Revert "mastercontainer - use Caddy for generating self-singed cert"

Signed-off-by: Simon L <szaimen@e.mail.de>
2025-12-19 22:16:49 +00:00 · 2023-10-04 13:21:14 +02:00 · 2023-10-04 13:21:14 +02:00 · f8ab551ce6
commit f8ab551ce6
parent b9407dbc2d
4 changed files with 44 additions and 12 deletions
--- a/Containers/mastercontainer/start.sh
+++ b/Containers/mastercontainer/start.sh
@ -300,6 +300,7 @@ fi
 mkdir -p /mnt/docker-aio-config/data/
 mkdir -p /mnt/docker-aio-config/session/
 mkdir -p /mnt/docker-aio-config/caddy/
+mkdir -p /mnt/docker-aio-config/certs/ 

 # Adjust permissions for all instances
 chmod 770 -R /mnt/docker-aio-config
@ -307,6 +308,7 @@ chmod 777 /mnt/docker-aio-config
 chown www-data:www-data -R /mnt/docker-aio-config/data/
 chown www-data:www-data -R /mnt/docker-aio-config/session/
 chown www-data:www-data -R /mnt/docker-aio-config/caddy/
+chown root:root -R /mnt/docker-aio-config/certs/

 # Don't allow access to the AIO interface from the Nextcloud container
 # Probably more cosmetic than anything but at least an attempt
@ -322,6 +324,22 @@ allow from all
 APACHE_CONF
 fi

+# Adjust certs
+GENERATED_CERTS="/mnt/docker-aio-config/certs"
+TMP_CERTS="/etc/apache2/certs"
+mkdir -p "$GENERATED_CERTS"
+cd "$GENERATED_CERTS" || exit 1
+if ! [ -f ./ssl.crt ] && ! [ -f ./ssl.key ]; then
+    openssl req -new -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=DE/ST=BE/L=Local/O=Dev/CN=nextcloud.local" -keyout ./ssl.key -out ./ssl.crt
+fi
+if [ -f ./ssl.crt ] && [ -f ./ssl.key ]; then
+    cd "$TMP_CERTS" || exit 1
+    rm ./ssl.crt
+    rm ./ssl.key
+    cp "$GENERATED_CERTS/ssl.crt" ./
+    cp "$GENERATED_CERTS/ssl.key" ./
+fi
+
 print_green "Initial startup of Nextcloud All-in-One complete!
 You should be able to open the Nextcloud AIO Interface now on port 8080 of this server!
 E.g. https://internal.ip.of.this.server:8080