Skip to content

Commit

Permalink
Merge pull request #185 from akostadinov/develop
Browse files Browse the repository at this point in the history
easy support for custom CAs
  • Loading branch information
junkurihara authored Sep 19, 2024
2 parents 79fe5c9 + 546e4dd commit 978d161
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 0 deletions.
6 changes: 6 additions & 0 deletions docker/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,12 @@ Then, all you need is to mount your `config.toml` as `/etc/rpxy.toml` and certif

See [`docker-compose.yml`](./docker-compose.yml) for the detailed configuration. Note that the file path of keys and certificates must be ones in your docker container.

## Custom CAs for upstream TLS connections

To add a custom certificate, you must use a non-`slim` non-`webpki` image. Then mount `/usr/local/share/ca-certificates` in the container with your desired CAs each in a file like `myca.crt`. The certificates are accepted in PEM format but file extension must be `crt`.

e.g. `-v rpxy/ca-certificates:/usr/local/share/ca-certificates`

## Differences among image tags of Docker Hub and GitHub Container Registry

Differences among tags are summarized as follows.
Expand Down
2 changes: 2 additions & 0 deletions docker/entrypoint.sh
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,8 @@ EOF

#######################################
function setup_ubuntu () {
update-ca-certificates

id ${USER} > /dev/null
# Check the existence of the user, if not exist, create it.
if [ $? -eq 1 ]; then
Expand Down

0 comments on commit 978d161

Please sign in to comment.