fix: properly handle certs on alpine docker

2024-08-11 11:08:33 +01:00 · 2024-08-11 11:08:33 +01:00 · fd7c4362a3
commit fd7c4362a3
parent d4f703b0fc
5 changed files with 80 additions and 106 deletions
--- a/bin/lamassu-admin-server-entrypoint.sh
+++ b/bin/lamassu-admin-server-entrypoint.sh
@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+set -e
+
+CERT_FILES=(
+  /lamassu-data/certs/{Lamassu_CA,Lamassu_OP,Lamassu_OP_Root_CA}.pem
+  /lamassu-data/certs/Lamassu_OP_Root_CA.srl
+  /lamassu-data/private/{Lamassu_OP,Lamassu_OP_Root_CA}.key
+)
+
+if ! (( ${#CERT_FILES[@]} == $(ls "${CERT_FILES[@]}" 2>/dev/null | wc -l) )); then
+    echo "Some certificates are missing. Retrying in 5 seconds"
+    sleep 5
+    exit 1
+fi
+
+echo "Update certs on alpine"
+cp /lamassu-data/certs/Lamassu_CA.pem /usr/local/share/ca-certificates
+cp /lamassu-data/certs/Lamassu_OP_Root_CA.pem /usr/local/share/ca-certificates
+update-ca-certificates
+
+echo "Starting admin server..."
+node /lamassu-server/bin/lamassu-admin-server
--- a/bin/lamassu-server-entrypoint.sh
+++ b/bin/lamassu-server-entrypoint.sh
@ -1,20 +1,25 @@
 #!/usr/bin/env bash
+CERT_FILES=(
+  /lamassu-data/certs/{Lamassu_CA,Lamassu_OP,Lamassu_OP_Root_CA}.pem
+  /lamassu-data/certs/Lamassu_OP_Root_CA.srl
+  /lamassu-data/private/{Lamassu_OP,Lamassu_OP_Root_CA}.key
+)

-FILE_1=/etc/ssl/certs/Lamassu_CA.pem
-FILE_2=/etc/ssl/certs/Lamassu_OP.pem
-FILE_3=/etc/ssl/certs/Lamassu_OP_Root_CA.pem
-FILE_4=/etc/ssl/certs/Lamassu_OP_Root_CA.srl
-FILE_5=/etc/ssl/private/Lamassu_OP.key
-FILE_6=/etc/ssl/private/Lamassu_OP_Root_CA.key
+echo "Checking for Lamassu certificates..."

-echo "Checking for the existence of certificates..."
-if [[ ! -f "$FILE_1" || ! -f "$FILE_2" || ! -f "$FILE_3" || ! -f "$FILE_4" || ! -f "$FILE_5" || ! -f "$FILE_6" ]]; then
-  echo "No Lamassu certificates found. Building them..."
-  bash /lamassu-server/tools/build-docker-certs.sh
+if ! (( ${#CERT_FILES[@]} == $(ls "${CERT_FILES[@]}" 2>/dev/null | wc -l) )); then
+    echo "Some certificates are missing. Building them..."
+    bash /lamassu-server/tools/build-docker-certs.sh
 fi

+echo "Upcate certs on alpine"
+cp /lamassu-data/certs/Lamassu_CA.pem /usr/local/share/ca-certificates
+cp /lamassu-data/certs/Lamassu_OP_Root_CA.pem /usr/local/share/ca-certificates
+update-ca-certificates
+
 echo "Executing migrations..."
 node /lamassu-server/bin/lamassu-migrate

 echo "Starting server..."
 node /lamassu-server/bin/lamassu-server
+