summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJohan Lundberg <lundberg@nordu.net>2015-04-28 14:00:20 +0200
committerJohan Lundberg <lundberg@nordu.net>2015-04-28 14:00:20 +0200
commit15dba620b3b2702d7707087279677d9dcfb92fbb (patch)
treeaee530dc85a6dc656c640085359198d08f0bb3f5
parented5f3a1b427814c9a7bc21fd0617dc922e93a5e0 (diff)
Added flog files.sunet-ops-2015-04-28-v03
-rw-r--r--global/overlay/etc/puppet/manifests/cosmos-site.pp13
-rw-r--r--global/overlay/etc/puppet/modules/sunet/templates/flog/dotenv.erb18
-rw-r--r--sto-tug-kvm2.swamid.se/overlay/etc/hiera/data/secrets.yaml.asc94
-rw-r--r--sto-tug-kvm2.swamid.se/overlay/opt/flog/nginx/certs/flog.sunet.se.chained.pem118
-rw-r--r--sto-tug-kvm2.swamid.se/overlay/opt/flog/nginx/sites-enabled/flog51
-rw-r--r--sto-tug-kvm2.swamid.se/overlay/opt/flog/postgres/ssl/certs/ssl-cert-snakeoil.pem18
-rw-r--r--sto-tug-kvm2.swamid.se/overlay/opt/flog/postgres/ssl/private/ssl-cert-snakeoil.key28
7 files changed, 293 insertions, 47 deletions
diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp
index b7b1601..f2d532a 100644
--- a/global/overlay/etc/puppet/manifests/cosmos-site.pp
+++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp
@@ -698,6 +698,7 @@ node 'cdr1.sunet.se' {
node 'sto-tug-kvm2.swamid.se' {
class { 'sunet::nagios': }
+ $postgres_password = hiera('flog_postgres_password', 'NOT_SET_IN_HIERA'),
file {'/var/docker':
ensure => 'directory',
} ->
@@ -747,6 +748,18 @@ node 'sto-tug-kvm2.swamid.se' {
group => 'www-data',
mode => '1775',
} ->
+ file { "/opt/flog/nginx/certs/flog.sunet.se.key":
+ ensure => file,
+ path => "/opt/flog/nginx/certs/flog.sunet.se.key",
+ mode => '0640',
+ content => hiera('server_cert_key', 'NOT_SET_IN_HIERA'),
+ } ->
+ file { "/opt/flog/dotenv":
+ ensure => file,
+ path => "/opt/flog/dotenv",
+ mode => '0640',
+ content => template('sunet/flog/dotenv.erb'),
+ } ->
sunet::docker_run {'flog_db':
image => 'docker.sunet.se/flog/postgresql-9.3',
volumes => ['/opt/flog/postgres/ssl:/etc/ssl', '/var/docker/postgresql_data/:/var/lib/postgresql/','/var/log/flog_db/:/var/log/postgresql/'],
diff --git a/global/overlay/etc/puppet/modules/sunet/templates/flog/dotenv.erb b/global/overlay/etc/puppet/modules/sunet/templates/flog/dotenv.erb
new file mode 100644
index 0000000..bcd167b
--- /dev/null
+++ b/global/overlay/etc/puppet/modules/sunet/templates/flog/dotenv.erb
@@ -0,0 +1,18 @@
+ALLOWED_HOSTS='flog.sunet.se flog_app.docker 192.36.125.10 2001:6b0:7::10'
+EDUROAM_META_DATA='/opt/flog/institution.xml'
+SENTRY_DSN='https://1ac5a19b73d04d91995055a81710e537:c31c3e5a162f477e8d6a9665aa134f8a@sentry.nordu.net/4'
+EMAIL_HOST='localhost'
+EMAIL_HOST_PASSWORD=''
+EMAIL_HOST_USER=''
+EMAIL_PORT=''
+DB_ENGINE='django.db.backends.postgresql_psycopg2'
+DB_NAME='flog'
+DB_USER='flog'
+DB_PASSWORD='<%= @postgres_password %>'
+DB_HOST='flog_db.docker'
+DB_PORT=5432
+#CACHE_BACKEND='django.core.cache.backends.db.DatabaseCache'
+#CACHE_LOCATION='flog_cache_table'
+CACHE_BACKEND='django.core.cache.backends.memcached.MemcachedCache'
+CACHE_LOCATION='memcached.docker:11211'
+STATIC_URL='/static/'
diff --git a/sto-tug-kvm2.swamid.se/overlay/etc/hiera/data/secrets.yaml.asc b/sto-tug-kvm2.swamid.se/overlay/etc/hiera/data/secrets.yaml.asc
index 5cdc3a3..6b95b71 100644
--- a/sto-tug-kvm2.swamid.se/overlay/etc/hiera/data/secrets.yaml.asc
+++ b/sto-tug-kvm2.swamid.se/overlay/etc/hiera/data/secrets.yaml.asc
@@ -3,51 +3,51 @@ STATUS=UPDATED
-----BEGIN PGP MESSAGE-----
Version: GnuPG v2.0.22 (GNU/Linux)
-hQEMAyGs6dShF77JAQf/YDLkkTJLoT8J5gARAd6lruwbf4WReiwildX+cPIjqLcY
-k/y/12O6A1E1n84t8erFmgUAnxXOGVPCsrX1CJF7iZVi4HQaXc0O9uGkXfmTA+ra
-hcgGlaU7k5O0adligh3//aG72Jq4Nqe1GNbFPGFzmeWmz0vu5ELaZ+QCSmnvLQ/z
-BHiKj8PJA93KzTq39ittLrlaoT0nHxq9WhDzv/CkrMxAyyRrQZLFVCTQFBd6H+N0
-gissuFu7H+ve5FcT+9ZZtsb0Vzli87gxMZRnlLtrccO58hc/rwdMJVowgN+MmlQP
-kHsyVLHjBaS28TWW0dieRiHkzcs1lWnxLgV4CZhNGdLqAW/oTCQ4vMbAsjfmk5X2
-zNqLTJyEDsK4dr2qDZ5aRXvLqvcZd1CIxVfMeKuXl7o3Hzwyk2nktjT9pLS7YrPN
-dlYNL/ub9bv66yqYCUBBdR0Z5IRdvFWh9QhYluGUyN9f1ix3fiyEg/0SqNSTIwx5
-lSpHyimogP92fwIc13WeMCSFWWbx4C7O4UZkNALfr19ooKT8X4sXGOoCkDmpLHTW
-GkGbxqxIQ5DrPZaoGxRYjRDZkggIgylrfzUe79uIu+S+cvpsR4XZ3l2CfkGzQN1p
-wyKS5vFzKtsILDSEnR0JwTXz33ngQH+crSB8+ZJU+1qsw3noCZkm8M28TzXal+ec
-dcYwNRu3cMmvWoME+jHbRbkOblU9oVJCE7nexOMbXh1W16cPJPrqHANoSrSwZhS7
-O0ZPKxUVfneaF8BdV4W2xIzZVPHMOw47spVDBwL+cIWvuSN3x6QBhVh+bjl8tK/f
-TewQ2OJIjjbQMNKAvsVun7WJp3T5R1ncTgWDOZJpmtPioO1SyrI9vapZXRGQjBWB
-uei24UhZ6FrgzDPesUPg8SYZ5GYOV4rPHpiT0XY1HL7KlyP3MFotRJvML5AdWM1K
-gYVvlTHqSaUSmDT4bc3xJG5p7vqqkCyZuTYgmELwEvb29VaHF2Y88DrHgaQJnEFg
-J57DZEns7SgWu97Qnufl2FqQOZRB70+HAesZASlBrBKMnyw5v2SwcFYOQh9B+4WU
-qAdaZnesU92u56ohAUl55Id2rKneZoWjY4CwuCJQOmoXJr73CyIpAITMp5SXV84o
-TH4awqsal/P9YiwcKpG9FMSerXqlb3UankTKqH0s1GAJEpb/7a6dWw+UOr7J/WgP
-i9IVcOOjVtstIQoVGociShrU+J9YwTwcvGxlG82CzgpjfZgwyjYSPUD2Gf58aeZl
-q23rGXZ6+JzqXmNRP281E0sLIsXAz6+S9H8ndx7K+GFiN8CMomthVuWosN90vW46
-svSdtLKi5f7DoWC9nP1KXIVgl4eSOX+4wmiRWgyhH3bgieCdX7Ze92Dp84oJXrTZ
-vBWP5bT5lNM48p5G2lkbmZ0lOKJ3yVu0mjGr3wbA1up624WffKLM6qPkwN4iFsbR
-SorKX8o4XJ9nGsfyjW2T5Y+xX8Xe6SiDwdi6l5XXTnsSWwbVljK4jhcUJzXc/Xla
-OZ0kw4RVpSUJe2kV52XUcSgefKiBWh+b37VuNfe2h2Sr8T9bINqsKEmypbGuEbj4
-/osx2TraueM0EDxOtTNUvX/iGEA9BxSVDGsns+67S6FEzZArFZUPeTCXHASpeQAt
-9beKz8sxfNfXQxlkVAxy4WKgq7JtGEiBPlW7HYfiImiI/iAXDv7JSgUnJnETSy+A
-eekLNxqwaxQFb7tvo6ljxIyK9XdwN72XSQhcCt5VVPvt2kDmf/bclzEEH9/3WpVQ
-PtkB8Kk4T7UnPq7UF374rz/e+6OB1gLbGI4AgHAhb0QUOhCQZoRtPxJDzg8WeGml
-FXefobH5ibIejreTZgzMKL15/kQEsSyV7GEagiEE1RXdulo4vRZH+ufGeIbblwMh
-x7/SCeAuuaksrz460gILuyiAJmZKpE1uEH7c75NquHlLs5fGCqjcWSiKoacXagYu
-CX2KVC0H9loQ4JoSSGj4W+df0td358tW2aV1S4kx1TNl0zKZ6rh6dog/MozDvaZW
-W8aWSKE/bQxqFOW7mwZ5oZHLHOfavhJ4W6K3qTAHX3XKIV/477+fnOYxl0GEbuKX
-EDAozcdQXd694CBrYx8Gs2Uz6rLJUpdtnd+KC8hGUb4W9TMuOFDmzJCk1RQYcrj8
-MEecAk9Of3J6XlYlSc5OK1CIj0NGeg0UYF/dRURYjj0raWFjUmLhRPkHLXIY80r2
-6YRGwPQiwzTGegP+T/elohmlgCxoncsuQiCAM5gicvtDhoNOl72q+6Mdk3bDJaI6
-fRUVx7DSQUbM8Kntlr109ubsM+ww/D4m1RuIjWsgJYk14elCbQTk5cH0FMwtJh6o
-DZOgaO3NwuTiop7IH+9aLCpVIWrAQHbqhK0DKlZiDqwWQMCofxKO0Kj5+gP/CR+p
-HORz7SORX9/KRylQ2KMMOj7y20Z3+y+a5xZLGBsE4gOccYZcoAivnV26+ojP+0rn
-w9R67NA36VTgRplWouwosSwdzIQ+1mtxzknn3OpL6uUZJr59yWuvIw9HsecJ8IJS
-B0FaHkJ6HhdHwrorePf+hf7oVqWDvONmploEjgcwcJspIHzjWMI0+jsXckp5Di37
-SmyFzmxNQFz3SpTRplVyO6EZzUZ9m6V1MCddjpZLOYvGR4TTza1j+7fgg5+s95JL
-9Z1BR/1MhY6PxlotNBehMeUdcnCX4ldzBGWRhWsriXEFQNES+5lR6qlT4WJtQSjQ
-7E4liEswOByDpgrG6MNgiGlfQrhuwoYCCHJkKbC+52nYfechMXhyo4asKfLJZotW
-E0yBYnYemBshEEo7f10GNLYMw6tPqOJ+EjxHMMJnLfxnvS+W6xBekhe8wh8py06L
-e+ItKfTpQDkh33A3
-=adTJ
+hQEMAyGs6dShF77JAQf/UGSNK7RoyAu2WnA1EMVP02aVuvJHGAqy0OjT8dhN9KGH
+wlkI9k+VKt8wLV9Pm450Jth2SWN8BzK+05hlHmQGJg73yLExCB9fENHZoLpkMHFf
+XQMJWyTFP+0cqsv4gCeMyjKX85OH/n2EHfCp5cb5wnK+e7nDK6V5YZJDiZSFy6PX
+pF5oGQkpmD1mjy4ip463rJsYNN/6DEzjKd5zjigJGUoXC48sC72spoixa1kh40Hn
+UsT511DOOAB54qHeqADXZXVwenP84SAchKtfQsHgPdEknuNSnFkwLnhcrME2YwtK
+VJhghTmnLaQtFBj9H3rPJwAutjel3CF2IBIepGeontLqAa94HIQ6c2H9ntVheEJN
+gBrAV4Z/6GP9bFZkZFbk2C6aLcbus77mPsbc0wU8itrrhGXZSmcivJkFjJGgHpBg
+glhAyPxyVK5nqnfvFUs1hld4CifkNAFiDFqYUzA6Visxss8Xk1V98qs48KtBNQgs
+ztTdNvTJgHQ5CQX3nV/thrpbHxlV5oftsKEs0u0+z5V7Nzna/czk5kma/B+UJksA
+klXovyS945WVe9gyHuizNImXK234ObNDnw5Xwuq0Or/epQn2Yp8ZV3NXNzYfKwv0
+xRpDmqChusZecmIJ6oExz/lyUicejlxe7QzQJfljs7gGEv+AgtTDEeT1PTyA0NLU
+bCouUP86qs6bsDuZBZbsjbl3xnI8+x74YWIBNNw2ICyxaP3quOciDwhHL05sF+fL
+XDT5ZpnisuuFJvOSwTRnR+U//c0Nza1wvv+5NdSP4wSjMXdSYrbq93PVrK5zE/Tq
+pZmmXU7cCzVh4pZlgoUz0RQq4zKWlN7lLiK2V/5x6Dyay8sUNA/MdkEj5J/cdw/c
+s8zAAM+kr3VoCSvcC5c87HQpOPbT2xXTPEKqTCbXvbaRQ803C616gO58xCdm6kwX
+xICnIt7AxMi+29GOwFgFKKLAmfBOeRa/6DAFTVE6x65QBCMR2u1+dUDOTBGMbyH9
+Cku0oXh9LDz/lO1lS7eVB9ef4z/ir4gNLgztKycHiSKvtAxnRZ/mkcfO/kUSZtEY
+1147ZtfipcIAsbViIW6rrCGgZalDMcIgWgr+62SDmsFZhmN3hTvklKPA1YcN9X+N
+yYdDb9d5q0g4cRKiWGE8Fnb5M0QpmOsjCfJQiEY02bZUZEjguNWfuCYjTs6PqFc9
+YtNhtVIVer90lvub2O1dp+bHWeTYQkxWJGAbVVQSvm9210GvjIIDcUtPKJ81Ca7A
+2Hk3PAI8VHDdJ6t36gulX5l/CEM+bdC6Aju3VkmErhF0YW1SgW4LRiwVruDtSa2m
+mm5n7f+q9frHY83MYRaQ5WrQl1E+7HxX5oij2dGKUsHoHK5KSrUryBKlN/D16jBF
+O2INTBi31YvOGkZ7tONuSPAJ4Vq6USIJhvld/ctQCA5QimsKQbw2p6JTp29IA73h
+hIJoGH1M2iVtEDxe5xPiZ3W+k6/S9mktX6lW2f2elutbrY6dLIfb7VM/IYfHNWRb
+uZbn7cNjYq0fVRXHN7SGn0W7BMNX7FFaZ9yqQjMFXxZzXhrtvf6nWrGvZkHIknua
+hET+8QDhSTbR/NiUJf2k0zhtO6MSn5E6qmVA5OzmCW+UcXUfrX8EOPA8cR1RvDjQ
