From a71d9195e83832f552723166c072bf2919484397 Mon Sep 17 00:00:00 2001
From: 3wc <3wc@doesthisthing.work>
Date: Tue, 24 Jan 2023 19:54:23 -0800
Subject: [PATCH] Update to new SimpleSAML

---
 LocalSettings.php.tmpl | 15 +++++++++++----
 abra.sh                |  4 ++--
 compose.simplesaml.yml | 20 ++++++++++++++++++--
 3 files changed, 31 insertions(+), 8 deletions(-)

diff --git a/LocalSettings.php.tmpl b/LocalSettings.php.tmpl
index 3f4d1b2..2a35a44 100644
--- a/LocalSettings.php.tmpl
+++ b/LocalSettings.php.tmpl
@@ -166,13 +166,20 @@ wfLoadExtension( 'PluggableAuth' );
 wfLoadExtension( 'SimpleSAMLphp' );
 
 $wgSimpleSAMLphp_InstallDir = "/var/simplesamlphp/";
-$wgSimpleSAMLphp_AuthSourceId = "{{ env "SAML_AUTH_SOURCE_ID" }}";
-$wgSimpleSAMLphp_RealNameAttribute = "{{ env "SAML_REAL_NAME_ATTRIBUTE" }}";
-$wgSimpleSAMLphp_EmailAttribute = "{{ env "SAML_EMAIL_ATTRIBUTE" }}";
-$wgSimpleSAMLphp_UsernameAttribute = "{{ env "SAML_USERNAME_ATTRIBUTE" }}";
+
+$wgPluggableAuth_Config['Log in using my SAML'] = [
+  'plugin' => 'SimpleSAMLphp',
+  'data' => [
+	'authSourceId' => '{{ env "SAML_AUTH_SOURCE_ID" }}',
+	'usernameAttribute' => '{{ env "SAML_USERNAME_ATTRIBUTE" }}',
+	'realNameAttribute' => '{{ env "SAML_REAL_NAME_ATTRIBUTE" }}',
+	'emailAttribute' => '{{ env "SAML_EMAIL_ATTRIBUTE" }}'
+  ]
+];
 
 $wgGroupPermissions['*']['autocreateaccount'] = true;
 $wgGroupPermissions['*']['createaccount'] = false;
+{{ end }}
 
 {{ if eq (env "MEDIAWIKI_DEBUG") "1" }}
 $wgDebugLogFile = "/var/log/debug-{$wgDBname}.log";
diff --git a/abra.sh b/abra.sh
index 869033a..4052f80 100644
--- a/abra.sh
+++ b/abra.sh
@@ -1,10 +1,10 @@
-export LOCAL_SETTINGS_CONF_VERSION=v2
+export LOCAL_SETTINGS_CONF_VERSION=v5
 export HTACCESS_CONF_VERSION=v1
 export ENTRYPOINT_CONF_VERSION=v3
 export COMPOSER_LOCAL_CONF_VERSION=v1
 export PHP_INI_VERSION=v1
 
-export SAML_ENTRYPOINT_CONF_VERSION=v1
+export SAML_ENTRYPOINT_CONF_VERSION=v3
 
 abra_backup_app() {
   _abra_backup_dir "app:/var/www/html/images"
diff --git a/compose.simplesaml.yml b/compose.simplesaml.yml
index c3dcc2b..04a7015 100644
--- a/compose.simplesaml.yml
+++ b/compose.simplesaml.yml
@@ -5,7 +5,12 @@ services:
   app:
     volumes:
       - "simplesaml:/var/simplesamlphp/"
+      - "simplesaml_cert:/var/simplesamlphp/cert"
+      - "simplesaml_config:/var/simplesamlphp/config"
+      - "simplesaml_data:/var/simplesamlphp/data"
       - "simplesaml_log:/var/simplesamlphp/log"
+      - "simplesaml_metadata:/var/simplesamlphp/metadata"
+      - "simplesaml_modules:/var/simplesamlphp/modules"
     environment:
       - SAML_AUTH_SOURCE_ID
       - SAML_EMAIL_ATTRIBUTE
@@ -14,7 +19,8 @@ services:
       - SAML_USERNAME_ATTRIBUTE
 
   simplesaml:
-    image: venatorfox/simplesamlphp:1.18.3
+    # image: unicon/simplesamlphp:1.19.6
+    image: git.coopcloud.tech/coop-cloud-chaos-patchs/simplesamlphp:1.19.7
     secrets:
       - saml_admin_password
       - saml_secret_salt
@@ -47,7 +53,12 @@ services:
         mode: 0555
     volumes:
       - simplesaml:/var/simplesamlphp/
-      - simplesaml_log:/var/simplesamlphp/log
+      - "simplesaml_cert:/var/simplesamlphp/cert"
+      - "simplesaml_config:/var/simplesamlphp/config"
+      - "simplesaml_data:/var/simplesamlphp/data"
+      - "simplesaml_log:/var/simplesamlphp/log"
+      - "simplesaml_metadata:/var/simplesamlphp/metadata"
+      - "simplesaml_modules:/var/simplesamlphp/modules"
     networks:
       - proxy
     entrypoint: /docker-entrypoint.simplesaml.sh
@@ -62,7 +73,12 @@ services:
 
 volumes:
   simplesaml:
+  simplesaml_cert:
+  simplesaml_config:
+  simplesaml_data:
   simplesaml_log:
+  simplesaml_metadata:
+  simplesaml_modules:
 
 secrets:
   saml_admin_password: