Merge pull request #58 from internet2/CSPWB-19

Cspwb 19
internet2 · Dec 14, 2020 · 3ce0806 · 3ce0806
2 parents 4448610 + df29a7a
commit 3ce0806
Show file tree

Hide file tree

Showing 5 changed files with 8 additions and 70 deletions.
diff --git a/Workbench/configs-and-secrets/wordpress/httpd/shib.conf b/Workbench/configs-and-secrets/wordpress/httpd/shib.conf
@@ -22,7 +22,7 @@ ShibCompatValidUser Off
 #
 # Ensures handler will be accessible.
 #
-<Location /registrySSO/Shibboleth.sso>
+<Location /wordpresssSSO/Shibboleth.sso>
   AuthType None
   Require all granted
   SetHandler shib

diff --git a/Workbench/configs-and-secrets/wordpress/shibboleth/shibboleth2.xml b/Workbench/configs-and-secrets/wordpress/shibboleth/shibboleth2.xml
@@ -24,7 +24,7 @@
         cookieProps to "https" for SSL-only sites. Note that while we default checkAddress to
         "false", this makes an assertion stolen in transit easier for attackers to misuse.
         -->
-        <Sessions lifetime="28800" timeout="3600" relayState="ss:mem" handlerURL="/registrySSO/Shibboleth.sso"
+        <Sessions lifetime="28800" timeout="3600" relayState="ss:mem" handlerURL="/wordpressSSO/Shibboleth.sso"
                   checkAddress="false" handlerSSL="true" cookieProps="https"
                   redirectLimit="exact">
 

diff --git a/Workbench/docker-compose.yml b/Workbench/docker-compose.yml
@@ -300,6 +300,11 @@ services:
     command: bash -c 'if [ ! -s /var/www/html/wp-config.php ];  then while ! nc -z  wordpress_data 3306 ; do echo waiting for mysql on wordpress_data to start; sleep 3; done; /root/wp core download --allow-root && sleep 10 && /root/wp config create --dbname=wordpress --dbuser=wordpress --dbpass=54y6RxN7GfC7aes3 --dbhost=wordpress_data --allow-root; sleep 3 && /root/wp core install --url="http://localhost/" --title="wordpress" --admin_user="admin" --admin_password="54y6RxN7GfC7aes3" --admin_email="sentrifugo.container@gmail.com" --allow-root && /root/wp --allow-root rewrite structure "/%postname%" --hard --debug; /root/wp  rewrite flush --hard --debug --allow-root && sed -i "s/<\/IfModule>/RewriteCond \%{HTTP:Authorization} \^\(\.\*\)\nRewriteRule \^\(\.\*\) - [E=HTTP_AUTHORIZATION:\%1]\n<\/IfModule>\nSetEnvIf Authorization "\(\.\*\)" HTTP_AUTHORIZATION=\$$1/" /var/www/html/.htaccess && /root/sed.sh && /root/wp plugin install jwt-authentication-for-wp-rest-api  --activate --allow-root && /root/wp plugin install wp-rest-api-log --activate --allow-root && /root/wp plugin install shibboleth --activate --allow-root; fi; /usr/local/bin/startup.sh;'
     ports:
       - "80:80"
+    healthcheck:
+      test: curl -s wordpress_server:80
+      interval: 30s
+      timeout: 30s
+      retries: 3
     devices:
       - "/dev/tty:/dev/tty"
     volumes:

diff --git a/...nt_server/container_files/mp-home/post-initial-objects/roles/200-metarole-role-editor.xml b/...nt_server/container_files/mp-home/post-initial-objects/roles/200-metarole-role-editor.xml
diff --git a/Workbench/wordpress_server/Dockerfile b/Workbench/wordpress_server/Dockerfile
@@ -1,4 +1,4 @@
-FROM tier/shibboleth_sp:3.0.4_03122019
+FROM tier/shibboleth_sp:latest
 
 VOLUME /var/www/html