33 lines
658 B
Bash
33 lines
658 B
Bash
#!/bin/sh
|
|
set -e
|
|
|
|
# Source Vault-rendered environment if available
|
|
if [ -f /vault/secrets/.env ]; then
|
|
echo "Loading environment from Vault..."
|
|
set -a
|
|
. /vault/secrets/.env
|
|
set +a
|
|
fi
|
|
|
|
# Start the application in background
|
|
/app/nexus &
|
|
APP_PID=$!
|
|
|
|
# Write PID for Vault Agent to signal on credential rotation
|
|
# Use shared volume so vault-agent can read it
|
|
echo $APP_PID > /vault/secrets/nexus.pid
|
|
echo "Nexus started with PID $APP_PID"
|
|
|
|
# Forward signals to the app
|
|
trap "kill -TERM $APP_PID" TERM INT
|
|
trap "kill -HUP $APP_PID" HUP
|
|
|
|
# Wait for app to exit
|
|
wait $APP_PID
|
|
EXIT_CODE=$?
|
|
|
|
# Clean up
|
|
rm -f /vault/secrets/nexus.pid
|
|
|
|
exit $EXIT_CODE
|