Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

copy SSL certificates from NC instance to ExApp upon install/update action #448

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

oleksandr-nc
Copy link
Contributor

This PR adds the updateCertificates method to automate SSL certificate updates in Docker containers.

It detects the container's OS, determines the correct certificate directory (e.g., /usr/local/share/ca-certificates for Debian), parses the Nextcloud certificate bundle, copies individual certificates into the container, and applies updates using OS-specific commands like update-ca-certificates.

Tested on Debian and Alpine.

Signed-off-by: Oleksander Piskun <oleksandr2088@icloud.com>
@oleksandr-nc
Copy link
Contributor Author

the only thing that worries me is that we copy all the certificates from the bundle from the server, including the system ones.

as far as I know, this shouldn't break anything, and this PR won't be backported, so we have plenty of time for testing until Nextcloud 31 get released.

Comment on lines +151 to +152
// Build the path in the container
$pathInContainer = $targetDir . "/custom_cert_$index.crt";
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we can probably have the same filename for easy manual removal/addition? So the filename of the original cert instead of $index. What do you say?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants