mirror of
https://github.com/bigbluebutton/docker.git
synced 2025-06-20 11:48:22 +02:00
lets encrypt: email required, remove staging flag
This commit is contained in:
parent
1a79f73fe3
commit
4afa12bcf2
@ -446,8 +446,7 @@ services:
|
||||
environment:
|
||||
- IGNORE_TLS_CERT_ERRORS={{$ignore_tls_cert_errors}}
|
||||
- CERT1=${DOMAIN}
|
||||
- STAGING=true
|
||||
- EMAIL=test@chandi.it
|
||||
- EMAIL=${LETSENCRYPT_EMAIL}
|
||||
network_mode: host
|
||||
{{end}}
|
||||
|
||||
|
@ -7,7 +7,7 @@ set -e
|
||||
|
||||
declare -p | grep -Ev '^declare -[[:alpha:]]*r' > /container.env
|
||||
|
||||
if [ "$IGNORE_TLS_CERT_ERRORS" ]; then
|
||||
if [ "$IGNORE_TLS_CERT_ERRORS" ] && [ "$IGNORE_TLS_CERT_ERRORS" != "false" ]; then
|
||||
# use self signed certificate
|
||||
if [ ! -f /etc/haproxy/certs/haproxy-10.7.7.1.pem ]; then
|
||||
mkdir -p /etc/haproxy/certs
|
||||
|
@ -6,8 +6,7 @@
|
||||
# HTTPS Proxy
|
||||
# fully automated Lets Encrypt certificates
|
||||
ENABLE_HTTPS_PROXY=true
|
||||
# If your network doesn't allow access to DNS at 8.8.8.8 specify your own resolvers
|
||||
#RESOLVER_ADDRESS=x.x.x.x
|
||||
LETSENCRYPT_EMAIL=test@example.net
|
||||
|
||||
# Greenlight Frontend
|
||||
# https://docs.bigbluebutton.org/greenlight/gl-overview.html
|
||||
|
@ -18,6 +18,13 @@ if [ -z "$EXTERNAL_IPv4" ]; then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ "$ENABLE_HTTPS_PROXY" ] && [ -z "$LETSENCRYPT_EMAIL" ]; then
|
||||
echo "ERROR: LETSENCRYPT_EMAIL is not set in .env"
|
||||
echo "you need to specify an email adress, otherwise the certificate"
|
||||
echo "retrieval will fail"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
function get_tag {
|
||||
# is submodule checked out?
|
||||
if [ -f "$1/.git" ]; then
|
||||
|
@ -18,6 +18,7 @@ then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
. scripts/functions.sh
|
||||
ensure_bbbhtml5yml
|
||||
|
||||
EXTERNAL_IPv4=$(curl -4 -s https://icanhazip.com)
|
||||
@ -29,21 +30,15 @@ while [[ ! $greenlight =~ ^(y|n)$ ]]; do
|
||||
done
|
||||
|
||||
https_proxy=""
|
||||
LETSENCRYPT_EMAIL=""
|
||||
while [[ ! $https_proxy =~ ^(y|n)$ ]]; do
|
||||
read -p "Should an automatic HTTPS Proxy be included? (y/n): " https_proxy
|
||||
done
|
||||
|
||||
if [ "$coturn" == "y" ] && [ ! "$https_proxy" == "y" ]
|
||||
if [ "$https_proxy" == "y" ]
|
||||
then
|
||||
echo "Coturn needs TLS to function properly."
|
||||
echo " Since automatic HTTPS Proxy is disabled,"
|
||||
echo " you must provide a relative or absolute path"
|
||||
echo " to your certificates."
|
||||
while [[ -z "$CERTPATH" ]]; do
|
||||
read -p "Please enter path to cert.pem: " CERTPATH
|
||||
done
|
||||
while [[ -z "$KEYPATH" ]]; do
|
||||
read -p "Please enter path to key.pem: " KEYPATH
|
||||
while [[ ! $LETSENCRYPT_EMAIL =~ ^.+@.+\..+$ ]]; do
|
||||
read -p "Please enter an Email adress for the Let's Encrypt notifications: " LETSENCRYPT_EMAIL
|
||||
done
|
||||
fi
|
||||
|
||||
@ -142,6 +137,7 @@ fi
|
||||
if [ ! "$https_proxy" == "y" ]
|
||||
then
|
||||
sed -i "s/ENABLE_HTTPS_PROXY.*/#ENABLE_HTTPS_PROXY=true/" .env
|
||||
sed -i "s/LETSENCRYPT_EMAIL=.*/LETSENCRYPT_EMAIL=$LETSENCRYPT_EMAIL/" .env
|
||||
fi
|
||||
|
||||
if [ "$recording" == "y" ]
|
||||
@ -156,12 +152,6 @@ then
|
||||
fi
|
||||
|
||||
|
||||
if [ -n "$CERTPATH" ] && [ -n "$KEYPATH" ]
|
||||
then
|
||||
sed -i "s,#COTURN_TLS_CERT_PATH=.*,COTURN_TLS_CERT_PATH=$CERTPATH," .env
|
||||
sed -i "s,#COTURN_TLS_KEY_PATH=.*,COTURN_TLS_KEY_PATH=$KEYPATH," .env
|
||||
fi
|
||||
|
||||
if [ "$prometheus_exporter" == "y" ]
|
||||
then
|
||||
sed -i "s/#ENABLE_PROMETHEUS_EXPORTER=.*/ENABLE_PROMETHEUS_EXPORTER=true/" .env
|
||||
|
Loading…
x
Reference in New Issue
Block a user