Commit 73fbf639 authored by Scotty Logan's avatar Scotty Logan
Browse files

simplified and cleaned up init.pp

parent 0b2b8c6e
......@@ -16,12 +16,10 @@ class shib_sp (
$apache_service_enable,
$apache_service_ensure,
$shib_dir,
$shibd_user,
$shibd_group,
$httpd_user,
$httpd_group,
$entity_id,
$support_email,
$idp,
$metadata_uri,
) {
# add the admin user to the www-data group
......@@ -51,7 +49,7 @@ class shib_sp (
docroot_group => $httpd_group,
docroot_mode => '0755',
servername => '${ENV_DOMAIN}', # lint:ignore:single_quote_string_with_variables
serveradmin => $support_email,
serveradmin => '${ADMIN_MAIL}', # lint:ignore:single_quote_string_with_variables
access_log_format => 'combined_elb',
access_log_file => 'stdout',
error_log_file => 'stdout',
......@@ -85,18 +83,32 @@ class shib_sp (
]:
ensure => directory,
owner => 'www-data',
group => 'www-data',
owner => $httpd_user,
group => $httpd_group,
mode => '0755',
require => Package['httpd'],
}
file {
[
'/var/log/shibboleth',
'/var/cache/shibboleth',
'/var/run/shibboleth',
]:
ensure => directory,
owner => $shibd_user,
group => $shibd_group,
mode => '0755',
require => Class['apache::mod::shib'],
}
## empty files for bind mounts
file {
[
"${shib_dir}/sp-cert.pem",
"${shib_dir}/sp-key.pem",
"${shib_dir}/shibboleth2.xml",
]:
ensure => file,
......@@ -106,53 +118,29 @@ class shib_sp (
require => Class['apache::mod::shib'],
}
file { '/etc/apache2/conf.d/platform_env.conf':
ensure => file,
owner => '0',
group => '0',
mode => '0644',
source => "puppet:///modules/${module_name}/platform_env.conf",
}
file { "${shib_dir}/shibboleth2.xml":
ensure => file,
owner => 0,
group => 0,
mode => '0644',
content => template("${module_name}/shibboleth2.xml.erb"),
require => Class['apache::mod::shib'],
}
file { "${shib_dir}/attribute-map.xml":
ensure => file,
owner => 0,
group => 0,
mode => '0644',
source => "puppet:///modules/${module_name}/attribute-map.xml",
require => Class['apache::mod::shib'],
}
file { "${shib_dir}/protocols.xml":
ensure => file,
owner => 0,
group => 0,
mode => '0644',
source => "puppet:///modules/${module_name}/protocols.xml",
require => Class['apache::mod::shib'],
}
$signing_file = $idp ? {
'https://weblogin.itlab.stanford.edu/idp/shibboleth' => 'itlab-signing.pem',
default => 'idp-signing.pem',
}
file { "${shib_dir}/md-signing.pem":
ensure => file,
owner => 0,
group => 0,
mode => '0644',
source => "puppet:///modules/${module_name}/${signing_file}",
require => Class['apache::mod::shib'],
$shib_conf_files = [
'platform_env.conf',
'attribute-map.xml',
'protocols.xml',
'idp-signing.pem',
'itlab-signing.pem',
]
$shib_conf_files.each | String $conf_file | {
if !defined(File[$conf_file]) {
file { $conf_file:
ensure => file,
path => "/etc/${shib_dir}/${conf_file}",
owner => '0',
group => '0',
mode => '0644',
source => "puppet:///modules/${module_name}/${conf_file}",
require => [
Class['apache::mod::shib'],
Package['httpd'],
],
}
}
}
file { '/start.sh':
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment