version: "3"
services:
  sso:
    container_name: sso
    image: "docker.sunet.se/apache-shib"
    ports:
      - "443:443"
    networks:
      - sso
    volumes:
      - /etc/letsencrypt:/etc/letsencrypt
      - ./apache/site.conf:/etc/apache2/sites-enabled/site.conf
      - ./apache/ssl.conf:/etc/apache2/ssl.conf
      - ./apache/groups.txt:/etc/apache2/groups.txt
      - ./shibboleth/shibboleth2.xml:/etc/shibboleth/shibboleth2.xml
      - ./shibboleth/shibd.logger:/etc/shibboleth/shibd.logger
      - ./shibboleth/attribute-map.xml:/etc/shibboleth/attribute-map.xml
<% if @satosa -%>
      - ./shibboleth/frontend.xml:/etc/shibboleth/frontend.xml
      - ./shibboleth/attribute-policy.xml:/etc/shibboleth/attribute-policy.xml
<% else -%>
      - ./shibboleth/md-signer2.crt:/etc/shibboleth/md-signer2.crt
<% end -%>
      - ./shibboleth/sp-cert.pem:/etc/shibboleth/sp-cert.pem
      - ./shibboleth/sp-key.pem:/etc/shibboleth/sp-key.pem
networks:
  sso:
    external: true