From 7e7e5fd96a89ba33331150033f2615155ea1cb59 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andrej=20Rama=C5=A1euski?= <andrej@sedlistka.cz>
Date: Wed, 11 Dec 2019 23:44:52 +0100
Subject: [PATCH] Genewrovani ServerName v konfiguraci webserveru

---
 entrypoint.sh        | 3 +++
 mod_auth_mellon.conf | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/entrypoint.sh b/entrypoint.sh
index 859fc47..58029d7 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -29,6 +29,8 @@ if [ ! -f /etc/apache2/saml2/idp.xml ]; then
     curl $IDP_METADATA > /etc/apache2/saml2/idp.xml
 fi
 
+sed -i "/{{HOST}}/${HOST}/" /etc/apache2/conf-enabled/mod_auth_mellon.conf
+
 # Create mod_auth_mellon service provider config
 if [ ! -f /etc/apache2/saml2/sp.xml ]; then
     pushd /etc/apache2/saml2
@@ -37,6 +39,7 @@ if [ ! -f /etc/apache2/saml2/sp.xml ]; then
     mv http*.xml sp.xml
     mv http*.key sp.key
     mv http*.cert sp.cert
+    chmod 644 sp.key
     popd
 fi
 
diff --git a/mod_auth_mellon.conf b/mod_auth_mellon.conf
index 7b9b0ac..28b8bf7 100644
--- a/mod_auth_mellon.conf
+++ b/mod_auth_mellon.conf
@@ -1,3 +1,5 @@
+ServerName https://{{HOST}}
+
 <Location / >
  MellonEnable info
  MellonEndpointPath /mellon
@@ -5,6 +7,7 @@
  MellonSPCertFile       /etc/apache2/saml2/sp.cert
  MellonSPMetadataFile   /etc/apache2/saml2/sp.xml
  MellonIdPMetadataFile  /etc/apache2/saml2/idp.xml
+ MellonSignatureMethod rsa-sha256
 </Location>
 
 <Location /admin >
-- 
GitLab