create mount point in image

gameontext · Oct 23, 2020 · 40d3489 · 40d3489
1 parent dcce979
commit 40d3489
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 14 deletions.
diff --git a/room-wlpcfg/Dockerfile b/room-wlpcfg/Dockerfile
@@ -4,6 +4,7 @@ ENV SERVERDIRNAME room
 
 COPY ./startup.sh /opt/startup.sh
 ADD ./servers/gameon-room /opt/ol/wlp/usr/servers/defaultServer/
+RUN mkdir -p /opt/ol/wlp/usr/servers/defaultServer/resources/security
 
 CMD ["/opt/startup.sh"]
 

diff --git a/room-wlpcfg/startup.sh b/room-wlpcfg/startup.sh
@@ -2,9 +2,7 @@
 export CONTAINER_NAME=recroom
 
 SERVER_PATH=/opt/ol/wlp/usr/servers/defaultServer
-
-certpath=/tmp/java-ssl/
-mkdir -p ${certpath}
+ssl_path=${SERVER_PATH}/resources/security
 
 if [ "$ETCDCTL_ENDPOINT" != "" ]; then
   echo Setting up etcd...
@@ -22,7 +20,7 @@ if [ "$ETCDCTL_ENDPOINT" != "" ]; then
   done
   echo "etcdctl returned sucessfully, continuing"
 
-  etcdctl get /proxy/third-party-ssl-cert > ${certpath}/cert.pem
+  etcdctl get /proxy/third-party-ssl-cert > ${ssl_path}/cert.pem
 
   export RECROOM_SERVICE_URL=$(etcdctl get /room/service)
   export MAP_SERVICE_URL=$(etcdctl get /room/mapurl)
@@ -36,25 +34,29 @@ if [ "$ETCDCTL_ENDPOINT" != "" ]; then
 
   export KAFKA_SERVICE_URL=$(etcdctl get /kafka/url)
 fi
+if [ -f /etc/cert/cert.pem ]; then
+  cp /etc/cert/cert.pem ${ssl_path}/cert.pem
+fi
+
 
-if [ -f ${certpath}/cert.pem ]; then
+if [ -f ${ssl_path}/cert.pem ] ; then
   echo "Building keystore/truststore from cert.pem"
   echo "-creating dir"
-  mkdir -p ${SERVER_PATH}/resources/security
   echo "-cd dir"
-  cd ${SERVER_PATH}/resources/
-  echo "-importing jvm truststore to server truststore"
-  keytool -importkeystore -srckeystore $JAVA_HOME/jre/lib/security/cacerts -destkeystore security/truststore.jks -srcstorepass changeit -deststorepass truststore
+  cd ${ssl_path}
   echo "-converting pem to pkcs12"
-  openssl pkcs12 -passin pass:keystore -passout pass:keystore -export -out cert.pkcs12 -in ${certpath}/cert.pem
+  openssl pkcs12 -passin pass:keystore -passout pass:keystore -export -out cert.pkcs12 -in cert.pem
   echo "-importing pem to truststore.jks"
-  keytool -import -v -trustcacerts -alias default -file ${certpath}/cert.pem -storepass truststore -keypass keystore -noprompt -keystore security/truststore.jks
+  keytool -import -v -trustcacerts -alias default -file cert.pem -storepass truststore -keypass keystore -noprompt -keystore truststore.jks
   echo "-creating dummy key.jks"
-  keytool -genkey -storepass testOnlyKeystore -keypass wefwef -keyalg RSA -alias endeca -keystore security/key.jks -dname CN=rsssl,OU=unknown,O=unknown,L=unknown,ST=unknown,C=CA
+  keytool -genkey -storepass testOnlyKeystore -keypass wefwef -keyalg RSA -alias endeca \
+          -keystore key.jks -dname CN=rsssl,OU=unknown,O=unknown,L=unknown,ST=unknown,C=CA
   echo "-emptying key.jks"
-  keytool -delete -storepass testOnlyKeystore -alias endeca -keystore security/key.jks
+  keytool -delete -storepass testOnlyKeystore -alias endeca -keystore key.jks
   echo "-importing pkcs12 to key.jks"
-  keytool -v -importkeystore -srcalias 1 -alias 1 -destalias default -noprompt -srcstorepass keystore -deststorepass testOnlyKeystore -srckeypass keystore -destkeypass testOnlyKeystore -srckeystore cert.pkcs12 -srcstoretype PKCS12 -destkeystore security/key.jks -deststoretype JKS
+  keytool -v -importkeystore -srcalias 1 -alias 1 -destalias default -noprompt \
+          -srcstorepass keystore -deststorepass testOnlyKeystore -srckeypass keystore -destkeypass testOnlyKeystore \
+          -srckeystore cert.pkcs12 -srcstoretype PKCS12 -destkeystore key.jks -deststoretype JKS
   echo "done"
   cd ${SERVER_PATH}
 fi