diff --git a/.drone/drone-home.jsonnet b/.drone/drone-home.jsonnet index 13a701d..669f01e 100644 --- a/.drone/drone-home.jsonnet +++ b/.drone/drone-home.jsonnet @@ -104,13 +104,13 @@ local publicSecrets = import 'lib/public-secrets.libsonnet'; settings +: { script +: [ 'set -e', - "docker network prune -f", + //"docker network prune -f", "cd /stack/squid/myCA", //'openssl genrsa -out CA_key.pem 2048', //'openssl req -x509 -days 600 -new -nodes -key CA_key.pem -out CA_crt.pem -extensions v3_ca -config openssl.cnf -subj "/C=US/ST=California/L=Mountain View/O=Google/OU=Enterprise/CN=MyCA"', 'cd ..', - "docker stack rm squid", - "sleep 60", + //"docker stack rm squid", + //"sleep 60", // "docker volume rm squid_squid-cache", //'export SQUID_IMAGE=$${LOCAL_DOCKER_REGISTRY}squid', //'docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${LOCAL_REGISTRY_PASSWORD}"', diff --git a/.drone/drone-home.yml b/.drone/drone-home.yml index 5698197..52d72e1 100644 --- a/.drone/drone-home.yml +++ b/.drone/drone-home.yml @@ -48,11 +48,8 @@ steps: from_secret: ssh-port script: - set -e - - docker network prune -f - cd /stack/squid/myCA - cd .. - - docker stack rm squid - - sleep 60 - docker stack deploy -c docker-compose.yml squid username: from_secret: ssh-user diff --git a/docker-compose.yml b/docker-compose.yml index 9df5f77..c8d61b6 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -16,7 +16,8 @@ services: - VISIBLE_HOSTNAME=git.local-domain - EXTRA_CONFIG1=tls_outgoing_options capath=/etc/ssl/certs \ options=NO_SSLv3,NO_TLSv1 \ - cipher=ALL:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS + cipher=ALL:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS \ + MIN_VERSION=1.2 - EXTRA_CONFIG2=sslproxy_cipher EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS # - CONFIG_DISABLE=yes volumes: