infrastructure/ansible
1
0
Fork 0
Code Pull requests 7 Activity Actions

Fix saml2 file locations in Ipsilon

Browse source 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
This commit is contained in:
Patrick Uiterwijk 2020-12-01 10:15:48 +01:00
parent f92f0b3725
commit a07e65afdc
1 changed files with 8 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

13
roles/ipsilon/templates/configuration.conf
View file

@ -74,16 +74,19 @@ openid default attribute mapping=[["*", "*"], ["_groups", "groups"], [["_extras"
openid default attribute mapping=[["*", "*"], ["timezone", "zoneinfo"], ["_groups", "groups"], [["_extras", "cla"], "cla"], ["fullname", "name"], ["_username", "preferred_username"]]
{% endif %}
saml2 idp metadata file=metadata.xml
{% if env == 'staging' %}
saml2 idp metadata file=metadata.xml
saml2 idp storage path=/etc/ipsilon/root/saml2
saml2 idp nameid salt={{ ipsilon_stg_saml2_nameid_salt }}
{% else %}
saml2 idp storage path=/etc/ipsilon/saml2
saml2 idp nameid salt={{ ipsilon_saml2_nameid_salt }}
{% endif %}
saml2 idp certificate file=idp.crt
saml2 idp key file=idp.key
{% else %}
saml2 idp metadata file=/httpdir/metadata.xml
saml2 idp storage path=/etc/ipsilon
saml2 idp nameid salt={{ ipsilon_saml2_nameid_salt }}
saml2 idp certificate file=saml2_idp.crt
saml2 idp key file=saml2_idp.key
{% endif %}
saml2 allow self registration=False
saml2 default nameid=transient
saml2 default email domain=fedoraproject.org