+wiO+APx6M4O+ePsT82JNjRpWPBs6f2Me3fkXxvjZa+XWaHQdjtwnkS6dekYP4yFA
+mulHxwtLV/2u4cYfzqdnrRWKFZSmHpIkccdgnvatOK7LGShXQuCXAeUjMG/Im0Ni
+N5O/SYwgGAQQFTQiDDx/R8/LUzqyudsgeMI3/j1kQSmCgY+0jqRR+l9K4NVJMZHd
+pW3NEujQbrxLFqHxZVYNdZaDBKpIwHpiPMzlheQsja/iT3mqId0tPupqq9sxdcjU
+IArohGICbl5nTCFoGoxA81g0ZGZJMewf+eZDRQQCsgYSt2DbixgjR7Vh0WgBxuY2
+DURw2fNdfGUIMYwsMJMhNuyDKBNaD8dEUzMd2noYBmWPDyVvene24F56JuGYC0lj
+gih8szBR1DEl4LG97z8u/KUa5f9CsmL6w7yLdPPHmNVw4rfkLFH8WyXqJZ6PfgrF
+1Lpgf54sBYjiZ5Dkyw4qpi68bqifCk363kyYLrfGx/5EMw4TDsvvjVYrK9160mFf
++E+4zWORMajUDpNhbfugIAn78+M4ELCFUIyszAniZMk02srOxfjcZCd+TBIobqEz
+ttbZrYZKS/fgD2p5u73mYFb8ehuQDaJcMhe/NzFHjOsiAyB+CEc1jTgW6KBNJHVZ
+tIhB2lVTeo8XmgV9zugvpCTFwGl5CIwP0inDx2EbLfgppkwBRzoxGiKHO1m/w3Do
+rUGGgEjo6nQKcRdJn99lNDBDCGXWmuDuw0sBXfnJ/APKDcCsPei6ZFX9tRRF0M60
+y/Anj2hW1IgteOVK/gOG11UY9Bnm72xOCYjmHqlaFu0tVTcDAo/X1hML14eeiIjt
+KBMCAkSF5UQ/+uyXG0I6hkER7/hd5qgWEPKv00EZrxbYEOJRT5qJLa4O4gD4AmfX
+jR+C/40+hmMXiOLM1MpaiN7S3jNVYIzPP+sZ87U42B5FZJzgNVogJ3CznQgCxDEw
+hPnzEhQ9hyR6gugQhZT7nAwdZdWMMxgTjFLFgsyLOd0W7M9UjKEL4c2MsMZ1YWsm
+rl7Alh4xb4ywFnqQFqhz7GiU5PGctb3YgwoZf5FjzHsDAOOkNu+Wz2xv7B+YmTK+
+FbsnT7fRBfLThOTFWakd6jtFoHtV1lZCtgMwbJ1EnJDssQk8B/hFfwN1Y1pZe+Xc
+J5S0ijnfo4T1hkzsAQ3YSQhH6PK6XnG2YE0gfRSyCnMfaG+JPiTdD7yqctHHJevI
+472Dq598G9J2e8MNj4NccQ==
+=3Gc8
-----END PGP MESSAGE-----
diff --git a/sto-tug-kvm2.swamid.se/overlay/opt/flog/nginx/certs/flog.sunet.se.chained.pem b/sto-tug-kvm2.swamid.se/overlay/opt/flog/nginx/certs/flog.sunet.se.chained.pem
new file mode 100644
index 0000000..d147e46
--- /dev/null
+++ b/sto-tug-kvm2.swamid.se/overlay/opt/flog/nginx/certs/flog.sunet.se.chained.pem
@@ -0,0 +1,118 @@
+-----BEGIN CERTIFICATE-----
+MIIElDCCA3ygAwIBAgIQW0iA3AfO7pg3xCopsSGlfDANBgkqhkiG9w0BAQsFADBk
+MQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJ
+QW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wg
+Q0EgMjAeFw0xNTA0MjgwMDAwMDBaFw0xODA0MjcyMzU5NTlaMDsxITAfBgNVBAsT
+GERvbWFpbiBDb250cm9sIFZhbGlkYXRlZDEWMBQGA1UEAxMNZmxvZy5zdW5ldC5z
+ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOcr6JxiW6Jyp0M/TEv1
+ibCEY1Xla+gMw/QjXW+wgO/sqf0atnC905a6H4lzzlkMGkfF4jBLJjrprXyg/zzE
+HyUi/nUBtsEvwu4+/sCYscyZhGlubNWRFXaD1u+V37/M+EQtDfZSxsSvrVrxBGGi
+dvlsZcFbtkh+cT2vcq9V5s4gGF7ik1jjTA6dWXEeFVlSGuIsYaoDwbFEsb7rcRSD
+tn6lze6Wry6YmWG+i3vL/IgM03/gQPVarUM6I2e6gJHnMwOhR1o1laSapcOndkad
+Jaf2xMzYUbPZiak/FUV3BtYV7+LtpaK4ftH5ARQrZ4SZKqrfsVAmJZqyWalsi761
+8W8CAwEAAaOCAWkwggFlMB8GA1UdIwQYMBaAFFvQihyaMlvgtd2WVBvhhiiw/ba9
+MB0GA1UdDgQWBBSjvEWwoHh2uq0IKI9ZAnfCbEhb3jAOBgNVHQ8BAf8EBAMCBaAw
+DAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYD
+VR0gBBswGTANBgsrBgEEAbIxAQICHTAIBgZngQwBAgEwOgYDVR0fBDMwMTAvoC2g
+K4YpaHR0cDovL2NybC51c2VydHJ1c3QuY29tL1RFUkVOQVNTTENBMi5jcmwwbAYI
+KwYBBQUHAQEEYDBeMDUGCCsGAQUFBzAChilodHRwOi8vY3J0LnVzZXJ0cnVzdC5j
