diff --git a/README.md b/README.md
index 43588fe..586ac73 100644
--- a/README.md
+++ b/README.md
@@ -45,13 +45,13 @@ Variable | Usage
`CLIENT_CERT_PASSWORD` | password used to encrypt `testca/certs/testclient.p12`
`CLIENT_CERT_USERNAME` | full name for a user that is included in the CN field of the subject distinguished name in the test client certificate
`CLIENT_CERT_USERNAME` | user name for client certificate generated by `setup_test_ca.sh`
-`MYSQL_APP_PASSWORD` | Database password for webdb
-`MYSQL_APP_USER` | Database user for webdb
`MYSQL_CATS_PASSWORD` | Database password for cats
`MYSQL_CATS_USER` | Database user for cats
`MYSQL_MGR_PASSWORD` | Database password for the test manager
`MYSQL_MGR_USER` | Database user for the test manager
`MYSQL_ROOT_PASSWORD` | Database root password
+`MYSQL_WEBDB_PASSWORD` | Database password for webdb
+`MYSQL_WEBDB_USER` | Database user for webdb
```shell
@@ -59,8 +59,8 @@ echo "CATCHALL_MAILBOX_PASSWORD=$(openssl rand -base64 18)
CLIENT_CERT_EMAIL=user@example.org
CLIENT_CERT_PASSWORD=$(openssl rand -base64 18)
CLIENT_CERT_USERNAME="John Doe"
-MYSQL_APP_PASSWORD=$(openssl rand -base64 18)
-MYSQL_APP_USER=cacert_dev
+MYSQL_WEBDB_PASSWORD=$(openssl rand -base64 18)
+MYSQL_WEBDB_USER=cacert_dev
MYSQL_CATS_PASSWORD=$(openssl rand -base64 18)
MYSQL_CATS_USER=cats
MYSQL_MGR_PASSWORD=$(openssl rand -base64 18)
@@ -71,7 +71,7 @@ docker-compose up
```
After these steps you should be able to reach the CAcert application at
-https://test.cacert.localhost:8443/. The test manager application is reachable
+https://www.cacert.localhost:8443/. The test manager application is reachable
at https://mgr.cacert.localhost:9443/. CATS is reachable at
https://cats.cacert.localhost:7443/. The magic hostname resolution works on
systems using systemd's nss module for host resolution. If you do not have that
diff --git a/docker-compose.yml b/docker-compose.yml
index 97c5c3e..ff62842 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -29,19 +29,19 @@ services:
- maildir:/home/catchall/Maildir
env_file:
- ./.env
- application:
+ webdb:
build:
context: .
- dockerfile: application.Dockerfile
+ dockerfile: webdb.Dockerfile
environment:
DEPLOYMENT_NAME: "CAcert.org Website (local development)"
- MYSQL_APP_HOSTNAME: db
- MYSQL_APP_DATABASE: cacert
+ MYSQL_WEBDB_HOSTNAME: db
+ MYSQL_WEBDB_DATABASE: cacert
CSR_DIRECTORY: /csr
CRT_DIRECTORY: /crt
- DEFAULT_HOSTNAME: test.cacert.localhost
- SECURE_HOSTNAME: secure.test.cacert.localhost
- TVERIFY_HOSTNAME: tverify.test.cacert.localhost
+ DEFAULT_HOSTNAME: www.cacert.localhost
+ SECURE_HOSTNAME: secure.cacert.localhost
+ TVERIFY_HOSTNAME: tverify.cacert.localhost
INSECURE_PORT: 8080
SECURE_PORT: 8443
RETURN_ADDRESS: "returns@cacert.localhost"
diff --git a/docker/apache-foreground b/docker/apache-webdb-foreground
similarity index 100%
rename from docker/apache-foreground
rename to docker/apache-webdb-foreground
