rixty
/
AzuraCast
mirror of https://github.com/AzuraCast/AzuraCast.git
1
1
Fork 0
Code Issues Projects Releases Wiki Activity

Fixes #6721 -- Fix issues with SSL cert path with new storage update.

This commit is contained in:
Buster Neece 2023-11-14 11:41:23 -06:00
parent 89ecb7db27
commit bd7a344891
No known key found for this signature in database
5 changed files with 35 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@ -9,6 +9,8 @@ release channel, you can take advantage of these new features and fixes.
## Bug Fixes
- A bug preventing SSL (HTTPS) certificates from loading from the new storage location has been fixed.
---
# AzuraCast 0.19.2 (Nov 7, 2023)

4
docker-compose.dev.yml
View File

@ -8,8 +8,8 @@ services:
- "127.0.0.1:6025:6025" # Centrifugo
- "127.0.0.1:6379:6379" # Redis
volumes:
- $PWD/util/local_ssl/default.crt:/var/azuracast/acme/ssl.crt:ro
- $PWD/util/local_ssl/default.key:/var/azuracast/acme/ssl.key:ro
- $PWD/util/local_ssl/default.crt:/var/azuracast/storage/acme/ssl.crt:ro
- $PWD/util/local_ssl/default.key:/var/azuracast/storage/acme/ssl.key:ro
- $PWD/frontend/node_modules:/var/azuracast/www/frontend/node_modules
- $PWD/vendor:/var/azuracast/www/vendor
- $PWD:/var/azuracast/www

6
util/docker/web/nginx/azuracast.conf.tmpl
View File

@ -54,8 +54,8 @@ server {
listen 80;
listen 443 default_server http2 ssl;
ssl_certificate /var/azuracast/acme/ssl.crt;
ssl_certificate_key /var/azuracast/acme/ssl.key;
ssl_certificate {{ default .Env.ACME_DIR "/var/azuracast/storage/acme" }}/ssl.crt;
ssl_certificate_key {{ default .Env.ACME_DIR "/var/azuracast/storage/acme" }}/ssl.key;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_prefer_server_ciphers on;
@ -76,7 +76,7 @@ server {
# LetsEncrypt handling
location /.well-known/acme-challenge {
alias /var/azuracast/acme/challenges;
alias {{ default .Env.ACME_DIR "/var/azuracast/storage/acme" }}/challenges;
try_files $uri =404;
}

32
util/docker/web/startup_scripts/01_self_signed_ssl.sh
View File

@ -1,26 +1,34 @@
#!/bin/bash
mkdir -p /var/azuracast/acme/challenges || true
if [ -z "$ACME_DIR" ]; then
if [ -d "/var/azuracast/acme" ]; then
export ACME_DIR="/var/azuracast/acme"
else
export ACME_DIR="/var/azuracast/storage/acme"
fi
fi
if [ -f /var/azuracast/acme/default.crt ]; then
rm -rf /var/azuracast/acme/default.key || true
rm -rf /var/azuracast/acme/default.crt || true
mkdir -p "$ACME_DIR/challenges" || true
if [ -f "$ACME_DIR/default.crt" ]; then
rm -rf "$ACME_DIR/default.key" || true
rm -rf "$ACME_DIR/default.crt" || true
fi
# Generate a self-signed certificate if one doesn't exist in the certs path.
if [ ! -f /var/azuracast/acme/default.crt ]; then
if [ ! -f "$ACME_DIR/default.crt" ]; then
echo "Generating self-signed certificate..."
openssl req -new -nodes -x509 -subj "/C=US/ST=Texas/L=Austin/O=IT/CN=localhost" \
-days 365 -extensions v3_ca \
-keyout /var/azuracast/acme/default.key \
-out /var/azuracast/acme/default.crt
-keyout "$ACME_DIR/default.key" \
-out "$ACME_DIR/default.crt"
fi
if [ ! -f /var/azuracast/acme/ssl.crt ]; then
ln -s /var/azuracast/acme/default.key /var/azuracast/acme/ssl.key
ln -s /var/azuracast/acme/default.crt /var/azuracast/acme/ssl.crt
if [ ! -f "$ACME_DIR/ssl.crt" ]; then
ln -s "$ACME_DIR/default.key" "$ACME_DIR/ssl.key"
ln -s "$ACME_DIR/default.crt" "$ACME_DIR/ssl.crt"
fi
chown -R azuracast:azuracast /var/azuracast/acme || true
chmod -R u=rwX,go=rX /var/azuracast/acme || true
chown -R azuracast:azuracast "$ACME_DIR" || true
chmod -R u=rwX,go=rX "$ACME_DIR" || true

8
util/docker/web/startup_scripts/05_nginx_conf.sh
View File

@ -9,6 +9,14 @@ if [ -z "$UPLOADS_DIR" ]; then
fi
fi
if [ -z "$ACME_DIR" ]; then
if [ -d "/var/azuracast/acme" ]; then
export ACME_DIR="/var/azuracast/acme"
else
export ACME_DIR="/var/azuracast/storage/acme"
fi
fi
# Copy the nginx template to its destination.
dockerize -template "/etc/nginx/nginx.conf.tmpl:/etc/nginx/nginx.conf" \
-template "/etc/nginx/azuracast.conf.tmpl:/etc/nginx/sites-available/default"