Fix key generation in Docker

We were generating the key in the Dockerfile, but then mounting the host’s web directory, which “obscured” (to quote the Docker docs) the directory in the container. We can move key generation to the container entrypoint, but only call it if the key doesn’t already exist to save time on container teardown / restart.
This commit is contained in:
Robin Whittleton 2021-02-10 18:35:57 +01:00 committed by Alex Cabal
parent c36fde5c8c
commit c606dea993
2 changed files with 5 additions and 3 deletions

View file

@ -4,11 +4,9 @@ RUN apt-get update
RUN DEBIAN_FRONTEND=noninteractive apt-get install -y composer php-fpm php-cli php-gd php-xml php-apcu php-mbstring php-intl apache2 apache2-utils libfcgi0ldbl task-spooler
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
RUN mkdir -p /standardebooks.org/web/config/ssl
RUN mkdir -p /standardebooks.org/web
RUN mkdir /var/log/local
RUN openssl req -x509 -nodes -days 99999 -newkey rsa:4096 -subj "/CN=standardebooks.test" -keyout /standardebooks.org/web/config/ssl/standardebooks.test.key -sha256 -out /standardebooks.org/web/config/ssl/standardebooks.test.crt
RUN a2enmod headers expires ssl rewrite proxy proxy_fcgi
# Disable opcaching for dynamic PHP reloading

View file

@ -1,5 +1,9 @@
#!/bin/sh
if [ ! -f /standardebooks.org/web/config/ssl/standardebooks.test.crt ]; then
openssl req -x509 -nodes -days 99999 -newkey rsa:4096 -subj "/CN=standardebooks.test" -keyout /standardebooks.org/web/config/ssl/standardebooks.test.key -sha256 -out /standardebooks.org/web/config/ssl/standardebooks.test.crt
fi
cd /standardebooks.org/web
composer install