-
Notifications
You must be signed in to change notification settings - Fork 8
/
docker
executable file
·42 lines (34 loc) · 1011 Bytes
/
docker
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
#!/usr/bin/env bash
CONT_CAFILE=/ssl/cert.pem
CONT_CAPATH=/ssl/certs
env_flags() {
echo "-e SSL_CERT_FILE=$CONT_CAFILE -e SSL_CERT_DIR=$CONT_CAPATH"
}
mount_flags() {
DEFAULT_CERT_DIR=$(openssl version -d | sed -e "s/^OPENSSLDIR: \"//" -e "s/\"$//")
CAFILE=${SSL_CERT_FILE:-$DEFAULT_CERT_DIR/cert.pem}
CAPATH=${SSL_CERT_DIR:-$DEFAULT_CERT_DIR/certs}
# Can't just mount CAPATH, because typically many certificates are symbolic
# links and symlinks don't work through bindmounts.
# Instead we iterate the directory and build a list of mount flags to mount each
# file individually - bind mount resolves symlinks before mount.
CERT_MOUNT_FLAGS=$(ls $CAPATH | sed "s|.*|-v $CAPATH/&:$CONT_CAPATH/&|")
echo "-v $CAFILE:$CONT_CAFILE $CERT_MOUNT_FLAGS"
}
docker() {
"$(type -pa docker | \
grep -v $(realpath ${BASH_SOURCE[0]}) | \
head -n 1)" $@
}
case $1 in
run)
shift
docker run \
$(mount_flags) \
$(env_flags) \
$@
;;
*)
docker $@
;;
esac