...
- You can change any of the config/UI files in the config tree (located at /home/shibboleth/build/shibboleth_idp/root/) to suit your deployment needs (most are in 'conf' or 'views'),
- At that point, if you chose to mount your configuration, you're done (you may want to restart tomcat inside the container). If your configuration is burned into the containers, read on...
- The following command rebuilds the containers with the new configuration (not needed if you chose the "mount" option)
- bin/rebuild.sh
- The following command does a rolling restart of the two IdPs (should be outage-free) (not needed if you chose the "mount" option)
- bin/restart.sh
- Basic config backup/restore is provided by scripts in the /home/shibboleth/bin directory.
- shibb-config-snap.sh - will create an archive of the current shibb config (the 'root' directory) and save it to a timestamped zip filename in /home/shibboleth (no command options are required)
- shibb-config-restore.sh - can restore a filename that you specify or it can also set your config to the default release config or to the default TIER Testbed config. (run it with no parameters to display command options)
- To set your config to the default testbed config, run "shibb-config-restore -t".
- To set your config to the default release config, run "shibb-config-restore -r".
- Logfiles from both containers' instances of tomcat and shibboleth are mounted to the VM's filesystem at /home/shibboleth/logs
---IMPORTANT: It is CRITICAL to understand that the Docker containers generated and stored by this system, and your configurations in particular (as always), contain very sensitive information, in particular, the private keys used to sign and decrypt data. Please treat all old containers, archived containers, config trees, and archived config trees as sensitive data and protect and dispose of them accordingly. Specifically, do not upload or publish your containers to a public repository or one you do not control access to.
...