxmemory: 1gb
maxmemory_policy: volatile-ttl
automatic_rectify: true
sunet::fleetlock_client:
sunet::frontend::register_sites:
sites:
'test.connector.eidas.swedenconnect.se':
frontends:
- 'fe-fre-1.test.komreg.net'
- 'fe-tug-1.test.komreg.net'
port: '443'
'^eumdpub-test-.+-\d+\.komreg\.net$':
autoupdate:
'^eumdpub-test-sto3-.+-\d+\.komreg\.net$':
autoupdate:
eumdsigner-test-sto3-1.komreg.net:
autoupdate:
sunet::dockerhost2:
sunet::metadata::metadata_repo:
hostname: r1.komreg.net
repo: komreg-metadata.git
id_file: eumdsigner-test-sto3-1.komreg.net
signed_repo: true
sunet::metadata::pyff_compose:
pyff_imagetag: 2.1.3
pyff_pipeline: eidas-test-ng.fd
pyff_update_frequency: 1800
hsm_client: true
luna_imagetag: 7.4-dev
sunet::metadata::mdqp:
imagetag: v2023-11-13-02
mdq_service: http://pyff_pyff_1:8080
eid::de_client:
path: '/var/cache/metadata_r1.komreg.net'
log-test-sto3-1.komreg.net:
autoupdate:
sunet::dockerhost2:
eid::log:
sunet::rsyslog:
udp_port: 514
eid::telegraf2:
server_type: 'log'
'^proxy-test-.+-\d+\.komreg\.net$':
autoupdate:
sunet::dockerhost2:
eid::telegraf2:
server_type: 'proxy'
eid::proxy:
version: 3.0.10_hsm2
service_name: test.proxy.eidas.swedenconnect.se
environment: test
sunet::frontend::register_sites:
sites:
'test.proxy.eidas.swedenconnect.se':
frontends:
- 'fe-fre-1.test.komreg.net'
- 'fe-tug-1.test.komreg.net'
port: '443'
testmyeid-test-sto3-1.komreg.net:
autoupdate:
sunet::dockerhost2:
eid::test_my_eid:
environment: test
service_name: test.test.swedenconnect.se
version: 3.1.1
sunet::frontend::register_sites:
sites:
'test.test.swedenconnect.se':
frontends:
- 'fe-fre-1.test.komreg.net'
- 'fe-tug-1.test.komreg.net'
port: '443'
Reference in a new issue View git blame Copy permalink