fix dhparams path; copy certificates instead of linking them

2024-11-19 14:17:44 +01:00 · 2024-11-19 14:17:44 +01:00 · dbed472925
commit dbed472925
parent e0a7a2f5e9
1 changed files with 4 additions and 9 deletions
--- a/scripts/init.sh
+++ b/scripts/init.sh
@ -43,8 +43,8 @@ echo "" >> ./.env

 # Generate dhparam, if not existing
 [[ ! -d ./data/nginx/certs ]] && mkdir -p ./data/nginx/certs && chmod 700 ./data/nginx/certs || true
-[[ ! -f ./data/nginx/certs/dhparams.pem ]] && echo "" && openssl dhparam -out ./data/nginx/certs/dhparams.pem 4096 \
-	&& echo "" && echo "Checking generated dhparams" && openssl dhparam -check -in ./data/nginx/certs/dhparams.pem || true
+[[ ! -f ./data/nginx/dhparams.pem ]] && echo "" && openssl dhparam -out ./data/nginx/dhparams.pem 4096 \
+	&& echo "" && echo "Checking generated dhparams" && openssl dhparam -check -in ./data/nginx/dhparams.pem || true

 # Create certificate
 if [[ ! -d ./data/.lego ]]; then
@ -55,13 +55,8 @@ if [[ ! -d ./data/.lego ]]; then
 		--accept-tos \
 		--email="acme@base23.de" \
 		--domains="sso.base23.de" \
-		--http run
-
-	# Link certificates to correct directory
-
-	ln -s ../../.lego/certificates/sso.base23.de.crt ./data/nginx/certs/sso.base23.de.crt
-	ln -s ../../.lego/certificates/sso.base23.de.issuer.crt ./data/nginx/certs/sso.base23.de.issuer.crt
-	ln -s ../../.lego/certificates/sso.base23.de.key ./data/nginx/certs/sso.base23.de.key
+		--http run \
+		&& install -m 400 -o 101 -g 101 "./data/.lego/certificates"/{sso.base23.de.crt,sso.base23.de.issuer.crt,sso.base23.de.key} "./data/nginx/certs"
 fi

 # Setup directory for acme cheallenges