From 909ef967480a4d5572099f9dbf284349b033a06c Mon Sep 17 00:00:00 2001 From: Tomas <16553087+michnovka@users.noreply.github.com> Date: Fri, 6 Mar 2026 14:42:35 +0100 Subject: [PATCH] Use mountpoint check and add util-linux-misc dependency Address review feedback: use `mountpoint -q` instead of find to detect mounted CA directory, add set -x/+x for debug logging, broaden glob to accept any file extension, and add util-linux-misc package to Dockerfile for the mountpoint command. Signed-off-by: Tomas <16553087+michnovka@users.noreply.github.com> --- Containers/talk/Dockerfile | 3 ++- Containers/talk/start.sh | 6 ++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/Containers/talk/Dockerfile b/Containers/talk/Dockerfile index 6a3b227e..404326dc 100644 --- a/Containers/talk/Dockerfile +++ b/Containers/talk/Dockerfile @@ -70,7 +70,8 @@ RUN set -ex; \ libwebsockets \ \ shadow \ - grep; \ + grep \ + util-linux-misc; \ useradd --system -u 1000 eturnal; \ apk del --no-cache \ shadow; \ diff --git a/Containers/talk/start.sh b/Containers/talk/start.sh index 003e9a89..04e2b9ff 100644 --- a/Containers/talk/start.sh +++ b/Containers/talk/start.sh @@ -21,16 +21,18 @@ fi # Trust additional CA certificates, if the user provided NEXTCLOUD_TRUSTED_CACERTS_DIR # The container is read-only, so we build a custom bundle in /tmp (tmpfs) and # point Go's TLS stack to it via SSL_CERT_FILE. -if [ -n "$(find /usr/local/share/ca-certificates -name '*.crt' -type f 2>/dev/null)" ]; then +if mountpoint -q /usr/local/share/ca-certificates; then echo "Trusting additional CA certificates..." + set -x cp /etc/ssl/certs/ca-certificates.crt /tmp/ca-certificates.crt - for cert in /usr/local/share/ca-certificates/*.crt; do + for cert in /usr/local/share/ca-certificates/*; do if [ -f "$cert" ]; then cat "$cert" >> /tmp/ca-certificates.crt echo " Added: $(basename "$cert")" fi done export SSL_CERT_FILE=/tmp/ca-certificates.crt + set +x fi set -x