40 lines
1.3 KiB
Bash
Executable File
40 lines
1.3 KiB
Bash
Executable File
#!/bin/sh
|
|
set -eu
|
|
|
|
DOMAIN="${KEYWARDEN_DOMAIN:-localhost}"
|
|
CERT_DIR="/etc/nginx/certs"
|
|
NGINX_TEMPLATE="/etc/nginx/nginx.conf.template"
|
|
NGINX_CONF="/etc/nginx/nginx.conf"
|
|
|
|
# Replaces server_name in nginx.conf with $KEYWARDEN_DOMAIN
|
|
if [ -f "$NGINX_TEMPLATE" ]; then
|
|
ESCAPED_DOMAIN=$(printf '%s' "$DOMAIN" | sed 's/[&/]/\\&/g')
|
|
sed "s/__SERVER_NAME__/${ESCAPED_DOMAIN}/g" "$NGINX_TEMPLATE" > "$NGINX_CONF"
|
|
fi
|
|
|
|
# Creates self-signed certs using mkcert $KEYWARDEN_DOMAIN, and renaming them.
|
|
if [ ! -f "$CERT_DIR/certificate.pem" ] || [ ! -f "$CERT_DIR/key.pem" ]; then
|
|
mkdir -p "$CERT_DIR"
|
|
if command -v mkcert >/dev/null 2>&1; then
|
|
mkcert -install >/dev/null 2>&1 || true
|
|
mkcert -cert-file "$CERT_DIR/certificate.pem" -key-file "$CERT_DIR/key.pem" "$DOMAIN"
|
|
else
|
|
openssl req -x509 -nodes -newkey rsa:2048 -days 365 \
|
|
-subj "/CN=$DOMAIN" \
|
|
-keyout "$CERT_DIR/key.pem" \
|
|
-out "$CERT_DIR/certificate.pem"
|
|
fi
|
|
fi
|
|
|
|
# Build Tailwind CSS (best-effort; skip if not configured)
|
|
python manage.py tailwind install || true
|
|
python manage.py tailwind build || true
|
|
|
|
# Collect static files so Tailwind CSS is served
|
|
python manage.py collectstatic --noinput
|
|
|
|
python manage.py migrate --noinput
|
|
python manage.py ensure_admin
|
|
|
|
exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf
|