new configuration version

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/etc/nevis/create_nvpuser.sh

@@ -0,0 +1,25 @@
+#!/bin/sh
+
+nevis_group=nvbgroup
+nevis_group_id=30000
+
+nevis_user=nvpuser
+nevis_user_id=30002
+
+if [ -z "$(getent group "$nevis_group")" ]
+then
+    echo "Installing group '$nevis_group' with id '$nevis_group_id'"
+    groupadd --gid "$nevis_group_id" "$nevis_group"
+fi
+
+if [ -z "$(getent passwd "$nevis_user")" ]
+then
+    echo "Installing user '$nevis_user' with id '$nevis_user_id'"
+    useradd \
+        --comment 'functional user of nevisProxy' \
+        --home-dir '/opt/nevisproxy' \
+        --gid "$nevis_group" \
+        --uid "$nevis_user_id" \
+        --shell '/sbin/nologin' \
+        "$nevis_user"
+fi

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/etc/nevis/k8s-new-nevisproxy-instance-92e282d1dc2b69d9e4f91fc0.yaml

@@ -0,0 +1,59 @@
+apiVersion: "operator.nevis-security.ch/v1"
+kind: "NevisComponent"
+metadata:
+  name: "npi"
+  namespace: "adn-postit-tknxchng-01-dev"
+  labels:
+    deploymentTarget: "npi"
+  annotations:
+    projectKey: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT"
+    patternId: "92e282d1dc2b69d9e4f91fc0"
+spec:
+  type: "NevisProxy"
+  replicas: 1
+  version: "8.2405.1"
+  gitInitVersion: "1.3.0"
+  runAsNonRoot: true
+  ports:
+    management: 11080
+    https: 8443
+  resources:
+    limits:
+      cpu: "2"
+      memory: "2000Mi"
+    requests:
+      cpu: "20m"
+      memory: "1000Mi"
+  livenessProbe:
+    management:
+      httpGet:
+        path: "/liveness"
+      periodSeconds: 5
+      timeoutSeconds: 6
+  readinessProbe:
+    management:
+      httpGet:
+        path: "/readiness"
+      periodSeconds: 5
+      timeoutSeconds: 6
+  startupProbe:
+    management:
+      httpGet:
+        path: "/readiness"
+      periodSeconds: 5
+      timeoutSeconds: 6
+      failureThreshold: 50
+  podDisruptionBudget:
+    maxUnavailable: "50%"
+  git:
+    tag: "r-ece8a81b6d5522367837901bb038eac5dc95669e"
+    dir: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi"
+    credentials: "git-credentials"
+  keystores:
+  - "npi-23dc4a9fcc79a12d82662747"
+  ingresses:
+  - "npi"
+  podSecurity:
+    policy: "baseline"
+    automountServiceAccountToken: false
+  timeZone: "Europe/Zurich"

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/etc/nevis/k8s-npi-23dc4a9fcc79a12d82662747-92e282d1dc2b69d9e4f91fc0.yaml

@@ -0,0 +1,19 @@
+apiVersion: "operator.nevis-security.ch/v1"
+kind: "NevisKeyStore"
+metadata:
+  name: "npi-23dc4a9fcc79a12d82662747"
+  namespace: "adn-postit-tknxchng-01-dev"
+  labels:
+    deploymentTarget: "npi"
+  annotations:
+    projectKey: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT"
+    patternId: "92e282d1dc2b69d9e4f91fc0"
+spec:
+  cn: "test.ch"
+  usage: "<reserved for future use>"
+  san:
+    dns:
+    - "npi"
+    - "npi.adn-postit-tknxchng-01-dev"
+    - "test.ch"
+    email: []

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/etc/nevis/k8s-npi-ingress-92e282d1dc2b69d9e4f91fc0.yaml

@@ -0,0 +1,16 @@
+apiVersion: "operator.nevis-security.ch/v1"
+kind: "NevisIngress"
+metadata:
+  name: "npi"
+  namespace: "adn-postit-tknxchng-01-dev"
+  labels:
+    deploymentTarget: "npi"
+  annotations:
+    projectKey: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT"
+    patternId: "92e282d1dc2b69d9e4f91fc0"
+spec:
+  hosts:
+  - host: "test.ch"
+    protocol: "HTTPS"
+    servicePort: 8443
+    serviceName: "npi"

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/etc/nevis/nevisproxy_default.yml

