diff options
| -rw-r--r-- | Dockerfile | 12 | ||||
| -rw-r--r-- | main.go | 4 | ||||
| -rwxr-xr-x | scripts/create-kdc-principal.pl | 2 |
3 files changed, 11 insertions, 7 deletions
@@ -5,13 +5,17 @@ COPY *.go ./ RUN CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o pwman . -FROM alpine:latest -RUN apk --no-cache add ca-certificates +#FROM alpine:latest +#RUN apk --no-cache add ca-certificates +FROM ubuntu:16.04 +RUN apt-get update && \ + apt-get install -y libheimdal-kadm5-perl WORKDIR /opt COPY --from=build /go/src/pwman/pwman /usr/local/bin/ -COPY create-kdc-principal.pl . -COPY krb5.conf . +COPY krb5.conf /etc/krb5.conf +COPY scripts scripts COPY static static COPY templates templates +ENV KRB5_CONF=/etc/krb5.conf CMD ["pwman"] @@ -34,8 +34,8 @@ func main() { flag.StringVar(&ldapUser, "ldap-user", "cn=admin,dc=nordu,dc=net", "An ldap user that can change user attributes") flag.StringVar(&ldapPassword, "ldap-password", "", "Ldap user password") flag.StringVar(&pwnedFile, "pwned", "./pwned-passwords-ordered-2.0.txt", "Path to the pwned passwords list") - flag.StringVar(&krb5Conf, "krb5", "./krb5.conf", "Path to kerberos config file") - flag.StringVar(&changePwScript, "changepw-script", "./create-kdc-principal.pl", "Path to the change password script") + flag.StringVar(&krb5Conf, "krb5-config", "./krb5.conf", "Path to kerberos config file") + flag.StringVar(&changePwScript, "changepw-script", "./scripts/create-kdc-principal.pl", "Path to the change password script") flag.StringVar(&csrfSecret, "csrf-secret", "", "Specify csrf 32 char secret") flag.StringVar(&serverAddr, "address", ":3000", "Server address to listen on") flag.StringVar(&basePath, "base-path", "", "A base path that pwman lives under e.g. /sso") diff --git a/scripts/create-kdc-principal.pl b/scripts/create-kdc-principal.pl index ec541da..a88c96c 100755 --- a/scripts/create-kdc-principal.pl +++ b/scripts/create-kdc-principal.pl @@ -2,7 +2,7 @@ use Heimdal::Kadm5 qw(/KADM5_/); -$client = Heimdal::Kadm5::Client->new('RaiseErrors'=>1,'Principal'=>'shibboleth-idp@NORDU.NET',Keytab=>'/etc/useradmin.keytab'); +$client = Heimdal::Kadm5::Client->new('RaiseErrors'=>1,'Principal'=>'shibboleth-idp@NORDU.NET',Keytab=>'/opt/keytabs/pwman.keytab'); my $line = <STDIN>; my ($user,$pass) = split('\s+',$line); die "Missing parameters on stdin\n" unless ($user and $pass); |