Rename cert & key files ()

* New cert files default names

* Add certs travis test

* Add certificate generation

* Fix certs test

* Fix cert gen

* Fix directory mapping

* Fix https healthcheck

* Add test for old cert path

* Fix script & test

* Fix port number

* Code refactoring

* Fix old cert test

* Code refactoring

* Fix certs test names

* Remove unnecessary test
This commit is contained in:
Semyon Bezrukov 2020-04-29 19:48:33 +03:00 committed by GitHub
parent ab5637a11f
commit f6b5017b4a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 101 additions and 15 deletions

View file

@ -0,0 +1,18 @@
version: '2.1'
services:
onlyoffice-documentserver:
container_name: onlyoffice-documentserver
build:
context: ../.
environment:
- SSL_CERTIFICATE_PATH=${SSL_CERTIFICATE_PATH:-/var/www/onlyoffice/Data/certs/tls.crt}
- SSL_KEY_PATH=${SSL_KEY_PATH:-/var/www/onlyoffice/Data/certs/tls.key}
- CA_CERTIFICATES_PATH=${CA_CERTIFICATES_PATH:-/var/www/onlyoffice/Data/certs/ca-certificates.pem}
- SSL_DHPARAM_PATH=${SSL_DHPARAM_PATH:-/var/www/onlyoffice/Data/certs/dhparam.pem}
stdin_open: true
restart: always
ports:
- '80:80'
- '443:443'
volumes:
- ./data:/var/www/onlyoffice/Data

13
tests/certs.yml Normal file
View file

@ -0,0 +1,13 @@
version: '2.1'
services:
onlyoffice-documentserver:
container_name: onlyoffice-documentserver
build:
context: ../.
stdin_open: true
restart: always
ports:
- '80:80'
- '443:443'
volumes:
- ./data:/var/www/onlyoffice/Data

View file

@ -1,5 +1,32 @@
#!/bin/bash
ssl=${ssl:-false}
private_key=${private_key:-tls.key}
certificate_request=${certificate_request:-tls.csr}
certificate=${certificate:-tls.crt}
# Generate certificate
if [[ $ssl == "true" ]]; then
url=${url:-"https://localhost"}
mkdir -p data/certs
pushd data/certs
openssl genrsa -out ${private_key} 2048
openssl req \
-new \
-subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.example.com" \
-key ${private_key} \
-out ${certificate_request}
openssl x509 -req -days 365 -in ${certificate_request} -signkey ${private_key} -out ${certificate}
openssl dhparam -out dhparam.pem 2048
chmod 400 ${private_key}
popd
else
url=${url:-"http://localhost"}
fi
# Check if the yml exists
if [[ ! -f $config ]]; then
echo "File $config doesn't exist!"
@ -14,7 +41,7 @@ wakeup_timeout=30
# Get documentserver healthcheck status
echo "Wait for service wake up"
sleep $wakeup_timeout
healthcheck_res=$(wget --no-check-certificate -qO - localhost/healthcheck)
healthcheck_res=$(wget --no-check-certificate -qO - ${url}/healthcheck)
# Fail if it isn't true
if [[ $healthcheck_res == "true" ]]; then