#
# Options put here are inherited by all nodes.
-# # "fqdn": "= name + '.' + (public_dns ? domain_public : domain_internal)"
+#
{
"domain": {
"public": "rewire.co",
- "internal": "rewire"
+ "internal": "rewire",
+ "name": "= node.name + '.' + (dns.public ? domain.public : domain.internal)"
},
- "public_dns": true,
- "fqdn": "= name + '.' + (public_dns ? domain['public'] : domain['internal'])"
+ "dns": {
+ "public": "= service_type != 'internal_service'"
+ }
}
+++ /dev/null
-todo: implement template support.
\ No newline at end of file
--- /dev/null
+<%=
+ hsh = {}
+
+ # grab some fields from provider.json
+ hsh = global.provider.pick(:languages, :description, :name, :enrollment_policy)
+
+ # typically this is specified in common.json
+ hsh['domain'] = domain.public
+
+ # advertise services that are 'user services'
+ hsh['services'] = global.services[:service_type => :user_service].field(:name)
+
+ hsh['api_version'] = "1"
+ hsh['api_uri'] = "https://" + api_domain
+
+ #hsh['ca_cert_uri'] =
+ #hsh['ca_cert_fingerprint'] =
+
+ # {
+ # "serial": 1,
+ # "version": "0.1.0",
+ # "domain": "springbok",
+ # "languages": ["en"],
+ # "display_name": {
+ # "en": "Test Provider"
+ # },
+ # "description": {
+ # "en": "This is a test provider"
+ # },
+ # "enrollment_policy": "open",
+ # "services": ["eip"],
+ # "api_version": "1.0.0",
+ # "api_uri": "https://94.103.43.3",
+ # "ca_cert_fingerprint": "SHA256 Fingerprint=19:F1:44:AA:57:DD:59:65:3B:07:5F:25:5D:02:D2:3F:FB:E6:A6:DA:FE:67:35:F2:7D:D7:8B:0E:BF:2B:E5:3C",
+ # "ca_cert_uri": "https://springbok/ca.crt"
+ # }
+
+ generate_json hsh
+%>
\ No newline at end of file
---
+dns:
+ public: false
domain:
internal: rewire
+ name: couch1.rewire
public: rewire.co
-fqdn: couch1.rewire
ip_address: 245.2.45.42
name: couch1
-public_dns: false
+service_type: internal_service
services: couchdb
---
+dns:
+ public: false
domain:
internal: rewire
+ name: couch2.rewire
public: rewire.co
-fqdn: couch2.rewire
ip_address: 73.45.87.11
name: couch2
-public_dns: false
+service_type: internal_service
services: couchdb
---
+dns:
+ public: true
domain:
internal: rewire
+ name: ns1.rewire.co
public: rewire.co
-fqdn: ns1.rewire.co
hosts:
private:
- - fqdn: couch1.rewire
+ - domain_name: couch1.rewire
ip_address: 245.2.45.42
- - fqdn: couch2.rewire
+ - domain_name: couch2.rewire
ip_address: 73.45.87.11
public:
- - fqdn: ns1.rewire.co
+ - domain_name: ns1.rewire.co
ip_address: 1.1.1.1
- - fqdn: ns2.rewire.co
+ - domain_name: ns2.rewire.co
ip_address: 1.1.1.2
- - fqdn: vpn1.rewire.co
+ - domain_name: vpn1.rewire.co
ip_address: 2.2.2.2
- - fqdn: web1.rewire.co
+ - dns_aliases:
+ - rewire.co
+ - api.rewire.co
+ domain_name: web1.rewire.co
ip_address: 6.6.7.7
ip_address: 1.1.1.1
name: ns1
production: true
-public_dns: true
+service_type: public_service
services: dns
tags: production
---
+dns:
+ public: true
domain:
internal: rewire
+ name: ns2.rewire.co
public: rewire.co
-fqdn: ns2.rewire.co
hosts:
private:
- - fqdn: couch1.rewire
+ - domain_name: couch1.rewire
ip_address: 245.2.45.42
- - fqdn: couch2.rewire
+ - domain_name: couch2.rewire
ip_address: 73.45.87.11
public:
- - fqdn: ns1.rewire.co
+ - domain_name: ns1.rewire.co
ip_address: 1.1.1.1
- - fqdn: ns2.rewire.co
+ - domain_name: ns2.rewire.co
ip_address: 1.1.1.2
- - fqdn: vpn1.rewire.co
+ - domain_name: vpn1.rewire.co
ip_address: 2.2.2.2
- - fqdn: web1.rewire.co
+ - dns_aliases:
+ - rewire.co
+ - api.rewire.co
+ domain_name: web1.rewire.co
ip_address: 6.6.7.7
ip_address: 1.1.1.2
name: ns2
production: true
-public_dns: true
+service_type: public_service
services: dns
tags: production
---
+dns:
+ public: true
domain:
internal: rewire
+ name: vpn1.rewire.co
public: rewire.co
-fqdn: vpn1.rewire.co
ip_address: 2.2.2.2
name: vpn1
openvpn:
-----END RSA PRIVATE KEY-----
production: true
-public_dns: true
+service_type: user_service
services: openvpn
tags: production
---
+api_domain: api.rewire.co
definition_files:
- provider: <%= {:hi => 'yes'}.to_json %>
+ eip_service: file('service-definitions/eip-service.json.erb')
+ provider: |-
+ {
+ "api_uri": "https://api.rewire.co",
+ "api_version": "1",
+ "description": {
+ "en": "A demonstration service provider using the LEAP platform"
+ },
+ "domain": "rewire.co",
+ "enrollment_policy": "open",
+ "languages": [
+ "en"
+ ],
+ "name": {
+ "en": "The Rewire Company"
+ },
+ "services": [
+ "openvpn"
+ ]
+ }
+dns:
+ aliases:
+ - rewire.co
+ - api.rewire.co
+ public: true
domain:
internal: rewire
+ name: web1.rewire.co
public: rewire.co
-fqdn: web1.rewire.co
ip_address: 6.6.7.7
name: web1
-public_dns: true
+service_type: public_service
services: webapp
webapp:
couchdb_hosts:
# General service provider configuration.
#
{
- "name": "The Rewire Company",
- "description": "A demonstration service provider using the LEAP platform",
+ "name": {
+ "en": "The Rewire Company"
+ },
+ "description": {
+ "en": "A demonstration service provider using the LEAP platform"
+ },
"languages": ["en"],
+ "default_language": "en",
+ "enrollment_policy": "open",
"ca": {
"name": "Rewire Root CA",
"organization": "#{name}",
{
- "public_dns": false
+ "service_type": "internal_service"
}
\ No newline at end of file
{
"hosts": {
- "public": "= nodes[:public_dns => true].fields(:fqdn, :dns_alias, :ip_address)",
- "private": "= nodes[:public_dns => false].fields(:fqdn, :dns_alias, :ip_address)"
- }
+ "public": "= nodes['dns.public' => true].fields('domain.name', 'dns.aliases', 'ip_address')",
+ "private": "= nodes['dns.public' => false].fields('domain.name', 'dns.aliases', 'ip_address')"
+ },
+ "service_type": "public_service"
}
\ No newline at end of file
"nat": true,
"ca_crt": "= file 'ca/ca.crt'",
"ca_key": "= file 'ca/ca.key'",
- "server_crt": "= file fqdn + '.crt'",
- "server_key": "= file fqdn + '.key'"
- }
+ "server_crt": "= file domain.name + '.crt'",
+ "server_key": "= file domain.name + '.key'"
+ },
+ "service_type": "user_service"
}
-# "dns_alias": "= 'user.' + domain_public",
{
"webapp": {
"modules": ["user", "billing", "help"],
- "couchdb_hosts": "= nodes[:services => :couchdb].field(:fqdn)"
+ "couchdb_hosts": "= nodes[:services => :couchdb].field('domain.name')"
},
"definition_files": {
- "provider": "= file('public-definitions/provider.json.erb')"
+ "provider": "= file('service-definitions/provider.json.erb')",
+ "eip_service": "file('service-definitions/eip-service.json.erb')"
+ },
+ "service_type": "public_service",
+ "api_domain": "= 'api.' + domain.public",
+ "dns": {
+ "aliases": "= [domain.public, api_domain]"
}
}
\ No newline at end of file
projects / leap / leap_cli.git / commitdiff