Add test mgr setup
This commit is contained in:
Jan Dittberner
parent
8e7f8c3d46
commit
30ddadd954
14 changed files with 345 additions and 64 deletions
|
|
@ -4,16 +4,6 @@ set -eux
|
|||
# Apache gets grumpy about PID files pre-existing
|
||||
rm -f /run/apache2/apache2.pid
|
||||
|
||||
cp /usr/local/etc/testca/certs/test.cacert.localhost.crt.pem /etc/ssl/certs/
|
||||
cp /usr/local/etc/testca/certs/test.cacert.localhost.key.pem /etc/ssl/private/
|
||||
(
|
||||
openssl x509 -in /usr/local/etc/testca/class3/ca.crt.pem
|
||||
openssl x509 -in /usr/local/etc/testca/root/ca.crt.pem
|
||||
) >/etc/ssl/certs/combined.crt
|
||||
|
||||
cp /usr/local/etc/testca/certs/secure.test.cacert.localhost.crt.pem /etc/ssl/certs/
|
||||
cp /usr/local/etc/testca/certs/secure.test.cacert.localhost.key.pem /etc/ssl/private/
|
||||
|
||||
cp /usr/local/etc/application/feed.rss /www/pages/index/feed.rss
|
||||
|
||||
make -C /www/locale
|
||||
|
|
|
|||
17
docker/apache-mgr-foreground
Executable file
17
docker/apache-mgr-foreground
Executable file
|
|
@ -0,0 +1,17 @@
|
|||
#!/bin/sh
|
||||
set -eux
|
||||
|
||||
# Apache gets grumpy about PID files pre-existing
|
||||
rm -f /run/apache2/apache2.pid
|
||||
|
||||
sed "s/@MYSQL_MGR_USER@/${MYSQL_MGR_USER}/g; s/@MYSQL_MGR_PASSWORD@/${MYSQL_MGR_PASSWORD}/g" \
|
||||
/usr/local/etc/mgr-application.ini > /var/www/manager/application/configs/application.ini
|
||||
|
||||
mysql -u "${MYSQL_MGR_USER}" -h db "-p${MYSQL_MGR_PASSWORD}" mgr <<-EOF
|
||||
REPLACE INTO system_user (id, system_role_id, login, user_client_crt_s_dn_i_dn)
|
||||
VALUES (2, 2,'${CLIENT_CERT_EMAIL}','/CN=${CLIENT_CERT_USERNAME}///C=AU/O=CAcert Inc./CN=Class 3 Test CA');
|
||||
EOF
|
||||
|
||||
apache2ctl start "$@"
|
||||
|
||||
exec tail -F --follow=name --retry /var/log/apache2/error.log
|
||||
21
docker/apache-mgr-virtualhost.conf
Normal file
21
docker/apache-mgr-virtualhost.conf
Normal file
|
|
@ -0,0 +1,21 @@
|
|||
<VirtualHost *:443>
|
||||
ServerName mgr.cacert.localhost
|
||||
ServerAlias www.mgr.cacert.localhost
|
||||
DocumentRoot /var/www/manager/public
|
||||
|
||||
SSLEngine on
|
||||
SSLStrictSNIVHostCheck on
|
||||
SSLProtocol all -SSLv2 -SSLv3 -TLSv1
|
||||
SSLHonorCipherOrder on
|
||||
SSLCipherSuite kEECDH:kEDH:AESGCM:ALL:!3DES!RC4:!LOW:!EXP:!MD5:!aNULL:!eNULL
|
||||
SSLCertificateFile /etc/ssl/certs/mgr.cacert.localhost.crt.pem
|
||||
SSLCertificateKeyFile /etc/ssl/private/mgr.cacert.localhost.key.pem
|
||||
SSLCertificateChainFile /etc/ssl/certs/combined.crt
|
||||
|
||||
SSLCACertificateFile /etc/ssl/certs/combined.crt
|
||||
SSLVerifyClient require
|
||||
SSLVerifyDepth 2
|
||||
SSLOptions +StdEnvVars
|
||||
|
||||
Header always set Strict-Transport-Security "max-age=31536000"
|
||||
</VirtualHost>
|
||||
|
|
@ -4,15 +4,15 @@ set -eux
|
|||
|
||||
mysql -h localhost -u root "-p$MYSQL_ROOT_PASSWORD" <<-EOF
|
||||
CREATE database cacert CHARSET latin1 COLLATE latin1_swedish_ci;
|
||||
CREATE USER $MYSQL_APP_USER@'%' IDENTIFIED BY '$MYSQL_APP_PASSWORD';
|
||||
GRANT CREATE TEMPORARY TABLES ON cacert.* TO $MYSQL_APP_USER@'%';
|
||||
GRANT SELECT, INSERT, UPDATE, DELETE ON cacert.* TO $MYSQL_APP_USER@'%';
|
||||
CREATE database mgr CHARSET utf8 COLLATE utf8_unicode_ci;
|
||||
EOF
|
||||
|
||||
for script in /db_migrations/*.sh; do
|
||||
sh "$script" -h localhost -u root "-p$MYSQL_ROOT_PASSWORD" cacert
|
||||
done
|
||||
|
||||
mysql -h localhost -u root "-p$MYSQL_ROOT_PASSWORD" mgr </mgr_dbadm/ca_mgr.mysql
|
||||
|
||||
mysql -h localhost -u root "-p$MYSQL_ROOT_PASSWORD" cacert <<-'EOF'
|
||||
INSERT INTO languages (locale, en_co, en_lang, country, lang)
|
||||
VALUES ('sq_AL', 'Albania', 'Albanian', 'Shqipëria', 'shqipe'),
|
||||
|
|
@ -114,4 +114,15 @@ VALUES ('sq_AL', 'Albania', 'Albanian', 'Shqipëria', 'shqipe'),
|
|||
('es_VE', 'Venezuela', 'Spanish', 'Venezuela', 'Español'),
|
||||
('vi_VN', 'Vietnam', 'Vietnamese', 'Việt Nam', 'Tiểng Việt'),
|
||||
('ar_YE', 'Yemen', 'Arabic', 'ﻦﻤﻴﻠﺍ', 'ﺔﻴﺐﺮﻌﻠﺍ');
|
||||
EOF
|
||||
EOF
|
||||
|
||||
mysql -h localhost -u root "-p$MYSQL_ROOT_PASSWORD" <<-EOF
|
||||
CREATE USER $MYSQL_APP_USER@'%' IDENTIFIED BY '$MYSQL_APP_PASSWORD';
|
||||
GRANT CREATE TEMPORARY TABLES ON cacert.* TO $MYSQL_APP_USER@'%';
|
||||
GRANT SELECT, INSERT, UPDATE, DELETE ON cacert.* TO $MYSQL_APP_USER@'%';
|
||||
|
||||
CREATE USER $MYSQL_MGR_USER@'%' IDENTIFIED BY '$MYSQL_MGR_PASSWORD';
|
||||
GRANT CREATE TEMPORARY TABLES ON mgr.* TO $MYSQL_MGR_USER@'%';
|
||||
GRANT SELECT, INSERT, UPDATE, DELETE ON mgr.* TO $MYSQL_MGR_USER@'%';
|
||||
GRANT SELECT, INSERT, UPDATE, DELETE ON cacert.users TO $MYSQL_MGR_USER@'%';
|
||||
EOF
|
||||
|
|
|
|||
57
docker/mgr-application.ini
Normal file
57
docker/mgr-application.ini
Normal file
|
|
@ -0,0 +1,57 @@
|
|||
[production]
|
||||
phpSettings.display_startup_errors = 1
|
||||
phpSettings.display_errors = 1
|
||||
includePaths.library = LIBRARY_PATH
|
||||
bootstrap.path = APPLICATION_PATH "/Bootstrap.php"
|
||||
bootstrap.class = "Bootstrap"
|
||||
resources.frontController.controllerDirectory = APPLICATION_PATH "/controllers"
|
||||
resources.frontController.noViewRenderer = 0
|
||||
resources.frontController.noErrorHandler = 0
|
||||
resources.frontController.useDefaultControllerAlways = 0
|
||||
resources.layout.layoutPath = APPLICATION_PATH "/layouts/scripts"
|
||||
resources.view[] =
|
||||
autoloadernamespaces.0 = "CAcert_"
|
||||
|
||||
; Database settings for Session DB
|
||||
ca_mgr.db.session.pdo = "Pdo_Mysql"
|
||||
ca_mgr.db.session.autocleanup = 1
|
||||
ca_mgr.db.session.host = "db"
|
||||
ca_mgr.db.session.username = "@MYSQL_MGR_USER@"
|
||||
ca_mgr.db.session.password = "@MYSQL_MGR_PASSWORD@"
|
||||
ca_mgr.db.session.dbname = "mgr"
|
||||
|
||||
; Database settings for Auth DB (CACert User Table)
|
||||
ca_mgr.db.auth.pdo = "Pdo_Mysql"
|
||||
ca_mgr.db.auth.host = "db"
|
||||
ca_mgr.db.auth.username = "@MYSQL_MGR_USER@"
|
||||
ca_mgr.db.auth.password = "@MYSQL_MGR_PASSWORD@"
|
||||
ca_mgr.db.auth.dbname = "cacert"
|
||||
ca_mgr.db.auth.tablename = "users"
|
||||
|
||||
; Database settings for Auth DB (Manager User Table)
|
||||
ca_mgr.db.auth2.pdo = "Pdo_Mysql"
|
||||
ca_mgr.db.auth2.host = "db"
|
||||
ca_mgr.db.auth2.username = "@MYSQL_MGR_USER@"
|
||||
ca_mgr.db.auth2.password = "@MYSQL_MGR_PASSWORD@"
|
||||
ca_mgr.db.auth2.dbname = "mgr"
|
||||
ca_mgr.db.auth2.tablename = "system_user"
|
||||
|
||||
; Database settings for Config DB (access to system_config and dnssecme data tables)
|
||||
ca_mgr.db.config.pdo = "Pdo_Mysql"
|
||||
ca_mgr.db.config.host = "db"
|
||||
ca_mgr.db.config.username = "@MYSQL_MGR_USER@"
|
||||
ca_mgr.db.config.password = "@MYSQL_MGR_PASSWORD@"
|
||||
ca_mgr.db.config.dbname = "mgr"
|
||||
|
||||
; Application name for logger
|
||||
log.application = "web"
|
||||
|
||||
[staging : production]
|
||||
|
||||
[testing : production]
|
||||
phpSettings.display_startup_errors = 1
|
||||
phpSettings.display_errors = 1
|
||||
|
||||
[development : production]
|
||||
phpSettings.display_startup_errors = 1
|
||||
phpSettings.display_errors = 1
|
||||
4
docker/run-dovecot
Executable file
4
docker/run-dovecot
Executable file
|
|
@ -0,0 +1,4 @@
|
|||
#!/bin/sh
|
||||
set -eu
|
||||
|
||||
dovecot -F
|
||||
|
|
@ -4,4 +4,4 @@ set -eu
|
|||
mkdir -p /home/catchall/Maildir/tmp /home/catchall/Maildir/new /home/catchall/Maildir/cur
|
||||
chown -Rc catchall.catchall /home/catchall/Maildir
|
||||
|
||||
postfix start-fg
|
||||
postfix start-fg
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue