mirror of
https://github.com/matter-labs/teepot.git
synced 2025-07-22 07:24:48 +02:00
chore: cleanup and nixify
* create containers with nix * updated README.md * added SPDX license headers Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
This commit is contained in:
Harald Hoyer
parent
c8082debc7
commit
91f1612e0f
GPG key ID:
F519A1143B3FBE32
36 changed files with 900 additions and 659 deletions
25
packages/container-vault-sgx-azure/Dockerfile
Normal file
25
packages/container-vault-sgx-azure/Dockerfile
Normal file
|
|
@ -0,0 +1,25 @@
|
|||
# SPDX-License-Identifier: Apache-2.0
|
||||
# Copyright (c) 2024 Matter Labs
|
||||
|
||||
FROM teepot-vault-sgx-azure:base
|
||||
|
||||
WORKDIR /opt/vault
|
||||
|
||||
COPY packages/container-vault-sgx-azure/test-enclave-key.pem /tmp/
|
||||
RUN set -eux; \
|
||||
gramine-manifest \
|
||||
-Dtee_ratls_preexec=$(readlink /bin/tee-ratls-preexec) \
|
||||
-Dvault_exec=$(readlink /bin/vault) \
|
||||
-Darch_libdir=/lib/x86_64-linux-gnu \
|
||||
-Dexecdir=/bin \
|
||||
-Dlog_level=warning \
|
||||
vault.manifest.toml vault.manifest; \
|
||||
gramine-sgx-sign --manifest vault.manifest --output vault.manifest.sgx --key /tmp/test-enclave-key.pem; \
|
||||
rm /tmp/test-enclave-key.pem
|
||||
|
||||
VOLUME /opt/vault/tls
|
||||
VOLUME /opt/vault/data
|
||||
|
||||
ENTRYPOINT ["/bin/sh", "-c"]
|
||||
ENV SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt
|
||||
CMD [ "echo vault in SGX mode starting; restart-aesmd ; exec gramine-sgx vault" ]
|
||||
Loading…
Add table
Add a link
Reference in a new issue