jan/cacert-devsetup
1
0
Fork 1
Code Issues Pull requests Releases Wiki Activity

Rename application to webdb

Browse source 
This commit renames the application container to webdb and drops the
test suffix in favour of using www.cacert.localhost directly. The server
certificate for www.cacert.localhost got an additional
subjectAlternativeName secure.cacert.localhost and is used for both
hostnames now.

Environment variables containing _APP have been renamed to _WEBDB to
keep consistency.
This commit is contained in:
Jan Dittberner 2020-12-23 07:17:06 +01:00
parent 714533350b
commit f9b0eb5195
7 changed files with 34 additions and 48 deletions
Download patch file Download diff file Expand all files Collapse all files

0
docker/apache-foreground → docker/apache-webdb-foreground
View file

16
docker/apache-virtualhost.conf → docker/apache-webdb-virtualhost.conf
View file

@ -1,6 +1,5 @@
<VirtualHost *:80>
ServerName test.cacert.localhost
ServerAlias www.test.cacert.localhost
ServerName www.cacert.localhost
DocumentRoot /www/www
ScriptAlias /cgi-bin/ /www/cgi-bin/
@ -15,8 +14,7 @@
</VirtualHost>
<VirtualHost *:443>
ServerName test.cacert.localhost
ServerAlias www.test.cacert.localhost
ServerName www.cacert.localhost
DocumentRoot /www/www
SSLEngine on
@ -24,8 +22,8 @@
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite kEECDH:kEDH:AESGCM:ALL:!3DES!RC4:!LOW:!EXP:!MD5:!aNULL:!eNULL
SSLCertificateFile /etc/apache2/ssl/certs/test.cacert.localhost.crt.pem
SSLCertificateKeyFile /etc/apache2/ssl/private/test.cacert.localhost.key.pem
SSLCertificateFile /etc/apache2/ssl/certs/www.cacert.localhost.crt.pem
SSLCertificateKeyFile /etc/apache2/ssl/private/www.cacert.localhost.key.pem
Header always set Strict-Transport-Security "max-age=31536000"
@ -41,7 +39,7 @@
</VirtualHost>
<VirtualHost *:443>
ServerName secure.test.cacert.localhost
ServerName secure.cacert.localhost
DocumentRoot /www/www
SSLEngine on
@ -49,8 +47,8 @@
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite kEECDH:kEDH:AESGCM:ALL:!3DES!RC4:!LOW:!EXP:!MD5:!aNULL:!eNULL
SSLCertificateFile /etc/apache2/ssl/certs/secure.test.cacert.localhost.crt.pem
SSLCertificateKeyFile /etc/apache2/ssl/private/secure.test.cacert.localhost.key.pem
SSLCertificateFile /etc/apache2/ssl/certs/www.cacert.localhost.crt.pem
SSLCertificateKeyFile /etc/apache2/ssl/private/www.cacert.localhost.key.pem
SSLVerifyClient require
SSLVerifyDepth 2

6
docker/initdb.sh
View file

@ -123,9 +123,9 @@ VALUES ('sq_AL', 'Albania', 'Albanian', 'Shqip&euml;ria', 'shqipe'),
EOF
mysql -h localhost -u root "-p$MYSQL_ROOT_PASSWORD" <<-EOF
CREATE USER $MYSQL_APP_USER@'%' IDENTIFIED BY '$MYSQL_APP_PASSWORD';
GRANT CREATE TEMPORARY TABLES ON cacert.* TO $MYSQL_APP_USER@'%';
GRANT SELECT, INSERT, UPDATE, DELETE ON cacert.* TO $MYSQL_APP_USER@'%';
CREATE USER $MYSQL_WEBDB_USER@'%' IDENTIFIED BY '$MYSQL_WEBDB_PASSWORD';
GRANT CREATE TEMPORARY TABLES ON cacert.* TO $MYSQL_WEBDB_USER@'%';
GRANT SELECT, INSERT, UPDATE, DELETE ON cacert.* TO $MYSQL_WEBDB_USER@'%';
CREATE USER $MYSQL_MGR_USER@'%' IDENTIFIED BY '$MYSQL_MGR_PASSWORD';
GRANT SELECT, INSERT, UPDATE, DELETE ON mgr.* TO $MYSQL_MGR_USER@'%';