From 62c0dfc00abfcb813e89482ce063e44a7687cd00 Mon Sep 17 00:00:00 2001
From: Leif Johansson <leifj@sunet.se>
Date: Wed, 22 Oct 2014 12:28:28 +0200
Subject: exception for random hosts

---
 global/overlay/etc/puppet/manifests/cosmos-site.pp | 25 ++++++++++++++++++++++
 1 file changed, 25 insertions(+)

(limited to 'global/overlay/etc/puppet/manifests')

diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp
index 5c5569d..64c84b0 100644
--- a/global/overlay/etc/puppet/manifests/cosmos-site.pp
+++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp
@@ -96,6 +96,26 @@ node 'sto-fre-kvm1.swamid.se' {
 
 }
 
+class docker_signer {
+   docker::image {'docker.samlbits.net/varnish': }
+   docker::image {'docker.samlbits.net/pyff': }
+   docker::run {'pyff':
+      image => 'docker.samlbits.net/pyff',
+      volumes  => ['/opt/swamid-metadata:/opt/swamid-metadata'],
+      env      => ['DATADIR=/opt/swamid-metadata','LOGLEVEL=INFO']
+   }
+   docker::run {'varnish':
+      image => 'docker.samlbits.net/varnish',
+      links => ['pyff:backend'],
+      ports => ['80:80']
+   }
+   cron {'update-swamid-metadata':
+      command => "cd /opt/swamid-metadata && git -q pull",
+      user    => root,
+      minute  => '*/5'
+   }
+}
+
 class signer {
    include cosmos::httpsproxy
    class {'varnish': 
@@ -515,6 +535,11 @@ class sunet {
       fstab_fix_shm        => false,
       sysctl_net_hardening => false,
     }
+  } elsif $::hostname =~ /random/ {  # pollen requires exec on /tmp
+    class {'bastion':
+      fixperms_enable      => false,
+      fixperms_paranoia    => false,
+    }
   } else {
     class {'bastion':
       fstab_fix_shm     => false,
-- 
cgit v1.1