Skip to content

Commit

Permalink
Copy valid certs from LE jitsi web at startup
Browse files Browse the repository at this point in the history
cronjob to renew certs is not yet implemented.
  • Loading branch information
Sando committed Sep 7, 2022
1 parent 39c94e7 commit 219de3c
Show file tree
Hide file tree
Showing 3 changed files with 29 additions and 1 deletion.
1 change: 1 addition & 0 deletions docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -352,6 +352,7 @@ services:
- TURN_CREDENTIALS
- TURN_RELAY_MIN_PORT
- TURN_RELAY_MAX_PORT
- TURNS_HOST
- DOCKER_HOST_ADDRESS
- JVB_DISABLE_STUN
depends_on:
Expand Down
2 changes: 1 addition & 1 deletion eturnal/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ RUN set -x \
&& cp -r /opt/eturnal /rootfs/opt \
# RUNTIME: install runtime init
&& ARCH=$(uname -m | sed -e 's/x86_64/amd64/;s/aarch64/arm64/;s/armv7l/arm/;s/s390x/s390x/;s/ppc64le/ppc64le/') \
&& curl -fL -o /rootfs/tini https://github.com/krallin/tini/releases/download/v$TINI_VERSION/tini-$ARCH \
&& curl -fL -o /rootfs/tini https://github.com/krallin/tini/releases/download/v$TINI_VERSION/tini-$ARCH \
&& chmod +x /rootfs/tini
# RUNTIME: copy entrypoint script
COPY rootfs /rootfs
Expand Down
27 changes: 27 additions & 0 deletions eturnal/rootfs/usr/sbin/run.sh
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,34 @@ eturnal:
# port: 8081 # This is the default.
# tls: false # This is the default.
# vm_metrics: true # This is the default.
EOF

# tls certificates
TLS_CERT_FILE=$(find /etc/ -name fullchain.pem)
TLS_KEY_FILE=$(find /etc/ -name key.pem)
if [ ! -z $TLS_CERT_FILE ] || [ ! -z $TLS_KEY_FILE ]; then
cat >> /opt/eturnal/etc/eturnal.yml <<EOF
## TLS certificate/key files (must be readable by 'eturnal' user!):
EOF
if [ ! -z $TLS_CERT_FILE ]; then
cp -p $TLS_CERT_FILE /opt/eturnal/tls
cat >> /opt/eturnal/etc/eturnal.yml <<EOF
tls_crt_file: /opt/eturnal/tls/fullchain.pem
EOF
fi
if [ ! -z $TLS_KEY_FILE ]; then
cp -p $TLS_KEY_FILE /opt/eturnal/tls
cat >> /opt/eturnal/etc/eturnal.yml <<EOF
tls_key_file: /opt/eturnal/tls/key.pem
EOF
fi
fi

# change file permissions
chown 9000:9000 /opt/eturnal/etc/eturnal.yml
chmod 640 /opt/eturnal/etc/eturnal.yml
chown 9000:9000 /opt/eturnal/tls/*

# TURN credentials
if [ ! -z $TURN_CREDENTIALS ]
Expand Down

0 comments on commit 219de3c

Please sign in to comment.