@@ -0,0 +1,19 @@
+schemaVersion: 1.0
+instance:
+  type: "nevisproxy"
+  name: "default"
+  directory: "/var/opt/nevisproxy/default"
+  pid: "file:///var/opt/nevisproxy/default/run/navajo.pid"
+  source:
+    url: "/nevisadmin/#/projects/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/patterns/92e282d1dc2b69d9e4f91fc0"
+    projectKey: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT"
+    patternId: "92e282d1dc2b69d9e4f91fc0"
+    patternClass: "ch.nevis.admin.v4.plugin.nevisproxy.patterns.NevisProxyDeployable"
+  resources:
+    ports:
+    - "0.0.0.0:11080"
+    - "0.0.0.0:8443"
+  control:
+    start: "systemctl restart nevisproxy@default"
+    stop: "systemctl stop nevisproxy@default"
+    status: "/var/opt/nevisproxy/default/run/status.sh"

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/conf/bc.properties

@@ -0,0 +1,12 @@
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+bc.security.PassPhraseDialog=pipe:///var/opt/nevisproxy/default/conf/keystorepwget
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+ch.nevis.navajo.tracing.ReconfigurationPeriod=60
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+org.apache.runtime.UseApachePoolMemory=false
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+bc.security.PassPhrasePolicy=pipe,env,prompt
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+user.locale=en_US.UTF-8
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+ch.nevis.navajo.loading.servlet.LibPath=/opt/nevisproxy/webapp/WEB-INF/lib

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/conf/env.conf

@@ -0,0 +1,6 @@
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+APACHE_VERSION=2.4
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+RTENV_SECURITY_CHECK=no_lib
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+LD_LIBRARY_PATH=/opt/nevisproxy/lib:/opt/nevisproxy/webapp/WEB-INF/lib

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/conf/isi3web.properties

@@ -0,0 +1 @@
+# THIS FILE INTENTIONALLY LEFT EMPTY

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/conf/keystorepwget

@@ -0,0 +1,20 @@
+#!/bin/bash
+
+path=$1
+file=${path##*/}
+label=${file%_*}
+dir=${path%/*}
+
+admin_keypass="${dir}/keypass"
+if [ -f "$admin_keypass" ]; then
+  passphrase=$($admin_keypass)
+  echo -n "$passphrase"
+  exit 0
+fi
+
+keybox_keypass="${dir}/${label}_keypass"
+if [ -f "$keybox_keypass" ]; then
+  passphrase=$($keybox_keypass)
+  echo -n "$passphrase"
+  exit 0
+fi

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/conf/log.properties

@@ -0,0 +1,232 @@
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.LogFile=pipe:///bin/sed -u -e "s/^/[navajo.log] /g" | /bin/egrep --line-buffered -v "GET /(live|readi)ness"
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.ThresholdBase=5
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NProxyOp=1
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NavajoOp=1
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+ch.nevis.nevisproxy.LocalLogFileName=/var/opt/nevisproxy/default/conf/conditionallog.properties
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.TimeFormat=detailed
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.ProgName=isi3web
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.Secrets.Cipher=AES
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NavajoHttpSess=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NavajoResource=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NavajoRequest=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NavajoReqIO=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NavajoSSL=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NavajoCookie=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NavajoConIdent=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NavajoSession=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NavajoStart=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NavajoConfig=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NavajoDump=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NavajoHeader=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NavajoTimer=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NavajoMgmt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NavajoAdmin=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NevisMgmt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.JmxAmp=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.MBeanSrv=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.HttpAdaptor=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IsiwebOp=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4HttpConnSrv=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4HttpsConnSrv=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4Esau4ConnSrv=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4NISConnSrv=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4PAMConnSrv=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4X509AuthSrv=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4LogRenSrv=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4UserStatSrv=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4DefaultSrv=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4IdentCreaFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4SessionFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4CSTFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4JsonFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4SecRoleFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4CltTrackFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4VirtSessFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4RmRoleFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4CacheFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4CookieFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4RewriteFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4DelegateFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4HdrDlgFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4FakeLoginFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4ErrorFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4SessionLst=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4HtmlRewrite=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4DeflateFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4InflateFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4ValidFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4XMLValidFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4SoapFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4ICAPFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4EncryptFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4UrlEncrypt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4TRXSignFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4UsrAgentFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4HandoverFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4DumpFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4DNSRedirFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4SessBindFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4SAMLFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4SamlErrFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4CitrixFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4MappingFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4ResSessFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.JMXSessionFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.JMXRequestFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NevisSession=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4ParamFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4UnbluFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4MaintFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4CSRFFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4FltMappFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4QmrFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4LogFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4WebSocketSrv=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4WsMultiChSrv=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4WsToPlainSrv=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4WsToIIOPSrv=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4ModsecFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4MqSrv=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4CharSetFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.LuaNevisLib=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IW4LuaUrlEnc=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NPAuthFilter=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NPParamVldFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NPDynCfgFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NPRdrctFrmFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NPXmlFilter=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NPMemLeakFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NPHdrVldFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NPInsWrapFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NPLifeCycleFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NPGuessCTFilter=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NPTrcTagFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NPLocalSessStr=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NPMySQLSessSrv=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NPMemSessSrv=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NPSessionFlt=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NPReaperOp=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.EsauthProvider=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IsiOp=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.transTCP=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IO=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.IOSub=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.Alarming=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.AlarmEngine=0
+# source: pattern://92e282d1dc2b69d9e4f91fc0
+BC.Tracer.DebugProfile.NPMultiLevelStr=0

