feat: HTTPS option in docker build #179

zohassadar · 2024-07-26T18:05:56Z

Will create self signed certificate if the HTTPS environment variable isn't null and add the TLS_KEY & TLS_CERT variables to the container.

If HTTPS is not set, the build script & Dockerfile maintain original behavior.

timotheeg

LGTM

Just noting; I had issues with OBS refusing to load content over a self-signed certificate.

For the raspberry pi setup, the setup script outputs the certificate fingerprint, so it can supplied to OBS as trusted:

https://github.com/timotheeg/nestrischamps/blob/main/setup/local_rpi/setup.sh#L135-L143

# generate public key fingerprint to tell OBS we trust the server
PUB_KEY_FINGERPRINT=$(openssl x509 -in ${TLS_CERT_PATH} -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64)

echo
echo ========== IMPORTANT ==========
echo
echo "Start OBS at the command line with this argument:"
echo "--ignore-certificate-errors-spki-list=${PUB_KEY_FINGERPRINT}"

zohassadar added 2 commits July 26, 2024 18:01

feat: HTTPS option in docker build

7e55442

chore: use bash & better shellscript practices for docker build

39cbf68

timotheeg approved these changes Jul 27, 2024

View reviewed changes

timotheeg merged commit 5862287 into timotheeg:main Jul 27, 2024
1 check passed

zohassadar deleted the docker-https-option branch July 27, 2024 17:16

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: HTTPS option in docker build #179

feat: HTTPS option in docker build #179

zohassadar commented Jul 26, 2024

timotheeg left a comment

feat: HTTPS option in docker build #179

feat: HTTPS option in docker build #179

Conversation

zohassadar commented Jul 26, 2024

timotheeg left a comment

Choose a reason for hiding this comment