datasealer.pp

# If the datasealer file is not present, run datasealer_update.pl so it
# gets created.

class shibb_idp3::datasealer {

  # The datasealer_update.pl script is in the stanford-shibbolethidp3-tool
  # package.
  package { 'stanford-shibbolethidp3-tools':
    ensure  => installed,
    require => Package['shibboleth-identity-provider'],
  }

  include shibb_idp3::root_k5login

  # Run this command only if the sealer file does NOT exist.
  exec { 'create_datasealer_file':
    command => 'datasealer_update',
    path    => ['/usr/bin', '/usr/sbin'],
    creates => '/opt/shibboleth-idp/credentials/sealer.jks',
    require => [
                 Package['stanford-shibbolethidp3-tools'],
                 File['/etc/shibboleth-idp/conf/idp.properties'],
               ],
  }

}