Compare revisions

a6d3ddc2 · a6d3ddc2 · 24e85c0a · a6d3ddc2 · 24e85c0a · a6d3ddc2
--- a/dockerfiles/commul-customization/dspace-pom.xml
+++ b/dockerfiles/commul-customization/dspace-pom.xml
--- a/dockerfiles/commul-customization/dspace.cfg
+++ b/dockerfiles/commul-customization/dspace.cfg
--- a/dockerfiles/commul-customization/entrypoint.sh
+++ b/dockerfiles/commul-customization/entrypoint.sh
-#!/bin/sh
+#!/bin/bash

 # replace environment variables in config files
 perl -pi -e 's/\$\{DSPACE_USER\}/$ENV{DSPACE_USER}/; s/\$\{DSPACE_PASSWORD\}/$ENV{DSPACE_PASSWORD}/; s/\$\{MAIL_USER\}/$ENV{MAIL_USER}/; s/\$\{MAIL_PASSWORD\}/$ENV{MAIL_PASSWORD}/; s/\$\{DSPACE_DBNAME\}/$ENV{DSPACE_DBNAME}/; s/\$\{DSPACE_UTILSDBNAME\}/$ENV{DSPACE_UTILSDBNAME}/;' /opt/repository/sources/dspace/local.properties
-perl -pi -e 's/\$\{DSPACE_USER\}/$ENV{DSPACE_USER}/; s/\$\{DSPACE_PASSWORD\}/$ENV{DSPACE_PASSWORD}/; s/\$\{MAIL_USER\}/$ENV{MAIL_USER}/; s/\$\{MAIL_PASSWORD\}/$ENV{MAIL_PASSWORD}/; s/\$\{DSPACE_DBNAME\}/$ENV{DSPACE_DBNAME}/; s/\$\{DSPACE_UTILSDBNAME\}/$ENV{DSPACE_UTILSDBNAME}/;' /opt/repository/sources/dspace/target/local.properties 
+perl -pi -e 's/\$\{DSPACE_USER\}/$ENV{DSPACE_USER}/; s/\$\{DSPACE_PASSWORD\}/$ENV{DSPACE_PASSWORD}/; s/\$\{MAIL_USER\}/$ENV{MAIL_USER}/; s/\$\{MAIL_PASSWORD\}/$ENV{MAIL_PASSWORD}/; s/\$\{DSPACE_DBNAME\}/$ENV{DSPACE_DBNAME}/; s/\$\{DSPACE_UTILSDBNAME\}/$ENV{DSPACE_UTILSDBNAME}/;' /opt/repository/sources/dspace/target/local.properties
 perl -pi -e 's/\$\{DSPACE_USER\}/$ENV{DSPACE_USER}/; s/\$\{DSPACE_PASSWORD\}/$ENV{DSPACE_PASSWORD}/; s/\$\{MAIL_USER\}/$ENV{MAIL_USER}/; s/\$\{MAIL_PASSWORD\}/$ENV{MAIL_PASSWORD}/; s/\$\{DSPACE_DBNAME\}/$ENV{DSPACE_DBNAME}/; s/\$\{DSPACE_UTILSDBNAME\}/$ENV{DSPACE_UTILSDBNAME}/;' /opt/lindat-dspace/installation/config/dspace.cfg
 perl -pi -e 's/\$\{DSPACE_USER\}/$ENV{DSPACE_USER}/; s/\$\{DSPACE_PASSWORD\}/$ENV{DSPACE_PASSWORD}/; s/\$\{MAIL_USER\}/$ENV{MAIL_USER}/; s/\$\{MAIL_PASSWORD\}/$ENV{MAIL_PASSWORD}/; s/\$\{DSPACE_DBNAME\}/$ENV{DSPACE_DBNAME}/; s/\$\{DSPACE_UTILSDBNAME\}/$ENV{DSPACE_UTILSDBNAME}/;' /opt/lindat-dspace/installation/config/modules/lr.cfg

@@ -13,14 +13,35 @@ perl -pi -e 's/\$\{HANDLE_USER\}/$ENV{HANDLE_USER}/; s/\$\{HANDLE_PASSWORD\}/$EN
 /etc/init.d/handle-server start

 # initialize statistics & co
-/opt/tomcat8/bin/startup.sh
 cd /opt/repository/workspace/scripts
 make init_statistics
-make update_discovery
-make update_oai
-/opt/tomcat8/bin/shutdown.sh 

-# start tomcat
-/opt/tomcat8/bin/catalina.sh run
+# Start cron job in the background
+cron_hack(){
+    INIT="false"
+    while (true); do
+        # the first time, wait for tomcat to start...
+        [ "$INIT" = "false" ] && sleep 180 && INIT="true"

+        set -x
+        LOGID=$(( (LOGID+1) % 5))
+        LOG="/tmp/entrypoint.log.$LOGID"
+        echo "$LOG" > $LOG
+        timeout -k 30 300 make update_oai | tee -a $LOG
+        timeout -k 30 300 make update_statistics | tee -a $LOG
+        timeout -k 30 300 make update_sitemap | tee -a $LOG
+        timeout -k 30 300 make lift_embargos | tee -a $LOG
+        timeout -k 30 300 make update_openaire_cache | tee -a $LOG
+        timeout -k 30 300 make update_discovery | tee -a $LOG
+        timeout -k 30 300 make send_info | tee -a $LOG
+        date >> $LOG
+        echo "INIT DONE."
+        wget --no-check-certificate https://healthchecks.local.iiegn.eu/ping/24a81cdc-2906-4faa-89b3-0d57541abef6 -T 10 -t 5 -O /dev/null
+        set +x
+        sleep 86400
+    done
+}
+cron_hack &