+b20vVEVSRU5BU1NMQ0EyLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNl
+cnRydXN0LmNvbTAYBgNVHREEETAPgg1mbG9nLnN1bmV0LnNlMA0GCSqGSIb3DQEB
+CwUAA4IBAQBf7JaNrj4SchK4QxvnCtCYh6ct0sjYZHtSYqQsd/kFtLbQhT8h8MTk
+FtJWEyfuqcmiWT3eyPPcP0GsH7LLTJOzptjzUXHbs4m/zvN/JtvfxXwZV8xBtoGJ
+rXo9OE+8G0xbY9mFfVblkqk52rPuHOUHCTRga9Tcc+QW7cKA2BDCWRuJKb6Qytx1
+x0qJKpF/e8u52/FXLG+OpZdw92ZekPYQTQwiZ/maOro2bX8E/x0lm15zvqIMpryy
+s0B/7dMMbc3teS1rxnvKojJ4WU3+7Yzy/Pp+as8jymaalrJoCNdkQORrZiaFawKY
+B694Wc0N9VkL+JBjU39KV/3itTA9b1lY
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF+TCCA+GgAwIBAgIRALD/zzodgkSYFWKdZIhqQWUwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE0
+MTAwOTAwMDAwMFoXDTI0MTAwODIzNTk1OVowZDELMAkGA1UEBhMCTkwxFjAUBgNV
+BAgTDU5vb3JkLUhvbGxhbmQxEjAQBgNVBAcTCUFtc3RlcmRhbTEPMA0GA1UEChMG
+VEVSRU5BMRgwFgYDVQQDEw9URVJFTkEgU1NMIENBIDIwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQCwOm1/qbgAnvOFOghkLPlEDCC0sxVNBi2m8JPJSL73
+ZK2kjhWzMYEUF/xu4osZdYs2Es8HbXZ4Jl4nvywWukL73R5Qj2SvdZsKOoKpMSVR
+jn/EQt0fXJORu5T6cFf65/24uGjKm2oZJFQ3/jJhifciwY9j1dFpfklNvNfQ20zW
+9g+9wYhCk9aR+Z+WmRHqbnLngCFs8U6O7GO4Pa9lOdCFkip5Og7W6K2bJYmi1C5y
+a3Oh0uLfzlhw/8BUAXdd+XadL0PaoibdHUKaTTixVv46tMtrbPJqnz+zrjun0BU+
+rCd/G/RZYFBWfp11JZ4/xna//5nM2PGpaolf3ucHzY2LAgMBAAGjggF/MIIBezAf
+BgNVHSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUW9CKHJoy
+W+C13ZZUG+GGKLD9tr0wDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCwGA1UdIAQlMCMwDQYL
+KwYBBAGyMQECAh0wCAYGZ4EMAQIBMAgGBmeBDAECAjBQBgNVHR8ESTBHMEWgQ6BB
+hj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNh
+dGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNo
+dHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5j
+cnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZI
+hvcNAQEMBQADggIBAH2QaWZWVBxrPK5/JQgT6btkbPVniC+9wVEKrtNj9i3bcDEJ
+AH4di9rkMyGY4CGT28COJY5VBswqZeMD6FlyJ643mph8wvQTWhJxLW2r3zJpgacG
+oosgHaiQ0iiqYdT2/6W/hoCOZ5EqIn4dlC0aYbsgIZCJ6NUKEQr2CLpeG8tsKIU+
+xRYPZf230bFhwaYl2Ia/Dvqb+tH1IqdnuBUu+Qitt3UCOfQpYfm/wKoX60LeJo+d
+ZWQyB95sPTLTA+xH1XRpIDp+uHDvqaIqnFVCtuM+i9j/Jlr7fCZsiIWG15M+UPhE
+h9RQ0R1DMDK60rqNIQjK9+7Gbs6SWQgcU3N0j5z4160avk1G7qzEuYHrp1DMHWb8
+Dg1+Bh24DtN+u5qHrgu2m4QEzsGgexbfArIYQ62ruSYJq6oEHVA37iq9IkGKALXc
+n8MF1OaCTGfaKwL1ZaxZKbt6DE5Ut9I7fQM7IGTGxehQKpKwX6BHl3JYX8EKb5/1
+PQnV5whodZLi1biej76NGztDjPNO1VSrdu3MUH8ume20tUn643V9ixFoDdU6+l1Q
+sCuBA3gstNuPv0xAW5KjohoKQV2sV/puV070B1XrYwgykwAkSl2dwsFSKJPByCQa
+ppP7zX0/pnO8z2ideWMu5yUrQjg2sQtWwopf965KMdnfagbNL6OYCbwFgBPH
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFdzCCBF+gAwIBAgIQE+oocFv07O0MNmMJgGFDNjANBgkqhkiG9w0BAQwFADBv
+MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk
+ZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBF
+eHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFow
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjAN
+BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAgBJlFzYOw9sIs9CsVw127c0n00yt
+UINh4qogTQktZAnczomfzD2p7PbPwdzx07HWezcoEStH2jnGvDoZtF+mvX2do2NC
+tnbyqTsrkfjib9DsFiCQCT7i6HTJGLSR1GJk23+jBvGIGGqQIjy8/hPwhxR79uQf
+jtTkUcYRZ0YIUcuGFFQ/vDP+fmyc/xadGL1RjjWmp2bIcmfbIWax1Jt4A8BQOujM
+8Ny8nkz+rwWWNR9XWrf/zvk9tyy29lTdyOcSOk2uTIq3XJq0tyA9yn8iNK5+O2hm
+AUTnAU5GU5szYPeUvlM3kHND8zLDU+/bqv50TmnHa4xgk97Exwzf4TKuzJM7UXiV
+Z4vuPVb+DNBpDxsP8yUmazNt925H+nND5X4OpWaxKXwyhGNVicQNwZNUMBkTrNN9
+N6frXTpsNVzbQdcS2qlJC9/YgIoJk2KOtWbPJYjNhLixP6Q5D9kCnusSTJV882sF
+qV4Wg8y4Z+LoE53MW4LTTLPtW//e5XOsIzstAL81VXQJSdhJWBp/kjbmUZIO8yZ9
+HE0XvMnsQybQv0FfQKlERPSZ51eHnlAfV1SoPv10Yy+xUGUJ5lhCLkMaTLTwJUdZ
++gQek9QmRkpQgbLevni3/GcV4clXhB4PY9bpYrrWX1Uu6lzGKAgEJTm4Diup8kyX
+HAc/DVL17e8vgg8CAwEAAaOB9DCB8TAfBgNVHSMEGDAWgBStvZh6NLQm9/rEJlTv
+A73gJMtUGjAdBgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/
+BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0gBAowCDAGBgRVHSAAMEQGA1Ud
+HwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9BZGRUcnVzdEV4
+dGVybmFsQ0FSb290LmNybDA1BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAGGGWh0
+dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggEBAJNl9jeD
+lQ9ew4IcH9Z35zyKwKoJ8OkLJvHgwmp1ocd5yblSYMgpEg7wrQPWCcR23+WmgZWn
+RtqCV6mVksW2jwMibDN3wXsyF24HzloUQToFJBv2FAY7qCUkDrvMKnXduXBBP3zQ
+YzYhBx9G/2CkkeFnvN4ffhkUyWNnkepnB2u0j4vAbkN9w6GAbLIevFOFfdyQoaS8
+Le9Gclc1Bb+7RrtubTeZtv8jkpHGbkD4jylW6l/VXxRTrPBPYer3IsynVgviuDQf
+Jtl7GQVoP7o81DgGotPmjw7jtHFtQELFhLRAlSv0ZaBIefYdgWOWnU914Ph85I6p
+0fKtirOMxyHNwu8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU
+MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs
+IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290
+MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux
+FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h
+bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v
+dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt
+H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9
+uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX
+mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX
+a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN
+E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0
+WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD
+VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0
+Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU
+cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx
+IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN
+AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH
+YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5
+6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC
+Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX
+c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a
+mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ=
+-----END CERTIFICATE-----
diff --git a/sto-tug-kvm2.swamid.se/overlay/opt/flog/nginx/sites-enabled/flog b/sto-tug-kvm2.swamid.se/overlay/opt/flog/nginx/sites-enabled/flog
new file mode 100644
index 0000000..93697cf
--- /dev/null
+++ b/sto-tug-kvm2.swamid.se/overlay/opt/flog/nginx/sites-enabled/flog
@@ -0,0 +1,51 @@
+# the upstream component nginx needs to connect to
+upstream django {
+ #server unix:///var/django/flog/flog/flog.sock; # for a file socket
+ server flog_app.docker:8000;
+}
+
+server {
+ # http://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html
+ if ($http_transfer_encoding ~* chunked) {
+ return 444;
+ }
+
+ #listen 192.36.125.10:80;
+ listen 80;
+ #listen [2001:6b0:7::10]:80 ipv6only=on default_server;
+ listen [::]:80 ipv6only=on default_server;
+ #listen 192.36.125.10:443 ssl;
+ listen 443 ssl;
+ #listen [2001:6b0:7::10]:443 ssl ipv6only=on default_server;
+ listen [::]:443 ssl ipv6only=on default_server;
+
+ server_name flog.sunet.se;
+ charset utf-8;
+
+ ssl_certificate /etc/nginx/certs/flog.sunet.se.chained.pem;
+ ssl_certificate_key /etc/nginx/certs/flog.sunet.se.key;
+ # PFS settings from http://people.adams.edu/~cdmiller/posts/NSA_SSL_settings_for_nginx_and_apache/
+ # NOTE: these settings exclude Win XP with IE 6
+ #
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_prefer_server_ciphers on;
+ ssl_ciphers DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DES-CBC3-SHA:!ADH:!aNULL;
+
+ # max upload size
+ client_max_body_size 75M; # adjust to taste
+
+ # serve directly - analogous for static/staticfiles
+ #location /static/ { # STATIC_URL
+ # alias /var/django/flog/collectedfiles/; # STATIC_ROOT
+ # expires 30d;
+ #}
+
+ # Finally, send all non-media requests to the Django server.
+ location / {
+ uwsgi_pass django;
+ uwsgi_read_timeout 500;
+ include /etc/nginx/uwsgi_params;
+ proxy_buffering off;
+ }
+}
+
diff --git a/sto-tug-kvm2.swamid.se/overlay/opt/flog/postgres/ssl/certs/ssl-cert-snakeoil.pem b/sto-tug-kvm2.swamid.se/overlay/opt/flog/postgres/ssl/certs/ssl-cert-snakeoil.pem
new file mode 100644
index 0000000..1e51120
--- /dev/null
+++ b/sto-tug-kvm2.swamid.se/overlay/opt/flog/postgres/ssl/certs/ssl-cert-snakeoil.pem
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC0jCCAbqgAwIBAgIJAPWiRS1801VVMA0GCSqGSIb3DQEBCwUAMCExHzAdBgNV
+BAMTFnN0by10dWcta3ZtMi5zd2FtaWQuc2UwHhcNMTQxMDIyMTI1NTQzWhcNMjQx
+MDE5MTI1NTQzWjAhMR8wHQYDVQQDExZzdG8tdHVnLWt2bTIuc3dhbWlkLnNlMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AeuSvXfxZEDnhqPAnPb1CA5
+ijzHYKCAV8tPbrwzJDHCDd2bPhRSfnUMAg12DmHvaqFLekk0kuYRPETVVpPxk4ss
