Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
infra
packages
Commits
455ab207
Commit
455ab207
authored
Jan 07, 2019
by
Robin Sonnabend
Browse files
Add nginx, make more modular
parent
0d7179f6
Pipeline
#573
failed with stage
in 5 minutes and 8 seconds
Changes
3
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
packages.yml
View file @
455ab207
...
...
@@ -3,6 +3,16 @@ maintainer:
mail
:
admin@fsmpi.rwth-aachen.de
packages
:
-
name
:
adcli
patch_dir
:
patches/adcli
version
:
0.8.2-1.1-fsmpi
changelog
:
Apply the unreleased upstream-patches, fixing RT#100
additional_content
:
-
patch_dir
:
patches/adcli
target_dir
:
debian
-
name
:
nginx
patch_dir
:
patches/nginx
changelog
:
Add libnginx-mod-http-shibboleth
additional_content
:
-
git_url
:
"
https://github.com/nginx-shib/nginx-http-shibboleth.git"
target_dir
:
debian/modules
-
target_dir
:
debian
patch_dir
:
patches/nginx
patches/nginx/00-add-module.patch
0 → 100644
View file @
455ab207
diff -Naur debian/control debian/control
--- debian/control 2018-03-26 20:56:56.476543112 +0200
+++ debian/control 2018-03-26 21:01:51.812104005 +0200
@@ -71,6 +71,7 @@
Package: nginx-full
Architecture: any
Depends: libnginx-mod-http-auth-pam (= ${binary:Version}),
+ libnginx-mod-http-shibboleth (= ${binary:Version}),
libnginx-mod-http-dav-ext (= ${binary:Version}),
libnginx-mod-http-echo (= ${binary:Version}),
libnginx-mod-http-geoip (= ${binary:Version}),
@@ -142,6 +143,7 @@
Architecture: any
Priority: extra
Depends: libnginx-mod-http-auth-pam (= ${binary:Version}),
+ libnginx-mod-http-shibboleth (= ${binary:Version}),
libnginx-mod-http-cache-purge (= ${binary:Version}),
libnginx-mod-http-dav-ext (= ${binary:Version}),
libnginx-mod-http-echo (= ${binary:Version}),
@@ -259,6 +261,20 @@
The module uses PAM as a backend for simple http authentication. It
also allows setting the pam service name to allow more fine grained control.
+Package: libnginx-mod-http-shibboleth
+Architecture: any
+Depends: ${misc:Depends}, ${shlibs:Depends}
+Description: Shibboleth authentication module for Nginx
+ The nginx_http_shibboleth module enables authentication using Shibboleth.
+ .
+ This module allows Nginx to work with Shibboleth, by way of Shibboleth's
+ FastCGI authorizer. This module requires specific configuration in order
+ to work correctly, as well as Shibboleth's FastCGI authorizer application
+ available on the system. It aims to be similar to parts of Apache's
+ mod_shib, though Shibboleth authorisation and authentication settings
+ are configured via shibboleth2.xml rather than in the web server
+ configuration.
