paulmataruso/docker-zulip
1
0
Fork 0
mirror of https://github.com/zulip/docker-zulip.git synced 2025-10-31 12:03:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added ZULIP_CERTIFICATE_C/ST/L/O/CN env vars to support easier cert creation

Browse Source
This commit is contained in:
Alexander Trost
2015-10-20 19:17:35 +02:00
parent db9492e9af
commit 477f3b1acc
1 changed files with 22 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
entrypoint.sh
View File

@@ -136,16 +136,35 @@ zulipSetup(){
esac
if [ ! -z "$ZULIP_AUTO_GENERATE_CERTS" ] && [ "$ZULIP_AUTO_GENERATE_CERTS" == "True" ]; then
if [ ! -e "$DATA_DIR/certs/zulip.key" ] && [ ! -e "/etc/ssl/certs/zulip.combined-chain.crt" ]; then
echo "Certificates auto generation is true. Generating certificates ..."
echo "Certificates generation is true. Generating certificates ..."
if [ -z "$ZULIP_CERTIFICATE_SUBJ" ]; then
export ZULIP_CERTIFICATE_SUBJ="/C=US/ST=Denial/L=Springfield/O=Dis/CN=$ZULIP_SETTINGS_EXTERNAL_HOST"
if [ -z "$ZULIP_CERTIFICATE_C" ]; then
export ZULIP_CERTIFICATE_C="US"
fi
if [ -z "$ZULIP_CERTIFICATE_ST" ]; then
export ZULIP_CERTIFICATE_ST="Denial"
fi
if [ -z "$ZULIP_CERTIFICATE_L" ]; then
export ZULIP_CERTIFICATE_L="Springfield"
fi
if [ -z "$ZULIP_CERTIFICATE_O" ]; then
export ZULIP_CERTIFICATE_O="Dis"
fi
if [ -z "$ZULIP_CERTIFICATE_CN" ]; then
if [ -z "$ZULIP_SETTINGS_EXTERNAL_HOST" ]; then
echo "Certificates generation failed. Missing ZULIP_CERTIFICATE_CN and as backup ZULIP_SETTINGS_EXTERNAL_HOST not given."
exit 1
fi
export ZULIP_CERTIFICATE_CN="$ZULIP_SETTINGS_EXTERNAL_HOST"
fi
export ZULIP_CERTIFICATE_SUBJ="/C=$ZULIP_CERTIFICATE_C/ST=$ZULIP_CERTIFICATE_ST/L=$ZULIP_CERTIFICATE_L/O=$ZULIP_CERTIFICATE_O/CN=$ZULIP_CERTIFICATE_CN"
fi
openssl genrsa -des3 -passout pass:x -out /tmp/server.pass.key 4096
openssl rsa -passin pass:x -in /tmp/server.pass.key -out "$DATA_DIR/certs/zulip.key"
openssl req -new -nodes -subj "$ZULIP_CERTIFICATE_SUBJ" -key "$DATA_DIR/certs/zulip.key" -out /tmp/server.csr
openssl x509 -req -days 365 -in /tmp/server.csr -signkey "$DATA_DIR/certs/zulip.key" -out "$DATA_DIR/certs/zulip.combined-chain.crt"
rm -f /tmp/server.csr /tmp/server.pass.key
echo "Certificates auto generation done."
echo "Certificates generation done."
else
echo "Certificates already exist. No need to generate them."
fi