From d0d7ba64d9c48930a36d50113cfcb90e1cc6e7d5 Mon Sep 17 00:00:00 2001 From: Jan Dittberner Date: Thu, 24 Dec 2020 08:03:24 +0100 Subject: [PATCH] Improve signer and signer_client setup --- .editorconfig | 12 +++++++----- docker-compose.yml | 11 +++++++---- docker/run-signer | 6 ++++-- signer_client.Dockerfile | 4 ++++ 4 files changed, 22 insertions(+), 11 deletions(-) diff --git a/.editorconfig b/.editorconfig index 831f836..a3971e1 100644 --- a/.editorconfig +++ b/.editorconfig @@ -33,8 +33,10 @@ ij_css_space_before_opening_brace = true ij_css_use_double_quotes = true ij_css_value_alignment = do_not_align -[*.pm] -ij_continuation_indent_size = 4 +[{*.pl,*.pm}] +indent_size = 2 +tab_width = 2 +ij_continuation_indent_size = 2 ij_perl5_align_attributes = false ij_perl5_align_comments_on_consequent_lines = true ij_perl5_align_consecutive_assignments = 0 @@ -52,9 +54,9 @@ ij_perl5_assignment_wrap = off ij_perl5_attributes_wrap = 0 ij_perl5_binary_operation_sign_on_next_line = false ij_perl5_binary_operation_wrap = off -ij_perl5_brace_style_compound = 0 -ij_perl5_brace_style_namespace = 0 -ij_perl5_brace_style_sub = 0 +ij_perl5_brace_style_compound = 1 +ij_perl5_brace_style_namespace = 1 +ij_perl5_brace_style_sub = 1 ij_perl5_call_parameters_wrap = off ij_perl5_else_on_new_line = true ij_perl5_keep_indents_on_empty_lines = false diff --git a/docker-compose.yml b/docker-compose.yml index bfa4c26..a560efb 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -37,9 +37,9 @@ services: DEPLOYMENT_NAME: "CAcert.org Website (local development)" MYSQL_WEBDB_HOSTNAME: db MYSQL_WEBDB_DATABASE: cacert - CSR_DIRECTORY: /certs/csr - CRT_DIRECTORY: /certs/crt - CRL_DIRECTORY: /certs/crl + CSR_DIRECTORY: /srv/certs/csr + CRT_DIRECTORY: /srv/certs/crt + CRL_DIRECTORY: /srv/certs/crl DEFAULT_HOSTNAME: www.cacert.localhost SECURE_HOSTNAME: secure.cacert.localhost TVERIFY_HOSTNAME: tverify.cacert.localhost @@ -57,7 +57,7 @@ services: - smtp volumes: - ./cacert-software:/www - - certstaging:/certs + - certstaging:/srv/certs mgr: build: context: . @@ -99,11 +99,14 @@ services: CSR_DIRECTORY: /srv/certs/csr CRT_DIRECTORY: /srv/certs/crt CRL_DIRECTORY: /srv/certs/crl + SMTP_HOST: smtp volumes: - certstaging:/srv/certs - signersockets:/srv/sockets depends_on: - db + - smtp + - signer signer: build: context: . diff --git a/docker/run-signer b/docker/run-signer index c977edd..edf1ca0 100755 --- a/docker/run-signer +++ b/docker/run-signer @@ -12,14 +12,16 @@ mkdir -p /srv/ca/CA/certs /srv/ca/CA/private /srv/ca/CA/newcerts cp /srv/testca/root/ca.crt.pem /srv/ca/CA/ca.crt.pem cp /srv/testca/root/private/ca.key.pem /srv/ca/CA/private/ca.key.pem if [ ! -f /srv/ca/CA/index.txt ]; then cp /srv/testca/root/index.txt /srv/ca/CA/index.txt; fi -if [ ! -f /srv/ca/CA/serial ]; then echo 1 > /srv/ca/CA/serial; fi +if [ ! -f /srv/ca/CA/index.txt.attr ]; then cp /srv/testca/root/index.txt.attr /srv/ca/CA/index.txt.attr; fi +if [ ! -f /srv/ca/CA/serial ]; then echo -n '00' > /srv/ca/CA/serial; fi if [ ! -f /srv/ca/CA/crlnumber ]; then echo 1000 > /srv/ca/CA/crlnumber; fi mkdir -p /srv/ca/class3/certs /srv/ca/class3/private /srv/ca/class3/newcerts cp /srv/testca/class3/ca.crt.pem /srv/ca/class3/ca.crt.pem cp /srv/testca/class3/private/ca.key.pem /srv/ca/class3/private/ca.key.pem if [ ! -f /srv/ca/class3/index.txt ]; then cp /srv/testca/class3/index.txt /srv/ca/class3/index.txt; fi -if [ ! -f /srv/ca/class3/serial ]; then echo 1 > /srv/ca/class3/serial; fi +if [ ! -f /srv/ca/class3/index.txt.attr ]; then cp /srv/testca/class3/index.txt.attr /srv/ca/class3/index.txt.attr; fi +if [ ! -f /srv/ca/class3/serial ]; then echo -n '00' > /srv/ca/class3/serial; fi if [ ! -f /srv/ca/class3/crlnumber ]; then echo 1000 > /srv/ca/class3/crlnumber; fi cd /srv/CommModule/ diff --git a/signer_client.Dockerfile b/signer_client.Dockerfile index 2b00748..b0d4ab3 100644 --- a/signer_client.Dockerfile +++ b/signer_client.Dockerfile @@ -1,8 +1,12 @@ FROM debian:jessie +COPY testca/root/ca.crt.pem /usr/local/share/ca-certificates/testca_root.crt +COPY testca/class3/ca.crt.pem /usr/local/share/ca-certificates/testca_class3.crt + RUN apt-get update \ && DEBIAN_FRONTEND=noninteractive \ apt-get install -y --no-install-recommends \ + ca-certificates \ gnupg \ libdbd-mysql-perl \ libdbi-perl \