Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
fix supervisord cfg
  • Loading branch information
pcaskey committed Oct 13, 2018
1 parent 6ed1999 commit e9dab8e
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 8 deletions.
2 changes: 0 additions & 2 deletions Dockerfile
Expand Up @@ -34,10 +34,8 @@ RUN curl -o /etc/yum.repos.d/security:shibboleth.repo \
RUN LD_LIBRARY_PATH="/opt/shibboleth/lib64"
RUN export LD_LIBRARY_PATH

ADD ./container_files/system/shibboleth_keygen.sh /usr/local/bin/
ADD ./container_files/httpd/ssl.conf /etc/httpd/conf.d/
ADD ./container_files/shibboleth/* /etc/shibboleth/
RUN chmod +x /usr/local/bin/shibboleth_keygen.sh

# fix httpd logging to tier format
RUN sed -i 's/LogFormat "/LogFormat "httpd;access_log;%{ENV}e;%{USERTOKEN}e;/g' /etc/httpd/conf/httpd.conf \
Expand Down
13 changes: 8 additions & 5 deletions README.md
Expand Up @@ -8,12 +8,15 @@ It is based from CentOS 7 and includes httpd, mod_ssl, and the current shibbolet

Files you must supply/override in your downstream builds:

1. The SP's ***private key and corresponding certificate*** (very important!), which can be generated in your downstream container like this:
> RUN /usr/local/bin/shibboleth_keygen.sh -o /etc/shibboleth -f
1. The SP's ***private keys and corresponding certificates*** (very important!), which can be generated in your downstream container like this:
> RUN /etc/shibboleth/keygen.sh -o /etc/shibboleth/ -y 10 -n sp-encrypt -f \
> && /etc/shibboleth/keygen.sh -o /etc/shibboleth/ -y 10 -n sp-signing -f
>
> ...that command generates/overwrites the following files:
> /etc/shibboleth/sp-key.pem
> /etc/shibboleth/sp-cert.pem
> ...those commands generate/overwrite the following files:
> /etc/shibboleth/sp-encrypt-key.pem
> /etc/shibboleth/sp-encrypt-cert.pem
> /etc/shibboleth/sp-signing-key.pem
> /etc/shibboleth/sp-signing-cert.pem
2. ***/etc/httpd/conf.d/ssl.conf***
> including:
Expand Down
2 changes: 1 addition & 1 deletion container_files/system/supervisord.conf
Expand Up @@ -25,7 +25,7 @@ stderr_logfile=/tmp/loghttpd
stderr_logfile_maxbytes=0

[program:shibd]
command=/usr/sbin/shibd
command=/usr/sbin/shibd -f
autostart=true
autorestart=true
stdout_logfile=/tmp/logshibd
Expand Down

0 comments on commit e9dab8e

Please sign in to comment.