2026-02-02 20:12:50 +03:00
|
|
|
#!/bin/bash
|
|
|
|
|
set -e
|
|
|
|
|
|
|
|
|
|
# Prosody Docker Entrypoint Script
|
|
|
|
|
|
|
|
|
|
echo "Initializing Prosody XMPP Server..."
|
|
|
|
|
|
|
|
|
|
# Wait for MySQL to be ready
|
|
|
|
|
if [ -n "$MYSQL_HOST" ]; then
|
|
|
|
|
MYSQL_PORT="${MYSQL_PORT:-3306}"
|
|
|
|
|
MYSQL_TIMEOUT="${MYSQL_TIMEOUT:-60}"
|
|
|
|
|
|
|
|
|
|
echo "Waiting for MySQL at $MYSQL_HOST:$MYSQL_PORT (timeout: ${MYSQL_TIMEOUT}s)..."
|
|
|
|
|
|
|
|
|
|
counter=0
|
|
|
|
|
until nc -z "$MYSQL_HOST" "$MYSQL_PORT" 2>/dev/null || [ $counter -eq $MYSQL_TIMEOUT ]; do
|
|
|
|
|
counter=$((counter + 1))
|
|
|
|
|
if [ $((counter % 10)) -eq 0 ]; then
|
|
|
|
|
echo "Still waiting for MySQL... (${counter}s elapsed)"
|
|
|
|
|
fi
|
|
|
|
|
sleep 1
|
|
|
|
|
done
|
|
|
|
|
|
|
|
|
|
if [ $counter -eq $MYSQL_TIMEOUT ]; then
|
|
|
|
|
echo "ERROR: MySQL at $MYSQL_HOST:$MYSQL_PORT did not become ready within ${MYSQL_TIMEOUT} seconds"
|
|
|
|
|
echo "Please check that:"
|
2026-02-03 21:03:20 +03:00
|
|
|
echo " - MySQL server is running on the host"
|
|
|
|
|
echo " - MySQL is listening on port $MYSQL_PORT"
|
2026-02-02 20:12:50 +03:00
|
|
|
echo " - MYSQL_HOST environment variable is correctly set"
|
2026-02-03 21:03:20 +03:00
|
|
|
echo " - Firewall allows connection to MySQL port"
|
2026-02-02 20:12:50 +03:00
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
echo "MySQL is ready! (connected after ${counter}s)"
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# Ensure necessary directories exist and are writable
|
|
|
|
|
# (directories are already created in Dockerfile with proper ownership)
|
|
|
|
|
touch /var/log/prosody/prosody.log /var/log/prosody/prosody.err 2>/dev/null || true
|
|
|
|
|
|
2026-03-02 07:56:48 +03:00
|
|
|
# Copy Let's Encrypt certificates to prosody certs directory
|
|
|
|
|
install_cert() {
|
|
|
|
|
local domain="$1"
|
|
|
|
|
local cert_path="/etc/prosody/certs/${domain}.crt"
|
|
|
|
|
local key_path="/etc/prosody/certs/${domain}.key"
|
|
|
|
|
local le_cert="/etc/prosody/certs/letsencrypt/live/${domain}/fullchain.pem"
|
|
|
|
|
local le_key="/etc/prosody/certs/letsencrypt/live/${domain}/privkey.pem"
|
2026-02-04 13:14:27 +03:00
|
|
|
|
2026-03-02 07:56:48 +03:00
|
|
|
if [ -f "$le_cert" ] && [ -f "$le_key" ]; then
|
|
|
|
|
echo "Setting up Let's Encrypt certificate for ${domain}..."
|
|
|
|
|
cp "$le_cert" "$cert_path"
|
|
|
|
|
cp "$le_key" "$key_path"
|
|
|
|
|
chmod 644 "$cert_path"
|
|
|
|
|
chmod 600 "$key_path"
|
|
|
|
|
chown prosody:prosody "$cert_path" "$key_path"
|
|
|
|
|
echo "Let's Encrypt certificate for ${domain} installed"
|
|
|
|
|
elif [ ! -f "$cert_path" ] || [ ! -f "$key_path" ]; then
|
|
|
|
|
echo "Let's Encrypt certificate for ${domain} not found, generating self-signed..."
|
|
|
|
|
openssl req -x509 -newkey rsa:4096 -keyout "$key_path" -out "$cert_path" \
|
|
|
|
|
-days 365 -nodes -subj "/CN=${domain}"
|
|
|
|
|
chmod 600 "$key_path"
|
|
|
|
|
chmod 644 "$cert_path"
|
|
|
|
|
chown prosody:prosody "$cert_path" "$key_path"
|
|
|
|
|
else
|
|
|
|
|
echo "Using existing certificates for ${domain}"
|
|
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
install_cert "xmpp.guschin.info"
|
|
|
|
|
install_cert "guschin.info"
|
2026-02-02 20:12:50 +03:00
|
|
|
|
|
|
|
|
echo "Starting Prosody..."
|
2026-02-04 13:24:19 +03:00
|
|
|
|
2026-02-04 13:30:56 +03:00
|
|
|
# Ensure proper ownership of writable directories (letsencrypt mount is read-only)
|
|
|
|
|
chown -R prosody:prosody /var/lib/prosody /var/log/prosody /var/run/prosody /etc/prosody/certs 2>/dev/null || true
|
2026-02-04 13:29:45 +03:00
|
|
|
|
|
|
|
|
# Execute as root (Prosody in containers running as root is acceptable)
|
|
|
|
|
exec "$@"
|
