Commit d77e58a9 authored by Scotty Logan's avatar Scotty Logan
Browse files

added signing certs

parent ff697040
-----BEGIN CERTIFICATE-----
MIIFzDCCA7QCCQCor0kez96IHDANBgkqhkiG9w0BAQsFADCBpzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCkNhbGlmb3JuaWExETAPBgNVBAcMCFN0YW5mb3JkMRwwGgYDVQQKDBNTdGFuZm9yZCBVbml2
ZXJzaXR5MTMwMQYDVQQLDCpBdXRoZW50aWNhdGlvbiBhbmQgQ29sbGFib3JhdGlvbiBTb2x1dGlv
bnMxHTAbBgNVBAMMFG1kLXNpZ24uc3RhbmZvcmQuZWR1MB4XDTE4MDQxOTE3NTY1OVoXDTM4MDQx
NDE3NTY1OVowgacxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhT
dGFuZm9yZDEcMBoGA1UECgwTU3RhbmZvcmQgVW5pdmVyc2l0eTEzMDEGA1UECwwqQXV0aGVudGlj
YXRpb24gYW5kIENvbGxhYm9yYXRpb24gU29sdXRpb25zMR0wGwYDVQQDDBRtZC1zaWduLnN0YW5m
b3JkLmVkdTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKck/v77Ztiz51ae/LwltW2i
DJpcs7MpKtRBoAQpE9rrSlqcytUPhXSCwhOmFaflsI9oQbC3L3rmMILUo9MbuYAa30drtFZZlCoX
4SS7VcFzbMJqeMyNcjKLtt/5OUe4JRax3tuVYacFNV5WsH8axHWEFEx3md1zWqy5ZjvIoBWcVNjb
9UkJ/cviQ+h/FA3QwtIbkBywuESlxpxXuzqkrMb8VZyl5PGEJYg0/JMG5JuD/GjlFPeEjsJzKOtz
bd3c8YZB8+f7ptipfBCTvyHTOQk+GoIWs4hPGA/0w3gCLWPsTdy11E3bZbbQrVCgQMqVAfVPnxD7
MR9gtHpnPW9fVBy5avB08FL1VmF61UDo2fTDAr6ZVGZMhk+uzc3ye8d11co6mE9SdOjOlQXtYMCV
/8BOlnuUNcVLSlvuI1x2HJOVIu1HvUnXZJZT9uXpETPuWyxBsHflLL8JQQYJAxZUy8AWDdaQDvaj
L1ZTQIzqTgBLqrxpUWVQf5s2Gjulu2kXEBGsE35iuYqRuWzprJcDleueNLQvSyvc7fqWxlCZkG9H
i1tG1BVSWiAVC3RQYhcQPsITDSvtYo5X/sIFZKOFcxYwR+qrpTCampnrsASlAdcqowRMdT2ySEdL
fj4NiiWWN6u6BKYsHlS2QlISOLMMXITBeC9gd4xI3VacBG7xHX4TAgMBAAEwDQYJKoZIhvcNAQEL
BQADggIBACNEUcRnNyxf4P/t1Sym2NPu+j1GRmSVU34I7BwoZ1Bw0iqJ5sG48bQccxt6CRdn28Fv
IZ5wAszpPiFE/x4h2OZXctYaPMfZso8Q0ugXTV9PgRrek5cMP8c3YVlQ5X1K/tMWEjCfyVzqylm3
2Nfy0wW2PRgGfsCNFaHfHqtElhOnwr1twzeH816Y1/ComnjkPk1PYhLuijY53NS93KcayiIIcyBg
I1qTpjbB88vSOwIqgtW34UoolemjJww6gOx1gG8FWpaN5j+9NSCwQw0zF0cITXkkhD9Kugm1G+AT
DM2RzDDyBPBaTjBcOK4eDXGe/nhHZs4+Iz/16hu67SiouKNN8Z/i/w0sjWYJIj4H8a23txPZRX8X
XvCc6ojfege89Sxq0Iw2dfoJUYYJkh5k+s/lBQze88Qlw83lbTbobtBmZbIp30yf5CKe7XW1DzuI
cfhngdzlXvShDsjQjCbxF5gw4ptRDafiXcY/mX/5ajw6DjvlwSBNN+CbOyne7xzWoaaGruLEziGu
baf8Xakm4oiEP4ziFe5b9QqqTBdjc4vsqj1SSuLxLLmYBSXWTSSXM7mja79eqy6d/uuZa2xVr+dS
QjJMNUoRcNdbgIHWZ1mu18p5/lwa2xx6uCmdZLszuvUqTphjMWTJXklrhwnkw/y0BjLpk0yiaNmK
mBMf1mPZ
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFnTCCA4WgAwIBAgIJANQI3uNWuFGIMA0GCSqGSIb3DQEBCwUAMGUxGjAYBgNV
BAMMEUlUIExhYiBTaWduYXR1cmVzMQ8wDQYDVQQLDAZJVCBMYWIxHDAaBgNVBAoM
E1N0YW5mb3JkIFVuaXZlcnNpdHkxCzAJBgNVBAgMAkNBMQswCQYDVQQGEwJVUzAe
Fw0xNzEyMDQxODQ0MzBaFw0zNzExMjkxODQ0MzBaMGUxGjAYBgNVBAMMEUlUIExh
YiBTaWduYXR1cmVzMQ8wDQYDVQQLDAZJVCBMYWIxHDAaBgNVBAoME1N0YW5mb3Jk
IFVuaXZlcnNpdHkxCzAJBgNVBAgMAkNBMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZI
hvcNAQEBBQADggIPADCCAgoCggIBAMA5MqFkMS6y0XaY4a4skDyNLz7BvUpSGtQU
Y4WNOkf14PnsoqsJyVhYI3F9p842tulgcoPSvkoxrX85WwB9e66Ua6WYvAC+fOn7
ZEQwO3UgFqykfEuK9gdG/m3YA9wStJ273oF7QZE0dsAdMu7jH5TyXyjSLxNXMFoz
2/Eh2d0m3+qy4xux251yZN62aXd39vMtSLp98KNi1FD5F68ddBaVv/bxoopqeYWu
Dn48Grt6qiihb1UhGPjPIBZ6TCwHyJ2ECF2S8WlRl6jX/B7OIIuflmseC3cWG2UE
8uLuHbbn3nJCrG6845/GcGPmwyxATQCe1Z0JiYwkW5M9EDC8pfQjuSONEcqjpMIi
4yHk25fyh7gadOGu3hBzCmya2dB4/xwBmEDQSJyuwrRO3eXNeVwObelkue79bYDV
EJqL3Oy+zfbc8PkpnBA9flEt8MLIEj9ISWyp6+6RZt/DhCF4bKw6LPnXt6D+p/vQ
7kxx2BWFIkqYbd9wB5B2mxZqfMiSd5mytGBJpuRzeddd24e7+Ro8TlQvuzHyYQGZ
+u5z+0QH0FrzuEXMPC9//NxhdyoQ5r9KIb1Ad62ki0zM8y6cNW9EuGkNn5J14XmO
51S/0bNwljwZwoxbZbEgeef48iM0bPJcpVwWwBJgFw9aIBV2sBCQ5Eyg05a7lRD8
EpqZAWzVAgMBAAGjUDBOMB0GA1UdDgQWBBQOhOj2pFsOilYK+Jq7TeDUZmx5rzAf
BgNVHSMEGDAWgBQOhOj2pFsOilYK+Jq7TeDUZmx5rzAMBgNVHRMEBTADAQH/MA0G
CSqGSIb3DQEBCwUAA4ICAQBaPnFylx3FBcmXQP+lz+pk8cKOHw3D9OoykarkGHS7
Z9+qYcnlpQTQLSTXCYBTX9Rx11653WIT7bE7vFFPkAQmyfaHtpLupx/YOUBwKhk1
Hhoi/3+rZa/qp5LyxZagxiNgcdFt5/Q5DGCLARw6liei7azAmpbwYDbTWnntjH6x
a+AaJZ8RAel6Zq2Rt+CoCufub79lQwdQs1XKwXXs5zPelKcofVyp+d2esgwQ51HO
PqeYNKqYbyxMtvt46nL4113JS2Kn3+dQygdp37nPjzbjY91P0cV0E9RcRfx+mFxf
LbjFcBKyuxll7dyY12pJbtZrq1BFJDh/zUAR/BohT/1hnJruB6uQVxECsk+eJN+u
2t6vLbEFeA3E675C0W2S1u/7ToCOpPLd+3cv91WBeaoBeXb6GZfpsX2ru0wtvRuW
mdowtvJldGKgWY5kpdNMGj01JAa0MTPdXMnzkvPCvSlDB50plU/WPdojLyIgjEoF
FwpBksmqQnu/N1ONCwJF00cfjd4SM6bzUkboZxMT8bfL44DP4AbM+jzqIsm0oNDb
Ct6Ccl9dieh6JCH6vdrs6FxulC4jVCoL11ZBkXxnAWrrtRbYLL7reDC3J6TPAhzX
qOKTBcgKNXNQjBDJgAtM8lk23POkoDd8GSw4pADv0TsLcpAQ9rhzbY3u1QpxintL
FQ==
-----END CERTIFICATE-----
......@@ -15,6 +15,7 @@
class shib_sp (
$apache_service_enable,
$apache_service_ensure,
$shib_dir,
$httpd_group,
$entity_id,
$support_email,
......@@ -45,8 +46,8 @@ class shib_sp (
apache::vhost { 'shib_sp':
port => 8080,
docroot => '/var/www',
docroot_owner => 'root',
docroot_group => 'www-data',
docroot_owner => 0,
docroot_group => $httpd_group,
docroot_mode => '0755',
servername => '${ENV_DOMAIN}', # lint:ignore:single_quote_string_with_variables
serveradmin => $support_email,
......@@ -98,37 +99,51 @@ class shib_sp (
source => "puppet:///modules/${module_name}/platform_env.conf",
}
file { '/etc/shibboleth/shibboleth2.xml':
file { "${shib_dir}/shibboleth2.xml":
ensure => file,
owner => 'root',
group => 'root',
owner => 0,
group => 0,
mode => '0644',
content => template("${module_name}/shibboleth2.xml.erb"),
require => Class['apache::mod::shib2'],
}
file { '/etc/shibboleth/attribute-map.xml':
file { "${shib_dir}/attribute-map.xml":
ensure => file,
owner => 'root',
group => 'root',
owner => 0,
group => 0,
mode => '0644',
source => "puppet:///modules/${module_name}/attribute-map.xml",
require => Class['apache::mod::shib2'],
}
file { '/etc/shibboleth/protocols.xml':
file { "${shib_dir}/protocols.xml":
ensure => file,
owner => 'root',
group => 'root',
owner => 0,
group => 0,
mode => '0644',
source => "puppet:///modules/${module_name}/protocols.xml",
require => Class['apache::mod::shib2'],
}
$signing_file = $idp ? {
'https://weblogin.itlab.stanford.edu/idp/shibboleth' => 'itlab-signing.pem',
default => 'idp-signing.pem',
}
file { "${shib_dir}/md-signing.pem":
ensure => file,
owner => 0
group => 0,
mode => '0644',
source => "puppet:///modules${module_name}/${signing_file}",
require => Class['apache::mod::shib2'],
}
file { '/start.sh':
ensure => file,
owner => 'root',
group => 'root',
owner => 0,
group => 0,
mode => '0755',
source => "puppet:///modules/${module_name}/start.sh",
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment