From b3bb4ec40f0a5571140170758a40c9250052d495 Mon Sep 17 00:00:00 2001
From: bunkerity <contact@bunkerity.com>
Date: Sat, 15 May 2021 21:55:57 +0200
Subject: [PATCH] remove unnecessary dependencies and update doc about
 certificate bundle

---
 dependencies.sh         | 2 +-
 docs/security_tuning.md | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/dependencies.sh b/dependencies.sh
index 43d3f92..965901b 100644
--- a/dependencies.sh
+++ b/dependencies.sh
@@ -1,4 +1,4 @@
 #!/bin/sh
 
 # install dependencies
-apk --no-cache add certbot libstdc++ libmaxminddb geoip pcre yajl clamav apache2-utils openssl lua libgd go jq mariadb-connector-c bash brotli
+apk add clamav certbot bash libmaxminddb libgcc lua yajl libstdc++ apache2-utils
diff --git a/docs/security_tuning.md b/docs/security_tuning.md
index faf59c3..90b640e 100644
--- a/docs/security_tuning.md
+++ b/docs/security_tuning.md
@@ -51,6 +51,8 @@ $ docker run -p 80:8080 \
              bunkerity/bunkerized-nginx
 ```
 
+Please note that if you have one or more intermediate certificate(s) in your chain of trust, you will need to provide the bundle to `CUSTOM_HTTPS_CERT` (more info [here](https://nginx.org/en/docs/http/configuring_https_servers.html#chains)).
+
 ### Self-signed certificate
 
 This method is not recommended in production but can be used to quickly deploy HTTPS for testing purposes. Just use the `GENERATE_SELF_SIGNED_SSL=yes` environment variable and bunkerized-nginx will generate a self-signed certificate for you :