+# start tomcat
+/opt/tomcat8/bin/catalina.sh run
--- a/dockerfiles/commul-customization/fastcgi.conf
+++ b/dockerfiles/commul-customization/fastcgi.conf
-
-fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
-fastcgi_param  QUERY_STRING       $query_string;
-fastcgi_param  REQUEST_METHOD     $request_method;
-fastcgi_param  CONTENT_TYPE       $content_type;
-fastcgi_param  CONTENT_LENGTH     $content_length;
-
-fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
-fastcgi_param  REQUEST_URI        $request_uri;
-fastcgi_param  DOCUMENT_URI       $document_uri;
-fastcgi_param  DOCUMENT_ROOT      $document_root;
-fastcgi_param  SERVER_PROTOCOL    $server_protocol;
-fastcgi_param  REQUEST_SCHEME     $scheme;
-fastcgi_param  HTTPS              $https if_not_empty;
-
-fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
-fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
-
-fastcgi_param  REMOTE_ADDR        $remote_addr;
-fastcgi_param  REMOTE_PORT        $remote_port;
-fastcgi_param  SERVER_ADDR        $server_addr;
-fastcgi_param  SERVER_PORT        $server_port;
-fastcgi_param  SERVER_NAME        $server_name;
-
-# PHP only, required if PHP was built with --enable-force-cgi-redirect
-fastcgi_param  REDIRECT_STATUS    200;
--- a/dockerfiles/commul-customization/local.properties
+++ b/dockerfiles/commul-customization/local.properties
@@ -22,8 +22,8 @@ lr.pid.resolvemetadata = true
 handle.canonical.prefix = http://hdl.handle.net/
 handle.prefix = 20.500.12084 
 handle.dir=${dspace.dir}/handle-server
-
-lr.reserve.pid.on.start = false
+# if true, users will be shown the handle that the finished submission will receive
+lr.reserve.pid.on.start = true


 # UFAL mounted assetstore for restricted item harvesting. Please mind the trailing slash
@@ -69,6 +69,7 @@ db.url = jdbc:postgresql://postgres:${lr.database.port}/${lr.database}
 db.driver = org.postgresql.Driver

 # Credentials for the database user. The user should have read/write permissions on your database.
+# note that the db user should not contain uppercase letters
 db.username = ${DSPACE_USER}
 db.password = ${DSPACE_PASSWORD}

@@ -127,7 +128,7 @@ mail.server.disabled = false
 mail.server.username = ${MAIL_USER}
 mail.server.password = ${MAIL_PASSWORD}
 mail.server.port = 587
-mail.extraproperties = mail.smtp.starttls.enable=true
+mail.extraproperties = mail.smtp.starttls.enable=true,mail.smtp.ssl.protocols=TLSv1.2


 # Eurac IAL: Contact information
@@ -144,7 +145,7 @@ mail.registration.notify = ${mail.admin}
 mail.admin = ${mail.feedback.recipient}

 # Email where errors will be sent (from specific classes)
-lr.errors.email=
+lr.errors.email= appliedlinguisticsdevs@eurac.edu

 # solr server address that your instance is using.
 solr.server = http://localhost:8080/repository/solr
@@ -282,7 +283,7 @@ lr.shibboleth.discofeed.url = https://clarin-dev.eurac.edu/Shibboleth.sso/DiscoF
 #
 # discojuice/aai url, without trailing slash
 # don't change this on ufal-point-dev!
-lr.aai.url = https://clarin-dev.eurac.edu/aai
+#lr.aai.url = https://clarin-dev.eurac.edu/aai

 # For reports
 harvesterInfo.url = http://catalog.clarin.eu/oai-harvester/
@@ -297,8 +298,8 @@ lr.xmlui.user.showlanguage = false
 ###############################################
 # oai
 #mind the documentation for oai/cite and the respective apache rewrite
-lr.repository.identifier = clarin-dev.eurac.edu 
-lr.repository.sampleIdentifier = oai:clarin.eurac-dev.edu:11858/00-097C-0000-0001-487A-4
+lr.repository.identifier = clarin-dev.eurac.edu
+lr.repository.sampleIdentifier = oai:clarin-dev.eurac.edu:20.500.12124/3

 ####
 #

--- a/dockerfiles/commul-customization/setenv.sh
+++ b/dockerfiles/commul-customization/setenv.sh
-export CATALINA_OPTS="$CATALINA_OPTS -Xms2048m"
-export CATALINA_OPTS="$CATALINA_OPTS -Xmx4096m"
-export CATALINA_OPTS="$CATALINA_OPTS -XX:MaxPermSize=256m"
-
--- a/dockerfiles/commul-customization/tomcat-server.xml
+++ b/dockerfiles/commul-customization/tomcat-server.xml
@@ -68,8 +68,8 @@
    -->
    <Connector port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
-	       URIEncoding="UTF-8"
-               redirectPort="8443" />
+               URIEncoding="UTF-8"
+               redirectPort="443" />
    <!-- A "Connector" using the shared thread pool-->
    <!--
    <Connector executor="tomcatThreadPool"
@@ -89,7 +89,7 @@
    -->

    <!-- Define an AJP 1.3 Connector on port 8009 -->
-    <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
+    <Connector port="8009" protocol="AJP/1.3" redirectPort="443" />


