forked from jan/cacert-devsetup
Improve signer and signer_client setup
This commit is contained in:
parent
774c6b0e9c
commit
d0d7ba64d9
4 changed files with 22 additions and 11 deletions
|
@ -33,8 +33,10 @@ ij_css_space_before_opening_brace = true
|
||||||
ij_css_use_double_quotes = true
|
ij_css_use_double_quotes = true
|
||||||
ij_css_value_alignment = do_not_align
|
ij_css_value_alignment = do_not_align
|
||||||
|
|
||||||
[*.pm]
|
[{*.pl,*.pm}]
|
||||||
ij_continuation_indent_size = 4
|
indent_size = 2
|
||||||
|
tab_width = 2
|
||||||
|
ij_continuation_indent_size = 2
|
||||||
ij_perl5_align_attributes = false
|
ij_perl5_align_attributes = false
|
||||||
ij_perl5_align_comments_on_consequent_lines = true
|
ij_perl5_align_comments_on_consequent_lines = true
|
||||||
ij_perl5_align_consecutive_assignments = 0
|
ij_perl5_align_consecutive_assignments = 0
|
||||||
|
@ -52,9 +54,9 @@ ij_perl5_assignment_wrap = off
|
||||||
ij_perl5_attributes_wrap = 0
|
ij_perl5_attributes_wrap = 0
|
||||||
ij_perl5_binary_operation_sign_on_next_line = false
|
ij_perl5_binary_operation_sign_on_next_line = false
|
||||||
ij_perl5_binary_operation_wrap = off
|
ij_perl5_binary_operation_wrap = off
|
||||||
ij_perl5_brace_style_compound = 0
|
ij_perl5_brace_style_compound = 1
|
||||||
ij_perl5_brace_style_namespace = 0
|
ij_perl5_brace_style_namespace = 1
|
||||||
ij_perl5_brace_style_sub = 0
|
ij_perl5_brace_style_sub = 1
|
||||||
ij_perl5_call_parameters_wrap = off
|
ij_perl5_call_parameters_wrap = off
|
||||||
ij_perl5_else_on_new_line = true
|
ij_perl5_else_on_new_line = true
|
||||||
ij_perl5_keep_indents_on_empty_lines = false
|
ij_perl5_keep_indents_on_empty_lines = false
|
||||||
|
|
|
@ -37,9 +37,9 @@ services:
|
||||||
DEPLOYMENT_NAME: "CAcert.org Website (local development)"
|
DEPLOYMENT_NAME: "CAcert.org Website (local development)"
|
||||||
MYSQL_WEBDB_HOSTNAME: db
|
MYSQL_WEBDB_HOSTNAME: db
|
||||||
MYSQL_WEBDB_DATABASE: cacert
|
MYSQL_WEBDB_DATABASE: cacert
|
||||||
CSR_DIRECTORY: /certs/csr
|
CSR_DIRECTORY: /srv/certs/csr
|
||||||
CRT_DIRECTORY: /certs/crt
|
CRT_DIRECTORY: /srv/certs/crt
|
||||||
CRL_DIRECTORY: /certs/crl
|
CRL_DIRECTORY: /srv/certs/crl
|
||||||
DEFAULT_HOSTNAME: www.cacert.localhost
|
DEFAULT_HOSTNAME: www.cacert.localhost
|
||||||
SECURE_HOSTNAME: secure.cacert.localhost
|
SECURE_HOSTNAME: secure.cacert.localhost
|
||||||
TVERIFY_HOSTNAME: tverify.cacert.localhost
|
TVERIFY_HOSTNAME: tverify.cacert.localhost
|
||||||
|
@ -57,7 +57,7 @@ services:
|
||||||
- smtp
|
- smtp
|
||||||
volumes:
|
volumes:
|
||||||
- ./cacert-software:/www
|
- ./cacert-software:/www
|
||||||
- certstaging:/certs
|
- certstaging:/srv/certs
|
||||||
mgr:
|
mgr:
|
||||||
build:
|
build:
|
||||||
context: .
|
context: .
|
||||||
|
@ -99,11 +99,14 @@ services:
|
||||||
CSR_DIRECTORY: /srv/certs/csr
|
CSR_DIRECTORY: /srv/certs/csr
|
||||||
CRT_DIRECTORY: /srv/certs/crt
|
CRT_DIRECTORY: /srv/certs/crt
|
||||||
CRL_DIRECTORY: /srv/certs/crl
|
CRL_DIRECTORY: /srv/certs/crl
|
||||||
|
SMTP_HOST: smtp
|
||||||
volumes:
|
volumes:
|
||||||
- certstaging:/srv/certs
|
- certstaging:/srv/certs
|
||||||
- signersockets:/srv/sockets
|
- signersockets:/srv/sockets
|
||||||
depends_on:
|
depends_on:
|
||||||
- db
|
- db
|
||||||
|
- smtp
|
||||||
|
- signer
|
||||||
signer:
|
signer:
|
||||||
build:
|
build:
|
||||||
context: .
|
context: .
|
||||||
|
|
|
@ -12,14 +12,16 @@ mkdir -p /srv/ca/CA/certs /srv/ca/CA/private /srv/ca/CA/newcerts
|
||||||
cp /srv/testca/root/ca.crt.pem /srv/ca/CA/ca.crt.pem
|
cp /srv/testca/root/ca.crt.pem /srv/ca/CA/ca.crt.pem
|
||||||
cp /srv/testca/root/private/ca.key.pem /srv/ca/CA/private/ca.key.pem
|
cp /srv/testca/root/private/ca.key.pem /srv/ca/CA/private/ca.key.pem
|
||||||
if [ ! -f /srv/ca/CA/index.txt ]; then cp /srv/testca/root/index.txt /srv/ca/CA/index.txt; fi
|
if [ ! -f /srv/ca/CA/index.txt ]; then cp /srv/testca/root/index.txt /srv/ca/CA/index.txt; fi
|
||||||
if [ ! -f /srv/ca/CA/serial ]; then echo 1 > /srv/ca/CA/serial; fi
|
if [ ! -f /srv/ca/CA/index.txt.attr ]; then cp /srv/testca/root/index.txt.attr /srv/ca/CA/index.txt.attr; fi
|
||||||
|
if [ ! -f /srv/ca/CA/serial ]; then echo -n '00' > /srv/ca/CA/serial; fi
|
||||||
if [ ! -f /srv/ca/CA/crlnumber ]; then echo 1000 > /srv/ca/CA/crlnumber; fi
|
if [ ! -f /srv/ca/CA/crlnumber ]; then echo 1000 > /srv/ca/CA/crlnumber; fi
|
||||||
|
|
||||||
mkdir -p /srv/ca/class3/certs /srv/ca/class3/private /srv/ca/class3/newcerts
|
mkdir -p /srv/ca/class3/certs /srv/ca/class3/private /srv/ca/class3/newcerts
|
||||||
cp /srv/testca/class3/ca.crt.pem /srv/ca/class3/ca.crt.pem
|
cp /srv/testca/class3/ca.crt.pem /srv/ca/class3/ca.crt.pem
|
||||||
cp /srv/testca/class3/private/ca.key.pem /srv/ca/class3/private/ca.key.pem
|
cp /srv/testca/class3/private/ca.key.pem /srv/ca/class3/private/ca.key.pem
|
||||||
if [ ! -f /srv/ca/class3/index.txt ]; then cp /srv/testca/class3/index.txt /srv/ca/class3/index.txt; fi
|
if [ ! -f /srv/ca/class3/index.txt ]; then cp /srv/testca/class3/index.txt /srv/ca/class3/index.txt; fi
|
||||||
if [ ! -f /srv/ca/class3/serial ]; then echo 1 > /srv/ca/class3/serial; fi
|
if [ ! -f /srv/ca/class3/index.txt.attr ]; then cp /srv/testca/class3/index.txt.attr /srv/ca/class3/index.txt.attr; fi
|
||||||
|
if [ ! -f /srv/ca/class3/serial ]; then echo -n '00' > /srv/ca/class3/serial; fi
|
||||||
if [ ! -f /srv/ca/class3/crlnumber ]; then echo 1000 > /srv/ca/class3/crlnumber; fi
|
if [ ! -f /srv/ca/class3/crlnumber ]; then echo 1000 > /srv/ca/class3/crlnumber; fi
|
||||||
|
|
||||||
cd /srv/CommModule/
|
cd /srv/CommModule/
|
||||||
|
|
|
@ -1,8 +1,12 @@
|
||||||
FROM debian:jessie
|
FROM debian:jessie
|
||||||
|
|
||||||
|
COPY testca/root/ca.crt.pem /usr/local/share/ca-certificates/testca_root.crt
|
||||||
|
COPY testca/class3/ca.crt.pem /usr/local/share/ca-certificates/testca_class3.crt
|
||||||
|
|
||||||
RUN apt-get update \
|
RUN apt-get update \
|
||||||
&& DEBIAN_FRONTEND=noninteractive \
|
&& DEBIAN_FRONTEND=noninteractive \
|
||||||
apt-get install -y --no-install-recommends \
|
apt-get install -y --no-install-recommends \
|
||||||
|
ca-certificates \
|
||||||
gnupg \
|
gnupg \
|
||||||
libdbd-mysql-perl \
|
libdbd-mysql-perl \
|
||||||
libdbi-perl \
|
libdbi-perl \
|
||||||
|
|
Loading…
Reference in a new issue