+NZgh/3CqShd3UnMjoAUFT+sq7c7OqbLD9bWY8EbgEid1ph2t+nAxXNoRVQd2azvP
+llbwBmKrW15WDFPVnv/zyRs85xviaQgmmowMVVjPNcxw2oMpeJTtpSm15RQ0x6Kk
+p9cUILj7p7ls82uOutJgYL6MhGytqdtgoWu6sEoYc3Sck/scZJnBMwecvkKC8Zvj
+qk/JvIsGsme7Akp8bK0tJ7Pts9mtTaSqwqHsyCrY6lZE8wKmJ7bUX70yE9eTCwID
+AQABow0wCzAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQBXJPEZGI5EXNBf
+NwO1jT9Mvxfjs27Cw72nO6PR+ZdGdludQH8NDuEK8FudAdenk4r40KTqsxlezr+y
+Wn0JMe92IUvag7T/RNPNXu0IieNRvNTMwsNfZJnymqReEnoHYB0f8U/rX+vshKwP
+5D7pdCaXspzXr3rJ+ZNw6YBxqgeprCcln8NSi2gtnA/PGTyzpPRmlFpRvBy+PC/I
+fBejYOcgrc1i7v1MYC85OnMLzIGsxsnQIJjtjK8iY9BDyhQ1S+Jwu17vWJ2ZWGlk
+NQUnSqJw447ooQUKLrpkx7brwSLMDPDO9hO7/b2L/VsfGlGiaXBhUEYF3GAnOwZJ
+QslpyIrc
+-----END CERTIFICATE-----
diff --git a/sto-tug-kvm2.swamid.se/overlay/opt/flog/postgres/ssl/private/ssl-cert-snakeoil.key b/sto-tug-kvm2.swamid.se/overlay/opt/flog/postgres/ssl/private/ssl-cert-snakeoil.key
new file mode 100644
index 0000000..3e0d431
--- /dev/null
+++ b/sto-tug-kvm2.swamid.se/overlay/opt/flog/postgres/ssl/private/ssl-cert-snakeoil.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDQB65K9d/FkQOe
+Go8Cc9vUIDmKPMdgoIBXy09uvDMkMcIN3Zs+FFJ+dQwCDXYOYe9qoUt6STSS5hE8
+RNVWk/GTiyw1mCH/cKpKF3dScyOgBQVP6yrtzs6pssP1tZjwRuASJ3WmHa36cDFc
+2hFVB3ZrO8+WVvAGYqtbXlYMU9We//PJGzznG+JpCCaajAxVWM81zHDagyl4lO2l
+KbXlFDTHoqSn1xQguPunuWzza4660mBgvoyEbK2p22Cha7qwShhzdJyT+xxkmcEz
+B5y+QoLxm+OqT8m8iwayZ7sCSnxsrS0ns+2z2a1NpKrCoezIKtjqVkTzAqYnttRf
+vTIT15MLAgMBAAECggEAWs7/hjlONS/YJGvzgV6R10c51t4xKjzlyW02f2An8uTF
+kMfrvG2ilREC7OJzZlPZ7vH5wKe0C2vimixx9BkgmwdlhP+j152WuEEGFTetlWyb
+pQdC9gwQqoMeh2N+H2TQ6xvOf3T1PR08bwvCBRv81VKGi1nn7OGla30Ckt8FoSHP
+cTEYsLQhn6XyFPYZvtSgoaxA8kEGBICD/LMpkqQ2w8QDiqD0LJ6Dhiu4AAZTjksK
+CXc/qek35ldAYB76f/02YRMJCDwW7h3abmkHv7FMDHk9K4APxWYxWlUIWc4C4O1Q
+fMesGNIqpFXlTSj4g3bdVue0R/rwvdz9RLS2gyv8AQKBgQD5lmQumMzH3JpTnIg5
+VNGHxOI1OtqO32H/gdlPkWZTfD6dhitM2NfdXlntaSZ4EwoyDu6Iq/a9T32jUHnL
+iV3Fn59a1bQcYsl/g/Q4P78XbRIjRFU602JdQGVJeeAB5h/v/xrhcr/fyRAsk1gD
+/N6VR20TkoO6YvkRH7xpv8/HSQKBgQDVX/Q/QZg/BlkMTvrQz27xnzBdtoycRGE+
+V4J0l7U9txs6i0uTCwFU8C5DA7LffbNYhDMC+eJzXRgYdCwcsQUJP/2KzkRuKW4/
+SIe9eNk4kRcfti63hiubshh3/HmvXgftv5OHGHRCb2KUx4BEB5S0Vh9/+9l5SqG+
+XejFiY5jswKBgHoG55BIsMZ+uw1qGMg/Cfqhbh+sWLNF0DoGGGNoqWjj9BE8SetW
+kaPvv3Pt1xsZ5AA5gLJdsVM5jCnO7N1wmeJHergEh/zg57dqonrl393qO9X2UN1k
+AFGrbFoSNk13X+INDe1wFxOo0DmbCItalNDTjSbmmXUFctTGeW4Sk9nRAoGBAL/q
+eENU+lzllr5tY0bg7EbDCbugb8Q19Mkf6KR5t3h08zarBySQp3gAN3vrHb3Kz77z
+2PX6T+W3e+6yvuJnjcIOHjv03rO+6/xbfku7IJWyWnwZXtePBDYb78or+j7zcmoy
+/7xpEFiY2rA66HFH6EZzmA2DNs3ThLs2uCDEYp/lAoGBALEgYoAlUWK5zeV2zrLa
+vWdvubphN76ljVX23vW8cx5S07w3QeIqLZR4C1BH+9/ibbxGks69dDHg7y7EKe6S
+6lkhRjhMCvN2jg0tMBU7skPmLs75wN98qC3TqK8uu+gdSPsctG5w1QIS77p+5lCg
+7x5NyDVPI+bX7MadeANul/8c
+-----END PRIVATE KEY-----