From 27dd70616418bde6ac8b18afde5561369eef6d74 Mon Sep 17 00:00:00 2001 From: villadalmine Date: Tue, 13 Sep 2016 18:16:44 -0300 Subject: [PATCH 1/4] Added shibmod in DOckerfile --- Dockerfile | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 9c8d814..3aaee7c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -32,5 +32,9 @@ COPY conf/attribute-map.xml /opt/etc/shibboleth/attribute-map.xml COPY conf/inc-md-cert.pem /opt/etc/shibboleth/inc-md-cert.pem COPY conf/shibboleth_keygen.sh /opt/bin/shibboleth_keygen.sh +#Added shib module apache +RUN ln -s /opt/etc/httpd/conf.modules.d/00-shib.conf /etc/httpd/conf.modules.d/00-shib.conf +RUN ln -s /usr/lib64/shibboleth/mod_shib_24.so /etc/httpd/modules/mod_shib_24.so + EXPOSE 80 443 -CMD ["httpd-shib-foreground"] \ No newline at end of file +CMD ["httpd-shib-foreground"] From 24083d6d539635240757871f8820701a51a663f1 Mon Sep 17 00:00:00 2001 From: villadalmine Date: Tue, 13 Sep 2016 18:28:01 -0300 Subject: [PATCH 2/4] Added directory for shib modules --- Dockerfile | 3 +++ container_files/etc/httpd/conf.modules.d/00-shib.conf | 1 + 2 files changed, 4 insertions(+) create mode 100644 container_files/etc/httpd/conf.modules.d/00-shib.conf diff --git a/Dockerfile b/Dockerfile index 3aaee7c..84579bb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -26,6 +26,9 @@ RUN curl -o /etc/yum.repos.d/security:shibboleth.repo \ && rm /etc/httpd/conf.d/ssl.conf \ && rm /etc/httpd/conf.d/userdir.conf \ && rm /etc/httpd/conf.d/welcome.conf + +# Add starters and installers +ADD ./container_files /opt COPY httpd-shib-foreground /usr/local/bin/ COPY conf/attribute-map.xml /opt/etc/shibboleth/attribute-map.xml diff --git a/container_files/etc/httpd/conf.modules.d/00-shib.conf b/container_files/etc/httpd/conf.modules.d/00-shib.conf new file mode 100644 index 0000000..0e5c7b2 --- /dev/null +++ b/container_files/etc/httpd/conf.modules.d/00-shib.conf @@ -0,0 +1 @@ +LoadModule mod_shib /usr/lib64/shibboleth/mod_shib_24.so From 894e63e5dbffe40bb9419cf1f0489d13f1bbe11d Mon Sep 17 00:00:00 2001 From: villadalmine Date: Tue, 13 Sep 2016 18:30:38 -0300 Subject: [PATCH 3/4] Added ssl.conf file --- container_files/etc/httpd/conf.d/ssl.conf | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 container_files/etc/httpd/conf.d/ssl.conf diff --git a/container_files/etc/httpd/conf.d/ssl.conf b/container_files/etc/httpd/conf.d/ssl.conf new file mode 100644 index 0000000..ccc067c --- /dev/null +++ b/container_files/etc/httpd/conf.d/ssl.conf @@ -0,0 +1,6 @@ +SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog +SSLSessionCache shmcb:/run/httpd/sslcache(512000) +SSLSessionCacheTimeout 300 +SSLRandomSeed startup file:/dev/urandom 256 +SSLRandomSeed connect builtin +SSLCryptoDevice builtin From 5d764df7a1778427f070aa126f6ef6877897977c Mon Sep 17 00:00:00 2001 From: villadalmine Date: Tue, 13 Sep 2016 18:31:19 -0300 Subject: [PATCH 4/4] Added dockerfile config for ssl --- Dockerfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Dockerfile b/Dockerfile index 84579bb..43ca358 100644 --- a/Dockerfile +++ b/Dockerfile @@ -35,6 +35,9 @@ COPY conf/attribute-map.xml /opt/etc/shibboleth/attribute-map.xml COPY conf/inc-md-cert.pem /opt/etc/shibboleth/inc-md-cert.pem COPY conf/shibboleth_keygen.sh /opt/bin/shibboleth_keygen.sh +#Added ssl default conf +RUN ln -s /opt/etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf + #Added shib module apache RUN ln -s /opt/etc/httpd/conf.modules.d/00-shib.conf /etc/httpd/conf.modules.d/00-shib.conf RUN ln -s /usr/lib64/shibboleth/mod_shib_24.so /etc/httpd/modules/mod_shib_24.so