Permalink
Browse files

fix supervisord cfg

  • Loading branch information...
pcaskey committed Oct 13, 2018
1 parent 6ed1999 commit e9dab8eaec5a07d1301fef30ce0cb517d681a426
Showing with 9 additions and 8 deletions.
  1. +0 −2 Dockerfile
  2. +8 −5 README.md
  3. +1 −1 container_files/system/supervisord.conf
@@ -34,10 +34,8 @@ RUN curl -o /etc/yum.repos.d/security:shibboleth.repo \
RUN LD_LIBRARY_PATH="/opt/shibboleth/lib64"
RUN export LD_LIBRARY_PATH

ADD ./container_files/system/shibboleth_keygen.sh /usr/local/bin/
ADD ./container_files/httpd/ssl.conf /etc/httpd/conf.d/
ADD ./container_files/shibboleth/* /etc/shibboleth/
RUN chmod +x /usr/local/bin/shibboleth_keygen.sh

# fix httpd logging to tier format
RUN sed -i 's/LogFormat "/LogFormat "httpd;access_log;%{ENV}e;%{USERTOKEN}e;/g' /etc/httpd/conf/httpd.conf \
@@ -8,12 +8,15 @@ It is based from CentOS 7 and includes httpd, mod_ssl, and the current shibbolet

Files you must supply/override in your downstream builds:

1. The SP's ***private key and corresponding certificate*** (very important!), which can be generated in your downstream container like this:
> RUN /usr/local/bin/shibboleth_keygen.sh -o /etc/shibboleth -f
1. The SP's ***private keys and corresponding certificates*** (very important!), which can be generated in your downstream container like this:
> RUN /etc/shibboleth/keygen.sh -o /etc/shibboleth/ -y 10 -n sp-encrypt -f \
> && /etc/shibboleth/keygen.sh -o /etc/shibboleth/ -y 10 -n sp-signing -f
>
> ...that command generates/overwrites the following files:
> /etc/shibboleth/sp-key.pem
> /etc/shibboleth/sp-cert.pem
> ...those commands generate/overwrite the following files:
> /etc/shibboleth/sp-encrypt-key.pem
> /etc/shibboleth/sp-encrypt-cert.pem
> /etc/shibboleth/sp-signing-key.pem
> /etc/shibboleth/sp-signing-cert.pem
2. ***/etc/httpd/conf.d/ssl.conf***
> including:
@@ -25,7 +25,7 @@ stderr_logfile=/tmp/loghttpd
stderr_logfile_maxbytes=0

[program:shibd]
command=/usr/sbin/shibd
command=/usr/sbin/shibd -f
autostart=true
autorestart=true
stdout_logfile=/tmp/logshibd

0 comments on commit e9dab8e

Please sign in to comment.