Update to new SimpleSAML

2023-01-24 19:54:23 -08:00 · 2023-01-24 19:54:23 -08:00 · a71d9195e8
commit a71d9195e8
parent f18c9882df
3 changed files with 31 additions and 8 deletions
--- a/LocalSettings.php.tmpl
+++ b/LocalSettings.php.tmpl
@ -166,13 +166,20 @@ wfLoadExtension( 'PluggableAuth' );
 wfLoadExtension( 'SimpleSAMLphp' );

 $wgSimpleSAMLphp_InstallDir = "/var/simplesamlphp/";
-$wgSimpleSAMLphp_AuthSourceId = "{{ env "SAML_AUTH_SOURCE_ID" }}";
-$wgSimpleSAMLphp_RealNameAttribute = "{{ env "SAML_REAL_NAME_ATTRIBUTE" }}";
-$wgSimpleSAMLphp_EmailAttribute = "{{ env "SAML_EMAIL_ATTRIBUTE" }}";
-$wgSimpleSAMLphp_UsernameAttribute = "{{ env "SAML_USERNAME_ATTRIBUTE" }}";
+
+$wgPluggableAuth_Config['Log in using my SAML'] = [
+  'plugin' => 'SimpleSAMLphp',
+  'data' => [
+	'authSourceId' => '{{ env "SAML_AUTH_SOURCE_ID" }}',
+	'usernameAttribute' => '{{ env "SAML_USERNAME_ATTRIBUTE" }}',
+	'realNameAttribute' => '{{ env "SAML_REAL_NAME_ATTRIBUTE" }}',
+	'emailAttribute' => '{{ env "SAML_EMAIL_ATTRIBUTE" }}'
+  ]
+];

 $wgGroupPermissions['*']['autocreateaccount'] = true;
 $wgGroupPermissions['*']['createaccount'] = false;
+{{ end }}

 {{ if eq (env "MEDIAWIKI_DEBUG") "1" }}
 $wgDebugLogFile = "/var/log/debug-{$wgDBname}.log";
--- a/abra.sh
+++ b/abra.sh
@ -1,10 +1,10 @@
-export LOCAL_SETTINGS_CONF_VERSION=v2
+export LOCAL_SETTINGS_CONF_VERSION=v5
 export HTACCESS_CONF_VERSION=v1
 export ENTRYPOINT_CONF_VERSION=v3
 export COMPOSER_LOCAL_CONF_VERSION=v1
 export PHP_INI_VERSION=v1

-export SAML_ENTRYPOINT_CONF_VERSION=v1
+export SAML_ENTRYPOINT_CONF_VERSION=v3

 abra_backup_app() {
  _abra_backup_dir "app:/var/www/html/images"
--- a/compose.simplesaml.yml
+++ b/compose.simplesaml.yml
@ -5,7 +5,12 @@ services:
  app:
    volumes:
      - "simplesaml:/var/simplesamlphp/"
+      - "simplesaml_cert:/var/simplesamlphp/cert"
+      - "simplesaml_config:/var/simplesamlphp/config"
+      - "simplesaml_data:/var/simplesamlphp/data"
      - "simplesaml_log:/var/simplesamlphp/log"
+      - "simplesaml_metadata:/var/simplesamlphp/metadata"
+      - "simplesaml_modules:/var/simplesamlphp/modules"
    environment:
      - SAML_AUTH_SOURCE_ID
      - SAML_EMAIL_ATTRIBUTE
@ -14,7 +19,8 @@ services:
      - SAML_USERNAME_ATTRIBUTE

  simplesaml:
-    image: venatorfox/simplesamlphp:1.18.3
+    # image: unicon/simplesamlphp:1.19.6
+    image: git.coopcloud.tech/coop-cloud-chaos-patchs/simplesamlphp:1.19.7
    secrets:
      - saml_admin_password
      - saml_secret_salt
@ -47,7 +53,12 @@ services:
        mode: 0555
    volumes:
      - simplesaml:/var/simplesamlphp/
-      - simplesaml_log:/var/simplesamlphp/log
+      - "simplesaml_cert:/var/simplesamlphp/cert"
+      - "simplesaml_config:/var/simplesamlphp/config"
+      - "simplesaml_data:/var/simplesamlphp/data"
+      - "simplesaml_log:/var/simplesamlphp/log"
+      - "simplesaml_metadata:/var/simplesamlphp/metadata"
+      - "simplesaml_modules:/var/simplesamlphp/modules"
    networks:
      - proxy
    entrypoint: /docker-entrypoint.simplesaml.sh
@ -62,7 +73,12 @@ services:

 volumes:
  simplesaml:
+  simplesaml_cert:
+  simplesaml_config:
+  simplesaml_data:
  simplesaml_log:
+  simplesaml_metadata:
+  simplesaml_modules:

 secrets:
  saml_admin_password: