cookbook 'simplesamlphp', '~> 1.0.0'
simplesamlphp (1) Versions 1.0.0 Follow0
Installs/Configures simplesamlphp
cookbook 'simplesamlphp', '~> 1.0.0', :supermarket
knife supermarket install simplesamlphp
knife supermarket download simplesamlphp
simplesamlphp Cookbook
Installs and configures a SimpleSAMLphp Service Provider.
Requirements
Platforms
- Debian / Ubuntu and derivatives
Chef
- Chef 12.5+
Attributes
These attributes need to be populated:
- simplesamlphp['idp']['metadata']['url']
- url to your identity providers metadata
- simplesamlphp['sp']['entityid']
- entity id of the service provider
- simplesamlphp['sp']['contact']
- support contact email
These attributes should be changed:
- simplesamlphp['sp']['salt']
- salt string used by SimpleSAMLphp to generate a secure hash of a value.
Data Bags
This cookbook will look for the following data bag keys in the sp
data bag item within the simplesamlphp
data bag:
- cert
- generated certificate for SimpleSAMLphp environment
- idp-metadata
- remote metadata for identity provider
This cookbook will look for the following data bag keys in the sp-secrets
encrypted data bag item within the simplesamlphp
data bag:
- key
- generated private key for SimpleSAMLphp environment
- adminpw
- password for the admin web interface
Attributes
-
simplesamlphp['memcached']['enabled']
- defaults to true, php sessions will be used if this is disabled simplesamlphp['memcached']['search']['role']
- defaults to none, used to populate a list of memcache servers by searching nodes with the populated rolesimplesamlphp['installation']['path']
- defaults to /var/simplesamlphp, location of simplesamlphp installsimplesamlphp['templates']
- defaults to this cookbook, custom templates from another cookbook can be usedsimplesamlphp['version']
- defaults to 1.14.14, if changed the checksum will need to be updatedsimplesamlphp['source']['url']
- defaults to simplesamlphp github download urlsimplesamlphp['source']['checksum']
- defaults to checksum for 1.14.14simplesamlphp['saml20']['enabled']
- defaults to true, the only supported functionality right nowsimplesamlphp['idp']['metadata']['url']
- needs to be updated with your idp metadata urlsimplesamlphp['sp']['enabled']
- defaults to true, includes the service provider recipesimplesamlphp['sp']['entityid']
- needs to be updated with your service provider entityidsimplesamlphp['sp']['contact']
- needs to be updated with your support contact emailsimplesamlphp['sp']['salt']
- should be updated with a unique salt stringsimplesamlphp['sp']['privatekey']['data_bag']
- defaults tosimplesamlphp
simplesamlphp['sp']['privatekey']['path']
- defaults to cert directory within the simplesamlphp directorysimplesamlphp['sp']['certificate']['data_bag']
- defaults tosimplesamlphp
simplesamlphp['sp']['certificate']['path']
= defaults to cert directory within the simplesamlphp directorysimplesamlphp['sp']['attribute']['map']['custom']
- defaults to false, can be enabled to use custom attribute mapssimplesamlphp['sp']['idp-metadata']['path']
- defaults to metadata directory within the simplesamlphp directorysimplesamlphp['cookie']['name']['auth']
- defaults toSimpleSAMLAuthToken
simplesamlphp['cookie']['name']['session']
- defaults toSimpleSAMLSessionID
simplesamlphp['cookie']['name']['php']['session']
- defaults toSimpleSAMLPHPSessionID
simplesamlphp['cookie']['lifetime']['session']
- defaults to 0 which lets the cookie live until the browser is closed
Usage
This cookbook can be used to setup a SimpleSAMLphp Service Provider. The session cache will default to a local memcache instance on the server if the simplesamlphp['memcached']['search']['role']
attribute is
left as the default value.
Generate certificate
This cookbook requires data bags that contain a self signed certificate and key.
They can be generated the following command:
openssl req -newkey rsa:2048 -new -x509 -days 3652 -nodes -out saml.crt -keyout saml.pem
License and Authors
Author:: Dustin Lactin (dustin.lactin@gmail.com)
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Dependent cookbooks
memcached >= 0.0.0 |
Contingent cookbooks
There are no cookbooks that are contingent upon this one.
Collaborator Number Metric
1.0.0 failed this metric
Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.
Contributing File Metric
1.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
1.0.0 passed this metric
No Binaries Metric
1.0.0 passed this metric
Testing File Metric
1.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
1.0.0 passed this metric
1.0.0 failed this metric
1.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
1.0.0 passed this metric
No Binaries Metric
1.0.0 passed this metric
Testing File Metric
1.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
1.0.0 passed this metric
1.0.0 passed this metric
1.0.0 passed this metric
Testing File Metric
1.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
1.0.0 passed this metric
1.0.0 failed this metric
1.0.0 passed this metric