From 6c8b6a92b0ea80a367d2c32d5ebbaf5e9d6a732a Mon Sep 17 00:00:00 2001 From: Chad Redman Date: Tue, 8 Oct 2024 18:28:51 -0400 Subject: [PATCH] Build for v5.13.0 (Rocky 9) --- base/Dockerfile | 21 ++++++++++++--------- base/container_files/repos/shibboleth.repo | 5 ++--- 2 files changed, 14 insertions(+), 12 deletions(-) diff --git a/base/Dockerfile b/base/Dockerfile index 7d9d9a1..db0cb80 100644 --- a/base/Dockerfile +++ b/base/Dockerfile @@ -3,7 +3,7 @@ FROM i2incommon/shib-idp:4.3.3_20240715_rocky8_multiarch AS idp #FROM i2incommon/grouper:4.10.2 as grouper4 # Grouper version for the entire GTE -FROM i2incommon/grouper:5.11.2 +FROM i2incommon/grouper:5.13.0 # Disable docker HEALTHCHECK inherited from tier/shib-sp HEALTHCHECK NONE @@ -26,24 +26,27 @@ COPY container_files/repos/shibboleth.repo /etc/yum.repos.d/security:shibboleth. # Add postgres (list available versions with `dnf module list postgresql`) # Ref: https://www.baeldung.com/ops/postgresql-docker-setup # Ref: https://www.digitalocean.com/community/tutorials/how-to-install-and-use-postgresql-on-rocky-linux-8 -RUN dnf install -y nano nc openldap-clients httpd mod_ssl https://archive.fedoraproject.org/pub/archive/epel/8.7/Everything/x86_64/Packages/p/phpldapadmin-1.2.6.3-1.el8.noarch.rpm \ +RUN dnf install -y nano nc openldap-clients httpd mod_ssl https://archive.fedoraproject.org/pub/archive/epel/9.3/Everything/x86_64/Packages/p/phpldapadmin-1.2.6.6-1.el9.noarch.rpm \ + && dnf module -y enable postgresql:15 \ + && dnf install -y postgresql-server postgresql-contrib \ && dnf install -y 'dnf-command(config-manager)' \ - && dnf config-manager --set-enabled powertools \ + && dnf config-manager --set-enabled plus \ && dnf install -y openldap-servers \ && dnf install -y --setopt=tsflags=nodocs epel-release \ && dnf install -y supervisor \ - && dnf install -y shibboleth-3.4.1 \ - && dnf module -y enable postgresql:15 \ - && dnf install -y postgresql-server postgresql-contrib + && dnf install -y shibboleth-3.4.1 +# notes: +# list availables repos: `dnf repolist all` # Init ldap and add basic schemas and OU's COPY container_files/ldap/ /tmp/base/ldap/ -RUN cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG \ - && mkdir -p /var/ldap/example \ - && chown -R ldap:ldap /var/lib/ldap /etc/openldap/slapd.d /var/ldap \ +# cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG \ +# && mkdir -p /var/ldap/example \ +# && chown -R ldap:ldap /var/lib/ldap /etc/openldap/slapd.d /var/ldap +RUN chown -R ldap:ldap /var/lib/ldap /etc/openldap/slapd.d \ && (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \ && while ! nc -z localhost 389 > /dev/null; do echo waiting for ldap to start; sleep 1; done \ && ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/base/ldap/domain.ldif \ diff --git a/base/container_files/repos/shibboleth.repo b/base/container_files/repos/shibboleth.repo index 65cdd34..509af03 100644 --- a/base/container_files/repos/shibboleth.repo +++ b/base/container_files/repos/shibboleth.repo @@ -1,10 +1,9 @@ [shibboleth] -name=Shibboleth (rockylinux8) +name=Shibboleth (rockylinux9) # Please report any problems to https://shibboleth.atlassian.net/jira type=rpm-md -mirrorlist=https://shibboleth.net/cgi-bin/mirrorlist.cgi/rockylinux8 +mirrorlist=https://shibboleth.net/cgi-bin/mirrorlist.cgi/rockylinux9 gpgcheck=1 gpgkey=https://shibboleth.net/downloads/service-provider/RPMS/repomd.xml.key https://shibboleth.net/downloads/service-provider/RPMS/cantor.repomd.xml.key enabled=1 -