Fix bug with attaching certs

2026-05-13 17:34:38 +00:00 · 2025-08-23 21:30:08 +03:00
parent dc6d8b4cf2
commit 4fc672c3c4
7 changed files with 19 additions and 16 deletions
--- a/docker/docker-compose-traefik.yaml
+++ b/docker/docker-compose-traefik.yaml
@@ -29,7 +29,7 @@ services:
      # RECREATE_VENV: "false"
      USE_FOREIGN_CERT_MANAGER: "true"
      CHANGE_KERNEL_SETTINGS: "false"
-      PATH_TO_SSL_CONTAINER: $PATH_TO_SSL_CONTAINER
+      PATH_TO_SSL: "${CERTS_ROOT_DIR_CONTAINER}/${MAIL_DOMAIN}"
      ENABLE_CERTS_MONITORING: "true"
      # CERTS_MONITORING_TIMEOUT: 60
      # IS_DEVELOPMENT_INSTANCE: "true"
@@ -43,7 +43,7 @@ services:
      ## system
      - /sys/fs/cgroup:/sys/fs/cgroup:rw # required for systemd
      - ./:/opt/chatmail
-      - ${PATH_TO_SSL_HOST}:${PATH_TO_SSL_CONTAINER}:ro
+      - ${CERTS_ROOT_DIR_HOST}:${CERTS_ROOT_DIR_CONTAINER}:ro
      
      ## data
      - ./data/chatmail:/home
--- a/docker/example.env
+++ b/docker/example.env
@@ -1,5 +1,5 @@
 MAIL_DOMAIN="chat.example.com"
 ACME_EMAIL="my.email@gmail.com"

-PATH_TO_SSL_HOST="./traefik/data/letsencrypt/certs/${MAIL_DOMAIN}"
-PATH_TO_SSL_CONTAINER="/var/lib/acme/live/${MAIL_DOMAIN}"
+CERTS_ROOT_DIR_HOST="./traefik/data/letsencrypt/certs"
+CERTS_ROOT_DIR_CONTAINER="/var/lib/acme/live"
--- a/docker/files/entrypoint.sh
+++ b/docker/files/entrypoint.sh
@@ -2,13 +2,13 @@
 set -eo pipefail

 if [ "${USE_FOREIGN_CERT_MANAGER,,}" == "true" ]; then
-    if [ ! -f "$PATH_TO_SSL_CONTAINER/fullchain" ]; then
-        echo "Error: file '$PATH_TO_SSL_CONTAINER/fullchain' does not exist. Exiting..." > /dev/stderr
+    if [ ! -f "$PATH_TO_SSL/fullchain" ]; then
+        echo "Error: file '$PATH_TO_SSL/fullchain' does not exist. Exiting..." > /dev/stderr
        sleep 2
        exit 1
    fi
-    if [ ! -f "$PATH_TO_SSL_CONTAINER/privkey" ]; then
-        echo "Error: file '$PATH_TO_SSL_CONTAINER/privkey' does not exist. Exiting..." > /dev/stderr
+    if [ ! -f "$PATH_TO_SSL/privkey" ]; then
+        echo "Error: file '$PATH_TO_SSL/privkey' does not exist. Exiting..." > /dev/stderr
        sleep 2
        exit 1
    fi
--- a/docker/files/setup_chatmail_docker.sh
+++ b/docker/files/setup_chatmail_docker.sh
@@ -4,7 +4,7 @@ set -eo pipefail
 export INI_FILE="${INI_FILE:-chatmail.ini}"
 export ENABLE_CERTS_MONITORING="${ENABLE_CERTS_MONITORING:-true}"
 export CERTS_MONITORING_TIMEOUT="${CERTS_MONITORING_TIMEOUT:-60}"
-export PATH_TO_SSL_CONTAINER="${PATH_TO_SSL_CONTAINER:-/var/lib/acme/live/${MAIL_DOMAIN}}"
+export PATH_TO_SSL="${PATH_TO_SSL:-/var/lib/acme/live/${MAIL_DOMAIN}}"
 export CHANGE_KERNEL_SETTINGS=${CHANGE_KERNEL_SETTINGS:-"False"}
 export RECREATE_VENV=${RECREATE_VENV:-"false"}

@@ -20,7 +20,7 @@ debug_commands() {
 }

 calculate_hash() {
-    find "$PATH_TO_SSL_CONTAINER" -type f -exec sha1sum {} \; | sort | sha1sum | awk '{print $1}'
+    find "$PATH_TO_SSL" -type f -exec sha1sum {} \; | sort | sha1sum | awk '{print $1}'
 }

 monitor_certificates() {