# If the datasealer file is not present, run datasealer_update.pl so it # gets created. class shibb_idp3::datasealer { # The datasealer_update.pl script is in the stanford-shibbolethidp3-tool # package. package { 'stanford-shibbolethidp3-tools': ensure => installed, require => Package['shibboleth-identity-provider'], } # We need the datasealer master/slave configuration file. file { '/etc/shibboleth-idp/dist-datasealer.conf': content => template('shibb_idp3/etc/shibboleth-idp/dist-datasealer.conf.erb'), require => Package['stanford-shibbolethidp3-tools'], } include shibb_idp3::root_k5login # Run this command only if the sealer file does NOT exist. This will # create the datasealer JKS file. exec { 'create_datasealer_file': command => 'datasealer-admin update', path => ['/usr/bin', '/usr/sbin'], creates => '/opt/shibboleth-idp/credentials/sealer.jks', require => [ Package['stanford-shibbolethidp3-tools'], Package['shibboleth-identity-provider'], File['/etc/shibboleth-idp/dist-datasealer.conf'], File['/etc/shibboleth-idp/conf/idp.properties'], ], } }