entrypoint.sh


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

#!/bin/sh
set -e

# Check cert matches domain, else clear and renew
if [ -d "/data/caddy/certificates" ]; then
    CERT_CN=$(echo | openssl s_client -connect ${DOMAIN}:443 2>/dev/null | openssl x509 -noout -subject 2>/dev/null | grep -o "CN=.*" | cut -d= -f2 || true)
    if [ -n "$CERT_CN" ] && [ "$CERT_CN" != "$DOMAIN" ]; then
        echo "Cert mismatch: $CERT_CN != $DOMAIN, clearing certs"
        rm -rf /data/caddy/certificates/
    fi
fi

# Generate cgitrc from template
envsubst < /etc/cgitrc.template > /etc/cgitrc

spawn-fcgi -s ${FCGI_SOCK} /usr/bin/fcgiwrap
chmod 666 ${FCGI_SOCK}

exec caddy run --config /etc/caddy/Caddyfile --adapter caddyfile