LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Containers (https://www.linuxquestions.org/questions/linux-containers-122/)
-   -   Certificate generator with docker-compose (https://www.linuxquestions.org/questions/linux-containers-122/certificate-generator-with-docker-compose-4175730851/)

kzo81 11-14-2023 12:05 AM
Certificate generator with docker-compose
 
Hi Folks,

I got this minimal setup for a reverse proxy, but for some reason it only runs on local machine, however there is still an error.

Do you have any idea?

Code:
# docker-compose.yml
version: "3.5"

services:
  certificate_generator:
    container_name: certificate_generator
    image: docker.io/maptiler/tileserver-gl:latest
    entrypoint: bash
    command: /tmp/certgen.sh
    working_dir: /tmp/certs/
    volumes:
      - ./certgen.sh:/tmp/certgen.sh:ro
      - ./certs:/tmp/certs/
    restart: "no"
Code:
#generate-certificates.sh
KEY="mapserver.key"
CRT="mapserver.crt"
DAYS=365
STATE="Hungary"
CITY="Budapest"
CN="mapserver01.local.lan"

if [ ! -f "$CRT" -o ! -f "$KEY" ]; then
  openssl rand -writerand .rnd
  openssl req -x509 -rand .rnd -nodes -newkey "rsa:2048" \
    -days $DAYS \
    -subj "/C=HU/ST=$STATE/L=$CITY/O=MapTiler/OU=Development/CN=$CN" \
    -keyout "$KEY" \
    -out "$CRT"
  rm -f .rnd
fi
exit 0

Output:

Code:
Creating gen_certs ... done
Attaching to gen_certs
gen_certs    | Can't load /root/.rnd into RNG
gen_certs    | 140707024888256:error:2406F079:random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:88:Filename=/root/.rnd
gen_certs    | Generating a RSA private key
gen_certs    | .+++++
gen_certs    | ...........+++++
gen_certs    | writing new private key to 'mapserver.key'
gen_certs    | -----
gen_certs exited with code 0
On the target host:
Code:
docker-compose up
WARNING: Found orphan containers (nginx) for this project. If you removed or renamed this service in your compose file, you can run this command with the --remove-orphans flag to clean it up.
Starting certificate_generator ... done
Attaching to certificate_generator
certificate_generator    | Cannot write random bytes:
certificate_generator    | 139930728330560:error:24070079:random number generator:RAND_write_file:Cannot open file:../crypto/rand/randfile.c:233:Filename=.rnd
certificate_generator    | Can't load .rnd into RNG
certificate_generator    | 140626904618304:error:2406F079:random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:98:Filename=.rnd


All times are GMT -5. The time now is 03:28 AM.