    <!-- An Engine represents the entry point (within Catalina) that processes

--- a/dockerfiles/commul-customization/tomcat-setenv.sh
+++ b/dockerfiles/commul-customization/tomcat-setenv.sh
+export CATALINA_OPTS="$CATALINA_OPTS -Xms4096m"
+export CATALINA_OPTS="$CATALINA_OPTS -Xmx8192m"
+export CATALINA_PID="$CATALINA_BASE/tomcat.pid"
--- a/dockerfiles/commul-customization/tomcat8
+++ b/dockerfiles/commul-customization/tomcat8
-#!/bin/bash
-#
-#https://wiki.debian.org/LSBInitScripts
-### BEGIN INIT INFO
-# Provides:          tomcat8
-# Required-Start:    $local_fs $remote_fs $network
-# Required-Stop:     $local_fs $remote_fs $network
-# Should-Start:      $named
-# Should-Stop:       $named
-# Default-Start:     2 3 4 5
-# Default-Stop:      0 1 6
-# Short-Description: Start Tomcat.
-# Description:       Start the Tomcat servlet engine.
-### END INIT INFO
-
-# Run Tomcat 8 as this user ID and group ID
-TOMCAT8_USER=tomcat8
-TOMCAT8_GROUP=tomcat8
-
-# this is a work-around until there is a suitable runtime replacement
-# for dpkg-architecture for arch:all packages
-# this function sets the variable JDK_DIRS
-find_jdks()
-{
-    for java_version in 9 8 7
-    do
-        for jvmdir in /usr/lib/jvm/java-${java_version}-openjdk-* \
-                      /usr/lib/jvm/jdk-${java_version}-oracle-* \
-                      /usr/lib/jvm/jre-${java_version}-oracle-*
-        do
-            if [ -d "${jvmdir}" ]
-            then
-                JDK_DIRS="${JDK_DIRS} ${jvmdir}"
-            fi
-        done
-    done
-
-    # Add older non multi arch installations
-    JDK_DIRS="${JDK_DIRS} /usr/lib/jvm/java-7-oracle"
-}
-
-# The first existing directory is used for JAVA_HOME (if JAVA_HOME is not
-# defined in $DEFAULT)
-JDK_DIRS="/usr/lib/jvm/default-java"
-find_jdks
-
-# Look for the right JVM to use
-for jdir in $JDK_DIRS; do
-    if [ -r "$jdir/bin/java" -a -z "${JAVA_HOME}" ]; then
-        JAVA_HOME="$jdir"
-    fi
-done
-export JAVA_HOME
-
-export CATALINA_HOME=/opt/tomcat8
-export PATH=$JAVA_HOME/bin:$PATH
-
-start() {
- echo "Starting Tomcat 8..."
- /bin/su -s /bin/bash $TOMCAT8_USER -c $CATALINA_HOME/bin/startup.sh
-}
-stop() {
- echo "Stopping Tomcat 8..."
- /bin/su -s /bin/bash $TOMCAT8_USER -c '$CATALINA_HOME/bin/shutdown.sh -force'
-}
-case $1 in
-  start|stop) $1;;
-  restart) stop; start;;
-  *) echo "Usage : $0 <start|stop|restart>"; exit 1;;
-esac
-
-exit 0
-
-
--- a/dockerfiles/commul-customization/variable.makefile
+++ b/dockerfiles/commul-customization/variable.makefile
@@ -16,6 +16,7 @@ TOMCAT_GROUP:=tomcat$(TOMCAT_VERSION)
 TOMCAT_CONF:=/etc/$(TOMCAT_USER)

 # dspace
+# please note that this should not contain uppercase characters
 DSPACE_USER:=${DSPACE_USER}

 # tool directories

--- a/dockerfiles/commul-customization/default_locale
+++ b/dockerfiles/commul-customization/default_locale
--- a/dockerfiles/Dockerfile.nginx
+++ b/dockerfiles/Dockerfile.nginx
-#######################################################################
+##############################################################################
 # Dockerfile to build nginx and shibboleth for LINDAT Dspace container
 # Based on Ubuntu
-#######################################################################
+##############################################################################
+ARG UBUNTU_VERSION=16.04

-FROM ubuntu:16.04
-LABEL maintainer="Alexander König <Alexander.Koenig@eurac.edu>"
+FROM ubuntu:$UBUNTU_VERSION
+ARG UBUNTU_VERSION
+
+ARG LABEL_VCS_URL="https://gitlab.inf.unibz.it/commul/docker/clarin-dspace"
+LABEL maintainer="Alexander König <Alexander.Koenig@eurac.edu>" \
+      maintainer="Egon W. Stemle <egon.stemle@eurac.edu>"
+
+ENV TERM linux
+# APT(-GET) tweaks
+# Set some sane defaults for apt inside docker
+ENV DEBIAN_FRONTEND=noninteractive
+COPY apt.local.conf /etc/apt/apt.conf.d/99local.conf
+RUN apt-get update && \
+    apt-get upgrade

 # install cpanm and dependencies
 RUN apt-get update \
-&&  apt-get -y upgrade \
-&&  apt-get -y install make gcc wget cpanminus
+    && apt-get install make gcc wget cpanminus

 RUN cpanm -n File::Spec::Functions
 RUN cpanm Term::ReadLine

 # install jdk, ant, psql, mvn, make, libxml, xsltproc, zip, wget
 RUN apt-get update \
-&& apt-get -y install ant curl libxml2-utils maven openjdk-8-jdk unzip xsltproc yui-compressor
-
-# install convenience apps for debug purposes (vim and jsbeautifier)
-RUN apt-get -y install vim less python-pip
-RUN pip install --upgrade pip
-RUN pip install jsbeautifier
-COPY commul-customization/__init__.py /usr/local/lib/python2.7/dist-packages/jsbeautifier/
+    && apt-get install ant curl libxml2-utils maven openjdk-8-jdk unzip xsltproc

 # set up a proper locale
-RUN apt-get -y install locales
+RUN apt-get update && apt-get install locales
 RUN locale-gen en_US.UTF-8
-COPY commul-customization/default_locale /etc/default/locale
+COPY default_locale /etc/default/locale
 RUN chmod 0755 /etc/default/locale

 ENV LC_ALL=en_US.UTF-8
@@ -35,33 +41,37 @@ ENV LANG=en_US.UTF-8
 ENV LANGUAGE=en_US.UTF-8

 # build nginx
-RUN apt-get install -y zlib1g zlib1g-dev libpcre3 libpcre3-dev curl
+RUN apt-get update && apt-get install zlib1g zlib1g-dev libpcre3 libpcre3-dev curl
 RUN cpanm File::Spec::Functions
 RUN cpanm Term::ReadLine
-COPY commul-customization/nginx_build.sh /tmp/nginx_build.sh
-RUN chmod a+x /tmp/nginx_build.sh
+COPY build.sh /tmp/build.sh
+RUN chmod a+x /tmp/build.sh
 WORKDIR /tmp/
-RUN ./nginx_build.sh
+RUN ./build.sh
 # copy the init script
-COPY commul-customization/nginx /etc/init.d/
+COPY init.d_nginx /etc/init.d/nginx
 RUN chmod a+x /etc/init.d/nginx
 # add a symlink
 RUN ln -s /opt/nginx/sbin/nginx /usr/sbin/nginx
 # copy over static html
-COPY commul-customization/webpage/ /opt/nginx/html/
+COPY html/ /opt/nginx/html/
+# copy over robots.txt
+COPY robots-clarin-dev.txt /opt/nginx/html/robots.txt
+COPY google4a439c0ac1ac30d0.html /opt/nginx/html/
+RUN chown -R www-data:www-data /opt/nginx/html/
+
 #RUN mkdir /opt/nginx/html/img
 #COPY commul-customization/index.html /opt/nginx/html/
 #COPY commul-customization/eurac.png /opt/nginx/html/img/
-# create the test secure folder
-RUN mkdir /opt/nginx/html/secure
-COPY commul-customization/shib_test.pl /opt/nginx/html/secure/

-# get aai project
-RUN apt-get install -y git
-RUN git clone https://github.com/ufal/lindat-aai-discovery.git /opt/repository/sources/lindat-aai-discovery
+# install php
+RUN apt-get update && apt-get install php-fpm php-xml
+# copy over aa-statistics script
+RUN mkdir /opt/nginx/html/php
+COPY aa-statistics.php /opt/nginx/html/php/

 # install shibboleth
-COPY commul-customization/shibboleth_sp_with_fastcgi.sh /tmp/
+COPY shibboleth_sp_with_fastcgi.sh /tmp/
 WORKDIR /tmp
 RUN chmod u+x /tmp/shibboleth_sp_with_fastcgi.sh
 RUN /tmp/shibboleth_sp_with_fastcgi.sh
@@ -69,39 +79,33 @@ RUN /tmp/shibboleth_sp_with_fastcgi.sh
 RUN cp /opt/shibboleth-sp-fastcgi/etc/shibboleth/shibd-debian /etc/init.d/shibd
 RUN chmod a+x /etc/init.d/shibd

+# create the test secure folder and set up perl fastcgi
+RUN mkdir /opt/nginx/html/secure
+RUN apt-get update && apt-get install fcgiwrap
+RUN cpanm CGI URI XML::Twig LWP::Protocol::https
+COPY shib_test.pl /opt/nginx/html/secure/
+COPY shib_fastcgi_params /opt/nginx/conf/
+COPY attribute-map.xml /opt/shibboleth-sp-fastcgi/etc/shibboleth/
+RUN chown -R www-data:www-data /opt/nginx/html/secure
+RUN chmod a+x /opt/nginx/html/secure/shib_test.pl

 # install supervisor
-RUN apt-get install -y python-setuptools
-RUN easy_install supervisor
-COPY commul-customization/supervisord.conf /etc/
+RUN apt-get update && apt-get install python-pip
+RUN pip install supervisor
+COPY supervisord.conf /etc/
 RUN mkdir -p /var/log/supervisor
+# create dirs for php-fpm socket/pid and log files
+RUN mkdir -p /run/php
+RUN mkdir -p /var/log/php-fpm/
+COPY php-fpm.conf /etc/php/7.0/fpm/
+COPY php.ini /etc/php/7.0/fpm/

 # copy over config files
-COPY commul-customization/default-ssl /opt/nginx/conf/
-COPY commul-customization/nginx.conf /opt/nginx/conf/
-COPY commul-customization/repository_auth /opt/nginx/conf/
-COPY commul-customization/shibboleth2.xml /opt/shibboleth-sp-fastcgi/etc/shibboleth/
-COPY commul-customization/clarin.eurac.edu.template.metadata.xml /opt/shibboleth-sp-fastcgi/etc/shibboleth/
-COPY commul-customization/shib_clear_headers /opt/nginx/conf/
-
-# copy over config files
-COPY commul-customization/aai.js /opt/repository/sources/lindat-aai-discovery/
-WORKDIR /opt/repository/sources/lindat-aai-discovery/
-# this does not always work, because the website is often down or the certificate has run out
-# RUN touch /opt/repository/sources/lindat-aai-discovery/aai.js
-# RUN make aai.min.js
-RUN yui-compressor -o aai.min.js aai.js
-
-# copy certificate for clarin-dev
-# COPY commul-customization/certs/clarin-dev.key /etc/ssl/private/
-# COPY commul-customization/certs/clarin-dev_eurac_edu.crt /etc/ssl/certs/
-
-# if deployed on clarin instead of clarin-dev comment the two lines above and uncomment the following lines
-
-## copy certificate for clarin
-# COPY commul-customization/certs/clarin.key /etc/ssl/private/
-# COPY commul-customization/certs/clarin_eurac_edu.crt /etc/ssl/certs/
-
+COPY nginx.default.conf /opt/nginx/conf/
+COPY nginx.conf /opt/nginx/conf/
+COPY repository_auth /opt/nginx/conf/
+COPY shibboleth2.xml /opt/shibboleth-sp-fastcgi/etc/shibboleth/
+COPY clarin.eurac.edu.template.metadata.xml /opt/shibboleth-sp-fastcgi/etc/shibboleth/
+COPY shib_clear_headers /opt/nginx/conf/

 ENTRYPOINT ["/usr/local/bin/supervisord", "-c", "/etc/supervisord.conf"]
-
--- a/dockerfiles/nginx/Earthfile
+++ b/dockerfiles/nginx/Earthfile
+# Usage: earthly --push --no-cache +docker
+
+docker-precondition-spf:
+    FROM alpine:latest
+    RUN apk add curl
+    RUN --no-cache curl https://infra.clarin.eu/aai/prod_md_about_spf_idps.xml -o /tmp/prod_md_about_spf_idps.xml
+    SAVE ARTIFACT --keep-ts /tmp/prod_md_about_spf_idps.xml
+
+docker-from-docker:
+    FROM DOCKERFILE .
+
+    COPY +docker-precondition-spf/prod_md_about_spf_idps.xml /opt/shibboleth-sp-fastcgi/var/cache/shibboleth/
+
+    ARG DOCKER_BASE_URL="gitlab.inf.unibz.it:4567"
+    ARG EARTHLY_GIT_PROJECT_NAME  # https://docs.earthly.dev/earthfile/builtin-args
+    ARG GIT_PROJECT_NAME="commul/docker/clarin-dspace"
+    ARG COMMUL_REGISTRY_URL="https://gitlab.inf.unibz.it/commul/docker/clarin-dspace/container_registry/"
+    ARG LABEL_VCS_URL="https://gitlab.inf.unibz.it/commul/docker/clarin-dspace"
+
+    ARG AUTHOR="Egon W. Stemle <egon.stemle@eurac.edu>"
+    ARG MAINTAINER="Egon W. Stemle <egon.stemle@eurac.edu>"
+    LABEL author="$AUTHOR"
+    LABEL maintainer="$MAINTAINER"
+
+    # An updated VERSION ARG triggers an update of the texlive installation
+    ARG EARTHLY_TARGET_TAG
+    ARG VERSION=$EARTHLY_TARGET_TAG
+
+    ARG EARTHLY_GIT_HASH
+    ARG GIT_HASH=$EARTHLY_GIT_HASH
+    ARG EARTHLY_TARGET_TAG_DOCKER
+    ARG TARGET_TAG_DOCKER=$EARTHLY_TARGET_TAG_DOCKER
+    ARG DOCKER_URL="$DOCKER_BASE_URL/$GIT_PROJECT_NAME/dspace-bundle/nginx"
+
+    LABEL org.label-schema.schema-version="1.0" \  # http://label-schema.org/rc1/
+          org.label-schema.version="$VERSION" \
+          org.label-schema.vcs-url="$LABEL_VCS_URL" \
+          org.commul.git-hash="$GIT_HASH" \
+          org.commul.registry-url="$COMMUL_REGISTRY_URL" \
+          org.commul.docker-url="$DOCKER_URL"
+
+    RUN echo $VERSION > /tmp/release
+    SAVE ARTIFACT --keep-ts /tmp/release AS LOCAL ./.release
+
+    SAVE IMAGE nginx:latest
+    SAVE IMAGE --push "$DOCKER_URL:latest"
+    SAVE IMAGE --push "$DOCKER_URL:$VERSION"
+
+docker:
+    BUILD +docker-precondition-spf
+    BUILD +docker-from-docker
--- a/dockerfiles/nginx/aa-statistics.php
+++ b/dockerfiles/nginx/aa-statistics.php
+<?php
+
+// redirect to the correct destination
+header('Location: ' . $_GET['return'], true, 302);
+
+
+// This script finds exported header names from shibboleth and sends them to an aggregator.
+//
+// The main goal is to monitor attribute release and provide a central place where "bad" IdPs can be
+// easily blackmailed...
+//
+// See: https://github.com/ufal/clarin-sp-aaggregator
+// by lindat-dev team (ok, jm)
+//
+
+//====== CONFIGURATION ======
+// REST api of the aggregator
+$aggregator_url='https://clarin-aa.ms.mff.cuni.cz/aaggreg/v1/got';
+//your SP entity id
+$sp='https://clarin-dev.eurac.edu/Shibboleth.sso/Metadata';
+//====== /CONFIGURATION ======
+
+
+/**
+ * Build the request url and execute curl on it.
+ * @todo test asynch...
+ */
+function send_info($idp, $sp, $ts, $attrs, $suspicious) 
+{
+    global $aggregator_url, $sp;
+    $attributes_encoded = "attributes[]=" . implode('&attributes[]=', array_map('urlencode', $attrs));
+    // -g does not allow curl to interpret []{}
+    $cmd = "curl -g '$aggregator_url?idp=$idp&sp=$sp&timestamp=$ts&$attributes_encoded&warn=$suspicious'";
+    $cmd .= " > /dev/null 2>&1 &";
+    echo '<pre>'.$cmd.'</pre>';
+
+    exec($cmd, $output, $exit);
+    return $exit == 0;
+}
+
+/**
+ * Array version of getenv - corner cases for 0, null etc.
+ */
+function getenvs($envarray, &$ret)
+{
+    foreach($envarray as $value)
+    {
+        $ret = getenv($value);
+        if ($ret) {
+            return true;
+        }
+    }
+    return false;
+}
+
+
+$idps = array();
+
+// we need the count so we can iterate over the exported assertions
+// - the env variable can be exposed under different names!
+//
+$assertion_count = 0;
+$assertion_count_name = "Shib-Assertion-Count";
+if (!getenvs(
+        array($assertion_count_name, str_replace('-','_',strtoupper("http_".$assertion_count_name))), 
+        $assertion_count
+    ))
+{
+    http_response_code(400);
+    echo("$assertion_count_name not found");
+    exit;
+}
+$assertion_count = (int)$assertion_count;
+
+
+// idp that was used to authenicate
+$idp = null;
+// timestamp
+$dt = new DateTime();
+$ts = $dt->format("Y-m-d\TH:i:s.z\Z");
+
+// obtain the assertions
+// - the env variable can be exposed under different names!
+//
+$assertion_link_attr_name = "Shib-Assertion-"; 
+$assertion_link_attr_name_upper = str_replace('-','_',strtoupper("http_". "Shib-Assertion-")); 
+for ($i=$assertion_count; 0 < $i; --$i) 
+{
+    // why would there be more than one assertion?
+    $n = str_pad($i, 2, "0", STR_PAD_LEFT);
+
+    //$n is 00, or 01
+    $assertion_link = "";
+    getenvs(array($assertion_link_attr_name . $n, $assertion_link_attr_name_upper . $n), $assertion_link);
+    
+    if(!empty($assertion_link))
+    {
+        $assertion_link = str_replace("https://" . getenv("SERVER_NAME"), "http://127.0.0.1:443", $assertion_link);
+        //TODO add a timeout
+        // need to ignore that certificate does not match 127.0.0.1
+        $arrContextOptions=array(
+               "ssl"=>array(
+                       "verify_peer"=>false,
+                       "verify_peer_name"=>false,
+               ),
+        );
+        $assertion = file_get_contents($assertion_link, false, stream_context_create($arrContextOptions));
+        $xml = simplexml_load_string($assertion); 
+
+        // echo $xml->asXML()."=====\n\n";
+        try{
+            $idp = (string)$xml->xpath('//*[local-name()="Issuer"]')[0];
+        } catch(Exception $e){
+            echo 'Caught exception: ',  $e->getMessage(), "\nProbably no Issuer or xml.\n";
+            exit;
+        }
+        if (!array_key_exists($idp, $idps)) 
+        {
+            $idps[$idp] = array();
+        }
+        foreach ($xml->xpath('//*[local-name()="Attribute"]/@Name') as $name)
+        {
+            array_push($idps[$idp], (string)$name);
+        }
+        // AudienceRestriction/Audience and NameID/@SPNameQualifier usually
+        // have the value of spEntityId, it's not guaranteed though.
+        //$sp = (string)$xml->xpath('//@SPNameQualifier')[0];
+    }
+}
+
+// anything strange?
+$suspicious = "";
+if (1 < count($idps)) {
+    $suspicious = "more than 1 idp";
+}
+
+// aggregate the info
+send_info($idp, $sp, $ts, $idps[$idp], $suspicious);
+
+exit;
--- a/dockerfiles/nginx/apt.local.conf
+++ b/dockerfiles/nginx/apt.local.conf
+# Set some sane defaults for docker
+APT { GET { Assume-Yes "true"; }; };
+APT { GET { Fix-Broken "true"; }; };
--- a/dockerfiles/nginx/attribute-map.xml
+++ b/dockerfiles/nginx/attribute-map.xml
+<Attributes xmlns="urn:mace:shibboleth:2.0:attribute-map" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+
+    <!--
+	SAML1 + SAML2 declarations : name = input, id is output name
+	-->
+
+    <!-- EduPersonPrincipalName -->
+	<Attribute name="urn:mace:dir:attribute-def:eduPersonPrincipalName" id="mace-eduPersonPrincipalName" >
+    		<AttributeDecoder xsi:type="ScopedAttributeDecoder"/>
+	</Attribute>
+	<Attribute name="urn:mace:dir:attribute-def:eduPersonPrincipalName" nameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" id="mace-eduPersonPrincipalName" />
+	<Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" id="eppn" >
+    		<AttributeDecoder xsi:type="ScopedAttributeDecoder"/>
+	</Attribute>
+
+    <!-- eduPersonTargetedID -->
+    <Attribute name="urn:mace:dir:attribute-def:eduPersonTargetedID" id="eduPersonTargetedID" /> <!-- incorrect SAML 1.1 mapping, required for historical compatibility see https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPTargetedID -->
+    <Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" id="eduPersonTargetedID"> <!-- the usually recommended approach to passing an eduPersonTargetedID to SAML 2.0 SPs, including Shibboleth 2.x. https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPTargetedID -->
+           <AttributeDecoder xsi:type="NameIDAttributeDecoder" formatter="$Name!!$NameQualifier!!$SPNameQualifier"/>
+    </Attribute>
+    <Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" id="eduPersonTargetedID" nameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
+           <AttributeDecoder xsi:type="NameIDAttributeDecoder" formatter="$Name!!$NameQualifier!!$SPNameQualifier"/>
+    </Attribute>
+    <Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" id="eduPersonTargetedID" nameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+           <AttributeDecoder xsi:type="NameIDAttributeDecoder" formatter="$Name!!$NameQualifier!!$SPNameQualifier"/>
+    </Attribute>
+    <!-- Fourth, the SAML 2.0 NameID Format: -->
+    <Attribute name="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" id="persistent-id">
+        <AttributeDecoder xsi:type="NameIDAttributeDecoder" formatter="$NameQualifier!$SPNameQualifier!$Name" defaultQualifiers="true"/>
+    </Attribute>
+
+    <!-- eduPersonScopedAffiliation -->
+    <Attribute name="urn:mace:dir:attribute-def:eduPersonScopedAffiliation" id="eduPersonScopedAffiliation"/>
+    <Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" id="eduPersonScopedAffiliation"/>
+
+    <!-- eduPersonEntitlement -->
+    <Attribute name="urn:mace:dir:attribute-def:eduPersonEntitlement" id="eduPersonEntitlement"/>
+    <Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" id="eduPersonEntitlement"/>
+
+    <!-- commonName -->
+    <Attribute name="urn:mace:dir:attribute-def:cn" id="cn" />
+    <Attribute name="urn:oid:2.5.4.3" id="cn" />
+
+    <!-- mail -->
+    <Attribute name="urn:mace:dir:attribute-def:mail" id="mail"/>
+    <Attribute name="urn:oid:0.9.2342.19200300.100.1.3" id="mail"/>
+
+    <!-- organization -->
+    <Attribute name="urn:mace:dir:attribute-def:organizationName" id="organizationName"/>
+    <Attribute name="urn:oid:2.5.4.10" id="organizationName"/>
+
+    <!-- displayName -->
+    <Attribute name="urn:mace:dir:attribute-def:displayName" id="displayName"/>
+    <Attribute name="urn:oid:2.16.840.1.113730.3.1.241" id="displayName"/>
+
+    <!--
+    <Attribute name="urn:mace:dir:attribute-def:uid" id="uid" />
+    <Attribute name="urn:oid:0.9.2342.19200300.100.1.1" id="uid" />
+    <Attribute name="urn:mace:dir:attribute-def:givenName" id="givenName"/>
+    <Attribute name="urn:mace:dir:attribute-def:surName" id="surName"/>
+    <Attribute name="urn:mace:dir:attribute-def:eduPersonAffiliation" id="eduPersonAffiliation"/>
+    <Attribute name="urn:mace:dir:attribute-def:damlrPersonAffiliation" id="eduPersonAffiliation" />
+    -->
+</Attributes>
--- a/dockerfiles/commul-customization/nginx_build.sh
+++ b/dockerfiles/commul-customization/nginx_build.sh
@@ -36,6 +36,7 @@ cd nginx_src
   --add-module="$DIR/nginx-headers-more-module" \
   --add-module="$DIR/nginx-ajp-module" \
   --add-module="$DIR/nginx-shib-module" \
+   --with-http_realip_module \
   --with-http_ssl_module \
   --with-http_stub_status_module \
   --with-openssl="$DIR/openssl" \

