fixed build

4bebaf89 · Jupiter Hu · 3166a0c4 · 4bebaf89 · 4bebaf89 · 4bebaf89
Commit 4bebaf89 authored 9 years ago by Jupiter Hu
--- a/roles/karaage3.1.17/tasks/karaage.yml
+++ b/roles/karaage3.1.17/tasks/karaage.yml
@@ -98,19 +98,6 @@
 shell: cp -rvpf /root/karaage3.1.7/conf/karaage3-wsgi.conf /etc/httpd/conf.d/karaage3-wsgi.conf
 sudo: true
 when: ansible_os_family == "RedHat"
-
- name: "Enable shibboleth, should it be in shibboleth-sp role?"
- lineinfile: insertafter="{{ item.after }}" line="{{ item.line }}" dest=/etc/{% if ansible_os_family == 'RedHat'  %}httpd{% else %}apache2{% endif %}/conf-available/karaage3-wsgi.conf state=present
- with_items:
-   - { after: 'EOF', line: '<Location /karaage>' } 
-   - { after: '^<Location /karaage>', line: 'AuthType Shibboleth' }
-   - { after: '^AuthType Shibboleth', line: 'ShibRequireSession On' }
-   - { after: '^ShibRequireSession On', line: 'ShibUseHeaders On' }
-   - { after: '^ShibUseHeaders On', line: 'require valid-user' }
-   - { after: 'EOF', line: '</Location>' }
-#   - { after: '^require valid-user', line: '</Location>' }
- sudo: true
-
 -
 name: "Installing other packages Debian"
 apt: name={{ item }} update_cache=yes
@@ -189,3 +176,16 @@
 service: name=httpd state=reloaded
 sudo: true
 when: ansible_os_family == "RedHat"
+
+- 
+ name: "Enable shibboleth (ansible-galaxy install yaegashi.blockinfile)"
+ blockinfile:
+   dest: /etc/apache2/conf-available/karaage3-wsgi.conf
+   block: |
+     <Location /karaage>
+     AuthType Shibboleth
+     ShibRequireSession On
+     ShibUseHeaders On
+     require valid-user
+     </Location>
+
--- a/roles/ldapserver/tasks/main.yml
+++ b/roles/ldapserver/tasks/main.yml
@@ -83,6 +83,16 @@
  file: path={{ cacert | dirname }} state=directory owner={{ ldapuser }} group={{ ldapgroup }}
  sudo: true

+- name: make ldap certs dir
+  file: path={{ ldapCertDir }} state=directory owner={{ ldapuser }} group={{ ldapgroup }}
+  sudo: true
+  when: ldapCertDir is defined
+
+- name: make ldap private dir
+  file: path={{ ldapPrivateDir }} state=directory owner={{ ldapuser }} group={{ ldapgroup }}
+  sudo: true
+  when: ldapPrivateDir is defined
+
 # Change to remove easy-rsa and to use fixed key and certs
 - name: copy fixed keys and certs from files directory
  template: src=files/{{ item.src }} dest="{{ item.dest }}" mode={{ item.mode }} owner=root group=root

--- a/roles/shibboleth-sp/tasks/shibbolethConfig.yml
+++ b/roles/shibboleth-sp/tasks/shibbolethConfig.yml
@@ -101,7 +101,7 @@
  file: path=/etc/shibboleth/private, state=directory, mode=700, owner=_shibd
  sudo: true

- name: copy shib key:
+- name: copy shib key
  sudo: true
  copy: src=files/{{ shib_key }} dest=/etc/shibboleth/private/{{ shib_key }} owner=_shibd, mode=600

@@ -109,7 +109,7 @@
  file: path=/etc/shibboleth/certs, state=directory, mode=755, owner=_shibd
  sudo: true

- name: copy shib cert:
+- name: copy shib cert
  sudo: true
  copy: src=files/{{ shib_cert }} dest=/etc/shibboleth/certs/{{ shib_cert }} owner=_shibd, mode=644


--- a/roles/shibboleth-sp/templates/attribute-map.xml.j2
+++ b/roles/shibboleth-sp/templates/attribute-map.xml.j2
@@ -149,5 +149,6 @@
    <Attribute name="urn:oid:2.5.4.15" id="businessCategory"/>
    <Attribute name="urn:oid:2.5.4.19" id="physicalDeliveryOfficeName"/>
    -->
-
+    <Attribute name="urn:mace:dir:attribute-def:auEduPersonSharedToken" id="auEduPersonSharedToken"/>
+    <Attribute name="urn:oid:1.3.6.1.4.1.27856.1.2.5" id="auEduPersonSharedToken"/>
 </Attributes>