Rolling back some custom things i naemon_monitor

global/overlay/etc/puppet/cosmos-rules.yaml

@@ -63,3 +63,8 @@ monitor-dev.cert.sunet.se:
       - bjorklund@sunet.se
     default_host_group: sunet::nagios::nrpe
     nrpe_group: sunet::nagios::nrpe
+    naemon_extra_volumes:
+      - '/opt/naemon_monitor/shibboleth2.xml:/etc/shibboleth/shibboleth2.xml:ro'
+      - '/opt/naemon_monitor/frontend.xml:/etc/shibboleth/frontend.xml:ro'
+      - '/opt/naemon_monitor/attribute-map.xml:/etc/shibboleth/attribute-map.xml:ro'
+      - '/opt/naemon_monitor/attribute-policy.xml:/etc/shibboleth/attribute-policy.xml:ro'

global/overlay/etc/puppet/modules/soc/manifests/naemon_monitor.pp

@@ -31,7 +31,6 @@ class soc::naemon_monitor (
   Optional[Boolean] $receive_otel = false,
   String $otel_retention = '2232h',
   String $acme_provider = 'acme-d',
-  Boolean $custom_shib = true,
 ) {
   include sunet::systemd_reload
 
@@ -99,30 +98,6 @@ class soc::naemon_monitor (
     sunet::snippets::secret_file { '/opt/naemon_monitor/shib-certs/sp-key.pem': hiera_key => 'shib_key', mode => '0444' }
     # assume cert is in cosmos repo (overlay)
   }
-  if $custom_shib {
-    file {
-      '/opt/naemon_monitor/shibboleth2.xml':
-        ensure  => file,
-        content => template('soc/naemon_monitor/shibboleth2.xml.erb'),
-        mode    => '0444',
-        ;
-      '/opt/naemon_monitor/frontend.xml':
-        ensure  => file,
-        content => file('soc/naemon_monitor/frontend.xml'),
-        mode    => '0444',
-        ;
-      '/opt/naemon_monitor/attribute-map.xml':
-        ensure  => file,
-        content => file('soc/naemon_monitor/attribute-map.xml'),
-        mode    => '0444',
-        ;
-      '/opt/naemon_monitor/attribute-policy.xml':
-        ensure  => file,
-        content => file('soc/naemon_monitor/attribute-policy.xml'),
-        mode    => '0444',
-        ;
-    }
-  }
 
   $thruk_admins_string = inline_template('ADMIN_USERS=<%- @thruk_admins.each do |user| -%><%= user %>,<%- end -%>')
   $thruk_users_string = inline_template('READONLY_USERS=<%- @thruk_users.each do |user| -%><%= user %>,<%- end -%>')

global/overlay/etc/puppet/modules/soc/templates/naemon_monitor/docker-compose.yml.erb

@@ -58,12 +58,6 @@ services:
       - '/opt/naemon_monitor/shib-certs:/etc/shibboleth/certs'
       - '/opt/naemon_monitor/data:/var/lib/thruk'
       - '/opt/naemon_monitor/menu_local.conf:/etc/thruk/menu_local.conf'
-<%- if @custom_shib -%>
-      - '/opt/naemon_monitor/shibboleth2.xml:/etc/shibboleth/shibboleth2.xml:ro'
-      - '/opt/naemon_monitor/frontend.xml:/etc/shibboleth/frontend.xml:ro'
-      - '/opt/naemon_monitor/attribute-map.xml:/etc/shibboleth/attribute-map.xml:ro'
-      - '/opt/naemon_monitor/attribute-policy.xml:/etc/shibboleth/attribute-policy.xml:ro'
-<% end -%>
 <%- @thruk_extra_volumes.each do |extra_volume| -%>
       - "<%= extra_volume %>"
 <%- end -%>

monitor-dev.cert.sunet.se/overlay/opt/naemon_monitor/shibboleth2.xml

@@ -11,7 +11,7 @@
     -->
 
     <!-- The ApplicationDefaults element is where most of Shibboleth's SAML bits are defined. -->
-        <ApplicationDefaults entityID="https://<%= @domain %>"
+        <ApplicationDefaults entityID="https://monitor-dev.cert.sunet.se"
                          REMOTE_USER="eppn subject-id"
                          metadataAttributePrefix="Meta-">