httpd_configmap_generator 0.2.1 → 0.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7404d7526e62a24e10b417fa31d73b4023b1eb71
|
|
4
|
+
data.tar.gz: 3a3587bac420ca0c2349d838a6c248b24d3cbade
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cf984ea9aa2d30ff1d36de0b0b20aad9f2e70a5a7f89e63d9c0cf3db0cf4cc951319c9687874f016a9699c44e6dc44ad729727ca23943e065bb77056ef2b6e68
|
|
7
|
+
data.tar.gz: 8fd7d31aba466446da43b81a13d34bd44b724d55f3cd0bc24f8fb00185a58f86dc047f8a0b7ba5f875907fb72765d8f4d19c2036669f4b83c8c44a3beab255cd
|
data/.travis.yml
CHANGED
data/README.md
CHANGED
|
@@ -260,8 +260,6 @@ ___
|
|
|
260
260
|
|
|
261
261
|
### Pre-deployment tasks
|
|
262
262
|
|
|
263
|
-
#### If running without OCI systemd hooks (Minishift)
|
|
264
|
-
|
|
265
263
|
The httpd-configmap-generator service account must be added to the httpd-scc-sysadmin SCC before the Httpd Configmap Generator can run.
|
|
266
264
|
|
|
267
265
|
##### As Admin
|
|
@@ -285,22 +283,6 @@ $ oc describe scc httpd-scc-sysadmin | grep Users
|
|
|
285
283
|
Users: system:serviceaccount:<your-namespace>:httpd-configmap-generator
|
|
286
284
|
```
|
|
287
285
|
|
|
288
|
-
#### If running with OCI systemd hooks
|
|
289
|
-
|
|
290
|
-
##### As Admin
|
|
291
|
-
|
|
292
|
-
```
|
|
293
|
-
$ oc adm policy add-scc-to-user anyuid system:serviceaccount:<your-namespace>:httpd-configmap-generator
|
|
294
|
-
```
|
|
295
|
-
|
|
296
|
-
Verify that the httpd-configmap-generator service account is included in the anyuid SCC:
|
|
297
|
-
|
|
298
|
-
```
|
|
299
|
-
$ oc describe scc anyuid | grep Users
|
|
300
|
-
Users: system:serviceaccount:<your-namespace>:httpd-configmap-generator
|
|
301
|
-
```
|
|
302
|
-
|
|
303
|
-
|
|
304
286
|
### Deploy the Httpd Configmap Generator Application
|
|
305
287
|
|
|
306
288
|
As basic user
|
|
@@ -341,20 +323,20 @@ $ CONFIGMAP_GENERATOR_POD=`oc get pods | grep "httpd-configmap-generator" | cut
|
|
|
341
323
|
### Generating a configmap for external authentication against IPA
|
|
342
324
|
|
|
343
325
|
```
|
|
344
|
-
$ oc
|
|
326
|
+
$ oc exec $CONFIGMAP_GENERATOR_POD -- bash -c 'httpd_configmap_generator ipa ...
|
|
345
327
|
```
|
|
346
328
|
|
|
347
329
|
Example configuration:
|
|
348
330
|
|
|
349
331
|
```
|
|
350
|
-
$ oc
|
|
332
|
+
$ oc exec $CONFIGMAP_GENERATOR_POD -- bash -c 'httpd_configmap_generator ipa \
|
|
351
333
|
--host=appliance.example.com \
|
|
352
334
|
--ipa-server=ipaserver.example.com \
|
|
353
335
|
--ipa-domain=example.com \
|
|
354
336
|
--ipa-realm=EXAMPLE.COM \
|
|
355
337
|
--ipa-principal=admin \
|
|
356
338
|
--ipa-password=smartvm1 \
|
|
357
|
-
-o /tmp/external-ipa.yaml
|
|
339
|
+
-o /tmp/external-ipa.yaml'
|
|
358
340
|
```
|
|
359
341
|
|
|
360
342
|
`--host` above must be the DNS of the application exposing the httpd auth pod,
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
require "socket"
|
|
2
|
+
|
|
1
3
|
module HttpdConfigmapGenerator
|
|
2
4
|
class Ipa < Base
|
|
3
5
|
IPA_INSTALL_COMMAND = "/usr/sbin/ipa-client-install".freeze
|
|
@@ -49,6 +51,7 @@ module HttpdConfigmapGenerator
|
|
|
49
51
|
end
|
|
50
52
|
|
|
51
53
|
def configure(opts)
|
|
54
|
+
opts[:host] = get_canonical_hostname(opts[:host])
|
|
52
55
|
update_hostname(opts[:host])
|
|
53
56
|
command_run!(IPA_INSTALL_COMMAND,
|
|
54
57
|
:params => [
|
|
@@ -118,5 +121,11 @@ module HttpdConfigmapGenerator
|
|
|
118
121
|
FileUtils.chown(APACHE_USER, nil, HTTP_KEYTAB)
|
|
119
122
|
FileUtils.chmod(0o600, HTTP_KEYTAB)
|
|
120
123
|
end
|
|
124
|
+
|
|
125
|
+
def get_canonical_hostname(hostname)
|
|
126
|
+
Socket.gethostbyname(hostname)[0]
|
|
127
|
+
rescue SocketError
|
|
128
|
+
hostname
|
|
129
|
+
end
|
|
121
130
|
end
|
|
122
131
|
end
|
|
@@ -55,8 +55,7 @@ module HttpdConfigmapGenerator
|
|
|
55
55
|
/etc/pam.d/smartcard-auth-ac
|
|
56
56
|
/etc/pam.d/system-auth-ac
|
|
57
57
|
/etc/sssd/sssd.conf
|
|
58
|
-
/etc/sysconfig/authconfig
|
|
59
|
-
/etc/sysconfig/network) + [opts[:cert_file]]
|
|
58
|
+
/etc/sysconfig/authconfig) + [opts[:cert_file]]
|
|
60
59
|
end
|
|
61
60
|
|
|
62
61
|
def configure(opts)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: httpd_configmap_generator
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Httpd Auth Config Developers
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2018-05-22 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: codeclimate-test-reporter
|
|
@@ -200,7 +200,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
200
200
|
version: '0'
|
|
201
201
|
requirements: []
|
|
202
202
|
rubyforge_project:
|
|
203
|
-
rubygems_version: 2.6.
|
|
203
|
+
rubygems_version: 2.6.13
|
|
204
204
|
signing_key:
|
|
205
205
|
specification_version: 4
|
|
206
206
|
summary: The Httpd Configmap Generator
|