FROM alpine:latest

ENV OPENSSL_VERSION=3.0.13
ENV GOST_ENGINE_BRANCH=v3.0.0

LABEL maintainer="hightemp"
LABEL description="Alpine with custom-built OpenSSL ${OPENSSL_VERSION} and GOST engine support."

RUN apk add --no-cache \
    alpine-sdk \
    cmake \
    git \
    perl \
    linux-headers \
    wget

# Создаем рабочий каталог для исходных кодов
WORKDIR /opt/src

RUN wget https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz && \
    tar -xvf openssl-${OPENSSL_VERSION}.tar.gz && \
    cd openssl-${OPENSSL_VERSION} && \
    ./config --prefix=/usr/local/openssl-gost \
             --openssldir=/usr/local/openssl-gost/ssl \
             shared \
             -Wl,-rpath,/usr/local/openssl-gost/lib64 && \
    make -j$(nproc) && \
    make install

RUN git clone https://github.com/gost-engine/engine.git && \
    cd engine && \
    git checkout ${GOST_ENGINE_BRANCH} && \
    git submodule update --init

RUN cd engine && \
    mkdir build && \
    cd build && \
    cmake -DOPENSSL_ROOT_DIR=/usr/local/openssl-gost \
          -DOPENSSL_ENGINES_DIR=/usr/local/openssl-gost/lib/engines-3 \
          -DCMAKE_INSTALL_RPATH=/usr/local/openssl-gost/lib64 \
          .. && \
    cmake --build . --config Release && \
    cmake --build . --target install --config Release

RUN sed -i '/^\[openssl_init\]/a engines = engine_section' /usr/local/openssl-gost/ssl/openssl.cnf && \
    sed -i 's/^#.*activate = 1/activate = 1/' /usr/local/openssl-gost/ssl/openssl.cnf && \
    echo "" >> /usr/local/openssl-gost/ssl/openssl.cnf && \
    echo "[engine_section]" >> /usr/local/openssl-gost/ssl/openssl.cnf && \
    echo "gost = gost_section" >> /usr/local/openssl-gost/ssl/openssl.cnf && \
    echo "" >> /usr/local/openssl-gost/ssl/openssl.cnf && \
    echo "[gost_section]" >> /usr/local/openssl-gost/ssl/openssl.cnf && \
    echo "engine_id = gost" >> /usr/local/openssl-gost/ssl/openssl.cnf && \
    echo "dynamic_path = /usr/local/openssl-gost/lib/engines-3/gost.so" >> /usr/local/openssl-gost/ssl/openssl.cnf && \
    echo "default_algorithms = ALL" >> /usr/local/openssl-gost/ssl/openssl.cnf

RUN apk del alpine-sdk cmake git perl linux-headers wget && \
    rm -rf /opt/src

ENV PATH="/usr/local/openssl-gost/bin:${PATH}"

RUN openssl engine | grep "(gost) Reference implementation of GOST engine"

WORKDIR /root

CMD ["/bin/sh"]