From 38670907430666d9b57e1ce916d524b3439bcf2c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Henrik=20tom=20W=C3=B6rden?= <h.tomwoerden@indiscale.com>
Date: Wed, 19 Oct 2022 09:43:53 +0200
Subject: [PATCH] DOC: add a hint how to provide a readable certificate

---
 README_SETUP.md            | 4 +++-
 compose/docker-compose.yml | 2 ++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/README_SETUP.md b/README_SETUP.md
index 7274d26..c3edbf4 100644
--- a/README_SETUP.md
+++ b/README_SETUP.md
@@ -5,7 +5,7 @@ We use docker and docker-compose to deploy CaosDB:
 - Docker >= 18.02
 - docker-compose >= 1.21
 
-On a Debian system, you can install the requirements with:
+On Debian based systems, you can install the requirements with:
 
 ```sh
 sudo apt-get install docker.io docker-compose
@@ -91,6 +91,8 @@ one with `openssl rsa -in oldKey.pem -out newKey.key`. If you want to use a
 certificate with a passphrase instead, please refer to envoy's documentation as
 to how to configure this correctly.
 
+Make sure that envoy can read the certificate. You can set the UID for envoy in
+the environment section of the envoy service in `docker-compose.yml`.
 
 ## Configuration
 
diff --git a/compose/docker-compose.yml b/compose/docker-compose.yml
index 88e9ef1..de6e0cd 100644
--- a/compose/docker-compose.yml
+++ b/compose/docker-compose.yml
@@ -51,6 +51,8 @@ services:
 
   envoy:
     image: envoyproxy/envoy:v1.21-latest
+    # environment:
+    #   ENVOY_UID: 987
     volumes:
       - type: bind
         read_only: true
-- 
GitLab