fix: healthcheck respects TLS_ENABLED at runtime
When TLS_ENABLED=false (e.g. behind a reverse proxy) the healthcheck
was still hitting https://localhost which fails on plain HTTP, keeping
the container perpetually in 'starting' state on TrueNAS SCALE.
Use a shell conditional so the correct protocol is used at runtime:
- TLS_ENABLED=false -> wget http://localhost:${PORT}/health
- TLS_ENABLED=true (default) -> wget --no-check-certificate https://...
This commit is contained in:
@@ -47,9 +47,9 @@ services:
|
||||
- ALL # drop all Linux capabilities
|
||||
cap_add: [] # add back none — Node.js needs no special caps
|
||||
healthcheck:
|
||||
# Uses --no-check-certificate for self-signed / snakeoil certs.
|
||||
# Remove that flag if using a CA-signed certificate.
|
||||
test: ["CMD", "wget", "-qO-", "--no-check-certificate", "https://localhost:3001/health"]
|
||||
# Respects TLS_ENABLED: uses http when set to false, https otherwise.
|
||||
# --no-check-certificate handles self-signed / snakeoil certs.
|
||||
test: ["CMD", "/bin/sh", "-c", "[ \"${TLS_ENABLED:-true}\" = \"false\" ] && wget -qO- http://localhost:${PORT:-3001}/health || wget -qO- --no-check-certificate https://localhost:${PORT:-3001}/health"]
|
||||
interval: 30s
|
||||
timeout: 5s
|
||||
retries: 3
|
||||
|
||||
Reference in New Issue
Block a user