Libertech-FR
diff --git a/‎.env‎
Lines changed: 8 additions & 0 deletions b/‎.env‎
Lines changed: 8 additions & 0 deletions
diff --git a/‎.gitignore‎
Lines changed: 2 additions & 1 deletion b/‎.gitignore‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎Dockerfile‎
Lines changed: 35 additions & 15 deletions b/‎Dockerfile‎
Lines changed: 35 additions & 15 deletions
diff --git a/‎docker-compose.yml‎
Lines changed: 10 additions & 0 deletions b/‎docker-compose.yml‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎rootfs/data/etc/cas.properties‎
Lines changed: 23 additions & 0 deletions b/‎rootfs/data/etc/cas.properties‎
Lines changed: 23 additions & 0 deletions
diff --git a/‎rootfs/data/etc/log4j2.xml‎
Lines changed: 163 additions & 0 deletions b/‎rootfs/data/etc/log4j2.xml‎
Lines changed: 163 additions & 0 deletions
diff --git a/‎rootfs/entrypoint.sh‎
Lines changed: 41 additions & 0 deletions b/‎rootfs/entrypoint.sh‎
Lines changed: 41 additions & 0 deletions
diff --git a/‎rootfs/etc/cas/config/application.yml‎
Lines changed: 0 additions & 2 deletions b/‎rootfs/etc/cas/config/application.yml‎
Lines changed: 0 additions & 2 deletions
diff --git a/‎rootfs/etc/cas/config/cas.properties‎
Lines changed: 0 additions & 57 deletions b/‎rootfs/etc/cas/config/cas.properties‎
Lines changed: 0 additions & 57 deletions
diff --git a/‎rootfs/etc/cas/services/test.json‎ ‎rootfs/etc/cas/services/test-2.json‎rootfs/etc/cas/services/test.json renamed to rootfs/etc/cas/services/test-2.json b/‎rootfs/etc/cas/services/test.json‎ ‎rootfs/etc/cas/services/test-2.json‎rootfs/etc/cas/services/test.json renamed to rootfs/etc/cas/services/test-2.json
@@ -0,0 +1,8 @@
+CAS_HOSTNAME=http://127.0.0.1:8080
+LDAP_HOSTNAME=ldap://10.242.242.15:389
+LDAP_SEARCH_FILTER="(&(uid={user})(objectclass=sogxuser))"
+LDAP_BASE=dc=lyon,dc=archi,dc=fr
+LDAP_ATTRIBUTES_LIST=cn,givenName,mail,sn,uid,uid:username
+LDAP_BIND_DN=CN=wifi wifi,CN=internal,DC=lyon,DC=archi,DC=fr
+LDAP_BIND_CREDENTIAL=wifi340
+
@@ -1 +1,2 @@
-.idea/
+.idea/
+.DS_Store
@@ -1,4 +1,5 @@
 ARG BASE_IMAGE="eclipse-temurin:11-jdk"
+ARG PROD_IMAGE="tomcat:9-jdk11"
 ARG EXT_BUILD_COMMANDS=""
 ARG EXT_BUILD_OPTIONS=""
 
@@ -14,29 +15,48 @@ WORKDIR /tmp/cas-overlay
 
 COPY src/ /tmp/cas-overlay/
 
+RUN ./gradlew createTheme -Ptheme=custom
+
 RUN ./gradlew clean build $EXT_BUILD_COMMANDS --parallel --no-daemon $EXT_BUILD_OPTIONS
 
 RUN ls -la /tmp/cas-overlay/build/libs/cas.war
 
-RUN apt-get clean && \
-    rm -rf /var/lib/apt/lists/* /var/tmp/*
+RUN ./gradlew unzipWAR
+
+RUN ./gradlew unzip 
 
-FROM $BASE_IMAGE as cas
+RUN ./gradlew exportConfigMetadata
 
-RUN mkdir -p /etc/cas && \
-    cd /etc/cas && \
-    keytool -genkey -noprompt -keystore thekeystore -storepass changeit -keypass changeit -validity 3650 \
-      -keysize 2048 -keyalg RSA -dname "CN=localhost, OU=LT, O=Libertech, L=Somewhere, S=LT, C=FR"
-RUN if [ -r /etc/cas/config/certificate.pem ]; then \
-    keytool -noprompt -importcert -keystore /etc/ssl/certs/java/cacerts -storepass changeit \
-      -file /etc/cas/config/certificate.pem -alias "casclient"; \
-    fi
+RUN mkdir /tmp/tomcat 
 
-WORKDIR /data
+RUN ls /tmp/cas-overlay/build/app
+RUN mv /tmp/cas-overlay/build/app /tmp/tomcat/cas
 
-COPY --from=overlay /tmp/cas-overlay/build/libs/cas.war .
+
+
+RUN apt-get clean && \
+    rm -rf /var/lib/apt/lists/* /var/tmp/*
+
+FROM $PROD_IMAGE as cas
+
+RUN apt-get update && \
+    apt-get install -y gettext-base
+RUN apt-get clean && \
+    rm -rf /var/lib/apt/lists/* /var/tmp/*
+RUN mkdir -p /data/logs
+WORKDIR /data/logs
+RUN mkdir -p /etc/cas/docs
+COPY --from=overlay /tmp/tomcat /usr/local/tomcat/webapps
+COPY --from=overlay /tmp/cas-overlay/build/cas-resources/static/css/cas.css /usr/local/tomcat/webapps/cas/WEB-INF/classes/static/themes/custom/css/
+COPY --from=overlay /tmp/cas-overlay/build/cas-resources/static/js/cas.js /usr/local/tomcat/webapps/cas/WEB-INF/classes/static/themes/custom/js/
+COPY --from=overlay /tmp/cas-overlay/build/cas-resources/static/favicon.ico /usr/local/tomcat/webapps/cas/WEB-INF/classes/static/themes/custom/images/
+COPY --from=overlay /tmp/cas-overlay/build/cas-resources/static/images/cas-logo.png /usr/local/tomcat/webapps/cas/WEB-INF/classes/static/themes/custom/images/mylogo.png
+COPY --from=overlay /tmp/cas-overlay/config-metadata.properties /etc/cas/docs
+RUN mkdir /data/templates
+COPY --from=overlay /tmp/cas-overlay/build/cas-resources/templates/ /data/templates
+
+COPY /data/templates/ /usr/local/tomcat/webapps/cas/WEB-INF/classes//templates/custom 
 COPY rootfs /
 
-EXPOSE 8080 8443
+ENTRYPOINT "/entrypoint.sh"
 
-ENTRYPOINT ["java", "-server", "-noverify", "-Xmx2048M", "-jar", "cas.war"]
 
@@ -0,0 +1,10 @@
+version: "3"
+services:
+  dc:
+    container_name: dc
+    build: . 
+    ports: 
+      - "8080:8080"
+    volumes: 
+      - "./CAS:/etc/cas"
+    env_file: .env
@@ -0,0 +1,23 @@
+cas.server.name=${CAS_HOSTNAME}
+cas.server.prefix=${cas.server.name}/cas
+logging.config: file:/etc/cas/config/log4j2.xml
+
+cas.authn.accept.users=
+cas.view.template-prefixes=classpath:templates,file:/etc/cas/templates/
+spring.thymeleaf.cache=false
+cas.service-registry.json.location=file:/etc/cas/services
+cas.theme.default-theme-name=custom
+cas.authn.oidc.core.issuer=${cas.server.name}/cas/oidc
+
+#LDAP settings
+cas.authn.ldap\[0\].providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider
+cas.authn.ldap\[0\].type=AUTHENTICATED
+cas.authn.ldap\[0\].useSsl=false
+cas.authn.ldap\[0\].ldapUrl=${LDAP_HOSTNAME}
+cas.authn.ldap\[0\].baseDn=${LDAP_BASE}
+cas.authn.ldap\[0\].subtreeSearch=true
+cas.authn.ldap\[0\].searchFilter=${LDAP_SEARCH_FILTER}
+cas.authn.ldap\[0\].principalAttributeList=${LDAP_ATTRIBUTES_LIST}
+cas.authn.ldap\[0\].bindDn=${LDAP_BIND_DN}
+cas.authn.ldap\[0\].bindCredential=${LDAP_BIND_CREDENTIAL}
+
@@ -0,0 +1,163 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!--
+All loggers are asynchronous because of log42.component.properties in cas-server-core-logging-api.
+Set -Dlog4j2.contextSelector=org.apache.logging.log4j.core.selector.BasicContextSelector or override log42.component.properties to turn off async
+-->
+<!-- Specify the refresh internal in seconds. -->
+<Configuration monitorInterval="5" packages="org.apereo.cas.logging">
+    <Properties>
+        <Property name="baseDir">/data/logs/cas</Property>
+        <Property name="cas.log.level">info</Property>
+        <Property name="spring.webflow.log.level">warn</Property>
+        <Property name="spring.security.log.level">info</Property>
+        <Property name="spring.cloud.log.level">warn</Property>
+        <Property name="spring.web.log.level">warn</Property>
+        <Property name="spring.boot.log.level">warn</Property>
+        <Property name="ldap.log.level">warn</Property>
+        <Property name="pac4j.log.level">warn</Property>
+        <Property name="opensaml.log.level">warn</Property>
+        <Property name="hazelcast.log.level">warn</Property>
+        <Property name="log.console.stacktraces">true</Property>
+        <Property name="log.file.stacktraces">false</Property>
+        <!-- -Dlog.stacktraceappender=null to disable stacktrace log -->
+        <Property name="log.stacktraceappender">casStackTraceFile</Property>
+        <Property name="log.include.location">false</Property>
+    </Properties>
+    <Appenders>
+        <Null name="null" />
+
+        <Console name="console" target="SYSTEM_OUT">
+            <PatternLayout pattern="%highlight{%d %p [%c] - &lt;%m&gt;}%n" alwaysWriteExceptions="${sys:log.console.stacktraces}"/>
+        </Console>
+
+        <RollingFile name="file" fileName="${baseDir}/cas.log" append="true"
+                     filePattern="${baseDir}/cas-%d{yyyy-MM-dd-HH}-%i.log.gz"
+                     immediateFlush="false">
+            <PatternLayout pattern="%highlight{%d %p [%c] - &lt;%m&gt;%n}"
+                           alwaysWriteExceptions="${sys:log.file.stacktraces}" />
+            <Policies>
+                <OnStartupTriggeringPolicy />
+                <SizeBasedTriggeringPolicy size="10 MB"/>
+                <TimeBasedTriggeringPolicy />
+            </Policies>
+            <DefaultRolloverStrategy max="5" compressionLevel="9">
+                <Delete basePath="${baseDir}" maxDepth="2">
+                    <IfFileName glob="*/*.log.gz" />
+                    <IfLastModified age="7d" />
+                </Delete>
+            </DefaultRolloverStrategy>
+        </RollingFile>
+
+        <RollingFile name="stacktracefile" fileName="${baseDir}/cas_stacktrace.log" append="true"
+                     filePattern="${baseDir}/cas_stacktrace-%d{yyyy-MM-dd-HH}-%i.log.gz"
+                     immediateFlush="false">
+            <PatternLayout pattern="%highlight{%d %p [%c] - &lt;%m&gt;%n}" />
+            <Policies>
+                <OnStartupTriggeringPolicy />
+                <SizeBasedTriggeringPolicy size="10 MB"/>
+                <TimeBasedTriggeringPolicy />
+            </Policies>
+            <DefaultRolloverStrategy max="5" compressionLevel="9">
+                <Delete basePath="${baseDir}" maxDepth="2">
+                    <IfFileName glob="*/*.log.gz" />
+                    <IfLastModified age="7d" />
+                </Delete>
+            </DefaultRolloverStrategy>
+        </RollingFile>
+
+        <RollingFile name="auditlogfile" fileName="${baseDir}/cas_audit.log" append="true"
+                     filePattern="${baseDir}/cas_audit-%d{yyyy-MM-dd-HH}-%i.log.gz"
+                     immediateFlush="false">
+            <PatternLayout pattern="%highlight{%d %p [%c] - %m%n}" />
+            <Policies>
+                <OnStartupTriggeringPolicy />
+                <SizeBasedTriggeringPolicy size="10 MB"/>
+                <TimeBasedTriggeringPolicy />
+            </Policies>
+            <DefaultRolloverStrategy max="5" compressionLevel="9">
+                <Delete basePath="${baseDir}" maxDepth="2">
+                    <IfFileName glob="*/*.log.gz" />
+                    <IfLastModified age="7d" />
+                </Delete>
+            </DefaultRolloverStrategy>
+        </RollingFile>
+
+        <CasAppender name="casAudit">
+            <AppenderRef ref="auditlogfile" />
+        </CasAppender>
+        <CasAppender name="casFile">
+            <AppenderRef ref="file" />
+        </CasAppender>
+        <CasAppender name="casStackTraceFile">
+            <AppenderRef ref="stacktracefile" />
+            <ExceptionOnlyFilter/>
+        </CasAppender>
+        <CasAppender name="casConsole">
+            <AppenderRef ref="console" />
+        </CasAppender>
+    </Appenders>
+    <Loggers>
+        <Logger name="org.apereo.cas" level="${sys:cas.log.level}" />
+        <Logger name="org.apereo.cas.services" level="${sys:cas.log.level}" />
+        <Logger name="org.apereo.spring" level="${sys:cas.log.level}" />
+        <Logger name="org.apereo.services.persondir" level="${sys:cas.log.level}" />
+        <Logger name="org.apereo.cas.web.flow" level="${sys:cas.log.level}" />
+        <Logger name="org.apereo.cas.web.CasWebApplication" level="${sys:cas.log.level}"/>
+
+        <Logger name="org.apereo.inspektr.audit.support" additivity="false" level="info">
+            <AppenderRef ref="casConsole"/>
+            <AppenderRef ref="casFile"/>
+            <AppenderRef ref="casAudit"/>
+        </Logger>
+
+        <Logger name="org.springframework.boot" level="${sys:spring.boot.log.level}" />
+        <Logger name="org.springframework.boot.context.embedded" level="info" />
+        <Logger name="org.springframework.boot.autoconfigure.security.servlet.UserDetailsServiceAutoConfiguration" level="${sys:spring.security.log.level}" />
+        <Logger name="org.springframework.boot.autoconfigure.security" level="${sys:spring.security.log.level}" />
+        <Logger name="org.springframework.boot.devtools" level="debug" />
+        
+        <Logger name="org.springframework" level="warn" />
+        <Logger name="org.springframework.webflow" level="${sys:spring.webflow.log.level}"/>
+        <Logger name="org.springframework.aop" level="warn" />
+        <Logger name="org.springframework.session" level="warn"/>
+        <Logger name="org.springframework.scheduling" level="info"/>
+        <Logger name="org.springframework.cloud.vault" level="warn" />