diff --git a/docker/apache-virtualhost.conf b/docker/apache-webdb-virtualhost.conf
similarity index 79%
rename from docker/apache-virtualhost.conf
rename to docker/apache-webdb-virtualhost.conf
index dbcf0f5..c001561 100644
--- a/docker/apache-virtualhost.conf
+++ b/docker/apache-webdb-virtualhost.conf
@@ -1,6 +1,5 @@
- ServerName test.cacert.localhost
- ServerAlias www.test.cacert.localhost
+ ServerName www.cacert.localhost
DocumentRoot /www/www
ScriptAlias /cgi-bin/ /www/cgi-bin/
@@ -15,8 +14,7 @@
- ServerName test.cacert.localhost
- ServerAlias www.test.cacert.localhost
+ ServerName www.cacert.localhost
DocumentRoot /www/www
SSLEngine on
@@ -24,8 +22,8 @@
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite kEECDH:kEDH:AESGCM:ALL:!3DES!RC4:!LOW:!EXP:!MD5:!aNULL:!eNULL
- SSLCertificateFile /etc/apache2/ssl/certs/test.cacert.localhost.crt.pem
- SSLCertificateKeyFile /etc/apache2/ssl/private/test.cacert.localhost.key.pem
+ SSLCertificateFile /etc/apache2/ssl/certs/www.cacert.localhost.crt.pem
+ SSLCertificateKeyFile /etc/apache2/ssl/private/www.cacert.localhost.key.pem
Header always set Strict-Transport-Security "max-age=31536000"
@@ -41,7 +39,7 @@
- ServerName secure.test.cacert.localhost
+ ServerName secure.cacert.localhost
DocumentRoot /www/www
SSLEngine on
@@ -49,8 +47,8 @@
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite kEECDH:kEDH:AESGCM:ALL:!3DES!RC4:!LOW:!EXP:!MD5:!aNULL:!eNULL
- SSLCertificateFile /etc/apache2/ssl/certs/secure.test.cacert.localhost.crt.pem
- SSLCertificateKeyFile /etc/apache2/ssl/private/secure.test.cacert.localhost.key.pem
+ SSLCertificateFile /etc/apache2/ssl/certs/www.cacert.localhost.crt.pem
+ SSLCertificateKeyFile /etc/apache2/ssl/private/www.cacert.localhost.key.pem
SSLVerifyClient require
SSLVerifyDepth 2
diff --git a/docker/initdb.sh b/docker/initdb.sh
index bca293f..fdec50b 100755
--- a/docker/initdb.sh
+++ b/docker/initdb.sh
@@ -123,9 +123,9 @@ VALUES ('sq_AL', 'Albania', 'Albanian', 'Shqipëria', 'shqipe'),
EOF
mysql -h localhost -u root "-p$MYSQL_ROOT_PASSWORD" <<-EOF
-CREATE USER $MYSQL_APP_USER@'%' IDENTIFIED BY '$MYSQL_APP_PASSWORD';
-GRANT CREATE TEMPORARY TABLES ON cacert.* TO $MYSQL_APP_USER@'%';
-GRANT SELECT, INSERT, UPDATE, DELETE ON cacert.* TO $MYSQL_APP_USER@'%';
+CREATE USER $MYSQL_WEBDB_USER@'%' IDENTIFIED BY '$MYSQL_WEBDB_PASSWORD';
+GRANT CREATE TEMPORARY TABLES ON cacert.* TO $MYSQL_WEBDB_USER@'%';
+GRANT SELECT, INSERT, UPDATE, DELETE ON cacert.* TO $MYSQL_WEBDB_USER@'%';
CREATE USER $MYSQL_MGR_USER@'%' IDENTIFIED BY '$MYSQL_MGR_PASSWORD';
GRANT SELECT, INSERT, UPDATE, DELETE ON mgr.* TO $MYSQL_MGR_USER@'%';
diff --git a/setup_test_ca.sh b/setup_test_ca.sh
index 5968215..6b9a5fc 100755
--- a/setup_test_ca.sh
+++ b/setup_test_ca.sh
@@ -192,26 +192,14 @@ if [ ! -f certs/mgr.cacert.localhost.crt.pem ]; then
-extensions server_ext \
-batch
fi
-if [ ! -f certs/secure.test.cacert.localhost.crt.pem ]; then
