-
-
Notifications
You must be signed in to change notification settings - Fork 159
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Generate secrets when container is started #138
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
With this change we auto-generate secrets once the container starts.
The problem is that we have several containers which all will start with random SSH keys and SSL certificates, making impossible to use StackStorm web UI in several load-balances instances and SSH to remote hosts.
That's why I mentioned previously: while it's easy to fix VM like Vagrant/OVA StackStorm/packer-st2#39 with this auto-generate on boot approach, I'd say we have no easy solution for containers.
Eg. the only way for now is to explicitly note that it's user obligation to pass/share their own SSH keys and SSL certs for prod use.
@@ -64,7 +64,7 @@ for f in /st2-docker/entrypoint.d/*; do | |||
done | |||
|
|||
# 1ppc: launch entrypoint-1ppc.sh via dumb-init if $ST2_SERVICE is set | |||
if [ ! -z ${ST2_SERVICE} ]; then | |||
if [ ! -z ${ST2_SERVICE:-} ]; then |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wouldn't it be better to make a positive test?
if [ -n "${ST2_SERVICE:-}" ]; then
You can find the old deprecated version in `DEPRECATED/all-in-one` branch archive: https://github.com/StackStorm/st2-docker/tree/DEPRECATED/all-in-one Closes StackStorm#22, closes StackStorm#23, closes StackStorm#26, closes StackStorm#29, closes StackStorm#34, closes StackStorm#41, closes StackStorm#43, closes StackStorm#92, closes StackStorm#112, closes StackStorm#117, closes StackStorm#125, closes StackStorm#133, closes StackStorm#141, closes StackStorm#145, closes StackStorm#151, closes StackStorm#163, closes StackStorm#187, closes StackStorm#188, closes StackStorm#189, closes StackStorm#190 Closes StackStorm#162, closes StackStorm#138, closes StackStorm#108, closes StackStorm#102, closes StackStorm#65
See StackStorm/packer-st2#39.
Remaining tasks: