removed files needed only for development from master and adapt docker-compose.yml for production

2025-04-23 08:16:19 -04:00 · 2023-02-12 02:33:35 +01:00 · 2023-02-12 02:33:35 +01:00 · 61d51e1d10
commit 61d51e1d10
parent 64d69a0ed9
7 changed files with 2 additions and 126 deletions
--- a/docker/openssl/create.sh
+++ b/docker/openssl/create.sh
@ -1,9 +0,0 @@
-#!/bin/sh
-
-cnf_dir='/mnt/openssl/'
-certs_dir='/etc/ssl/certs/'
-openssl req -config ${cnf_dir}snapdropCA.cnf -new -x509 -days 1 -keyout ${certs_dir}snapdropCA.key -out ${certs_dir}snapdropCA.crt
-openssl req -config ${cnf_dir}snapdropCert.cnf -new -out /tmp/snapdrop-dev.csr -keyout ${certs_dir}snapdrop-dev.key
-openssl x509 -req -in /tmp/snapdrop-dev.csr -CA ${certs_dir}snapdropCA.crt -CAkey ${certs_dir}snapdropCA.key -CAcreateserial -extensions req_ext -extfile ${cnf_dir}snapdropCert.cnf -sha512 -days 1 -out ${certs_dir}snapdrop-dev.crt
-
-exec "$@"
--- a/docker/openssl/snapdropCA.cnf
+++ b/docker/openssl/snapdropCA.cnf
@ -1,26 +0,0 @@
-[ req ]
-default_bits       = 2048
-default_md         = sha256
-default_days       = 1
-encrypt_key        = no
-distinguished_name = subject
-x509_extensions    = x509_ext
-string_mask        = utf8only
-prompt             = no
-
-[ subject ]
-organizationName = Snapdrop
-OU               = CA
-commonName       = snapdrop-CA
-
-[ x509_ext ]
-subjectKeyIdentifier      = hash
-authorityKeyIdentifier    = keyid:always,issuer
-
-# You only need digitalSignature below. *If* you don't allow
-#   RSA Key transport (i.e., you use ephemeral cipher suites), then
-#   omit keyEncipherment because that's key transport.
-
-basicConstraints = critical, CA:TRUE, pathlen:0
-keyUsage         = critical, digitalSignature, keyEncipherment, cRLSign, keyCertSign
-
--- a/docker/openssl/snapdropCert.cnf
+++ b/docker/openssl/snapdropCert.cnf
@ -1,29 +0,0 @@
-[ req ]
-default_bits        = 2048
-default_md          = sha256
-default_days        = 1
-encrypt_key         = no
-distinguished_name  = subject
-req_extensions      = req_ext
-string_mask         = utf8only
-prompt              = no
-
-[ subject ]
-organizationName    = PairDrop
-OU                  = Development
-
-# Use a friendly name here because it's presented to the user. The server's DNS
-#   names are placed in Subject Alternate Names. Plus, DNS names here is deprecated
-#   by both IETF and CA/Browser Forums. If you place a DNS name here, then you
-#   must include the DNS name in the SAN too (otherwise, Chrome and others that
-#   strictly follow the CA/Browser Baseline Requirements will fail).
-
-commonName           = ${ENV::FQDN}
-
-[ req_ext ]
-subjectKeyIdentifier = hash
-basicConstraints     = CA:FALSE
-keyUsage             = digitalSignature, keyEncipherment
-subjectAltName       = DNS:${ENV::FQDN}
-nsComment            = "OpenSSL Generated Certificate"
-extendedKeyUsage     = serverAuth