diff --git a/.gitignore b/.gitignore
index 9ceecccd3893a2881311259929f7f1164800f065..94aad02c65e3f97b8ca93facab2cf2891f76aa9e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,3 @@
inventory/group_vars/geodns.yml
+inventory/group_vars/mdsigner.yml
.ssh/id_*
diff --git a/inventory/group_vars/all.yml b/inventory/group_vars/all.yml
index a82eac0b860a7f7fa508a48d51a0ee5f1abb0720..cae20cfc81a9040b7111ac8dbfa6b2ab79f17528 100644
--- a/inventory/group_vars/all.yml
+++ b/inventory/group_vars/all.yml
@@ -7,11 +7,6 @@ hosts:
hostname: srv1
altname: 'server-md2.et2.com'
- mdsigner:
- test:
- signer: hsm_signer
- metadir: metadata/test
-
mdproxy:
test:
signer: 'http://localhost:5001'
@@ -24,11 +19,6 @@ hosts:
hostname: srv2
altname: 'server-md2.et2.com'
- mdsigner:
- edugain:
- signer: hsm_signer
- metadir: metadata/edugain
-
mdproxy:
test:
signer: 'http://srv1-signer.srv.mdx.incubator.geant.org'
@@ -50,11 +40,6 @@ hosts:
hostname: srv4
altname: 'server-md.example.com'
- mdsigner:
- foobar:
- signer: normal_signer
- metadir: metadata/test
-
mdproxy:
edugain:
signer: 'http://srv2-signer.srv.mdx.incubator.geant.org'
diff --git a/inventory/group_vars/mdsigner.yml.example b/inventory/group_vars/mdsigner.yml.example
new file mode 100644
index 0000000000000000000000000000000000000000..5f9e0a84b56ed238a52bbcec1f8ad0a9f7d126ad
--- /dev/null
+++ b/inventory/group_vars/mdsigner.yml.example
@@ -0,0 +1,27 @@
+---
+
+hosts:
+ et2:
+ mdsigner:
+ test:
+ signer:
+ name: hsm_signer
+ key_spec: pkcs11:///usr/lib/softhsm/libsofthsm2.so/test?pin=secret
+ metadir: metadata/test
+
+ mdxcdn:
+ mdsigner:
+ edugain:
+ signer:
+ name: hsm_signer
+ key_spec: pkcs11:///usr/lib/softhsm/libsofthsm2.so/test?pin=secret
+ metadir: metadata/edugain
+
+ alternative-mdx:
+ mdsigner:
+ foobar:
+ signer:
+ name: normal_signer
+ key_spec: "meta.key"
+ cert_spec: "meta.crt"
+ metadir: metadata/test