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/conf/navajo.xml

@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE Navajo SYSTEM "/opt/nevisproxy/dtd/navajo_1_0.dtd">
+<Navajo>
+    <!-- source: pattern://92e282d1dc2b69d9e4f91fc0 -->
+    <Service name="nevisproxy" serverTemplate="/opt/nevisproxy/etc/server2.template" hostTemplate="/opt/nevisproxy/etc/host2.template" spoolDir="/var/opt/nevisproxy/default" commandLine="-DFOREGROUND" crashRecoveryStrategy="kill">
+        <!-- source: pattern://92e282d1dc2b69d9e4f91fc0 -->
+        <Core workDir="/var/opt/nevisproxy/default/run"/>
+        <!-- source: pattern://92e282d1dc2b69d9e4f91fc0 -->
+        <Timer periodicity="60"/>
+        <!-- source: pattern://92e282d1dc2b69d9e4f91fc0 -->
+        <Server User="nevis" Group="root" ServerName="npi" Timeout="30" MaxClients="600" MaxRequestsPerChild="0" KeepAlive="on" KeepAliveTimeout="5" MaxKeepAliveRequests="100" LimitRequestLine="5120" LimitRequestBody="512000" LimitRequestFields="50" LimitRequestFieldsize="5120" ServerRoot="/var/opt/nevisproxy/default" CoreDumpDirectory="" ErrorLog="&quot;|/bin/sed -u s/^/[apache.log]\ /g&quot;" LogLevel="notice" TransferLog="&quot;|/bin/stdbuf -oL /bin/egrep -v GET./.....?ness&quot;" LogFormat="&quot;[access.log] %h %l %u %t \&quot;%r\&quot; %&gt;s %b %{content-length}i %T %v \&quot;%{Referer}i\&quot; \&quot;%{User-Agent}i\&quot; trID=%{UNIQUE_ID}e&quot;" SSLPassPhraseDialog="builtin" SSLSessionCache="shmcb:/var/opt/nevisproxy/default/run/apache_shmcb"/>
+        <!-- source: pattern://92e282d1dc2b69d9e4f91fc0 -->
+        <Connector port="11080" name="management" listen="0.0.0.0:11080"/>
+        <!-- source: pattern://23dc4a9fcc79a12d82662747 -->
+        <Connector port="443" name="test.ch" listen="0.0.0.0:8443">
+            <!-- source: pattern://23dc4a9fcc79a12d82662747, pattern://23dc4a9fcc79a12d82662747#keystore -->
+            <SSL SSLCipherSuite="ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256" SSLOptions="+OptRenegotiate +StdEnvVars +ExportCertData" SSLProtocol="-all +TLSv1.2 -TLSv1.3" SSLCertificateFile="/var/opt/keys/own/npi-23dc4a9fcc79a12d82662747/cert.pem" SSLCertificateKeyFile="/var/opt/keys/own/npi-23dc4a9fcc79a12d82662747/key.pem" SSLCertificateChainFile="/var/opt/keys/own/npi-23dc4a9fcc79a12d82662747/ca-chain.pem" SSLInsecureRenegotiation="off" SSLHonorCipherOrder="on"/>
+        </Connector>
+        <!-- source: pattern://92e282d1dc2b69d9e4f91fc0 -->
+        <Engine defaultHost="management">
+            <!-- source: pattern://92e282d1dc2b69d9e4f91fc0 -->
+            <Host name="management">
+                <!-- source: pattern://92e282d1dc2b69d9e4f91fc0 -->
+                <Context docBase="/var/opt/nevisproxy/default/host-management"/>
+            </Host>
+            <!-- source: pattern://92e282d1dc2b69d9e4f91fc0 -->
+            <Host name="test.ch">
+                <!-- source: pattern://23dc4a9fcc79a12d82662747 -->
+                <Context entryURI="/" unsecureConnection="allow" trailingSlashRedirect="true" filePreload="false" docBase="/var/opt/nevisproxy/default/host-test.ch" path="" allowedMethods="ALL-HTTP ALL-WEBDAV -TRACE -CONNECT"/>
+            </Host>
+        </Engine>
+    </Service>
+</Navajo>

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/host-management/WEB-INF/liveness.lua

@@ -0,0 +1,5 @@
+function inputHeader(req, resp)
+	resp:setHeader("Content-Type", "application/json")
+	resp:setBody("{ \"status\" : \"UP\" }")
+	resp:send(200)
+end

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/host-management/WEB-INF/readiness.lua

@@ -0,0 +1,5 @@
+function inputHeader(req, resp)
+	resp:setHeader("Content-Type", "application/json")
+	resp:setBody("{ \"status\" : \"UP\" }")
+	resp:send(200)
+end

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/host-management/WEB-INF/web.xml

@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "/opt/nevisproxy/dtd/web-app_2_3.dtd">
+<web-app>
+    <!-- source: pattern://92e282d1dc2b69d9e4f91fc0 -->
+    <filter>
+        <filter-name>LivenessLuaFilter</filter-name>
+        <filter-class>ch::nevis::isiweb4::filter::lua::LuaFilter</filter-class>
+        <!-- source: pattern://92e282d1dc2b69d9e4f91fc0 -->
+        <init-param>
+            <param-name>Script.InputHeaderFunctionName</param-name>
+            <param-value>inputHeader</param-value>
+        </init-param>
+        <!-- source: pattern://92e282d1dc2b69d9e4f91fc0 -->
+        <init-param>
+            <param-name>Script.Path</param-name>
+            <param-value>/var/opt/nevisproxy/default/host-management/WEB-INF/liveness.lua</param-value>
+        </init-param>
+    </filter>
+    <!-- source: pattern://92e282d1dc2b69d9e4f91fc0 -->
+    <filter>
+        <filter-name>ReadinessLuaFilter</filter-name>
+        <filter-class>ch::nevis::isiweb4::filter::lua::LuaFilter</filter-class>
+        <!-- source: pattern://92e282d1dc2b69d9e4f91fc0 -->
+        <init-param>
+            <param-name>Script.InputHeaderFunctionName</param-name>
+            <param-value>inputHeader</param-value>
+        </init-param>
+        <!-- source: pattern://92e282d1dc2b69d9e4f91fc0 -->
+        <init-param>
+            <param-name>Script.Path</param-name>
+            <param-value>/var/opt/nevisproxy/default/host-management/WEB-INF/readiness.lua</param-value>
+        </init-param>
+    </filter>
+    <!-- source: pattern://92e282d1dc2b69d9e4f91fc0 -->
+    <filter-mapping>
+        <filter-name>LivenessLuaFilter</filter-name>
+        <url-pattern>/liveness</url-pattern>
+    </filter-mapping>
+    <!-- source: pattern://92e282d1dc2b69d9e4f91fc0 -->
+    <filter-mapping>
+        <filter-name>ReadinessLuaFilter</filter-name>
+        <url-pattern>/readiness</url-pattern>
+    </filter-mapping>
+    <servlet>
+        <servlet-name>Hosting_Default</servlet-name>
+        <servlet-class>ch::nevis::isiweb4::servlet::defaults::DefaultServlet</servlet-class>
+    </servlet>
+    <servlet-mapping>
+        <servlet-name>Hosting_Default</servlet-name>
+        <url-pattern>/*</url-pattern>
+    </servlet-mapping>
+</web-app>

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/host-test.ch/WEB-INF/web.xml

