From cd3b7f8a6ad51804d8e432de0bc89717c8eea7de Mon Sep 17 00:00:00 2001
From: Lubomir Bucek <lubomir.bucek@eox.at>
Date: Wed, 4 Nov 2020 13:06:28 +0100
Subject: [PATCH] open /secure-cache endpoints, add index.html there too

---
 docker-compose.dem.ops.yml   | 8 +++++---
 docker-compose.emg.ops.yml   | 8 +++++---
 docker-compose.vhr18.ops.yml | 8 +++++---
 3 files changed, 15 insertions(+), 9 deletions(-)

diff --git a/docker-compose.dem.ops.yml b/docker-compose.dem.ops.yml
index 285d973c..e891f57f 100644
--- a/docker-compose.dem.ops.yml
+++ b/docker-compose.dem.ops.yml
@@ -106,7 +106,7 @@ services:
       labels:
         # router for basic auth based access (https)
         - "traefik.http.routers.dem-client.rule=Host(`dem.pdas.prism.eox.at`, `dem.pass.copernicus.eu`)"
-        - "traefik.http.routers.dem-client.middlewares=auth@file,compress@file"
+        - "traefik.http.routers.dem-client.middlewares=shibAuthCache@file,compress@file"
         - "traefik.http.routers.dem-client.tls=true"
         - "traefik.http.routers.dem-client.tls.certresolver=default"
         - "traefik.http.routers.dem-client.entrypoints=https"
@@ -149,13 +149,13 @@ services:
         constraints: [node.role == manager]
       labels:
         # router for basic auth based access (https)
-        - "traefik.http.routers.shibauth.rule=Host(`dem.pass.copernicus.eu`, `a.dem.pass.copernicus.eu`, `b.dem.pass.copernicus.eu`, `c.dem.pass.copernicus.eu`, `d.dem.pass.copernicus.eu`, `e.dem.pass.copernicus.eu`, `f.dem.pass.copernicus.eu`, `g.dem.pass.copernicus.eu`, `h.dem.pass.copernicus.eu`) && PathPrefix(`/secure`, `/Shibboleth.sso`)"
+        - "traefik.http.routers.shibauth.rule=Host(`dem.pass.copernicus.eu`, `a.dem.pass.copernicus.eu`, `b.dem.pass.copernicus.eu`, `c.dem.pass.copernicus.eu`, `d.dem.pass.copernicus.eu`, `e.dem.pass.copernicus.eu`, `f.dem.pass.copernicus.eu`, `g.dem.pass.copernicus.eu`, `h.dem.pass.copernicus.eu`) && PathPrefix(`/secure`, `/secure-cache`, `/Shibboleth.sso`)"
         - "traefik.http.routers.shibauth.middlewares=compress@file,cors@file"
         - "traefik.http.routers.shibauth.tls=true"
         - "traefik.http.routers.shibauth.tls.certresolver=default"
         - "traefik.http.routers.shibauth.entrypoints=https"
         # router for basic auth based access (http)
-        - "traefik.http.routers.shibauth-redirect.rule=Host(`dem.pass.copernicus.eu`, `a.dem.pass.copernicus.eu`, `b.dem.pass.copernicus.eu`, `c.dem.pass.copernicus.eu`, `d.dem.pass.copernicus.eu`, `e.dem.pass.copernicus.eu`, `f.dem.pass.copernicus.eu`, `g.dem.pass.copernicus.eu`, `h.dem.pass.copernicus.eu`) && PathPrefix(`/secure`, `/Shibboleth.sso`)"
+        - "traefik.http.routers.shibauth-redirect.rule=Host(`dem.pass.copernicus.eu`, `a.dem.pass.copernicus.eu`, `b.dem.pass.copernicus.eu`, `c.dem.pass.copernicus.eu`, `d.dem.pass.copernicus.eu`, `e.dem.pass.copernicus.eu`, `f.dem.pass.copernicus.eu`, `g.dem.pass.copernicus.eu`, `h.dem.pass.copernicus.eu`) && PathPrefix(`/secure`, `/secure-cache`, `/Shibboleth.sso`)"
         - "traefik.http.routers.shibauth-redirect.middlewares=redirect@file"
         - "traefik.http.routers.shibauth-redirect.entrypoints=http"
         # general
@@ -181,6 +181,8 @@ services:
         target: /etc/shibboleth/idp-metadata.xml
       - source: shib-index
         target: /var/www/html/secure/index.html
+      - source: shib-index
+        target: /var/www/html/secure-cache/index.html
       - source: shibd-logger
         target: /etc/shibboleth/shibd.logger
       - source: native-logger
diff --git a/docker-compose.emg.ops.yml b/docker-compose.emg.ops.yml
index 04c8beda..941b1f09 100644
--- a/docker-compose.emg.ops.yml
+++ b/docker-compose.emg.ops.yml
@@ -106,7 +106,7 @@ services:
       labels:
         # router for basic auth based access (https)
         - "traefik.http.routers.emg-client.rule=Host(`emg.pdas.prism.eox.at`, `emg.pass.copernicus.eu`)"
-        - "traefik.http.routers.emg-client.middlewares=shibAuth@file,compress@file"
+        - "traefik.http.routers.emg-client.middlewares=shibAuthCache@file,compress@file"
         - "traefik.http.routers.emg-client.tls=true"
         - "traefik.http.routers.emg-client.tls.certresolver=default"
         - "traefik.http.routers.emg-client.entrypoints=https"
@@ -149,13 +149,13 @@ services:
         constraints: [node.role == manager]
       labels:
         # router for basic auth based access (https)
-        - "traefik.http.routers.shibauth.rule=Host(`emg.pass.copernicus.eu`, `a.emg.pass.copernicus.eu`, `b.emg.pass.copernicus.eu`, `c.emg.pass.copernicus.eu`, `d.emg.pass.copernicus.eu`, `e.emg.pass.copernicus.eu`, `f.emg.pass.copernicus.eu`, `g.emg.pass.copernicus.eu`, `h.emg.pass.copernicus.eu`) && PathPrefix(`/secure`, `/Shibboleth.sso`)"
+        - "traefik.http.routers.shibauth.rule=Host(`emg.pass.copernicus.eu`, `a.emg.pass.copernicus.eu`, `b.emg.pass.copernicus.eu`, `c.emg.pass.copernicus.eu`, `d.emg.pass.copernicus.eu`, `e.emg.pass.copernicus.eu`, `f.emg.pass.copernicus.eu`, `g.emg.pass.copernicus.eu`, `h.emg.pass.copernicus.eu`) && PathPrefix(`/secure`, `/secure-cache`, `/Shibboleth.sso`)"
         - "traefik.http.routers.shibauth.middlewares=compress@file,cors@file"
         - "traefik.http.routers.shibauth.tls=true"
         - "traefik.http.routers.shibauth.tls.certresolver=default"
         - "traefik.http.routers.shibauth.entrypoints=https"
         # router for basic auth based access (http)
-        - "traefik.http.routers.shibauth-redirect.rule=Host(`emg.pass.copernicus.eu`, `a.emg.pass.copernicus.eu`, `b.emg.pass.copernicus.eu`, `c.emg.pass.copernicus.eu`, `d.emg.pass.copernicus.eu`, `e.emg.pass.copernicus.eu`, `f.emg.pass.copernicus.eu`, `g.emg.pass.copernicus.eu`, `h.emg.pass.copernicus.eu`) && PathPrefix(`/secure`, `/Shibboleth.sso`)"
+        - "traefik.http.routers.shibauth-redirect.rule=Host(`emg.pass.copernicus.eu`, `a.emg.pass.copernicus.eu`, `b.emg.pass.copernicus.eu`, `c.emg.pass.copernicus.eu`, `d.emg.pass.copernicus.eu`, `e.emg.pass.copernicus.eu`, `f.emg.pass.copernicus.eu`, `g.emg.pass.copernicus.eu`, `h.emg.pass.copernicus.eu`) && PathPrefix(`/secure`, `/secure-cache`, `/Shibboleth.sso`)"
         - "traefik.http.routers.shibauth-redirect.middlewares=redirect@file"
         - "traefik.http.routers.shibauth-redirect.entrypoints=http"
         # general
@@ -181,6 +181,8 @@ services:
         target: /etc/shibboleth/idp-metadata.xml
       - source: shib-index
         target: /var/www/html/secure/index.html
+      - source: shib-index
+        target: /var/www/html/secure-cache/index.html
       - source: shibd-logger
         target: /etc/shibboleth/shibd.logger
       - source: native-logger
diff --git a/docker-compose.vhr18.ops.yml b/docker-compose.vhr18.ops.yml
index 6d517bc9..c17b88c9 100644
--- a/docker-compose.vhr18.ops.yml
+++ b/docker-compose.vhr18.ops.yml
@@ -106,7 +106,7 @@ services:
       labels:
         # router for basic auth based access (https)
         - "traefik.http.routers.vhr18-client.rule=Host(`vhr18.pdas.prism.eox.at`, `vhr18.pass.copernicus.eu`)"
-        - "traefik.http.routers.vhr18-client.middlewares=auth@file,compress@file"
+        - "traefik.http.routers.vhr18-client.middlewares=shibAuthCache@file,compress@file"
         - "traefik.http.routers.vhr18-client.tls=true"
         - "traefik.http.routers.vhr18-client.tls.certresolver=default"
         - "traefik.http.routers.vhr18-client.entrypoints=https"
@@ -149,13 +149,13 @@ services:
         constraints: [node.role == manager]
       labels:
         # router for basic auth based access (https)
-        - "traefik.http.routers.shibauth.rule=Host(`vhr18.pass.copernicus.eu`, `a.vhr18.pass.copernicus.eu`, `b.vhr18.pass.copernicus.eu`, `c.vhr18.pass.copernicus.eu`, `d.vhr18.pass.copernicus.eu`, `e.vhr18.pass.copernicus.eu`, `f.vhr18.pass.copernicus.eu`, `g.vhr18.pass.copernicus.eu`, `h.vhr18.pass.copernicus.eu`) && PathPrefix(`/secure`, `/Shibboleth.sso`)"
+        - "traefik.http.routers.shibauth.rule=Host(`vhr18.pass.copernicus.eu`, `a.vhr18.pass.copernicus.eu`, `b.vhr18.pass.copernicus.eu`, `c.vhr18.pass.copernicus.eu`, `d.vhr18.pass.copernicus.eu`, `e.vhr18.pass.copernicus.eu`, `f.vhr18.pass.copernicus.eu`, `g.vhr18.pass.copernicus.eu`, `h.vhr18.pass.copernicus.eu`) && PathPrefix(`/secure`, `/secure-cache`, `/Shibboleth.sso`)"
         - "traefik.http.routers.shibauth.middlewares=compress@file,cors@file"
         - "traefik.http.routers.shibauth.tls=true"
         - "traefik.http.routers.shibauth.tls.certresolver=default"
         - "traefik.http.routers.shibauth.entrypoints=https"
         # router for basic auth based access (http)
-        - "traefik.http.routers.shibauth-redirect.rule=Host(`vhr18.pass.copernicus.eu`, `a.vhr18.pass.copernicus.eu`, `b.vhr18.pass.copernicus.eu`, `c.vhr18.pass.copernicus.eu`, `d.vhr18.pass.copernicus.eu`, `e.vhr18.pass.copernicus.eu`, `f.vhr18.pass.copernicus.eu`, `g.vhr18.pass.copernicus.eu`, `h.vhr18.pass.copernicus.eu`) && PathPrefix(`/secure`, `/Shibboleth.sso`)"
+        - "traefik.http.routers.shibauth-redirect.rule=Host(`vhr18.pass.copernicus.eu`, `a.vhr18.pass.copernicus.eu`, `b.vhr18.pass.copernicus.eu`, `c.vhr18.pass.copernicus.eu`, `d.vhr18.pass.copernicus.eu`, `e.vhr18.pass.copernicus.eu`, `f.vhr18.pass.copernicus.eu`, `g.vhr18.pass.copernicus.eu`, `h.vhr18.pass.copernicus.eu`) && PathPrefix(`/secure`, `/secure-cache`, `/Shibboleth.sso`)"
         - "traefik.http.routers.shibauth-redirect.middlewares=redirect@file"
         - "traefik.http.routers.shibauth-redirect.entrypoints=http"
         # general
@@ -181,6 +181,8 @@ services:
         target: /etc/shibboleth/idp-metadata.xml
       - source: shib-index
         target: /var/www/html/secure/index.html
+      - source: shib-index
+        target: /var/www/html/secure-cache/index.html
       - source: shibd-logger
         target: /etc/shibboleth/shibd.logger
       - source: native-logger
-- 
GitLab