Make self-signed certificates work in OpenMapKit + fix build

This commit is contained in:
Disassembler 2020-06-21 17:02:10 +02:00
parent d532d087fe
commit ebe3828b5e
Signed by: Disassembler
GPG Key ID: 524BD33A0EE29499
7 changed files with 23 additions and 3 deletions

View File

@ -10,6 +10,7 @@
"openmapkit": {
"image": "openmapkit_0.12.0-200621",
"mounts": {
"openmapkit/omk_conf/add-ca-cert.env": "srv/openmapkit/add-ca-cert.env:file",
"openmapkit/omk_conf/settings.js": "srv/openmapkit/settings.js:file",
"openmapkit/omk_data": "srv/openmapkit/data"
}

View File

@ -7,7 +7,7 @@ RUN EOF
apk --no-cache add python2 openjdk8-jre-base
# Install build dependencies
apk --no-cache add --virtual .deps build-base git py2-pip yarn
apk --no-cache add --virtual .deps build-base git npm py2-pip yarn
# Clone OpenMapKit
git clone --recursive --depth 1 https://github.com/posm/OpenMapKitServer /srv/openmapkit
@ -15,8 +15,7 @@ RUN EOF
# Install OpenMapKit dependencies
cd /srv/openmapkit
pip install -r requirements.txt
yarn add libxmljs
yarn
npm install
cd frontend
yarn
yarn build

View File

@ -0,0 +1,5 @@
#!/bin/sh
. /srv/openmapkit/add-ca-cert.env
true | openssl s_client -connect ${HOST}:${PORT} | openssl x509 -out /etc/ssl/certs/openmapkit.crt

View File

@ -1,6 +1,8 @@
#!/bin/execlineb -P
fdmove -c 2 1
foreground { /bin/add-ca-cert }
export NODE_EXTRA_CA_CERTS /etc/ssl/certs/openmapkit.crt
export NODE_ENV production
s6-setuidgid omk
node /srv/openmapkit/server.js

View File

@ -10,6 +10,7 @@ OMK_LAYER="${LAYERS_DIR}/openmapkit_0.12.0-200621"
export OPENMAPKIT_ADMIN_USER="admin"
export OPENMAPKIT_ADMIN_PWD=$(head -c 12 /dev/urandom | base64 | tr -d '+/=')
install -o 108080 -g 108080 -m 750 -d ${OMK_CONF}
install -o 108080 -g 108080 -m 640 omk_conf/add-ca-cert.env ${OMK_CONF}/add-ca-cert.env
envsubst <omk_conf/settings.js | install -o 108080 -g 108080 -m 640 /dev/stdin ${OMK_CONF}/settings.js
# Copy existing files into persistent storage

View File

@ -0,0 +1,2 @@
HOST=omk.spotter.vm
PORT=443

View File

@ -0,0 +1,10 @@
#!/bin/sh
# Volumes
OMK_CONF="${VOLUMES_DIR}/opendatakit/omk_conf"
# Replacements
cat <<EOF >${OMK_CONF}/add-ca-cert.env
HOST=${HOST}
PORT=${PORT}
EOF