fix

2025-01-20 12:20:01 +03:00 · 2025-01-20 12:20:01 +03:00 · db08da6a83
commit db08da6a83
parent 415beb65d0
12 changed files with 23 additions and 20 deletions
--- a/Dockerfile.micord
+++ b/Dockerfile.micord
@ -14,7 +14,8 @@ RUN apt-get update \
       make \
       gcc \
       gcc10 \
-       libjson-glib libjson-glib-devel
+       libjson-glib libjson-glib-devel \
       libuuid libuuid-devel
 WORKDIR /build
 COPY src src
@ -33,7 +34,7 @@ ENV TZ=Europe/Moscow
 COPY entrypoint.sh /entrypoint.sh
 RUN apt-get update \
- && apt-get -y install glib2 libfcgi libjson-glib \
+ && apt-get -y install glib2 libfcgi libjson-glib libuuid \
 && apt-get clean \
 && rm -f /var/cache/apt/*.bin \
 && rm -f /var/lib/apt/lists/update* \
@ -51,18 +52,15 @@ COPY --from=builder /build/.build/ervu-sign-module /opt/ervu-sign-module/ervu-si
 EXPOSE 9009
-ARG ESIA_CA_CERT=test_ca_rtk3.cer
+COPY --chown=ervu:ervu conf/cacerts /cacerts
-COPY conf/${ESIA_CA_CERT} ${ESIA_CA_CERT} 
+COPY --chown=ervu:ervu conf/certs /certs
-RUN /opt/cprocsp/bin/amd64/certmgr -install -store mRoot -file "${ESIA_CA_CERT}"
+
 RUN echo "Installing CA certificates" \
 && find /cacerts -regex ".*\.\(cer\|crt\)$" -exec /opt/cprocsp/bin/amd64/certmgr -install -store mCA -file {} \;
 USER ervu
-ARG ESIA_CERT="TESIA GOST 2012 new.cer"
+RUN echo "Installing certificates" \
-ARG ESIA_CA_CRL=b0fd8eb959d9489d5b7b4c143a06cad7952a0744.crl
+ && find /certs -regex ".*\.\(cer\|crt\)$" -exec /opt/cprocsp/bin/amd64/certmgr -install -file {} \;
 COPY --chown=ervu:ervu conf/${ESIA_CERT} ${ESIA_CERT} 
 COPY --chown=ervu:ervu conf/${ESIA_CA_CRL} ${ESIA_CA_CRL} 
 RUN /opt/cprocsp/bin/amd64/certmgr -install -file "${ESIA_CERT}" \
  && /opt/cprocsp/bin/amd64/certmgr -install -store uCA -crl -file "${ESIA_CA_CRL}"
 ENTRYPOINT ["/entrypoint.sh"]
--- a/conf/b0fd8eb959d9489d5b7b4c143a06cad7952a0744.crl
+++ b/conf/b0fd8eb959d9489d5b7b4c143a06cad7952a0744.crl
--- a/conf/cacerts/README
+++ b/conf/cacerts/README
@ -0,0 +1 @@
 В данном каталоге должны находится файлы корневых/промежуточных центров сертификации с расширением .cer или .crt
--- a/conf/cacerts/guc2022.crt
+++ b/conf/cacerts/guc2022.crt
--- a/conf/cacerts/test-crypto-pro-ca.crt
+++ b/conf/cacerts/test-crypto-pro-ca.crt
--- a/conf/cacerts/test_ca_rtk3.crt
+++ b/conf/cacerts/test_ca_rtk3.crt
--- a/conf/cacerts/ucfk_2023.crt
+++ b/conf/cacerts/ucfk_2023.crt
--- a/conf/certs/MNSV90-test.cer
+++ b/conf/certs/MNSV90-test.cer
--- a/conf/certs/README
+++ b/conf/certs/README
@ -0,0 +1 @@
 В данном каталоге должны находится файлы сертификатов с расширением .cer или .crt
--- a/conf/certs/esia_prod.cer
+++ b/conf/certs/esia_prod.cer
--- a/conf/certs/esia_test.cer
+++ b/conf/certs/esia_test.cer
--- a/entrypoint.sh
+++ b/entrypoint.sh
@ -1,16 +1,19 @@
 #!/bin/bash
-if [ ! -d /var/opt/cprocsp/keys/ervu ];
+username=$(whoami)
-  then mkdir -m 700 /var/opt/cprocsp/keys/ervu
+
-  cp -r /home/ervu/keys/* /var/opt/cprocsp/keys/ervu/
+if [ ! -d /var/opt/cprocsp/keys/$username ]; then
-  chown -R ervu:ervu /var/opt/cprocsp/keys/ervu
+  mkdir -m 700 /var/opt/cprocsp/keys/$username
  cp -r ~/keys/* /var/opt/cprocsp/keys/$username/
  chown -R $username:$username /var/opt/cprocsp/keys/$username
 fi
 /opt/cprocsp/bin/amd64/csptest -absorb -certs -autoprov
-set +e
+echo "Installing CA certificates"
-cd /home/ervu/cacerts
+find ~/cacerts -regex ".*\.\(cer\|crt\)$" -exec /opt/cprocsp/bin/amd64/certmgr -install -store uCA -file {} \;
-echo o | /opt/cprocsp/bin/amd64/certmgr -install -store uRoot -file test_ca_2014.crt
+
-set -e
+echo "Installing certificates" \
 find ~/certs -regex ".*\.\(cer\|crt\)$" -exec /opt/cprocsp/bin/amd64/certmgr -install -file {} \;
 /opt/ervu-sign-module/ervu-sign-module
		`@ -0,0 +1 @@`
							`В данном каталоге должны находится файлы корневых/промежуточных центров сертификации с расширением .cer или .crt`