dennii/Termix
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases 22 Wiki Activity

Fix docker build and electron SSL

Browse Source
This commit is contained in:
LukeGus
2025-09-28 17:00:05 -05:00
parent 9969d17c57
commit 4b377659f6
4 changed files with 65 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docker/Dockerfile
View File

@@ -11,7 +11,7 @@ ENV npm_config_target_arch=x64
ENV npm_config_target_libc=musl ENV npm_config_target_libc=musl
RUN npm ci --force --ignore-scripts && \ RUN npm ci --force --ignore-scripts && \
npm install @rollup/rollup-linux-x64-musl --force && \ npm install @rollup/rollup-linux-x64-musl @esbuild/linux-x64-musl --force && \
npm cache clean --force npm cache clean --force
# Stage 2: Build frontend # Stage 2: Build frontend
@@ -20,7 +20,7 @@ WORKDIR /app
COPY . . COPY . .
RUN npm install @rollup/rollup-linux-x64-musl --force && \ RUN npm install @rollup/rollup-linux-x64-musl @esbuild/linux-x64-musl --force && \
npm cache clean --force && \ npm cache clean --force && \
npm run build npm run build

1
docker/entrypoint.sh
View File

@@ -75,6 +75,7 @@ DNS.2 = localhost
DNS.3 = 127.0.0.1 DNS.3 = 127.0.0.1
IP.1 = 127.0.0.1 IP.1 = 127.0.0.1
IP.2 = ::1 IP.2 = ::1
IP.3 = 0.0.0.0
EOF EOF
openssl genrsa -out /app/data/ssl/termix.key 2048 openssl genrsa -out /app/data/ssl/termix.key 2048

10
electron/main.cjs
View File

@@ -136,6 +136,8 @@ async function fetchGitHubAPI(endpoint, cacheKey) {
requestOptions.rejectUnauthorized = false; requestOptions.rejectUnauthorized = false;
requestOptions.agent = new https.Agent({ requestOptions.agent = new https.Agent({
rejectUnauthorized: false, rejectUnauthorized: false,
secureProtocol: 'TLSv1_2_method',
checkServerIdentity: () => undefined,
}); });
} }
@@ -303,13 +305,15 @@ ipcMain.handle("test-server-connection", async (event, serverUrl) => {
const requestOptions = { const requestOptions = {
method: options.method || "GET", method: options.method || "GET",
headers: options.headers || {}, headers: options.headers || {},
timeout: options.timeout || 5000, timeout: options.timeout || 10000,
}; };
if (isHttps) { if (isHttps) {
requestOptions.rejectUnauthorized = false; requestOptions.rejectUnauthorized = false;
requestOptions.agent = new https.Agent({ requestOptions.agent = new https.Agent({
rejectUnauthorized: false, rejectUnauthorized: false,
secureProtocol: 'TLSv1_2_method',
checkServerIdentity: () => undefined,
}); });
} }
@@ -347,7 +351,7 @@ ipcMain.handle("test-server-connection", async (event, serverUrl) => {
try { try {
const response = await fetch(healthUrl, { const response = await fetch(healthUrl, {
method: "GET", method: "GET",
timeout: 5000, timeout: 10000,
}); });
if (response.ok) { if (response.ok) {
@@ -393,7 +397,7 @@ ipcMain.handle("test-server-connection", async (event, serverUrl) => {
const versionUrl = `${normalizedServerUrl}/version`; const versionUrl = `${normalizedServerUrl}/version`;
const response = await fetch(versionUrl, { const response = await fetch(versionUrl, {
method: "GET", method: "GET",
timeout: 5000, timeout: 10000,
}); });
if (response.ok) { if (response.ok) {

54
src/backend/utils/auto-ssl-setup.ts
View File

@@ -29,6 +29,7 @@ export class AutoSSLSetup {
try { try {
if (await this.isSSLConfigured()) { if (await this.isSSLConfigured()) {
await this.logCertificateInfo();
await this.setupEnvironmentVariables(); await this.setupEnvironmentVariables();
return; return;
} }
@@ -37,6 +38,13 @@ export class AutoSSLSetup {
await fs.access(this.CERT_FILE); await fs.access(this.CERT_FILE);
await fs.access(this.KEY_FILE); await fs.access(this.KEY_FILE);
systemLogger.info("SSL certificates found from entrypoint script", {
operation: "ssl_cert_found_entrypoint",
cert_path: this.CERT_FILE,
key_path: this.KEY_FILE,
});
await this.logCertificateInfo();
await this.setupEnvironmentVariables(); await this.setupEnvironmentVariables();
return; return;
} catch { } catch {
@@ -132,6 +140,7 @@ DNS.4 = termix.local
DNS.5 = *.termix.local DNS.5 = *.termix.local
IP.1 = 127.0.0.1 IP.1 = 127.0.0.1
IP.2 = ::1 IP.2 = ::1
IP.3 = 0.0.0.0
`.trim(); `.trim();
await fs.writeFile(configFile, opensslConfig); await fs.writeFile(configFile, opensslConfig);
@@ -158,6 +167,8 @@ IP.2 = ::1
key_path: this.KEY_FILE, key_path: this.KEY_FILE,
valid_days: 365, valid_days: 365,
}); });
await this.logCertificateInfo();
} catch (error) { } catch (error) {
throw new Error( throw new Error(
`SSL certificate generation failed: ${error instanceof Error ? error.message : "Unknown error"}`, `SSL certificate generation failed: ${error instanceof Error ? error.message : "Unknown error"}`,
@@ -165,6 +176,49 @@ IP.2 = ::1
} }
} }
private static async logCertificateInfo(): Promise<void> {
try {
const subject = execSync(
`openssl x509 -in "${this.CERT_FILE}" -noout -subject`,
{ stdio: "pipe" },
)
.toString()
.trim();
const issuer = execSync(
`openssl x509 -in "${this.CERT_FILE}" -noout -issuer`,
{ stdio: "pipe" },
)
.toString()
.trim();
const notAfter = execSync(
`openssl x509 -in "${this.CERT_FILE}" -noout -enddate`,
{ stdio: "pipe" },
)
.toString()
.trim();
const notBefore = execSync(
`openssl x509 -in "${this.CERT_FILE}" -noout -startdate`,
{ stdio: "pipe" },
)
.toString()
.trim();
systemLogger.info("SSL Certificate Information:", {
operation: "ssl_cert_info",
subject: subject.replace("subject=", ""),
issuer: issuer.replace("issuer=", ""),
valid_from: notBefore.replace("notBefore=", ""),
valid_until: notAfter.replace("notAfter=", ""),
note: "Certificate will auto-renew 30 days before expiration",
});
} catch (error) {
systemLogger.warn("Could not retrieve certificate information", {
operation: "ssl_cert_info_error",
error: error instanceof Error ? error.message : "Unknown error",
});
}
}
private static async setupEnvironmentVariables(): Promise<void> { private static async setupEnvironmentVariables(): Promise<void> {
const certPath = this.CERT_FILE; const certPath = this.CERT_FILE;
const keyPath = this.KEY_FILE; const keyPath = this.KEY_FILE;