From d0d7ba64d9c48930a36d50113cfcb90e1cc6e7d5 Mon Sep 17 00:00:00 2001
From: Jan Dittberner <jandd@cacert.org>
Date: Thu, 24 Dec 2020 08:03:24 +0100
Subject: [PATCH] Improve signer and signer_client setup

---
 .editorconfig            | 12 +++++++-----
 docker-compose.yml       | 11 +++++++----
 docker/run-signer        |  6 ++++--
 signer_client.Dockerfile |  4 ++++
 4 files changed, 22 insertions(+), 11 deletions(-)

diff --git a/.editorconfig b/.editorconfig
index 831f836..a3971e1 100644
--- a/.editorconfig
+++ b/.editorconfig
@@ -33,8 +33,10 @@ ij_css_space_before_opening_brace = true
 ij_css_use_double_quotes = true
 ij_css_value_alignment = do_not_align
 
-[*.pm]
-ij_continuation_indent_size = 4
+[{*.pl,*.pm}]
+indent_size = 2
+tab_width = 2
+ij_continuation_indent_size = 2
 ij_perl5_align_attributes = false
 ij_perl5_align_comments_on_consequent_lines = true
 ij_perl5_align_consecutive_assignments = 0
@@ -52,9 +54,9 @@ ij_perl5_assignment_wrap = off
 ij_perl5_attributes_wrap = 0
 ij_perl5_binary_operation_sign_on_next_line = false
 ij_perl5_binary_operation_wrap = off
-ij_perl5_brace_style_compound = 0
-ij_perl5_brace_style_namespace = 0
-ij_perl5_brace_style_sub = 0
+ij_perl5_brace_style_compound = 1
+ij_perl5_brace_style_namespace = 1
+ij_perl5_brace_style_sub = 1
 ij_perl5_call_parameters_wrap = off
 ij_perl5_else_on_new_line = true
 ij_perl5_keep_indents_on_empty_lines = false
diff --git a/docker-compose.yml b/docker-compose.yml
index bfa4c26..a560efb 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -37,9 +37,9 @@ services:
       DEPLOYMENT_NAME: "CAcert.org Website (local development)"
       MYSQL_WEBDB_HOSTNAME: db
       MYSQL_WEBDB_DATABASE: cacert
-      CSR_DIRECTORY: /certs/csr
-      CRT_DIRECTORY: /certs/crt
-      CRL_DIRECTORY: /certs/crl
+      CSR_DIRECTORY: /srv/certs/csr
+      CRT_DIRECTORY: /srv/certs/crt
+      CRL_DIRECTORY: /srv/certs/crl
       DEFAULT_HOSTNAME: www.cacert.localhost
       SECURE_HOSTNAME: secure.cacert.localhost
       TVERIFY_HOSTNAME: tverify.cacert.localhost
@@ -57,7 +57,7 @@ services:
       - smtp
     volumes:
       - ./cacert-software:/www
-      - certstaging:/certs
+      - certstaging:/srv/certs
   mgr:
     build:
       context: .
@@ -99,11 +99,14 @@ services:
       CSR_DIRECTORY: /srv/certs/csr
       CRT_DIRECTORY: /srv/certs/crt
       CRL_DIRECTORY: /srv/certs/crl
+      SMTP_HOST: smtp
     volumes:
       - certstaging:/srv/certs
       - signersockets:/srv/sockets
     depends_on:
       - db
+      - smtp
+      - signer
   signer:
     build:
       context: .
diff --git a/docker/run-signer b/docker/run-signer
index c977edd..edf1ca0 100755
--- a/docker/run-signer
+++ b/docker/run-signer
@@ -12,14 +12,16 @@ mkdir -p /srv/ca/CA/certs /srv/ca/CA/private /srv/ca/CA/newcerts
 cp /srv/testca/root/ca.crt.pem /srv/ca/CA/ca.crt.pem
 cp /srv/testca/root/private/ca.key.pem /srv/ca/CA/private/ca.key.pem
 if [ ! -f /srv/ca/CA/index.txt ]; then cp /srv/testca/root/index.txt /srv/ca/CA/index.txt; fi
-if [ ! -f /srv/ca/CA/serial ]; then echo 1 > /srv/ca/CA/serial; fi
+if [ ! -f /srv/ca/CA/index.txt.attr ]; then cp /srv/testca/root/index.txt.attr /srv/ca/CA/index.txt.attr; fi
+if [ ! -f /srv/ca/CA/serial ]; then echo -n '00' > /srv/ca/CA/serial; fi
 if [ ! -f /srv/ca/CA/crlnumber ]; then echo 1000 > /srv/ca/CA/crlnumber; fi
 
 mkdir -p /srv/ca/class3/certs /srv/ca/class3/private /srv/ca/class3/newcerts
 cp /srv/testca/class3/ca.crt.pem /srv/ca/class3/ca.crt.pem
 cp /srv/testca/class3/private/ca.key.pem /srv/ca/class3/private/ca.key.pem
 if [ ! -f /srv/ca/class3/index.txt ]; then cp /srv/testca/class3/index.txt /srv/ca/class3/index.txt; fi
-if [ ! -f /srv/ca/class3/serial ]; then echo 1 > /srv/ca/class3/serial; fi
+if [ ! -f /srv/ca/class3/index.txt.attr ]; then cp /srv/testca/class3/index.txt.attr /srv/ca/class3/index.txt.attr; fi
+if [ ! -f /srv/ca/class3/serial ]; then echo -n '00' > /srv/ca/class3/serial; fi
 if [ ! -f /srv/ca/class3/crlnumber ]; then echo 1000 > /srv/ca/class3/crlnumber; fi
 
 cd /srv/CommModule/
diff --git a/signer_client.Dockerfile b/signer_client.Dockerfile
index 2b00748..b0d4ab3 100644
--- a/signer_client.Dockerfile
+++ b/signer_client.Dockerfile
@@ -1,8 +1,12 @@
 FROM debian:jessie
 
+COPY testca/root/ca.crt.pem /usr/local/share/ca-certificates/testca_root.crt
+COPY testca/class3/ca.crt.pem /usr/local/share/ca-certificates/testca_class3.crt
+
 RUN apt-get update \
     && DEBIAN_FRONTEND=noninteractive \
     apt-get install -y --no-install-recommends \
+    ca-certificates \
     gnupg \
     libdbd-mysql-perl \
     libdbi-perl \