dnix/inspircd-docker
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
inspircd-docker/entrypoint.sh
Andreas Neue c89d84b38f init
2026-02-03 09:29:37 +01:00

62 lines
2.3 KiB
Bash
Executable file
Raw Permalink Blame History

#!/bin/sh
# shellcheck disable=SC2068
INSPIRCD_ROOT="/inspircd"
# TODO fix/make configuration better
# Make sure that the volume contains a default config but don't override an existing one
if [ ! -e $INSPIRCD_ROOT/conf/inspircd.conf ] && [ -w $INSPIRCD_ROOT/conf/ ]; then
# shellcheck disable=SC2336
cp -r /conf/* $INSPIRCD_ROOT/conf/
elif [ ! -w $INSPIRCD_ROOT/conf/ ]; then
echo "
##################################
### ###
### Can't write to volume! ###
### Please change owner ###
### to uid 10000 ###
### ###
##################################
"
fi
# Link certificates from secrets
# See https://docs.docker.com/engine/swarm/secrets/
if [ -e /run/secrets/inspircd.key ] && [ -e /run/secrets/inspircd.crt ]; then
ln -s /run/secrets/inspircd.key $INSPIRCD_ROOT/conf/key.pem
ln -s /run/secrets/inspircd.crt $INSPIRCD_ROOT/conf/cert.pem
fi
# Make sure there is a certificate or generate a new one
if [ ! -e $INSPIRCD_ROOT/conf/cert.pem ] && [ ! -e $INSPIRCD_ROOT/conf/key.pem ]; then
cat > /tmp/cert.template <<EOF
cn = "${INSP_TLS_CN:-irc.example.com}"
email = "${INSP_TLS_MAIL:-nomail@irc.example.com}"
unit = "${INSP_TLS_UNIT:-Example Server Admins}"
organization = "${INSP_TLS_ORG:-Example IRC Network}"
locality = "${INSP_TLS_LOC:-Example City}"
state = "${INSP_TLS_STATE:-Example State}"
country = "${INSP_TLS_COUNTRY:-XZ}"
expiration_days = ${INSP_TLS_DURATION:-365}
tls_www_client
tls_www_server
signing_key
encryption_key
cert_signing_key
crl_signing_key
code_signing_key
ocsp_signing_key
time_stamping_key
EOF
/usr/bin/certtool --generate-privkey --bits 4096 --sec-param normal --outfile $INSPIRCD_ROOT/conf/key.pem
/usr/bin/certtool --generate-self-signed --load-privkey $INSPIRCD_ROOT/conf/key.pem --outfile $INSPIRCD_ROOT/conf/cert.pem --template /tmp/cert.template
rm /tmp/cert.template
fi
# Make sure dhparams are present
if [ ! -e $INSPIRCD_ROOT/conf/dhparams.pem ]; then
/usr/bin/certtool --generate-dh-params --sec-param normal --outfile $INSPIRCD_ROOT/conf/dhparams.pem
fi
cd $INSPIRCD_ROOT
exec env INSPIRCD_ROOT=$INSPIRCD_ROOT $INSPIRCD_ROOT/bin/inspircd --nofork $@
Reference in a new issue View git blame Copy permalink