coop-cloud-chaos-patchs
/
docker-simplesamlphp
mirror of https://github.com/3-w-c/docker-simplesamlphp.git
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Log SimpleSAMLphp logs to container logs, partially resolves #1

This commit is contained in:
Adam W Zheng 2019-07-05 15:43:31 -05:00
parent 04d51325e0
commit 046e3cc325
2 changed files with 22 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
1.17.2/README.md
View File

@ -72,7 +72,7 @@ This will vary greatly depending on use. A compose file similar to a production
| /var/simplesamlphp/extra | -- |
| /var/simplesamlphp/lib | -- |
| /var/simplesamlphp/locales | Mount for customized user messages and translations. |
| /var/simplesamlphp/log | If using docker log redirection (not working yet), this cannot be volume mounted. If docker logs write to a file, this should be volume mounted so logs do not grow inside the container. |
| /var/simplesamlphp/log | If using docker log redirection, this cannot be volume mounted. If docker logs write to a file, this should be volume mounted so logs do not grow inside the container. |
| /var/simplesamlphp/metadata | Should always be volume mounted, very specific to organization. |
| /var/simplesamlphp/metadata-templates | -- |
| /var/simplesamlphp/modules | Can be volume mounted for easier module customization |
@ -92,7 +92,7 @@ It is recommended to set them properly and not use default values.
| Variable | Default Value | Description |
| ------ | ------ | ------ |
| CONFIG_BASEURLPATH | simplesaml/ | If using SSL behind a proxy enter the base URL here, otherwise IdP metadata will use http://. Format is [(https)://(hostname)[:port]]/[path/to/simplesaml/]. |
| DOCKER_REDIRECTLOGS | false | Redirect logs written to the log file by SimpleSAMLphp to `/proc/1/fd/1`. This does not work yet due to permissions issues. If someone knows how to resolve this please let me know or contribute a fix to the Git repository. Thanks! |
| DOCKER_REDIRECTLOGS | false | Redirect logs written to the log file by SimpleSAMLphp to `/dev/console`. Please run with -t as a TTY will need allocated for this to work. |
| CONFIG_AUTHADMINPASSWORD | SSHA256 hash of '123' | Plain text works as well. Use PWGen to generate a hash for this variable. Refer to [SimpleSAMLphp docs](https://simplesamlphp.org/docs/stable/simplesamlphp-install), installation guide section 7. |
| CONFIG_SECRETSALT | defaultsecretsalt | Refer to [SimpleSAMLphp docs](https://simplesamlphp.org/docs/stable/simplesamlphp-install), installation guide section 7 if help is needed for generating one. |
| CONFIG_TECHNICALCONTACT_NAME | Administrator | Name of the Admin of Rainy Clouds, 42nd of Their Name, Breaker of Sanity, and ~~Destroyer~~ Protector of the Federation |
@ -146,6 +146,3 @@ Default CONFIG_MEMCACHESTORESERVERS format, 2 pair of 2 example. Use this templa
This is being actively maintained and is running in production for several organizations.
Please [create an issue](https://github.com/Venator-Fox/docker-simplesamlphp/issues) if needed or if additional variables/features are desired.
### Todos
- Figure out logging to docker stdio

28
1.17.2/install-simplesamlphp.sh
View File

@ -62,6 +62,7 @@ POSTFIX_MYDESTINATION=${POSTFIX_MYDESTINATION:=}
if [ "$DOCKER_REDIRECTLOGS" = "true" ]; then
echo "[$0] DOCKER_REDIRECTLOGS was set to 'true', so setting CONFIG_LOGGINGHANDLER to 'file'"
CONFIG_LOGGINGHANDLER=file
if [ "$CONFIG_LOGFILE" != "simplesamlphp.log" ]; then
echo "[$0] [WARN] DOCKER_REDIRECTLOGS was set to true, but CONFIG_LOGFILE was set away from the default. It makes no sense to do this as logs are redirected to a pipe."
echo "[$0] If a simplesamlphp logfile is desired instead of docker logs, set DOCKER_REDIRECTLOGS to 'false' and volume mount the logs directory to the host."
@ -75,15 +76,26 @@ if [ "$DOCKER_REDIRECTLOGS" = "true" ]; then
echo "[$0] Pausing 5 seconds due to above warning."
sleep 5
fi
else
if [ "$CONFIG_LOGGINGHANDLER" = "file" ]; then
echo "[$0] [WARN] CONFIG_LOGGINGHANDLER is set to 'file' but the log directory is not volume mounted."
echo "[$0] [WARN] This will cause the container to grow with a logfile and is in most cases very undesirable."
echo "[$0] Pausing 5 seconds due to above warning."
sleep 5
fi
fi
ln -sf /proc/1/fd/1 /var/simplesamlphp/log/$CONFIG_LOGFILE
echo "[$0] Check for TTY"
if [ ! -e /dev/console ]; then
echo "[$0] [WARN] DOCKER_REDIRECTLOGS is set to true but no TTY is available for console."
echo "[$0] SimpleSAMLphp logs will NOT redirect. Destroy and re-run with -t to allocate a TTY."
echo "[$0] Pausing 5 seconds due to above warning."
sleep 5
else
echo "[$0] Creating symlink $CONFIG_LOGFILE targeting /dev/console to redirect logs"
ln -sf /dev/console /var/simplesamlphp/log/$CONFIG_LOGFILE
chown nginx:nginx /var/simplesamlphp/log/$CONFIG_LOGFILE
fi
fi
if [ "$CONFIG_LOGGINGHANDLER" = "file" ] && [ ! -z "$(ls -A /var/simplesamlphp/log/)" ] && [ ! -L /var/simplesamlphp/log/$CONFIG_LOGFILE ]; then
echo "[$0] [WARN] CONFIG_LOGGINGHANDLER is set to 'file' but the log directory is not volume mounted."
echo "[$0] [WARN] This will cause the container to grow with a logfile and is in most cases very undesirable."
echo "[$0] Pausing 5 seconds due to above warning."
sleep 5
fi
#Only set memcache vars if storetype is memcache