diff options
| author | ytti <saku@ytti.fi> | 2017-04-17 14:21:21 +0300 | 
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-04-17 14:21:21 +0300 | 
| commit | 75076da1f7fff120757a9c760018b43a81aecf80 (patch) | |
| tree | 91adb714ecae5e5e08f844847b56e666cb17de65 | |
| parent | bf48ba182f800c323d37085a43d24fac4e3a0acf (diff) | |
| parent | 5ad52513ed0ad7665277130f02b5318efcca0940 (diff) | |
Merge pull request #814 from mikenowak/update-ca-certificates
Adding support for internal CA certs
| -rw-r--r-- | Dockerfile | 1 | ||||
| -rw-r--r-- | README.md | 6 | ||||
| -rwxr-xr-x | extra/update-ca-certificates.runit | 7 | 
3 files changed, 14 insertions, 0 deletions
| @@ -27,6 +27,7 @@ RUN apt-get -y autoremove  ADD extra/oxidized.runit /etc/service/oxidized/run  ADD extra/auto-reload-config.runit /etc/service/auto-reload-config/run +ADD extra/update-ca-certificates.runit /etc/service/update-ca-certificates/run  VOLUME ["/root/.config/oxidized"]  EXPOSE 8888/tcp @@ -364,6 +364,12 @@ If you want to have the config automatically reloaded (e.g. when using a http so  docker run -v /etc/oxidized:/root/.config/oxidized -p 8888:8888/tcp -e CONFIG_RELOAD_INTERVAL=3600 -t oxidized/oxidized:latest  ``` +If you need to use an internal CA (e.g. to connect to an private github instance) + +``` +docker run -v /etc/oxidized:/root/.config/oxidized -v /path/to/MY-CA.crt:/usr/local/share/ca-certificates/MY-CA.crt -p 8888:8888/tcp -e UPDATE_CA_CERTIFICATES=true -t oxidized/oxidized:latest +``` +  ## Cookbook  ### Debugging  In case a model plugin doesn't work correctly (ios, procurve, etc.), you can enable live debugging of SSH/Telnet sessions. Just add a ```debug``` option containing the value true to the ```input``` section. The log files will be created depending on the parent directory of the logfile option. diff --git a/extra/update-ca-certificates.runit b/extra/update-ca-certificates.runit new file mode 100755 index 0000000..53efdb9 --- /dev/null +++ b/extra/update-ca-certificates.runit @@ -0,0 +1,7 @@ +#!/bin/bash + +if [ "$UPDATE_CA_CERTIFICATES" == "true" ]; then +    update-ca-certificates +fi + +sleep infinity | 
