blob: 3e2dcc0995719c2fb2a4738f8b9b60a91fcd3105 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
#!/bin/sh
set -e
# Check cert matches domain, else clear and renew
if [ -d "/data/caddy/certificates" ]; then
CERT_CN=$(echo | openssl s_client -connect ${DOMAIN}:443 2>/dev/null | openssl x509 -noout -subject 2>/dev/null | grep -o "CN=.*" | cut -d= -f2 || true)
if [ -n "$CERT_CN" ] && [ "$CERT_CN" != "$DOMAIN" ]; then
echo "Cert mismatch: $CERT_CN != $DOMAIN, clearing certs"
rm -rf /data/caddy/certificates/
fi
fi
# Generate cgitrc from template
envsubst < /etc/cgitrc.template > /etc/cgitrc
# Setup SSH
ssh-keygen -A # Generate host keys if missing
mkdir -p /git/.ssh
touch /git/.ssh/authorized_keys
chmod 700 /git/.ssh
chmod 600 /git/.ssh/authorized_keys
/usr/sbin/sshd
spawn-fcgi -s ${FCGI_SOCK} /usr/bin/fcgiwrap
chmod 666 ${FCGI_SOCK}
exec caddy run --config /etc/caddy/Caddyfile --adapter caddyfile
|
