2022-08-16 15:28:29 +02:00
|
|
|
# {{ ansible_managed }}
|
2022-07-19 14:26:08 +02:00
|
|
|
PODMAN_ARGS="\
|
|
|
|
|
-p 127.0.0.1:3002:80 \
|
|
|
|
|
--network=slirp4netns:allow_host_loopback=true \
|
|
|
|
|
--replace --name 'cadoles-pod-shibboleth-sp-v3' \
|
2022-08-04 13:49:15 +02:00
|
|
|
--tz=local \
|
2022-07-21 14:19:23 +02:00
|
|
|
-e 'SP_ENTITY_ID={{ haproxy_public_base_url }}{{ haproxy_hydra_saml_base_path }}' \
|
2022-08-03 21:06:02 +02:00
|
|
|
-e 'SP_LOG_LEVEL={{ hydra_saml_sp_log_level }}' \
|
2022-07-19 14:26:08 +02:00
|
|
|
-e 'IDP_ENTITY_ID={{ hydra_saml_idp_entity_id }}' \
|
|
|
|
|
-e 'IDP_METADATA_URL={{ hydra_saml_idp_metadata_url }}' \
|
|
|
|
|
-e 'APACHE_BACKEND_URL=http://10.0.2.2:3003' \
|
2022-07-21 14:19:23 +02:00
|
|
|
-e 'APACHE_FORCE_HTTPS={{ "true" if haproxy_public_base_url.startswith('https') else "false" }}' \
|
|
|
|
|
-e 'SP_HANDLER_BASE_PATH={{ haproxy_hydra_saml_base_path }}' \
|
2022-07-27 17:58:22 +02:00
|
|
|
-e 'SP_SESSIONS_REDIRECT_LIMIT=host+allow' \
|
|
|
|
|
-e 'SP_SESSIONS_REDIRECT_ALLOW={{ hydra_saml_allowed_redirects | join(',') }}' \
|
2022-08-03 21:06:02 +02:00
|
|
|
-e 'SP_INCLUDE_DEFAULT_ATTRIBUTES_MAPPING={{ hydra_saml_include_sp_default_attributes_mapping }}' \
|
|
|
|
|
-e 'SP_INCLUDE_DEFAULT_ATTRIBUTES_POLICY={{ hydra_saml_include_sp_default_attributes_policy }}' \
|
2022-07-19 14:26:08 +02:00
|
|
|
-v '/etc/shibboleth/attribute-map.inc.xml:/etc/shibboleth/attribute-map.inc.xml' \
|
2022-08-03 21:06:02 +02:00
|
|
|
-v '/etc/shibboleth/attribute-policy.inc.xml:/etc/shibboleth/attribute-policy.inc.xml' \
|
2022-07-19 14:26:08 +02:00
|
|
|
-v '/etc/shibboleth/credentials:/etc/shibboleth/credentials' \
|
|
|
|
|
"
|
