diff options
Diffstat (limited to 'images/router/service')
| -rw-r--r-- | images/router/service/letsencrypt/run | 19 | ||||
| -rw-r--r-- | images/router/service/nginx/run | 16 |
2 files changed, 35 insertions, 0 deletions
diff --git a/images/router/service/letsencrypt/run b/images/router/service/letsencrypt/run new file mode 100644 index 0000000..7fcc76d --- /dev/null +++ b/images/router/service/letsencrypt/run @@ -0,0 +1,19 @@ +#!/bin/sh + +# wait for nginx to startup, for http challenge +sv start nginx || exit 1 +sleep 10 + +# half a day, 60 * 60 * 12 +INTERVAL=43200 + +mkdir -p /data/wellknown/acme-challenge + +/app/dehydrated/dehydrated --register --accept-terms --config /app/letsencrypt/config + +while true; do + echo "Updating certificates" + /app/dehydrated/dehydrated --cron --config /app/letsencrypt/config + nginx -s reload # certificates might have changed + sleep $INTERVAL +done diff --git a/images/router/service/nginx/run b/images/router/service/nginx/run new file mode 100644 index 0000000..bfc6e24 --- /dev/null +++ b/images/router/service/nginx/run @@ -0,0 +1,16 @@ +#!/bin/sh + +ln -sf /dev/stdout /var/log/nginx/access.log +ln -sf /dev/stderr /var/log/nginx/error.log + +# nginx doesn't start without certificates, +# so generate untrusted ones for startup +if [ ! -d "/data/certs/tx0.co" ]; then + echo "Generating dummy certificates" + mkdir -p /data/certs/tx0.co + openssl req -x509 -nodes -batch -newkey rsa:512 -days 0 \ + -keyout /data/certs/tx0.co/privkey.pem \ + -out /data/certs/tx0.co/fullchain.pem +fi + +exec nginx -g 'daemon off;' |