+        <Logger name="org.springframework.web.client" level="warn" />
+        <Logger name="org.springframework.security" level="${sys:spring.security.log.level}"/>
+        <Logger name="org.springframework.security.config.annotation.web.builders" level="error" />
+        <Logger name="org.springframework.cloud" level="${sys:spring.cloud.log.level}"/>
+        <Logger name="org.springframework.amqp" level="error" />
+        <Logger name="org.springframework.integration" level="warn"/>
+        <Logger name="org.springframework.messaging" level="warn"/>
+        <Logger name="org.springframework.web" level="${sys:spring.web.log.level}"/>
+        <Logger name="org.springframework.orm.jpa" level="warn"/>
+        <Logger name="org.springframework.scheduling" level="warn"/>
+        <Logger name="org.springframework.context.annotation" level="off"/>
+        <Logger name="org.springframework.web.socket" level="warn"/>
+        <Logger name="org.springframework.boot.diagnostics.LoggingFailureAnalysisReporter" level="trace"/>
+
+        <Logger name="com.couchbase" level="warn" />
+        <Logger name="org.apache" level="error"/>
+        <Logger name="com.netflix" level="warn"/>
+        <Logger name="org.quartz" level="warn"/>
+        <Logger name="org.thymeleaf" level="warn"/>
+        <Logger name="org.pac4j" level="${sys:pac4j.log.level}"/>
+
+        <Logger name="org.opensaml" level="${sys:opensaml.log.level}"/>
+        <Logger name="PROTOCOL_MESSAGE" level="${sys:opensaml.log.level}" />
+
+        <Logger name="net.sf.ehcache" level="warn"/>
+        <Logger name="net.jradius" level="warn"/>
+        <Logger name="org.ldaptive" level="${sys:ldap.log.level}"/>
+        <Logger name="com.hazelcast" level="${sys:hazelcast.log.level}" />
+        <Logger name="org.jasig.spring" level="warn" />
+        <Logger name="org.apache.cxf" level="warn" />
+        <Logger name="org.apache.http" level="warn" />
+
+        <Root level="warn" includeLocation="${sys:log.include.location}">
+            <AppenderRef ref="casFile"/>
+            <AppenderRef ref="casConsole"/>
+            <AppenderRef ref="${sys:log.stacktraceappender}"/>
+        </Root>
+    </Loggers>
+</Configuration>
@@ -0,0 +1,41 @@
+#!/bin/bash
+echo "-----setup--------"
+echo "directories creation"
+mkdir -p /etc/cas/config 2>/dev/null
+mkdir -p /etc/cas/themes 2>/dev/null
+mkdir -p /etc/cas/saml 2>/dev/null
+mkdir -p /etc/cas/services 2>/dev/null
+if [ ! -f /etc/cas/config/cas.properties ] ; then
+        echo "create cas.properties"
+        cat /data/etc/cas.properties|envsubst >/etc/cas/config/cas.properties
+fi
+if [ ! -f /etc/cas/config/log4j2.xml ]; then
+     cp data/etc/log4j2.xml /etc/cas/config/log4j2.xml
+fi
+if [ ! -f /etc/cas/thekeystore ] ; then
+    echo "generate keystore"
+    cd /etc/cas 
+    CN=`echo -n $CAS_HOSTNAME|md5sum|cut -f1 -d " "`
+    keytool -genkey -noprompt -keystore thekeystore -storepass changeit -keypass changeit -validity 3650 -keysize 2048 -keyalg RSA -dname "CN=$CN, OU=CERT, O=CAS, C=ORG"
+fi
+if [ -r /etc/cas/config/certificate.pem ]; then 
+    keytool -noprompt -importcert -keystore /etc/ssl/certs/java/cacerts -storepass changeit -file /etc/cas/config/certificate.pem -alias "casclient"  
+fi
+
+if [ ! -d /etc/cas/templates/custom ] ; then
+    mkdir -p /etc/cas/templates/custom 2>/dev/null
+    cp -r  /data/templates/* /etc/cas/templates/custom
+fi 
+
+if [ ! -d /etc/cas/themes/css ] ; then
+    echo "Creation themes"
+    mkdir /etc/cas/themes
+    cp -r /usr/local/tomcat/webapps/cas/WEB-INF/classes/static/themes/custom/* /etc/cas/themes
+else
+    echo "Update themes"
+    cp -r /etc/cas/themes/* /usr/local/tomcat/webapps/cas/WEB-INF/classes/static/themes/custom
+fi
+
+
+
+. /usr/local/tomcat/bin/catalina.sh run