From 1d6f15326f7a5a4e0a69d678aaa0fc918b04a8ba Mon Sep 17 00:00:00 2001
From: Thomas Lynch <tom@69420.me>
Date: Sat, 18 Mar 2023 11:25:30 +1100
Subject: [PATCH] Allow ca cert and pinned fp/s to be separate, and ignore
 node_modules in dockerignore, vastly speeds up builds (duh)

---
 .dockerignore | 1 +
 agent.js      | 8 +++++---
 2 files changed, 6 insertions(+), 3 deletions(-)
 create mode 100644 .dockerignore

diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..c2658d7
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1 @@
+node_modules/
diff --git a/agent.js b/agent.js
index d9f376f..f7fb395 100644
--- a/agent.js
+++ b/agent.js
@@ -6,10 +6,8 @@ const agentOptions = {
 	rejectUnauthorized: !process.env.ALLOW_SELF_SIGNED_SSL,
 };
 
-if (process.env.PINNED_FP && process.env.CUSTOM_CA_PATH) {
+if (process.env.PINNED_FP) {
 	// console.log('Pinned fingerprint:', process.env.PINNED_FP);
-	// console.log('Private CA file path:', process.env.CUSTOM_CA_PATH);
-	agentOptions.ca = require('fs').readFileSync(process.env.CUSTOM_CA_PATH);
 	agentOptions.checkServerIdentity = (host, cert) => {
 		//TODO: host verification? e.g. tls.checkServerIdentity(host, cert);
 		// console.log('Checking:', cert.fingerprint256);
@@ -18,5 +16,9 @@ if (process.env.PINNED_FP && process.env.CUSTOM_CA_PATH) {
 		}
 	}
 }
+if (process.env.CUSTOM_CA_PATH) {
+	// console.log('Private CA file path:', process.env.CUSTOM_CA_PATH);
+	agentOptions.ca = require('fs').readFileSync(process.env.CUSTOM_CA_PATH);
+}
 
 module.exports = new https.Agent(agentOptions);