fix(service): documenso signees always pending (#6334)

2025-08-11 09:03:13 -04:00
parent d53e493dcc
commit fde4dbd911
1 changed files with 59 additions and 0 deletions
--- a/templates/compose/documenso.yaml
+++ b/templates/compose/documenso.yaml
@@ -26,6 +26,16 @@ services:
      - NEXT_PRIVATE_SMTP_FROM_ADDRESS=${NEXT_PRIVATE_SMTP_FROM_ADDRESS}
      - NEXT_PRIVATE_DATABASE_URL=postgresql://${SERVICE_USER_POSTGRES}:${SERVICE_PASSWORD_POSTGRES}@database/${POSTGRES_DB:-documenso-db}?schema=public
      - NEXT_PRIVATE_DIRECT_DATABASE_URL=postgresql://${SERVICE_USER_POSTGRES}:${SERVICE_PASSWORD_POSTGRES}@database/${POSTGRES_DB:-documenso-db}?schema=public
+      - NEXT_PRIVATE_SIGNING_LOCAL_FILE_PATH=/app/apps/remix/certs/certificate.p12
+      - NEXT_PRIVATE_SIGNING_PASSPHRASE=${SERVICE_PASSWORD_DOCUMENSO}
+      - CERT_VALID_DAYS=${CERT_VALID_DAYS:-365}
+      - CERT_INFO_COUNTRY_NAME=${CERT_INFO_COUNTRY_NAME:-DO}
+      - CERT_INFO_STATE_OR_PROVIDENCE=${CERT_INFO_STATE_OR_PROVIDENCE:-Santiago}
+      - CERT_INFO_LOCALITY_NAME=${CERT_INFO_LOCALITY_NAME:-Santiago}
+      - CERT_INFO_ORGANIZATION_NAME=${CERT_INFO_ORGANIZATION_NAME:-Example INC}
+      - CERT_INFO_ORGANIZATIONAL_UNIT=${CERT_INFO_ORGANIZATIONAL_UNIT:-IT Department}
+      - CERT_INFO_EMAIL=${CERT_INFO_EMAIL:-example@gmail.com}
+      - NEXT_PUBLIC_DISABLE_SIGNUP=${DISABLE_LOGIN:-false}
    healthcheck:
      test:
        - CMD-SHELL
@@ -33,6 +43,55 @@ services:
      interval: 2s
      timeout: 10s
      retries: 20
+    entrypoint:
+      - /bin/sh
+      - -c
+      - |
+        echo "./certs" > /tmp/certs_dir_path
+        echo "./make-certs.sh" > /tmp/cert_script_path
+        echo "${SERVICE_PASSWORD_DOCUMENSO}" > /tmp/cert_pass
+
+        touch /tmp/cert_info_path
+        cat <<EOF > /tmp/cert_info_path
+        [ req ]
+        distinguished_name = req_distinguished_name
+        prompt = no
+        [ req_distinguished_name ]
+        C            = ${CERT_INFO_COUNTRY_NAME}
+        ST           = ${CERT_INFO_STATE_OR_PROVIDENCE}
+        L            = ${CERT_INFO_LOCALITY_NAME}
+        O            = ${CERT_INFO_ORGANIZATION_NAME}
+        OU           = ${CERT_INFO_ORGANIZATIONAL_UNIT}
+        CN           = ${SERVICE_FQDN_DOCUMENSO}
+        emailAddress = ${CERT_INFO_EMAIL}
+        EOF
+
+        cat <<EOF > "$(cat /tmp/cert_script_path)"
+        mkdir -p "$(cat /tmp/certs_dir_path)" && cd "$(cat /tmp/certs_dir_path)"
+
+        openssl genrsa -out private.key 2048
+
+        openssl req \
+          -new \
+          -x509 \
+          -key private.key \
+          -out certificate.crt \
+          -days ${CERT_VALID_DAYS} \
+          -config /tmp/cert_info_path
+
+        openssl pkcs12 \
+          -export \
+          -out certificate.p12 \
+          -inkey private.key \
+          -in certificate.crt \
+          -legacy \
+          -password file:/tmp/cert_pass
+        EOF
+        chmod +x "$(cat /tmp/cert_script_path)"
+
+        sh "$(cat /tmp/cert_script_path)"
+
+        ./start.sh

  database:
    image: postgres:17