From: W. Trevor King <wking@tremily.us>
Date: Sat, 15 Feb 2014 02:43:52 +0000 (-0800)
Subject: x.509/Makefile-link: Add a basic Makefile for linking wildcard certs
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=e4b56b50eb21f0e92507ba2e62703892a5ff32a2;p=dockerfile.git

x.509/Makefile-link: Add a basic Makefile for linking wildcard certs
---

diff --git a/x.509/Makefile-link b/x.509/Makefile-link
new file mode 100644
index 0000000..c73b4b7
--- /dev/null
+++ b/x.509/Makefile-link
@@ -0,0 +1,29 @@
+# Create links to a wildcard certificate on the fly
+#
+# This is useful for testing with the nginx-proxy container, but note
+# that functional wildcard certificates are only one subdomain level
+# deep (e.g. *.example.com matches www.example.com but not
+# www.beta.example.com) [1].
+#
+# [1]: http://en.wikipedia.org/wiki/Wildcard_certificate
+
+DOMAIN ?= example.com
+HOSTS ?= www static media kibana es
+
+WILDCARD_KEY ?= /etc/ssl/$(DOMAIN)/wildcard.$(DOMAIN).key
+WILDCARD_CERT_CHAIN ?= /etc/ssl/$(DOMAIN)/wildcard.$(DOMAIN)-chain.crt
+
+FQDNS = $(patsubst %, %.$(DOMAIN), $(HOSTS)) nginx
+KEYS = $(patsubst %, %.key, $(FQDNS))
+CERTS = $(patsubst %, %.pem, $(FQDNS))
+
+all: $(KEYS) $(CERTS)
+
+clean:
+	rm -f *.key *.pem
+
+$(KEYS): %.key: | $(WILDCARD_KEY)
+	ln -s "$(WILDCARD_KEY)" "$@"
+
+$(CERTS): %.pem: | $(WILDCARD_CERT_CHAIN)
+	ln -s "$(WILDCARD_CERT_CHAIN)" "$@"