added external volume mounts and removes some
This commit is contained in:
@@ -40,54 +40,44 @@ else
|
||||
DOCKER_REGISTRY_URL="";
|
||||
fi
|
||||
|
||||
DNS_DIR="/etc/system/data/dns";
|
||||
DNS="--env DNS_DIR=$DNS_DIR";
|
||||
DNS_PATH="--volume $DNS_DIR:/etc/dns:rw";
|
||||
|
||||
CA_PATH=/etc/ssl/certs;
|
||||
CA="--env CA_PATH=$CA_PATH";
|
||||
CA_FILE="--volume $CA_PATH:$CA_PATH:ro";
|
||||
|
||||
|
||||
service_exec="docker run --rm \
|
||||
$DNS $DNS_PATH \
|
||||
$CA $CA_FILE \
|
||||
-w /services/ \
|
||||
-v $SOURCE/system.json:/etc/user/config/system.json:ro \
|
||||
-v $SOURCE/user.json:/etc/user/config/user.json:ro \
|
||||
-v $SERVICE_FILES/tmp:/services:rw \
|
||||
--mount src=SYSTEM_DATA,dst=/etc/ssl/certs,volume-subpath=ssl/certs,ro \
|
||||
--mount src=SYSTEM_DATA,dst=/etc/dns/hosts.local,volume-subpath=dns/hosts.local,ro \
|
||||
--mount src=USER_CONFIG,dst=/services,volume-subpath=services/tmp \
|
||||
--mount src=USER_CONFIG,dst=/etc/user/config/system.json,volume-subpath=system.json,ro \
|
||||
--mount src=USER_CONFIG,dst=/etc/user/config/user.json,volume-subpath=user.json,ro \
|
||||
-v /var/run/docker.sock:/var/run/docker.sock \
|
||||
--env DOCKER_REGISTRY_URL=$DOCKER_REGISTRY_URL \
|
||||
$DOCKER_REGISTRY_URL$SETUP"
|
||||
|
||||
|
||||
letsencrypt_certificates() {
|
||||
|
||||
#cd /
|
||||
|
||||
for retries in $(seq 0 $((RESTART + 1))); do
|
||||
if [[ $retries -le $RESTART ]] ; then
|
||||
|
||||
LETS_ENCRYPT_VALUE="$(docker ps | grep letsencrypt | grep Up | wc -l)";
|
||||
if [[ $LETS_ENCRYPT_VALUE -eq 0 ]] ; then
|
||||
echo "Starting letsencrypt process";
|
||||
cp -av /firewall-files/firewall-letsencrypt.json /tmp/;
|
||||
LETSENCRYPT_TEMP_SERVICE_FILE=$(mktemp -p /tmp/)".json";
|
||||
ENVS='[
|
||||
{"DOMAIN": "'$DOMAIN'"},
|
||||
{"TIMEOUT": "'$TIMEOUT'"},
|
||||
{"RESTART": "'$RESTART'"}
|
||||
]';
|
||||
VOLUMES='
|
||||
{
|
||||
"SOURCE": "/etc/user/config/user.json",
|
||||
"DEST": "/etc/user/config/user.json",
|
||||
"TYPE": "ro"
|
||||
}
|
||||
';
|
||||
jq '.containers[0].ENVS |='"$ENVS"' | .containers[0].VOLUMES[.containers[0].VOLUMES|length]|='"$VOLUMES" $SERVICE_FILES/$LETSENCRYPT_SERVICE_NAME > $LETSENCRYPT_TEMP_SERVICE_FILE;
|
||||
$service_exec $(basename ${LETSENCRYPT_TEMP_SERVICE_FILE%.*}) start info prechecked;
|
||||
rm -v /tmp/firewall-letsencrypt.json ;
|
||||
$DOCKER_REGISTRY_URL$SETUP"
|
||||
|
||||
letsencrypt_certificates() {
|
||||
|
||||
#cd /
|
||||
|
||||
for retries in $(seq 0 $((RESTART + 1))); do
|
||||
if [[ $retries -le $RESTART ]] ; then
|
||||
|
||||
LETS_ENCRYPT_VALUE="$(docker ps | grep letsencrypt | grep Up | wc -l)";
|
||||
if [[ $LETS_ENCRYPT_VALUE -eq 0 ]] ; then
|
||||
echo "Starting letsencrypt process";
|
||||
mkdir -p $SERVICE_FILES/tmp/tmp
|
||||
cp -av /firewall-files/firewall-letsencrypt.json $SERVICE_FILES/tmp/;
|
||||
LETSENCRYPT_TEMP_SERVICE_FILE=$(mktemp -p $SERVICE_FILES/tmp/);
|
||||
ENVS='[
|
||||
{"DOMAIN": "'$DOMAIN'"},
|
||||
{"TIMEOUT": "'$TIMEOUT'"},
|
||||
{"RESTART": "'$RESTART'"}
|
||||
]';
|
||||
VOLUMES='
|
||||
{
|
||||
"SOURCE": "/etc/user/config/user.json",
|
||||
"DEST": "/etc/user/config/user.json",
|
||||
"TYPE": "ro"
|
||||
}
|
||||
';
|
||||
jq '.containers[0].ENVS |='"$ENVS"' | .containers[0].VOLUMES[.containers[0].VOLUMES|length]|='"$VOLUMES" $SERVICE_FILES/$LETSENCRYPT_SERVICE_NAME > $LETSENCRYPT_TEMP_SERVICE_FILE.json;
|
||||
$service_exec $(basename $LETSENCRYPT_TEMP_SERVICE_FILE) start info prechecked; rm -v $SERVICE_FILES/tmp/firewall-letsencrypt.json ;
|
||||
break;
|
||||
else
|
||||
echo "Waiting "$TIMEOUT" second for previous letsencrypt process ending";
|
||||
|
||||
Reference in New Issue
Block a user