forked from italia/spid-shibboleth-proxy-docker
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
73 lines (62 loc) · 2.2 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
# Copyright 2018 AgID - Agenzia per l'Italia Digitale
#
# Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
# the European Commission - subsequent versions of the EUPL (the "Licence").
#
# You may not use this work except in compliance with the Licence.
#
# You may obtain a copy of the Licence at:
#
# https://joinup.ec.europa.eu/software/page/eupl
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# Licence for the specific language governing permissions and limitations
# under the Licence.
FROM centos:7
LABEL maintainer="AgID - Agenzia per l'Italia Digitale" \
maintainer.email="spid.tech@agid.gov.it"
# add Shibboleth repo
COPY ./etc/yum.repos.d/shibboleth.repo /etc/yum.repos.d/
# install dependencies
RUN yum install -y \
httpd \
java-1.8.0-openjdk-headless \
mod_php \
mod_ssl \
shibboleth.x86_64 \
unzip \
&& yum -y clean all
# install xmlsectools
WORKDIR /tmp
RUN curl https://shibboleth.net/downloads/PGP_KEYS 2>/dev/null | gpg --import \
&& curl http://shibboleth.net/downloads/tools/xmlsectool/latest/xmlsectool-2.0.0-bin.zip > xmlsectool.zip \
&& curl http://shibboleth.net/downloads/tools/xmlsectool/latest/xmlsectool-2.0.0-bin.zip.asc > xmlsectool.zip.asc \
&& gpg --verify xmlsectool.zip.asc xmlsectool.zip \
&& unzip xmlsectool.zip \
&& mv xmlsectool-2.0.0 /opt/xmlsectool \
&& rm -f \
xmlsectool.zip \
xmlsectool.zip.asc \
&& yum remove -y \
unzip
# add tmp files
COPY ./tmp/ /tmp/
# add static pages
COPY ./var/www/html/access /var/www/html/access
COPY ./var/www/html/whoami /var/www/html/whoami
# add application paths
COPY ./opt/shibboleth-sp /opt/shibboleth-sp
COPY ./opt/spid-metadata /opt/spid-metadata
# add configurations
COPY ./etc/shibboleth/ /etc/shibboleth/
COPY ./etc/httpd/conf.d/ /etc/httpd/conf.d/
# copy bootstrap script
COPY ./usr/local/bin/ /usr/local/bin/
RUN chmod +x \
/usr/local/bin/docker-bootstrap.sh \
/usr/local/bin/metagen.sh
# run it
EXPOSE 80 443
CMD ["docker-bootstrap.sh"]