@@ -0,0 +1,94 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "/opt/nevisproxy/dtd/web-app_2_3.dtd">
+<web-app>
+    <!-- source: pattern://23dc4a9fcc79a12d82662747 -->
+    <filter>
+        <filter-name>ErrorHandler_Default</filter-name>
+        <filter-class>ch::nevis::isiweb4::filter::error::ErrorFilter</filter-class>
+        <!-- source: pattern://23dc4a9fcc79a12d82662747 -->
+        <init-param>
+            <param-name>PlaceHolders</param-name>
+            <param-value>
+                TRANSFER_ID:TRANSFER_ID
+                TIMESTAMP:TIMESTAMP
+            </param-value>
+        </init-param>
+        <!-- source: pattern://23dc4a9fcc79a12d82662747 -->
+        <init-param>
+            <param-name>StatusCode</param-name>
+            <param-value>
+                403:Hosting_Default:/errorpages/403.html:reset-header:keep-status-code
+                404:Hosting_Default:/errorpages/404.html:keep-header:keep-status-code
+                500:Hosting_Default:/errorpages/500.html:reset-header:keep-status-code
+                502:Hosting_Default:/errorpages/502.html:keep-header:keep-status-code
+            </param-value>
+        </init-param>
+    </filter>
+    <!-- source: pattern://23dc4a9fcc79a12d82662747 -->
+    <filter>
+        <filter-name>Qos</filter-name>
+        <filter-class>ch:nevis:navajo:apglue:httpd_2_4_x:servlet:ApacheConfigFilter</filter-class>
+        <filter-lib>libApache2_4_Servlet.so.1</filter-lib>
+        <!-- source: pattern://23dc4a9fcc79a12d82662747 -->
+        <init-param>
+            <param-name>ServerConfig</param-name>
+            <param-value>
+                QS_SrvMaxConnClose 85%
+                QS_SrvMaxConnPerIP 75 500
+                QS_SrvMinDataRate 120 1500 500
+            </param-value>
+        </init-param>
+    </filter>
+    <!-- source: pattern://23dc4a9fcc79a12d82662747 -->
+    <filter>
+        <filter-name>ResponseHeader_Default</filter-name>
+        <filter-class>ch::nevis::isiweb4::filter::delegation::HeaderDelegationFilter</filter-class>
+        <!-- source: pattern://23dc4a9fcc79a12d82662747 -->
+        <init-param>
+            <param-name>DelegateToFrontend</param-name>
+            <param-value>
+                Strict-Transport-Security: max-age=63072000
+                X-Content-Type-Options: nosniff
+                Referrer-Policy: strict-origin-when-cross-origin
+            </param-value>
+        </init-param>
+    </filter>
+    <!-- source: pattern://23dc4a9fcc79a12d82662747 -->
+    <filter-mapping>
+        <filter-name>ErrorHandler_Default</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
+    <!-- source: pattern://23dc4a9fcc79a12d82662747 -->
+    <filter-mapping>
+        <filter-name>ResponseHeader_Default</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
+    <servlet>
+        <servlet-name>Hosting_Default</servlet-name>
+        <servlet-class>ch::nevis::isiweb4::servlet::defaults::DefaultServlet</servlet-class>
+    </servlet>
+    <servlet-mapping>
+        <servlet-name>Hosting_Default</servlet-name>
+        <url-pattern>/*</url-pattern>
+    </servlet-mapping>
+    <!-- source: pattern://23dc4a9fcc79a12d82662747 -->
+    <mime-mapping>
+        <extension>css</extension>
+        <mime-type>text/css</mime-type>
+    </mime-mapping>
+    <!-- source: pattern://23dc4a9fcc79a12d82662747 -->
+    <mime-mapping>
+        <extension>ico</extension>
+        <mime-type>image/x-icon</mime-type>
+    </mime-mapping>
+    <!-- source: pattern://23dc4a9fcc79a12d82662747 -->
+    <mime-mapping>
+        <extension>png</extension>
+        <mime-type>image/png</mime-type>
+    </mime-mapping>
+    <!-- source: pattern://23dc4a9fcc79a12d82662747 -->
+    <mime-mapping>
+        <extension>html</extension>
+        <mime-type>text/html</mime-type>
+    </mime-mapping>
+</web-app>

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/host-test.ch/errorpages/403.html

@@ -0,0 +1,50 @@
+<!DOCTYPE html>
+<html>
+	<head>
+		<title>Nevis - Forbidden</title>
+		<meta charset="utf-8">
+        <link href="/resources/bootstrap.min.css" rel="stylesheet" type="text/css">
+        <link href="/resources/default.css" rel="stylesheet" type="text/css" media="all">
+        <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
+        <link rel="shortcut icon" type="image/x-icon" href="/favicon.ico">
+	</head>
+	<body>
+	    <br/><br/><br/><br/><br/><br/><br/><br/><br/>
+        <header id="header" class="container-fluid">
+            <img class="logo center-block" src="/resources/logo.png" alt="NEVIS Security Suite">
+        </header>
+		<main id="content" class="container">
+			<div id="loginform">
+				<h1 align="center">Forbidden</h1>
+				<div align="center"><br>
+					<br>
+					<table border="0">
+        <tr>
+            <td>You are not authorized for this application. Contact the person responsible for the access infrastructure.</td>
+        </tr>
+        <tr>
+            <td>Sie sind nicht berechtigt f&uuml;r diese Applikation. Kontaktieren Sie den Verantwortlichen der Zugangsinfrastruktur.</td>
+        </tr>
+        <tr>
+            <td>Vous n'&ecirc;tes pas autoris&eacute; pour cette application. Contactez la personne responsable de l'infrastructure d'acc&egrave;s.</td>
+        </tr>
+        <tr>
+            <td>Non &egrave; autorizzato per questa applicazione. Contatta il leader delle infrastrutture di accesso.</td>
+        </tr>
+					</table>
+				</div>
+			</div>		
+		</main>
+        <footer id="footer" class="text-primary">
+            <div class="row small">
+                <div class="col-md-4 hidden-xs hidden-sm">Copyright &#169; 2023 NEVIS Security AG</div>
+                <div class="col-xs-12 col-md-4 text-center text-uppercase logo-round-container">
+                    <div class="logo-round center-block">
+                        <img src="/resources/logo.png" alt="NEVIS Security Suite">
+                    </div>
+                    <strong>NEVIS Security Suite</strong>
+                </div>
+            </div>
+        </footer>
+	</body>
+</html>    

