From 5ad52513ed0ad7665277130f02b5318efcca0940 Mon Sep 17 00:00:00 2001 From: Mike Nowak Date: Mon, 17 Apr 2017 19:37:58 +0900 Subject: Adding support for custom CA certs --- Dockerfile | 1 + README.md | 6 ++++++ extra/update-ca-certificates.runit | 7 +++++++ 3 files changed, 14 insertions(+) create mode 100755 extra/update-ca-certificates.runit diff --git a/Dockerfile b/Dockerfile index fb2a635..a72a925 100644 --- a/Dockerfile +++ b/Dockerfile @@ -27,6 +27,7 @@ RUN apt-get -y autoremove ADD extra/oxidized.runit /etc/service/oxidized/run ADD extra/auto-reload-config.runit /etc/service/auto-reload-config/run +ADD extra/update-ca-certificates.runit /etc/service/update-ca-certificates/run VOLUME ["/root/.config/oxidized"] EXPOSE 8888/tcp diff --git a/README.md b/README.md index ade2030..5950c1c 100644 --- a/README.md +++ b/README.md @@ -364,6 +364,12 @@ If you want to have the config automatically reloaded (e.g. when using a http so docker run -v /etc/oxidized:/root/.config/oxidized -p 8888:8888/tcp -e CONFIG_RELOAD_INTERVAL=3600 -t oxidized/oxidized:latest ``` +If you need to use an internal CA (e.g. to connect to an private github instance) + +``` +docker run -v /etc/oxidized:/root/.config/oxidized -v /path/to/MY-CA.crt:/usr/local/share/ca-certificates/MY-CA.crt -p 8888:8888/tcp -e UPDATE_CA_CERTIFICATES=true -t oxidized/oxidized:latest +``` + ## Cookbook ### Debugging In case a model plugin doesn't work correctly (ios, procurve, etc.), you can enable live debugging of SSH/Telnet sessions. Just add a ```debug``` option containing the value true to the ```input``` section. The log files will be created depending on the parent directory of the logfile option. diff --git a/extra/update-ca-certificates.runit b/extra/update-ca-certificates.runit new file mode 100755 index 0000000..53efdb9 --- /dev/null +++ b/extra/update-ca-certificates.runit @@ -0,0 +1,7 @@ +#!/bin/bash + +if [ "$UPDATE_CA_CERTIFICATES" == "true" ]; then + update-ca-certificates +fi + +sleep infinity -- cgit v1.2.1