From ebe3828b5eaacca101e9266a867f12508b2b2781 Mon Sep 17 00:00:00 2001 From: Disassembler Date: Sun, 21 Jun 2020 17:02:10 +0200 Subject: [PATCH] Make self-signed certificates work in OpenMapKit + fix build --- lxc-apps/openmapkit/app | 1 + lxc-apps/openmapkit/image | 5 ++--- lxc-apps/openmapkit/image.d/bin/add-ca-cert | 5 +++++ .../openmapkit/image.d/etc/services.d/openmapkit/run | 2 ++ lxc-apps/openmapkit/install.sh | 1 + lxc-apps/openmapkit/install/omk_conf/add-ca-cert.env | 2 ++ lxc-apps/openmapkit/install/update-conf.sh | 10 ++++++++++ 7 files changed, 23 insertions(+), 3 deletions(-) create mode 100755 lxc-apps/openmapkit/image.d/bin/add-ca-cert create mode 100644 lxc-apps/openmapkit/install/omk_conf/add-ca-cert.env create mode 100755 lxc-apps/openmapkit/install/update-conf.sh diff --git a/lxc-apps/openmapkit/app b/lxc-apps/openmapkit/app index 35bc545..7c92353 100644 --- a/lxc-apps/openmapkit/app +++ b/lxc-apps/openmapkit/app @@ -10,6 +10,7 @@ "openmapkit": { "image": "openmapkit_0.12.0-200621", "mounts": { + "openmapkit/omk_conf/add-ca-cert.env": "srv/openmapkit/add-ca-cert.env:file", "openmapkit/omk_conf/settings.js": "srv/openmapkit/settings.js:file", "openmapkit/omk_data": "srv/openmapkit/data" } diff --git a/lxc-apps/openmapkit/image b/lxc-apps/openmapkit/image index 1c5875c..726a6e9 100644 --- a/lxc-apps/openmapkit/image +++ b/lxc-apps/openmapkit/image @@ -7,7 +7,7 @@ RUN EOF apk --no-cache add python2 openjdk8-jre-base # Install build dependencies - apk --no-cache add --virtual .deps build-base git py2-pip yarn + apk --no-cache add --virtual .deps build-base git npm py2-pip yarn # Clone OpenMapKit git clone --recursive --depth 1 https://github.com/posm/OpenMapKitServer /srv/openmapkit @@ -15,8 +15,7 @@ RUN EOF # Install OpenMapKit dependencies cd /srv/openmapkit pip install -r requirements.txt - yarn add libxmljs - yarn + npm install cd frontend yarn yarn build diff --git a/lxc-apps/openmapkit/image.d/bin/add-ca-cert b/lxc-apps/openmapkit/image.d/bin/add-ca-cert new file mode 100755 index 0000000..88a42fb --- /dev/null +++ b/lxc-apps/openmapkit/image.d/bin/add-ca-cert @@ -0,0 +1,5 @@ +#!/bin/sh + +. /srv/openmapkit/add-ca-cert.env + +true | openssl s_client -connect ${HOST}:${PORT} | openssl x509 -out /etc/ssl/certs/openmapkit.crt diff --git a/lxc-apps/openmapkit/image.d/etc/services.d/openmapkit/run b/lxc-apps/openmapkit/image.d/etc/services.d/openmapkit/run index 690e20f..b9b19dc 100755 --- a/lxc-apps/openmapkit/image.d/etc/services.d/openmapkit/run +++ b/lxc-apps/openmapkit/image.d/etc/services.d/openmapkit/run @@ -1,6 +1,8 @@ #!/bin/execlineb -P fdmove -c 2 1 +foreground { /bin/add-ca-cert } +export NODE_EXTRA_CA_CERTS /etc/ssl/certs/openmapkit.crt export NODE_ENV production s6-setuidgid omk node /srv/openmapkit/server.js diff --git a/lxc-apps/openmapkit/install.sh b/lxc-apps/openmapkit/install.sh index 670fbf4..6acaaa9 100755 --- a/lxc-apps/openmapkit/install.sh +++ b/lxc-apps/openmapkit/install.sh @@ -10,6 +10,7 @@ OMK_LAYER="${LAYERS_DIR}/openmapkit_0.12.0-200621" export OPENMAPKIT_ADMIN_USER="admin" export OPENMAPKIT_ADMIN_PWD=$(head -c 12 /dev/urandom | base64 | tr -d '+/=') install -o 108080 -g 108080 -m 750 -d ${OMK_CONF} +install -o 108080 -g 108080 -m 640 omk_conf/add-ca-cert.env ${OMK_CONF}/add-ca-cert.env envsubst ${OMK_CONF}/add-ca-cert.env +HOST=${HOST} +PORT=${PORT} +EOF