From 6b6a5312564fd21eeac4a6bf98ca1d3cea92b73f Mon Sep 17 00:00:00 2001 From: mguschin Date: Wed, 4 Feb 2026 13:19:36 +0300 Subject: [PATCH] Delete self signed certs. --- entrypoint.sh | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index 3b1ffa7..dea9adc 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -38,24 +38,24 @@ fi # (directories are already created in Dockerfile with proper ownership) touch /var/log/prosody/prosody.log /var/log/prosody/prosody.err 2>/dev/null || true -# Use Let's Encrypt certificate if available, otherwise generate self-signed +# Copy Let's Encrypt certificate to prosody certs directory CERT_PATH="/etc/prosody/certs/xmpp.guschin.info.crt" KEY_PATH="/etc/prosody/certs/xmpp.guschin.info.key" LETSENCRYPT_CERT="/etc/prosody/certs/letsencrypt/fullchain.pem" LETSENCRYPT_KEY="/etc/prosody/certs/letsencrypt/privkey.pem" -if [ -r "$LETSENCRYPT_CERT" ] && [ -r "$LETSENCRYPT_KEY" ]; then - echo "Using Let's Encrypt certificate..." +if [ -f "$LETSENCRYPT_CERT" ] && [ -f "$LETSENCRYPT_KEY" ]; then + echo "Setting up Let's Encrypt certificate..." cp "$LETSENCRYPT_CERT" "$CERT_PATH" cp "$LETSENCRYPT_KEY" "$KEY_PATH" chmod 644 "$CERT_PATH" chmod 600 "$KEY_PATH" -elif [ ! -f "$CERT_PATH" ] || [ ! -f "$KEY_PATH" ]; then - echo "Let's Encrypt certificate not found, generating self-signed certificate..." - openssl req -x509 -newkey rsa:4096 -keyout "$KEY_PATH" -out "$CERT_PATH" \ - -days 365 -nodes -subj "/CN=xmpp.guschin.info" - chmod 600 "$KEY_PATH" - chmod 644 "$CERT_PATH" + chown prosody:prosody "$CERT_PATH" "$KEY_PATH" +else + echo "ERROR: Let's Encrypt certificates not found at:" + echo " Certificate: $LETSENCRYPT_CERT" + echo " Private Key: $LETSENCRYPT_KEY" + exit 1 fi echo "Starting Prosody..."