mosskoi/MKs-Docker-Compose
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

oops, forgot I needed a watcher

Browse Source
This commit is contained in:
mk
2026-04-03 16:29:22 -03:00
parent f35867def9
commit f25c76a12a
1 changed files with 12 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
social/prosody/docker-compose.yml
View File

@@ -11,13 +11,20 @@ services:
- ./data:/var/lib/prosody
- ./certs:/etc/prosody/certs
# One-time init: dumps certs from Traefik's acme.json and makes them readable
certs-init:
# Watches Traefik's acme.json and extracts certs into the shared volume
prosody-certs:
image: ldez/traefik-certs-dumper:latest
container_name: prosody-certs-init
restart: "no"
container_name: prosody-certs
restart: unless-stopped
entrypoint: /bin/sh
command: -c "traefik-certs-dumper file --version v2 --source /traefik/acme.json --dest /output && chmod 644 /output/certs/*.crt /output/private/*.key"
command:
- "-c"
- |
printf '#!/bin/sh\nchmod 644 /output/certs/*.crt /output/private/*.key 2>/dev/null\nexit 0\n' > /tmp/on-cert-update.sh &&
chmod +x /tmp/on-cert-update.sh &&
traefik-certs-dumper file --version v2 --source /traefik/acme.json --dest /output &&
chmod 644 /output/certs/*.crt /output/private/*.key &&
exec traefik-certs-dumper file --watch --version v2 --source /traefik/acme.json --dest /output --post-hook /tmp/on-cert-update.sh
volumes:
- ../../tools/wireguard/letsencrypt:/traefik:ro # Change this to cert path if not using same folder structure
- ./certs:/output
@@ -36,8 +43,6 @@ services:
depends_on:
prosody-init:
condition: service_completed_successfully
certs-init:
condition: service_completed_successfully
networks:
traefik_portal: