tuxmain/rust-rpxy
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #190 from akostadinov/develop

Browse source 
custom CAs also in alpine
This commit is contained in:
Jun Kurihara 2024-09-20 11:08:11 +09:00 committed by GitHub
commit 7458ca8e7f
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 4 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
docker/README.md
View file

@ -19,7 +19,7 @@ See [`docker-compose.yml`](./docker-compose.yml) for the detailed configuration.
## Custom CAs for upstream TLS connections ## Custom CAs for upstream TLS connections
To add a custom certificate, you must use a non-`slim` non-`webpki` image. Then mount `/usr/local/share/ca-certificates` in the container with your desired CAs each in a file like `myca.crt`. The certificates are accepted in PEM format but file extension must be `crt`. To add a custom certificate, you must use a non-`webpki` image. Then mount `/usr/local/share/ca-certificates` in the container with your desired CAs each in a file like `myca.crt`. The certificates are accepted in PEM format but file extension must be `crt`.
e.g. `-v rpxy/ca-certificates:/usr/local/share/ca-certificates` e.g. `-v rpxy/ca-certificates:/usr/local/share/ca-certificates`

5
docker/entrypoint.sh
View file

@ -62,8 +62,6 @@ EOF
####################################### #######################################
function setup_ubuntu () { function setup_ubuntu () {
update-ca-certificates
id ${USER} > /dev/null id ${USER} > /dev/null
# Check the existence of the user, if not exist, create it. # Check the existence of the user, if not exist, create it.
if [ $? -eq 1 ]; then if [ $? -eq 1 ]; then
@ -131,6 +129,9 @@ else
exit 1 exit 1
fi fi
# Add user CAs to OS trusted CA store (does not affect webpki)
update-ca-certificates
# Check the given user and its uid:gid # Check the given user and its uid:gid
if [ $(id -u ${USER}) -ne ${USER_ID} -a $(id -g ${USER}) -ne ${GROUP_ID} ]; then if [ $(id -u ${USER}) -ne ${USER_ID} -a $(id -g ${USER}) -ne ${GROUP_ID} ]; then
echo "${USER} exists or was previously created. However, its uid and gid are inconsistent. Please recreate your container." echo "${USER} exists or was previously created. However, its uid and gid are inconsistent. Please recreate your container."