Skip to content

D
docker-ocserv
Commit c591f75e authored by Tommy Lau's avatar Tommy Lau
Browse files
Options

Change config file to work with 0.10.9

parent b777efc2
Hide whitespace changes
Inline Side-by-side
Showing with 4 additions and 9 deletions
Dockerfile
View file @ c591f75e
...@@ -44,7 +44,6 @@ RUN buildDeps=" \ ...@@ -44,7 +44,6 @@ RUN buildDeps=" \
&& tar -xf ocserv.tar.xz -C /usr/src/ocserv --strip-components=1 \ && tar -xf ocserv.tar.xz -C /usr/src/ocserv --strip-components=1 \
&& rm ocserv.tar.xz* \ && rm ocserv.tar.xz* \
&& cd /usr/src/ocserv \ && cd /usr/src/ocserv \
&& sed -i '/#define MAX_CONFIG_ENTRIES /{s/64/200/}' src/vpn.h \
&& ./configure --enable-linux-namespaces \ && ./configure --enable-linux-namespaces \
&& make -j"$(nproc)" \ && make -j"$(nproc)" \
&& make install \ && make install \
...@@ -58,18 +57,14 @@ RUN buildDeps=" \ ...@@ -58,18 +57,14 @@ RUN buildDeps=" \
# Setup config # Setup config
COPY route.txt /tmp/ COPY route.txt /tmp/
RUN set -x \ RUN set -x \
&& sed -i 's/^#\(auth.*optional.*\)/\1/' /etc/ocserv/ocserv.conf \
&& sed -i 's/\.\/sample\.passwd/\/etc\/ocserv\/ocpasswd/' /etc/ocserv/ocserv.conf \ && sed -i 's/\.\/sample\.passwd/\/etc\/ocserv\/ocpasswd/' /etc/ocserv/ocserv.conf \
&& sed -i 's/\(max-same-clients = \)2/\110/' /etc/ocserv/ocserv.conf \ && sed -i 's/\(max-same-clients = \)2/\110/' /etc/ocserv/ocserv.conf \
&& sed -i 's/\(listen-clear-file.*\)/#\1/' /etc/ocserv/ocserv.conf \
&& sed -i 's/\.\.\/tests/\/etc\/ocserv/' /etc/ocserv/ocserv.conf \ && sed -i 's/\.\.\/tests/\/etc\/ocserv/' /etc/ocserv/ocserv.conf \
&& sed -i 's/#\(ca-cert = \).*/\1\/etc\/ocserv\/ca-cert\.pem/' /etc/ocserv/ocserv.conf \
&& sed -i 's/#\(compression.*\)/\1/' /etc/ocserv/ocserv.conf \ && sed -i 's/#\(compression.*\)/\1/' /etc/ocserv/ocserv.conf \
&& sed -i 's/#\(occtl.*\)/\1/' /etc/ocserv/ocserv.conf \ && sed -i '/^ipv4-network = /{s/192.168.1.0/192.168.99.0/}' /etc/ocserv/ocserv.conf \
&& sed -i '/^ipv4-network = /{s/192.168.1.0/192.168.0.0/}' /etc/ocserv/ocserv.conf \
&& sed -i 's/192.168.1.2/8.8.8.8/' /etc/ocserv/ocserv.conf \ && sed -i 's/192.168.1.2/8.8.8.8/' /etc/ocserv/ocserv.conf \
&& sed -i 's/^route/#route/' /etc/ocserv/ocserv.conf \ && sed -i 's/^route/#route/' /etc/ocserv/ocserv.conf \
&& sed -i 's/#\(cisco.*\)/\1/' /etc/ocserv/ocserv.conf \ && sed -i 's/^no-route/#no-route/' /etc/ocserv/ocserv.conf \
&& cat /tmp/route.txt >> /etc/ocserv/ocserv.conf \ && cat /tmp/route.txt >> /etc/ocserv/ocserv.conf \
&& rm -fr /tmp/route.txt && rm -fr /tmp/route.txt
......
docker-entrypoint.sh
View file @ c591f75e
...@@ -39,7 +39,7 @@ if [ ! -f /etc/ocserv/server-key.pem ] || [ ! -f /etc/ocserv/server-cert.pem ]; ...@@ -39,7 +39,7 @@ if [ ! -f /etc/ocserv/server-key.pem ] || [ ! -f /etc/ocserv/server-cert.pem ];
cert_signing_key cert_signing_key
crl_signing_key crl_signing_key
EOCA EOCA
certtool --generate-self-signed --load-privkey ca-key.pem --template ca.tmpl --outfile ca-cert.pem certtool --generate-self-signed --load-privkey ca-key.pem --template ca.tmpl --outfile ca.pem
certtool --generate-privkey --outfile server-key.pem certtool --generate-privkey --outfile server-key.pem
cat > server.tmpl <<-EOSRV cat > server.tmpl <<-EOSRV
cn = "$SRV_CN" cn = "$SRV_CN"
...@@ -49,7 +49,7 @@ if [ ! -f /etc/ocserv/server-key.pem ] || [ ! -f /etc/ocserv/server-cert.pem ]; ...@@ -49,7 +49,7 @@ if [ ! -f /etc/ocserv/server-key.pem ] || [ ! -f /etc/ocserv/server-cert.pem ];
encryption_key encryption_key
tls_www_server tls_www_server
EOSRV EOSRV
certtool --generate-certificate --load-privkey server-key.pem --load-ca-certificate ca-cert.pem --load-ca-privkey ca-key.pem --template server.tmpl --outfile server-cert.pem certtool --generate-certificate --load-privkey server-key.pem --load-ca-certificate ca.pem --load-ca-privkey ca-key.pem --template server.tmpl --outfile server-cert.pem
# Create a test user # Create a test user
if [ -z "$NO_TEST_USER" ] && [ ! -f /etc/ocserv/ocpasswd ]; then if [ -z "$NO_TEST_USER" ] && [ ! -f /etc/ocserv/ocpasswd ]; then
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment