Here's a sample docker-compose.yml, on the image line use the tag you applied to the image built from the Dockerfile shown above: version: "3" In my deployment I chose to mount those httpd config files to the container, that avoids building the OID client secrets into the docker image. If your container does not trust the certificate used by your OIDC server, despite installing package ca-certificates, you may have to add this entry to your nf file but it's an ugly hack: # > OIDCCryptoPassphrase my-company-crypto-passphrase > OIDCClientSecret my-company-client-scret > LoadModule auth_openidc_module /usr/lib/apache2/modules/mod_auth_openidc.soĪlso extra/nf: % diff nf LoadModule ssl_module modules/mod_ssl.so LoadModule proxy_module modules/mod_proxy.so LoadModule socache_shmcb_module modules/mod_socache_shmcb.so Here is the first set of diffs: % diff nf
Maybe someone can explain that to me?Īnyhow, trying to make this answer complete, using this image requires changes to base image files /usr/local/apache2/nf and /usr/local/apache2/extra/nf. Has modules in /usr/local/apache2/modules but the package installs auth_openidc_module in /usr/lib/apache2/modules. One thing I completely don't understand, that apache httpd base image
Here's my Dockerfile, only two commands required: # Build image with Apache HTTPD and OpenID connect moduleĪpt-get install -no-install-recommends -y \Ĭa-certificates libapache2-mod-auth-openidc I chose to use the httpd buster base image, in buster the zmartzone package version is 2.3.10.2-1, the latest and greatest today is 2.4.9.4. So I was able to build an image using a simple Dockerfile, but I only need https (not php etc). In 2021 the zmartzone module is available as a Debian package. LoadModule auth_openidc_module modules/mod_auth_openidc.so LoadModule libcjose_module modules/libcjose.so.0 nf /usr/local/apache2/conf/nfĪnd nf: LoadModule libjansson_module modules/libjansson.so.4
libcjose.so.0 /usr/local/apache2/modules/libcjose.so.0ĬOPY. libjansson.so.4 /usr/local/apache2/modules/libjansson.so.4ĬOPY.
RUN apt-get update & apt-get install -y \ĬOPY.
I repeated the previous steps, downloading libjansson.so.4 from, adding it to he Dockerfile, the Apache configuration LoadModule libjansson_module modules/libjansson.so.4 and: httpd: Syntax error on line 67 of /usr/local/apache2/conf/nf: Can't locate API module structure `libjansson_module' in file /usr/local/apache2/modules/libjansson.so.4: /usr/local/apache2/modules/libjansson.so.4: undefined symbol: libjansson_module Now the error is about libjansson.so.4: httpd: Syntax error on line 68 of /usr/local/apache2/conf/nf: Cannot load modules/libcjose.so.0 into server: libjansson.so.4: cannot open shared object file: No such file or directory So I downloaded that dependency and added the necessary LoadModule statement: LoadModule libcjose_module modules/libcjose.so.0 After adding LoadModule auth_openidc_module modules/mod_auth_openidc.so, I create the image and run it, getting this error: httpd: Syntax error on line 69 of /usr/local/apache2/conf/nf: Cannot load modules/mod_auth_openidc.so into server: libcjose.so.0: cannot open shared object file: No such file or directory I am trying to add the mod_auth_openidc module to an Apache server running on Docker.