Skip to content
Snippets Groups Projects
datasealer.pp 1.21 KiB
Newer Older
Adam Lewenberg's avatar
Adam Lewenberg committed
# If the datasealer file is not present, run datasealer_update.pl so it
# gets created.

class shibb_idp3::datasealer {

  # The datasealer_update.pl script is in the stanford-shibbolethidp3-tool
  # package.
  package { 'stanford-shibbolethidp3-tools':
    ensure  => installed,
    require => Package['shibboleth-identity-provider'],
  }

Adam Lewenberg's avatar
Adam Lewenberg committed
  # We need the datasealer master/slave configuration file.
  file { '/etc/shibboleth-idp/dist-datasealer.conf':
    source  => "puppet:///modules/shibb_idp3/etc/shibboleth-idp/dist-datasealer.conf.${shibb_idp3::env}",
    require => Package['stanford-shibbolethidp3-tools'],
  }

Adam Lewenberg's avatar
Adam Lewenberg committed
  include shibb_idp3::root_k5login
Adam Lewenberg's avatar
Adam Lewenberg committed

Adam Lewenberg's avatar
Adam Lewenberg committed
  # Run this command only if the sealer file does NOT exist. This will
  # create the datasealer JKS file.
Adam Lewenberg's avatar
Adam Lewenberg committed
  exec { 'create_datasealer_file':
Adam Lewenberg's avatar
Adam Lewenberg committed
    command => 'datasealer-admin update',
Adam Lewenberg's avatar
Adam Lewenberg committed
    path    => ['/usr/bin', '/usr/sbin'],
Adam Lewenberg's avatar
Adam Lewenberg committed
    creates => '/opt/shibboleth-idp/credentials/sealer.jks',
Adam Lewenberg's avatar
Adam Lewenberg committed
    require => [
                 Package['stanford-shibbolethidp3-tools'],
Adam Lewenberg's avatar
Adam Lewenberg committed
                 Package['shibboleth-identity-provider'],
Adam Lewenberg's avatar
Adam Lewenberg committed
                 File['/etc/shibboleth-idp/dist-datasealer.conf'],
Adam Lewenberg's avatar
Adam Lewenberg committed
                 File['/etc/shibboleth-idp/conf/idp.properties'],
               ],
  }

}