DevOps: Ansible LDAP/Shibboleth Role Release
- 1. Meraka Institute, CSIR
- 2. INFN, Catania division
- 3. University of Johanesburg
- 4. AUTH-SCC, Greec
Description
Pre-release v0.0.3
In this release, we have new functionality for deploying a fully-integrated Shibboleth identity provider, along with LDAP backend. The `idp-ldap.yml` playbook configures both services, and delpoys the web frontend for the Shibboleth IDP on the identity provider.
New Functionality
The playbooks support RedHat 6 clones (CentOS) and Debian 6 (including Ubuntu). Variables for these OSs can be found in `group_vars/{{ ansible_os_family }}.yml`
New functionality with respect to the previous version includes:
1. Shibboleth Identity provider deployment
2. LDAP integration with IdP
3. Web frontend (IDPPublic) deployment and integration
New Ansible Roles
New Ansible roles have been developed and included in this release
1. fmarco76.tomcat : provisions the tomcat instance for Shibboleth.
1. fmarco76.firewall : applies the correct iptables for the site services
1. fmarco76.IDPPublic : deployes the web mnanagement interface
1. shibboleth-idp : provisions the Shibboleth identity provider
Using this release
The `idp-ldap.yml` playbook will configure the services at your site, on hosts defined in your inventory. You need to specify certain site-specific variables along with the inventory :
```
---
server_country:
server_state:
server_location:
server_organization:
organisation:
mail_contact:
useradmin_password:
ldap_server:
```
These are used to configure the ldap and shibboleth integration.
Testing and Feedback
This has been tested against the dev site at INFN Catania and the ZAMREN site in Zambia. Please open tickets if there are any issues.
Files
DevOps-v0.0.3.zip
Files
(934.9 kB)
| Name | Size | Download all |
|---|---|---|
|
md5:53a81c48e690abd44ea85737cdcbee47
|
934.9 kB | Preview Download |
Additional details
Related works
- Is supplement to
- https://github.com/AAROC/DevOps/tree/v0.0.3 (URL)