mirror of
https://github.com/thib8956/nginx-proxy
synced 2024-11-24 21:06:31 +00:00
Allow passing DHPARAM_BITS via env, lower bits to 256 for unit tests
This commit is contained in:
parent
dffc0c47cf
commit
7d253dd0f3
@ -15,7 +15,8 @@ if [[ $DOCKER_HOST = unix://* ]]; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
# Generate dhparam file if required
|
# Generate dhparam file if required
|
||||||
/app/generate-dhparam.sh
|
# Note: if $DHPARAM_BITS is not defined, generate-dhparam.sh will use 2048 as a default
|
||||||
|
/app/generate-dhparam.sh $DHPARAM_BITS
|
||||||
|
|
||||||
# If the user has run the default command and the socket doesn't exist, fail
|
# If the user has run the default command and the socket doesn't exist, fail
|
||||||
if [ "$socketMissing" = 1 -a "$1" = forego -a "$2" = start -a "$3" = '-r' ]; then
|
if [ "$socketMissing" = 1 -a "$1" = forego -a "$2" = start -a "$3" = '-r' ]; then
|
||||||
|
@ -1,10 +1,12 @@
|
|||||||
#!/bin/bash -e
|
#!/bin/bash -e
|
||||||
|
|
||||||
|
# The first argument is the bit depth of the dhparam, or 2048 if unspecified
|
||||||
|
DHPARAM_BITS=${1:-2048}
|
||||||
|
|
||||||
# If a dhparam file is not available, use the pre-generated one and generate a new one in the background.
|
# If a dhparam file is not available, use the pre-generated one and generate a new one in the background.
|
||||||
# Note that /etc/nginx/dhparam is a volume, so this dhparam will persist restarts.
|
# Note that /etc/nginx/dhparam is a volume, so this dhparam will persist restarts.
|
||||||
PREGEN_DHPARAM_FILE="/app/dhparam.pem.default"
|
PREGEN_DHPARAM_FILE="/app/dhparam.pem.default"
|
||||||
DHPARAM_FILE="/etc/nginx/dhparam/dhparam.pem"
|
DHPARAM_FILE="/etc/nginx/dhparam/dhparam.pem"
|
||||||
DHPARAM_BITS="2048"
|
|
||||||
GEN_LOCKFILE="/tmp/dhparam_generating.lock"
|
GEN_LOCKFILE="/tmp/dhparam_generating.lock"
|
||||||
|
|
||||||
# The hash of the pregenerated dhparam file is used to check if the pregen dhparam is already in use
|
# The hash of the pregenerated dhparam file is used to check if the pregen dhparam is already in use
|
||||||
|
@ -7,7 +7,7 @@ function setup {
|
|||||||
stop_bats_containers web
|
stop_bats_containers web
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "[$TEST_FILE] test dhparam.pem is generated if missing (WARNING: this test is slow)" {
|
@test "[$TEST_FILE] test dhparam.pem is generated if missing" {
|
||||||
SUT_CONTAINER=bats-nginx-proxy-${TEST_FILE}-1
|
SUT_CONTAINER=bats-nginx-proxy-${TEST_FILE}-1
|
||||||
|
|
||||||
# WHEN
|
# WHEN
|
||||||
@ -16,6 +16,7 @@ function setup {
|
|||||||
--label bats-type="nginx-proxy" \
|
--label bats-type="nginx-proxy" \
|
||||||
--name $SUT_CONTAINER \
|
--name $SUT_CONTAINER \
|
||||||
-v /var/run/docker.sock:/tmp/docker.sock:ro \
|
-v /var/run/docker.sock:/tmp/docker.sock:ro \
|
||||||
|
-e DHPARAM=256 \
|
||||||
$SUT_IMAGE \
|
$SUT_IMAGE \
|
||||||
&& wait_for_nginxproxy_container_to_start $SUT_CONTAINER \
|
&& wait_for_nginxproxy_container_to_start $SUT_CONTAINER \
|
||||||
&& docker logs $SUT_CONTAINER
|
&& docker logs $SUT_CONTAINER
|
||||||
@ -23,7 +24,7 @@ function setup {
|
|||||||
DEFAULT_HASH=$(docker exec $SUT_CONTAINER md5sum /etc/nginx/dhparam/dhparam.pem | cut -d" " -f1)
|
DEFAULT_HASH=$(docker exec $SUT_CONTAINER md5sum /etc/nginx/dhparam/dhparam.pem | cut -d" " -f1)
|
||||||
|
|
||||||
assert_success
|
assert_success
|
||||||
docker_wait_for_log $SUT_CONTAINER 9 "Generating DH parameters"
|
docker_wait_for_log $SUT_CONTAINER 30 "Generating DH parameters"
|
||||||
|
|
||||||
# THEN
|
# THEN
|
||||||
docker_wait_for_log $SUT_CONTAINER 240 "dhparam generation complete, reloading nginx"
|
docker_wait_for_log $SUT_CONTAINER 240 "dhparam generation complete, reloading nginx"
|
||||||
@ -56,13 +57,14 @@ function setup {
|
|||||||
--name $SUT_CONTAINER \
|
--name $SUT_CONTAINER \
|
||||||
-v /var/run/docker.sock:/tmp/docker.sock:ro \
|
-v /var/run/docker.sock:/tmp/docker.sock:ro \
|
||||||
-v $TMP_DIR:/etc/nginx/dhparam \
|
-v $TMP_DIR:/etc/nginx/dhparam \
|
||||||
|
-e DHPARAM=256 \
|
||||||
$SUT_IMAGE \
|
$SUT_IMAGE \
|
||||||
&& wait_for_nginxproxy_container_to_start $SUT_CONTAINER \
|
&& wait_for_nginxproxy_container_to_start $SUT_CONTAINER \
|
||||||
&& docker logs $SUT_CONTAINER
|
&& docker logs $SUT_CONTAINER
|
||||||
|
|
||||||
# THEN
|
# THEN
|
||||||
assert_success
|
assert_success
|
||||||
docker_wait_for_log $SUT_CONTAINER 9 "Generating DH parameters"
|
docker_wait_for_log $SUT_CONTAINER 30 "Generating DH parameters"
|
||||||
|
|
||||||
docker exec $SUT_CONTAINER rm -rf /etc/nginx/dhparam/*
|
docker exec $SUT_CONTAINER rm -rf /etc/nginx/dhparam/*
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user