| 12345678910111213141516171819202122232425262728 |
- #!/bin/bash
- #---Objective---
- # Replicates keys to another directory and make them world readable
- # so other containers can make use of them.
- #---Context---
- # acme-companion sets the root user as the key owner
- # and removes read permission for other users.
- # Other containers run under unprivileged user IDs, e.g. 1000 or 9000,
- # and cannot access the keys.
- # Define source and destination directories
- src_dir="/etc/nginx/certs/"
- dest_dir="/etc/nginx/certs-shared/"
- mkdir -p $dest_dir
- # Copy the files and update permissions
- cp --dereference --update -p $src_dir*.key $src_dir*.crt $dest_dir
- chmod -R a+r $dest_dir
- # Delete files in the destination that are not in the source
- for file in $dest_dir*; do
- base_file=$(basename "$file")
- if [[ ! -e $src_dir$base_file ]]; then
- rm "$file"
- fi
- done
|
