From 65380e66d4ddb0648907519c119d6c05b9e480dd Mon Sep 17 00:00:00 2001 From: Paul Caskey Date: Mon, 17 Jul 2017 14:15:11 -0500 Subject: [PATCH] bug fixes in configBuilder.sh --- configBuilder.sh | 30 +++++++++++++++++++++++++++--- 1 file changed, 27 insertions(+), 3 deletions(-) diff --git a/configBuilder.sh b/configBuilder.sh index a5f854b..7626682 100755 --- a/configBuilder.sh +++ b/configBuilder.sh @@ -512,8 +512,9 @@ echo "Creating sanitized config for hybrid build..." echo "" destPath=./ConfigNoSecrets cp -rf `realpath ${PWD}`/. $destPath >/dev/null 2>>/dev/null +mkdir -p ./ConfigNoSecrets/SECRETS -# remove secrets +# move secrets mv -f $destPath/config/shib-idp/conf/idp.properties $destPath/SECRETS/idp.properties > /dev/null mv -f $destPath/config/shib-idp/conf/ldap.properties $destPath/SECRETS/ldap.properties > /dev/null mv -f $destPath/credentials/shib-idp/sealer.jks $destPath/SECRETS/sealer.jks > /dev/null @@ -526,7 +527,7 @@ mv -f $destPath/credentials/tomcat/keystore.jks $destPath/SECRETS/keystore.jks > mv -f $destPath/config/shib-idp/conf/relying-party.xml $destPath/SECRETS/relying-party.xml > /dev/null mv -f $destPath/config/shib-idp/conf/attribute-filter.xml $destPath/SECRETS/attribute-filter.xml > /dev/null mv -f $destPath/config/shib-idp/conf/attribute-resolver.xml $destPath/SECRETS/attribute-resolver.xml > /dev/null -mv -f $destPath/config/shib-idp/conf/metadata-sources.xml $destPath/SECRETS/metadata-sources.xml > /dev/null +mv -f $destPath/config/shib-idp/conf/metadata-providers.xml $destPath/SECRETS/metadata-providers.xml > /dev/null echo "" echo Your secrets were removed from the main config and stored in $destPath/SECRETS @@ -572,7 +573,30 @@ if [ ${BURNMOUNT} == "burn" ]; then echo "RUN" echo "" echo " docker run -d --name shib-idp -p 8443:8443 my/shibb-idp-tier" - +elif [ ${BURNMOUNT} == "hybrid" ]; then + echo "Since you have elected to use a hybrid config, the steps for " + echo " you to build and run a TIER Shibboleth-IdP container are below." + echo "BUILD" + echo " It will be necessary to specify where to find your config at build-time, but with a hybrid config, " + echo " you'll want to point it to a config that has no \"secrets\"" + echo "" + echo "To do this, point an environment variable at the alternate location (created by this script):" + echo " export ALTCFG=`realpath ConfigNoSecrets`" + echo "" + echo " docker build --rm -t my/shibb-idp-tier --build-arg TOMCFG=${ALTCFG}/config/tomcat \\ + --build-arg TOMLOG=${ALTCFG}/logs/tomcat \\ + --build-arg TOMCERT=${ALTCFG}/credentials/tomcat \\ + --build-arg TOMWWWROOT=${ALTCFG}/wwwroot \\ + --build-arg SHBCFG=${ALTCFG}/config/shib-idp/conf \\ + --build-arg SHBCREDS=${ALTCFG}/credentials/shib-idp \\ + --build-arg SHBVIEWS=${ALTCFG}/config/shib-idp/views \\ + --build-arg SHBEDWAPP=${ALTCFG}/config/shib-idp/edit-webapp \\ + --build-arg SHBMSGS=${ALTCFG}/config/shib-idp/messages \\ + --build-arg SHBMD=${ALTCFG}/config/shib-idp/metadata \\ + --build-arg SHBLOG=${ALTCFG}/logs/shib-idp ." + echo "" + echo "Next, you would create the appropriate docker secrets and run as a swarm service. See documentation wiki for more info." + echo "" else echo "Since you have elected to use a mounted config, the steps for " echo " you to build and run a TIER Shibboleth-IdP container are below."