From db2f3e95e1735a03327fe26635a23c20bd383fd4 Mon Sep 17 00:00:00 2001 From: tangowithfoxtrot <5676771+tangowithfoxtrot@users.noreply.github.com> Date: Thu, 6 Mar 2025 06:50:30 -0800 Subject: [PATCH] fix: rm redundant copy to avoid permission errors for non-"app" user --- bitwarden_license/src/Scim/entrypoint.sh | 13 +++---------- bitwarden_license/src/Sso/entrypoint.sh | 13 +++---------- src/Identity/entrypoint.sh | 13 +++---------- 3 files changed, 9 insertions(+), 30 deletions(-) diff --git a/bitwarden_license/src/Scim/entrypoint.sh b/bitwarden_license/src/Scim/entrypoint.sh index 41dfbd91ed..84b2a5f2a2 100644 --- a/bitwarden_license/src/Scim/entrypoint.sh +++ b/bitwarden_license/src/Scim/entrypoint.sh @@ -59,16 +59,9 @@ if [[ -f "/etc/bitwarden/kerberos/bitwarden.keytab" && -f "/etc/bitwarden/kerber fi if [[ $globalSettings__selfHosted == "true" ]]; then - cp /etc/bitwarden/identity/identity.pfx /app/identity.pfx || \ - { - # infer a non-root location for the certificate - if [[ -z $globalSettings__identityServer__certificateLocation ]]; then - export globalSettings__identityServer__certificateLocation=/home/app/config/identity.pfx - fi - # copy the certificate to the non-root location to avoid permission issues - mkdir -p "$(dirname "$globalSettings__identityServer__certificateLocation")" - cp /etc/bitwarden/identity/identity.pfx "$globalSettings__identityServer__certificateLocation" - } + if [[ -z $globalSettings__identityServer__certificateLocation ]]; then + export globalSettings__identityServer__certificateLocation=/etc/bitwarden/identity/identity.pfx + fi fi exec $gosu_cmd /app/"${PROJECT_NAME}" diff --git a/bitwarden_license/src/Sso/entrypoint.sh b/bitwarden_license/src/Sso/entrypoint.sh index d5dd25918f..fced09bf7c 100644 --- a/bitwarden_license/src/Sso/entrypoint.sh +++ b/bitwarden_license/src/Sso/entrypoint.sh @@ -59,16 +59,9 @@ if [[ -f "/etc/bitwarden/kerberos/bitwarden.keytab" && -f "/etc/bitwarden/kerber fi if [[ $globalSettings__selfHosted == "true" ]]; then - cp /etc/bitwarden/identity/identity.pfx /app/identity.pfx || \ - { - # infer a non-root location for the certificate - if [[ -z $globalSettings__identityServer__certificateLocation ]]; then - export globalSettings__identityServer__certificateLocation=/home/app/config/identity.pfx - fi - # copy the certificate to the non-root location to avoid permission issues - mkdir -p "$(dirname "$globalSettings__identityServer__certificateLocation")" - cp /etc/bitwarden/identity/identity.pfx "$globalSettings__identityServer__certificateLocation" - } + if [[ -z $globalSettings__identityServer__certificateLocation ]]; then + export globalSettings__identityServer__certificateLocation=/etc/bitwarden/identity/identity.pfx + fi fi exec $gosu_cmd /app/"${PROJECT_NAME}" diff --git a/src/Identity/entrypoint.sh b/src/Identity/entrypoint.sh index 62507d3fff..4534af57e9 100644 --- a/src/Identity/entrypoint.sh +++ b/src/Identity/entrypoint.sh @@ -59,16 +59,9 @@ if [[ -f "/etc/bitwarden/kerberos/bitwarden.keytab" && -f "/etc/bitwarden/kerber fi if [[ $globalSettings__selfHosted == "true" ]]; then - cp /etc/bitwarden/identity/identity.pfx /app/identity.pfx || \ - { - # infer a non-root location for the certificate - if [[ -z $globalSettings__identityServer__certificateLocation ]]; then - export globalSettings__identityServer__certificateLocation=/home/app/config/identity.pfx - fi - # copy the certificate to the non-root location to avoid permission issues - mkdir -p "$(dirname "$globalSettings__identityServer__certificateLocation")" - cp /etc/bitwarden/identity/identity.pfx "$globalSettings__identityServer__certificateLocation" - } + if [[ -z $globalSettings__identityServer__certificateLocation ]]; then + export globalSettings__identityServer__certificateLocation=/etc/bitwarden/identity/identity.pfx + fi fi exec $gosu_cmd /app/"${PROJECT_NAME}"