From 816e92059aa5502d92adff3c8a314659a9793eb8 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Wed, 23 Sep 2015 13:52:14 +0200 Subject: static ip for mdx* --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index a205fd9..f04fd87 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -83,12 +83,15 @@ node 'sto-tug-kvm1.swamid.se' { } sunet::cloudimage { 'mdx1.swamid.se': - mac => '52:54:00:fe:bc:09', - dhcp => true, + dhcp => false, repo => 'git://git.nordu.net/nunoc-ops.git', tagpattern => 'sunet-ops', cpus => '1', memory => '2048', + ip => '130.242.125.91', + netmask => '255.255.255.192', + gateway => '130.242.125.65', + resolver => '130.242.80.14 130.242.80.99' } sunet::dhcp_kvm { 'md-master.reep.refeds.org': @@ -103,12 +106,15 @@ node 'sto-tug-kvm1.swamid.se' { node 'sto-fre-kvm1.swamid.se' { sunet::cloudimage { 'mdx2.swamid.se': - mac => '52:54:00:30:be:dd', - dhcp => true, + dhcp => false, repo => 'git://git.nordu.net/nunoc-ops.git', tagpattern => 'sunet-ops', cpus => '1', memory => '2048', + ip => '130.242.125.151', + netmask => '255.255.255.192', + gateway => '130.242.125.129', + resolver => '130.242.80.14 130.242.80.99' } } @@ -575,8 +581,6 @@ class sunet-dhcp-hosts { # SWAMID production dhcp::host { 'registry.swamid': mac => "52:54:00:52:53:0b", ip => "130.242.125.90" } - dhcp::host { 'mdx1.swamid': mac => "52:54:00:fe:bc:09", ip => "130.242.125.91" } - dhcp::host { 'mdx2.swamid': mac => "52:54:00:30:be:dd", ip => "130.242.125.92" } } class sunetops { -- cgit v1.1 From 1c726d7e64b7dbe5bee07a78c73695033a7d1576 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Wed, 23 Sep 2015 14:52:41 +0200 Subject: update db --- global/overlay/etc/puppet/cosmos-db.yaml | 83 +++++++++++++++----------------- 1 file changed, 40 insertions(+), 43 deletions(-) diff --git a/global/overlay/etc/puppet/cosmos-db.yaml b/global/overlay/etc/puppet/cosmos-db.yaml index a4551f9..d931da8 100644 --- a/global/overlay/etc/puppet/cosmos-db.yaml +++ b/global/overlay/etc/puppet/cosmos-db.yaml @@ -38,18 +38,16 @@ classes: sunetops: null md-master.reep.refeds.org: {nunoc: null, swamidops: null} mdx1.swamid.se: - dockerhost: null mailclient: &id002 {domain: sunet.se} nunoc: null - signer: null sunetops: null + swamid_pyff_signer: null swamidops: null mdx2.swamid.se: - docker_signer: null - dockerhost: null mailclient: *id002 nunoc: null sunetops: null + swamid_pyff_signer: null swamidops: null meta.swamid.se: mailclient: *id002 @@ -153,48 +151,47 @@ classes: webserver: null www2.eduid.se: {nunoc: null} members: - all: [ca.sunet.se, cdr1.sunet.se, web-f1.sunet.se, web-db3.sunet.se, random1.nordu.net, - web-db2.sunet.se, sto-tug-kvm-lab2.swamid.se, random2.nordu.net, www2.eduid.se, - md-master.reep.refeds.org, datasets.sunet.se, mdx1.swamid.se, sto-tug-kvm-lab1.swamid.se, - web-a1.sunet.se, mdx2.swamid.se, samltest.swamid.se, web-db1.sunet.se, meta.swamid.se, - sto-tug-kvm2.swamid.se, web-f2.sunet.se, dane.lab.sunet.se, cdr2.sunet.se, web-a2.sunet.se, - loke.sunet.se, docker.sunet.se, sto-fre-kvm1.swamid.se, registry.swamid.se, sto-tug-kvm1.swamid.se, - lobo2.lab.sunet.se] - docker_signer: [mdx2.swamid.se] - dockerhost: [mdx1.swamid.se, mdx2.swamid.se, docker.sunet.se, registry.swamid.se] + all: [cdr1.sunet.se, sto-tug-kvm2.swamid.se, datasets.sunet.se, random1.nordu.net, + md-master.reep.refeds.org, random2.nordu.net, sto-tug-kvm-lab2.swamid.se, sto-tug-kvm1.swamid.se, + ca.sunet.se, web-a2.sunet.se, loke.sunet.se, www2.eduid.se, cdr2.sunet.se, web-db1.sunet.se, + web-db2.sunet.se, mdx1.swamid.se, web-f1.sunet.se, web-f2.sunet.se, meta.swamid.se, + registry.swamid.se, dane.lab.sunet.se, mdx2.swamid.se, samltest.swamid.se, docker.sunet.se, + lobo2.lab.sunet.se, sto-tug-kvm-lab1.swamid.se, sto-fre-kvm1.swamid.se, web-db3.sunet.se, + web-a1.sunet.se] + dockerhost: [registry.swamid.se, docker.sunet.se] entropyserver: [random1.nordu.net, random2.nordu.net] - mailclient: [ca.sunet.se, cdr1.sunet.se, web-f1.sunet.se, web-db3.sunet.se, random1.nordu.net, - web-db2.sunet.se, sto-tug-kvm-lab2.swamid.se, random2.nordu.net, datasets.sunet.se, - mdx1.swamid.se, sto-tug-kvm-lab1.swamid.se, web-a1.sunet.se, mdx2.swamid.se, samltest.swamid.se, - web-db1.sunet.se, meta.swamid.se, sto-tug-kvm2.swamid.se, web-f2.sunet.se, dane.lab.sunet.se, - cdr2.sunet.se, web-a2.sunet.se, loke.sunet.se, docker.sunet.se, sto-fre-kvm1.swamid.se, - registry.swamid.se, sto-tug-kvm1.swamid.se, lobo2.lab.sunet.se] - nunoc: [ca.sunet.se, cdr1.sunet.se, web-f1.sunet.se, web-db3.sunet.se, random1.nordu.net, - web-db2.sunet.se, sto-tug-kvm-lab2.swamid.se, random2.nordu.net, www2.eduid.se, - md-master.reep.refeds.org, datasets.sunet.se, mdx1.swamid.se, sto-tug-kvm-lab1.swamid.se, - web-a1.sunet.se, mdx2.swamid.se, samltest.swamid.se, web-db1.sunet.se, meta.swamid.se, - sto-tug-kvm2.swamid.se, web-f2.sunet.se, dane.lab.sunet.se, cdr2.sunet.se, web-a2.sunet.se, - loke.sunet.se, docker.sunet.se, sto-fre-kvm1.swamid.se, registry.swamid.se, sto-tug-kvm1.swamid.se, - lobo2.lab.sunet.se] + mailclient: [cdr1.sunet.se, sto-tug-kvm2.swamid.se, datasets.sunet.se, random1.nordu.net, + random2.nordu.net, sto-tug-kvm-lab2.swamid.se, sto-tug-kvm1.swamid.se, ca.sunet.se, + web-a2.sunet.se, loke.sunet.se, cdr2.sunet.se, web-db1.sunet.se, web-db2.sunet.se, + mdx1.swamid.se, web-f1.sunet.se, web-f2.sunet.se, meta.swamid.se, registry.swamid.se, + dane.lab.sunet.se, mdx2.swamid.se, samltest.swamid.se, docker.sunet.se, lobo2.lab.sunet.se, + sto-tug-kvm-lab1.swamid.se, sto-fre-kvm1.swamid.se, web-db3.sunet.se, web-a1.sunet.se] + nunoc: [cdr1.sunet.se, sto-tug-kvm2.swamid.se, datasets.sunet.se, random1.nordu.net, + md-master.reep.refeds.org, random2.nordu.net, sto-tug-kvm-lab2.swamid.se, sto-tug-kvm1.swamid.se, + ca.sunet.se, web-a2.sunet.se, loke.sunet.se, www2.eduid.se, cdr2.sunet.se, web-db1.sunet.se, + web-db2.sunet.se, mdx1.swamid.se, web-f1.sunet.se, web-f2.sunet.se, meta.swamid.se, + registry.swamid.se, dane.lab.sunet.se, mdx2.swamid.se, samltest.swamid.se, docker.sunet.se, + lobo2.lab.sunet.se, sto-tug-kvm-lab1.swamid.se, sto-fre-kvm1.swamid.se, web-db3.sunet.se, + web-a1.sunet.se] quantis: [random1.nordu.net, random2.nordu.net] - signer: [mdx1.swamid.se] sunet-cdr: [cdr1.sunet.se, cdr2.sunet.se] sunet::dockerhost: [sto-tug-kvm2.swamid.se] - sunetops: [ca.sunet.se, cdr1.sunet.se, cdr1.sunet.se, web-f1.sunet.se, web-db3.sunet.se, - random1.nordu.net, web-db2.sunet.se, sto-tug-kvm-lab2.swamid.se, random2.nordu.net, - datasets.sunet.se, mdx1.swamid.se, sto-tug-kvm-lab1.swamid.se, web-a1.sunet.se, - mdx2.swamid.se, samltest.swamid.se, web-db1.sunet.se, meta.swamid.se, sto-tug-kvm2.swamid.se, - web-f2.sunet.se, dane.lab.sunet.se, cdr2.sunet.se, cdr2.sunet.se, web-a2.sunet.se, - loke.sunet.se, docker.sunet.se, sto-fre-kvm1.swamid.se, registry.swamid.se, sto-tug-kvm1.swamid.se, - lobo2.lab.sunet.se] - swamidops: [sto-tug-kvm-lab2.swamid.se, md-master.reep.refeds.org, mdx1.swamid.se, - sto-tug-kvm-lab1.swamid.se, mdx2.swamid.se, samltest.swamid.se, meta.swamid.se, - sto-tug-kvm2.swamid.se, sto-fre-kvm1.swamid.se, registry.swamid.se, sto-tug-kvm1.swamid.se] - webappserver: [web-a1.sunet.se, web-a2.sunet.se] - webbackend: [web-db3.sunet.se, web-db2.sunet.se, web-db1.sunet.se] - webcommon: [web-f1.sunet.se, web-db3.sunet.se, web-db2.sunet.se, web-a1.sunet.se, - web-db1.sunet.se, web-f2.sunet.se, web-a2.sunet.se] + sunetops: [cdr1.sunet.se, cdr1.sunet.se, sto-tug-kvm2.swamid.se, datasets.sunet.se, + random1.nordu.net, random2.nordu.net, sto-tug-kvm-lab2.swamid.se, sto-tug-kvm1.swamid.se, + ca.sunet.se, web-a2.sunet.se, loke.sunet.se, cdr2.sunet.se, cdr2.sunet.se, web-db1.sunet.se, + web-db2.sunet.se, mdx1.swamid.se, web-f1.sunet.se, web-f2.sunet.se, meta.swamid.se, + registry.swamid.se, dane.lab.sunet.se, mdx2.swamid.se, samltest.swamid.se, docker.sunet.se, + lobo2.lab.sunet.se, sto-tug-kvm-lab1.swamid.se, sto-fre-kvm1.swamid.se, web-db3.sunet.se, + web-a1.sunet.se] + swamid_pyff_signer: [mdx1.swamid.se, mdx2.swamid.se] + swamidops: [sto-tug-kvm2.swamid.se, md-master.reep.refeds.org, sto-tug-kvm-lab2.swamid.se, + sto-tug-kvm1.swamid.se, mdx1.swamid.se, meta.swamid.se, registry.swamid.se, mdx2.swamid.se, + samltest.swamid.se, sto-tug-kvm-lab1.swamid.se, sto-fre-kvm1.swamid.se] + webappserver: [web-a2.sunet.se, web-a1.sunet.se] + webbackend: [web-db1.sunet.se, web-db2.sunet.se, web-db3.sunet.se] + webcommon: [web-a2.sunet.se, web-db1.sunet.se, web-db2.sunet.se, web-f1.sunet.se, + web-f2.sunet.se, web-db3.sunet.se, web-a1.sunet.se] webfrontend: [web-f1.sunet.se, web-f2.sunet.se] - webserver: [web-f1.sunet.se, datasets.sunet.se, sto-tug-kvm2.swamid.se, web-f2.sunet.se, - docker.sunet.se, registry.swamid.se] + webserver: [sto-tug-kvm2.swamid.se, datasets.sunet.se, web-f1.sunet.se, web-f2.sunet.se, + registry.swamid.se, docker.sunet.se] -- cgit v1.1 From bcee6cb403be4ba72e0b06a8619384a9f044d881 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Wed, 23 Sep 2015 14:52:51 +0200 Subject: new signer definitions --- global/overlay/etc/puppet/cosmos-rules.yaml | 6 +-- global/overlay/etc/puppet/manifests/cosmos-site.pp | 49 ++++++++-------------- 2 files changed, 19 insertions(+), 36 deletions(-) diff --git a/global/overlay/etc/puppet/cosmos-rules.yaml b/global/overlay/etc/puppet/cosmos-rules.yaml index 718ce2a..3fda18d 100644 --- a/global/overlay/etc/puppet/cosmos-rules.yaml +++ b/global/overlay/etc/puppet/cosmos-rules.yaml @@ -21,11 +21,9 @@ docker.sunet.se: dockerhost: webserver: mdx1.swamid.se: - dockerhost: - signer: + swamid_pyff_signer: mdx2.swamid.se: - dockerhost: - docker_signer: + swamid_pyff_signer: sto-tug-kvm2.swamid.se: webserver: sunet::dockerhost: diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index f04fd87..d9ac384 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -165,45 +165,25 @@ node 'docker.sunet.se' { } } -class docker_signer { - docker::image {'docker.samlbits.net/varnish': } - docker::image {'docker.samlbits.net/pyff': } - docker::run {'pyff': +define pyff($dir) { + sunet::docker_run {'pyff_${name}': image => 'docker.samlbits.net/pyff', - volumes => ['/opt/swamid-metadata:/opt/swamid-metadata'], - env => ['DATADIR=/opt/swamid-metadata','LOGLEVEL=INFO'] + volumes => ["${dir}:${dir}"], + env => ['DATADIR=${dir}','LOGLEVEL=INFO'] } - docker::run {'varnish': + docker::run {'varnish_${name}': image => 'docker.samlbits.net/varnish', - links => ['pyff:backend'], + env => ['BACKEND_PORT=tcp://pyff.varnish:80'], ports => ['80:80'] } - cron {'update-swamid-metadata': - command => "cd /opt/swamid-metadata && git pull -q", - user => root, - minute => '*/5' - } } -class signer { - include cosmos::httpsproxy - class {'varnish': - domain => 'swamid.se', - backends => { - mdx => 'http://localhost:8000/' - }, - vhosts => { - mdx => 'mdx.swamid.se' - } - } - class {'pyff': - load => ["/opt/metadata"], - port => 8000, - address => '0.0.0.0', - validUntil => 'P10D', - cacheDuration => 'PT5H', - replace => false - } +class swamid_metadata { + vcsrepo { '/opt/swamid-metadata': + ensure => present + provider => git, + source => 'git://md-master.swamid.se/swamid-metadata.git' + } -> cron {'update-swamid-metadata': command => "cd /opt/swamid-metadata && git pull -q", user => root, @@ -211,6 +191,11 @@ class signer { } } +class swamid_pyff_signer { + class { 'swamid_metadata': } + pyff {'swamid': dir => '/opt/swamid-metadata' } +} + node 'md-master.reep.refeds.org' { #include cosmos::httpsproxy class {'pyff': -- cgit v1.1 From 2dd59facc78e6464ae4f31940f2f12968ea6ffc6 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Wed, 23 Sep 2015 14:54:49 +0200 Subject: missing comma --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index d9ac384..1acdbc7 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -180,7 +180,7 @@ define pyff($dir) { class swamid_metadata { vcsrepo { '/opt/swamid-metadata': - ensure => present + ensure => present, provider => git, source => 'git://md-master.swamid.se/swamid-metadata.git' } -> -- cgit v1.1 From 33a2c27556ccf0e13982f65ae0af5cfebc4d5f28 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Wed, 23 Sep 2015 14:57:13 +0200 Subject: include dockerhost --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 1acdbc7..fe95f0d 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -166,12 +166,13 @@ node 'docker.sunet.se' { } define pyff($dir) { + ensure_resource('class', 'sunet::dockerhost', {}) sunet::docker_run {'pyff_${name}': image => 'docker.samlbits.net/pyff', volumes => ["${dir}:${dir}"], env => ['DATADIR=${dir}','LOGLEVEL=INFO'] } - docker::run {'varnish_${name}': + sunet::docker_run {'varnish_${name}': image => 'docker.samlbits.net/varnish', env => ['BACKEND_PORT=tcp://pyff.varnish:80'], ports => ['80:80'] -- cgit v1.1 From b0e4f70768f40f01f0718c108c8f2ef0683582fd Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Wed, 23 Sep 2015 15:15:37 +0200 Subject: pull from sunet --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index fe95f0d..3d71620 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -168,14 +168,16 @@ node 'docker.sunet.se' { define pyff($dir) { ensure_resource('class', 'sunet::dockerhost', {}) sunet::docker_run {'pyff_${name}': - image => 'docker.samlbits.net/pyff', + image => 'docker.sunet.se/pyff', + imagetag => 'latest', volumes => ["${dir}:${dir}"], env => ['DATADIR=${dir}','LOGLEVEL=INFO'] } sunet::docker_run {'varnish_${name}': - image => 'docker.samlbits.net/varnish', - env => ['BACKEND_PORT=tcp://pyff.varnish:80'], - ports => ['80:80'] + image => 'docker.sunet.se/varnish', + imagetag => 'latest', + env => ['BACKEND_PORT=tcp://pyff.varnish:80'], + ports => ['80:80'] } } -- cgit v1.1 From f1c5d57f33a895ed20cca0c3105bb292f410ba74 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Wed, 23 Sep 2015 15:19:17 +0200 Subject: pull from sunet --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 3d71620..a8588a0 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -167,13 +167,13 @@ node 'docker.sunet.se' { define pyff($dir) { ensure_resource('class', 'sunet::dockerhost', {}) - sunet::docker_run {'pyff_${name}': + sunet::docker_run {"pyff_${name}": image => 'docker.sunet.se/pyff', imagetag => 'latest', volumes => ["${dir}:${dir}"], env => ['DATADIR=${dir}','LOGLEVEL=INFO'] } - sunet::docker_run {'varnish_${name}': + sunet::docker_run {"varnish_${name}": image => 'docker.sunet.se/varnish', imagetag => 'latest', env => ['BACKEND_PORT=tcp://pyff.varnish:80'], -- cgit v1.1 From b619229265023494f09f497cabe737fa6c5bc59d Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Wed, 23 Sep 2015 15:36:27 +0200 Subject: remove peer --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 25 ---------------------- 1 file changed, 25 deletions(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index a8588a0..0e0bf5a 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -209,31 +209,6 @@ node 'md-master.reep.refeds.org' { } node 'registry.swamid.se' { - class {'pyff': - load => ['/opt/peer/media/vf_repo'], - validUntil => 'P30D', - cacheDuration => 'PT24H', - replace => false, - port => 8000, - address => '127.0.0.1' - } - $peerpkg = ['xmlsec1','libxmlsec1-openssl','libpq-dev','postgresql','postgresql-client'] - package { $peerpkg: ensure => installed } - python::virtualenv { '/opt/peer': - ensure => present - } - python::pip { 'peer==0.13.0': - pkgname => 'peer==0.13.0', - virtualenv => '/opt/peer' - } - - #class { 'postgresql::server': } - - #postgresql::server::db { 'peer': - # encoding => 'utf-8', - # user => 'peer', - # password => postgresql_password('peer', hiera('peer_db_password')), - #} } node 'sto-tug-kvm-lab1.swamid.se' { -- cgit v1.1 From 5d843b8bc4c2c16d4a2e372fc95050c83e562ae2 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Wed, 23 Sep 2015 22:27:59 +0200 Subject: pull with key --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 0e0bf5a..0dd3130 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -183,14 +183,14 @@ define pyff($dir) { class swamid_metadata { vcsrepo { '/opt/swamid-metadata': - ensure => present, + ensure => present, provider => git, - source => 'git://md-master.swamid.se/swamid-metadata.git' + source => 'git@md-master.swamid.se:swamid-metadata.git' } -> cron {'update-swamid-metadata': - command => "cd /opt/swamid-metadata && git pull -q", - user => root, - minute => '*/5' + command => "cd /opt/swamid-metadata && git pull -q", + user => root, + minute => '*/5' } } -- cgit v1.1 From b3830bcb0f2b7602efbe57b5592b0e84bc0f1acf Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Wed, 23 Sep 2015 22:46:26 +0200 Subject: fix link --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 0dd3130..8912f68 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -176,7 +176,7 @@ define pyff($dir) { sunet::docker_run {"varnish_${name}": image => 'docker.sunet.se/varnish', imagetag => 'latest', - env => ['BACKEND_PORT=tcp://pyff.varnish:80'], + env => ['BACKEND_PORT=tcp://pyff.docker:8080'], ports => ['80:80'] } } -- cgit v1.1 From 5b3392e22c7ed0457d41aaef78118a6eb7df2973 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Wed, 23 Sep 2015 22:48:26 +0200 Subject: fix link --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 8912f68..899af06 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -176,7 +176,7 @@ define pyff($dir) { sunet::docker_run {"varnish_${name}": image => 'docker.sunet.se/varnish', imagetag => 'latest', - env => ['BACKEND_PORT=tcp://pyff.docker:8080'], + env => ["BACKEND_PORT=tcp://pyff_${name}.docker:8080"], ports => ['80:80'] } } -- cgit v1.1 From 371d57216225eabdb8c2fbce8c177181d335b731 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Wed, 23 Sep 2015 23:06:58 +0200 Subject: mds1.swamid.se added --- mds1.swamid.se/README | 1 + 1 file changed, 1 insertion(+) create mode 120000 mds1.swamid.se/README diff --git a/mds1.swamid.se/README b/mds1.swamid.se/README new file mode 120000 index 0000000..59a23c4 --- /dev/null +++ b/mds1.swamid.se/README @@ -0,0 +1 @@ +../README \ No newline at end of file -- cgit v1.1 From 36d9b49029a47b08a0735e31a57881f2d9847b2a Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Wed, 23 Sep 2015 23:07:09 +0200 Subject: mds2.swamid.se added --- mds2.swamid.se/README | 1 + 1 file changed, 1 insertion(+) create mode 120000 mds2.swamid.se/README diff --git a/mds2.swamid.se/README b/mds2.swamid.se/README new file mode 120000 index 0000000..59a23c4 --- /dev/null +++ b/mds2.swamid.se/README @@ -0,0 +1 @@ +../README \ No newline at end of file -- cgit v1.1 From 23d6a40591bb8496524a58006eb7e3c01b58b57f Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Wed, 23 Sep 2015 23:07:20 +0200 Subject: git.swamid.se added --- git.swamid.se/README | 1 + 1 file changed, 1 insertion(+) create mode 120000 git.swamid.se/README diff --git a/git.swamid.se/README b/git.swamid.se/README new file mode 120000 index 0000000..59a23c4 --- /dev/null +++ b/git.swamid.se/README @@ -0,0 +1 @@ +../README \ No newline at end of file -- cgit v1.1 From a7f14bed2d9ec18156c6806a18af9d6849a4ccda Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Wed, 23 Sep 2015 23:12:01 +0200 Subject: spin new servers --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 36 ++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 899af06..216b70d 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -93,6 +93,18 @@ node 'sto-tug-kvm1.swamid.se' { gateway => '130.242.125.65', resolver => '130.242.80.14 130.242.80.99' } + + sunet::cloudimage { 'mds1.swamid.se': + dhcp => false, + repo => 'git://git.nordu.net/nunoc-ops.git', + tagpattern => 'sunet-ops', + cpus => '1', + memory => '2048', + ip => '130.242.125.92', + netmask => '255.255.255.192', + gateway => '130.242.125.65', + resolver => '130.242.80.14 130.242.80.99' + } sunet::dhcp_kvm { 'md-master.reep.refeds.org': mac => '52:54:00:39:8d:ac', @@ -117,6 +129,30 @@ node 'sto-fre-kvm1.swamid.se' { resolver => '130.242.80.14 130.242.80.99' } + sunet::cloudimage { 'mds2.swamid.se': + dhcp => false, + repo => 'git://git.nordu.net/nunoc-ops.git', + tagpattern => 'sunet-ops', + cpus => '1', + memory => '2048', + ip => '130.242.125.152', + netmask => '255.255.255.192', + gateway => '130.242.125.129', + resolver => '130.242.80.14 130.242.80.99' + } + + sunet::cloudimage { 'git.swamid.se': + dhcp => false, + repo => 'git://git.nordu.net/nunoc-ops.git', + tagpattern => 'sunet-ops', + cpus => '1', + memory => '2048', + ip => '130.242.125.153', + netmask => '255.255.255.192', + gateway => '130.242.125.129', + resolver => '130.242.80.14 130.242.80.99' + } + } node 'datasets.sunet.se' { -- cgit v1.1 From 4ab73f34b7d7a562b9b4d1ef15234c3d85b01a34 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Wed, 23 Sep 2015 23:20:50 +0200 Subject: ssh config for mds:en --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 4 +++ mds1.swamid.se/overlay/root/.ssh/config | 4 +++ mds2.swamid.se/overlay/root/.ssh/config | 4 +++ mdx1.swamid.se/overlay/etc/gitweb.conf | 30 ---------------------- mdx1.swamid.se/overlay/opt/pyff/mdx.fd | 1 - 5 files changed, 12 insertions(+), 31 deletions(-) create mode 100644 mds1.swamid.se/overlay/root/.ssh/config create mode 100644 mds2.swamid.se/overlay/root/.ssh/config delete mode 100644 mdx1.swamid.se/overlay/etc/gitweb.conf delete mode 120000 mdx1.swamid.se/overlay/opt/pyff/mdx.fd diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 216b70d..9f152a7 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -155,6 +155,10 @@ node 'sto-fre-kvm1.swamid.se' { } +node 'git.swamid.se' { + +} + node 'datasets.sunet.se' { class {'sunet::dockerhost': } -> file {'/opt/lobo2-redis-data': diff --git a/mds1.swamid.se/overlay/root/.ssh/config b/mds1.swamid.se/overlay/root/.ssh/config new file mode 100644 index 0000000..0495928 --- /dev/null +++ b/mds1.swamid.se/overlay/root/.ssh/config @@ -0,0 +1,4 @@ +Host md-master.swamid.se + IdentityFile ~/.ssh/md +Host git.swamid.se + IdentityFile ~/.ssh/md diff --git a/mds2.swamid.se/overlay/root/.ssh/config b/mds2.swamid.se/overlay/root/.ssh/config new file mode 100644 index 0000000..181a1a8 --- /dev/null +++ b/mds2.swamid.se/overlay/root/.ssh/config @@ -0,0 +1,4 @@ +Host md-master.swamid.se + IdentityFile ~/.ssh/md +Host git.swamid.se + IdentityFile ~/.ssh/md diff --git a/mdx1.swamid.se/overlay/etc/gitweb.conf b/mdx1.swamid.se/overlay/etc/gitweb.conf deleted file mode 100644 index db6028a..0000000 --- a/mdx1.swamid.se/overlay/etc/gitweb.conf +++ /dev/null @@ -1,30 +0,0 @@ -# path to git projects (.git) -$projectroot = "/home/git/repositories"; - -# directory to use for temp files -$git_temp = "/tmp"; - -# target of the home link on top of all pages -#$home_link = $my_uri || "/"; - -# html text to include at home page -#$home_text = "indextext.html"; - -# file with project list; by default, simply scan the projectroot dir. -$projects_list = "/home/git/projects.list"; - -# stylesheet to use -#@stylesheets = ("static/gitweb.css"); - -# javascript code for gitweb -#$javascript = "static/gitweb.js"; - -# logo to use -#$logo = "static/git-logo.png"; - -# the 'favicon' -#$favicon = "static/git-favicon.png"; - -# git-diff-tree(1) options to use for generated patches -#@diff_opts = ("-M"); -@diff_opts = (); diff --git a/mdx1.swamid.se/overlay/opt/pyff/mdx.fd b/mdx1.swamid.se/overlay/opt/pyff/mdx.fd deleted file mode 120000 index 58d705b..0000000 --- a/mdx1.swamid.se/overlay/opt/pyff/mdx.fd +++ /dev/null @@ -1 +0,0 @@ -/opt/swamid-metadata/mdx.fd \ No newline at end of file -- cgit v1.1 From 3c675eeaa6249a9f7e1408800bf14f541d4f5d31 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Wed, 23 Sep 2015 23:34:28 +0200 Subject: update db --- global/overlay/etc/puppet/cosmos-db.yaml | 69 ++++++++++++++++++++------------ 1 file changed, 43 insertions(+), 26 deletions(-) diff --git a/global/overlay/etc/puppet/cosmos-db.yaml b/global/overlay/etc/puppet/cosmos-db.yaml index d931da8..18061be 100644 --- a/global/overlay/etc/puppet/cosmos-db.yaml +++ b/global/overlay/etc/puppet/cosmos-db.yaml @@ -28,6 +28,11 @@ classes: nunoc: null sunetops: null webserver: null + git.swamid.se: + mailclient: &id002 {domain: sunet.se} + nunoc: null + sunetops: null + swamidops: null lobo2.lab.sunet.se: mailclient: *id001 nunoc: null @@ -37,8 +42,18 @@ classes: nunoc: null sunetops: null md-master.reep.refeds.org: {nunoc: null, swamidops: null} + mds1.swamid.se: + mailclient: *id002 + nunoc: null + sunetops: null + swamidops: null + mds2.swamid.se: + mailclient: *id002 + nunoc: null + sunetops: null + swamidops: null mdx1.swamid.se: - mailclient: &id002 {domain: sunet.se} + mailclient: *id002 nunoc: null sunetops: null swamid_pyff_signer: null @@ -152,41 +167,43 @@ classes: www2.eduid.se: {nunoc: null} members: all: [cdr1.sunet.se, sto-tug-kvm2.swamid.se, datasets.sunet.se, random1.nordu.net, - md-master.reep.refeds.org, random2.nordu.net, sto-tug-kvm-lab2.swamid.se, sto-tug-kvm1.swamid.se, - ca.sunet.se, web-a2.sunet.se, loke.sunet.se, www2.eduid.se, cdr2.sunet.se, web-db1.sunet.se, - web-db2.sunet.se, mdx1.swamid.se, web-f1.sunet.se, web-f2.sunet.se, meta.swamid.se, - registry.swamid.se, dane.lab.sunet.se, mdx2.swamid.se, samltest.swamid.se, docker.sunet.se, - lobo2.lab.sunet.se, sto-tug-kvm-lab1.swamid.se, sto-fre-kvm1.swamid.se, web-db3.sunet.se, - web-a1.sunet.se] + md-master.reep.refeds.org, random2.nordu.net, sto-tug-kvm-lab2.swamid.se, mds1.swamid.se, + sto-tug-kvm1.swamid.se, ca.sunet.se, web-a2.sunet.se, loke.sunet.se, www2.eduid.se, + cdr2.sunet.se, web-db1.sunet.se, web-db2.sunet.se, mdx1.swamid.se, web-f1.sunet.se, + web-f2.sunet.se, meta.swamid.se, registry.swamid.se, dane.lab.sunet.se, mdx2.swamid.se, + samltest.swamid.se, git.swamid.se, docker.sunet.se, lobo2.lab.sunet.se, sto-tug-kvm-lab1.swamid.se, + sto-fre-kvm1.swamid.se, web-db3.sunet.se, mds2.swamid.se, web-a1.sunet.se] dockerhost: [registry.swamid.se, docker.sunet.se] entropyserver: [random1.nordu.net, random2.nordu.net] mailclient: [cdr1.sunet.se, sto-tug-kvm2.swamid.se, datasets.sunet.se, random1.nordu.net, - random2.nordu.net, sto-tug-kvm-lab2.swamid.se, sto-tug-kvm1.swamid.se, ca.sunet.se, - web-a2.sunet.se, loke.sunet.se, cdr2.sunet.se, web-db1.sunet.se, web-db2.sunet.se, - mdx1.swamid.se, web-f1.sunet.se, web-f2.sunet.se, meta.swamid.se, registry.swamid.se, - dane.lab.sunet.se, mdx2.swamid.se, samltest.swamid.se, docker.sunet.se, lobo2.lab.sunet.se, - sto-tug-kvm-lab1.swamid.se, sto-fre-kvm1.swamid.se, web-db3.sunet.se, web-a1.sunet.se] - nunoc: [cdr1.sunet.se, sto-tug-kvm2.swamid.se, datasets.sunet.se, random1.nordu.net, - md-master.reep.refeds.org, random2.nordu.net, sto-tug-kvm-lab2.swamid.se, sto-tug-kvm1.swamid.se, - ca.sunet.se, web-a2.sunet.se, loke.sunet.se, www2.eduid.se, cdr2.sunet.se, web-db1.sunet.se, + random2.nordu.net, sto-tug-kvm-lab2.swamid.se, mds1.swamid.se, sto-tug-kvm1.swamid.se, + ca.sunet.se, web-a2.sunet.se, loke.sunet.se, cdr2.sunet.se, web-db1.sunet.se, web-db2.sunet.se, mdx1.swamid.se, web-f1.sunet.se, web-f2.sunet.se, meta.swamid.se, - registry.swamid.se, dane.lab.sunet.se, mdx2.swamid.se, samltest.swamid.se, docker.sunet.se, - lobo2.lab.sunet.se, sto-tug-kvm-lab1.swamid.se, sto-fre-kvm1.swamid.se, web-db3.sunet.se, - web-a1.sunet.se] + registry.swamid.se, dane.lab.sunet.se, mdx2.swamid.se, samltest.swamid.se, git.swamid.se, + docker.sunet.se, lobo2.lab.sunet.se, sto-tug-kvm-lab1.swamid.se, sto-fre-kvm1.swamid.se, + web-db3.sunet.se, mds2.swamid.se, web-a1.sunet.se] + nunoc: [cdr1.sunet.se, sto-tug-kvm2.swamid.se, datasets.sunet.se, random1.nordu.net, + md-master.reep.refeds.org, random2.nordu.net, sto-tug-kvm-lab2.swamid.se, mds1.swamid.se, + sto-tug-kvm1.swamid.se, ca.sunet.se, web-a2.sunet.se, loke.sunet.se, www2.eduid.se, + cdr2.sunet.se, web-db1.sunet.se, web-db2.sunet.se, mdx1.swamid.se, web-f1.sunet.se, + web-f2.sunet.se, meta.swamid.se, registry.swamid.se, dane.lab.sunet.se, mdx2.swamid.se, + samltest.swamid.se, git.swamid.se, docker.sunet.se, lobo2.lab.sunet.se, sto-tug-kvm-lab1.swamid.se, + sto-fre-kvm1.swamid.se, web-db3.sunet.se, mds2.swamid.se, web-a1.sunet.se] quantis: [random1.nordu.net, random2.nordu.net] sunet-cdr: [cdr1.sunet.se, cdr2.sunet.se] sunet::dockerhost: [sto-tug-kvm2.swamid.se] sunetops: [cdr1.sunet.se, cdr1.sunet.se, sto-tug-kvm2.swamid.se, datasets.sunet.se, - random1.nordu.net, random2.nordu.net, sto-tug-kvm-lab2.swamid.se, sto-tug-kvm1.swamid.se, - ca.sunet.se, web-a2.sunet.se, loke.sunet.se, cdr2.sunet.se, cdr2.sunet.se, web-db1.sunet.se, - web-db2.sunet.se, mdx1.swamid.se, web-f1.sunet.se, web-f2.sunet.se, meta.swamid.se, - registry.swamid.se, dane.lab.sunet.se, mdx2.swamid.se, samltest.swamid.se, docker.sunet.se, - lobo2.lab.sunet.se, sto-tug-kvm-lab1.swamid.se, sto-fre-kvm1.swamid.se, web-db3.sunet.se, - web-a1.sunet.se] + random1.nordu.net, random2.nordu.net, sto-tug-kvm-lab2.swamid.se, mds1.swamid.se, + sto-tug-kvm1.swamid.se, ca.sunet.se, web-a2.sunet.se, loke.sunet.se, cdr2.sunet.se, + cdr2.sunet.se, web-db1.sunet.se, web-db2.sunet.se, mdx1.swamid.se, web-f1.sunet.se, + web-f2.sunet.se, meta.swamid.se, registry.swamid.se, dane.lab.sunet.se, mdx2.swamid.se, + samltest.swamid.se, git.swamid.se, docker.sunet.se, lobo2.lab.sunet.se, sto-tug-kvm-lab1.swamid.se, + sto-fre-kvm1.swamid.se, web-db3.sunet.se, mds2.swamid.se, web-a1.sunet.se] swamid_pyff_signer: [mdx1.swamid.se, mdx2.swamid.se] swamidops: [sto-tug-kvm2.swamid.se, md-master.reep.refeds.org, sto-tug-kvm-lab2.swamid.se, - sto-tug-kvm1.swamid.se, mdx1.swamid.se, meta.swamid.se, registry.swamid.se, mdx2.swamid.se, - samltest.swamid.se, sto-tug-kvm-lab1.swamid.se, sto-fre-kvm1.swamid.se] + mds1.swamid.se, sto-tug-kvm1.swamid.se, mdx1.swamid.se, meta.swamid.se, registry.swamid.se, + mdx2.swamid.se, samltest.swamid.se, git.swamid.se, sto-tug-kvm-lab1.swamid.se, + sto-fre-kvm1.swamid.se, mds2.swamid.se] webappserver: [web-a2.sunet.se, web-a1.sunet.se] webbackend: [web-db1.sunet.se, web-db2.sunet.se, web-db3.sunet.se] webcommon: [web-a2.sunet.se, web-db1.sunet.se, web-db2.sunet.se, web-f1.sunet.se, -- cgit v1.1 From 06be8a88bee9a847fbab61552677a4192be5b212 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Thu, 24 Sep 2015 00:47:48 +0200 Subject: drop it --- www2.eduid.se/README | 0 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 www2.eduid.se/README diff --git a/www2.eduid.se/README b/www2.eduid.se/README deleted file mode 100644 index e69de29..0000000 -- cgit v1.1 From 8c3b7cbd09142ba653e890ec2bb92f5d885f6bbd Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Thu, 24 Sep 2015 08:15:40 +0200 Subject: new swamid signers --- global/overlay/etc/puppet/cosmos-rules.yaml | 4 ++++ global/overlay/etc/puppet/manifests/cosmos-site.pp | 25 ++++++++++++++++++---- 2 files changed, 25 insertions(+), 4 deletions(-) diff --git a/global/overlay/etc/puppet/cosmos-rules.yaml b/global/overlay/etc/puppet/cosmos-rules.yaml index 3fda18d..bf75b07 100644 --- a/global/overlay/etc/puppet/cosmos-rules.yaml +++ b/global/overlay/etc/puppet/cosmos-rules.yaml @@ -24,6 +24,10 @@ mdx1.swamid.se: swamid_pyff_signer: mdx2.swamid.se: swamid_pyff_signer: +mds1.swamid.se: + swamid_static_signer: +mds2.swamid.se: + swamid_static_signer: sto-tug-kvm2.swamid.se: webserver: sunet::dockerhost: diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 9f152a7..18b0803 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -226,16 +226,33 @@ class swamid_metadata { ensure => present, provider => git, source => 'git@md-master.swamid.se:swamid-metadata.git' - } -> - cron {'update-swamid-metadata': - command => "cd /opt/swamid-metadata && git pull -q", + } +} + +class swamid_static_signer { + class { 'swamid_metadata': } -> + file { '/opt/published-metadata': ensure => directory } -> + cron { 'publish-swamid-metadata': + command => "/opt/swamid-metadata/scripts/update.sh", user => root, minute => '*/5' } + ensure_resource('class', 'sunet::dockerhost', {}) + sunet::docker_run {'swamid_mds': + image => 'docker.sunet.se/swamid-mds', + imagetag => 'latest', + volumes => ['/etc/ssl:/etc/ssl','/opt/published-metadata:/opt/published-metadata','/opt/swamid-metadata/xslt:/opt/swamid-metadata/xslt'], + ports => ['80:80','443:443'] + } } class swamid_pyff_signer { - class { 'swamid_metadata': } + class { 'swamid_metadata': } -> + cron {'update-swamid-metadata': + command => "cd /opt/swamid-metadata && git pull -q", + user => root, + minute => '*/5' + } -> pyff {'swamid': dir => '/opt/swamid-metadata' } } -- cgit v1.1 From a2977199282ccd335ed485e4694f4f257860fffa Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Thu, 24 Sep 2015 08:18:29 +0200 Subject: update db --- global/overlay/etc/puppet/cosmos-db.yaml | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/global/overlay/etc/puppet/cosmos-db.yaml b/global/overlay/etc/puppet/cosmos-db.yaml index 18061be..b574d46 100644 --- a/global/overlay/etc/puppet/cosmos-db.yaml +++ b/global/overlay/etc/puppet/cosmos-db.yaml @@ -46,11 +46,13 @@ classes: mailclient: *id002 nunoc: null sunetops: null + swamid_static_signer: null swamidops: null mds2.swamid.se: mailclient: *id002 nunoc: null sunetops: null + swamid_static_signer: null swamidops: null mdx1.swamid.se: mailclient: *id002 @@ -164,14 +166,13 @@ classes: webcommon: null webfrontend: null webserver: null - www2.eduid.se: {nunoc: null} members: all: [cdr1.sunet.se, sto-tug-kvm2.swamid.se, datasets.sunet.se, random1.nordu.net, md-master.reep.refeds.org, random2.nordu.net, sto-tug-kvm-lab2.swamid.se, mds1.swamid.se, - sto-tug-kvm1.swamid.se, ca.sunet.se, web-a2.sunet.se, loke.sunet.se, www2.eduid.se, - cdr2.sunet.se, web-db1.sunet.se, web-db2.sunet.se, mdx1.swamid.se, web-f1.sunet.se, - web-f2.sunet.se, meta.swamid.se, registry.swamid.se, dane.lab.sunet.se, mdx2.swamid.se, - samltest.swamid.se, git.swamid.se, docker.sunet.se, lobo2.lab.sunet.se, sto-tug-kvm-lab1.swamid.se, + sto-tug-kvm1.swamid.se, ca.sunet.se, web-a2.sunet.se, loke.sunet.se, cdr2.sunet.se, + web-db1.sunet.se, web-db2.sunet.se, mdx1.swamid.se, web-f1.sunet.se, web-f2.sunet.se, + meta.swamid.se, registry.swamid.se, dane.lab.sunet.se, mdx2.swamid.se, samltest.swamid.se, + git.swamid.se, docker.sunet.se, lobo2.lab.sunet.se, sto-tug-kvm-lab1.swamid.se, sto-fre-kvm1.swamid.se, web-db3.sunet.se, mds2.swamid.se, web-a1.sunet.se] dockerhost: [registry.swamid.se, docker.sunet.se] entropyserver: [random1.nordu.net, random2.nordu.net] @@ -184,10 +185,10 @@ members: web-db3.sunet.se, mds2.swamid.se, web-a1.sunet.se] nunoc: [cdr1.sunet.se, sto-tug-kvm2.swamid.se, datasets.sunet.se, random1.nordu.net, md-master.reep.refeds.org, random2.nordu.net, sto-tug-kvm-lab2.swamid.se, mds1.swamid.se, - sto-tug-kvm1.swamid.se, ca.sunet.se, web-a2.sunet.se, loke.sunet.se, www2.eduid.se, - cdr2.sunet.se, web-db1.sunet.se, web-db2.sunet.se, mdx1.swamid.se, web-f1.sunet.se, - web-f2.sunet.se, meta.swamid.se, registry.swamid.se, dane.lab.sunet.se, mdx2.swamid.se, - samltest.swamid.se, git.swamid.se, docker.sunet.se, lobo2.lab.sunet.se, sto-tug-kvm-lab1.swamid.se, + sto-tug-kvm1.swamid.se, ca.sunet.se, web-a2.sunet.se, loke.sunet.se, cdr2.sunet.se, + web-db1.sunet.se, web-db2.sunet.se, mdx1.swamid.se, web-f1.sunet.se, web-f2.sunet.se, + meta.swamid.se, registry.swamid.se, dane.lab.sunet.se, mdx2.swamid.se, samltest.swamid.se, + git.swamid.se, docker.sunet.se, lobo2.lab.sunet.se, sto-tug-kvm-lab1.swamid.se, sto-fre-kvm1.swamid.se, web-db3.sunet.se, mds2.swamid.se, web-a1.sunet.se] quantis: [random1.nordu.net, random2.nordu.net] sunet-cdr: [cdr1.sunet.se, cdr2.sunet.se] @@ -200,6 +201,7 @@ members: samltest.swamid.se, git.swamid.se, docker.sunet.se, lobo2.lab.sunet.se, sto-tug-kvm-lab1.swamid.se, sto-fre-kvm1.swamid.se, web-db3.sunet.se, mds2.swamid.se, web-a1.sunet.se] swamid_pyff_signer: [mdx1.swamid.se, mdx2.swamid.se] + swamid_static_signer: [mds1.swamid.se, mds2.swamid.se] swamidops: [sto-tug-kvm2.swamid.se, md-master.reep.refeds.org, sto-tug-kvm-lab2.swamid.se, mds1.swamid.se, sto-tug-kvm1.swamid.se, mdx1.swamid.se, meta.swamid.se, registry.swamid.se, mdx2.swamid.se, samltest.swamid.se, git.swamid.se, sto-tug-kvm-lab1.swamid.se, -- cgit v1.1 From e604664cb0e55117fbe9d45a2d98078651376b54 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Thu, 24 Sep 2015 08:24:22 +0200 Subject: don't run docker unless metadata exists --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 18b0803..b85ccee 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -236,8 +236,8 @@ class swamid_static_signer { command => "/opt/swamid-metadata/scripts/update.sh", user => root, minute => '*/5' - } - ensure_resource('class', 'sunet::dockerhost', {}) + } -> + ensure_resource('class', 'sunet::dockerhost', {}) -> sunet::docker_run {'swamid_mds': image => 'docker.sunet.se/swamid-mds', imagetag => 'latest', -- cgit v1.1 From 40714a38deaef016bc92705955dea38b09f87b88 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Thu, 24 Sep 2015 08:25:39 +0200 Subject: don't run docker unless metadata exists --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index b85ccee..38668b9 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -237,7 +237,9 @@ class swamid_static_signer { user => root, minute => '*/5' } -> - ensure_resource('class', 'sunet::dockerhost', {}) -> + class {'ensure-dockerhost': + ensure_resource('class', 'sunet::dockerhost', {}) + } -> sunet::docker_run {'swamid_mds': image => 'docker.sunet.se/swamid-mds', imagetag => 'latest', -- cgit v1.1 From d6c35419e1e72d45c6ccaea0fb213cea9a234e55 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Thu, 24 Sep 2015 08:27:07 +0200 Subject: don't run docker unless metadata exists --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 38668b9..232b1b3 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -230,6 +230,7 @@ class swamid_metadata { } class swamid_static_signer { + ensure_resource('class', 'sunet::dockerhost', {}) class { 'swamid_metadata': } -> file { '/opt/published-metadata': ensure => directory } -> cron { 'publish-swamid-metadata': @@ -237,9 +238,6 @@ class swamid_static_signer { user => root, minute => '*/5' } -> - class {'ensure-dockerhost': - ensure_resource('class', 'sunet::dockerhost', {}) - } -> sunet::docker_run {'swamid_mds': image => 'docker.sunet.se/swamid-mds', imagetag => 'latest', -- cgit v1.1 From ce5f12ff9c8344b5306c2a22a10e7e11cb266c78 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Thu, 24 Sep 2015 08:44:05 +0200 Subject: www-data owns published-metadata --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 232b1b3..16ead49 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -232,7 +232,8 @@ class swamid_metadata { class swamid_static_signer { ensure_resource('class', 'sunet::dockerhost', {}) class { 'swamid_metadata': } -> - file { '/opt/published-metadata': ensure => directory } -> + user { 'www-data': system => true } -> + file { '/opt/published-metadata': ensure => directory, owner => 'www-data', group => 'www-data' } -> cron { 'publish-swamid-metadata': command => "/opt/swamid-metadata/scripts/update.sh", user => root, -- cgit v1.1 From 6e530da6bccca3194f51b312ace9503d989560ae Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Thu, 24 Sep 2015 08:51:54 +0200 Subject: tools needed by swamid static signer --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 16ead49..86f833d 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -234,6 +234,7 @@ class swamid_static_signer { class { 'swamid_metadata': } -> user { 'www-data': system => true } -> file { '/opt/published-metadata': ensure => directory, owner => 'www-data', group => 'www-data' } -> + package { ['make','libdate-calc-perl', 'xsltproc', 'opensaml2-tools', 'xmlsec1']: ensure => installed } -> cron { 'publish-swamid-metadata': command => "/opt/swamid-metadata/scripts/update.sh", user => root, -- cgit v1.1 From 695aae2b44d0d6bab7c2803fbed07ba02b2d14d4 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Thu, 24 Sep 2015 08:54:09 +0200 Subject: tools needed by swamid static signer --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 86f833d..b1930fe 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -234,7 +234,7 @@ class swamid_static_signer { class { 'swamid_metadata': } -> user { 'www-data': system => true } -> file { '/opt/published-metadata': ensure => directory, owner => 'www-data', group => 'www-data' } -> - package { ['make','libdate-calc-perl', 'xsltproc', 'opensaml2-tools', 'xmlsec1']: ensure => installed } -> + package { ['make','libdate-calc-perl', 'libxml2-utils', 'xsltproc', 'opensaml2-tools', 'xmlsec1']: ensure => installed } -> cron { 'publish-swamid-metadata': command => "/opt/swamid-metadata/scripts/update.sh", user => root, -- cgit v1.1 From 44b6314ec9e2e02d21916986b7422002ad4c963d Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Thu, 24 Sep 2015 09:17:09 +0200 Subject: install saml-md-tools --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index b1930fe..029d706 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -235,6 +235,16 @@ class swamid_static_signer { user { 'www-data': system => true } -> file { '/opt/published-metadata': ensure => directory, owner => 'www-data', group => 'www-data' } -> package { ['make','libdate-calc-perl', 'libxml2-utils', 'xsltproc', 'opensaml2-tools', 'xmlsec1']: ensure => installed } -> + vcsrepo { '/opt/saml-md-tools': + ensure => present, + provider => git, + source => 'git@git.nordu.net:saml-md-tools.git' + } -> + exec { 'install_saml_md_tools': + command => './configure --prefix=/usr/local && make && make install', + path => '/opt/saml-md-tools', + onlyif => 'test ! -f /usr/local/bin/saml-md-tool' + } -> cron { 'publish-swamid-metadata': command => "/opt/swamid-metadata/scripts/update.sh", user => root, -- cgit v1.1 From e99061753bc17492ff0fa16268cafbc3f7532f3e Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Thu, 24 Sep 2015 09:18:18 +0200 Subject: install saml-md-tools - anonymous git --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 029d706..2b686ad 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -238,7 +238,7 @@ class swamid_static_signer { vcsrepo { '/opt/saml-md-tools': ensure => present, provider => git, - source => 'git@git.nordu.net:saml-md-tools.git' + source => 'git://git.nordu.net/saml-md-tools.git' } -> exec { 'install_saml_md_tools': command => './configure --prefix=/usr/local && make && make install', -- cgit v1.1 From b830dcc6dfff4eeb6437740c82ed27afd73711d4 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Thu, 24 Sep 2015 09:19:31 +0200 Subject: install saml-md-tools - anonymous git --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 2b686ad..95925b2 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -243,7 +243,7 @@ class swamid_static_signer { exec { 'install_saml_md_tools': command => './configure --prefix=/usr/local && make && make install', path => '/opt/saml-md-tools', - onlyif => 'test ! -f /usr/local/bin/saml-md-tool' + onlyif => '/usr/bin/test ! -f /usr/local/bin/saml-md-tool' } -> cron { 'publish-swamid-metadata': command => "/opt/swamid-metadata/scripts/update.sh", -- cgit v1.1 From b328bd76cfaa13bff13f1398cf2e782cca1b5628 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Thu, 24 Sep 2015 09:20:54 +0200 Subject: install saml-md-tools - anonymous git --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 95925b2..cf63c74 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -234,7 +234,7 @@ class swamid_static_signer { class { 'swamid_metadata': } -> user { 'www-data': system => true } -> file { '/opt/published-metadata': ensure => directory, owner => 'www-data', group => 'www-data' } -> - package { ['make','libdate-calc-perl', 'libxml2-utils', 'xsltproc', 'opensaml2-tools', 'xmlsec1']: ensure => installed } -> + package { ['make','libdate-calc-perl', 'libxml2-utils', 'xsltproc', 'opensaml2-tools', 'xmlsec1', 'autoconf']: ensure => installed } -> vcsrepo { '/opt/saml-md-tools': ensure => present, provider => git, -- cgit v1.1 From 99490dccbcad8ba3729f13c7dc4b941f6e0132d4 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Thu, 24 Sep 2015 09:21:10 +0200 Subject: install saml-md-tools - anonymous git --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index cf63c74..dc676a1 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -241,7 +241,7 @@ class swamid_static_signer { source => 'git://git.nordu.net/saml-md-tools.git' } -> exec { 'install_saml_md_tools': - command => './configure --prefix=/usr/local && make && make install', + command => 'sh bootstrap.sh && ./configure --prefix=/usr/local && make && make install', path => '/opt/saml-md-tools', onlyif => '/usr/bin/test ! -f /usr/local/bin/saml-md-tool' } -> -- cgit v1.1 From 6cc0105f672a4db3020ed38a50fd3dd5527680b3 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Thu, 24 Sep 2015 09:22:36 +0200 Subject: install saml-md-tools - anonymous git --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index dc676a1..3ea51a6 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -241,7 +241,7 @@ class swamid_static_signer { source => 'git://git.nordu.net/saml-md-tools.git' } -> exec { 'install_saml_md_tools': - command => 'sh bootstrap.sh && ./configure --prefix=/usr/local && make && make install', + command => 'autoreconf -is && ./configure --prefix=/usr/local && make && make install', path => '/opt/saml-md-tools', onlyif => '/usr/bin/test ! -f /usr/local/bin/saml-md-tool' } -> -- cgit v1.1 From df71611d65b84ad0897c31823111083cecea61f1 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Thu, 24 Sep 2015 09:23:51 +0200 Subject: install saml-md-tools - anonymous git --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 3ea51a6..b466cb8 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -241,7 +241,7 @@ class swamid_static_signer { source => 'git://git.nordu.net/saml-md-tools.git' } -> exec { 'install_saml_md_tools': - command => 'autoreconf -is && ./configure --prefix=/usr/local && make && make install', + command => '/usr/bin/autoreconf -is && ./configure --prefix=/usr/local && make && make install', path => '/opt/saml-md-tools', onlyif => '/usr/bin/test ! -f /usr/local/bin/saml-md-tool' } -> -- cgit v1.1 From 444f9092d4e8e8a422137057011d786b11165bf2 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Thu, 24 Sep 2015 09:25:55 +0200 Subject: path is not cwd --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index b466cb8..803a382 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -241,8 +241,7 @@ class swamid_static_signer { source => 'git://git.nordu.net/saml-md-tools.git' } -> exec { 'install_saml_md_tools': - command => '/usr/bin/autoreconf -is && ./configure --prefix=/usr/local && make && make install', - path => '/opt/saml-md-tools', + command => 'cd /opt/saml-md-tools && /usr/bin/autoreconf -is && ./configure --prefix=/usr/local && make && make install', onlyif => '/usr/bin/test ! -f /usr/local/bin/saml-md-tool' } -> cron { 'publish-swamid-metadata': -- cgit v1.1 From 0739b5b129db8bd470e9ffee5897046832a726dd Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Thu, 24 Sep 2015 09:26:53 +0200 Subject: path is not cwd --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 803a382..205485a 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -242,6 +242,7 @@ class swamid_static_signer { } -> exec { 'install_saml_md_tools': command => 'cd /opt/saml-md-tools && /usr/bin/autoreconf -is && ./configure --prefix=/usr/local && make && make install', + path => '/bin:/usr/bin:/usr/sbin', onlyif => '/usr/bin/test ! -f /usr/local/bin/saml-md-tool' } -> cron { 'publish-swamid-metadata': -- cgit v1.1 From 07e25e929adbcc7a35914f241c2231bf826ea69f Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Thu, 24 Sep 2015 09:28:46 +0200 Subject: set cwd --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 205485a..ccf1bd9 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -241,7 +241,8 @@ class swamid_static_signer { source => 'git://git.nordu.net/saml-md-tools.git' } -> exec { 'install_saml_md_tools': - command => 'cd /opt/saml-md-tools && /usr/bin/autoreconf -is && ./configure --prefix=/usr/local && make && make install', + command => '/usr/bin/autoreconf -is && ./configure --prefix=/usr/local && make && make install', + cwd => '/opt/saml-md-tools', path => '/bin:/usr/bin:/usr/sbin', onlyif => '/usr/bin/test ! -f /usr/local/bin/saml-md-tool' } -> -- cgit v1.1