Dustin C. Hatch
9938d885b0
All checks were successful
ContainerImages/certs/pipeline/head This commit looks good
In order to `git push` the newly-committed certificatess in the Post-Renew stage, the agent must trust the remote SSH server's host key.
34 lines
784 B
Docker
34 lines
784 B
Docker
FROM alpine:3.15
|
|
|
|
RUN apk --no-cache add -f \
|
|
openssl \
|
|
openssh-client \
|
|
coreutils \
|
|
bind-tools \
|
|
curl \
|
|
sed \
|
|
socat \
|
|
tzdata \
|
|
oath-toolkit-oathtool \
|
|
tar \
|
|
libidn \
|
|
jq
|
|
|
|
RUN curl -fL -o /tmp/acme.sh https://raw.githubusercontent.com/acmesh-official/acme.sh/3.0.4/acme.sh && \
|
|
mkdir -p /usr/local/acme.sh && \
|
|
cd /tmp && \
|
|
sh acme.sh \
|
|
--install-online \
|
|
--home /usr/local/acme.sh \
|
|
--config-home /acme.sh \
|
|
--no-cron \
|
|
&& \
|
|
ln -s /usr/local/acme.sh/acme.sh /usr/local/bin/ && \
|
|
rm -f /tmp/acme.sh
|
|
|
|
RUN curl -L https://github.com/go-acme/lego/releases/download/v4.4.0/lego_v4.4.0_linux_amd64.tar.gz \
|
|
| tar -xz -C /usr/local/bin lego
|
|
|
|
RUN echo 'KnownHostsCommand /usr/bin/curl -sL https://files.pyrocufflink.blue/ssh_known_hosts' \
|
|
>> /etc/ssh/ssh_config
|