murmur
murmur copied to clipboard
Allow users to set CERTDIR as an environment variable
Reporting bugs/issues
-
When reporting a bug/issue:
- Ensure that you are using the latest release. true
- Revert any custom modifications or environment varibles to insure they're not the cause. true
-
Please provide the following information:
- OS/distribution version (command for your OS may differ):
user@host:~$ lsb_release -a No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux 9.8 (stretch) Release: 9.8 Codename: stretch
- Docker version:
user@host:~$ docker --version Docker version 18.09.5, build e8ff056dbc
- Labels from container:
user@host:~$ docker inspect goofball222/murmur:<tagname> ... "Labels": { "org.label-schema.build-date": "2019-04-01T02:00:28Z", "org.label-schema.license": "Apache-2.0", "org.label-schema.name": "Murmur Server", "org.label-schema.schema-version": "1.0", "org.label-schema.url": "https://github.com/goofball222/murmur", "org.label-schema.vcs-ref": "107157b", "org.label-schema.vcs-url": "https://github.com/goofball222/murmur.git", "org.label-schema.vendor": "The Goofball - [email protected]", "org.label-schema.version": "1.2.19" } ...
- Details on how to reproduce the trouble, if available:
I want to use some Let's Encrypt certs for this service. I mount them in readonly mode and I only mount the ones needed for the murmur server domain. When mounted on /opt/murmur/cert, the chown fails because it's a readonly filesystem. The certificates shouldn't be modified, not even the permissions, because murmur just needs to be able to read them.
A possible solution would be allowing the user to set the CERTDIR environment variable to somwhere outside of /opt/murmur and mount the certificates there. Then, you could run the image like this:
/usr/bin/docker run --rm --name "murmur" \
-e 'PUID=1000' -e 'PGID=1000' \
-e "CERTDIR=/etc/letsencrypt/live/[domain]" \
-v "/data/murmur/conf":/opt/murmur/config \
-v "/data/murmur/data":/opt/murmur/data \
-v "/data/murmur/log":/opt/murmur/log \
-v '/etc/localtime:/etc/localtime:ro' \
-v /etc/letsencrypt/live/[domain]:/etc/letsencrypt/live/[domain]/:ro \
-v /etc/letsencrypt/archive/[domain]:/etc/letsencrypt/archive/[domain]/:ro \
-p "64738:64738/tcp" \
-p "64738:64738/udp" \
"goofball222/murmur:latest"
Note mounting live and archive is needed for the symlinks to work, a simpler approach would be to just mount the whole /etc/letsencrypt directory.