From cae2f6ede0709170c61e82e3f13f6170811aff74 Mon Sep 17 00:00:00 2001
From: Pascal Bleser <p.bleser@opencloud.eu>
Date: Tue, 16 Jun 2026 17:16:48 +0200
Subject: [PATCH] groupware: fix the 'opencloud-certs' container to set
 necessary permissions on the files or the opencloud container can't access
 them

---
 devtools/deployments/opencloud_full/opencloud.yml | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/devtools/deployments/opencloud_full/opencloud.yml b/devtools/deployments/opencloud_full/opencloud.yml
index bb900f753d..8d326cac44 100644
--- a/devtools/deployments/opencloud_full/opencloud.yml
+++ b/devtools/deployments/opencloud_full/opencloud.yml
@@ -91,11 +91,18 @@ services:
 
   opencloud-certs:
     image: alpine/openssl:latest
-    command: req -subj '/CN=opencloud.test' -x509 -newkey rsa:4096 -sha256 -days 3650 -batch -nodes -keyout ./certs/ldaps.key -out ./certs/ldaps.crt
+    environment:
+      CERTS: /certs
+    entrypoint: ["/bin/sh", "-c"]
+    command:
+      - |
+        if [ ! -f "$$CERTS/ldaps.key" ]; then
+          mkdir -p "$$CERTS"
+          /usr/bin/openssl req -subj '/CN=opencloud.test' -x509 -newkey rsa:4096 -sha256 -days 3650 -batch -nodes -keyout "$$CERTS/ldaps.key" -out "$$CERTS/ldaps.crt"
+        fi
+        chmod 666 "$$CERTS"/ldaps.*
     volumes:
-      - ./config/opencloud/certs:/certs:rw
-    stdin_open: true
-    tty: true
+      - ./config/opencloud/certs:/certs
 
 volumes:
   opencloud-config: