mirror of
https://gitlab.archlinux.org/archlinux/aurweb.git
synced 2025-02-03 10:43:03 +01:00
32b4f75f01
On aur-dev.archlinux.org, we use a proxy tunnel through our internal nginx. This allows us to rewrite the Host header based on whatever port we wish within internal nginx config. Signed-off-by: Kevin Morris <kevr@0cost.org>
28 lines
801 B
Bash
Executable file
28 lines
801 B
Bash
Executable file
#!/bin/bash
|
|
set -eou pipefail
|
|
|
|
# If production.{cert,key}.pem exists, prefer them. This allows
|
|
# user customization of the certificates that FastAPI uses.
|
|
# Otherwise, fallback to localhost.{cert,key}.pem, generated by `ca`.
|
|
|
|
CERT=/data/production.cert.pem
|
|
KEY=/data/production.key.pem
|
|
|
|
DEST_CERT=/etc/ssl/certs/web.cert.pem
|
|
DEST_KEY=/etc/ssl/private/web.key.pem
|
|
|
|
if [ -f "$CERT" ]; then
|
|
cp -vf "$CERT" "$DEST_CERT"
|
|
cp -vf "$KEY" "$DEST_KEY"
|
|
else
|
|
cat /data/localhost.cert.pem /data/root_ca.crt > "$DEST_CERT"
|
|
cp -vf /data/localhost.key.pem "$DEST_KEY"
|
|
fi
|
|
|
|
cp -vf /docker/config/nginx.conf /etc/nginx/nginx.conf
|
|
|
|
# NGINX_PROXY_PORT must be defined for the `nginx` service
|
|
# within `docker-compose.yml`.
|
|
sed -i "s|HTTP_HOST|\$host:${NGINX_PROXY_PORT}|g" /etc/nginx/nginx.conf
|
|
|
|
exec "$@"
|