ambiser
/
openvidu
mirror of https://github.com/OpenVidu/openvidu.git
8
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

deployment: fix nginx main process. Update nginx version

pull/678/head
cruizba 2021-12-16 17:27:32 +01:00
parent ea59ad0519
commit edfbe3104e
2 changed files with 18 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
openvidu-server/docker/openvidu-proxy/Dockerfile
View File

@ -1,7 +1,7 @@
FROM nginx:1.20.0-alpine FROM nginx:1.21.4-alpine
# Install required software # Install required software
RUN apk update && \ RUN apk update && \
apk add bash \ apk add bash \
certbot \ certbot \
openssl \ openssl \
@ -29,4 +29,4 @@ RUN mkdir -p /var/www/certbot && \
chmod +x /usr/local/bin/entrypoint.sh && \ chmod +x /usr/local/bin/entrypoint.sh && \
chmod +x /usr/local/bin/discover_my_public_ip.sh chmod +x /usr/local/bin/discover_my_public_ip.sh
CMD /usr/local/bin/entrypoint.sh CMD [ "/usr/local/bin/entrypoint.sh" ]

26
openvidu-server/docker/openvidu-proxy/entrypoint.sh
View File

@ -7,7 +7,7 @@ if [ -z "${DOMAIN_OR_PUBLIC_IP}" ]; then
exit 0 exit 0
fi fi
if [ -z "${CERTIFICATE_TYPE}" ]; then if [ -z "${CERTIFICATE_TYPE}" ]; then
printf "\n =======¡ERROR!=======" printf "\n =======¡ERROR!======="
printf "\n Variable 'CERTIFICATE_TYPE' it's necessary\n" printf "\n Variable 'CERTIFICATE_TYPE' it's necessary\n"
exit 0 exit 0
@ -117,10 +117,10 @@ case ${CERTIFICATE_TYPE} in
if [[ ! -f "${CERTIFICATES_LIVE_FOLDER:?}/${DOMAIN_OR_PUBLIC_IP}/privkey.pem" && \ if [[ ! -f "${CERTIFICATES_LIVE_FOLDER:?}/${DOMAIN_OR_PUBLIC_IP}/privkey.pem" && \
! -f "${CERTIFICATES_LIVE_FOLDER:?}/${DOMAIN_OR_PUBLIC_IP}/fullchain.pem" ]]; then ! -f "${CERTIFICATES_LIVE_FOLDER:?}/${DOMAIN_OR_PUBLIC_IP}/fullchain.pem" ]]; then
printf "\n - Generating selfsigned certificate...\n" printf "\n - Generating selfsigned certificate...\n"
# Delete and create certificate folder # Delete and create certificate folder
rm -rf "${CERTIFICATES_LIVE_FOLDER:?}/${DOMAIN_OR_PUBLIC_IP}" | true rm -rf "${CERTIFICATES_LIVE_FOLDER:?}/${DOMAIN_OR_PUBLIC_IP}" | true
mkdir -p "${CERTIFICATES_LIVE_FOLDER:?}/${DOMAIN_OR_PUBLIC_IP}" mkdir -p "${CERTIFICATES_LIVE_FOLDER:?}/${DOMAIN_OR_PUBLIC_IP}"
openssl req -new -nodes -x509 \ openssl req -new -nodes -x509 \
-subj "/CN=${DOMAIN_OR_PUBLIC_IP}" -days 365 \ -subj "/CN=${DOMAIN_OR_PUBLIC_IP}" -days 365 \
@ -139,7 +139,7 @@ case ${CERTIFICATE_TYPE} in
# Delete and create certificate folder # Delete and create certificate folder
rm -rf "${CERTIFICATES_LIVE_FOLDER:?}/${DOMAIN_OR_PUBLIC_IP}" | true rm -rf "${CERTIFICATES_LIVE_FOLDER:?}/${DOMAIN_OR_PUBLIC_IP}" | true
mkdir -p "${CERTIFICATES_LIVE_FOLDER:?}/${DOMAIN_OR_PUBLIC_IP}" mkdir -p "${CERTIFICATES_LIVE_FOLDER:?}/${DOMAIN_OR_PUBLIC_IP}"
cp /owncert/certificate.key "${CERTIFICATES_LIVE_FOLDER:?}/${DOMAIN_OR_PUBLIC_IP}/privkey.pem" cp /owncert/certificate.key "${CERTIFICATES_LIVE_FOLDER:?}/${DOMAIN_OR_PUBLIC_IP}/privkey.pem"
cp /owncert/certificate.cert "${CERTIFICATES_LIVE_FOLDER:?}/${DOMAIN_OR_PUBLIC_IP}/fullchain.pem" cp /owncert/certificate.cert "${CERTIFICATES_LIVE_FOLDER:?}/${DOMAIN_OR_PUBLIC_IP}/fullchain.pem"
@ -338,7 +338,7 @@ if [[ "${PUBLIC_IP}" == "auto-ipv4" ]]; then
elif [[ "${PUBLIC_IP}" == "auto-ipv6" ]]; then elif [[ "${PUBLIC_IP}" == "auto-ipv6" ]]; then
PUBLIC_IP=$(/usr/local/bin/discover_my_public_ip.sh --ipv6) PUBLIC_IP=$(/usr/local/bin/discover_my_public_ip.sh --ipv6)
printf "\n - Public IPv6 for rules: %s" "$PUBLIC_IP" printf "\n - Public IPv6 for rules: %s" "$PUBLIC_IP"
else else
if valid_ip_v4 "$PUBLIC_IP"; then if valid_ip_v4 "$PUBLIC_IP"; then
printf "\n - Valid defined public IPv4: %s" "$PUBLIC_IP" printf "\n - Valid defined public IPv4: %s" "$PUBLIC_IP"
elif valid_ip_v6 "$PUBLIC_IP"; then elif valid_ip_v6 "$PUBLIC_IP"; then
@ -353,7 +353,7 @@ if [ "${ALLOWED_ACCESS_TO_DASHBOARD}" != "all" ]; then
for IP in $(echo "${ALLOWED_ACCESS_TO_DASHBOARD}" | tr -d '[:space:]') for IP in $(echo "${ALLOWED_ACCESS_TO_DASHBOARD}" | tr -d '[:space:]')
do do
if valid_ip_v4 "$IP" || valid_ip_v6 "$IP"; then if valid_ip_v4 "$IP" || valid_ip_v6 "$IP"; then
if [ -z "${RULES_DASHBOARD}" ]; then if [ -z "${RULES_DASHBOARD}" ]; then
RULES_DASHBOARD="allow $IP;" RULES_DASHBOARD="allow $IP;"
printf "\n - Allowing IP/RANGE %s in Dashboard..." "$IP" printf "\n - Allowing IP/RANGE %s in Dashboard..." "$IP"
@ -382,7 +382,7 @@ if [ "${ALLOWED_ACCESS_TO_DASHBOARD}" != "all" ]; then
exit 0 exit 0
fi fi
done done
else else
RULES_DASHBOARD="allow all;" RULES_DASHBOARD="allow all;"
fi fi
@ -463,7 +463,11 @@ printf "\n ======================================="
printf "\n = START OPENVIDU PROXY =" printf "\n = START OPENVIDU PROXY ="
printf "\n =======================================" printf "\n ======================================="
printf "\n\n" printf "\n\n"
nginx -s reload echo "Restarting nginx"
NGINX_STARTING_PID=$(cat /var/run/nginx.pid)
# nginx logs while kill -s 0 "$NGINX_STARTING_PID" 2> /dev/null; do
tail -f /var/log/nginx/*.log nginx -s quit
sleep 10
done
echo "Starting nginx..."
nginx -g "daemon off;"