Skip to content

ssl.sh: factor the selfsigned/letsencrypt cert-linking blocks into a helper #647

@kojiromike

Description

@kojiromike

docker/openemr/{7.0.4,8.0.0}/ssl.sh has two near-identical blocks (self-signed and Let's Encrypt) that differ only in which cert/key paths they link to and which marker file they touch:

if [ ! -f /etc/ssl/docker-selfsigned-configured ]; then
    rm -f /etc/ssl/certs/webserver.cert.pem /etc/ssl/private/webserver.key.pem
    ln -s /etc/ssl/certs/selfsigned.cert.pem /etc/ssl/certs/webserver.cert.pem
    ln -s /etc/ssl/private/selfsigned.key.pem /etc/ssl/private/webserver.key.pem
    touch /etc/ssl/docker-selfsigned-configured
fi
# ... and later ...
if [ ! -f /etc/ssl/docker-letsencrypt-configured ]; then
    rm -f /etc/ssl/certs/webserver.cert.pem /etc/ssl/private/webserver.key.pem
    ln -s "/etc/letsencrypt/live/${DOMAIN}/fullchain.pem" /etc/ssl/certs/webserver.cert.pem
    ln -s "/etc/letsencrypt/live/${DOMAIN}/privkey.pem" /etc/ssl/private/webserver.key.pem
    touch /etc/ssl/docker-letsencrypt-configured
fi

A helper configure_certs cert_src key_src marker would remove the duplication. 7.0.4 and 8.0.0 mirrors must stay byte-identical.

Surfaced in review of #643.

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions