Skip to content
Snippets Groups Projects
config.pp 2.56 KiB
Newer Older
Adam Lewenberg's avatar
Adam Lewenberg committed
class shibb_idp3::config {

Adam Lewenberg's avatar
Adam Lewenberg committed
  # idp.properties file
  include shibb_idp3::config::idp_properties
Adam Lewenberg's avatar
Adam Lewenberg committed

Adam Lewenberg's avatar
Adam Lewenberg committed
  # 1. web.xml: custom version contains TwoStepRemoteUser definition.
  file { '/opt/shibboleth-idp/webapp/WEB-INF/web.xml':
    ensure  => present,
    content => template('shibb_idp3/opt/shibboleth-idp/webapp/WEB-INF/web.xml.erb'),
    mode    => '0644',
  }
Adam Lewenberg's avatar
Adam Lewenberg committed

  # 1. metadata-providers.xml: points to all our SP metadata.
  file { '/etc/shibboleth-idp/conf/metadata-providers.xml':
    ensure  => present,
    content => template('shibb_idp3/etc/shibboleth-idp/conf/metadata-providers.xml.erb'),
    mode    => '0644',
  }
Adam Lewenberg's avatar
Adam Lewenberg committed

  # 2. access-control.xml: allow access to status page
  file { '/etc/shibboleth-idp/conf/access-control.xml':
    ensure  => present,
    content => template('shibb_idp3/etc/shibboleth-idp/conf/access-control.xml.erb'),
    mode    => '0644',
  }

Adam Lewenberg's avatar
Adam Lewenberg committed
  # 3. logback.xml: log-level settings
  file { '/etc/shibboleth-idp/conf/logback.xml':
    ensure  => present,
    content => template('shibb_idp3/etc/shibboleth-idp/conf/logback.xml.erb'),
    mode    => '0644',
  }

Adam Lewenberg's avatar
Adam Lewenberg committed

  # 3. saml-nameid.xml
  file { '/etc/shibboleth-idp/conf/saml-nameid.properties':
    ensure  => present,
    content => template('shibb_idp3/etc/shibboleth-idp/conf/saml-nameid.properties.erb'),
    mode    => '0644',
  }

  #### FLOWS

  # general-authn.xml: some customizations
Adam Lewenberg's avatar
Adam Lewenberg committed
  file { '/etc/shibboleth-idp/conf/authn/general-authn.xml':
    ensure  => present,
    content => template('shibb_idp3/etc/shibboleth-idp/conf/authn/general-authn.xml.erb'),
    mode    => '0644',
Adam Lewenberg's avatar
Adam Lewenberg committed
    owner   => 'tomcat8',
    group   => 'tomcat8',
Adam Lewenberg's avatar
Adam Lewenberg committed
  }

Adam Lewenberg's avatar
Adam Lewenberg committed
  file { '/etc/shibboleth-idp/conf/authn/twostepremoteuser-authn-config.xml':
Adam Lewenberg's avatar
Adam Lewenberg committed
    ensure  => present,
Adam Lewenberg's avatar
Adam Lewenberg committed
    source  => 'puppet:///modules/shibb_idp3/etc/shibboleth-idp/conf/authn/twostepremoteuser-authn-config.xml',
    mode    => '0644',
    owner   => 'tomcat8',
    group   => 'tomcat8',
  }

  #   twostepremoteuser-authn-flow.xml
Adam Lewenberg's avatar
Adam Lewenberg committed
  file { '/opt/shibboleth-idp/flows/authn/TwoStepRemoteUser/twostepremoteuser-authn-beans.xml':
Adam Lewenberg's avatar
Adam Lewenberg committed
    ensure  => present,
Adam Lewenberg's avatar
Adam Lewenberg committed
    source  => 'puppet:///modules/shibb_idp3/opt/shibboleth-idp/flows/authn/TwoStepRemoteUser/twostepremoteuser-authn-beans.xml',
Adam Lewenberg's avatar
Adam Lewenberg committed
    mode    => '0644',
Adam Lewenberg's avatar
Adam Lewenberg committed
    owner   => 'tomcat8',
    group   => 'tomcat8',
Adam Lewenberg's avatar
Adam Lewenberg committed
  }

Adam Lewenberg's avatar
Adam Lewenberg committed
  file { '/opt/shibboleth-idp/flows/authn/TwoStepRemoteUser/twostepremoteuser-authn-flow.xml':
Adam Lewenberg's avatar
Adam Lewenberg committed
    ensure  => present,
Adam Lewenberg's avatar
Adam Lewenberg committed
    source  => 'puppet:///modules/shibb_idp3/opt/shibboleth-idp/flows/authn/TwoStepRemoteUser/twostepremoteuser-authn-flow.xml',
Adam Lewenberg's avatar
Adam Lewenberg committed
    mode    => '0644',
    owner   => 'tomcat8',
    group   => 'tomcat8',
  }



Adam Lewenberg's avatar
Adam Lewenberg committed
}