renewer certbot certs after launch/load env from file/listen on socket/disable http in AIO mode

Signed-off-by: Zoey <zoey@z0ey.de>

rootfs/bin/cbr.sh

@@ -0,0 +1,4 @@
+#!/bin/sh
+
+while [ "$(healthcheck.sh)" != "OK" ]; do sleep 10s; done
+certbot --logs-dir /tmp/certbot-log --work-dir /tmp/certbot-work --config-dir /data/tls/certbot renew --quiet --config "/data/tls/certbot/config.ini" --preferred-challenges "dns,http" --no-random-sleep-on-renew

rootfs/bin/launch.sh

@@ -38,5 +38,6 @@ fi
 
 if [ "$PHP81" = "true" ]; then PHP_INI_SCAN_DIR=/data/php/81/conf.d php-fpm81 -c /data/php/81 -y /data/php/81/php-fpm.conf -FOR; fi &
 if [ "$PHP82" = "true" ]; then PHP_INI_SCAN_DIR=/data/php/82/conf.d php-fpm82 -c /data/php/82 -y /data/php/82/php-fpm.conf -FOR; fi &
+cbr.sh &
 aio.sh &
 index.js

rootfs/bin/start.sh

@@ -15,6 +15,10 @@ if [ ! -d /data ]; then
 fi
 
 
+touch /data/.env
+. /data/.env
+
+
 if [ -z "$TZ" ] || ! echo "$TZ" | grep -q "^[A-Za-z/]\+$"; then
     echo "TZ is unset or invalid."
     sleep inf
@@ -138,11 +142,16 @@ if [ "$PGID" != "0" ] && [ "$PUID" = "0" ]; then
 fi
 
 
+if [ "$NC_AIO" = "true" ]; then
+    export DISABLE_HTTP="true"
+fi
+
 if [ "$NPM_LISTEN_LOCALHOST" = "true" ]; then
     export NPM_IPV4_BINDING="127.0.0.1"
     export NPM_IPV6_BINDING="[::1]"
 fi
 
+
 if [ "$PHP81" = "true" ] || [ "$PHP82" = "true" ]; then
     apk add --no-cache fcgi
 fi

rootfs/usr/local/nginx/conf/conf.d/include/default.conf

@@ -2,6 +2,8 @@
 # Default Site
 # ------------------------------------------------------------
 server {
+    listen unix:/run/nginx.sock default_server;
+
     listen 80 default_server;
     listen [::]:80 default_server;
 

rootfs/usr/local/nginx/conf/conf.d/no-server-name.conf

@@ -1,4 +1,6 @@
 server {
+    listen unix:/run/nginx.sock;
+
     listen 80;
     listen [::]:80;