|
| 1 | +FROM centos:centos7 |
| 2 | + |
| 3 | +# Based on: https://github.com/jtgasper3/docker-images/blob/master/centos-shib-sp/Dockerfile |
| 4 | + |
| 5 | +ENV APACHE_VERSION 2.4.6-67.el7.centos.6 |
| 6 | +ENV SHIBBOLETH_VERSION 2.6.1-3.1 |
| 7 | +RUN yum -y update \ |
| 8 | + && yum -y install wget \ |
| 9 | + && wget http://download.opensuse.org/repositories/security://shibboleth/CentOS_7/security:shibboleth.repo -P /etc/yum.repos.d \ |
| 10 | + && sed -i -e "s/download\./\downloadcontent\./" /etc/yum.repos.d/security\:shibboleth.repo \ |
| 11 | + && yum -y install httpd-${APACHE_VERSION} mod_ssl shibboleth-${SHIBBOLETH_VERSION} \ |
| 12 | + && yum -y clean all |
| 13 | + |
| 14 | +RUN echo "export LD_LIBRARY_PATH=/opt/shibboleth/lib64:$LD_LIBRARY_PATH" >> /etc/sysconfig/shibd \ |
| 15 | + && echo "export SHIBD_USER=shibd" >> /etc/sysconfig/shibd \ |
| 16 | + && sed -i \ |
| 17 | + -e "s|log4j.appender.shibd_log=.*$|log4j.appender.shibd_log=org.apache.log4j.ConsoleAppender|" \ |
| 18 | + -e "s|log4j.appender.warn_log=.*$|log4j.appender.warn_log=org.apache.log4j.ConsoleAppender|" \ |
| 19 | + -e "s|log4j.appender.tran_log=.*$|log4j.appender.tran_log=org.apache.log4j.ConsoleAppender|" \ |
| 20 | + -e "s|log4j.appender.sig_log=.*$|log4j.appender.sig_log=org.apache.log4j.ConsoleAppender|" \ |
| 21 | + /etc/shibboleth/shibd.logger |
| 22 | + |
| 23 | +RUN sed -i -r \ |
| 24 | + -e "s|^(\s*ErrorLog)\s+\S+|\1 /dev/stderr|" \ |
| 25 | + -e 's|^(\s*CustomLog)\s+\S+\s+(.*$)|\1 /dev/stdout \2 env=\!dontlog|' \ |
| 26 | + /etc/httpd/conf/httpd.conf \ |
| 27 | + && echo "ServerSignature Off" >> /etc/httpd/conf/httpd.conf \ |
| 28 | + && echo "ServerTokens Prod" >> /etc/httpd/conf/httpd.conf \ |
| 29 | + && rm -f /etc/httpd/conf.d/{autoindex.conf,welcome.conf} |
| 30 | + |
| 31 | +COPY httpd-shibd-foreground /usr/local/bin/ |
| 32 | +RUN chmod +x /usr/local/bin/httpd-shibd-foreground |
| 33 | + |
| 34 | +EXPOSE 80 443 |
| 35 | + |
| 36 | +CMD ["httpd-shibd-foreground"] |
0 commit comments