Commit 12436e7c authored by Martin van Es's avatar Martin van Es
Browse files

Add all_martin.yml all.yaml file

parent 39cf89fa
---
tld: srv.mdx.incubator.geant.org
all_yaml: https://gitlab.geant.org/TI_Incubator/mdx-saas-config/-/raw/main/inventory/group_vars/all_martin.yml
proxies:
et2:
hostname: srv1
alias: 'server-md2.et2.com'
mdproxy:
test:
signer: 'http://localhost:5001'
realm_alias: 'test-md.et2.com'
edugain:
signer: 'http://srv2-signer.srv.mdx.incubator.geant.org'
realm_alias: 'edugain-md.et2.com'
mdxcdn:
hostname: srv2
alias: 'server-md2.et2.com'
mdproxy:
test:
signer: 'http://srv1-signer.srv.mdx.incubator.geant.org'
realm_alias: 'test-md.foobar.com'
edugain:
signer: 'http://localhost:5001'
okeanos:
hostname: srv3
mdproxy:
test:
signer: 'http://srv1-signer.srv.mdx.incubator.geant.org'
realm_alias: 'test-md.barfoo.com'
edugain:
signer: 'http://srv2-signer.srv.mdx.incubator.geant.org'
alternative-mdx:
hostname: srv4
alias: 'server-md.example.com'
mdproxy:
edugain:
signer: 'http://srv2-signer.srv.mdx.incubator.geant.org'
realm_alias: 'edugain-md.blabla.com'
......@@ -26,5 +26,5 @@ signers:
key_spec: "test.key"
cert_spec: "test.crt"
foobar:
name: hsm_signer
type: hsm_signer
key_spec: pkcs11:///usr/lib/softhsm/libsofthsm2.so/test?pin=secret
{% if signers is defined and signers[inventory_hostname].get('mdsigner') %}
{% if signers is defined and signers.get(inventory_hostname, {}).get('mdsigner') %}
# Signer configuration
<VirtualHost *:80>
ServerName {{ signers[inventory_hostname]['hostname'] }}-signer.{{ tld }}
......@@ -12,9 +12,7 @@
</VirtualHost>
{% endif %}
{% if proxies is defined and proxies.get(inventory_hostname) %}
{% if proxies is defined and proxies[inventory_hostname].get('mdproxy') %}
{% if proxies is defined and proxies.get(inventory_hostname, {}).get('mdproxy') %}
# Global proxy configuration
<VirtualHost *:80>
ServerName {{ proxies[inventory_hostname]['hostname'] }}-proxy.{{ tld }}
......@@ -42,5 +40,3 @@
</VirtualHost>
{% endfor %}
{% endif %}
{% endif %}
---
- name: enable geodns job
- name: enable geodns jobs
systemd:
name: "{{ item }}"
enabled: true
......
......@@ -36,7 +36,7 @@
chdir: "{{ geodns_dir }}"
when: geodns_git.changed or not geodns.stat.exists
notify:
- "enable geodns job"
- "enable geodns jobs"
- name: Create config dirs if it does not exist
ansible.builtin.file:
......@@ -49,11 +49,11 @@
- name: Copy geoDNS config
ansible.builtin.copy:
src: "geodns.yaml"
dest: "{{ geodns_config }}/geodns.yaml"
src: "{{ tld }}.yaml"
dest: "{{ geodns_config }}/{{ tld }}.yaml"
mode: '0644'
notify:
- "enable geodns job"
- "enable geodns jobs"
- name: Copy geoDNS config parser
ansible.builtin.copy:
......@@ -61,7 +61,7 @@
dest: "{{ geodns_config }}/geoconfig.py"
mode: '0755'
notify:
- "enable geodns job"
- "enable geodns jobs"
- name: Download GeoLite2DB's
ansible.builtin.unarchive:
......@@ -75,7 +75,7 @@
- GeoLite2-City
- GeoLite2-Country
notify:
- "enable geodns job"
- "enable geodns jobs"
when: geodns_licence is defined
- name: Create geoDNS config
......@@ -83,7 +83,7 @@
src: "geodns.conf.j2"
dest: "{{ geodns_config }}/geodns.conf"
notify:
- "enable geodns job"
- "enable geodns jobs"
- name: Run GeoDns config job once
command:
......@@ -101,4 +101,4 @@
- geodns-update.service
- geodns-update.timer
notify:
- "enable geodns job"
- "enable geodns jobs"
......@@ -12,6 +12,12 @@
src: "local.j2"
dest: "{{ mdxsaas_dir }}/inventory/local"
- name: Copy mdproxy all.yaml
ansible.builtin.get_url:
url: "{{ all_yaml }}"
dest: "{{ mdxsaas_dir }}/inventory/group_vars/all.yaml"
mode: '0644'
- name: Write MDX-SAAS repo version
shell:
cmd: "git rev-parse HEAD > /tmp/mdx-saas-revision"
......
---
- name: enable mdproxy job
- name: enable mdproxy jobs
systemd:
name: "{{ item }}"
enabled: true
......
......@@ -9,7 +9,7 @@
src: "mdproxy.yaml.j2"
dest: "{{ altmdx_dir }}/mdproxy.yaml"
notify:
- "enable mdproxy job"
- "enable mdproxy jobs"
- name: Copy mdproxy service files
ansible.builtin.template:
......@@ -20,4 +20,4 @@
- mdproxy-update.service
- mdproxy-update.timer
notify:
- "enable mdproxy job"
- "enable mdproxy jobs"
......@@ -3,7 +3,7 @@
{% for realm, values in mdsigners.items() %}
{{ realm }}:
signer:
name: {{ values.type }}
type: {{ values.type }}
key_spec: {{ values.key_spec }}
cert_spec: {{ values.get('cert_spec') }}
metadir: metadata/{{ realm }}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment