Rename altname to alias and realm_alias

f41c420e · Martin van Es · a91af3f7 · f41c420e · f41c420e · f41c420e
Commit f41c420e authored May 03, 2022 by Martin van Es
--- a/inventory/group_vars/all.yml
+++ b/inventory/group_vars/all.yml
@@ -5,24 +5,24 @@ tld: srv.mdx.incubator.geant.org
 proxies:
  et2:
    hostname: srv1
-    altname: 'server-md2.et2.com'
+    alias: 'server-md2.et2.com'

    mdproxy:
      test:
        signer: 'http://localhost:5001'
-        altname: 'test-md.et2.com'
+        realm_alias: 'test-md.et2.com'
      edugain:
        signer: 'http://srv2-signer.srv.mdx.incubator.geant.org'
-        altname: 'edugain-md.et2.com'
+        realm_alias: 'edugain-md.et2.com'

  mdxcdn:
    hostname: srv2
-    altname: 'server-md2.et2.com'
+    alias: 'server-md2.et2.com'

    mdproxy:
      test:
        signer: 'http://srv1-signer.srv.mdx.incubator.geant.org'
-        altname: 'test-md.foobar.com'
+        realm_alias: 'test-md.foobar.com'
      edugain:
        signer: 'http://localhost:5001'

@@ -32,15 +32,15 @@ proxies:
    mdproxy:
      test:
        signer: 'http://srv1-signer.srv.mdx.incubator.geant.org'
-        altname: 'test-md.barfoo.com'
+        realm_alias: 'test-md.barfoo.com'
      edugain:
        signer: 'http://srv2-signer.srv.mdx.incubator.geant.org'

  alternative-mdx:
    hostname: srv4
-    altname: 'server-md.example.com'
+    alias: 'server-md.example.com'

    mdproxy:
      edugain:
        signer: 'http://srv2-signer.srv.mdx.incubator.geant.org'
-        altname: 'edugain-md.blabla.com'
+        realm_alias: 'edugain-md.blabla.com'
--- a/inventory/group_vars/mdsigner.yml.example
+++ b/inventory/group_vars/mdsigner.yml.example
@@ -5,6 +5,7 @@ signers_tld: srv.mdx.incubator.geant.org
 signers:
  et2:
    hostname: srv1
+    alias: mdx.et2.hu
    mdsigner:
      test:
        name: hsm_signer
@@ -12,6 +13,7 @@ signers:

  mdxcdn:
    hostname: srv2
+    alias: mdx.cdn.nl
    mdsigner:
      edugain:
        name: hsm_signer
@@ -19,6 +21,7 @@ signers:

  alternative-mdx:
    hostname: srv3
+    alias: mdx.alternative.nl
    mdsigner:
      test:
        name: normal_signer

--- a/roles/apache/templates/md.conf.j2
+++ b/roles/apache/templates/md.conf.j2
 {% if signers is defined and signers[inventory_hostname].get('mdsigner') %}
+# Signer configuration
 <VirtualHost *:80>
        ServerName {{ signers[inventory_hostname]['hostname'] }}-signer.{{ signers_tld }}
-{% if signers[inventory_hostname].get('altname') %}
-        ServerAlias {{ signers[inventory_hostname]['altname'] }}
+{% if signers[inventory_hostname].get('alias') %}
+        ServerAlias {{ signers[inventory_hostname]['alias'] }}
 {% endif %}
        DocumentRoot /var/www/html
        AllowEncodedSlashes NoDecode
        ProxyPass "/" "http://127.0.0.1:5001/" nocanon
        ProxyPassReverse "/" "http://127.0.0.1:5001/"
 </VirtualHost>
-{% endif %}

+{% endif %}
 {% if proxies is defined and proxies[inventory_hostname].get('mdproxy') %}
+# Global proxy configuration
 <VirtualHost *:80>
        ServerName {{ proxies[inventory_hostname]['hostname'] }}-proxy.{{ tld }}
+{% if proxies[inventory_hostname].get('alias') %}
+        ServerAlias {{ proxies[inventory_hostname]['alias'] }}
+{% endif %}
        DocumentRoot /var/www/html
        AllowEncodedSlashes NoDecode
        ProxyPass "/" "http://127.0.0.1:5002/" nocanon
@@ -21,11 +26,12 @@
 </VirtualHost>

 {% set mdproxy = proxies[inventory_hostname]['mdproxy'] %}
+# Realm specific proxy configuration
 {% for realm, values in mdproxy.items() %}
 <VirtualHost *:80>
        ServerName proxy-{{ realm }}.{{ tld }}
-{% if values.get('altname') %}
-        ServerAlias {{ values['altname'] }}
+{% if values.get('realm_alias') %}
+        ServerAlias {{ values['realm_alias'] }}
 {% endif %}
        DocumentRoot /var/www/html
        AllowEncodedSlashes NoDecode

--- a/roles/geodns/tasks/main.yml
+++ b/roles/geodns/tasks/main.yml
@@ -4,6 +4,7 @@
    state: present
    name:
      - netcat-openbsd
+      - ansible

 - name: Check if go binary exists
  stat:

--- a/roles/local/tasks/main.yml
+++ b/roles/local/tasks/main.yml
 ---
- name: Install packages
-  apt:
-    state: present
-    name:
-      - ansible

 - name: Clone MDX-SAAS-config repository
  ansible.builtin.git:

--- a/roles/mdproxy/templates/mdproxy.yaml.j2
+++ b/roles/mdproxy/templates/mdproxy.yaml.j2
@@ -3,7 +3,4 @@
 {% for realm, values in mdproxies.items() %}
 {{ realm }}:
  signer: {{ values['signer'] }}
-{% if values.get('altname') %}
-  altname: {{ values['altname'] }}
-{% endif %}
 {% endfor %}