EOX GitLab Instance

Skip to content
Snippets Groups Projects
Commit 9e041837 authored by Lubomir Dolezal's avatar Lubomir Dolezal
Browse files

use certs as secrets

parent ee82519e
No related branches found
No related tags found
2 merge requests!36Staging to master to prepare 1.0.0 release,!34Shib auth
Hide whitespace changes
Inline Side-by-side
docker-compose.base.ops.yml
+ 10
0
View file @ 9e041837
......@@ -31,6 +31,11 @@ services:
- shib-extnet
shibauth:
image: testing-shibboleth
environment:
APACHE_SERVERNAME: "https://emg.pdas.prism.eox.at:443"
secrets:
- SHIB_CERT
- SHIB_KEY
deploy:
replicas: 1
placement:
......@@ -67,3 +72,8 @@ networks:
name: logging-extnet
shib-extnet:
name: shib-extnet
secrets:
SHIB_CERT:
external: true
SHIB_KEY:
external: true
shibauth/shibboleth-conf/shibboleth2.xml
+ 1
1
View file @ 9e041837
......@@ -23,7 +23,7 @@
<AttributeExtractor type="XML" validate="true" reloadChanges="false" path="attribute-map.xml"/>
<AttributeResolver type="Query" subjectMatch="true"/>
<AttributeFilter type="XML" validate="true" path="attribute-policy.xml"/>
<CredentialResolver type="File" key="sp-key.pem" certificate="sp-cert.pem"/>
<CredentialResolver type="File" key="/run/secrets/SHIB_KEY" certificate="/run/secrets/SHIB_CERT"/>
</ApplicationDefaults>
<SecurityPolicyProvider type="XML" validate="true" path="security-policy.xml"/>
<ProtocolProvider type="XML" validate="true" reloadChanges="false" path="protocols.xml"/>
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment