DEV-527: Make all CAS variables configurable via the environment with…

… default values set by init script
BerkeleyLibrary · Jul 9, 2024 · 53a49c2 · 53a49c2
1 parent 316f961
commit 53a49c2
Show file tree

Hide file tree

Showing 4 changed files with 22 additions and 14 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -11,4 +11,5 @@ RUN yum -y update && \
 
 USER root
 COPY files/etc/httpd /etc/httpd
+COPY files/pre-init /usr/share/container-scripts/httpd/pre-init
 COPY files/var/www /var/www
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -3,11 +3,6 @@
 services:
   app:
     build: .
-    environment:
-      - CAS_LOGIN_URL=https://auth.berkeley.edu/cas/
-      - CAS_VALIDATE_URL=https://auth.berkeley.edu/cas/serviceValidate
-      - CAS_PROXY_VALIDATE_URL=https://auth.berkeley.edu/cas/proxyValidate
-      - CAS_ROOT_PROXIED_AS=http://localhost
     ports:
       - 80:8080
     volumes:

diff --git a/files/etc/httpd/conf.d/auth_cas.conf b/files/etc/httpd/conf.d/auth_cas.conf
@@ -1,15 +1,13 @@
 <IfModule auth_cas_module>
-    CASVersion 2
-    CASDebug Off
+    CASVersion ${CAS_VERSION}
+    CASDebug ${CAS_DEBUG}
     CASLoginURL ${CAS_LOGIN_URL}
     CASValidateURL ${CAS_VALIDATE_URL}
     CASProxyValidateURL ${CAS_PROXY_VALIDATE_URL}
-    CASTimeout 7200
-    CASIdleTimeout 3600
-    CASCacheCleanInterval 1800
-    CASCookiePath /var/cache/httpd/mod_auth_cas/
-    CASCookieEntropy 32
-
-    # You must set CAS_ROOT_PROXIED_AS in the environment
+    CASTimeout ${CAS_TIMEOUT}
+    CASIdleTimeout ${CAS_IDLE_TIMEOUT}
+    CASCacheCleanInterval ${CAS_CACHE_CLEAN_INTERVAL}
+    CASCookieEntropy ${CAS_COOKIE_ENTROPY}
     CASRootProxiedAs ${CAS_ROOT_PROXIED_AS}
+    CASCookiePath ${CAS_COOKIE_PATH}
 </IfModule>
diff --git a/files/pre-init/50-cas-variables.sh b/files/pre-init/50-cas-variables.sh
@@ -0,0 +1,14 @@
+# For option definitions:
+# @see https://github.com/apereo/mod_auth_cas
+
+export CAS_CACHE_CLEAN_INTERVAL="${CAS_CACHE_CLEAN_INTERVAL:-1800}"
+export CAS_COOKIE_ENTROPY="${CAS_COOKIE_ENTROPY:-32}"
+export CAS_COOKIE_PATH="${CAS_COOKIE_PATH:-/var/cache/httpd/mod_auth_cas/}"
+export CAS_DEBUG="${CAS_DEBUG:-off}"
+export CAS_IDLE_TIMEOUT="${CAS_IDLE_TIMEOUT:-3600}"
+export CAS_LOGIN_URL="${CAS_LOGIN_URL:-https://auth.berkeley.edu/cas/}"
+export CAS_PROXY_VALIDATE_URL="${CAS_PROXY_VALIDATE_URL:-https://auth.berkeley.edu/cas/proxyValidate}"
+export CAS_ROOT_PROXIED_AS="${CAS_ROOT_PROXIED_AS:-http://localhost}"
+export CAS_TIMEOUT="${CAS_TIMEOUT:-7200}"
+export CAS_VALIDATE_URL="${CAS_VALIDATE_URL:-https://auth.berkeley.edu/cas/serviceValidate}"
+export CAS_VERSION="${CAS_VERSION:-2}"