From 39f7dc17b0878a644656297db76c3c981533b8a9 Mon Sep 17 00:00:00 2001 From: Kushal Hada Date: Thu, 7 Jun 2018 20:31:29 -0400 Subject: [PATCH 1/4] add z to everything fixes #255 I tested on fedora 28 looks good to me please test this on a non-SE Linux machine it should not have any effect there --- docker-compose.yml | 46 +++++++++++++++++++++++----------------------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 20a1dba5..68c5443b 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -165,37 +165,37 @@ services: # HOST-DIRECTORY : DOCKER-DIRECTORY # Mount custom intranet - - ${DEVILBOX_PATH}/.devilbox/www:/var/www/default:ro + - ${DEVILBOX_PATH}/.devilbox/www:/var/www/default:ro,z # Mount custom mass virtual hosting - - ${HOST_PATH_HTTPD_DATADIR}:/shared/httpd + - ${HOST_PATH_HTTPD_DATADIR}:/shared/httpd:z # Mount logs - - ${DEVILBOX_PATH}/log/php-fpm-${PHP_SERVER}:/var/log/php + - ${DEVILBOX_PATH}/log/php-fpm-${PHP_SERVER}:/var/log/php:z # Mount Mail directory #- ${DEVILBOX_PATH}/run/mail:/var/mail # Mount DB Backup directory - - ${DEVILBOX_PATH}/backups:/shared/backups + - ${DEVILBOX_PATH}/backups:/shared/backups:z # Mount devilbox user-defined *.ini files in order # to overwrite the default PHP.ini configuration - - ${DEVILBOX_PATH}/cfg/php-ini-${PHP_SERVER}:/etc/php-custom.d:ro + - ${DEVILBOX_PATH}/cfg/php-ini-${PHP_SERVER}:/etc/php-custom.d:ro,z # Mount devilbox user-defined PHP-FPM *.conf files in order # to overwrite the default PHP-FPM configuration - - ${DEVILBOX_PATH}/cfg/php-fpm-${PHP_SERVER}:/etc/php-fpm-custom.d:ro + - ${DEVILBOX_PATH}/cfg/php-fpm-${PHP_SERVER}:/etc/php-fpm-custom.d:ro,z # Mount devilbox user-defined *.so files in order # to load custom PHP modules - - ${DEVILBOX_PATH}/mod/php-fpm-${PHP_SERVER}:/usr/lib64/php/custom-modules:ro + - ${DEVILBOX_PATH}/mod/php-fpm-${PHP_SERVER}:/usr/lib64/php/custom-modules:ro,z # Mount devilbox user-defined bash config - - ${DEVILBOX_PATH}/bash:/etc/bashrc-devilbox.d + - ${DEVILBOX_PATH}/bash:/etc/bashrc-devilbox.d:z # Certificate Authority public key - - ${DEVILBOX_PATH}/ca:/ca + - ${DEVILBOX_PATH}/ca:/ca:z depends_on: - bind @@ -270,19 +270,19 @@ services: # HOST-DIRECTORY : DOCKER-DIRECTORY # Mount custom intranet - - ${DEVILBOX_PATH}/.devilbox/www:/var/www/default:ro + - ${DEVILBOX_PATH}/.devilbox/www:/var/www/default:ro,z # Mount custom mass virtual hosting - - ${HOST_PATH_HTTPD_DATADIR}:/shared/httpd + - ${HOST_PATH_HTTPD_DATADIR}:/shared/httpd:z # Mount custom web server config directory - - ${DEVILBOX_PATH}/cfg/${HTTPD_SERVER}:/etc/httpd-custom.d + - ${DEVILBOX_PATH}/cfg/${HTTPD_SERVER}:/etc/httpd-custom.d:z # Mount logs - - ${DEVILBOX_PATH}/log/${HTTPD_SERVER}:/var/log/${HTTPD_SERVER} + - ${DEVILBOX_PATH}/log/${HTTPD_SERVER}:/var/log/${HTTPD_SERVER}:z # Certificate Authority public key - - ${DEVILBOX_PATH}/ca:/ca + - ${DEVILBOX_PATH}/ca:/ca:z depends_on: - bind @@ -335,17 +335,17 @@ services: # HOST-DIRECTORY : DOCKER-DIRECTORY # Mount logs - - ${DEVILBOX_PATH}/log/${MYSQL_SERVER}:/var/log/mysql + - ${DEVILBOX_PATH}/log/${MYSQL_SERVER}:/var/log/mysql:z # Mount devilbox default overwrites - - ${DEVILBOX_PATH}/.devilbox/etc/${MYSQL_SERVER}:/etc/mysql/conf.d:ro + - ${DEVILBOX_PATH}/.devilbox/etc/${MYSQL_SERVER}:/etc/mysql/conf.d:ro,z # Mount devilbox user-defined cnf files in order # to overwrite the MySQL server configuration - - ${DEVILBOX_PATH}/cfg/${MYSQL_SERVER}:/etc/mysql/docker-default.d:ro + - ${DEVILBOX_PATH}/cfg/${MYSQL_SERVER}:/etc/mysql/docker-default.d:ro,z # Mount MySQL Data directory - - ${HOST_PATH_MYSQL_DATADIR}/${MYSQL_SERVER}:/var/lib/mysql + - ${HOST_PATH_MYSQL_DATADIR}/${MYSQL_SERVER}:/var/lib/mysql:z depends_on: - bind @@ -378,10 +378,10 @@ services: # HOST-DIRECTORY : DOCKER-DIRECTORY # Mount logs - - ${DEVILBOX_PATH}/log/pgsql-${PGSQL_SERVER}:/var/log/postgresql + - ${DEVILBOX_PATH}/log/pgsql-${PGSQL_SERVER}:/var/log/postgresql:z # Mount PostgreSQL Data directory - - ${HOST_PATH_PGSQL_DATADIR}/${PGSQL_SERVER}:/var/lib/postgresql/data/pgdata + - ${HOST_PATH_PGSQL_DATADIR}/${PGSQL_SERVER}:/var/lib/postgresql/data/pgdata:z depends_on: - bind @@ -408,7 +408,7 @@ services: # HOST-DIRECTORY : DOCKER-DIRECTORY # Mount logs - - ${DEVILBOX_PATH}/log/redis-${REDIS_SERVER}:/var/log/redis + - ${DEVILBOX_PATH}/log/redis-${REDIS_SERVER}:/var/log/redis:z depends_on: - bind @@ -435,7 +435,7 @@ services: # HOST-DIRECTORY : DOCKER-DIRECTORY # Mount logs - - ${DEVILBOX_PATH}/log/memcd-${MEMCD_SERVER}:/var/log/memcd + - ${DEVILBOX_PATH}/log/memcd-${MEMCD_SERVER}:/var/log/memcd:z depends_on: - bind @@ -462,7 +462,7 @@ services: # HOST-DIRECTORY : DOCKER-DIRECTORY # Mount MongoDB Data directory - - ${HOST_PATH_MONGO_DATADIR}/${MONGO_SERVER}:/data/db + - ${HOST_PATH_MONGO_DATADIR}/${MONGO_SERVER}:/data/db:z depends_on: - bind From 1cc9eb8a9c8fc0fe95193961c23a1a6e1bfb5b50 Mon Sep 17 00:00:00 2001 From: cytopia Date: Sat, 23 Jun 2018 17:45:32 +0200 Subject: [PATCH 2/4] Use release httpd container --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 20a1dba5..1aa2f670 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -205,7 +205,7 @@ services: # Web Server # ------------------------------------------------------------ httpd: - image: devilbox/${HTTPD_SERVER:-nginx-stable}:0.16 + image: devilbox/${HTTPD_SERVER:-nginx-stable}:release-0.17 restart: always environment: From db25322dafe4616d23cbbc649c7abdb15f16359c Mon Sep 17 00:00:00 2001 From: cytopia Date: Sat, 23 Jun 2018 20:48:52 +0200 Subject: [PATCH 3/4] Use tagged httpd versions --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 1aa2f670..41547f63 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -205,7 +205,7 @@ services: # Web Server # ------------------------------------------------------------ httpd: - image: devilbox/${HTTPD_SERVER:-nginx-stable}:release-0.17 + image: devilbox/${HTTPD_SERVER:-nginx-stable}:0.17 restart: always environment: From 2ee7b6c95e266689a8157efc06ad51d99942fd07 Mon Sep 17 00:00:00 2001 From: Lathan Bidwell Date: Tue, 26 Jun 2018 10:15:27 -0400 Subject: [PATCH 4/4] Adding in documentation guide on putting the SSL Root CA into your OS' security keychain --- docs/configuration-global/https-ssl.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/configuration-global/https-ssl.rst b/docs/configuration-global/https-ssl.rst index bbb2dd2c..8f6209ae 100644 --- a/docs/configuration-global/https-ssl.rst +++ b/docs/configuration-global/https-ssl.rst @@ -62,6 +62,8 @@ valid and trusted SSL certificates without any further work. .. important:: Importing the CA into the browser is also recommended and required for the Devilbox intranet page to work properly. + You may also import the CA into your Operating System's Keystore. Information on that + is available at `GFI Root Certificate guide `_ Import the CA into your browser