Browse Source

Remove /var/lib/certidude prefix for paths

ec-key-support
Lauri Võsandi 1 year ago
parent
commit
67e1cf6849
  1. 4
      Dockerfile
  2. 2
      entrypoint.sh
  3. 6
      nginx.conf

4
Dockerfile

@ -1,5 +1,5 @@ @@ -1,5 +1,5 @@
FROM alpine as build
MAINTAINER lauri <lauri@pinecrypt.com>
FROM alpine
MAINTAINER Pinecrypt Labs <info@pinecrypt.com>
RUN apk add --update npm nginx rsync bash
RUN npm install --silent --no-optional -g nunjucks@2.5.2 nunjucks-date@1.2.0 node-forge bootstrap@4.0.0-alpha.6 jquery timeago tether font-awesome qrcode-svg xterm
COPY nginx.conf /etc/nginx/nginx.conf

2
entrypoint.sh

@ -1,5 +1,5 @@ @@ -1,5 +1,5 @@
#!/bin/sh
while [ ! -f /var/lib/certidude/server-secrets/self_cert.pem ]; do
while [ ! -f /server-secrets/self_cert.pem ]; do
sleep 1
done
exec nginx -g "daemon off; error_log /dev/stdout info;"

6
nginx.conf

@ -62,8 +62,8 @@ http { @@ -62,8 +62,8 @@ http {
send_timeout 600;
# To use CA-s own certificate for frontend and mutually authenticated connections
ssl_certificate /var/lib/certidude/server-secrets/self_cert.pem;
ssl_certificate_key /var/lib/certidude/server-secrets/self_key.pem;
ssl_certificate /server-secrets/self_cert.pem;
ssl_certificate_key /server-secrets/self_key.pem;
server {
# Section for serving insecure HTTP, note that this is suitable for
@ -145,7 +145,7 @@ http { @@ -145,7 +145,7 @@ http {
# Allow client authentication with certificate,
# backend must still check if certificate was used for TLS handshake
ssl_verify_client optional;
ssl_client_certificate /var/lib/certidude/server-secrets/ca_cert.pem;
ssl_client_certificate /server-secrets/ca_cert.pem;
# Proxy pass to backend
location /api/ {

Loading…
Cancel
Save