From fd39d4adce093591589354a18671068ab7eab719 Mon Sep 17 00:00:00 2001
From: Jan Dittberner <jandd@cacert.org>
Date: Fri, 25 Dec 2020 08:13:22 +0100
Subject: [PATCH 1/2] Add a signer variant with ancient base image

The production signer is using a really old base OS (Debian 4.0 Etch or
5.0 Lenny) with some packages like openssl from Debian 6.0 Stretch. This
commit uses the oldest available Docker base image to make a somewhat
reproducible variant of this OS.
---
 signer.Dockerfile | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/signer.Dockerfile b/signer.Dockerfile
index 448dff2..d1d8227 100644
--- a/signer.Dockerfile
+++ b/signer.Dockerfile
@@ -1,8 +1,10 @@
-FROM debian:jessie
+# should be etch or lenny but dockerhub doesn't have such old versions
+FROM debian:squeeze
 
-RUN apt-get update \
+RUN echo "deb http://archive.debian.org/debian squeeze main" > /etc/apt/sources.list ; \
+    apt-get -o=Acquire::AllowInsecureRepositories=true update \
     && DEBIAN_FRONTEND=noninteractive \
-    apt-get install -y --no-install-recommends \
+    apt-get -o=APT::Get::AllowUnauthenticated=true install -y --no-install-recommends \
     gnupg \
     libdevice-serialport-perl \
     libdigest-sha-perl \

From e575eed7ff82aa8b817b1a2ad3944462f94a0be7 Mon Sep 17 00:00:00 2001
From: Jan Dittberner <jan@dittberner.info>
Date: Fri, 23 Apr 2021 17:01:12 +0200
Subject: [PATCH 2/2] Add proper quotes to .env file

---
 README.md | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index 586ac73..d0a4ac8 100644
--- a/README.md
+++ b/README.md
@@ -55,17 +55,17 @@ Variable | Usage
 
 
 ```shell
-echo "CATCHALL_MAILBOX_PASSWORD=$(openssl rand -base64 18)
+echo "CATCHALL_MAILBOX_PASSWORD='$(openssl rand -base64 18)'
 CLIENT_CERT_EMAIL=user@example.org
-CLIENT_CERT_PASSWORD=$(openssl rand -base64 18)
-CLIENT_CERT_USERNAME="John Doe"
-MYSQL_WEBDB_PASSWORD=$(openssl rand -base64 18)
+CLIENT_CERT_PASSWORD='$(openssl rand -base64 18)'
+CLIENT_CERT_USERNAME='John Doe'
+MYSQL_WEBDB_PASSWORD='$(openssl rand -base64 18)'
 MYSQL_WEBDB_USER=cacert_dev
-MYSQL_CATS_PASSWORD=$(openssl rand -base64 18)
+MYSQL_CATS_PASSWORD='$(openssl rand -base64 18)'
 MYSQL_CATS_USER=cats
-MYSQL_MGR_PASSWORD=$(openssl rand -base64 18)
+MYSQL_MGR_PASSWORD='$(openssl rand -base64 18)'
 MYSQL_MGR_USER=cacert_mgr
-MYSQL_ROOT_PASSWORD=$(openssl rand -base64 18)" > .env
+MYSQL_ROOT_PASSWORD='$(openssl rand -base64 18)'" | sed 's@/@_@g' > .env
 ./setup_test_ca.sh
 docker-compose up
 ```