Permalink
Browse files
Merge pull request #9 from docker/3.0.4_03122019
3.0.4 03122019
- Loading branch information
Showing
with
699 additions
and 205 deletions.
- +0 −41 BINSCRIPTS.md
- +50 −17 Dockerfile
- +2 −1 Jenkinsfile
- +32 −2 README.md
- +2 −1 bin/ci-run.sh
- +1 −0 bin/ci-stop.sh
- +1 −1 common.bash
- +0 −7 container_files/bin/httpd-shib-foreground
- +0 −75 container_files/bin/shibboleth_keygen.sh
- +0 −6 container_files/etc/httpd/conf.d/ssl.conf
- +0 −1 container_files/etc/httpd/conf.modules.d/00-shib.conf
- +0 −32 container_files/etc/shibboleth/attribute-map.xml
- +3 −0 container_files/httpd/index.html
- +217 −0 container_files/httpd/ssl.conf
- 0 container_files/{etc → }/shibboleth/inc-md-cert.pem
- +40 −0 container_files/shibboleth/native.logger
- +60 −0 container_files/shibboleth/shibd.logger
- +28 −0 container_files/system/sendtierbeacon.sh
- +6 −0 container_files/system/setenv.sh
- +18 −0 container_files/system/setupcron.sh
- +92 −0 container_files/system/shibboleth_keygen.sh
- +27 −0 container_files/system/startup.sh
- +38 −0 container_files/system/supervisord.conf
- +0 −13 install.sh
- +73 −0 tests/clairscan.sh
- +7 −7 tests/image.bats
- +2 −1 tests/running.bats
@@ -1,6 +1,36 @@ | ||
# shibboleth-sp | ||
# TIER shibboleth-sp | ||
|
||
[](https://jenkins.testbed.tier.internet2.edu/job/docker/shib-sp/master) | ||
|
||
This image is the parent of COmanage and Grouper containers, as it contains the OpenSUSE repositories for shibboleth package management, and an apache installation. | ||
This is the TIER upstream Shibboleth SP container. | ||
|
||
It is based from CentOS 7 and includes httpd, mod_ssl, and the current shibboleth SP. | ||
|
||
Files you must supply/override in your downstream builds: | ||
|
||
1. The SP's ***private keys and corresponding certificates*** (very important!), which can be generated in your downstream container like this: | ||
> RUN /etc/shibboleth/keygen.sh -o /etc/shibboleth/ -y 10 -n sp-encrypt -f \ | ||
> && /etc/shibboleth/keygen.sh -o /etc/shibboleth/ -y 10 -n sp-signing -f | ||
> | ||
> ...those commands generate/overwrite the following files: | ||
> /etc/shibboleth/sp-encrypt-key.pem | ||
> /etc/shibboleth/sp-encrypt-cert.pem | ||
> /etc/shibboleth/sp-signing-key.pem | ||
> /etc/shibboleth/sp-signing-cert.pem | ||
2. ***/etc/httpd/conf.d/ssl.conf*** | ||
> including: | ||
> ServerName fqdn:port | ||
> UseCanonicalName On | ||
3. ***/etc/shibboleth/shibboleth2.xml*** | ||
> including: | ||
> entityID | ||
<br /><br /> | ||
***New in the 3.0 release:*** | ||
* The image is based from the public CentOS7 image | ||
* The TIER logging format has been implemented for shibd and httpd | ||
* Everything now runs under supervisord | ||
* The TIER Beacon has been implemented | ||
* The file */etc/httpd/conf.d/ssl.conf* is now the default CentOS7 file | ||
@@ -1,3 +1,3 @@ | ||
maintainer="tier" | ||
imagename="shibboleth_sp" | ||
version="2.5.1" | ||
version="3.0.3" |
@@ -0,0 +1,3 @@ | ||
<br /> | ||
<h3>This page is protected by the Shibboleth SP.</h3> | ||
|

Oops, something went wrong.