|
|
@ -17,8 +17,8 @@ with open("/etc/resolv.conf") as handle:
|
|
|
|
args["RESOLVER"] = f"[{resolver}]" if ":" in resolver else resolver
|
|
|
|
args["RESOLVER"] = f"[{resolver}]" if ":" in resolver else resolver
|
|
|
|
|
|
|
|
|
|
|
|
# TLS configuration
|
|
|
|
# TLS configuration
|
|
|
|
cert_name = os.getenv("TLS_CERT_FILENAME", default="cert.pem")
|
|
|
|
cert_name = args.get("TLS_CERT_FILENAME", "cert.pem")
|
|
|
|
keypair_name = os.getenv("TLS_KEYPAIR_FILENAME", default="key.pem")
|
|
|
|
keypair_name = args.get("TLS_KEYPAIR_FILENAME", "key.pem")
|
|
|
|
args["TLS"] = {
|
|
|
|
args["TLS"] = {
|
|
|
|
"cert": ("/certs/%s" % cert_name, "/certs/%s" % keypair_name),
|
|
|
|
"cert": ("/certs/%s" % cert_name, "/certs/%s" % keypair_name),
|
|
|
|
"letsencrypt": ("/certs/letsencrypt/live/mailu/nginx-chain.pem",
|
|
|
|
"letsencrypt": ("/certs/letsencrypt/live/mailu/nginx-chain.pem",
|
|
|
@ -36,7 +36,7 @@ def format_for_nginx(fullchain, output):
|
|
|
|
split = '-----END CERTIFICATE-----\n'
|
|
|
|
split = '-----END CERTIFICATE-----\n'
|
|
|
|
with open(fullchain, 'r') as pem:
|
|
|
|
with open(fullchain, 'r') as pem:
|
|
|
|
certs = [f'{cert}{split}' for cert in pem.read().split(split) if cert]
|
|
|
|
certs = [f'{cert}{split}' for cert in pem.read().split(split) if cert]
|
|
|
|
if len(certs)>2 and os.getenv('LETSENCRYPT_SHORTCHAIN'):
|
|
|
|
if len(certs)>2 and args.get('LETSENCRYPT_SHORTCHAIN'):
|
|
|
|
del certs[-1]
|
|
|
|
del certs[-1]
|
|
|
|
with open(output, 'w') as pem:
|
|
|
|
with open(output, 'w') as pem:
|
|
|
|
pem.write(''.join(certs))
|
|
|
|
pem.write(''.join(certs))
|
|
|
|