Feature: Easy method to add trusted CA Certificate in containerized installation

[clawoflight]

Describe the problem

Your recommendation for handling private CAs is to trust them system-wide. This is a perfectly normal practice for system-wide installations. However, that would require building custom docker images for many on-prem installations, which brings a lot of maintenance overhead.
IMHO this is something that the weblate docker image should support. We certainly do this for our products :)

Describe the solution you'd like

Proposal: A simple environment variable that we could set with a path to a CA certificate.
The entrypoint of the docker image could then add it to the CA bundle itself.

This makes it easy to mount in a CA cert from a volume, as a Kubernetes secret object, etc.

Describe alternatives you've considered

No response

Screenshots

No response

Additional context

No response

[nijel]

Maybe it could be a fixed location in /app/data/ssl? We already use this for SAML SSL certificates (see https://docs.weblate.org/en/latest/admin/install/docker.html#saml).