From da18defd943482197a25bf8b429d62f66490789b Mon Sep 17 00:00:00 2001
From: Moritz Marquardt <moritz.marquardt@zeiss.com>
Date: Thu, 6 Feb 2020 12:35:40 +0000
Subject: [PATCH] Let step-ca bind to ports < 1024

---
 docker/Dockerfile.step-ca | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/docker/Dockerfile.step-ca b/docker/Dockerfile.step-ca
index bccb493c..f9ba1ab4 100644
--- a/docker/Dockerfile.step-ca
+++ b/docker/Dockerfile.step-ca
@@ -7,6 +7,10 @@ ENV PWDPATH="/home/step/secrets/password"
 
 COPY $BINPATH "/usr/local/bin/step-ca"
 
+USER root
+RUN apk add --no-cache libcap && setcap CAP_NET_BIND_SERVICE=+eip /usr/local/bin/step-ca
+USER step
+
 VOLUME ["/home/step"]
 STOPSIGNAL SIGTERM