dnsdist Docker image: install ca-certificates

author Peter van Dijk <peter.van.dijk@powerdns.com>

Fri, 4 Feb 2022 11:40:20 +0000 (12:40 +0100)

committer Peter van Dijk <peter.van.dijk@powerdns.com>

Fri, 4 Feb 2022 11:40:20 +0000 (12:40 +0100)
author Peter van Dijk <peter.van.dijk@powerdns.com>
Fri, 4 Feb 2022 11:40:20 +0000 (12:40 +0100)
committer Peter van Dijk <peter.van.dijk@powerdns.com>
Fri, 4 Feb 2022 11:40:20 +0000 (12:40 +0100)
diff --git a/Dockerfile-dnsdist b/Dockerfile-dnsdist

index 8406ada4384d27038828e7ca1c5c2dc936929dd2..468c03975928d1dd6d8a4f76116195cfecd8efb9 100644 (file)
--- a/Dockerfile-dnsdist
+++ b/Dockerfile-dnsdist
@@ -68,8 +68,11 @@ FROM debian:10-slim
  # Reusable layer for base update - Should be cached from builder
  RUN apt-get update && apt-get -y dist-upgrade && apt-get clean
  
-# Ensure python3 and jinja2 is present (for startup script), and python3-atomicwrites (for backend management), and tini (for signal management)
-RUN apt-get install -y python3 python3-jinja2 python3-atomicwrites tini libcap2-bin && apt-get clean
+# - python3 and jinja2 (for startup script)
+# - python3-atomicwrites (for backend management)
+# - tini (for signal management)
+# - ca-certificates (for verifying downstream DoH/DoT certificates)
+RUN apt-get install -y python3 python3-jinja2 python3-atomicwrites tini libcap2-bin ca-certificates && apt-get clean
  
  # Output from builder
  COPY --from=builder /build /
author	Peter van Dijk <peter.van.dijk@powerdns.com>
	Fri, 4 Feb 2022 11:40:20 +0000 (12:40 +0100)
committer	Peter van Dijk <peter.van.dijk@powerdns.com>
	Fri, 4 Feb 2022 11:40:20 +0000 (12:40 +0100)