Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Run update-ca-certificates to enable self-signed certs #3708

Merged
merged 3 commits into from
Mar 25, 2018
Merged

Run update-ca-certificates to enable self-signed certs #3708

merged 3 commits into from
Mar 25, 2018

Conversation

inful
Copy link
Contributor

@inful inful commented Mar 22, 2018

Why:

  • We are using self-signed ssl certificates for internal services, which results in failures when gitea tries to communicate through webhooks with these. We would like to enable gitea to be able to use these certificates without having to build custom docker images.

How

  • We add the internal certificates to /usr/local/share/ca-certificates on the host
  • We read-only mount /usr/local/share/ca-certificates from the host to /usr/local/share/ca-certificates in the container
  • We do a update-ca-certificates in the alpine container before starting gitea

This should have no consequence for users that do not have the need to handle self-signed certificates, as update-ca-certificates should be idempotent.

@inful
Update certificates to enable self-signed certs
97dfcfd 
Why:

* We are using self-signed ssl certificates for internal services, which results in failures when gitea tries to communicate through webhooks with these. We would like to enable gitea to be able to use these certificates without having to build custom docker images.

How

* We add the internal certificates to /usr/local/share/ca-certificates on the host
* We read-only mount /usr/local/share/ca-certificates from the host to /usr/local/share/ca-certificates in the container 
* We do a update-ca-certificates in the alpine container before starting gitea

This should have no consequence for users that do not have the need to handle self-signed certificates, as update-ca-certificates should be idempotent.
@codecov-io
Copy link

codecov-io commented Mar 22, 2018
edited
Loading

Codecov Report

Merging #3708 into master will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master    #3708   +/-   ##
=======================================
  Coverage   35.79%   35.79%           
=======================================
  Files         288      288           
  Lines       41578    41578           
=======================================
  Hits        14881    14881           
  Misses      24501    24501           
  Partials     2196     2196

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 9350ba7...2a3bf41. Read the comment docs.

@tboerger tboerger added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Mar 22, 2018
@lafriks lafriks added this to the 1.5.0 milestone Mar 22, 2018
@tboerger tboerger added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Mar 22, 2018
@tboerger tboerger added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Mar 23, 2018
@lafriks lafriks merged commit cb87f29 into go-gitea:master Mar 25, 2018
@daviian daviian mentioned this pull request May 3, 2018
Closed
7 tasks
@go-gitea go-gitea locked and limited conversation to collaborators Nov 24, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@lafriks lafriks lafriks approved these changes

@jonasfranz jonasfranz jonasfranz approved these changes

Assignees
No one assigned
Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. topic/deployment
Projects
None yet
Milestone
1.5.0
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@inful @codecov-io @lafriks @jonasfranz @tboerger @lunny