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/host-test.ch/errorpages/404.html

@@ -0,0 +1,50 @@
+<!DOCTYPE html>
+<html>
+	<head>
+		<title>Nevis - Page Not Found</title>
+		<meta charset="utf-8">
+        <link href="/resources/bootstrap.min.css" rel="stylesheet" type="text/css">
+        <link href="/resources/default.css" rel="stylesheet" type="text/css" media="all">
+        <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
+        <link rel="shortcut icon" type="image/x-icon" href="/favicon.ico">
+	</head>
+	<body>
+	    <br/><br/><br/><br/><br/><br/><br/><br/><br/>
+        <header id="header" class="container-fluid">
+            <img class="logo center-block" src="/resources/logo.png" alt="NEVIS Security Suite">
+        </header>
+		<main id="content" class="container">
+			<div id="loginform">
+				<h1 align="center">Page Not Found</h1>
+				<div align="center"><br>
+					<br>
+					<table border="0">
+        <tr>
+            <td>The application you selected was not found on this server.</td>
+        </tr>
+        <tr>
+            <td>Die von Ihnen angew&auml;hlte Applikation existiert nicht auf diesem Server.</td>
+        </tr>
+        <tr>
+            <td>L'application que vous avez s&eacute;lectionn&eacute;e n'existe pas sur ce serveur.</td>
+        </tr>
+        <tr>
+            <td>L'applicazione che ha selezionato non &egrave; stata trovata su questo server.</td>
+        </tr>
+					</table>
+				</div>
+			</div>		
+		</main>
+        <footer id="footer" class="text-primary">
+            <div class="row small">
+                <div class="col-md-4 hidden-xs hidden-sm">Copyright &#169; 2023 NEVIS Security AG</div>
+                <div class="col-xs-12 col-md-4 text-center text-uppercase logo-round-container">
+                    <div class="logo-round center-block">
+                        <img src="/resources/logo.png" alt="NEVIS Security Suite">
+                    </div>
+                    <strong>NEVIS Security Suite</strong>
+                </div>
+            </div>
+        </footer>
+	</body>
+</html>    

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/host-test.ch/errorpages/500.html

@@ -0,0 +1,50 @@
+<!DOCTYPE html>
+<html>
+	<head>
+		<title>Nevis - Server Error</title>
+		<meta charset="utf-8">
+        <link href="/resources/bootstrap.min.css" rel="stylesheet" type="text/css">
+        <link href="/resources/default.css" rel="stylesheet" type="text/css" media="all">
+        <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
+        <link rel="shortcut icon" type="image/x-icon" href="/favicon.ico">
+	</head>
+	<body>
+	    <br/><br/><br/><br/><br/><br/><br/><br/><br/>
+        <header id="header" class="container-fluid">
+            <img class="logo center-block" src="/resources/logo.png" alt="NEVIS Security Suite">
+        </header>
+		<main id="content" class="container">
+			<div id="loginform">
+				<h1 align="center">Server Error</h1>
+				<div align="center"><br>
+					<br>
+					<table border="0">
+        <tr>
+            <td>An application error has occurred. Try again and contact the system administrator.</td>
+        </tr>
+        <tr>
+            <td>Es ist ein Applikationsfehler aufgetreten. Probieren Sie es nochmals und verst&auml;ndigen Sie den System-Administrator.</td>
+        </tr>
+        <tr>
+            <td>Une erreur d'application s'est produite. Essayez &agrave; nouveau et contactez l'administrateur syst&egrave;me.</td>
+        </tr>
+        <tr>
+            <td>Si &egrave; verificato un errore nell'applicazione. Provi nuovamente e contatti l'amministratore di sistema.</td>
+        </tr>
+					</table>
+				</div>
+			</div>		
+		</main>
+        <footer id="footer" class="text-primary">
+            <div class="row small">
+                <div class="col-md-4 hidden-xs hidden-sm">Copyright &#169; 2023 NEVIS Security AG</div>
+                <div class="col-xs-12 col-md-4 text-center text-uppercase logo-round-container">
+                    <div class="logo-round center-block">
+                        <img src="/resources/logo.png" alt="NEVIS Security Suite">
+                    </div>
+                    <strong>NEVIS Security Suite</strong>
+                </div>
+            </div>
+        </footer>
+	</body>
+</html>    

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/host-test.ch/errorpages/502.html

@@ -0,0 +1,50 @@
+<!DOCTYPE html>
+<html>
+	<head>
+		<title>Nevis - Server Error</title>
+		<meta charset="utf-8">
+        <link href="/resources/bootstrap.min.css" rel="stylesheet" type="text/css">
+        <link href="/resources/default.css" rel="stylesheet" type="text/css" media="all">
+        <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
+        <link rel="shortcut icon" type="image/x-icon" href="/favicon.ico">
+	</head>
+	<body>
+	    <br/><br/><br/><br/><br/><br/><br/><br/><br/>
+        <header id="header" class="container-fluid">
+            <img class="logo center-block" src="/resources/logo.png" alt="NEVIS Security Suite">
+        </header>
+		<main id="content" class="container">
+			<div id="loginform">
+				<h1 align="center">Server Error</h1>
+				<div align="center"><br>
+					<br>
+					<table border="0">
+        <tr>
+            <td>An application error has occurred. Try again and contact the system administrator.</td>
+        </tr>
+        <tr>
+            <td>Es ist ein Applikationsfehler aufgetreten. Probieren Sie es nochmals und verst&auml;ndigen Sie den System-Administrator.</td>
+        </tr>
+        <tr>
+            <td>Une erreur d'application s'est produite. Essayez &agrave; nouveau et contactez l'administrateur syst&egrave;me.</td>
+        </tr>
+        <tr>
+            <td>Si &egrave; verificato un errore nell'applicazione. Provi nuovamente e contatti l'amministratore di sistema.</td>
+        </tr>
+					</table>
+				</div>
+			</div>		
+		</main>
+        <footer id="footer" class="text-primary">
+            <div class="row small">
+                <div class="col-md-4 hidden-xs hidden-sm">Copyright &#169; 2023 NEVIS Security AG</div>
+                <div class="col-xs-12 col-md-4 text-center text-uppercase logo-round-container">
+                    <div class="logo-round center-block">
+                        <img src="/resources/logo.png" alt="NEVIS Security Suite">
+                    </div>
+                    <strong>NEVIS Security Suite</strong>
+                </div>
+            </div>
+        </footer>
+	</body>
+</html>    

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/host-test.ch/index.html

@@ -0,0 +1,50 @@
+<!DOCTYPE html>
+<html>
+	<head>
+		<title>Nevis - Welcome</title>
+		<meta charset="utf-8">
+        <link href="/resources/bootstrap.min.css" rel="stylesheet" type="text/css">
+        <link href="/resources/default.css" rel="stylesheet" type="text/css" media="all">
+        <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
+        <link rel="shortcut icon" type="image/x-icon" href="/favicon.ico">
+	</head>
+	<body>
+	    <br/><br/><br/><br/><br/><br/><br/><br/><br/>
+        <header id="header" class="container-fluid">
+            <img class="logo center-block" src="/resources/logo.png" alt="NEVIS Security Suite">
+        </header>
+		<main id="content" class="container">
+			<div id="loginform">
+				<h1 align="center">Welcome</h1>
+                <div align="center"><br>
+                    <br>
+                    <table border="0">
+                        <tr>
+                            <td>The application you selected was not found on this server.</td>
+                        </tr>
+                        <tr>
+                            <td>Die von Ihnen angew&auml;hlte Applikation existiert nicht auf diesem Server.</td>
+                        </tr>
+                        <tr>
+                            <td>L'application que vous avez s&eacute;lectionn&eacute;e n'existe pas sur ce serveur.</td>
+                        </tr>
+                        <tr>
+                            <td>L'applicazione che ha selezionato non &egrave; stata trovata su questo server.</td>
+                        </tr>
+                    </table>
+                </div>
+			</div>
+		</main>
+        <footer id="footer" class="text-primary">
+            <div class="row small">
+                <div class="col-md-4 hidden-xs hidden-sm">Copyright &#169; 2023 NEVIS Security AG</div>
+                <div class="col-xs-12 col-md-4 text-center text-uppercase logo-round-container">
+                    <div class="logo-round center-block">
+                        <img src="/resources/logo.png" alt="NEVIS Security Suite">
+                    </div>
+                    <strong>NEVIS Security Suite</strong>
+                </div>
+            </div>
+        </footer>
+	</body>
+</html>

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/host-test.ch/resources/default.css

