Skip to content

Add Docker support for easier deployments #59

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
alfonsrv wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add Docker support for easier deployments #59

alfonsrv wants to merge 1 commit into from

Conversation

@alfonsrv
Copy link

@alfonsrv alfonsrv commented Mar 2, 2024

No description provided.

@simo5
Copy link
Member

simo5 commented Mar 13, 2024

@alfonsrv can you please apply DCO and rebase on main ?

@alfonsrv alfonsrv force-pushed the main branch 4 times, most recently from 7e25c11 to dce35ab Compare June 16, 2024 10:54
@alfonsrv
Copy link
Author

alfonsrv commented Jun 16, 2024

Hey @simo5, can you check if it's okay now?

I also uppercased realm because I found that Windows clients send the realm as both uppercase and lowercase depending on what part of the system the request originates from. This would otherwise require a configuration that factors in both uppercase and lowercase realms.
Alternatively the matching logic of finding the realm could be changed to be case-insensitive.

@alfonsrv
Add Docker support for easier deployments + uppercase REALM
9538738 
Author:    alfonsrv <alfonsrv@protonmail.com>

Developer Certificate of Origin 1.1

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I have the right to submit it under the open source license indicated in the file; or

(b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate open source license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me.

(c) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the open source license(s) involved.

Signed-off-by: github/alfonsrv <alfonsrv@protonmail.com>
Signed-off-by: alfons <alfonsrv@protonmail.com>
simo5
simo5 reviewed Jun 17, 2024
View reviewed changes
Copy link
Member

@simo5 simo5 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See comments

kdcproxy/parse_pyasn1.py
realm = str(realm, "utf-8")
except TypeError: # Python 2.x
realm = str(realm)
realm = realm.upper()
Copy link
Member

@simo5 simo5 Jun 17, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why are you doing this ?

Copy link
Member

@simo5 simo5 Jun 17, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I now see your comment, realm is definitely a case sensitive name, even though Windows plays fast and lose with it. If you need a matching logic that is case -insensitive please do that. This change would break KDCs based on MIT kerberos or other more standard compliant Krb5 implementations.

docker/docker-compose.yml
- "443:443"
environment:
- KDCPROXY_CONFIG=/config/kdcproxy.conf
- SERVER_NAME=${SERVER_NAME:-selfsign.rausys.de}
Copy link
Member

@simo5 simo5 Jun 17, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

his looks custom to your deployment or something, I am not sure we should have this file at all in the repository, sounds like configuration each deployment should deal with on their own.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@simo5 simo5 simo5 left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@alfonsrv @simo5