feat: replace Nginx/SSL checks with Caddy/TLS checks in preflight.sh

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-01 10:34:28 -05:00
parent f46773a264
commit 734bfa8b3a
1 changed files with 20 additions and 30 deletions
--- a/preflight.sh
+++ b/preflight.sh
@@ -251,7 +251,7 @@ REQUIRED_VARS=(
  GITHUB_USERNAME GITHUB_TOKEN
  REPO_NAMES
  RUNNER_DEFAULT_IMAGE RUNNER_DATA_BASE_PATH LOCAL_RUNNER_DATA_BASE_PATH
-  NGINX_CONTAINER_NAME NGINX_CONF_PATH SSL_MODE
+  TLS_MODE CADDY_DOMAIN CADDY_DATA_PATH
 )
 # shellcheck disable=SC2329
@@ -274,28 +274,28 @@ check_required_vars() {
    done
  fi
-  # SSL vars are conditional on SSL_MODE:
+  # TLS vars are conditional on TLS_MODE:
-  # - letsencrypt => SSL_EMAIL is required
+  # - cloudflare => CLOUDFLARE_API_TOKEN is required
  # - existing   => SSL_CERT_PATH + SSL_KEY_PATH are required
-  case "${SSL_MODE:-}" in
+  case "${TLS_MODE:-}" in
-    letsencrypt)
+    cloudflare)
-      if [[ -z "${SSL_EMAIL:-}" ]]; then
+      if [[ -z "${CLOUDFLARE_API_TOKEN:-}" ]]; then
-        log_error "  → Missing required var: SSL_EMAIL (required when SSL_MODE=letsencrypt)"
+        log_error "  → Missing required var: CLOUDFLARE_API_TOKEN (required when TLS_MODE=cloudflare)"
        missing=1
      fi
      ;;
    existing)
      if [[ -z "${SSL_CERT_PATH:-}" ]]; then
-        log_error "  → Missing required var: SSL_CERT_PATH (required when SSL_MODE=existing)"
+        log_error "  → Missing required var: SSL_CERT_PATH (required when TLS_MODE=existing)"
        missing=1
      fi
      if [[ -z "${SSL_KEY_PATH:-}" ]]; then
-        log_error "  → Missing required var: SSL_KEY_PATH (required when SSL_MODE=existing)"
+        log_error "  → Missing required var: SSL_KEY_PATH (required when TLS_MODE=existing)"
        missing=1
      fi
      ;;
    *)
-      log_error "  → Invalid SSL_MODE='${SSL_MODE:-<empty>}' (must be 'letsencrypt' or 'existing')"
+      log_error "  → Invalid TLS_MODE='${TLS_MODE:-<empty>}' (must be 'cloudflare' or 'existing')"
      missing=1
      ;;
  esac
@@ -474,27 +474,17 @@ check_github_repos() {
 check 17 "All GitHub repos exist" check_github_repos
 # ---------------------------------------------------------------------------
-# Check 18: Nginx running on Unraid
+# Check 18: Caddy data path writable on Unraid
 # ---------------------------------------------------------------------------
-check_nginx() {
+check_caddy_path() {
-  local status
+  local caddy_parent
-  status=$(ssh_exec UNRAID "docker ps --filter name=${NGINX_CONTAINER_NAME:-nginx} --format '{{.Status}}'" 2>/dev/null)
+  caddy_parent=$(dirname "${CADDY_DATA_PATH:-/nonexistent}")
-  [[ "$status" == *"Up"* ]]
+  ssh_exec UNRAID "test -d '${CADDY_DATA_PATH}' && test -w '${CADDY_DATA_PATH}'" 2>/dev/null \
    || ssh_exec UNRAID "test -w '${caddy_parent}'" 2>/dev/null
 }
-check 18 "Nginx container '${NGINX_CONTAINER_NAME:-<not set>}' running on Unraid" check_nginx
+check 18 "Caddy data path writable (${CADDY_DATA_PATH:-<not set>})" check_caddy_path
-if ! check_nginx 2>/dev/null; then
+if ! check_caddy_path 2>/dev/null; then
-  log_error "  → Nginx container '${NGINX_CONTAINER_NAME:-}' not running on Unraid."
+  log_error "  → Caddy data path ${CADDY_DATA_PATH:-} not writable on Unraid (or parent dir doesn't exist)."
 fi
 # ---------------------------------------------------------------------------
 # Check 19: Nginx conf dir writable
 # ---------------------------------------------------------------------------
 check_nginx_conf() {
  ssh_exec UNRAID "test -w '${NGINX_CONF_PATH:-/nonexistent}'" 2>/dev/null
 }
 check 19 "Nginx config path writable (${NGINX_CONF_PATH:-<not set>})" check_nginx_conf
 if ! check_nginx_conf 2>/dev/null; then
  log_error "  → Nginx config path ${NGINX_CONF_PATH:-} not writable on Unraid."
 fi
 # ---------------------------------------------------------------------------