From 090713be8ec9232700b826f6d3c77e1cdf7a1d5b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andrej=20Rama=C5=A1euski?= <andrej@x2.cz>
Date: Sun, 13 Sep 2020 21:41:09 +0200
Subject: [PATCH] Migrace na louketo-proxy

---
 Dockerfile    | 34 +++++++++++++++++-----------------
 entrypoint.sh | 21 +++++++++++----------
 2 files changed, 28 insertions(+), 27 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index b70fc9b..cb98c64 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,29 +1,29 @@
-FROM alpine:3.11
+FROM alpine:3.12.0
 
-ENV NAME keycloak-gatekeeper
-ENV KEYCLOAK_VERSION 10.0.1
+ENV NAME louketo-proxy
+ENV LOUKETO_PROXY_VERSION 1.0.0
 ENV GOOS linux
 ENV GOARCH amd64
 
-LABEL Name=keycloak-gatekeeper \
-      Release=https://github.com/keycloak/keycloak-gatekeeper \
-      Url=https://github.com/keycloak/keycloak-gatekeeper \
-      Help=https://issues.jboss.org/projects/KEYCLOAK \
-      maintainer="andrej.ramaseuski@pirati.cz"
+LABEL Name=louketo-proxy \
+      Release=https://github.com/louketo/louketo-proxy/releases \
+      Url=https://github.com/louketo/louketo-proxy \
+      Help=https://github.com/louketo/louketo-proxy/blob/master/docs/user-guide.md
 
-RUN adduser -D -u 1000 gatekeeper && \
-    mkdir /etc/gatekeeper && \
-    chown gatekeeper /etc/gatekeeper
+RUN adduser -h /opt/louketo -D -u 1000 louketo
 
-RUN apk add --no-cache ca-certificates curl tar openssl
+RUN apk add --no-cache libc6-compat ca-certificates su-exec openssl curl tar
 
-WORKDIR "/opt"
+WORKDIR "/opt/louketo"
 
-RUN curl -fssL "https://downloads.jboss.org/keycloak/$KEYCLOAK_VERSION/gatekeeper/$NAME-$GOOS-$GOARCH.tar.gz" | tar -xz && chmod +x /opt/gatekeeper/$NAME
+RUN curl -fssL "https://github.com/louketo/louketo-proxy/releases/download/$LOUKETO_PROXY_VERSION/${NAME}_${LOUKETO_PROXY_VERSION}_${GOOS}_${GOARCH}.tar.gz" | tar -xz --strip-components=1
 
-COPY entrypoint.sh entrypoint.sh
+COPY entrypoint.sh /
+
+RUN chown -R louketo:louketo /opt/louketo
+RUN mkdir /etc/louketo;chown -R louketo:louketo /etc/louketo
 
 USER 1000
 EXPOSE 3000
-ENTRYPOINT [ "/opt/entrypoint.sh" ]
-CMD ["/opt/keycloak-gatekeeper"]
+ENTRYPOINT ["/entrypoint.sh"]
+CMD ["/opt/louketo/louketo-proxy"]
diff --git a/entrypoint.sh b/entrypoint.sh
index f62ce34..95b5a9d 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -1,7 +1,7 @@
 #!/bin/sh
 # Entrypoint for Docker Container
 
-export PROXY_CONFIG_FILE=${CONFIG:-'/etc/gatekeeper/gatekeeper.conf'}
+export PROXY_CONFIG_FILE=${CONFIG:-'/etc/louketo/louketo.conf'}
 
 CLIENT_ID=${CLIENT_ID}
 CLIENT_SECRET=${CLIENT_SECRET}
@@ -15,12 +15,13 @@ LISTEN=${LISTEN:-':3000'}
 
 CERTIFICATE_SUBJ=${CERTIFICATE_SUBJ:-'/C=CZ/ST=CZ/L=Praha/O=Pirati/OU=TO/CN=gatekeeper'}
 
-if [ -s /etc/gatekeeper/ssl.crt ] || [ -s /etc/gatekeeper/cert.pem ] || [ -s /etc/gatekeeper/key.pem ] || [ -n "${SKIP_SSL_GENERATE}" ]; then
+
+if [ -s /etc/louketo/ssl.crt ] || [ -s /etc/louketo/cert.pem ] || [ -s /etc/louketo/key.pem ] || [ -n "${SKIP_SSL_GENERATE}" ]; then
     echo "Skipping SSL certificate generation"
 else
     echo "Generating self-signed certificate"
 
-    cd /etc/gatekeeper
+    cd /etc/louketo
 
     # Generating signing SSL private key
     openssl genrsa -des3 -passout pass:xxxx -out key.pem 2048
@@ -33,20 +34,20 @@ else
     openssl x509 -req -days 3650 -in cert.csr -signkey key.pem -out cert.pem
 fi
 
-echo "# GATEKEEPER CONFIG 
+echo "# GATEKEEPER CONFIG
 client-id: ${CLIENT_ID}
 client-secret: ${CLIENT_SECRET}
 discovery-url: ${DISCOVERY_URL}
 redirection-url: ${REDIRECTION_URL}
-encryption-key: ${ENCRYPTION_KEY} 
+encryption-key: ${ENCRYPTION_KEY}
 listen: ${LISTEN}
-upstream-url: ${UPSTREAM_URL} 
-tls-cert: /etc/gatekeeper/cert.pem
-tls-private-key: /etc/gatekeeper/key.pem 
+upstream-url: ${UPSTREAM_URL}
+tls-cert: /etc/louketo/cert.pem
+tls-private-key: /etc/louketo/key.pem
 ${CUSTOM_CONFIG}
 
 resources:
 ${RESOURCES}
-" > /etc/gatekeeper/gatekeeper.conf
+" > /etc/louketo/louketo.conf
 
-exec "$@" 
+exec "$@"
-- 
GitLab