Skip to content

Commit 652ce5a

Browse files
dkleinF5dkleinF5
committed
updated docker for jwt
1 parent c623364 commit 652ce5a

File tree

2 files changed

+42
-10
lines changed

2 files changed

+42
-10
lines changed

content/includes/waf/install-build-image.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -16,13 +16,13 @@ Your folder should contain the following files:
1616
To build an image, use the following command, replacing `<your-image-name>` as appropriate:
1717

1818
```shell
19-
sudo docker build --no-cache --platform linux/amd64 --secret id=nginx-crt,src=nginx-repo.crt --secret id=nginx-key,src=nginx-repo.key -t <your-image-name> .
19+
sudo docker build --no-cache --platform linux/amd64 --secret id=nginx-crt,src=nginx-repo.crt --secret id=nginx-key,src=nginx-repo.key --secret id=license-jwt,src=license.jwt -t <your-image-name> .
2020
```
2121

2222
A RHEL-based system would use the following command instead:
2323

2424
```shell
25-
podman build --no-cache --secret id=nginx-crt,src=nginx-repo.crt --secret id=nginx-key,src=nginx-repo.key -t <your-image-name> .
25+
podman build --no-cache --secret id=nginx-crt,src=nginx-repo.crt --secret id=nginx-key,src=nginx-repo.key --secret id=license-jwt,src=license.jwt -t <your-image-name> .
2626
```
2727

2828
{{< call-out "note" >}}

content/waf/install/docker.md

Lines changed: 40 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -954,12 +954,16 @@ RUN --mount=type=secret,id=nginx-crt,dst=/etc/apk/cert.pem,mode=0644 \
954954
--mount=type=secret,id=nginx-key,dst=/etc/apk/cert.key,mode=0644 \
955955
apk update && apk add app-protect-ip-intelligence
956956

957+
# Securely copy the JWT license:
958+
RUN --mount=type=secret,id=license-jwt,dst=license.jwt \
959+
cp license.jwt /etc/nginx/license.jwt
960+
957961
# Forward request logs to Docker log collector:
958962
RUN ln -sf /dev/stdout /var/log/nginx/access.log \
959963
&& ln -sf /dev/stderr /var/log/nginx/error.log
960964

961965
# Copy configuration files:
962-
COPY nginx.conf custom_log_format.json license.jwt /etc/nginx/
966+
COPY nginx.conf custom_log_format.json /etc/nginx/
963967
COPY entrypoint.sh /root/
964968

965969
CMD ["sh", "/root/entrypoint.sh"]
@@ -996,12 +1000,16 @@ RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.crt,mode=0644
9961000
--mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
9971001
dnf -y install app-protect-ip-intelligence
9981002

1003+
# Securely copy the JWT license:
1004+
RUN --mount=type=secret,id=license-jwt,dst=license.jwt \
1005+
cp license.jwt /etc/nginx/license.jwt
1006+
9991007
# Forward request logs to Docker log collector:
10001008
RUN ln -sf /dev/stdout /var/log/nginx/access.log \
10011009
&& ln -sf /dev/stderr /var/log/nginx/error.log
10021010

10031011
# Copy configuration files:
1004-
COPY nginx.conf custom_log_format.json license.jwt /etc/nginx/
1012+
COPY nginx.conf custom_log_format.json /etc/nginx/
10051013
COPY entrypoint.sh /root/
10061014

10071015
CMD ["sh", "/root/entrypoint.sh"]
@@ -1051,12 +1059,16 @@ RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.crt,mode=0644
10511059
--mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
10521060
apt-get install -y app-protect-ip-intelligence
10531061

1062+
# Securely copy the JWT license:
1063+
RUN --mount=type=secret,id=license-jwt,dst=license.jwt \
1064+
cp license.jwt /etc/nginx/license.jwt
1065+
10541066
# Forward request logs to Docker log collector:
10551067
RUN ln -sf /dev/stdout /var/log/nginx/access.log \
10561068
&& ln -sf /dev/stderr /var/log/nginx/error.log
10571069

10581070
# Copy configuration files:
1059-
COPY nginx.conf custom_log_format.json license.jwt /etc/nginx/
1071+
COPY nginx.conf custom_log_format.json /etc/nginx/
10601072
COPY entrypoint.sh /root/
10611073

10621074
CMD ["sh", "/root/entrypoint.sh"]
@@ -1097,12 +1109,16 @@ RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.crt,mode=0644
10971109
--mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
10981110
dnf install -y app-protect-ip-intelligence
10991111

1112+
# Securely copy the JWT license:
1113+
RUN --mount=type=secret,id=license-jwt,dst=license.jwt \
1114+
cp license.jwt /etc/nginx/license.jwt
1115+
11001116
# Forward request logs to Docker log collector:
11011117
RUN ln -sf /dev/stdout /var/log/nginx/access.log \
11021118
&& ln -sf /dev/stderr /var/log/nginx/error.log
11031119

11041120
# Copy configuration files:
1105-
COPY nginx.conf custom_log_format.json license.jwt /etc/nginx/
1121+
COPY nginx.conf custom_log_format.json /etc/nginx/
11061122
COPY entrypoint.sh /root/
11071123

11081124
CMD ["sh", "/root/entrypoint.sh"]
@@ -1140,12 +1156,16 @@ RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.crt,mode=0644
11401156
--mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
11411157
dnf install -y app-protect-ip-intelligence
11421158

1159+
# Securely copy the JWT license:
1160+
RUN --mount=type=secret,id=license-jwt,dst=license.jwt \
1161+
cp license.jwt /etc/nginx/license.jwt
1162+
11431163
# Forward request logs to Docker log collector:
11441164
RUN ln -sf /dev/stdout /var/log/nginx/access.log \
11451165
&& ln -sf /dev/stderr /var/log/nginx/error.log
11461166

11471167
# Copy configuration files:
1148-
COPY nginx.conf custom_log_format.json license.jwt /etc/nginx/
1168+
COPY nginx.conf custom_log_format.json /etc/nginx/
11491169
COPY entrypoint.sh /root/
11501170

11511171
CMD ["sh", "/root/entrypoint.sh"]
@@ -1186,8 +1206,12 @@ RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.crt,mode=0644
11861206
RUN ln -sf /dev/stdout /var/log/nginx/access.log \
11871207
&& ln -sf /dev/stderr /var/log/nginx/error.log
11881208

1209+
# Securely copy the JWT license:
1210+
RUN --mount=type=secret,id=license-jwt,dst=license.jwt \
1211+
cp license.jwt /etc/nginx/license.jwt
1212+
11891213
# Copy configuration files:
1190-
COPY nginx.conf custom_log_format.json license.jwt /etc/nginx/
1214+
COPY nginx.conf custom_log_format.json /etc/nginx/
11911215
COPY entrypoint.sh /root/
11921216

11931217
CMD ["sh", "/root/entrypoint.sh"]
@@ -1224,12 +1248,16 @@ RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.crt,mode=0644
12241248
--mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
12251249
dnf install -y app-protect-ip-intelligence
12261250

1251+
# Securely copy the JWT license:
1252+
RUN --mount=type=secret,id=license-jwt,dst=license.jwt \
1253+
cp license.jwt /etc/nginx/license.jwt
1254+
12271255
# Forward request logs to Docker log collector:
12281256
RUN ln -sf /dev/stdout /var/log/nginx/access.log \
12291257
&& ln -sf /dev/stderr /var/log/nginx/error.log
12301258

12311259
# Copy configuration files:
1232-
COPY nginx.conf custom_log_format.json license.jwt /etc/nginx/
1260+
COPY nginx.conf custom_log_format.json /etc/nginx/
12331261
COPY entrypoint.sh /root/
12341262

12351263
CMD ["sh", "/root/entrypoint.sh"]
@@ -1279,12 +1307,16 @@ RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.crt,mode=0644
12791307
--mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
12801308
apt-get install -y app-protect-ip-intelligence
12811309

1310+
# Securely copy the JWT license:
1311+
RUN --mount=type=secret,id=license-jwt,dst=license.jwt \
1312+
cp license.jwt /etc/nginx/license.jwt
1313+
12821314
# Forward request logs to Docker log collector:
12831315
RUN ln -sf /dev/stdout /var/log/nginx/access.log \
12841316
&& ln -sf /dev/stderr /var/log/nginx/error.log
12851317

12861318
# Copy configuration files:
1287-
COPY nginx.conf custom_log_format.json license.jwt /etc/nginx/
1319+
COPY nginx.conf custom_log_format.json /etc/nginx/
12881320
COPY entrypoint.sh /root/
12891321

12901322
CMD ["sh", "/root/entrypoint.sh"]

0 commit comments

Comments
 (0)