From bcee6cb403be4ba72e0b06a8619384a9f044d881 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Wed, 23 Sep 2015 14:52:51 +0200 Subject: new signer definitions --- global/overlay/etc/puppet/cosmos-rules.yaml | 6 +-- global/overlay/etc/puppet/manifests/cosmos-site.pp | 49 ++++++++-------------- 2 files changed, 19 insertions(+), 36 deletions(-) (limited to 'global/overlay/etc/puppet') diff --git a/global/overlay/etc/puppet/cosmos-rules.yaml b/global/overlay/etc/puppet/cosmos-rules.yaml index 718ce2a..3fda18d 100644 --- a/global/overlay/etc/puppet/cosmos-rules.yaml +++ b/global/overlay/etc/puppet/cosmos-rules.yaml @@ -21,11 +21,9 @@ docker.sunet.se: dockerhost: webserver: mdx1.swamid.se: - dockerhost: - signer: + swamid_pyff_signer: mdx2.swamid.se: - dockerhost: - docker_signer: + swamid_pyff_signer: sto-tug-kvm2.swamid.se: webserver: sunet::dockerhost: diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index f04fd87..d9ac384 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -165,45 +165,25 @@ node 'docker.sunet.se' { } } -class docker_signer { - docker::image {'docker.samlbits.net/varnish': } - docker::image {'docker.samlbits.net/pyff': } - docker::run {'pyff': +define pyff($dir) { + sunet::docker_run {'pyff_${name}': image => 'docker.samlbits.net/pyff', - volumes => ['/opt/swamid-metadata:/opt/swamid-metadata'], - env => ['DATADIR=/opt/swamid-metadata','LOGLEVEL=INFO'] + volumes => ["${dir}:${dir}"], + env => ['DATADIR=${dir}','LOGLEVEL=INFO'] } - docker::run {'varnish': + docker::run {'varnish_${name}': image => 'docker.samlbits.net/varnish', - links => ['pyff:backend'], + env => ['BACKEND_PORT=tcp://pyff.varnish:80'], ports => ['80:80'] } - cron {'update-swamid-metadata': - command => "cd /opt/swamid-metadata && git pull -q", - user => root, - minute => '*/5' - } } -class signer { - include cosmos::httpsproxy - class {'varnish': - domain => 'swamid.se', - backends => { - mdx => 'http://localhost:8000/' - }, - vhosts => { - mdx => 'mdx.swamid.se' - } - } - class {'pyff': - load => ["/opt/metadata"], - port => 8000, - address => '0.0.0.0', - validUntil => 'P10D', - cacheDuration => 'PT5H', - replace => false - } +class swamid_metadata { + vcsrepo { '/opt/swamid-metadata': + ensure => present + provider => git, + source => 'git://md-master.swamid.se/swamid-metadata.git' + } -> cron {'update-swamid-metadata': command => "cd /opt/swamid-metadata && git pull -q", user => root, @@ -211,6 +191,11 @@ class signer { } } +class swamid_pyff_signer { + class { 'swamid_metadata': } + pyff {'swamid': dir => '/opt/swamid-metadata' } +} + node 'md-master.reep.refeds.org' { #include cosmos::httpsproxy class {'pyff': -- cgit v1.1