forked from jan/cacert-devsetup
Refine local setup
- Add dependencies for gettext and PDF support - add whois and netbase to support whois checks - remove docker/mysql.php because configuration should be done via environment variables - install CAcert CA certificates to allow retrieval of translation data from translations.cacert.org - build i18n files on start of application container - disable broken OCSP stapling for local certificates - add language data during database initialization
This commit is contained in:
parent
c39be2c6c8
commit
ff5ea7dd39
6 changed files with 131 additions and 123 deletions
|
@ -5,16 +5,22 @@ RUN apt-get update \
|
|||
apt-get install -y --no-install-recommends \
|
||||
ca-certificates \
|
||||
curl \
|
||||
gettext \
|
||||
libapache2-mod-php5 \
|
||||
locales-all \
|
||||
mariadb-client \
|
||||
make \
|
||||
netbase \
|
||||
nullmailer \
|
||||
php-apc \
|
||||
php-fpdf \
|
||||
php-gettext \
|
||||
php-mail \
|
||||
php-mail-mime \
|
||||
php-mail-mimedecode \
|
||||
php-net-smtp \
|
||||
php-net-socket \
|
||||
php-tcpdf \
|
||||
php5-apcu \
|
||||
php5-curl \
|
||||
php5-gd \
|
||||
|
@ -27,6 +33,7 @@ RUN apt-get update \
|
|||
php5-recode \
|
||||
psmisc \
|
||||
wamerican \
|
||||
whois \
|
||||
&& apt-get clean \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
|
@ -34,7 +41,6 @@ STOPSIGNAL SIGWINCH
|
|||
|
||||
COPY docker/apache-foreground /usr/local/bin/
|
||||
COPY testca/ /usr/local/etc/testca/
|
||||
COPY docker/mysql.php /usr/local/etc/application/mysql.php
|
||||
COPY docker/apache-virtualhost.conf /etc/apache2/sites-available/
|
||||
COPY docker/cacert.conf /etc/apache2/conf-available/
|
||||
COPY docker/php5-cacert.ini /etc/php5/mods-available/cacert.ini
|
||||
|
@ -48,7 +54,11 @@ RUN a2ensite apache-virtualhost ; \
|
|||
a2enmod headers ; \
|
||||
a2enmod rewrite ; \
|
||||
a2enmod ssl ; \
|
||||
ln -s /etc/php5/mods-available/cacert.ini /etc/php5/apache2/conf.d/20-cacert.ini
|
||||
ln -s /etc/php5/mods-available/cacert.ini /etc/php5/apache2/conf.d/20-cacert.ini ; \
|
||||
cd /usr/local/share/ca-certificates ; \
|
||||
curl -O http://www.cacert.org/certs/root_X0F.crt ; \
|
||||
curl -O http://www.cacert.org/certs/class3_X0E.crt ; \
|
||||
update-ca-certificates
|
||||
|
||||
EXPOSE 80
|
||||
EXPOSE 443
|
||||
|
|
|
@ -23,6 +23,19 @@ services:
|
|||
build:
|
||||
context: .
|
||||
dockerfile: application.Dockerfile
|
||||
environment:
|
||||
DEPLOYMENT_NAME: "CAcert.org Website (local development)"
|
||||
MYSQL_APP_HOSTNAME: db
|
||||
MYSQL_APP_DATABASE: cacert
|
||||
CSR_DIRECTORY: /csr
|
||||
CRT_DIRECTORY: /crt
|
||||
DEFAULT_HOSTNAME: test.cacert.localhost
|
||||
SECURE_HOSTNAME: secure.test.cacert.localhost
|
||||
TVERIFY_HOSTNAME: tverify.test.cacert.localhost
|
||||
INSECURE_PORT: 8080
|
||||
SECURE_PORT: 8443
|
||||
RETURN_ADDRESS: "returns@cacert.localhost"
|
||||
SMTP_HOST: smtp
|
||||
env_file:
|
||||
- ./.env
|
||||
ports:
|
||||
|
|
|
@ -14,14 +14,10 @@ cp /usr/local/etc/testca/certs/test.cacert.localhost.key.pem /etc/ssl/private/
|
|||
cp /usr/local/etc/testca/certs/secure.test.cacert.localhost.crt.pem /etc/ssl/certs/
