From db8df5f724fc016f61d610c14635be4219fbea7b Mon Sep 17 00:00:00 2001
From: Alexander Bauer <sasha@linux.com>
Date: Fri, 2 Mar 2018 12:43:21 -0800
Subject: [PATCH] Add local_docker facility for bind-mounting ca-trust

This implements one possible solution for #411, but does not solve it for
Kubernetes or Openshift installations.

# Conflicts:
#	installer/inventory
---
 installer/inventory                         |  2 +-
 installer/local_docker/tasks/standalone.yml | 12 ++++++++++--
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/installer/inventory b/installer/inventory
index 65c24b1211..36d4452655 100644
--- a/installer/inventory
+++ b/installer/inventory
@@ -100,4 +100,4 @@ pg_port=5432
 # this variable causes this directory on the host to be bind mounted over
 # /etc/pki/ca-trust in the awx_task and awx_web containers.
 # NOTE: only obeyed in local_docker install
-#ca_trust_dir=/etc/pki/ca-trust
\ No newline at end of file
+#ca_trust_dir=/etc/pki/ca-trust
diff --git a/installer/local_docker/tasks/standalone.yml b/installer/local_docker/tasks/standalone.yml
index ac23f74e66..3c5fd29a60 100644
--- a/installer/local_docker/tasks/standalone.yml
+++ b/installer/local_docker/tasks/standalone.yml
@@ -79,7 +79,11 @@
     state: started
     restart_policy: unless-stopped
     image: "{{ awx_web_docker_actual_image }}"
-    volumes: "{{ project_data_dir + ':/var/lib/awx/projects:rw' if project_data_dir is defined else omit }}"
+    volumes: >
+      {{
+        [project_data_dir + ':/var/lib/awx/projects:rw' if project_data_dir is defined else []
+        + [ca_trust_dir + ':/etc/pki/ca-trust:ro'] if ca_trust_dir is defined else []
+      }}
     user: root
     ports:
       - "{{ host_port }}:8052"
@@ -113,7 +117,11 @@
     state: started
     restart_policy: unless-stopped
     image: "{{ awx_task_docker_actual_image }}"
-    volumes: "{{ project_data_dir + ':/var/lib/awx/projects:rw' if project_data_dir is defined else omit }}"
+    volumes: >
+      {{
+        [project_data_dir + ':/var/lib/awx/projects:rw' if project_data_dir is defined else []
+        + [ca_trust_dir + ':/etc/pki/ca-trust:ro'] if ca_trust_dir is defined else []
+      }}
     links: "{{ awx_task_container_links|list }}"
     user: root
     hostname: awx