diff --git a/Dockerfile b/Dockerfile index b931c4bce8..7bd1978492 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,3 +1,5 @@ +# For documentation see docs/docker.md + FROM openjdk:11-jre-slim RUN mkdir /rems @@ -8,3 +10,5 @@ ENTRYPOINT ["./docker-entrypoint.sh"] COPY empty-config.edn /rems/config/config.edn COPY target/uberjar/rems.jar /rems/rems.jar COPY docker-entrypoint.sh /rems/docker-entrypoint.sh + +RUN chmod 664 /usr/local/openjdk-11/lib/security/cacerts diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh index ab6674965f..132ab4d119 100755 --- a/docker-entrypoint.sh +++ b/docker-entrypoint.sh @@ -4,6 +4,19 @@ cd rems [ -z "$COMMANDS" ] && COMMANDS="run" +certfile=$(ls /rems/certs) + +if [ ! -z ${certfile} ] && [ "${certfile}" != "null" ] ; then + keytool -importcert -cacerts -noprompt \ + -storepass changeit \ + -file /rems/certs/${certfile} \ + -alias ${certfile} + + keytool -storepasswd -cacerts \ + -storepass changeit \ + -new $(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 20) +fi + for COMMAND in $COMMANDS do if [ "${COMMAND}" = "run" ] ; then diff --git a/docs/docker.md b/docs/docker.md new file mode 100644 index 0000000000..e8f5327c8f --- /dev/null +++ b/docs/docker.md @@ -0,0 +1,8 @@ +# Deploy Rems in docker + +1. Build rems with lein or copy rems.jar to target/uberjar/rems.jar +2. Build rems docker image. Use the docker file located in the root directory of rems git. +Example command: `docker build /path/to/rems/git/root/dir/ -t rems:tag` +2. Mount your config.edn file to /rems/config/config.edn in the container (Optional) +3. Mount certificate to be added to rems certificate store to /rems/certs/. +This process currecntly supports only one certificate. (Optional)