dede/stepca-docker
0
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Activity

Compare commits

base: dede:0da4c1b064e0a8a9d639001d46aab975120dce87
Branches Tags
dede:main
..
compare: dede:8751c3e9076571584adb4746cca3d81352633587
Branches Tags
dede:main

3 Commits
0da4c1b064 ... 8751c3e907

Author SHA1 Message Date
dede
8751c3e907 add possibility to download compose file 2023-07-21 20:40:38 +02:00
dede
8e45022be2 add some ideas for improvements 2023-07-21 20:40:13 +02:00
dede
dff86c0701 ignore any .env file (.env*) 2023-07-21 20:38:05 +02:00
3 changed files with 61 additions and 5 deletions
Expand all files Collapse all files

2
.gitignore vendored
View File

@@ -1,3 +1,3 @@
data/* data/*
.env .env*
docker-compose.override.yml docker-compose.override.yml

32
TODO.md Normal file
View File

@@ -0,0 +1,32 @@
# TODO
## easy cert revocation
here comes an example for watching file changes
the idea is to extend the step-ca container to be able to revoke certificates easily.
not that i think this is needed 0:-)
source: https://stackoverflow.com/questions/22884580/bash-a-way-to-watch-files-for-changes#22885210
```bash
#!/bin/bash
watched_files=$@ # pass watched files as cmd line arguments
if [ -z "$watched_files" ]; then
echo "Nothing to watch, abort"
exit
else
echo "watching: $watched_files"
fi
previous_checksum="dummy"
while [ 1 ]; do
checksum=$(md5sum $watched_files | md5sum)
if [ "$checksum" != "$previous_checksum" ]; then
echo "None shall pass!" # do your stuff here
fi
previous_checksum="$checksum"
sleep 1
done
```

32
setup.sh
View File

@@ -2,20 +2,44 @@
# env setup script for step-ca docker compose # env setup script for step-ca docker compose
# 2023-01-06 by dede & dany # 2023-01-06 by dede & dany
echo "step-ca docker compose setup" # variables setup
echo "> env setup for step-ca with docker compose..." PROJECT_NAME=step-ca
#COMPOSE_DOWNLOAD_URL=
# starting the setup
echo "$PROJECT_NAME docker compose setup"
echo "> env setup for $PROJECT_NAME with docker compose"
# check for existing compose file to not break an existing setup
if [ -n "$COMPOSE_DOWNLOAD_URL" ]; then
if [[ -f "docker-compose.yml" ]]; then
echo "> docker-compose.yml file already exists. setup will not run"
exit 1
else
echo "> downloading docker-compose.yml file from $COMPOSE_DOWNLOAD_URL"
wget -O docker-compose.yml "$COMPOSE_DOWNLOAD_URL"
fi
fi
# check for existing .env file to not break an existing setup # check for existing .env file to not break an existing setup
if [[ -f .env ]]; then if [[ -f .env ]]; then
echo "> .env file already exists. setup will not run. either rename or delete it first." echo "> .env file already exists. setup will not run. either rename or delete it first."
exit 1 echo -n "do you want to continue anyway and create a new .env file? [y/N]: "
read -r continue
if [[ $continue =~ ^([yY])$ ]]; then
mv ".env" ".env_backup"
echo "> saved existing .env file to .env_backup"
else
exit 1
fi
elif [[ ! -f env.sample ]]; then elif [[ ! -f env.sample ]]; then
echo "> env.sample file is missing. cannot run." echo "> env.sample file is missing. cannot run."
exit 2 exit 2
fi fi
# create .env file # create .env file
echo -e "# file generated by ${0##*/} on $(date +"%F %H:%M") by $USER\n" > .env echo -e "# env file for $PROJECT_NAME compose project" > .env
echo -e "# generated by ${0##*/} on $(date +"%F %H:%M") by $USER\n" >> .env
# step through the list of lines and ask for each key to use default value or set value # step through the list of lines and ask for each key to use default value or set value
# for each line in configfile # for each line in configfile