Skip to content

Commit

Permalink
Update certificates to enable self-signed certs (#3708)
Browse files Browse the repository at this point in the history 
Why:

* We are using self-signed ssl certificates for internal services, which results in failures when gitea tries to communicate through webhooks with these. We would like to enable gitea to be able to use these certificates without having to build custom docker images.

How

* We add the internal certificates to /usr/local/share/ca-certificates on the host
* We read-only mount /usr/local/share/ca-certificates from the host to /usr/local/share/ca-certificates in the container 
* We do a update-ca-certificates in the alpine container before starting gitea

This should have no consequence for users that do not have the need to handle self-signed certificates, as update-ca-certificates should be idempotent.
  • Loading branch information
@inful @lafriks
inful authored and lafriks committed Mar 25, 2018
1 parent 9350ba7 commit cb87f29
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions docker/etc/s6/gitea/setup
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
#!/bin/bash

/usr/sbin/update-ca-certificates

if [ ! -d /data/git/.ssh ]; then
mkdir -p /data/git/.ssh
chmod 700 /data/git/.ssh
Expand Down

0 comments on commit cb87f29

Please sign in to comment.