Loading images/base/00-update-trust.sh +2 −0 Original line number Diff line number Diff line Loading @@ -6,6 +6,8 @@ set -e ## This script updates the system trust roots with certificates from $ESGF_CERT_DIR ##### test -d "$ESGF_CERT_DIR" || return echo "[info] Linking certificates from $ESGF_CERT_DIR" for f in $(find $ESGF_CERT_DIR -maxdepth 1 -type f); do ln -s $f /etc/pki/ca-trust/source/anchors/; Loading images/orp/01-keystore.sh +8 −8 Original line number Diff line number Diff line Loading @@ -10,10 +10,10 @@ set -eo pipefail # Create a temporary file for openssl to put random state export RANDFILE="$(mktemp)" export ESGF_KEYSTORE_ALIAS="${ESGF_KEYSTORE_ALIAS:-esgf-self}" export ESGF_KEYSTORE_FILE="${ESGF_KEYSTORE_FILE:-$ESGF_HOME/tomcat/hostcert.p12}" ESGF_KEYSTORE_ALIAS="${ESGF_KEYSTORE_ALIAS:-esgf-self}" ESGF_KEYSTORE_FILE="${ESGF_KEYSTORE_FILE:-$ESGF_HOME/tomcat/hostcert.p12}" # Generate a random keystore password for this container run export ESGF_KEYSTORE_PASSWORD="$(openssl rand -hex 32)" ESGF_KEYSTORE_PASSWORD="$(openssl rand -hex 32)" ESGF_HOSTCERT_CERT_FILE="${ESGF_HOSTCERT_CERT_FILE:-$ESGF_HOME/hostcert/tls.crt}" ESGF_HOSTCERT_KEY_FILE="${ESGF_HOSTCERT_KEY_FILE:-$ESGF_HOME/hostcert/tls.key}" Loading @@ -31,8 +31,8 @@ rm -rf "$RANDFILE" unset RANDFILE # Configure the ORP to use it # echo "[info] Configuring ORP to use PKCS12 bundle" # CATALINA_EXTRA_OPTS="-Desg.orp.keystore.file=$KEYSTORE_FILE" # CATALINA_EXTRA_OPTS="$CATALINA_EXTRA_OPTS -Desg.orp.keystore.alias=$KEYSTORE_ALIAS" # CATALINA_EXTRA_OPTS="$CATALINA_EXTRA_OPTS -Desg.orp.keystore.password=$KEYSTORE_PASSWORD" # export CATALINA_EXTRA_OPTS echo "[info] Configuring ORP to use PKCS12 bundle" CATALINA_EXTRA_OPTS="-Desg.orp.keystore.file=$ESGF_KEYSTORE_FILE" CATALINA_EXTRA_OPTS="$CATALINA_EXTRA_OPTS -Desg.orp.keystore.alias=$ESGF_KEYSTORE_ALIAS" CATALINA_EXTRA_OPTS="$CATALINA_EXTRA_OPTS -Desg.orp.keystore.password=$ESGF_KEYSTORE_PASSWORD" export CATALINA_EXTRA_OPTS images/orp/esg-orp.properties +4 −4 Original line number Diff line number Diff line keystoreFile=${env:ESGF_KEYSTORE_FILE} keystorePassword=${env:ESGF_KEYSTORE_PASSWORD} keystoreAlias=${env:ESGF_KEYSTORE_ALIAS} keystoreFile=${esg.orp.keystore.file} keystorePassword=${esg.orp.keystore.password} keystoreAlias=${esg.orp.keystore.alias} orp.provider.list=${env:ESGF_CONFIG_DIR}/esgf_known_providers.xml orp.provider.list=${esg.home}/config/esgf_known_providers.xml Loading
images/base/00-update-trust.sh +2 −0 Original line number Diff line number Diff line Loading @@ -6,6 +6,8 @@ set -e ## This script updates the system trust roots with certificates from $ESGF_CERT_DIR ##### test -d "$ESGF_CERT_DIR" || return echo "[info] Linking certificates from $ESGF_CERT_DIR" for f in $(find $ESGF_CERT_DIR -maxdepth 1 -type f); do ln -s $f /etc/pki/ca-trust/source/anchors/; Loading
images/orp/01-keystore.sh +8 −8 Original line number Diff line number Diff line Loading @@ -10,10 +10,10 @@ set -eo pipefail # Create a temporary file for openssl to put random state export RANDFILE="$(mktemp)" export ESGF_KEYSTORE_ALIAS="${ESGF_KEYSTORE_ALIAS:-esgf-self}" export ESGF_KEYSTORE_FILE="${ESGF_KEYSTORE_FILE:-$ESGF_HOME/tomcat/hostcert.p12}" ESGF_KEYSTORE_ALIAS="${ESGF_KEYSTORE_ALIAS:-esgf-self}" ESGF_KEYSTORE_FILE="${ESGF_KEYSTORE_FILE:-$ESGF_HOME/tomcat/hostcert.p12}" # Generate a random keystore password for this container run export ESGF_KEYSTORE_PASSWORD="$(openssl rand -hex 32)" ESGF_KEYSTORE_PASSWORD="$(openssl rand -hex 32)" ESGF_HOSTCERT_CERT_FILE="${ESGF_HOSTCERT_CERT_FILE:-$ESGF_HOME/hostcert/tls.crt}" ESGF_HOSTCERT_KEY_FILE="${ESGF_HOSTCERT_KEY_FILE:-$ESGF_HOME/hostcert/tls.key}" Loading @@ -31,8 +31,8 @@ rm -rf "$RANDFILE" unset RANDFILE # Configure the ORP to use it # echo "[info] Configuring ORP to use PKCS12 bundle" # CATALINA_EXTRA_OPTS="-Desg.orp.keystore.file=$KEYSTORE_FILE" # CATALINA_EXTRA_OPTS="$CATALINA_EXTRA_OPTS -Desg.orp.keystore.alias=$KEYSTORE_ALIAS" # CATALINA_EXTRA_OPTS="$CATALINA_EXTRA_OPTS -Desg.orp.keystore.password=$KEYSTORE_PASSWORD" # export CATALINA_EXTRA_OPTS echo "[info] Configuring ORP to use PKCS12 bundle" CATALINA_EXTRA_OPTS="-Desg.orp.keystore.file=$ESGF_KEYSTORE_FILE" CATALINA_EXTRA_OPTS="$CATALINA_EXTRA_OPTS -Desg.orp.keystore.alias=$ESGF_KEYSTORE_ALIAS" CATALINA_EXTRA_OPTS="$CATALINA_EXTRA_OPTS -Desg.orp.keystore.password=$ESGF_KEYSTORE_PASSWORD" export CATALINA_EXTRA_OPTS
images/orp/esg-orp.properties +4 −4 Original line number Diff line number Diff line keystoreFile=${env:ESGF_KEYSTORE_FILE} keystorePassword=${env:ESGF_KEYSTORE_PASSWORD} keystoreAlias=${env:ESGF_KEYSTORE_ALIAS} keystoreFile=${esg.orp.keystore.file} keystorePassword=${esg.orp.keystore.password} keystoreAlias=${esg.orp.keystore.alias} orp.provider.list=${env:ESGF_CONFIG_DIR}/esgf_known_providers.xml orp.provider.list=${esg.home}/config/esgf_known_providers.xml
