Initial commit

2 files changed, 35 insertions, 0 deletions

diff --git a/images/router/service/letsencrypt/run b/images/router/service/letsencrypt/run
new file mode 100644
index 0000000..7fcc76d
--- /dev/null
+++ b/images/router/service/letsencrypt/run
@@ -0,0 +1,19 @@
+#!/bin/sh
+
+# wait for nginx to startup, for http challenge
+sv start nginx || exit 1
+sleep 10
+
+# half a day, 60 * 60 * 12
+INTERVAL=43200
+
+mkdir -p /data/wellknown/acme-challenge
+
+/app/dehydrated/dehydrated --register --accept-terms --config /app/letsencrypt/config
+
+while true; do
+  echo "Updating certificates"
+  /app/dehydrated/dehydrated --cron --config /app/letsencrypt/config
+  nginx -s reload # certificates might have changed
+  sleep $INTERVAL
+done
diff --git a/images/router/service/nginx/run b/images/router/service/nginx/run
new file mode 100644
index 0000000..bfc6e24
--- /dev/null
+++ b/images/router/service/nginx/run
@@ -0,0 +1,16 @@
+#!/bin/sh
+
+ln -sf /dev/stdout /var/log/nginx/access.log 
+ln -sf /dev/stderr /var/log/nginx/error.log
+
+# nginx doesn't start without certificates,
+# so generate untrusted ones for startup
+if [ ! -d "/data/certs/tx0.co" ]; then
+  echo "Generating dummy certificates"
+  mkdir -p /data/certs/tx0.co
+  openssl req -x509 -nodes -batch -newkey rsa:512 -days 0 \
+    -keyout /data/certs/tx0.co/privkey.pem \
+    -out /data/certs/tx0.co/fullchain.pem
+fi
+
+exec nginx -g 'daemon off;'