add custom pam module templating (#14)

bihealth · May 24, 2022 · 4e6cf2b · 4e6cf2b
1 parent 6c7ddca
commit 4e6cf2b
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 5 deletions.
diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -81,12 +81,9 @@ RUN apt-get install libpam-python pamtester
 # Copy scripts and templates
 COPY docker-entrypoint.sh files/irods_login.sh \
      templates/core.py.template templates/unattended_config.json.j2 \
-     templates/irods.pam.j2 files/j2-filters.py /
+     templates/irods.pam.j2 files/j2-filters.py templates/pam_sodar.py.j2 /
 RUN chmod +x /docker-entrypoint.sh /irods_login.sh
 
-# Copy PAM auth
-COPY files/pam_sodar.py /usr/local/lib/pam-sodar/
-
 # Create iRODS vault dir
 RUN mkdir -p $IRODS_RESOURCE_DIRECTORY
 RUN chown -cR $IRODS_SERVICE_ACCOUNT_GROUP:$IRODS_SERVICE_ACCOUNT_USER $IRODS_RESOURCE_DIRECTORY

diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh
@@ -64,6 +64,9 @@ if [[ "$1" == "irods-start" ]]; then
         touch /etc/irods/.provisioned
     fi
 
+    echo "Set up custom PAM module"
+    mkdir -p /usr/local/lib/pam-sodar
+    j2 -o /usr/local/lib/pam-sodar/pam_sodar.py --undefined /pam_sodar.py.j2
     echo "Set up PAM file"
     j2 -o /etc/pam.d/irods --undefined /irods.pam.j2
 

diff --git a/docker/files/pam_sodar.py → docker/templates/pam_sodar.py.j2 b/docker/files/pam_sodar.py → docker/templates/pam_sodar.py.j2
@@ -14,7 +14,7 @@ def pam_sm_authenticate(pamh, flags, argv):
         pamh.Message(pamh.PAM_PROMPT_ECHO_OFF, 'SODAR password: ')
     ).resp
 
-    sodar_host = os.environ.get('IRODS_SODAR_API_HOST', 'http://sodar-web:8080')
+    sodar_host = '{{ IRODS_SODAR_API_HOST }}'
     url = sodar_host + '/irodsbackend/api/auth'
 
     response = requests.post(url, auth=(pamh.user, a))