- openssl req -new -keyout certs/secure.test.cacert.localhost.key.pem -nodes \
- -out certs/secure.test.cacert.localhost.csr.pem -subj "/CN=secure.test.cacert.localhost" \
- -addext "subjectAltName=DNS:secure.test.cacert.localhost"
+if [ ! -f certs/www.cacert.localhost.crt.pem ]; then
+ openssl req -new -keyout certs/www.cacert.localhost.key.pem -nodes \
+ -out certs/www.cacert.localhost.csr.pem -subj "/CN=www.cacert.localhost" \
+ -addext "subjectAltName=DNS:www.cacert.localhost,DNS:secure.cacert.localhost"
openssl ca -config ca.cnf \
-name class3_ca \
- -in certs/secure.test.cacert.localhost.csr.pem \
- -out certs/secure.test.cacert.localhost.crt.pem \
- -rand_serial \
- -extensions server_ext \
- -batch
-fi
-if [ ! -f certs/test.cacert.localhost.crt.pem ]; then
- openssl req -new -keyout certs/test.cacert.localhost.key.pem -nodes \
- -out certs/test.cacert.localhost.csr.pem -subj "/CN=test.cacert.localhost" \
- -addext "subjectAltName=DNS:test.cacert.localhost,DNS:www.test.cacert.localhost"
- openssl ca -config ca.cnf \
- -name class3_ca \
- -in certs/test.cacert.localhost.csr.pem \
- -out certs/test.cacert.localhost.crt.pem \
+ -in certs/www.cacert.localhost.csr.pem \
+ -out certs/www.cacert.localhost.crt.pem \
-rand_serial \
-extensions server_ext \
-batch
diff --git a/application.Dockerfile b/webdb.Dockerfile
similarity index 78%
rename from application.Dockerfile
rename to webdb.Dockerfile
index 58eadb3..0df244a 100644
--- a/application.Dockerfile
+++ b/webdb.Dockerfile
@@ -39,21 +39,21 @@ RUN apt-get update \
STOPSIGNAL SIGWINCH
-COPY docker/apache-foreground /usr/local/bin/
+COPY docker/apache-webdb-foreground /usr/local/bin/
COPY testca/root/ca.crt.pem /usr/local/share/ca-certificates/testca_root.crt
COPY testca/class3/ca.crt.pem /usr/local/share/ca-certificates/testca_class3.crt
-COPY testca/certs/test.cacert.localhost.crt.pem testca/certs/secure.test.cacert.localhost.crt.pem /etc/apache2/ssl/certs/
-COPY testca/certs/test.cacert.localhost.key.pem testca/certs/secure.test.cacert.localhost.key.pem /etc/apache2/ssl/private/
+COPY testca/certs/www.cacert.localhost.crt.pem /etc/apache2/ssl/certs/
+COPY testca/certs/www.cacert.localhost.key.pem /etc/apache2/ssl/private/
COPY testca/certs/cachain.crt.pem /etc/ssl/apache2/certs/combined.crt
-COPY docker/apache-virtualhost.conf /etc/apache2/sites-available/
+COPY docker/apache-webdb-virtualhost.conf /etc/apache2/sites-available/www.cacert.localhost.conf
COPY docker/cacert.conf /etc/apache2/conf-available/
COPY docker/php5-cacert.ini /etc/php5/mods-available/cacert.ini
COPY docker/feed.rss /usr/local/etc/application/feed.rss
VOLUME /www
-RUN a2ensite apache-virtualhost ; \
+RUN a2ensite www.cacert.localhost ; \
a2dissite 000-default ; \
a2enconf cacert ; \
a2enmod headers ; \
@@ -68,4 +68,4 @@ RUN a2ensite apache-virtualhost ; \
EXPOSE 80
EXPOSE 443
-CMD ["/usr/local/bin/apache-foreground"]
+CMD ["/usr/local/bin/apache-webdb-foreground"]