Add TLS addon and fix startup script configuration issues

CloudronManifest.json

@@ -11,7 +11,8 @@
   "icon": "logo.png",
   "addons": {
     "localstorage": {},
-    "postgresql": {}
+    "postgresql": {},
+    "tls": {}
   },
   "manifestVersion": 2,
   "website": "https://docs.mau.fi/bridges/go/whatsapp/index.html",

start.sh

@@ -23,7 +23,8 @@ BACKUP_PATH="/app/data/config.yaml.bak"
 # Create example config from built-in template
 if [ ! -f "$CONFIG_PATH" ]; then
     echo "=> Generating example configuration"
-    /usr/local/bin/gosu cloudron:cloudron /app/pkg/mautrix-whatsapp -g -c "$CONFIG_PATH" -r "$REGISTRATION_PATH"
+    # Generate config as root first, then fix permissions
+    /app/pkg/mautrix-whatsapp -g -c "$CONFIG_PATH" -r "$REGISTRATION_PATH"
     
     # Configure for Cloudron environment
     if [ -n "${CLOUDRON_POSTGRESQL_URL:-}" ]; then
@@ -65,16 +66,13 @@ fi
 # Final permission fix before starting
 chown -R cloudron:cloudron /app/data
 
-# Create a health check endpoint (run in background)
-mkdir -p /run/health
-echo '#!/bin/bash
-echo "HTTP/1.1 200 OK"
-echo "Content-Type: text/plain"
-echo ""
-echo "OK"' > /run/health/server.sh
-chmod +x /run/health/server.sh
-(cd /run/health && nohup nc -l -p 29318 -e ./server.sh > /dev/null 2>&1) &
+# Configure TLS if certificates are available
+if [ -f "/run/tls/tls.crt" ] && [ -f "/run/tls/tls.key" ]; then
+    echo "=> Configuring TLS certificates"
+    yq eval ".appservice.tls_cert = \"/run/tls/tls.crt\"" -i "$CONFIG_PATH"
+    yq eval ".appservice.tls_key = \"/run/tls/tls.key\"" -i "$CONFIG_PATH"
+fi
 
 # Start the bridge
 echo "=> Starting mautrix-whatsapp bridge"
-exec /usr/local/bin/gosu cloudron:cloudron /app/pkg/mautrix-whatsapp -c "$CONFIG_PATH"
+exec gosu cloudron:cloudron /app/pkg/mautrix-whatsapp -c "$CONFIG_PATH"