Skip to content
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Go to file
Cannot retrieve contributors at this time
FROM --platform=$TARGETPLATFORM rockylinux:8.9
# Define args and set a default value
ARG maintainer=tier
ARG imagename=shibboleth_sp
ARG version=3.4.1
ARG TIERVERSION=20240308-Rocky8-MA
MAINTAINER $maintainer
LABEL Vendor="Internet2"
LABEL ImageType="Base"
LABEL ImageName=$imagename
LABEL ImageOS=rocky8
LABEL Version=$version
LABEL Build docker build --rm --tag $maintainer/$imagename .
#For logging customization
ENV ENV=dev \
RUN ln -sf /usr/share/zoneinfo/UTC /etc/localtime \
&& echo "NETWORKING=yes" > /etc/sysconfig/network
RUN rm -fr /var/cache/yum/* && yum clean all && yum -y install --setopt=tsflags=nodocs epel-release && yum -y update && \
yum -y install net-tools wget curl tar unzip mlocate logrotate strace telnet man vim rsyslog httpd mod_ssl dos2unix cronie supervisor && \
yum clean all
#install shibboleth, cleanup httpd
COPY container_files/shibboleth/shibboleth.repo /etc/yum.repos.d/security:shibboleth.repo
RUN yum -y install shibboleth-$version-\* \
&& yum clean all
ADD ./container_files/httpd/*.conf /etc/httpd/conf.d/
ADD ./container_files/shibboleth/* /etc/shibboleth/
RUN openssl req -new -nodes -newkey rsa:2048 -subj "/commonName=localhost.localdomain" -batch -keyout /etc/pki/tls/private/localhost.key -out localhost.csr
RUN openssl x509 -req -days 1825 -in localhost.csr -signkey /etc/pki/tls/private/localhost.key -out /etc/pki/tls/certs/localhost.crt
RUN sed -i '/^[[:space:]]*CustomLog/s/^/#/' /etc/httpd/conf/httpd.conf
# add a basic page to shibb's default protected directory
RUN mkdir -p /var/www/html/secure/; mkdir -p /opt/tier/
ADD container_files/httpd/index.html /var/www/html/secure/
# setup crond and supervisord
ADD container_files/system/ /usr/local/bin/
ADD container_files/system/ /usr/local/bin/
ADD container_files/system/ /opt/tier/
ADD container_files/system/ /usr/local/bin/
ADD container_files/system/supervisord.conf /etc/supervisord.conf
RUN mkdir -p /etc/supervisor/conf.d \
&& chmod +x /usr/local/bin/ \
&& chmod +x /usr/local/bin/ \
# setup cron
&& /usr/local/bin/
#set cron to not require a login session
RUN sed -i '/session required\#session required' /etc/pam.d/crond
# Link the old location of the file for compatibility
RUN cd /etc/supervisor && ln -s ../supervisord.conf supervisord.conf
EXPOSE 80 443
HEALTHCHECK --interval=1m --timeout=30s \
CMD curl -k -f || exit 1
CMD ["/usr/local/bin/"]