18 lines
682 B
Bash
18 lines
682 B
Bash
#!/bin/sh
|
|
# Copy host-mounted SSH key with correct ownership before dropping to appuser
|
|
if [ -f /tmp/host-ssh-key ]; then
|
|
cp /tmp/host-ssh-key /home/appuser/.ssh/id_ed25519
|
|
chmod 600 /home/appuser/.ssh/id_ed25519
|
|
chown appuser:appuser /home/appuser/.ssh/id_ed25519
|
|
fi
|
|
|
|
# Route host-local IPs through Docker gateway (for IPs bound to host NICs)
|
|
# 14.215.128.96 is on the host's enp5s0 NIC, unreachable via default Docker NAT
|
|
GATEWAY=$(ip route | awk '/default/ {print $3}')
|
|
if [ -n "$GATEWAY" ]; then
|
|
ip route add 14.215.128.96/32 via "$GATEWAY" 2>/dev/null || true
|
|
fi
|
|
|
|
# Drop privileges and start the service
|
|
exec su-exec appuser node dist/services/${SERVICE_NAME}/src/main
|