forked from jamesp/sasa-membership
James Pattinson
23 lines
606 B
Bash
23 lines
606 B
Bash
#!/usr/bin/env sh
|
|
set -eu
|
|
|
|
CERT_DIR="/etc/nginx/certs"
|
|
CERT_FILE="$CERT_DIR/dev.crt"
|
|
KEY_FILE="$CERT_DIR/dev.key"
|
|
CERT_CN="${DEV_CERT_CN:-localhost}"
|
|
CERT_SANS="${DEV_CERT_SANS:-DNS:localhost,IP:127.0.0.1,IP:::1}"
|
|
|
|
mkdir -p "$CERT_DIR"
|
|
|
|
if [ ! -f "$CERT_FILE" ] || [ ! -f "$KEY_FILE" ]; then
|
|
echo "Generating self-signed TLS certificate for CN=$CERT_CN"
|
|
openssl req -x509 -nodes -newkey rsa:2048 \
|
|
-keyout "$KEY_FILE" \
|
|
-out "$CERT_FILE" \
|
|
-days 365 \
|
|
-subj "/C=GB/ST=Dev/L=Dev/O=SASA/OU=Membership/CN=$CERT_CN" \
|
|
-addext "subjectAltName=$CERT_SANS"
|
|
fi
|
|
|
|
exec nginx -g 'daemon off;'
|