Ubuntu Docker Images

Merge ~athos-ribeiro/ubuntu-docker-images/+git/squid:4.10-20.04-snakeoil into ~ubuntu-docker-images/ubuntu-docker-images/+git/squid:4.10-20.04

  1. Git
  2. lp:~athos-ribeiro/ubuntu-docker-images/+git/squid
  3. 4.10-20.04-snakeoil
  4. Merge into 4.10-20.04
Proposed by Athos Ribeiro
Status: Merged
Merged at revision: d351ddccb413fe87ca5e5744c49c52c10dc984c2
Proposed branch: ~athos-ribeiro/ubuntu-docker-images/+git/squid:4.10-20.04-snakeoil
Merge into: ~ubuntu-docker-images/ubuntu-docker-images/+git/squid:4.10-20.04
Diff against target: 29 lines (+7/-0)
2 files modified
Dockerfile (+2/-0)
entrypoint.sh (+5/-0)
Reviewer Review Type Date Requested Status
Sergio Durigan Junior Approve
Canonical Server Reporter Pending
Review via email: mp+434822@code.launchpad.net

Description of the change

Remove snakeoil build-time generated certificate and re-create it in the entrypoint when it does not exist.

To post a comment you must log in.
Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

Thanks for the MP, Athos.

Nitpick: s/it's/its/ (in the commit message)

Image builds and test passes.

Another suggestion below, but otherwise LGTM.

review: Approve
Revision history for this message
Athos Ribeiro (athos-ribeiro) wrote :

Thanks, Sergio!

Fixed the suggestions and merged.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/Dockerfile b/Dockerfile
2index 30b15ed..3ef3de8 100644
3--- a/Dockerfile
4+++ b/Dockerfile
5@@ -14,6 +14,8 @@ RUN set -eux; \
6 sed -i 's/^#http_access allow localnet$/http_access allow localnet/' /etc/squid/conf.d/debian.conf; \
7 echo "# Set max_filedescriptors to avoid using system's RLIMIT_NOFILE. See LP: #1978272" > /etc/squid/conf.d/rock.conf; \
8 echo 'max_filedescriptors 1024' >> /etc/squid/conf.d/rock.conf; \
9+ # Remove the snakeoil self-signed certificate generated by the ssl-cert package
10+ rm -f /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/ssl/private/ssl-cert-snakeoil.key; \
11 # smoketest
12 /usr/sbin/squid --version; \
13 # create manifest \
14diff --git a/entrypoint.sh b/entrypoint.sh
15index d34a01e..984e54d 100755
16--- a/entrypoint.sh
17+++ b/entrypoint.sh
18@@ -16,6 +16,11 @@
19 # [1] The default configuration is changed in the Dockerfile to allow local
20 # network connections. See the Dockerfile for further information.
21
22+# re-create snakeoil self-signed certificate removed in the build process
23+if [ ! -f /etc/ssl/private/ssl-cert-snakeoil.key ]; then
24+ /usr/sbin/make-ssl-cert generate-default-snakeoil --force-overwrite > /dev/null 2>&1
25+fi
26+
27 tail -F /var/log/squid/access.log 2>/dev/null &
28 tail -F /var/log/squid/error.log 2>/dev/null &
29 tail -F /var/log/squid/store.log 2>/dev/null &

Subscribers

People subscribed via source and target branches