ansible-role-sso/tasks/hydra-saml.yml
pcaseiro 806e30489f Using hostname for entity_id instead of haproxy_public_url (#8)
Co-authored-by: Philippe Caseiro <pcaseiro@cadoles.com>
Reviewed-on: #8
Co-authored-by: pcaseiro <pcaseiro@cadoles.com>
Co-committed-by: pcaseiro <pcaseiro@cadoles.com>
2023-02-10 09:39:43 +01:00

63 lines
1.8 KiB
YAML

---
- name: Install cadoles-pod-hydra-remote-user-v1 package
ansible.builtin.apt:
name:
- "cadoles-pod-shibboleth-sp-v3={{ cadoles_pod_shibboleth_sp_v3_package_version }}"
- "cadoles-pod-hydra-remote-user-v1={{ cadoles_pod_hydra_remote_user_v1_package_version }}"
update_cache: yes
state: present
become: true
- name: Configure cadoles-pod-hydra-remote-user-v1
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "{{ item.mode }}"
with_items:
- src: cadoles-pod-hydra-remote-user-v1.conf.j2
dest: /etc/cadoles-pod-hydra-remote-user-v1.conf
mode: u=rw,g=r
- src: hydra-remote-user.yml.j2
dest: /etc/hydra-remote-user/conf.d/remote-user.yml
mode: u=rw,g=r,o=r
notify:
- Restart cadoles-pod-hydra-remote-user-v1
become: true
- name: Configure cadoles-pod-hydra-remote-user-v1 (2)
ansible.builtin.copy:
src: hydra-remote-user-v1-apache.conf
dest: /etc/hydra-remote-user/apache.conf
notify:
- Restart cadoles-pod-hydra-remote-user-v1
become: true
- name: Create cadoles-pod-shibboleth-sp-v3 expected directories
file:
name: "{{ item }}"
state: directory
with_items:
- /etc/shibboleth
- /etc/shibboleth/credentials
become: true
- name: Configure cadoles-pod-shibboleth-sp-v3
ansible.builtin.template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "{{ item.mode }}"
with_items:
- src: cadoles-pod-shibboleth-sp-v3.conf.j2
dest: /etc/cadoles-pod-shibboleth-sp-v3.conf
mode: u=rw,g=r,o=r
- src: shibboleth-attribute-map.inc.xml.j2
dest: /etc/shibboleth/attribute-map.inc.xml
mode: u=rw,g=r,o=r
- src: shibboleth-attribute-policy.inc.xml.j2
dest: /etc/shibboleth/attribute-policy.inc.xml
mode: u=rw,g=r,o=r
notify:
- Restart cadoles-pod-shibboleth-sp-v3
become: true