dennii/Termix
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases 22 Wiki Activity

Fix docker build error and SSL regeneration

Browse Source
This commit is contained in:
LukeGus
2025-09-28 01:42:50 -05:00
parent e2146cdfbf
commit cfa7c26c49
6 changed files with 76 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docker/Dockerfile
View File

@@ -9,6 +9,7 @@ COPY package*.json ./
ENV npm_config_target_platform=linux
ENV npm_config_target_arch=x64
ENV npm_config_target_libc=glibc
ENV NODE_OPTIONS="--max-old-space-size=4096"
RUN npm ci --force --ignore-scripts && \
npm cache clean --force
@@ -19,7 +20,11 @@ WORKDIR /app
COPY . .
ENV NODE_OPTIONS="--max-old-space-size=4096"
ENV NODE_ENV=production
RUN npm run build
RUN npm run build:types
# Stage 3: Build backend TypeScript
FROM deps AS backend-builder
@@ -30,6 +35,8 @@ COPY . .
ENV npm_config_target_platform=linux
ENV npm_config_target_arch=x64
ENV npm_config_target_libc=glibc
ENV NODE_OPTIONS="--max-old-space-size=4096"
ENV NODE_ENV=production
RUN npm rebuild better-sqlite3 --force
@@ -46,6 +53,7 @@ COPY package*.json ./
ENV npm_config_target_platform=linux
ENV npm_config_target_arch=x64
ENV npm_config_target_libc=glibc
ENV NODE_OPTIONS="--max-old-space-size=4096"
RUN npm ci --only=production --ignore-scripts --force && \
npm rebuild better-sqlite3 bcryptjs --force && \

41
docker/entrypoint.sh
View File

@@ -25,15 +25,33 @@ chown -R node:node /app/data
chmod 755 /app/data
if [ "$ENABLE_SSL" = "true" ]; then
echo "Generating SSL certificates..."
echo "Checking SSL certificate configuration..."
mkdir -p /app/data/ssl
chown -R node:node /app/data/ssl
chmod 755 /app/data/ssl
DOMAIN=${SSL_DOMAIN:-localhost}
echo "Generating certificate for domain: $DOMAIN"
# Check if certificates already exist and are valid
if [ -f "/app/data/ssl/termix.crt" ] && [ -f "/app/data/ssl/termix.key" ]; then
echo "SSL certificates found, checking validity..."
# Check if certificate is still valid (not expired within 30 days)
if openssl x509 -in /app/data/ssl/termix.crt -checkend 2592000 -noout >/dev/null 2>&1; then
echo "SSL certificates are valid and will be reused for domain: $DOMAIN"
else
echo "SSL certificate is expired or expiring soon, regenerating..."
rm -f /app/data/ssl/termix.crt /app/data/ssl/termix.key
fi
else
echo "SSL certificates not found, will generate new ones..."
fi
# Generate certificates only if they don't exist or are invalid
if [ ! -f "/app/data/ssl/termix.crt" ] || [ ! -f "/app/data/ssl/termix.key" ]; then
echo "Generating SSL certificates for domain: $DOMAIN"
cat > /app/data/ssl/openssl.conf << EOF
cat > /app/data/ssl/openssl.conf << EOF
[req]
default_bits = 2048
prompt = no
@@ -62,17 +80,18 @@ IP.1 = 127.0.0.1
IP.2 = ::1
EOF
openssl genrsa -out /app/data/ssl/termix.key 2048
openssl genrsa -out /app/data/ssl/termix.key 2048
openssl req -new -x509 -key /app/data/ssl/termix.key -out /app/data/ssl/termix.crt -days 365 -config /app/data/ssl/openssl.conf -extensions v3_req
openssl req -new -x509 -key /app/data/ssl/termix.key -out /app/data/ssl/termix.crt -days 365 -config /app/data/ssl/openssl.conf -extensions v3_req
chmod 600 /app/data/ssl/termix.key
chmod 644 /app/data/ssl/termix.crt
chown node:node /app/data/ssl/termix.key /app/data/ssl/termix.crt
chmod 600 /app/data/ssl/termix.key
chmod 644 /app/data/ssl/termix.crt
chown node:node /app/data/ssl/termix.key /app/data/ssl/termix.crt
rm -f /app/data/ssl/openssl.conf
echo "SSL certificates generated successfully for domain: $DOMAIN"
rm -f /app/data/ssl/openssl.conf
echo "SSL certificates generated successfully for domain: $DOMAIN"
fi
fi
echo "Starting nginx..."

4
package.json
View File

@@ -10,7 +10,9 @@
"clean": "npx prettier . --write",
"dev": "vite",
"dev:https": "cross-env VITE_HTTPS=true vite",
"build": "vite build && tsc -p tsconfig.node.json",
"build": "vite build",
"build:types": "tsc -p tsconfig.node.json",
"build:full": "npm run build && npm run build:types",
"build:backend": "tsc -p tsconfig.node.json",
"dev:backend": "tsc -p tsconfig.node.json && node ./dist/backend/backend/starter.js",
"start": "npm run build:backend && node ./dist/backend/backend/starter.js",

24
src/backend/utils/auto-ssl-setup.ts
View File

@@ -30,12 +30,30 @@ export class AutoSSLSetup {
try {
if (await this.isSSLConfigured()) {
await this.logCertificateInfo();
await this.setupEnvironmentVariables();
return;
}
await this.generateSSLCertificates();
await this.setupEnvironmentVariables();
// In Docker, certificates might be generated by entrypoint script
// Check if they exist but weren't detected by isSSLConfigured
try {
await fs.access(this.CERT_FILE);
await fs.access(this.KEY_FILE);
systemLogger.info("SSL certificates found from entrypoint script", {
operation: "ssl_cert_found_entrypoint",
cert_path: this.CERT_FILE,
key_path: this.KEY_FILE,
});
await this.logCertificateInfo();
await this.setupEnvironmentVariables();
return;
} catch {
// Certificates don't exist, generate them
await this.generateSSLCertificates();
await this.setupEnvironmentVariables();
}
} catch (error) {
systemLogger.error("Failed to initialize SSL configuration", error, {
operation: "ssl_auto_init_failed",

19
src/ui/Desktop/Homepage/HomepageAuth.tsx
View File

@@ -222,9 +222,8 @@ export function HomepageAuth({
setTotpCode("");
setTotpTempToken("");
} catch (err: any) {
toast.error(
err?.response?.data?.error || err?.message || t("errors.unknownError"),
);
const errorMessage = err?.response?.data?.error || err?.message || t("errors.unknownError");
toast.error(errorMessage);
setInternalLoggedIn(false);
setLoggedIn(false);
setIsAdmin(false);
@@ -371,11 +370,8 @@ export function HomepageAuth({
setTotpTempToken("");
toast.success(t("messages.loginSuccess"));
} catch (err: any) {
toast.error(
err?.response?.data?.error ||
err?.message ||
t("errors.invalidTotpCode"),
);
const errorMessage = err?.response?.data?.error || err?.message || t("errors.invalidTotpCode");
toast.error(errorMessage);
} finally {
setTotpLoading(false);
}
@@ -394,11 +390,8 @@ export function HomepageAuth({
window.location.replace(authUrl);
} catch (err: any) {
toast.error(
err?.response?.data?.error ||
err?.message ||
t("errors.failedOidcLogin"),
);
const errorMessage = err?.response?.data?.error || err?.message || t("errors.failedOidcLogin");
toast.error(errorMessage);
setOidcLoading(false);
}
}

23
src/ui/Mobile/Homepage/HomepageAuth.tsx
View File

@@ -204,9 +204,8 @@ export function HomepageAuth({
setTotpCode("");
setTotpTempToken("");
} catch (err: any) {
toast.error(
err?.response?.data?.error || err?.message || t("errors.unknownError"),
);
const errorMessage = err?.response?.data?.error || err?.message || t("errors.unknownError");
toast.error(errorMessage);
setInternalLoggedIn(false);
setLoggedIn(false);
setIsAdmin(false);
@@ -347,11 +346,8 @@ export function HomepageAuth({
setTotpTempToken("");
toast.success(t("messages.loginSuccess"));
} catch (err: any) {
toast.error(
err?.response?.data?.error ||
err?.message ||
t("errors.invalidTotpCode"),
);
const errorMessage = err?.response?.data?.error || err?.message || t("errors.invalidTotpCode");
toast.error(errorMessage);
} finally {
setTotpLoading(false);
}
@@ -370,11 +366,8 @@ export function HomepageAuth({
window.location.replace(authUrl);
} catch (err: any) {
toast.error(
err?.response?.data?.error ||
err?.message ||
t("errors.failedOidcLogin"),
);
const errorMessage = err?.response?.data?.error || err?.message || t("errors.failedOidcLogin");
toast.error(errorMessage);
setOidcLoading(false);
}
}
@@ -402,12 +395,12 @@ export function HomepageAuth({
setLoggedIn(true);
setIsAdmin(!!meRes.is_admin);
setUsername(meRes.username || null);
setUserId(meRes.id || null);
setUserId(meRes.userId || null);
setDbError(null);
onAuthSuccess({
isAdmin: !!meRes.is_admin,
username: meRes.username || null,
userId: meRes.id || null,
userId: meRes.userId || null,
});
setInternalLoggedIn(true);
window.history.replaceState(