diff options
| -rw-r--r-- | idp/Dockerfile | 2 | ||||
| -rwxr-xr-x | idp/shib-entrypoint.sh | 17 | ||||
| -rw-r--r-- | idp/shibboleth.db.ddl | 11 | ||||
| -rw-r--r-- | idp/shibboleth.properties | 6 | ||||
| -rw-r--r-- | idp/templates/config/logback.xml | 4 |
5 files changed, 15 insertions, 25 deletions
diff --git a/idp/Dockerfile b/idp/Dockerfile index 037d50b..0b0b807 100644 --- a/idp/Dockerfile +++ b/idp/Dockerfile @@ -1,5 +1,5 @@ FROM jetty:9-alpine -MAINTAINER Jesper B. Rosenkilde <jbr@nordu.net> +LABEL authors="Markus Krogh <markus@nordu.net>,Jesper B. Rosenkilde <jbr@nordu.net>" USER root ENV IDP_VERSION 3.3.1 diff --git a/idp/shib-entrypoint.sh b/idp/shib-entrypoint.sh index 944ea09..33d534f 100755 --- a/idp/shib-entrypoint.sh +++ b/idp/shib-entrypoint.sh @@ -13,6 +13,13 @@ fi if [ -n "$IDP_SCOPE" ]; then sed -i -e "/idp.scope=/ s/nordu.dev/$IDP_HOSTNAME/" $IDP_PROPERTIES fi +# log to /opt/data/logs +if [ -e /opt/data ]; then + if ! grep -q "idp.logfiles=" $IDP_PROPERTIES; then + mkdir /opt/data/logs + echo "idp.logfiles=/opt/data/logs" >> $IDP_PROPERTIES + fi +fi # FTICKS if [ -n "$FTICKS_FEDERATION" ]; then @@ -37,7 +44,7 @@ fi # PersistentID if [ -n "$IDP_PERSISTENTID_SALT" ]; then - if ! grep '<ref bean="shibboleth.SAML2PersistentGenerator" />' /opt/shibboleth-idp/conf/saml-nameid.xml ; then + if ! grep -q '<ref bean="shibboleth.SAML2PersistentGenerator" />' /opt/shibboleth-idp/conf/saml-nameid.xml ; then sed -i -e '/<util:list id="shibboleth.SAML2NameIDGenerators">/ a <ref bean="shibboleth.SAML2PersistentGenerator" />' /opt/shibboleth-idp/conf/saml-nameid.xml fi @@ -47,13 +54,13 @@ if [ -n "$IDP_PERSISTENTID_SALT" ]; then -e '/idp.persistentId.salt/ s/^#//' \ -e "/idp.persistentId.salt/ s/changethistosomethingrandom/$IDP_PERSISTENTID_SALT/" /opt/shibboleth-idp/conf/saml-nameid.properties # add xml conf to attribute-resolver - if ! grep "%{idp.persistentId.sourceAttribute}" /opt/shibboleth-idp/conf/attribute-resolver.xml ; then + if ! grep -q "%{idp.persistentId.sourceAttribute}" /opt/shibboleth-idp/conf/attribute-resolver.xml ; then sed -i '/<!-- eduPersonTargetdID placeholder -->/r /opt/templates/config/edupersontargetdid.xml.add' /opt/shibboleth-idp/conf/attribute-resolver.xml fi fi if [ -n "$IDP_DEBUG" ]; then - if ! grep "idp.loglevel.messages=DEBUG" $IDP_PROPERTIES ; then + if ! grep -q "idp.loglevel.messages=DEBUG" $IDP_PROPERTIES ; then echo "idp.loglevel.messages=DEBUG" >> $IDP_PROPERTIES echo "idp.loglevel.encryption=DEBUG" >> $IDP_PROPERTIES fi @@ -88,7 +95,7 @@ if [ -e ${DATADIR}/sp-metadata ]; then SP_NAME=${SP_XML%.*} ENTITY_ID=$(grep -o 'entityID=".*"' "$sp_file" | sed -e 's/entityID="//' -e 's/".*$//') - if ! grep "$SP_XML" /opt/shibboleth-idp/conf/metadata-providers.xml ; then + if ! grep -q "$SP_XML" /opt/shibboleth-idp/conf/metadata-providers.xml ; then sed -i '/<!-- local SPs -->/r /opt/templates/config/sp.xml.add' /opt/shibboleth-idp/conf/metadata-providers.xml sed -i -e "s/SP_NAME/$SP_NAME/" -e "s/SP_XML/$SP_XML/" /opt/shibboleth-idp/conf/metadata-providers.xml @@ -101,7 +108,7 @@ fi # Styling/view properties IDP_MESSAGES=/opt/shibboleth-idp/messages/messages.properties if [ -n "$IDP_FOOTER" ]; then - if ! grep "idp.footer" $IDP_PROPERTIES; then + if ! grep -q "idp.footer" $IDP_PROPERTIES; then echo "idp.footer=$IDP_FOOTER" >> $IDP_PROPERTIES fi fi diff --git a/idp/shibboleth.db.ddl b/idp/shibboleth.db.ddl deleted file mode 100644 index 3799b91..0000000 --- a/idp/shibboleth.db.ddl +++ /dev/null @@ -1,11 +0,0 @@ -CREATE TABLE shibpid ( - localEntity VARCHAR(255) NOT NULL, - peerEntity VARCHAR(255) NOT NULL, - persistentId VARCHAR(50) NOT NULL, - principalName VARCHAR(50) NOT NULL, - localId VARCHAR(50) NOT NULL, - peerProvidedId VARCHAR(50) NULL, - creationDate TIMESTAMP NOT NULL, - deactivationDate TIMESTAMP NULL, - PRIMARY KEY (localEntity, peerEntity, persistentId) -); diff --git a/idp/shibboleth.properties b/idp/shibboleth.properties deleted file mode 100644 index da0a7e7..0000000 --- a/idp/shibboleth.properties +++ /dev/null @@ -1,6 +0,0 @@ -idp.src.dir=/opt/shibboleth-identity-provider -idp.target.dir=/opt/shibboleth-idp -idp.host.name=idp.nordu.dev -idp.scope=nordu.dev -idp.keystore.password=lemonade -idp.sealer.password=lemonade diff --git a/idp/templates/config/logback.xml b/idp/templates/config/logback.xml index 6afa4ef..26e5ef0 100644 --- a/idp/templates/config/logback.xml +++ b/idp/templates/config/logback.xml @@ -160,9 +160,9 @@ <!-- F-TICKS syslog destination. --> <appender name="IDP_AUDIT_FTICKS" class="ch.qos.logback.core.rolling.RollingFileAppender"> - <File>${idp.home}/logs/idp-audit-fticks.log</File> + <File>${idp.logfiles}/idp-audit-fticks.log</File> <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${idp.home}/logs/idp-audit-fticks%d{yyyy-MM-dd}.log.gz</fileNamePattern> + <fileNamePattern>${idp.logfiles}/idp-audit-fticks%d{yyyy-MM-dd}.log.gz</fileNamePattern> <maxHistory>180</maxHistory> </rollingPolicy> <encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder"> |