-
Notifications
You must be signed in to change notification settings - Fork 8
Cleanup unused SSL certificates
Maksym Zaporozhets edited this page Jun 19, 2023
·
2 revisions
Clean up unused SSL certificates.
- Search for SSL certificates in all
virtual-host.conf
files within the$DOCKERIZER_PROJECTS_ROOT_DIR
directory. - Remove SSL certificates from the
$DOCKERIZER_SSL_CERTIFICATES_DIR
if they are not found in any of thevirtual-host.conf
files. - Get a list of certificate files left on the disk.
- Clean up the
$DOCKERIZER_TRAEFIK_SSL_CONFIGURATION_FILE
file from the entries that do not exist on the disk.
Use at your own responsibility. Generating new certificates with mkcert if needed.
Removing unused certificates:
- Decreases a mess in the
$DOCKERIZER_SSL_CERTIFICATES_DIR
directory. - Decreases a mess in the
$DOCKERIZER_TRAEFIK_SSL_CONFIGURATION_FILE
file. - Reduces the growth of the Traefik log file size.
php bin/dockerizer maintenance:traefik:cleanup-certificates
- Collect all
.pem
file names from thevirtual-host.conf
files within the$DOCKERIZER_PROJECTS_ROOT_DIR
directory. - Remove all
.pem
files from the$DOCKERIZER_SSL_CERTIFICATES_DIR
directory that are not present in the list from the previous step. - Get a list of files left in the
$DOCKERIZER_SSL_CERTIFICATES_DIR
directory. - Remove all entries from the
$DOCKERIZER_TRAEFIK_SSL_CONFIGURATION_FILE
file that are not present in the list from the previous step.
-
DOCKERIZER_PROJECTS_ROOT_DIR
: The directory where projects are stored. Acts as a firewall to prevent commands from deleting files outside of this directory or system temp directory. -
DOCKERIZER_SSL_CERTIFICATES_DIR
: In thedocker-compose.yaml
- the directory where SSL certificates are stored. -
DOCKERIZER_TRAEFIK_SSL_CONFIGURATION_FILE
(.env.local
): The path to the Traefik SSL configuration file. Configured automatically to/home/$USER/misc/apps/traefik-reverse-proxy/traefik/configuration/certificates.toml
when you install Traefik (seeConfiguring the tool
section on the Wiki home page).
- docker:mysql:connect
- docker:mysql:export-db
- docker:mysql:import-db
- docker:mysql:upload-to-aws
- docker:mysql:generate-metadata
- docker:mysql:reconstruct-db
- docker:mysql:test-metadata
- magento:setup
- magento:reinstall
- magento:test-module-install
- magento:test-templates
- magento:test-dockerfiles
- MacOS and Docker Desktop support
- Bash aliases
- Install Symfony with Dockerizer
- Running-apps-with-existing-Docker-compositions
- Limitations
- Building MySQL images with DB: how it works
- Configure AWS Lambda
- Gitlab pipeline to build images
- Managing AWS S3 access
- Using AWS credentials with Dockerizer
- Access management cheat-sheet
- FAQ