|
||||
cp /usr/local/etc/testca/certs/secure.test.cacert.localhost.key.pem /etc/ssl/private/
|
||||
|
||||
sed -i "s/@MYSQL_USERNAME@/$MYSQL_APP_USER/g; s/@MYSQL_PASSWORD@/$MYSQL_APP_PASSWORD/g" \
|
||||
/usr/local/etc/application/mysql.php
|
||||
if [ ! -f /www/includes/mysql.php ]; then
|
||||
rm -f /www/includes/mysql.php
|
||||
cp /usr/local/etc/application/mysql.php /www/includes/mysql.php
|
||||
fi
|
||||
cp /usr/local/etc/application/feed.rss /www/pages/index/feed.rss
|
||||
|
||||
make -C /www/locale
|
||||
|
||||
apache2ctl start "$@"
|
||||
|
||||
exec tail -F --follow=name --retry /var/log/apache2/error.log /var/log/apache2/phperror.log
|
||||
|
|
|
@ -46,7 +46,7 @@ AddDefaultCharset on
|
|||
|
||||
<IfModule mod_ssl.c>
|
||||
# OCSP Stapling, only in httpd 2.3.3 and later
|
||||
SSLUseStapling on
|
||||
SSLUseStapling off
|
||||
SSLStaplingResponderTimeout 5
|
||||
SSLStaplingReturnResponderErrors off
|
||||
SSLStaplingCache shmcb:${APACHE_RUN_DIR}/ocsp(1280000)
|
||||
|
|
103
docker/initdb.sh
103
docker/initdb.sh
|
@ -12,3 +12,106 @@ EOF
|
|||
for script in /db_migrations/*.sh; do
|
||||
sh "$script" -h localhost -u root "-p$MYSQL_ROOT_PASSWORD" cacert
|
||||
done
|
||||
|
||||
mysql -h localhost -u root "-p$MYSQL_ROOT_PASSWORD" cacert <<-'EOF'
|
||||
INSERT INTO languages (locale, en_co, en_lang, country, lang)
|
||||
VALUES ('sq_AL', 'Albania', 'Albanian', 'Shqipëria', 'shqipe'),
|
||||
('ar_DZ', 'Algeria', 'Arabic', 'ﺮﺌﺎﺰﺠﻠﺍ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
|
||||
('ar_AA', 'Arabic Speaking', 'Arabic', 'ﺔﻴﺐﺮﻌﻠﺍ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
|
||||
('es_AR', 'Argentina', 'Spanish', 'Argentina', 'Español'),
|
||||
('en_AU', 'Australia', 'English', 'Australia', 'English'),
|
||||
('de_AT', 'Austria', 'German', 'Österreich', 'Deutsch'),
|
||||
('ar_BH', 'Bahrain', 'Arabic', 'ﻦﻴﺮﺤﺐﻠﺍ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
|
||||
('be_BY', 'Belarus', 'Belarusian', 'Беларусь', 'беларуски'),
|
||||
('nl_BE', 'Belgium', 'Dutch', 'België', 'Nederlands'),
|
||||
('fr_BE', 'Belgium', 'French', 'Belgique', 'français'),
|
||||
('es_BO', 'Bolivia', 'Spanish', 'Bolivia', 'Español'),
|
||||
('sh_BA', 'Bosnia Herzogovina', 'Serbo-Croatian', 'Bosnia Herzogovina', 'Serbo-Croatian'),
|
||||
('pt_BR', 'Brazil', 'Portuguese', 'Brasil', 'Português'),
|
||||
('bg_BG', 'Bulgaria', 'Bulgarian', 'България', 'български'),
|
||||
('en_CA', 'Canada', 'English', 'Canada', 'English'),
|
||||
('fr_CA', 'Canada', 'French', 'Canada', 'français'),
|
||||
('es_CL', 'Chile', 'Spanish', 'Chile', 'Español'),
|
||||
('es_CO', 'Colombia', 'Spanish', 'Colombia', 'Español'),
|
||||
('es_CR', 'Costa Rica', 'Spanish', 'Costa Rica', 'Español'),
|
||||
('hr_HR', 'Croatia', 'Croatian', 'Hrvatska', 'hrvatski'),
|
||||
('cs_CZ', 'Czech Republic', 'Czech', 'Česká republika', 'čeština'),
|
||||
('da_DK', 'Denmark', 'Danish', 'Danmark', 'dansk'),
|
||||
('es_DO', 'Dominican Republic', 'Spanish', 'República Dominicana', 'Español'),
|
||||
('es_EC', 'Ecuador', 'Spanish', 'Ecuador', 'Español'),
|
||||