--- a/dockerfiles/nginx/clarin.eurac.edu.template.metadata.xml
+++ b/dockerfiles/nginx/clarin.eurac.edu.template.metadata.xml
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
+                     xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+                     xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+                     xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
+                     xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init"
+                     xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"
+                     xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi"
+                     xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"
+                     xmlns:remd="http://refeds.org/metadata"
+                     xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
+                     xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+                     xmlns:shibmd="urn:mace:shibboleth:metadata:1.0"
+                     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+                     entityID="https://clarin-dev.eurac.edu/Shibboleth.sso/Metadata">
+   <md:Extensions>
+      <mdattr:EntityAttributes>
+         <saml:Attribute Name="http://macedir.org/entity-category"
+                         NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+            <saml:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</saml:AttributeValue>
+         </saml:Attribute>
+         <saml:Attribute Name="http://macedir.org/entity-category"
+                         NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+            <saml:AttributeValue>http://refeds.org/category/research-and-scholarship</saml:AttributeValue>
+         </saml:Attribute>
+         <saml:Attribute Name="http://macedir.org/entity-category"
+                         NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+            <saml:AttributeValue>http://clarin.eu/category/clarin-member</saml:AttributeValue>
+         </saml:Attribute>
+      </mdattr:EntityAttributes>
+   </md:Extensions>
+   <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+      <md:Extensions>
+         <mdui:UIInfo>
+            <mdui:DisplayName xml:lang="en">Eurac Research CLARIN Centre</mdui:DisplayName>
+            <mdui:DisplayName xml:lang="de">Eurac Research CLARIN Centre</mdui:DisplayName>
+            <mdui:DisplayName xml:lang="it">Eurac Research CLARIN Centre</mdui:DisplayName>
+            <mdui:Description xml:lang="en">Eurac Research CLARIN Centre: Digital repository for language data</mdui:Description>
+            <mdui:Description xml:lang="de">Eurac Research CLARIN Centre: Digitales Repository für Sprachdaten</mdui:Description>
+            <mdui:Description xml:lang="it">Eurac Research CLARIN Centre: repository digitale di risorse linguistiche</mdui:Description>
+            <mdui:InformationURL xml:lang="en">https://clarin-dev.eurac.edu/repository/xmlui/page/about</mdui:InformationURL>
+            <mdui:InformationURL xml:lang="de">https://clarin-dev.eurac.edu/repository/xmlui/page/about</mdui:InformationURL>
+            <mdui:InformationURL xml:lang="it">https://clarin-dev.eurac.edu/repository/xmlui/page/about</mdui:InformationURL>
+            <mdui:Logo height="85" width="180">https://clarin-dev.eurac.edu/repository/xmlui/themes/UFAL/lib/lindat/public/img/eurac_research.svg</mdui:Logo>
+            <mdui:PrivacyStatementURL xml:lang="en">https://clarin-dev.eurac.edu/repository/xmlui/page/registration-privacypolicy</mdui:PrivacyStatementURL>
+            <mdui:PrivacyStatementURL xml:lang="de">https://clarin-dev.eurac.edu/repository/xmlui/page/registration-privacypolicy</mdui:PrivacyStatementURL>
+            <mdui:PrivacyStatementURL xml:lang="it">https://clarin-dev.eurac.edu/repository/xmlui/page/registration-privacypolicy</mdui:PrivacyStatementURL>
+         </mdui:UIInfo>
+      </md:Extensions>
+      <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+                                    Location="https://clarin-dev.eurac.edu/Shibboleth.sso/Artifact/SOAP"
+                                    index="1"/>
+      <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+                              Location="https://clarin-dev.eurac.edu/Shibboleth.sso/SLO/SOAP"/>
+      <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+                              Location="https://clarin-dev.eurac.edu/Shibboleth.sso/SLO/Redirect"/>
+      <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+                              Location="https://clarin-dev.eurac.edu/Shibboleth.sso/SLO/POST"/>
+      <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
+                              Location="https://clarin-dev.eurac.edu/Shibboleth.sso/SLO/Artifact"/>
+      <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+                                   Location="https://clarin-dev.eurac.edu/Shibboleth.sso/SAML2/POST"
+                                   index="1"/>
+      <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign"
+                                   Location="https://clarin-dev.eurac.edu/Shibboleth.sso/SAML2/POST-SimpleSign"
+                                   index="2"/>
+      <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
+                                   Location="https://clarin-dev.eurac.edu/Shibboleth.sso/SAML2/Artifact"
+                                   index="3"/>
+      <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS"
+                                   Location="https://clarin-dev.eurac.edu/Shibboleth.sso/SAML2/ECP"
+                                   index="4"/>
+      <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post"
+                                   Location="https://clarin-dev.eurac.edu/Shibboleth.sso/SAML/POST"
+                                   index="5"/>
+      <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01"
+                                   Location="https://clarin-dev.eurac.edu/Shibboleth.sso/SAML/Artifact"
+                                   index="6"/>
+      <md:AttributeConsumingService index="1">
+         <md:ServiceName xml:lang="en">Digital Repository for the CLARIN Research Infrastructure provided by Eurac Research</md:ServiceName>
+         <md:ServiceName xml:lang="de">Digitales Repository für die CLARIN-Forschungs-Infrastruktur bereitgestellt durch Eurac Research</md:ServiceName>
+         <md:ServiceName xml:lang="it">Repository Digitale per la Infrastruttura di Ricerca CLARIN erogato da Eurac Research</md:ServiceName>
+         <md:ServiceDescription xml:lang="en">Digital Repository and services related to the CLARIN-IT consortium under the CLARIN Research Infrastructure; focused in the fields of terminology and multilingualism. The repository is based at Eurac Research in South Tyrol and managed by the Institute for Applied Linguistics.</md:ServiceDescription>
+         <md:ServiceDescription xml:lang="de">Digitales Repository und Services mit Bezug zum CLARIN-IT-Consortium im Rahmen der CLARIN Forschungsinfrastruktur; mit Fokus auf den Gebieten der Terminologie und Mehrsprachigkeit. Das Repository wird von Eurac Research gehostet und dort vom Institut für Angewandte Sprachforschung betreut.</md:ServiceDescription>
+         <md:ServiceDescription xml:lang="it">Repository Digitale e servizi relativi al consorzio CLARIN-IT sotto l'Infrastruttura di Ricerca CLARIN; focalizzato nel campo della teminologia e multilinguismo. Il repository è basato a Eurac Research in Alto Adige e gestito del Istituto di Linguistica Applicata.</md:ServiceDescription>
+         <md:RequestedAttribute FriendlyName="eduPersonPrincipalName"
+                                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"
+                                NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+                                isRequired="true"/>
+         <md:RequestedAttribute FriendlyName="email"
+                                Name="urn:oid:0.9.2342.19200300.100.1.3"
+                                NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+                                isRequired="true"/>
+         <md:RequestedAttribute FriendlyName="cn"
+                                Name="urn:oid:2.5.4.3"
+                                NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+                                isRequired="false"/>
+         <md:RequestedAttribute FriendlyName="schacHomeOrganization"
+                                Name="urn:oid:1.3.6.1.4.1.25178.1.2.9"
+                                NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+                                isRequired="false"/>
+         <md:RequestedAttribute FriendlyName="organizationName"
+                                Name="urn:oid:2.5.4.10"
+                                NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+                                isRequired="false"/>
+         <md:RequestedAttribute FriendlyName="displayName"
+                                Name="urn:oid:2.16.840.1.113730.3.1.241"
+                                NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+                                isRequired="true"/>
+         <md:RequestedAttribute FriendlyName="eduPersonEntitlement"
+                                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7"
+                                NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+                                isRequired="false"/>
+         <md:RequestedAttribute FriendlyName="eduPersonTargetedID"
+                                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10"
+                                NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+                                isRequired="true"/>
+         <md:RequestedAttribute FriendlyName="eduPersonScopedAffiliation"
+                                Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9"
+                                NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+                                isRequired="false"/>
+      </md:AttributeConsumingService>
+   </md:SPSSODescriptor>
+   <md:Organization>
+      <md:OrganizationName xml:lang="en">Eurac Research</md:OrganizationName>
+      <md:OrganizationName xml:lang="de">Eurac Research</md:OrganizationName>
+      <md:OrganizationName xml:lang="it">Eurac Research</md:OrganizationName>
+      <md:OrganizationDisplayName xml:lang="en">Eurac Research</md:OrganizationDisplayName>
+      <md:OrganizationDisplayName xml:lang="de">Eurac Research</md:OrganizationDisplayName>
+      <md:OrganizationDisplayName xml:lang="it">Eurac Research</md:OrganizationDisplayName>
+      <md:OrganizationURL xml:lang="en">http://www.eurac.edu/en</md:OrganizationURL>
+      <md:OrganizationURL xml:lang="de">http://www.eurac.edu/de</md:OrganizationURL>
+      <md:OrganizationURL xml:lang="it">http://www.eurac.edu/it</md:OrganizationURL>
+   </md:Organization>
+   <md:ContactPerson contactType="technical">
+      <md:GivenName>Egon</md:GivenName>
+      <md:SurName>Stemle</md:SurName>
+      <md:EmailAddress>mailto:clarin@eurac.edu</md:EmailAddress>
+   </md:ContactPerson>
+   <md:ContactPerson contactType="support">
+      <md:GivenName>Egon</md:GivenName>
+      <md:SurName>Stemle</md:SurName>
+      <md:EmailAddress>mailto:clarin@eurac.edu</md:EmailAddress>
+   </md:ContactPerson>
+   <md:ContactPerson contactType="administrative">
+      <md:GivenName>Andrea</md:GivenName>
+      <md:SurName>Abel</md:SurName>
+      <md:EmailAddress>mailto:linguistics@eurac.edu</md:EmailAddress>
+   </md:ContactPerson>
+</md:EntityDescriptor>
--- a/dockerfiles/nginx/default_locale
+++ b/dockerfiles/nginx/default_locale
+#  File generated by update-locale
+LANG="en_US.UTF-8"
+LC_NUMERIC="en_US.UTF-8"
+LC_TIME="en_US.UTF-8"
+LC_MONETARY="en_US.UTF-8"
+LC_PAPER="en_US.UTF-8"
+LC_NAME="en_US.UTF-8"
+LC_ADDRESS="en_US.UTF-8"
+LC_TELEPHONE="en_US.UTF-8"
+LC_MEASUREMENT="en_US.UTF-8"
+LC_IDENTIFICATION="en_US.UTF-8"
--- a/dockerfiles/nginx/google4a439c0ac1ac30d0.html
+++ b/dockerfiles/nginx/google4a439c0ac1ac30d0.html
+google-site-verification: google4a439c0ac1ac30d0.html
\ No newline at end of file
No results found