percona · BupycHuk · Jan 18, 2024 · Dec 18, 2023 · Dec 20, 2023 · Dec 20, 2023
@@ -3,6 +3,42 @@
 set -o errexit
 
 mkdir -p /srv/nginx
+if [ ! -w "/srv/nginx" ]; then
+    echo "Directory /srv/nginx is not writable";
+    error=false
+    if [ ! -e /srv/nginx/certificate.key ]
+    then
+        echo "The file /srv/nginx/certificate.key does not exist." >&2
+        error=true
+    fi
+
+    if [ ! -e /srv/nginx/certificate.crt ]
+    then
+        echo "The file /srv/nginx/certificate.crt does not exist." >&2
+        error=true
+    fi
+
+    if [ ! -e /srv/nginx/ca-certs.pem ]
+    then
+        echo "The file /srv/nginx/ca-certs.pem does not exist." >&2
+        error=true
+    fi
+
+    if [ ! -e /srv/nginx/dhparam.pem ]
+    then
+        echo "The file /srv/nginx/dhparam.pem does not exist." >&2
+        error=true
+    fi
+
+    if [ "$error" = true ]
+    then
+        echo "Exiting due to missing file(s)." >&2
+        exit 1;
+    else
+        echo "Using existing self-signed certificate.";
+        exit 0;
+    fi
+fi
 
 if [ ! -e /srv/nginx/dhparam.pem ]; then
     cp /etc/nginx/ssl/dhparam.pem /srv/nginx/dhparam.pem
@@ -17,8 +53,8 @@ if [ ! -e /srv/nginx/certificate.conf ]; then
     cp  /etc/nginx/ssl/certificate.conf /srv/nginx/certificate.conf
 fi
 
-if [ ! -e /srv/nginx/certificate.key -o ! -e /srv/nginx/certificate.crt ]; then
-    if [ ! -e /etc/nginx/ssl/certificate.key -o ! -e /etc/nginx/ssl/certificate.crt ]; then
+if [ ! -e /srv/nginx/certificate.key ] || [ ! -e /srv/nginx/certificate.crt ]; then
+    if [ ! -e /etc/nginx/ssl/certificate.key ] || [ ! -e /etc/nginx/ssl/certificate.crt ]; then
         openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
             -keyout /etc/nginx/ssl/certificate.key \
             -out    /etc/nginx/ssl/certificate.crt \