Improve signer and signer_client setup

.editorconfig

@@ -33,8 +33,10 @@ ij_css_space_before_opening_brace = true
 ij_css_use_double_quotes = true
 ij_css_value_alignment = do_not_align
 
-[*.pm]
+[{*.pl,*.pm}]
-ij_continuation_indent_size = 4
+indent_size = 2
+tab_width = 2
+ij_continuation_indent_size = 2
 ij_perl5_align_attributes = false
 ij_perl5_align_comments_on_consequent_lines = true
 ij_perl5_align_consecutive_assignments = 0
@@ -52,9 +54,9 @@ ij_perl5_assignment_wrap = off
 ij_perl5_attributes_wrap = 0
 ij_perl5_binary_operation_sign_on_next_line = false
 ij_perl5_binary_operation_wrap = off
-ij_perl5_brace_style_compound = 0
+ij_perl5_brace_style_compound = 1
-ij_perl5_brace_style_namespace = 0
+ij_perl5_brace_style_namespace = 1
-ij_perl5_brace_style_sub = 0
+ij_perl5_brace_style_sub = 1
 ij_perl5_call_parameters_wrap = off
 ij_perl5_else_on_new_line = true
 ij_perl5_keep_indents_on_empty_lines = false

docker-compose.yml

@@ -37,9 +37,9 @@ services:
       DEPLOYMENT_NAME: "CAcert.org Website (local development)"
       MYSQL_WEBDB_HOSTNAME: db
       MYSQL_WEBDB_DATABASE: cacert
-      CSR_DIRECTORY: /certs/csr
+      CSR_DIRECTORY: /srv/certs/csr
-      CRT_DIRECTORY: /certs/crt
+      CRT_DIRECTORY: /srv/certs/crt
-      CRL_DIRECTORY: /certs/crl
+      CRL_DIRECTORY: /srv/certs/crl
       DEFAULT_HOSTNAME: www.cacert.localhost
       SECURE_HOSTNAME: secure.cacert.localhost
       TVERIFY_HOSTNAME: tverify.cacert.localhost
@@ -57,7 +57,7 @@ services:
       - smtp
     volumes:
       - ./cacert-software:/www
-      - certstaging:/certs
+      - certstaging:/srv/certs
   mgr:
     build:
       context: .
@@ -99,11 +99,14 @@ services:
       CSR_DIRECTORY: /srv/certs/csr
       CRT_DIRECTORY: /srv/certs/crt
       CRL_DIRECTORY: /srv/certs/crl
+      SMTP_HOST: smtp
     volumes:
       - certstaging:/srv/certs
       - signersockets:/srv/sockets
     depends_on:
       - db
+      - smtp
+      - signer
   signer:
     build:
       context: .

docker/run-signer

@@ -12,14 +12,16 @@ mkdir -p /srv/ca/CA/certs /srv/ca/CA/private /srv/ca/CA/newcerts
 cp /srv/testca/root/ca.crt.pem /srv/ca/CA/ca.crt.pem
 cp /srv/testca/root/private/ca.key.pem /srv/ca/CA/private/ca.key.pem
 if [ ! -f /srv/ca/CA/index.txt ]; then cp /srv/testca/root/index.txt /srv/ca/CA/index.txt; fi
-if [ ! -f /srv/ca/CA/serial ]; then echo 1 > /srv/ca/CA/serial; fi
+if [ ! -f /srv/ca/CA/index.txt.attr ]; then cp /srv/testca/root/index.txt.attr /srv/ca/CA/index.txt.attr; fi
+if [ ! -f /srv/ca/CA/serial ]; then echo -n '00' > /srv/ca/CA/serial; fi
 if [ ! -f /srv/ca/CA/crlnumber ]; then echo 1000 > /srv/ca/CA/crlnumber; fi
 
 mkdir -p /srv/ca/class3/certs /srv/ca/class3/private /srv/ca/class3/newcerts
 cp /srv/testca/class3/ca.crt.pem /srv/ca/class3/ca.crt.pem
 cp /srv/testca/class3/private/ca.key.pem /srv/ca/class3/private/ca.key.pem
 if [ ! -f /srv/ca/class3/index.txt ]; then cp /srv/testca/class3/index.txt /srv/ca/class3/index.txt; fi
-if [ ! -f /srv/ca/class3/serial ]; then echo 1 > /srv/ca/class3/serial; fi
+if [ ! -f /srv/ca/class3/index.txt.attr ]; then cp /srv/testca/class3/index.txt.attr /srv/ca/class3/index.txt.attr; fi
+if [ ! -f /srv/ca/class3/serial ]; then echo -n '00' > /srv/ca/class3/serial; fi
 if [ ! -f /srv/ca/class3/crlnumber ]; then echo 1000 > /srv/ca/class3/crlnumber; fi
 
 cd /srv/CommModule/

signer_client.Dockerfile

@@ -1,8 +1,12 @@
 FROM debian:jessie
 
+COPY testca/root/ca.crt.pem /usr/local/share/ca-certificates/testca_root.crt
+COPY testca/class3/ca.crt.pem /usr/local/share/ca-certificates/testca_class3.crt
+
 RUN apt-get update \
     && DEBIAN_FRONTEND=noninteractive \
     apt-get install -y --no-install-recommends \
+    ca-certificates \
     gnupg \
     libdbd-mysql-perl \
     libdbi-perl \