+
Package: libnginx-mod-http-lua
Architecture: any
Depends: libnginx-mod-http-ndk (= ${binary:Version}),
diff -Naur debian/libnginx-mod.conf/mod-http-shibboleth.conf debian/libnginx-mod.conf/mod-http-shibboleth.conf
--- debian/libnginx-mod.conf/mod-http-shibboleth.conf 1970-01-01 01:00:00.000000000 +0100
+++ debian/libnginx-mod.conf/mod-http-shibboleth.conf 2018-03-26 21:04:54.131246344 +0200
@@ -0,0 +1 @@
+load_module modules/ngx_http_shibboleth_module.so;
diff -Naur debian/rules debian/rules
--- debian/rules 2018-03-26 20:56:56.604548119 +0200
+++ debian/rules 2018-03-26 21:03:00.054777450 +0200
@@ -13,6 +13,7 @@
FLAVOURS := full light extras
DYN_MODS := \
http-auth-pam \
+ http-shibboleth \
http-cache-purge \
http-dav-ext \
http-echo \
@@ -103,6 +104,7 @@
--with-mail=dynamic \
--with-mail_ssl_module \
--add-dynamic-module=$(MODULESDIR)/nginx-auth-pam \
+ --add-dynamic-module=$(MODULESDIR)/nginx-http-shibboleth \
--add-dynamic-module=$(MODULESDIR)/nginx-dav-ext-module \
--add-dynamic-module=$(MODULESDIR)/nginx-echo \
--add-dynamic-module=$(MODULESDIR)/nginx-upstream-fair \
@@ -128,6 +130,7 @@
--with-stream_ssl_module \
--add-dynamic-module=$(MODULESDIR)/headers-more-nginx-module \
--add-dynamic-module=$(MODULESDIR)/nginx-auth-pam \
+ --add-dynamic-module=$(MODULESDIR)/nginx-http-shibboleth \
--add-dynamic-module=$(MODULESDIR)/nginx-cache-purge \
--add-dynamic-module=$(MODULESDIR)/nginx-dav-ext-module \
--add-dynamic-module=$(MODULESDIR)/nginx-development-kit \
scripts/build.py
View file @
455ab207
...
...
@@ -34,10 +34,16 @@ def run_checked(command, **kwargs):
print
(
error
.
stdout
)
print
(
error
.
stderr
)
raise
def
apply_patches
(
abs_patch_dir
):
for
patch
in
sorted
(
os
.
listdir
(
abs_patch_dir
)):
patch_file
=
os
.
path
.
join
(
abs_patch_dir
,
patch
)
run_checked
([
"quilt"
,
"import"
,
patch_file
])
def
build_package
(
repo_dir
,
package_dir
,
name
,
patch_dir
=
None
,
version
=
None
,
changelog
=
None
):
patch_dir
=
None
,
version
=
None
,
changelog
=
None
,
additional_content
=
None
):
with
tempfile
.
TemporaryDirectory
(
dir
=
os
.
path
.
abspath
(
"."
))
as
tempdir
:
os
.
chdir
(
tempdir
)
result
=
run_checked
([
"apt-get"
,
"source"
,
name
])
...
...
@@ -57,13 +63,20 @@ def build_package(repo_dir, package_dir, name,
"Extracted package {} is not expected package {}"
.
format
(
pkg_name
,
name
))
debian_workdir
=
os
.
path
.
join
(
tempdir
,
pkg_dir
,
"debian"
)
os
.
chdir
(
debian_workdir
)
if
patch_dir
is
not
None
:
abs_patch_dir
=
os
.
path
.
join
(
repo_dir
,
patch_dir
)
for
patch
in
sorted
(
os
.
listdir
(
abs_patch_dir
)):
patch_file
=
os
.
path
.
join
(
abs_patch_dir
,
patch
)
run_checked
([
"quilt"
,
"import"
,
patch_file
])
workdir
=
os
.
path
.
join
(
tempdir
,
pkg_dir
)
os
.
chdir
(
workdir
)
if
additional_content
is
not
None
:
os
.
chdir
(
workdir
)
for
content
in
additional_content
:
os
.
chdir
(
additional_content
[
"target_dir"
])
if
"patch_dir"
in
content
:
abs_patch_dir
=
os
.
path
.
join
(
repo_dir
,
content
[
"patch_dir"
])
apply_patches
(
abs_patch_dir
)
elif
"git_url"
in
content
:
run_checked
([
"git"
,
"clone"
,
content
[
"git_url"
]])
command
=
[
"debchange"
,
"--preserve"
]
if
version
is
None
:
...
...
@@ -113,6 +126,7 @@ def main():
build_package
(
repo_dir
=
repo_dir
,
package_dir
=
package_dir
,
**
package
)
os
.
chdir
(
repo_dir
)
print
(
os
.
listdir
(
package_dir
))
if
__name__
==
"__main__"
:
main
()
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment