diff --git a/roles/zabbix/zabbix_server/tasks/install.yml b/roles/zabbix/zabbix_server/tasks/install.yml index 4f6099ac44..f1b758bbaf 100644 --- a/roles/zabbix/zabbix_server/tasks/install.yml +++ b/roles/zabbix/zabbix_server/tasks/install.yml @@ -66,7 +66,10 @@ - name: Install IDP certificate ansible.builtin.copy: - src: "{{ private }}/files/saml2/{{ env }}/keys/idp.crt" + content: "{{ lookup('ansible.builtin.file', + private + '/files/saml2/' + env + '/keys/idp.crt') + | regex_search('-----BEGIN CERTIFICATE-----\n[^-]*\n-----END CERTIFICATE-----', + multiline=True) }}\n" dest: /usr/share/zabbix/conf/certs/idp.crt mode: 0644 owner: nginx diff --git a/roles/zabbix/zabbix_server/templates/zabbix.conf.php.j2 b/roles/zabbix/zabbix_server/templates/zabbix.conf.php.j2 index def2d557c2..24d307fcf8 100644 --- a/roles/zabbix/zabbix_server/templates/zabbix.conf.php.j2 +++ b/roles/zabbix/zabbix_server/templates/zabbix.conf.php.j2 @@ -52,4 +52,4 @@ $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; //$SSO['SP_CERT'] = 'conf/certs/sp.crt'; //$SSO['IDP_CERT'] = 'conf/certs/idp.crt'; //$SSO['SETTINGS'] = []; -$SSO_SETTINGS=['strict' => false, 'baseurl' => "https://zabbix{{ env_suffix }}.fedoraproject.org", 'use_proxy_headers' => true] +$SSO['SETTINGS'] = ['strict' => false, 'baseurl' => "https://zabbix{{ env_suffix }}.fedoraproject.org", 'use_proxy_headers' => true];