From 429e11ea49261348b3ffea236c47fced360e90c9 Mon Sep 17 00:00:00 2001
From: Alexandre <44178713+alexbelgium@users.noreply.github.com>
Date: Sat, 2 Sep 2023 11:14:13 +0200
Subject: [PATCH] Update 90-ingress.sh

---
 .../rootfs/etc/cont-init.d/90-ingress.sh      | 60 ++++++++++---------
 1 file changed, 33 insertions(+), 27 deletions(-)

diff --git a/webtop_kde/rootfs/etc/cont-init.d/90-ingress.sh b/webtop_kde/rootfs/etc/cont-init.d/90-ingress.sh
index 7abd4dc69..d84fe80db 100755
--- a/webtop_kde/rootfs/etc/cont-init.d/90-ingress.sh
+++ b/webtop_kde/rootfs/etc/cont-init.d/90-ingress.sh
@@ -1,36 +1,42 @@
 #!/usr/bin/with-contenv bashio
 # shellcheck shell=bash
 
-#################
-# NGINX SETTING #
-#################
-declare port
-declare certfile
-declare ingress_interface
-declare ingress_port
-declare keyfile
+# nginx Path
+NGINX_CONFIG=/etc/nginx/http.d/ingress.conf
 
-port=$(bashio::addon.port 80)
-if bashio::var.has_value "${port}"; then
-    bashio::config.require.ssl
+# user passed env vars
+CPORT="${CUSTOM_PORT:-3000}"
+CHPORT="${CUSTOM_HTTPS_PORT:-3001}"
+CUSER="${CUSTOM_USER:-abc}"
 
-    if bashio::config.true 'ssl'; then
-        certfile=$(bashio::config 'certfile')
-        keyfile=$(bashio::config 'keyfile')
-
-        mv /etc/nginx/servers/direct-ssl.disabled /etc/nginx/servers/direct.conf
-        sed -i "s/%%certfile%%/${certfile}/g" /etc/nginx/servers/direct.conf
-        sed -i "s/%%keyfile%%/${keyfile}/g" /etc/nginx/servers/direct.conf
-
-    else
-        mv /etc/nginx/servers/direct.disabled /etc/nginx/servers/direct.conf
-    fi
+# create self signed cert
+if [ ! -f "/config/ssl/cert.pem" ]; then
+  mkdir -p /config/ssl
+  openssl req -new -x509 \
+    -days 3650 -nodes \
+    -out /config/ssl/cert.pem \
+    -keyout /config/ssl/cert.key \
+    -subj "/C=US/ST=CA/L=Carlsbad/O=Linuxserver.io/OU=LSIO Server/CN=*"
+  chmod 600 /config/ssl/cert.key
+  chown -R abc:abc /config/ssl
 fi
 
-ingress_port=$(bashio::addon.ingress_port)
-ingress_interface=$(bashio::addon.ip_address)
-sed -i "s/%%port%%/${ingress_port}/g" /etc/nginx/servers/ingress.conf
-sed -i "s/%%interface%%/${ingress_interface}/g" /etc/nginx/servers/ingress.conf
+# modify nginx config
+cp /defaults/default.conf ${NGINX_CONFIG}
+sed -i "s/3000/$CPORT/g" ${NGINX_CONFIG}
+sed -i "s/3001/$CHPORT/g" ${NGINX_CONFIG}
+if [ ! -z ${DISABLE_IPV6+x} ]; then
+  sed -i '/listen \[::\]/d' ${NGINX_CONFIG}
+fi
+if [ ! -z ${PASSWORD+x} ]; then
+  printf "${CUSER}:$(openssl passwd -apr1 ${PASSWORD})\n" > /etc/nginx/.htpasswd
+  sed -i 's/#//g' ${NGINX_CONFIG}
+fi
+
+# Add ingress parameters
+sed -i '/server {/a include /etc/nginx/includes/server_params.conf;' ${NGINX_CONFIG}
+sed -i '/server {/a include /etc/nginx/includes/proxy_params.conf;;' ${NGINX_CONFIG}
+sed -i 's|3000 default_server;|%%interface%%:%%port%% default_server;|g' ${NGINX_CONFIG}
 
 # Implement SUBFOLDER value
-sed -i "1a SUBFOLDER=$(bashio::addon.ingress_url)" /etc/s6-overlay/s6-rc.d/svc-autostart/run
+sed -i "1a SUBFOLDER=$(bashio::addon.ingress_url)" /etc/s6-overlay/s6-rc.d/svc-autostart/run || true