easy-rsa: Drop all mention of the vars file

* This exists to import/export a number of easy-rsa default values but creates headaches for old volumes due to changes where easy-rsa insists on loading the var file if the environment variable is set. * Going forward people should pass the variables via: `docker run -e EASYRSA_var ...` * Closes kylemanna#608
peterniebert · Dec 4, 2020 · 6ad9310 · 6ad9310
1 parent c4b9436
commit 6ad9310
Show file tree

Hide file tree

Showing 4 changed files with 1 addition and 46 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -15,8 +15,7 @@ RUN echo "http://dl-cdn.alpinelinux.org/alpine/edge/testing/" >> /etc/apk/reposi
 ENV OPENVPN=/etc/openvpn
 ENV EASYRSA=/usr/share/easy-rsa \
     EASYRSA_CRL_DAYS=3650 \
-    EASYRSA_PKI=$OPENVPN/pki \
-    EASYRSA_VARS_FILE=$OPENVPN/vars
+    EASYRSA_PKI=$OPENVPN/pki
 
 VOLUME ["/etc/openvpn"]
 

diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64
@@ -15,7 +15,6 @@ RUN echo "http://dl-4.alpinelinux.org/alpine/edge/community/" >> /etc/apk/reposi
 ENV OPENVPN /etc/openvpn
 ENV EASYRSA /usr/share/easy-rsa
 ENV EASYRSA_PKI $OPENVPN/pki
-ENV EASYRSA_VARS_FILE $OPENVPN/vars
 
 # Prevents refused client connection because of an expired CRL
 ENV EASYRSA_CRL_DAYS 3650

diff --git a/bin/easyrsa_vars b/bin/easyrsa_vars
diff --git a/bin/ovpn_initpki b/bin/ovpn_initpki
@@ -15,10 +15,6 @@ source "$OPENVPN/ovpn_env.sh"
 # Specify "nopass" as arg[2] to make the CA insecure (not recommended!)
 nopass=$1
 
-# EasyRSA 3.0.7 introduced checks for $EASYRSA_VARS_FILE existence
-# in the init-pki script
-touch $EASYRSA_VARS_FILE
-
 # Provides a sufficient warning before erasing pre-existing files
 easyrsa init-pki