Docker files for testing
docker-debian10.tls13only.start.sh can be linked to e.g. docker-debian10.tls13.start.sh, then also TLS 1.2 is added.
This commit is contained in:
parent
cf00c8e8ac
commit
fe43d9dd0c
|
@ -0,0 +1,31 @@
|
|||
|
||||
# no early data, but TLS 1.3 with debian:buster (sid simlar in Feb 2019)
|
||||
|
||||
image=${1:-"debian:buster"}
|
||||
docker pull "$image"
|
||||
ID=$(docker run -d -ti $image)
|
||||
|
||||
docker exec -ti $ID apt-get update
|
||||
docker exec -ti $ID apt-get install -y ssl-cert dialog
|
||||
docker exec -ti $ID apt-get install -y nginx-common nginx-light
|
||||
docker exec -ti $ID cp /etc/nginx/sites-available/default /etc/nginx/sites-available/default.bak
|
||||
docker exec -ti $ID sed -i -e 's/# listen/listen/' -e 's/# include/include/' /etc/nginx/sites-available/default
|
||||
if echo "$0" | grep -q only; then
|
||||
docker exec -ti $ID sed -i -e 's/listen \[::\]:443 ssl default_server;/&\n\tssl_protocols TLSv1\.3;\n\tssl_ecdh_curve X448:X25519;/' /etc/nginx/sites-available/default
|
||||
else
|
||||
docker exec -ti $ID sed -i -e 's/listen \[::\]:443 ssl default_server;/&\n\tssl_protocols TLSv1\.2 TLSv1\.3;\n\tssl_ecdh_curve X448:X25519;/' /etc/nginx/sites-available/default
|
||||
fi
|
||||
|
||||
s/listen \[::\]:443 ssl default_server;/&\n\tssl_protocols TLSv1.2 TLSv1.3;/\n\tssl_ecdh_curve X448:X25519;' /etc/nginx/sites-available/default
|
||||
|
||||
docker exec -ti $ID nginx -V
|
||||
docker exec -ti $ID service nginx start
|
||||
docker exec -ti $ID service nginx status
|
||||
# P Q
|
||||
|
||||
docker inspect $ID | jq -r '.[].NetworkSettings.IPAddress'
|
||||
|
||||
exit 0
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue