Improve caddy setup

gsteinLTU · Jul 1, 2024 · e7f4352 · e7f4352
1 parent 21b7cef
commit e7f4352
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 7 deletions.
diff --git a/Caddyfile.template b/Caddyfile.template
@@ -1,7 +1,3 @@
-{
-       EXTRA
-}
-
 DASH_IP.roboscapeonlineservers.netsblox.org {
         EXTRA
         reverse_proxy :15000

diff --git a/Dockerfile-caddy b/Dockerfile-caddy
@@ -1,6 +1,6 @@
 FROM caddy:2-alpine
 
-RUN apk add --no-cache curl
+RUN apk add --no-cache curl nss-tools openssl
 
 COPY update_caddyfile.sh .
 COPY Caddyfile.template .

diff --git a/update_caddyfile.sh b/update_caddyfile.sh
@@ -1,3 +1,5 @@
+echo "Updating Caddyfile"
+
 # Get the current IP address in the DASH_IP format
 DASH_IP="`curl -s http://checkip.amazonaws.com | tr . -`"
 
@@ -13,8 +15,15 @@ if [[ -n "$CERT" && -n "$KEY" ]]; then
   echo "$CERT" | base64 -d > cert.pem
   echo "$KEY" | base64 -d > key.pem
 
-  # Replace the placeholder with TLS configuration
-  sed -i -e "s/EXTRA/tls cert.pem key.pem/" Caddyfile
+  # Verify the certificate is still valid
+  EXPIRY_DATE=`openssl x509 -enddate -noout -in cert.pem | cut -d= -f2 | sed 's/ GMT//g'`
+  if [[ `date -d "$EXPIRY_DATE" +%s` -lt `date +%s` ]]; then
+    echo "Certificate has expired"
+    sed -i -e "s/EXTRA//" Caddyfile
+  else
+    # Replace the placeholder with TLS configuration
+    sed -i -e "s/EXTRA/tls cert.pem key.pem/" Caddyfile
+  fi
 else
   # Replace the placeholder with no TLS configuration
   sed -i -e "s/EXTRA//" Caddyfile