('ar_EG', 'Egypt', 'Arabic', 'ﺮﺼﻣ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
|
||||
('es_SV', 'El Salvador', 'Spanish', 'El Salvador', 'Español'),
|
||||
('et_EE', 'Estonia', 'Estonian', 'Eesti', 'eesti'),
|
||||
('mk_MK', 'FYR Macedonia', 'Macedonian', 'FYR Macedonia', 'Macedonian'),
|
||||
('fi_FI', 'Finland', 'Finnish', 'Suomi', 'suomi'),
|
||||
('sv_FI', 'Finland', 'Swedish', 'Finland', 'svenska'),
|
||||
('fr_FR', 'France', 'French', 'France', 'français'),
|
||||
('de_DE', 'Germany', 'German', 'Deutschland', 'Deutsch'),
|
||||
('el_GR', 'Greece', 'Greek', 'Ελλάδα', 'ελληνικά'),
|
||||
('es_GT', 'Guatemala', 'Spanish', 'Guatemala', 'Español'),
|
||||
('es_HN', 'Honduras', 'Spanish', 'Honduras', 'Español'),
|
||||
('zh_HK', 'Hong Kong', 'Chinese', '香港', '中文'),
|
||||
('hu_HU', 'Hungary', 'Hungarian', 'Magyarország', 'magyar'),
|
||||
('is_IS', 'Iceland', 'Icelandic', 'Ísland', 'íslenska'),
|
||||
('in_ID', 'Indonesia', 'Indonesian', 'Indonesia', 'Bahasa Indonesia'),
|
||||
('fa_IR', 'Iran', 'Farsi', 'Iran', 'ﻰﺴﺮﺎﻓ'),
|
||||
('en_IE', 'Ireland', 'English', 'Ireland', 'English'),
|
||||
('he_IL', 'Israel', 'Hebrew', 'לארשי', 'תירבע'),
|
||||
('iw_IL', 'Israel', 'Hebrew', 'לארשי', 'תירבע'),
|
||||
('it_IT', 'Italy', 'Italian', 'Italia', 'italiano'),
|
||||
('ja_JP', 'Japan', 'Japanese', '日本', '日本語'),
|
||||
('ar_JO', 'Jordan', 'Arabic', 'ﻦﺪﺮﺄﻠﺍ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
|
||||
('ko_KR', 'Korea', 'Korean', '대한민국', '한국어'),
|
||||
('ar_KW', 'Kuwait', 'Arabic', 'ﺖﻴﻮﻜﻠﺍ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
|
||||
('es_LA', 'Latin America', 'Spanish', 'América latina', 'Español'),
|
||||
('lv_LV', 'Latvia', 'Latvian', 'Latvija', 'latviešu'),
|
||||
('ar_LB', 'Lebanon', 'Arabic', 'ﻦﺎﻨﺐﻟ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
|
||||
('de_LI', 'Liechtenstein', 'German', 'Liechtenstein', 'Deutsch'),
|
||||
('lt_LT', 'Lithuania', 'Lithuanian', 'Lietuva', 'lietuvių'),
|
||||
('fr_LU', 'Luxembourg', 'French', 'Luxembourg', 'français'),
|
||||
('de_LU', 'Luxembourg', 'German', 'Luxemburg', 'Deutsch'),
|
||||
('es_MX', 'Mexico', 'Spanish', 'México', 'Español'),
|
||||
('ar_MA', 'Morocco', 'Arabic', 'ﺔﻴﺐﺮﻐﻤﻠﺍ ﺔﻜﻠﻤﻤﻠﺍ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
|
||||
('nl_NL', 'Netherlands', 'Dutch', 'Nederland', 'Nederlands'),
|
||||
('en_NZ', 'New Zealand', 'English', 'New Zealand', 'English'),
|
||||
('es_NI', 'Nicaragua', 'Spanish', 'Nicarágua', 'Español'),
|
||||
('no_NO', 'Norway', 'Norwegian', 'Norge', 'bokmål'),
|
||||
('ar_OM', 'Oman', 'Arabic', 'ﻦﺎﻤﻋ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
|
||||
('es_PA', 'Panama', 'Spanish', 'Panamá', 'Español'),
|
||||
('es_PY', 'Paraguay', 'Spanish', 'Paraguay', 'Español'),
|
||||
('zh_CN', 'People''s Republic of China', 'Chinese', '中华人民共和国', '中文'),
|
||||
('es_PE', 'Peru', 'Spanish', 'Perú', 'Español'),
|
||||
('pl_PL', 'Poland', 'Polish', 'Polska', 'polski'),
|
||||
('pt_PT', 'Portugal', 'Portuguese', 'Portugal', 'português'),
|
||||
('ar_QA', 'Qatar', 'Arabic', 'ﺮﻄﻗ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
|
||||
('ro_RO', 'Romania', 'Romanian', 'România', 'română'),
|
||||
('ru_RU', 'Russia', 'Russian', 'Россия', 'русский'),
|
||||
('ar_SA', 'Saudi Arabia', 'Arabic', 'ﺔﻴﺪﻮﻌﺴﻠﺍ ﺔﻴﺐﺮﻌﻠﺍ ﺔﻜﻠﻤﻤﻠﺍ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
|
||||
('hr_SP', 'Serbia', 'Romanian', 'Srbija', 'română'),
|
||||
('sr_SP', 'Serbia', 'Serbian (Cyrillic)', 'Југославија', 'српски'),
|
||||
('zh_SG', 'Singapore', 'Chinese', '新加坡', '中文'),
|
||||
('sk_SK', 'Slovakia', 'Slovak', 'Slovenská republika', 'slovenčina'),
|
||||
('sl_SI', 'Slovenia', 'Slovene', 'Slovenija', 'slovenski'),
|
||||
('en_ZA', 'South Africa', 'English', 'South Africa', 'English'),
|
||||
('eu_ES', 'Spain', 'Basque', 'Espainia', 'Euskara'),
|
||||
('ca_ES', 'Spain', 'Catalan', 'Espanya', 'català'),
|
||||
('es_ES', 'Spain', 'Spanish', 'España', 'Español'),
|
||||
('sv_SE', 'Sweden', 'Swedish', 'Sverige', 'svenska'),
|
||||
('fr_CH', 'Switzerland', 'French', 'Suisse', 'français'),
|
||||
('de_CH', 'Switzerland', 'German', 'Schweiz', 'Deutsch'),
|
||||
('it_CH', 'Switzerland', 'Italian', 'Svizzera', 'italiano'),
|
||||
('ar_SY', 'Syria', 'Arabic', 'ﺎﻴﺮﻮﺳ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
|
||||
('zh_TW', 'Taiwan', 'Chinese', '中華民國', '中文'),
|
||||
('th_TH', 'Thailand', 'Thai', 'ไทย', 'ไทย'),
|
||||
('ar_TN', 'Tunisia', 'Arabic', 'ﺲﻨﻮﺗ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
|
||||
('tr_TR', 'Turkey', 'Turkish', 'Türkiye', 'Türkçe'),
|
||||
('ar_UA', 'U.A.E.', 'Arabic', 'ﺔﺪﺤﺘﻤﻠﺍ ﺔﻴﺐﺮﻌﻠﺍ ﺖﺎﺮﺎﻤﺈﻠﺍ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
|
||||
('uk_UA', 'Ukraine', 'Ukrainian', 'Україна', 'україньска'),
|
||||
('en_GB', 'United Kingdom', 'English', 'United Kingdom', 'English'),
|
||||
('en_US', 'United States', 'English', 'United States', 'English'),
|
||||
('es_US', 'United States', 'Spanish', 'Estados Unidos', 'Español'),
|
||||
('es_UY', 'Uruguay', 'Spanish', 'Uruguay', 'Español'),
|
||||
('es_VE', 'Venezuela', 'Spanish', 'Venezuela', 'Español'),
|
||||
('vi_VN', 'Vietnam', 'Vietnamese', 'Việt Nam', 'Tiểng Việt'),
|
||||
('ar_YE', 'Yemen', 'Arabic', 'ﻦﻤﻴﻠﺍ', 'ﺔﻴﺐﺮﻌﻠﺍ');
|
||||
EOF
|
114
docker/mysql.php
114
docker/mysql.php
|
@ -1,114 +0,0 @@
|
|||
<? /*
|
||||
LibreSSL - CAcert web application
|
||||
Copyright (C) 2004-2008 CAcert Inc.
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; version 2 of the License.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
||||
*/
|
||||
|
||||
$_SESSION['mconn'] = mysql_connect("db", "@MYSQL_USERNAME@", "@MYSQL_PASSWORD@");
|
||||
if ($_SESSION['mconn'] != FALSE)
|
||||
{
|
||||
mysql_select_db("cacert");
|
||||
$_SESSION['mconn'] = TRUE;
|
||||
}
|
||||
$_SESSION['_config']['normalhostname'] = "test.cacert.localhost:8443";
|
||||
$_SESSION['_config']['securehostname'] = "secure.test.cacert.localhost:8443";
|
||||
$_SESSION['_config']['tverify'] = "tverify.cacert.localhost";
|
||||
|
||||
function sendmail($to, $subject, $message, $from, $replyto = "", $toname = "", $fromname = "", $errorsto = "returns@cacert.localhost", $use_utf8 = true)
|
||||
{
|
||||
$lines = explode("\n", $message);
|
||||
$message = "";
|
||||
foreach($lines as $line)
|
||||
{
|
||||
$line = trim($line);
|
||||
if($line == ".")
|
||||
$message .= " .\n";
|
||||
else
|
||||
$message .= $line."\n";
|
||||
}
|
||||
|
||||
if($fromname == "")
|
||||
$fromname = $from;
|
||||
|
||||
$bits = explode(",", $from);
|
||||
$from = addslashes($bits['0']);
|
||||
$fromname = addslashes($fromname);
|
||||
|
||||
$smtp = fsockopen("smtp", 25);
|
||||
if(!$smtp)
|
||||
{
|
||||
echo("Could not connect to mailserver at localhost:25\n");
|
||||
return;
|
||||
}
|
||||
$InputBuffer = fgets($smtp, 1024);
|
||||
fputs($smtp, "EHLO test.cacert.localhost\r\n");
|
||||
$InputBuffer = fgets($smtp, 1024);
|
||||
fputs($smtp, "MAIL FROM:<returns@cacert.localhost>\r\n");
|
||||
$InputBuffer = fgets($smtp, 1024);
|
||||
$bits = explode(",", $to);
|
||||
foreach($bits as $user)
|
||||
fputs($smtp, "RCPT TO:<".trim($user).">\r\n");
|
||||
$InputBuffer = fgets($smtp, 1024);
|
||||
fputs($smtp, "DATA\r\n");
|
||||
$InputBuffer = fgets($smtp, 1024);
|
||||
fputs($smtp, "X-Mailer: CAcert.org Website (local development)\r\n");
|
||||
if (array_key_exists("REMOTE_ADDR", $_SERVER))
|
||||
fputs($smtp, "X-OriginatingIP: ".$_SERVER["REMOTE_ADDR"]."\r\n");
|
||||
fputs($smtp, "Sender: $errorsto\r\n");
|
||||
fputs($smtp, "Errors-To: $errorsto\r\n");
|
||||
if($replyto != "")
|
||||
fputs($smtp, "Reply-To: $replyto\r\n");
|
||||
else
|
||||
fputs($smtp, "Reply-To: $from\r\n");
|
||||
fputs($smtp, "From: $from\r\n");
|
||||
fputs($smtp, "To: $to\r\n");
|
||||
if(preg_match("/[^a-zA-Z0-9 .-\[\]!_@]/",$subject))
|
||||
{
|
||||
fputs($smtp, "Subject: =?utf-8?B?".base64_encode(recode("html..utf-8", $subject))."?=\r\n");
|
||||
}
|
||||
else
|
||||
{
|
||||
fputs($smtp, "Subject: $subject\r\n");
|
||||
}
|
||||
fputs($smtp, "Mime-Version: 1.0\r\n");
|
||||
if($use_utf8)
|
||||
{
|
||||
fputs($smtp, "Content-Type: text/plain; charset=\"utf-8\"\r\n");
|
||||
}
|
||||
else
|
||||
{
|
||||
fputs($smtp, "Content-Type: text/plain; charset=\"iso-8859-1\"\r\n");
|
||||
}
|
||||
fputs($smtp, "Content-Transfer-Encoding: quoted-printable\r\n");
|
||||
fputs($smtp, "Content-Disposition: inline\r\n");
|
||||
|
||||
// fputs($smtp, "Content-Transfer-Encoding: BASE64\r\n");
|
||||
fputs($smtp, "\r\n");
|
||||
// fputs($smtp, chunk_split(base64_encode(recode("html..utf-8", $message)))."\r\n.\r\n");
|
||||
$encoded_lines = explode( "\n", str_replace("\r", "", $message) );
|
||||
array_walk( $encoded_lines,
|
||||
function (&$a) {
|
||||
$a = quoted_printable_encode(recode("html..utf-8", $a));
|
||||
});
|
||||
$encoded_message = implode("\n", $encoded_lines);
|
||||
|
||||
$encoded_message = str_replace("\r.", "\r=2E", $encoded_message);
|
||||
$encoded_message = str_replace("\n.", "\n=2E", $encoded_message);
|
||||
fputs($smtp, $encoded_message);
|
||||
fputs($smtp, "\r\n.\r\n");
|
||||
fputs($smtp, "QUIT\n");
|
||||
$InputBuffer = fgets($smtp, 1024);
|
||||
fclose($smtp);
|
||||
}
|
Loading…
Reference in a new issue