🗃️ Committing everything that changed 🗃️

rootfs/usr/local/etc/docker/functions/entrypoint.sh
This commit is contained in:
casjay 2024-09-07 14:12:31 -04:00
parent 327c18903f
commit 4e9b8b802b
Signed by untrusted user who does not match committer: jason
GPG Key ID: 1AB309F42A764145

View File

@ -145,10 +145,33 @@ __update_ssl_certs() {
} }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__certbot() { __certbot() {
local statusCode=0
CERTBOT_DOMAINS="${CERTBOT_DOMAINS:-$HOSTNAME}"
[ -n "$(type -P 'certbot')" ] || return 1 [ -n "$(type -P 'certbot')" ] || return 1
local statusCode=0
local domain_list=""
local certbot_key_opts=""
local ADD_CERTBOT_DOMAINS=""
local options="${1:-create}"
local DOMAINNAME="${DOMAINNAME:-$HOSTNAME}"
local CERTBOT_DOMAINS="${CERTBOT_DOMAINS:-$HOSTNAME}"
local CERT_BOT_MAIL="${CERT_BOT_MAIL:-ssl-admin@$DOMAINNAME}"
local certbot_key_opts="--key-path $SSL_KEY --fullchain-path $SSL_CERT"
[ -d "/config/ssl/letsencrypt/$HOSTNAME" ] || mkdir -p "/config/ssl/letsencrypt/$HOSTNAME"
__symlink "/etc/letsencrypt" "/config/ssl/letsencrypt/$HOSTNAME"
is_renewal="$(find /etc/letsencrypt/renewal -type -f 2>/dev/null || false)"
[ -f "/config/env/ssl.sh" ] && . "/config/env/ssl.sh"
[ -f "/config/certbot/env.sh" ] && . "/config/certbot/env.sh" [ -f "/config/certbot/env.sh" ] && . "/config/certbot/env.sh"
[ -n "$SSL_KEY" ] && mkdir -p "$(dirname "$SSL_KEY")" || { echo "The variable $SSL_KEY is not set" >&2 && return 1; }
[ -n "$SSL_CERT" ] && mkdir -p "$(dirname "$SSL_CERT")" || { echo "The variable $SSL_CERT is not set" >&2 && return 1; }
domain_list="www.$DOMAINNAME mail.$DOMAINNAME $CERTBOT_DOMAINS"
domain_list="$CERTBOT_DOMAINS $(echo "$domain_list" | tr ' ' '\n' | sort -u | tr '\n' ' ')"
[ "$CERT_BOT_ENABLED" = "true" ] || { export CERT_BOT_ENABLED="" && return 10; }
[ -n "$DOMAINNAME" ] || { echo "The variable DOMAINNAME is not set" >&2 && return 1; }
[ -n "$CERT_BOT_MAIL" ] || { echo "The variable CERT_BOT_MAIL is not set" >&2 && return 1; }
for domain in $$CERTBOT_DOMAINS; do
[ -n "$domain" ] && ADD_CERTBOT_DOMAINS+="-d $domain "
done
[ -n "$is_renewal" ] && options="renew" ADD_CERTBOT_DOMAINS=""
certbot_key_opts="$certbot_key_opts $ADD_CERTBOT_DOMAINS"
if [ -f "/config/certbot/setup.sh" ]; then if [ -f "/config/certbot/setup.sh" ]; then
eval "/config/certbot/setup.sh" eval "/config/certbot/setup.sh"
statusCode=$? statusCode=$?
@ -156,32 +179,19 @@ __certbot() {
eval "/etc/named/certbot.sh" eval "/etc/named/certbot.sh"
statusCode=$? statusCode=$?
elif [ -f "/config/certbot/certbot.conf" ]; then elif [ -f "/config/certbot/certbot.conf" ]; then
if certbot renew -n --dry-run --agree-tos --expand --dns-rfc2136 --dns-rfc2136-credentials /config/certbot/certbot.conf; then if certbot $options -n --dry-run --agree-tos --expand --dns-rfc2136 --dns-rfc2136-credentials /config/certbot/certbot.conf $certbot_key_opts; then
