mozempk/trueref
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
763074040376fed74795ce49f1126ad45a7a247c
trueref/docker-entrypoint.sh
Giancarmine Salucci fef6f66930 wip(TRUEREF-0018): commit version-scoped indexing work
2026-03-25 19:03:22 +01:00

65 lines
2.5 KiB
Bash
Raw Blame History

#!/bin/sh
set -e
# ---------------------------------------------------------------------------
# 1. Trust corporate CA — must run first
# ---------------------------------------------------------------------------
if [ -f /certs/corp-ca.crt ]; then
echo "[docker-entrypoint] Installing corporate CA certificate..."
if openssl x509 -inform PEM -in /certs/corp-ca.crt -noout 2>/dev/null; then
# PEM format — copy directly
cp /certs/corp-ca.crt /usr/local/share/ca-certificates/corp-ca.crt
else
# DER format — convert to PEM
openssl x509 -inform DER -in /certs/corp-ca.crt \
-out /usr/local/share/ca-certificates/corp-ca.crt
fi
update-ca-certificates 2>/dev/null
fi
# ---------------------------------------------------------------------------
# 2. Fix SSH key permissions (Windows mounts arrive world-readable)
# ---------------------------------------------------------------------------
if [ -d /root/.ssh ]; then
echo "[docker-entrypoint] Fixing SSH key permissions..."
chmod 700 /root/.ssh
chmod 600 /root/.ssh/* 2>/dev/null || true
fi
# ---------------------------------------------------------------------------
# 3. Per-host HTTPS credential helpers
# ---------------------------------------------------------------------------
if [ -n "$GIT_TOKEN_BITBUCKET" ] && [ -n "$BITBUCKET_HOST" ]; then
echo "[docker-entrypoint] Configuring Bitbucket credential helper for ${BITBUCKET_HOST}..."
git config --global \
"credential.https://${BITBUCKET_HOST}.helper" \
"!f() { echo username=x-token-auth; echo password=\$GIT_TOKEN_BITBUCKET; }; f"
fi
if [ -n "$GIT_TOKEN_GITLAB" ] && [ -n "$GITLAB_HOST" ]; then
echo "[docker-entrypoint] Configuring GitLab credential helper for ${GITLAB_HOST}..."
git config --global \
"credential.https://${GITLAB_HOST}.helper" \
"!f() { echo username=oauth2; echo password=\$GIT_TOKEN_GITLAB; }; f"
fi
# ---------------------------------------------------------------------------
# 4. Start requested service
# ---------------------------------------------------------------------------
case "${1:-web}" in
web)
echo "Running database migrations..."
DATABASE_URL="$DATABASE_URL" npx drizzle-kit migrate
echo "Starting TrueRef web app on port ${PORT:-3000}..."
exec node build
;;
mcp)
MCP_PORT="${MCP_PORT:-3001}"
echo "Starting TrueRef MCP HTTP server on port ${MCP_PORT}..."
exec npx tsx src/mcp/index.ts --transport http --port "$MCP_PORT"
;;
*)
exec "$@"
;;
esac
Reference in New Issue View Git Blame Copy Permalink