Allow certificates to be in subfolders of /ssl/ #19
Comments
|
👋 Thanks for opening your first issue here! If you're reporting a 🐛 bug, please make sure you include steps to reproduce it. Also, logs, error messages and information about your hardware might be usefull. |
|
I would strongly advise against it. |
|
@frenck Well, yes, it is documented, this is more of a feature request than a bug ticket. Your second point holds more water IMHO. If there are plans to change/improve the overall certificate handling I'm quite willing to wait. |
|
I will follow @frenck's advise and not change the current options to allow this. |
|
This thread has been automatically locked because it has not had recent activity. Please open a new issue for related bugs and link to relevant comments in this thread. |
Problem/Motivation
I would like to place my certificates in a subfolder of /ssl/ and specifying a corresponding (relative) path in the options.
Actual behavior
Unfortunatly this is not supported.
40-nginx.shfails with asederror. My interpretation is that the sed command used to fill the config template cannot handle the slashes in a path.Steps to reproduce
Simply specify a relative path instead of a filename in the options (and activate ssl of cause) and restart the addon. (To reproduce this you don't actually have to place a certfile at the specified location, as it will fail long before it would be used.)
Proposed changes
The error is caused by the following line in
mqtt/rootfs/etc/cont-init.d/40-nginx.sh:sed -i "s/%%certfile%%/${certfile}/g" /etc/nginx/nginx-ssl.confwhich modifies the followinf line in the config template
mqtt/rootfs/etc/nginx/nginx-ssl.conf:ssl_certificate /ssl/%%certfile%%;As you can see specifiing a path relative to /ssl/ should work, at least from the perspective of the config file. Only the templating via sed fails. I'm hoping there is a relativly easy fix by modifing the sed statement.
The text was updated successfully, but these errors were encountered: