Initial container for syncing sslmate certs

2016-10-10 21:36:18 +02:00 · 2016-10-10 21:36:18 +02:00 · 2d80cd72e9
commit 2d80cd72e9
2 changed files with 77 additions and 0 deletions
--- a/15
+++ b/15
@ -0,0 +1,15 @@
+FROM debian:jessie
+
+RUN apt-get update \
+    && apt-get install -y -q --no-install-recommends wget ca-certificates
+
+RUN wget -P /etc/apt/sources.list.d https://sslmate.com/apt/jessie/sslmate.list
+RUN wget -P /etc/apt/trusted.gpg.d https://sslmate.com/apt/jessie/sslmate.gpg
+
+RUN apt-get update \
+    && apt-get install -y -q --no-install-recommends sslmate openjdk-7-jre-headless \
+    && apt-get clean \
+    && rm -r /var/lib/apt/lists/*
+
+COPY sync.sh /sync.sh
+CMD bash sync.sh
--- a/sync.sh
+++ b/sync.sh
@ -0,0 +1,62 @@
+#!/bin/bash
+
+# check for keytool is installed
+keytool=$(which keytool)
+
+# check if sslmate is installed
+if [ ! -x /usr/bin/sslmate ]; then
+    echo "Missing sslmate package"
+    exit 1
+fi
+
+if [ "x$SSLMATE_API_KEY" == "x" ]; then
+   echo "Missing sslmate api key from environment. Variable name must be SSLMATE_API_KEY"
+   exit 1
+fi
+
+if [ ! -d /etc/sslmate/keys ]; then
+    mkdir -p /etc/sslmate/keys
+fi
+
+if [ ! -d /etc/sslmate/certs ]; then
+    mkdir -p /etc/sslmate/certs
+fi
+
+if [ ! -f /etc/sslmate.conf ]; then
+cat > /etc/sslmate.conf <<EOF
+api_key ${SSLMATE_API_KEY}
+key_directory /etc/sslmate/keys
+cert_directory /etc/sslmate/certs
+cert_format.chained yes
+cert_format.combined yes
+cert_format.root yes
+cert_format.chain+root yes
+wildcard_filename star
+key_type rsa
+EOF
+
+if [ "$keytool" != "" ]; then
+echo "I got keytool"
+cat >> /etc/sslmate.conf <<EOF
+cert_format.p12 yes
+cert_format.jks yes
+EOF
+
+else
+
+cat >> /etc/sslmate.conf <<EOF
+cert_format.p12 no
+cert_format.jks no
+EOF
+
+fi
+
+fi
+
+# Sync
+while true; do
+    sslmate download --all
+    sleep 60
+done
+
+exit 0