micord/ervu-sign-module
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'release/1.2.4' into master

Browse source 
# Conflicts:
#	CMakeLists.txt
#	Dockerfile.micord
#	entrypoint.sh
#	src/modules/service_sign.c
This commit is contained in:
Наиля Алашкова 2025-02-19 09:06:44 +03:00
parent a2cb8f6487
commit e351409288
4 changed files with 13 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

3
.gitignore vendored
View file

@ -1,7 +1,8 @@
7h96bfno.000/ 7h96bfno.000/
linux-amd64.tgz linux-amd64.tgz
conf/ervu-sign-module.conf
CMakeFiles/ CMakeFiles/
/conf/keys/
/conf/ervu-sign-module.conf
CMakeLists.txt.user CMakeLists.txt.user
src/config.h src/config.h
src/version.h src/version.h

14
Dockerfile.micord
View file

@ -51,20 +51,6 @@ COPY --from=builder /opt/cprocsp /opt/cprocsp
COPY --from=builder /var/opt/cprocsp /var/opt/cprocsp COPY --from=builder /var/opt/cprocsp /var/opt/cprocsp
COPY --from=builder /build/.build/ervu-sign-module /opt/ervu-sign-module/ervu-sign-module COPY --from=builder /build/.build/ervu-sign-module /opt/ervu-sign-module/ervu-sign-module
#VOLUME /var/opt/cprocsp/keys/ervu/7h96bfno.000
EXPOSE 9009 EXPOSE 9009
COPY --chown=$RUNTIME_USER:$RUNTIME_USER conf/cacerts /cacerts
COPY --chown=$RUNTIME_USER:$RUNTIME_USER conf/certs /certs
RUN echo "Installing CA certificates" \
&& /opt/cprocsp/sbin/amd64/cryptsrv \
&& find /cacerts -regex ".*\.\(cer\|crt\)$" -exec /opt/cprocsp/bin/amd64/certmgr -install -store mRoot -file {} \;
RUN echo "Installing certificates" \
&& /opt/cprocsp/sbin/amd64/cryptsrv \
&& su -c 'find /certs -regex ".*\.\(cer\|crt\)$" -exec /opt/cprocsp/bin/amd64/certmgr -install -file {} \;' $RUNTIME_USER
ENTRYPOINT ["/entrypoint.sh"] ENTRYPOINT ["/entrypoint.sh"]

4
docker-compose.yaml
View file

@ -4,8 +4,10 @@ services:
context: . context: .
dockerfile: Dockerfile.micord dockerfile: Dockerfile.micord
volumes: volumes:
- ./7h96bfno.000:/home/ervu/keys/7h96bfno.000 - ./conf/keys:/home/ervu/keys/
- ./conf/ervu-sign-module.conf:/etc/ervu-sign-module.conf - ./conf/ervu-sign-module.conf:/etc/ervu-sign-module.conf
- ./conf/cacerts:/home/ervu/cacerts
- ./conf/certs:/home/ervu/certs
nginx: nginx:
image: nginx:latest image: nginx:latest
links: links:

17
entrypoint.sh
View file

@ -1,6 +1,5 @@
#!/bin/bash #!/bin/bash
username=$RUNTIME_USER
set -e set -e
echo "Starting cryptsrv" echo "Starting cryptsrv"
@ -8,18 +7,18 @@ echo "Starting cryptsrv"
echo $? echo $?
set +e set +e
if [ ! -d /var/opt/cprocsp/keys/$username ]; then if [ ! -d /var/opt/cprocsp/keys/$RUNTIME_USER ]; then
mkdir -m 700 /var/opt/cprocsp/keys/$username mkdir -m 700 /var/opt/cprocsp/keys/$RUNTIME_USER
cp -r /home/$username/keys/* /var/opt/cprocsp/keys/$username/ cp -r /home/$RUNTIME_USER/keys/* /var/opt/cprocsp/keys/$RUNTIME_USER/
chown -R $username:$username /var/opt/cprocsp/keys/$username chown -R $RUNTIME_USER:$RUNTIME_USER /var/opt/cprocsp/keys/$RUNTIME_USER
fi fi
su - -c '/opt/cprocsp/bin/amd64/csptest -absorb -certs -autoprov' $username su - -c '/opt/cprocsp/bin/amd64/csptest -absorb -certs -autoprov' $RUNTIME_USER
echo "Installing CA certificates" echo "Installing CA certificates"
su - -c 'find ~/cacerts -regex ".*\.\(cer\|crt\)$" -exec /opt/cprocsp/bin/amd64/certmgr -install -store uCA -file {} \;' $username su - -c 'find ~/cacerts -regex ".*\.\(cer\|crt\)$" -exec /opt/cprocsp/bin/amd64/certmgr -install -store uCA -file {} \;' $RUNTIME_USER
echo "Installing certificates" echo "Installing certificates"
su - -c 'find ~/certs -regex ".*\.\(cer\|crt\)$" -exec /opt/cprocsp/bin/amd64/certmgr -install -file {} \;' $username su - -c 'find ~/certs -regex ".*\.\(cer\|crt\)$" -exec /opt/cprocsp/bin/amd64/certmgr -install -file {} \;' $RUNTIME_USER
su - -c '/opt/ervu-sign-module/ervu-sign-module' $username su - -c '/opt/ervu-sign-module/ervu-sign-module' $RUNTIME_USER