From b498cc03c30188f1736bd348a433ebc357b7b315 Mon Sep 17 00:00:00 2001 From: nierdz Date: Thu, 13 Dec 2018 10:54:51 +0100 Subject: [PATCH] improve entrypoint.sh - replace tabs by soft spaces - shellcheck compliant - generate cert only if not present or if cert is invalid --- entrypoint.sh | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index 28b56bc..1637211 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -5,15 +5,17 @@ set -o pipefail set -o nounset # Check if $DOMAIN is set -if [ -z $DOMAIN ]; then - echo -e "You did not set \$DOMAIN variable at run time. No certificate will be registered.\n" - echo -e "If you want to define it on command line here is an example:\n" - echo -e "docker run -d -p 80:80 -p 443:443 -e DOMAIN=example.com\n" +if [ -z "$DOMAIN" ]; then + echo -e "You did not set \$DOMAIN variable at run time. No certificate will be registered.\n" + echo -e "If you want to define it on command line here is an example:\n" + echo -e "docker run -d -p 80:80 -p 443:443 -e DOMAIN=example.com\n" else - # Generate SSL cert - /root/.acme.sh/acme.sh --issue --standalone -d ${DOMAIN} -d www.${DOMAIN} - # Generate pfx - openssl pkcs12 -export -out /webminerpool/certificate.pfx -inkey /root/.acme.sh/${DOMAIN}/${DOMAIN}.key -in /root/.acme.sh/${DOMAIN}/${DOMAIN}.cer -certfile /root/.acme.sh/${DOMAIN}/fullchain.cer -passin pass:miner -passout pass:miner + if [[ ! -f "/root/.acme.sh/${DOMAIN}/${DOMAIN}.cer" ]] || ! openssl x509 -checkend 0 -in "/root/.acme.sh/${DOMAIN}/${DOMAIN}.cer"; then + # Generate SSL cert + /root/.acme.sh/acme.sh --issue --standalone -d "${DOMAIN}" -d "www.${DOMAIN}" + # Generate pfx + openssl pkcs12 -export -out /webminerpool/certificate.pfx -inkey "/root/.acme.sh/${DOMAIN}/${DOMAIN}.key" -in "/root/.acme.sh/${DOMAIN}/${DOMAIN}.cer" -certfile "/root/.acme.sh/${DOMAIN}/fullchain.cer" -passin pass:miner -passout pass:miner + fi fi # Start server