Skip to content

standardize ca-config #7217

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
szaimen wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

standardize ca-config #7217

szaimen wants to merge 1 commit into from
+67 −21

Conversation

@szaimen
Copy link
Collaborator

@szaimen szaimen commented Nov 28, 2025
edited
Loading

Add the directive: Add the TLS_CACERT directive pointing to your certificate file:

TLS_CACERT /path/to/your/ca.pem
TLS_REQCERT hard

@szaimen
standardize ca-config
9b31a14 
Signed-off-by: Simon L. <[email protected]>
@szaimen szaimen added this to the next milestone Nov 28, 2025
@szaimen szaimen added 2. developing Work in progress enhancement New feature or request labels Nov 28, 2025
@szaimen szaimen mentioned this pull request Nov 28, 2025
Open
33 tasks
szaimen
szaimen commented Nov 28, 2025
View reviewed changes
Containers/nextcloud/entrypoint.sh
echo "" >> "$CERTIFICATE_BUNDLE"

# Check if variable is a simple switch. For example used by postgres and mysql tls connections
if [ "${!certificate}" != "yes" ]; then
Copy link
Collaborator Author

@szaimen szaimen Nov 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should grep foe begin and end certificate

Copy link
Collaborator Author

@szaimen szaimen Dec 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should probably grep for BEGIN CERTIFICATE and END CERTIFICATE

Base automatically changed from enh/noid/allow-configure-mysql-root-cert to main December 3, 2025 11:43
@szaimen szaimen modified the milestones: v12.2.0, next Dec 3, 2025
@szaimen szaimen mentioned this pull request Dec 3, 2025
Open
22 tasks
szaimen
szaimen commented Dec 3, 2025
View reviewed changes
szaimen
szaimen commented Dec 5, 2025
View reviewed changes
Containers/nextcloud/entrypoint.sh
fi
}

create_global_root_cert() {
Copy link
Collaborator Author

@szaimen szaimen Dec 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the certs should only be written out once at container start if possible and not multiple times

szaimen
szaimen commented Dec 5, 2025
View reviewed changes
Containers/nextcloud/entrypoint.sh

# Default vars
CERTIFICATES_ROOT_DIR="/var/www/html/data/certificates"
CERTIFICATE_BUNDLE="/var/www/html/resources/config/ca-bundle.crt"
Copy link
Collaborator Author

@szaimen szaimen Dec 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should use a different path now that we can specify one

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

2. developing Work in progress enhancement New feature or request

Projects

None yet

Milestone

next

Development

Successfully merging this pull request may close these issues.

2 participants

@szaimen