Add support for secrets, add dns name and cleanup
This commit is contained in:
parent
e0136abc34
commit
16e0f02a8a
|
@ -1,2 +1,3 @@
|
|||
oci-archive.tar
|
||||
build_id
|
||||
secrets/
|
||||
|
|
19
Makefile
19
Makefile
|
@ -7,26 +7,35 @@ CONTAINERS := $(shell find ./ -name 'Containerfile' -exec 'dirname' '{}' ';' | c
|
|||
IMAGES := $(addsuffix /${IMAGE_OUTPUT},${CONTAINERS})
|
||||
BUILD_IDS := $(addsuffix /${BUILD_ID_OUT},${CONTAINERS})
|
||||
|
||||
# Make workaround
|
||||
# Inserting literal commas into function calls without interpreting them as delimiters
|
||||
, := ,
|
||||
|
||||
# Build all containers in order by default
|
||||
all: $(IMAGES)
|
||||
all: oci
|
||||
|
||||
oci: $(IMAGES)
|
||||
localbuild: $(BUILD_IDS)
|
||||
|
||||
# Build process
|
||||
%/${IMAGE_OUTPUT}: %/${BUILD_ID_OUT}
|
||||
buildah push -f oci \
|
||||
$(shell cat $<) \
|
||||
oci-archive:$@:$(DOMAIN)/$*:latest
|
||||
oci-archive:$@:${DOMAIN}/$*:latest
|
||||
|
||||
%/${BUILD_ID_OUT}: %/Containerfile
|
||||
buildah build \
|
||||
-t $(DOMAIN)/$*:latest \
|
||||
-t ${DOMAIN}/$*:latest \
|
||||
--iidfile $*/${BUILD_ID_OUT} \
|
||||
$(foreach secretpath,$(wildcard $*/secrets/*),\
|
||||
--secret id=$(patsubst $*/secrets/%,%,${secretpath})$(,)src=${secretpath}) \
|
||||
$*
|
||||
|
||||
# Clean up
|
||||
clean:
|
||||
-rm -rv $(IMAGES) $(BUILD_IDS)
|
||||
-rm -rv ${IMAGES} ${BUILD_IDS}
|
||||
|
||||
.PHONY: all clean
|
||||
.PHONY: all localbuild oci clean
|
||||
.SUFFIXES:
|
||||
|
||||
# Somehow GNU make forgets these are intermediates if not explicitly stated, feel free to look into it *shrug*
|
||||
|
|
|
@ -12,6 +12,7 @@ COPY --from=redxen.eu/data/postgres-cert:latest /redxen.eu/certs/murmur.crt /roo
|
|||
COPY --from=redxen.eu/data/postgres-cert:latest /redxen.eu/keys/murmur.key /root/.postgresql/postgresql.key
|
||||
|
||||
ADD murmur.ini $CONFIG
|
||||
RUN --mount=type=secret,id=mregpass sed -i -e "s/MUMBLE_REGISTER_PASS/$(cat /run/secrets/mregpass)/" $CONFIG
|
||||
|
||||
ENV CONFIG $CONFIG
|
||||
CMD murmurd -fg -ini $CONFIG
|
||||
|
|
|
@ -3,11 +3,11 @@ dbDriver=QPSQL
|
|||
dbUsername=murmur
|
||||
dbHost=localhost
|
||||
dbPort=5432
|
||||
#registerName="[RedXen] Good software lasts long!"
|
||||
#registerPassword=MUMBLE_REGISTER_PASS
|
||||
#registerUrl=https://redxen.eu/
|
||||
#registerHostname=redxen.eu
|
||||
#registerLocation=DE
|
||||
registerName="[RedXen] Good software lasts long!"
|
||||
registerPassword=MUMBLE_REGISTER_PASS
|
||||
registerUrl=https://redxen.eu/
|
||||
registerHostname=redxen.eu
|
||||
registerLocation=DE
|
||||
host=
|
||||
opusthreshold=10
|
||||
bandwidth=150000
|
||||
|
|
|
@ -16,6 +16,7 @@ RUN openssl req \
|
|||
-sha256 \
|
||||
-key /ca/keys/ca.key \
|
||||
-subj "/O=RedXen/CN=mumble" \
|
||||
-addext "subjectAltName = DNS: mumble.redxen.eu" \
|
||||
-nodes \
|
||||
-keyout keys/mumble.key \
|
||||
-out /tmp/mumble.csr
|
||||
|
|
Loading…
Reference in New Issue