From 4bf0f4b64a9a3fb120aa5f02469481f7e4902a49 Mon Sep 17 00:00:00 2001
From: Yi EungJun <eungjun.yi@navercorp.com>
Date: Tue, 24 May 2016 17:09:08 +0900
Subject: [PATCH] web: Do not store secret files in container

---
 docker-compose-ssl.yml | 2 ++
 web/Dockerfile         | 4 ----
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/docker-compose-ssl.yml b/docker-compose-ssl.yml
index 65ecf19..992adf6 100644
--- a/docker-compose-ssl.yml
+++ b/docker-compose-ssl.yml
@@ -25,4 +25,6 @@ web:
   links:
     - app:platform
   volumes:
+      # This directory must have cert files
+    - ./volumes/web/cert:/cert:ro
     - /etc/localtime:/etc/localtime:ro
diff --git a/web/Dockerfile b/web/Dockerfile
index ef03185..5de6e85 100644
--- a/web/Dockerfile
+++ b/web/Dockerfile
@@ -8,10 +8,6 @@ RUN ln -s /etc/nginx/sites-available/mattermost /etc/nginx/sites-enabled/matterm
 ADD mattermost /etc/nginx/sites-available/
 ADD docker-entry.sh /
 
-RUN mkdir /cert
-ADD cert/cert.pem /cert/
-ADD cert/private/key-no-password.pem /cert/
-
 RUN chmod +x /docker-entry.sh
 
 # You can see the logs using `docker-compose logs web`.