|
27 | 27 | # COPY ./docker-entrypoint.sh / |
28 | 28 | # ENTRYPOINT ["/docker-entrypoint.sh"] |
29 | 29 | # EXPOSE 3306 |
| 30 | +FROM mysql:5.7 |
| 31 | + |
| 32 | +RUN \ |
| 33 | + apt-get update && \ |
| 34 | + apt-get -y install openssl && \ |
| 35 | + mkdir /mysql_keys && \ |
| 36 | + chown mysql:mysql /mysql_keys |
| 37 | + |
| 38 | +USER mysql |
| 39 | +RUN \ |
| 40 | + cd /mysql_keys;\ |
| 41 | + # Create CA certificate |
| 42 | + openssl genrsa 2048 > ca-key.pem;\ |
| 43 | + openssl req -subj '/CN=CA/O=MySQL/C=US' -new -x509 -nodes -days 3600 \ |
| 44 | + -key ca-key.pem -out ca.pem;\ |
| 45 | + # Create server certificate, remove passphrase, and sign it |
| 46 | + # server-cert.pem = public key, server-key.pem = private key |
| 47 | + openssl req -subj '/CN=SV/O=MySQL/C=US' -newkey rsa:2048 -days 3600 \ |
| 48 | + -nodes -keyout server-key.pem -out server-req.pem;\ |
| 49 | + openssl rsa -in server-key.pem -out server-key.pem;\ |
| 50 | + openssl x509 -req -in server-req.pem -days 3600 \ |
| 51 | + -CA ca.pem -CAkey ca-key.pem -set_serial 01 -out server-cert.pem;\ |
| 52 | + # Create client certificate, remove passphrase, and sign it |
| 53 | + # client-cert.pem = public key, client-key.pem = private key |
| 54 | + openssl req -subj '/CN=CL/O=MySQL/C=US' -newkey rsa:2048 -days 3600 \ |
| 55 | + -nodes -keyout client-key.pem -out client-req.pem;\ |
| 56 | + openssl rsa -in client-key.pem -out client-key.pem;\ |
| 57 | + openssl x509 -req -in client-req.pem -days 3600 \ |
| 58 | + -CA ca.pem -CAkey ca-key.pem -set_serial 01 -out client-cert.pem |
| 59 | +USER root |
| 60 | + |
| 61 | +ADD my.cnf /etc/mysql/my.cnf |
| 62 | + |
| 63 | +HEALTHCHECK \ |
| 64 | + --timeout=5s \ |
| 65 | + --retries=60 \ |
| 66 | + --interval=1s \ |
| 67 | + CMD \ |
| 68 | + mysql --protocol TCP -u"root" -p"simple" -e "show databases;" |
| 69 | + |
30 | 70 | FROM continuumio/anaconda3 |
31 | 71 | # install the notebook package |
32 | 72 | RUN pip install --no-cache --upgrade pip && \ |
|
0 commit comments