@@ -0,0 +1,158 @@
+/********************************************************
+ * Layout
+ ********************************************************/
+
+html { /* magic to position footer */
+	position: relative;
+	min-height: 100%;
+}
+
+body {
+	margin-bottom: 76px; /* == footer height */
+}
+
+.container, .container-fluid {
+ 	padding-left: 36px;
+	padding-right: 36px;
+}
+
+nav {
+	min-height: 100px;
+	padding: 36px;
+}
+
+header {
+	margin-bottom: 16px; /* h1.logintitle adds 20px => 36px */
+}
+
+.container {
+ 	min-width: 260px;
+ 	max-width: 700px;
+}
+
+h1 {
+	margin-bottom: 100px;
+}
+
+footer {
+	width: 100%;
+	position: absolute;
+	bottom: 0;
+	padding: 0 36px;
+}
+
+img {
+	width: 100%;
+}
+
+/********************************************************
+ * Header
+ ********************************************************/
+
+header .logo {
+	width: 20%;
+	max-width: 124px;
+}
+
+/********************************************************
+ * Dropdown
+ ********************************************************/
+a.dropdown-toggle {
+	text-decoration: none;
+}
+
+a.dropdown-toggle:hover {
+	color: #00868C;
+	border-bottom: 3px solid #00868C;
+}
+
+.dropdown-menu {
+	padding: 5px 0;
+}
+
+.dropdown-menu li > a {
+	padding: 6px 28px;
+}
+
+.dropdown-menu a > .prefix {
+	display: inline-block;
+	min-width: 22px;
+	margin-right: 28px;
+	text-align: right;
+}
+
+/********************************************************
+ * Form
+ ********************************************************/
+
+/* Labels should not be bold */
+label {
+	font-weight: normal;
+}
+
+/* Make error messages bold */
+.has-error .help-block {
+	font-weight: bold;
+}
+
+/* Change button size, by default 116px in width */
+.btn {
+	min-width: 116px;
+	padding: 3px 12px;
+}
+
+/* Disable gradient in buttons, ughhhh */
+.btn.btn-primary {
+	border-color: transparent;
+	background-image: none;
+	text-shadow: none;
+	box-shadow: none;
+	-webkit-box-shadow: none;
+}
+
+.help-block a, .help-block a:visited {
+	color: #00868C;
+  font-weight: bold;
+  text-decoration: none;
+}
+
+.help-block a:hover {
+	color: #65B6B9;
+  text-decoration: underline;
+}
+
+/********************************************************
+ * Footer
+ ********************************************************/
+footer .row {
+	margin: 36px 0 0 0;
+	height: 40px;
+	padding-top: 14px;
+	line-height: 26px; /* to center text: height - padding-top = 26px */
+	border-top: 1px solid #00868c;
+}
+
+footer .row > div { /* Fix alignment between border + text on Bootstrap grid */
+	padding: 0;
+}
+
+footer .logo-round-container {
+	position: relative;
+}
+
+footer .logo-round {
+	position: absolute;
+	left: 0;
+	right: 0;
+	top: -33px; /* found visually with Chrome Dev Tools */
+	height: 36px;
+	width: 36px;
+	border: 1px solid #00868c;
+	border-radius: 18px;
+	background: #fff;
+	padding: 8px;
+}
+
+footer .logo-round > img {
+	display: block;
+}

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/run/restart.sh

@@ -0,0 +1,26 @@
+# determine instance name
+instance=$(basename $(dirname $(dirname "$0")))
+
+# remember position in journalctl for this unit
+cursor=$(journalctl -u nevisproxy@${instance} --show-cursor | tail -1 | cut -f2- -d:)
+
+# restart instance
+systemctl restart nevisproxy@${instance} -q
+
+# in case of failure print the journalctl starting from the cursor
+if [ $? != 0 ]; then
+  echo "" # new line for improved display
+  journalctl -u nevisproxy@${instance} -c $cursor
+  exit 1
+fi
+
+# perform additional checks
+/var/opt/nevisproxy/${instance}/run/status.sh
+
+# give up in case of failure
+if [ $? != 0 ]; then
+  exit 2
+fi
+
+# signal successful restart
+touch /etc/nevis/nevisproxy_${instance}.yml

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/run/status.sh

@@ -0,0 +1,28 @@
+#!/bin/sh
+
+EXIT_CODE=0
+
+# service at "http://0.0.0.0:11080"
+HC=`curl --insecure --silent --output /dev/null --write-out "%{http_code}" http://0.0.0.0:11080`
+CON=$?
+if [ "$CON" -ne 0 ]; then
+  echo "down: http://0.0.0.0:11080 (exit code $CON)"
+  EXIT_CODE=$CON
+else
+  echo "up: http://0.0.0.0:11080"
+fi
+
+# service at "https://0.0.0.0:8443"
+SSL=`echo | openssl s_client -connect 0.0.0.0:8443`
+HC=`curl --insecure --silent --output /dev/null --write-out "%{http_code}" https://0.0.0.0:8443`
+CON=$?
+if [[ $SSL = *"Acceptable client certificate CA names"* ]]; then
+  echo "skipped: https://0.0.0.0:8443"
+elif [ "$CON" -ne 0 ]; then
+  echo "down: https://0.0.0.0:8443 (exit code $CON)"
+  EXIT_CODE=$CON
+else
+  echo "up: https://0.0.0.0:8443"
+fi
+
+exit $EXIT_CODE