Made downloading metadata optional and the URL configurable

9353423b · Carson Gee · ff86673d · 9353423b · 9353423b
Commit 9353423b authored Mar 12, 2014 by Carson Gee
Hide whitespace changes
Inline Side-by-side

Showing with 9 additions and 1 deletions

playbooks/roles/shibboleth/defaults/main.yml
+2 -0

playbooks/roles/shibboleth/tasks/main.yml
+7 -1

No files found.
--- a/playbooks/roles/shibboleth/defaults/main.yml
+++ b/playbooks/roles/shibboleth/defaults/main.yml
@@ -9,3 +9,5 @@ shib:
  sp_pem: |
    THE CORRESPONDING CERTIFICATE PEM GOES HERE
 shib_template_path: '.'
+shib_metadata_backup_url: "https://idp.stanford.edu/Stanford-metadata.xml"
+shib_download_metadata: true
--- a/playbooks/roles/shibboleth/tasks/main.yml
+++ b/playbooks/roles/shibboleth/tasks/main.yml
@@ -15,7 +15,13 @@
  file: path=/etc/shibboleth/metadata state=directory mode=2774 group=_shibd owner=_shibd

 - name: Downloads metadata into metadata directory as backup
-  get_url: url=https://idp.stanford.edu/Stanford-metadata.xml dest=/etc/shibboleth/metadata/idp-metadata.xml mode=0640 group=_shibd owner=_shibd
+  get_url: >
+    url={{ shib_metadata_backup_url }}
+    dest=/etc/shibboleth/metadata/idp-metadata.xml
+    mode=0640
+    group=_shibd
+    owner=_shibd
+  when: shib_download_metadata

 - name: writes out key and pem file
  template: src=sp.{{item}}.j2 dest=/etc/shibboleth/sp.{{item}}  group=_shibd owner=_shibd mode=0600