Merge pull request #8 from StanYago/master

added route for docker engine setup, just curl /setup/systemd | bash
2018-12-16 10:43:19 +01:00 · 2018-12-16 10:43:19 +01:00 · 686e8ae021
parent 329bf342c0 d8434a02cf
commit 686e8ae021
1 changed files with 45 additions and 2 deletions
--- a/nginx.conf
+++ b/nginx.conf
@ -121,8 +121,51 @@ http {
             alias /ca/ca.crt;
        }

-        # @TODO: add a dynamic root path that generates instructions for usage on docker clients
-    }
+        location /setup/systemd {
+            add_header "Content-type" "text/plain" always;
+            return 200 '
+set -e 
+
+if [ ! -d /etc/systemd ]; then   
+   echo "Not a systemd system"
+   exit 1
+fi
+
+if [[ $EUID -ne 0 ]]; then
+   echo "Must be root to change system files"
+   exit 1
+fi
+
+if [[ $(systemctl is-active --quiet docker.service) -ne 0 ]]; then
+   echo "Docker service missing"
+   exit 1
+fi
+
+mkdir -p /etc/systemd/system/docker.service.d
+cat << EOD > /etc/systemd/system/docker.service.d/http-proxy.conf
+[Service]
+Environment="HTTPS_PROXY=$scheme://$http_host/"
+EOD
+
+# Get the CA certificate from the proxy and make it a trusted root.
+curl $scheme://$http_host/ca.crt > /usr/share/ca-certificates/docker_registry_proxy.crt
+if fgrep -q "docker_registry_proxy.crt" /etc/ca-certificates.conf ; then
+   echo "certificate refreshed"
+else
+   echo "docker_registry_proxy.crt" >> /etc/ca-certificates.conf
+fi
+
+update-ca-certificates --fresh
+
+# Reload systemd
+systemctl daemon-reload
+
+# Restart dockerd
+systemctl restart docker.service
+echo "Docker configured with HTTPS_PROXY=$scheme://$http_host/"
+';
+        } # end location /setup/systemd
+    } # end server


    # The caching layer