mish/prosody
0
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e207af3ca6e17b80fe6ced5d80cd96da511e397a
prosody/entrypoint.sh
mguschin 173f3a9705 Add guschin.info VirtualHost alongside xmpp.guschin.info 
Users can now register as name@guschin.info or name@xmpp.guschin.info.
Added Let's Encrypt cert mounting and install for guschin.info domain.
Refactored entrypoint cert install into reusable function.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-02 07:56:48 +03:00

79 lines
2.9 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
set -e
# Prosody Docker Entrypoint Script
echo "Initializing Prosody XMPP Server..."
# Wait for MySQL to be ready
if [ -n "$MYSQL_HOST" ]; then
MYSQL_PORT="${MYSQL_PORT:-3306}"
MYSQL_TIMEOUT="${MYSQL_TIMEOUT:-60}"
echo "Waiting for MySQL at $MYSQL_HOST:$MYSQL_PORT (timeout: ${MYSQL_TIMEOUT}s)..."
counter=0
until nc -z "$MYSQL_HOST" "$MYSQL_PORT" 2>/dev/null || [ $counter -eq $MYSQL_TIMEOUT ]; do
counter=$((counter + 1))
if [ $((counter % 10)) -eq 0 ]; then
echo "Still waiting for MySQL... (${counter}s elapsed)"
fi
sleep 1
done
if [ $counter -eq $MYSQL_TIMEOUT ]; then
echo "ERROR: MySQL at $MYSQL_HOST:$MYSQL_PORT did not become ready within ${MYSQL_TIMEOUT} seconds"
echo "Please check that:"
echo " - MySQL server is running on the host"
echo " - MySQL is listening on port $MYSQL_PORT"
echo " - MYSQL_HOST environment variable is correctly set"
echo " - Firewall allows connection to MySQL port"
exit 1
fi
echo "MySQL is ready! (connected after ${counter}s)"
fi
# Ensure necessary directories exist and are writable
# (directories are already created in Dockerfile with proper ownership)
touch /var/log/prosody/prosody.log /var/log/prosody/prosody.err 2>/dev/null || true
# Copy Let's Encrypt certificates to prosody certs directory
install_cert() {
local domain="$1"
local cert_path="/etc/prosody/certs/${domain}.crt"
local key_path="/etc/prosody/certs/${domain}.key"
local le_cert="/etc/prosody/certs/letsencrypt/live/${domain}/fullchain.pem"
local le_key="/etc/prosody/certs/letsencrypt/live/${domain}/privkey.pem"
if [ -f "$le_cert" ] && [ -f "$le_key" ]; then
echo "Setting up Let's Encrypt certificate for ${domain}..."
cp "$le_cert" "$cert_path"
cp "$le_key" "$key_path"
chmod 644 "$cert_path"
chmod 600 "$key_path"
chown prosody:prosody "$cert_path" "$key_path"
echo "Let's Encrypt certificate for ${domain} installed"
elif [ ! -f "$cert_path" ] || [ ! -f "$key_path" ]; then
echo "Let's Encrypt certificate for ${domain} not found, generating self-signed..."
openssl req -x509 -newkey rsa:4096 -keyout "$key_path" -out "$cert_path" \
-days 365 -nodes -subj "/CN=${domain}"
chmod 600 "$key_path"
chmod 644 "$cert_path"
chown prosody:prosody "$cert_path" "$key_path"
else
echo "Using existing certificates for ${domain}"
fi
}
install_cert "xmpp.guschin.info"
install_cert "guschin.info"
echo "Starting Prosody..."
# Ensure proper ownership of writable directories (letsencrypt mount is read-only)
chown -R prosody:prosody /var/lib/prosody /var/log/prosody /var/run/prosody /etc/prosody/certs 2>/dev/null || true
# Execute as root (Prosody in containers running as root is acceptable)
exec "$@"
Reference in New Issue View Git Blame Copy Permalink