Skip to content

C
configuration
Commit ff86673d by Carson Gee
Options

Update to shibboleth role and allow changing the template directory

parent 1b7067c1
Showing with 5 additions and 19 deletions
playbooks/roles/shibboleth/defaults/main.yml
......@@ -8,3 +8,4 @@ shib:
YOU NEED TO GENERATE A REAL KEY HERE USING OPENSSL
sp_pem: |
THE CORRESPONDING CERTIFICATE PEM GOES HERE
shib_template_path: '.'
playbooks/roles/shibboleth/tasks/main.yml
......@@ -10,21 +10,12 @@
- libapache2-mod-shib2
- opensaml2-tools
notify: restart shibd
tags:
- shib
- install
- name: Creates /etc/shibboleth/metadata directory
file: path=/etc/shibboleth/metadata state=directory mode=2774 group=_shibd owner=_shibd
tags:
- shib
- install
- name: Downloads metadata into metadata directory as backup
get_url: url=https://idp.stanford.edu/Stanford-metadata.xml dest=/etc/shibboleth/metadata/idp-metadata.xml mode=0640 group=_shibd owner=_shibd
tags:
- shib
- install
- name: writes out key and pem file
template: src=sp.{{item}}.j2 dest=/etc/shibboleth/sp.{{item}} group=_shibd owner=_shibd mode=0600
......@@ -32,24 +23,15 @@
- key
- pem
notify: restart shibd
tags:
- shib
- install
- name: writes out configuration files
template: src={{item}}.j2 dest=/etc/shibboleth/{{item}} group=_shibd owner=_shibd mode=0644
template: src={{ shib_template_dir }}/{{item}}.j2 dest=/etc/shibboleth/{{item}} group=_shibd owner=_shibd mode=0644
with_items:
- attribute-map.xml
- shibboleth2.xml
notify: restart shibd
tags:
- shib
- install
- name: enables shib
command: a2enmod shib2
notify: restart shibd
tags:
- shib
- install
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment