3 files changed, 48 insertions, 3 deletions

diff --git a/global/overlay/etc/puppet/manifests/catlfish/frontend.pp b/global/overlay/etc/puppet/manifests/catlfish/frontend.pp
index 9307e1d..37d455f 100644
--- a/global/overlay/etc/puppet/manifests/catlfish/frontend.pp
+++ b/global/overlay/etc/puppet/manifests/catlfish/frontend.pp
@@ -6,11 +6,36 @@ define catlfish::frontend(
    $base = '/var/local/db/urd.appendto.org'
    file {$base: ensure => directory } ->
    file {"${base}/${name}": ensure => directory } ->
+   sunet::docker_run{"${name}_varnish":
+      image    => "docker.sunet.se/varnish",
+      imagetag => "latest",
+      env      => ["BACKEND_PORT=tcp://${name}_frontend.docker:8080"]
+      ports    => ["80:80"],
+   }
+   sunet::docker_run{"${name}_stud":
+      image    => "docker.sunet.se/stud",
+      imagetag => "latest",
+      volumes  => ["/etc/ssl:/etc/ssl"],
+      env      => ["BACKEND_PORT=tcp://${name}_varnish.docker:80"],
+      ports    => ["443:443"]
+   }
    sunet::docker_run {'${name}_frontend':
        image    => $image,
-       imagetag => $version
+       imagetag => $version,
        ports    => ["8080:8080","8082:8082"],
        volumes  => ["/data/${name}/catlfish:/usr/local/etc/catlfish:ro","${base}/${name}:/var/local/db/catlfish"],
        command  => ["frontend"]
    }
+   ufw::allow { "${name}-allow-http":
+      ip   => 'any',
+      port => 80
+   }
+   ufw::allow { "${name}-allow-https":
+      ip   => 'any',
+      port => 443
+   }
+   ufw:allow { "${name}-allow-8082-acl0":
+      ip     => '130.242.125.0/24',
+      port   => 8082
+   }
 }
diff --git a/global/overlay/etc/puppet/manifests/catlfish/merge.pp b/global/overlay/etc/puppet/manifests/catlfish/merge.pp
index f466be2..5be25a3 100644
--- a/global/overlay/etc/puppet/manifests/catlfish/merge.pp
+++ b/global/overlay/etc/puppet/manifests/catlfish/merge.pp
@@ -6,10 +6,10 @@ define catlfish::merge(
    $base = '/var/local/db/urd.appendto.org'
    file {$base: ensure => directory } ->
    file {"${base}/${name}": ensure => directory } ->
-   sunet::docker_run {'${name}_frontend':
+   sunet::docker_run {'${name}_merge':
        image    => $image,
        env      => ["MERGE_EXTRA_ARGS=--timing"],
-       imagetag => $version
+       imagetag => $version,
        volumes  => ["/data/${name}/catlfish:/usr/local/etc/catlfish:ro","${base}/${name}:/var/local/db/catlfish"],
        command  => ["merge /var/local/db/catlfish"]
    }
diff --git a/global/overlay/etc/puppet/manifests/catlfish/storage.pp b/global/overlay/etc/puppet/manifests/catlfish/storage.pp
new file mode 100644
index 0000000..a98e107
--- /dev/null
+++ b/global/overlay/etc/puppet/manifests/catlfish/storage.pp
@@ -0,0 +1,20 @@
+define catlfish::storage(
+      $image    = 'docker.sunet.se/ctct/catlfish-dev',
+      $version  = 'latest'
+)
+{
+   $base = '/var/local/db/urd.appendto.org'
+   file {$base: ensure => directory } ->
+   file {"${base}/${name}": ensure => directory } ->
+   sunet::docker_run {'${name}_storage':
+       image    => $image,
+       imagetag => $version,
+       volumes  => ["/data/${name}/catlfish:/usr/local/etc/catlfish:ro","${base}/${name}:/var/local/db/catlfish"],
+       ports    => ["8081:8081"],
+       command  => ["storage"]
+   }
+   ufw:allow { "${name}-allow-8081-acl0":
+      ip     => '130.242.125.0/24',
+      port   => 8081
+   }
+}