Fix key generation in Docker

We were generating the key in the Dockerfile, but then mounting the host’s web directory, which “obscured” (to quote the Docker docs) the directory in the container. We can move key generation to the container entrypoint, but only call it if the key doesn’t already exist to save time on container teardown / restart.

vms/docker/Dockerfile

@@ -4,11 +4,9 @@ RUN apt-get update
 RUN DEBIAN_FRONTEND=noninteractive apt-get install -y composer php-fpm php-cli php-gd php-xml php-apcu php-mbstring php-intl apache2 apache2-utils libfcgi0ldbl task-spooler
 RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 
-RUN mkdir -p /standardebooks.org/web/config/ssl
+RUN mkdir -p /standardebooks.org/web
 RUN mkdir /var/log/local
 
-RUN openssl req -x509 -nodes -days 99999 -newkey rsa:4096 -subj "/CN=standardebooks.test" -keyout /standardebooks.org/web/config/ssl/standardebooks.test.key -sha256 -out /standardebooks.org/web/config/ssl/standardebooks.test.crt
-
 RUN a2enmod headers expires ssl rewrite proxy proxy_fcgi
 
 # Disable opcaching for dynamic PHP reloading

vms/docker/start-server.sh

@@ -1,5 +1,9 @@
 #!/bin/sh
 
+if [ ! -f /standardebooks.org/web/config/ssl/standardebooks.test.crt ]; then
+	openssl req -x509 -nodes -days 99999 -newkey rsa:4096 -subj "/CN=standardebooks.test" -keyout /standardebooks.org/web/config/ssl/standardebooks.test.key -sha256 -out /standardebooks.org/web/config/ssl/standardebooks.test.crt
+fi
+
 cd /standardebooks.org/web
 composer install