FaSTTUBe
/
ftracker
38
1
Fork 0
Code Issues 2 Pull Requests Releases 1 Wiki Activity

Enable Docker container to generate its own VAPID credentials

This commit is contained in:
Oskar Winkels 2021-06-11 01:06:59 +02:00
parent 4ee4869f82
commit 3a872bceb2
Signed by: o.winkels
GPG Key ID: E7484A06E99DAEF1
3 changed files with 34 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Dockerfile
View File

@ -1,7 +1,9 @@
FROM alpine:latest FROM alpine:latest
RUN apk add --update --no-cache \ RUN apk add --update --no-cache \
bash python3 py3-pip nginx uwsgi uwsgi-python3 certbot certbot-nginx bash python3 py3-pip nginx uwsgi uwsgi-python3 certbot certbot-nginx npm jq
RUN npm install -g web-push

11
res/config.deploy.ini
View File

@ -4,6 +4,9 @@
# Remove or leave empty for temporary (/tmp/ftracker-db.json) storage # Remove or leave empty for temporary (/tmp/ftracker-db.json) storage
db_file = /var/ftracker/db.json db_file = /var/ftracker/db.json
# Delete all information after X days (e.g. for GDPR compliance)
delete_after_days = 28
# List of people to be allowed, in .csv format (comma, no delimiters) # List of people to be allowed, in .csv format (comma, no delimiters)
# Col1: First Name(s), Col2: Last Name(s), Col3 (optional): EMail # Col1: First Name(s), Col2: Last Name(s), Col3 (optional): EMail
# Remove or leave empty for no check # Remove or leave empty for no check
@ -21,3 +24,11 @@ guideline_url = https://youtu.be/oHg5SJYRHA0
# JSON indentation for debugging # JSON indentation for debugging
json_indent = 4 json_indent = 4
# VAPID credentials for push notifications
# private key: base64url encoded private part of an EC-Prime256v1 keypair. See INSTALL.md
# sender info: usually mailto link to responsible party to contact about issues
push_private_key = abcdefghijklm_NOPQRSTUVWXYZ-0123456789
push_sender_info = mailto:admin@example.com
# when to notify users, in hours after arrival
notify_after_hrs = 10

20
res/docker-entrypoint.sh
View File

@ -1,5 +1,25 @@
#!/bin/bash #!/bin/bash
echo " >>> Checking / Creating & patching VAPID creds <<< "
VAPID_CREDS_FILE=/etc/ftracker/vapid-creds.json
if [[ ! -f $VAPID_CREDS_FILE ]]
then
echo "Generating keypair ..."
web-push generate-vapid-keys --json > $VAPID_CREDS_FILE
echo "Patching public key into frontend ..."
PUB_KEY=`cat $VAPID_CREDS_FILE | jq -r .publicKey`
sed -i "s/pushServerPublicKey = '[a-zA-Z0-9_\-]*'/pushServerPublicKey = '${PUB_KEY}'/" /var/www/html/ftracker/main.js
echo "Patching private key into backend config ..."
PRIV_KEY=`cat $VAPID_CREDS_FILE | jq -r .privateKey`
echo "push_private_key = ${PRIV_KEY}" >> /etc/ftracker/config.ini
fi
echo " >>> Starting nginx <<< " echo " >>> Starting nginx <<< "
mkdir /run/nginx # needed because of bug in package mkdir /run/nginx # needed because of bug in package