{% set roles = salt['grains.get']('roles', []) %}
ipsilon_wellknown_dir:
file.directory:
- name: /etc/ipsilon/wellknown
- mode: 755
- user: ipsilon
ipsilon_saml2_dir:
file.directory:
- name: /etc/ipsilon/saml2
- mode: 700
- user: ipsilon
ipsilon_configuration_file:
file.managed:
- name: /etc/ipsilon/configuration.conf
- source: salt://profile/identification/files/configuration.conf
- template: jinja
- mode: 600
- require_in:
- service: id_apache_service
- watch_in:
- module: id_apache_restart
ipsilon_conf_file:
file.managed:
- name: /etc/ipsilon/ipsilon.conf
- source: salt://profile/identification/files/ipsilon.conf
- template: jinja
- mode: 600
- require_in:
- service: id_apache_service
- watch_in:
- module: id_apache_restart
/etc/ipsilon/ipsilon.conf:
file.symlink:
- target: /var/lib/ipsilon/ipsilon.conf
ipsilon_oidc_conf_file:
file.managed:
- name: /etc/ipsilon/openidc.static.cfg
- source: salt://profile/identification/files/openidc.static.cfg
- template: jinja
- mode: 600
- require_in:
- service: id_apache_service
- watch_in:
- module: id_apache_restart
/etc/ipsilon/persona.key:
file.managed:
- contents_pillar: profile:matrix:persona_priv_key
- mode: 600
- user: ipsilon
/etc/ipsilon/wellknown/browserid:
file.managed:
- contents_pillar: profile:matrix:persona_pub_key
- mode: 644
- user: ipsilon
/etc/ipsilon/openidc.key:
file.managed:
- contents_pillar: profile:matrix:openidc_priv_key
- mode: 600
- user: ipsilon
/etc/ipsilon/saml2/idp.key:
file.managed:
- contents_pillar: profile:matrix:saml2_priv_key
- mode: 600
- user: ipsilon
/etc/ipsilon/saml2/idp.crt:
file.managed:
- contents_pillar: profile:matrix:saml2_pub_key
- mode: 644
- user: ipsilon