certbot renew -n --agree-tos --expand --dns-rfc2136 --dns-rfc2136-credentials /config/certbot/certbot.conf certbot $options -n --agree-tos --expand --dns-rfc2136 --dns-rfc2136-credentials /config/certbot/certbot.conf $certbot_key_opts
fi fi
statusCode=$? statusCode=$?
elif [ -f "/config/named/certbot-update.conf" ]; then elif [ -f "/config/named/certbot-update.conf" ]; then
if certbot renew -n --dry-run --agree-tos --expand --dns-rfc2136 --dns-rfc2136-credentials /config/named/certbot-update.conf; then if certbot $options -n --dry-run --agree-tos --expand --dns-rfc2136 --dns-rfc2136-credentials /config/named/certbot-update.conf $certbot_key_opts; then
certbot renew -n --agree-tos --expand --dns-rfc2136 --dns-rfc2136-credentials /config/named/certbot-update.conf certbot $options -n --agree-tos --expand --dns-rfc2136 --dns-rfc2136-credentials /config/named/certbot-update.conf $certbot_key_opts
fi fi
statusCode=$? statusCode=$?
else else
[ -n "$SSL_KEY" ] && mkdir -p "$(dirname "$SSL_KEY")" || { echo "The variable $SSL_KEY is not set" >&2 && return 1; } certbot_key_opts="$certbot_key_opts --webroot ${WWW_ROOT_DIR:-/usr/share/httpd/default}"
[ -n "$SSL_CERT" ] && mkdir -p "$(dirname "$SSL_CERT")" || { echo "The variable $SSL_CERT is not set" >&2 && return 1; }
local options="${1:-create}" && shift 1
domain_list="$DOMAINNAME www.$DOMAINNAME mail.$DOMAINNAME $CERTBOT_DOMAINS"
[ -f "/config/env/ssl.sh" ] && . "/config/env/ssl.sh"
[ "$CERT_BOT_ENABLED" = "true" ] || { export CERT_BOT_ENABLED="" && return 10; }
[ -n "$DOMAINNAME" ] || { echo "The variable DOMAINNAME is not set" >&2 && return 1; }
[ -n "$CERT_BOT_MAIL" ] || { echo "The variable CERT_BOT_MAIL is not set" >&2 && return 1; }
for domain in $$CERTBOT_DOMAINS; do
[ -n "$domain" ] && ADD_CERTBOT_DOMAINS="-d $domain $ADD_CERTBOT_DOMAINS"
done
if [ -n "$ADD_CERTBOT_DOMAINS" ]; then if [ -n "$ADD_CERTBOT_DOMAINS" ]; then
certbot $options --agree-tos -m $CERT_BOT_MAIL certonly \ certbot $options --agree-tos -m $CERT_BOT_MAIL certonly --webroot "${WWW_ROOT_DIR:-/usr/share/httpd/default}" $certbot_key_opts
--webroot "${WWW_ROOT_DIR:-/usr/share/httpd/default}" \
--key-path "$SSL_KEY" --fullchain-path "$SSL_CERT" \
$ADD_CERTBOT_DOMAINS
statusCode=$? statusCode=$?
else else
statusCode=1 statusCode=1
@ -885,9 +895,10 @@ __initialize_system_etc() {
conf_file="/config/$f" conf_file="/config/$f"
[ -f "$etc_file" ] && __rm "$etc_file" [ -f "$etc_file" ] && __rm "$etc_file"
__symlink "$etc_file" "$conf_file" __symlink "$etc_file" "$conf_file"
__initialize_replace_variables "$etc_file"
done done
fi fi
__initialize_replace_variables "/etc" "/config" "/data"
} }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__initialize_custom_bin_dir() { __initialize_custom_bin_dir() {