#!/bin/sh set -e : "${PUID:=1000}" : "${PGID:=1000}" : "${UMASK:=022}" : "${LOG_ROTATE_COUNT:=7}" : "${LOG_ROTATE_SIZE:=10M}" umask ${UMASK} CURRENT_UID=$(id -u nginx) CURRENT_GID=$(id -g nginx) if [ "$PUID" != "$CURRENT_UID" ] || [ "$PGID" != "$CURRENT_GID" ]; then echo "[Entrypoint] Switching Nginx PUID:PGID from $CURRENT_UID:$CURRENT_GID to $PUID:$PGID" sed -i "s/^nginx:x:[0-9]*:/nginx:x:$PGID:/" /etc/group sed -i "s/^nginx:x:[0-9]*:[0-9]*:/nginx:x:$PUID:$PGID:/" /etc/passwd fi if [ ! -f /etc/nginx/nginx.conf ]; then echo "[Entrypoint] Nginx config missing. Restoring defaults..." cp -r /etc/nginx.dist/* /etc/nginx/ fi echo "[Entrypoint] Configuring Logrotate ($LOG_ROTATE_COUNT files, $LOG_ROTATE_SIZE)..." cat < /etc/logrotate.d/nginx-certbot /var/log/nginx/*.log { daily missingok rotate $LOG_ROTATE_COUNT size $LOG_ROTATE_SIZE compress delaycompress notifempty create 0640 nginx nginx sharedscripts postrotate if [ -f /var/run/nginx.pid ]; then kill -USR1 \`cat /var/run/nginx.pid\` fi endscript } /var/log/letsencrypt/*.log { daily missingok rotate $LOG_ROTATE_COUNT size $LOG_ROTATE_SIZE compress delaycompress notifempty } EOF echo "[Entrypoint] Setting permissions for UID $PUID..." mkdir -p /var/www \ /etc/letsencrypt \ /var/log/nginx \ /var/log/letsencrypt \ /var/lib/nginx chown -R nginx:nginx \ /var/www \ /etc/nginx \ /etc/letsencrypt \ /var/log/nginx \ /var/log/letsencrypt \ /var/lib/nginx crond -b -l 8 echo "----------------------------------------------------------------" echo " Nginx Optimized + Certbot Started" echo " User: nginx (UID:${PUID} / GID:${PGID})" echo "----------------------------------------------------------------" echo " [Config Check]: nginx -t" echo " [Reload Nginx]: nginx -s reload" echo " [Certbot SSL]: certbot --nginx -d domain.com -m example@email.com --agree-tos -n" echo "----------------------------------------------------------------" exec "$@"