Skip to content

Commit

Permalink
Copy valid certs from LE jitsi web at startup
Browse files Browse the repository at this point in the history
cronjob to renew certs is not yet implemented.
  • Loading branch information
Sando authored and sando38 committed Sep 11, 2022
1 parent b37f2cd commit cffc181
Show file tree
Hide file tree
Showing 3 changed files with 29 additions and 1 deletion.
1 change: 1 addition & 0 deletions docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -353,6 +353,7 @@ services:
- TURN_CREDENTIALS
- TURN_RELAY_MIN_PORT
- TURN_RELAY_MAX_PORT
- TURNS_HOST
- DOCKER_HOST_ADDRESS
- JVB_DISABLE_STUN
depends_on:
Expand Down
2 changes: 1 addition & 1 deletion eturnal/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ RUN set -x \
&& cp -r /opt/eturnal /rootfs/opt \
# RUNTIME: install runtime init
&& ARCH=$(uname -m | sed -e 's/x86_64/amd64/;s/aarch64/arm64/;s/armv7l/arm/;s/s390x/s390x/;s/ppc64le/ppc64le/') \
&& curl -fL -o /rootfs/tini https://github.com/krallin/tini/releases/download/v$TINI_VERSION/tini-$ARCH \
&& curl -fL -o /rootfs/tini https://github.com/krallin/tini/releases/download/v$TINI_VERSION/tini-$ARCH \
&& chmod +x /rootfs/tini
# RUNTIME: copy entrypoint script
COPY rootfs /rootfs
Expand Down
27 changes: 27 additions & 0 deletions eturnal/rootfs/usr/sbin/run.sh
Original file line number Diff line number Diff line change
Expand Up @@ -32,8 +32,35 @@ eturnal:
# port: 8081 # This is the default.
# tls: false # This is the default.
# vm_metrics: true # This is the default.
EOF

# tls certificates
TLS_CERT_FILE=$(find /etc/ -name fullchain.pem)
TLS_KEY_FILE=$(find /etc/ -name key.pem)
if [ ! -z $TLS_CERT_FILE ] || [ ! -z $TLS_KEY_FILE ]; then
echo " ## TLS certificate/key files (must be readable by 'eturnal' user!):" >> /opt/eturnal/etc/eturnal.yml
if [ ! -z $TLS_CERT_FILE ]; then
cp -p $TLS_CERT_FILE /opt/eturnal/tls
echo " tls_crt_file: /opt/eturnal/tls/fullchain.pem" >> /opt/eturnal/etc/eturnal.yml
fi
if [ ! -z $TLS_KEY_FILE ]; then
cp -p $TLS_KEY_FILE /opt/eturnal/tls
echo " tls_key_file: /opt/eturnal/tls/key.pem" >> /opt/eturnal/etc/eturnal.yml
fi
fi

# change file permissions
chown 9000:9000 /opt/eturnal/etc/eturnal.yml
chmod 640 /opt/eturnal/etc/eturnal.yml
chown 9000:9000 /opt/eturnal/tls/*

# start certificate renewal cronjob
#if [ ! -z $TURNS_HOST ]
#then
# crond -b -d
#fi

# TURN credentials
if [ ! -z $TURN_CREDENTIALS ]
then
Expand Down

0 comments on commit cffc181

Please sign in to comment.