diff --git a/.gitignore b/.gitignore index a2f1e1b..cea6732 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,4 @@ -# gitignore created on 03/09/23 at 19:49 +# gitignore created on 03/14/23 at 09:10 # Disable reminder in prompt ignoredirmessage diff --git a/Dockerfile b/Dockerfile index 7ffae5d..b872de7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ ARG LICENSE="MIT" ARG IMAGE_NAME="aria2" ARG PHP_SERVER="aria2" -ARG BUILD_DATE="Thu Mar 9 07:49:33 PM EST 2023" +ARG BUILD_DATE="Tue Mar 14 09:10:19 AM EDT 2023" ARG LANGUAGE="en_US.UTF-8" ARG TIMEZONE="America/New_York" ARG WWW_ROOT_DIR="/data/htdocs" @@ -12,14 +12,12 @@ ARG DEFAULT_CONF_DIR="/usr/local/share/template-files/config" ARG DEFAULT_TEMPLATE_DIR="/usr/local/share/template-files/defaults" ARG IMAGE_REPO="alpine" -ARG IMAGE_VERSION="latest" -ARG CONTAINER_VERSION="${IMAGE_VERSION}" +ARG IMAGE_VERSION="edge" +ARG CONTAINER_VERSION="latest" -ARG SERVICE_PORT="6800" -ARG EXPOSE_PORTS="6800" -ARG PHP_VERSION="system" -ARG NODE_VERSION="system" -ARG NODE_MANAGER="system" +ARG SERVICE_PORT="80" +ARG EXPOSE_PORTS="80" +ARG PHP_VERSION="" ARG USER="root" ARG DISTRO_VERSION="${IMAGE_VERSION}" @@ -36,8 +34,6 @@ ARG PHP_SERVER ARG BUILD_DATE ARG SERVICE_PORT ARG EXPOSE_PORTS -ARG NODE_VERSION -ARG NODE_MANAGER ARG BUILD_VERSION ARG WWW_ROOT_DIR ARG DEFAULT_FILE_DIR @@ -46,16 +42,16 @@ ARG DEFAULT_CONF_DIR ARG DEFAULT_TEMPLATE_DIR ARG DISTRO_VERSION ARG PHP_VERSION + ARG ARIANG_VERSION="1.2.4" -ARG PACK_LIST="bash bash-completion git curl wget sudo iproute2 ssmtp openssl jq ca-certificates tzdata mailcap ncurses util-linux pciutils usbutils coreutils binutils findutils grep rsync zip certbot tini \ +ARG PACK_LIST="bash bash-completion git curl wget sudo iproute2 ssmtp openssl jq ca-certificates tzdata mailcap ncurses util-linux pciutils usbutils coreutils binutils findutils grep rsync zip certbot tini certbot py3-pip procps net-tools coreutils sed gawk grep attr findutils readline lsof less curl \ aria2 unzip nginx" ENV ENV=~/.bashrc ENV SHELL="/bin/sh" ENV TZ="${TIMEZONE}" ENV TIMEZONE="${TZ}" -ENV container="docker" ENV LANG="${LANGUAGE}" ENV TERM="xterm-256color" ENV HOSTNAME="casjaysdev-aria2" @@ -74,7 +70,7 @@ RUN set -ex; \ echo "http://dl-cdn.alpinelinux.org/alpine/${DISTRO_VERSION}/main" >>"/etc/apk/repositories"; \ echo "http://dl-cdn.alpinelinux.org/alpine/${DISTRO_VERSION}/community" >>"/etc/apk/repositories"; \ if [ "${DISTRO_VERSION}" = "edge" ]; then echo "http://dl-cdn.alpinelinux.org/alpine/${DISTRO_VERSION}/testing" >>"/etc/apk/repositories" ; fi ; \ - apk update --update-cache && apk add --no-cache ${PACK_LIST} + apk -U upgrade --no-cache && apk add --no-cache ${PACK_LIST} RUN echo "$TIMEZONE" >"/etc/timezone" ; \ echo 'hosts: files dns' >"/etc/nsswitch.conf" ; \ @@ -84,19 +80,21 @@ RUN echo "$TIMEZONE" >"/etc/timezone" ; \ if [ -f "/etc/profile.d/color_prompt.sh.disabled" ]; then mv -f "/etc/profile.d/color_prompt.sh.disabled" "/etc/profile.d/color_prompt.sh"; fi RUN touch "/etc/profile" "/root/.profile" ; \ - [ -f "/etc/bash/bashrc" ] && cp -Rf "/etc/bash/bashrc" "/root/.bashrc" || [ -f "/etc/bashrc" ] && cp -Rf "/etc/bashrc" "/root/.bashrc" ; \ + { [ -f "/etc/bash/bashrc" ] && cp -Rf "/etc/bash/bashrc" "/root/.bashrc" ; } || { [ -f "/etc/bashrc" ] && cp -Rf "/etc/bashrc" "/root/.bashrc" ; } || { [ -f "/etc/bash.bashrc" ] && cp -Rf "/etc/bash.bashrc" "/root/.bashrc" ; }; \ sed -i 's|root:x:.*|root:x:0:0:root:/root:/bin/bash|g' "/etc/passwd" ; \ grep -s -q 'alias quit' "/root/.bashrc" || printf '# Profile\n\n%s\n%s\n%s\n' '. /etc/profile' '. /root/.profile' "alias quit='exit 0 2>/dev/null'" >>"/root/.bashrc" ; \ [ -f "/usr/local/etc/docker/env/default.sample" ] && [ -d "/etc/profile.d" ] && \ cp -Rf "/usr/local/etc/docker/env/default.sample" "/etc/profile.d/container.env.sh" && chmod 755 "/etc/profile.d/container.env.sh" ; \ - BASH_CMD="$(type -P bash)" ; [ -f "$BASH_CMD" ] && rm -rf "/bin/sh" && ln -sf "$BASH_CMD" "/bin/sh" + BASH_CMD="$(type -P bash)" ; [ -f "$BASH_CMD" ] && rm -rf "/bin/sh" && ln -sf "$BASH_CMD" "/bin/sh" ; \ + pip install certbot-dns-rfc2136 RUN set -ex ; \ - curl -q -LSsf "https://github.com/mayswind/AriaNg/releases/download/$ARIANG_VERSION/AriaNg-$ARIANG_VERSION.zip" -o "/tmp/AriaNg-$ARIANG_VERSION.zip" && \ - mkdir -p "/usr/local/share/ariang" && unzip "/tmp/AriaNg-$ARIANG_VERSION.zip" -d "/usr/local/share/ariang" + mkdir -p "/usr/local/share/ariang" ; \ + curl -q -LSsf "https://github.com/mayswind/AriaNg/releases/download/$ARIANG_VERSION/AriaNg-$ARIANG_VERSION.zip" -o "/tmp/AriaNg.zip" && \ + unzip "/tmp/AriaNg.zip" -d "/usr/local/share/ariang" RUN echo 'Running cleanup' ; \ - echo "" + rm -Rf /tmp/AriaNg.zip RUN rm -Rf "/config" "/data" ; \ rm -rf /etc/systemd/system/*.wants/* ; \ @@ -121,8 +119,6 @@ ARG PHP_SERVER ARG BUILD_DATE ARG SERVICE_PORT ARG EXPOSE_PORTS -ARG NODE_VERSION -ARG NODE_MANAGER ARG BUILD_VERSION ARG DEFAULT_DATA_DIR ARG DEFAULT_CONF_DIR @@ -155,7 +151,6 @@ ENV ENV=~/.bashrc ENV SHELL="/bin/bash" ENV TZ="${TIMEZONE}" ENV TIMEZONE="${TZ}" -ENV container="docker" ENV LANG="${LANGUAGE}" ENV TERM="xterm-256color" ENV PORT="${SERVICE_PORT}" @@ -170,8 +165,8 @@ COPY --from=build /. / VOLUME [ "/config","/data" ] -EXPOSE ${EXPOSE_PORTS} +EXPOSE ${ENV_PORTS} -#CMD [ "" ] -ENTRYPOINT [ "tini", "-p", "SIGTERM", "--", "/usr/local/bin/entrypoint.sh" ] +CMD [ "" ] +ENTRYPOINT [ "tini", "--", "/usr/local/bin/entrypoint.sh" ] HEALTHCHECK --start-period=1m --interval=2m --timeout=3s CMD [ "/usr/local/bin/entrypoint.sh", "healthcheck" ] diff --git a/rootfs/usr/local/bin/entrypoint.sh b/rootfs/usr/local/bin/entrypoint.sh index b1f5eb5..b6b041f 100755 --- a/rootfs/usr/local/bin/entrypoint.sh +++ b/rootfs/usr/local/bin/entrypoint.sh @@ -1,13 +1,13 @@ #!/usr/bin/env bash # shellcheck shell=bash # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -##@Version : 202303091949-git +##@Version : 202303102006-git # @@Author : Jason Hempstead # @@Contact : jason@casjaysdev.com # @@License : WTFPL # @@ReadME : entrypoint.sh --help # @@Copyright : Copyright: (c) 2023 Jason Hempstead, Casjays Developments -# @@Created : Thursday, Mar 09, 2023 19:49 EST +# @@Created : Friday, Mar 10, 2023 20:06 EST # @@File : entrypoint.sh # @@Description : entrypoint point for aria2 # @@Changelog : New script @@ -19,11 +19,15 @@ # @@Template : other/docker-entrypoint # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Set bash options +SCRIPT_NAME="$(basename "$0" 2>/dev/null)" [ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # remove whitespaces from beginning argument while :; do [ "$1" = " " ] && shift 1 || break; done # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ "$1" = "$0" ] && shift 1 +[ "$1" = "$SCRIPT_NAME" ] && shift 1 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # import the functions file if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then . "/usr/local/etc/docker/functions/entrypoint.sh" @@ -45,14 +49,15 @@ done # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Define script variables SERVICE_USER="root" # execute command as another user +SERVICE_GROUP="" # Set user group for permission fix SERVICE_UID="0" # set the user id for creation of user SERVICE_PORT="" # specifiy port which service is listening on # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Healthcheck variables -HEALTH_ENABLED="yes" # enable healthcheck [yes/no] -SERVICES_LIST="tini" # comma seperated list of processes for the healthcheck -WEB_SERVER_PORTS="${WEB_SERVER_PORTS:-}" # ports : 80,443 -HEALTH_ENDPOINTS="${HEALTH_ENDPOINTS:-}" # url endpoints: [http://localhost/health,http://localhost/test] +HEALTH_ENABLED="yes" # enable healthcheck [yes/no] +SERVICES_LIST="tini" # comma seperated list of processes for the healthcheck +SERVER_PORTS="" # ports : 80,443 +HEALTH_ENDPOINTS="" # url endpoints: [http://localhost/health,http://localhost/test] # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Additional PHP_INI_DIR="${PHP_INI_DIR:-$(__find_php_ini)}" @@ -90,10 +95,8 @@ __run_pre() { } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __run_message() { - if [ "$ENTRYPOINT_MESSAGE" = "yes" ]; then - echo "Container ip address is: $CONTAINER_IP4_ADDRESS" - fi + return } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # rewrite variables @@ -105,32 +108,47 @@ WEB_SERVER_PORTS="${WEB_SERVER_PORTS//\/*/}" WEB_SERVER_PORTS="${SERVICE_PORT//,/ } ${WEB_SERVER_PORTS//,/ }" ENV_PORTS="$(echo "$ENV_PORTS" | tr ' ' '\n' | sort -u | grep -v '^$' | tr '\n' ' ' | grep '^' || false)" WEB_SERVER_PORTS="$(echo "$WEB_SERVER_PORTS" | tr ' ' '\n' | sort -u | grep -v '^$' | tr '\n' ' ' | grep '^' || false)" +ENV_PORTS="$(echo "$WEB_SERVER_PORTS $ENV_PORTS $SERVER_PORTS" | tr ' ' '\n' | sort -u | grep -v '^$' | tr '\n' ' ' | grep '^' || false)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# variables based on env/files +[ "$SERVICE_PORT" = "443" ] && SSL_ENABLED="true" +[ -f "/config/.enable_ssh" ] && SSL_ENABLED="true" # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # export variables -export NGINX_CONFIG_FILE MYSQL_CONFIG_FILE PGSQL_CONFIG_FILE -export ENV_PORTS PHP_INI_DIR PHP_BIN_DIR HTTPD_CONFIG_FILE + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Default directories -export BACKUP_DIR="${BACKUP_DIR:-/data/backups}" -export WWW_ROOT_DIR="${WWW_ROOT_DIR:-/data/htdocs}" -export LOCAL_BIN_DIR="${LOCAL_BIN_DIR:-/usr/local/bin}" -export DEFAULT_DATA_DIR="${DEFAULT_DATA_DIR:-/usr/local/share/template-files/data}" -export DEFAULT_CONF_DIR="${DEFAULT_CONF_DIR:-/usr/local/share/template-files/config}" -export DEFAULT_TEMPLATE_DIR="${DEFAULT_TEMPLATE_DIR:-/usr/local/share/template-files/defaults}" +BACKUP_DIR="${BACKUP_DIR:-/data/backups}" +WWW_ROOT_DIR="${WWW_ROOT_DIR:-/data/htdocs}" +LOCAL_BIN_DIR="${LOCAL_BIN_DIR:-/usr/local/bin}" +DEFAULT_DATA_DIR="${DEFAULT_DATA_DIR:-/usr/local/share/template-files/data}" +DEFAULT_CONF_DIR="${DEFAULT_CONF_DIR:-/usr/local/share/template-files/config}" +DEFAULT_TEMPLATE_DIR="${DEFAULT_TEMPLATE_DIR:-/usr/local/share/template-files/defaults}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create required directories +mkdir -p "/run" +mkdir -p "/tmp" +mkdir -p "/root" +mkdir -p "/var/log" +mkdir -p "/run/init.d" +mkdir -p "/config/secure" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create required files +touch "/var/log/entrypoint.log" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# fix permissions +chmod -f 777 "/run" +chmod -f 777 "/tmp" +chmod -f 700 "/root" +chmod -f 777 "/var/log" +chmod -f 777 "/run/init.d" +chmod -f 777 "/config/secure" +chmod -f 777 "/var/log/entrypoint.log" +################## END OF CONFIGURATION ##################### # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Create the backup dir [ -n "$BACKUP_DIR" ] && [ -d "$BACKUP_DIR" ] || mkdir -p "$BACKUP_DIR" # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# create required directories -mkdir -p "/run" && chmod -f 777 "/run" -mkdir -p "/tmp" && chmod -f 777 "/tmp" -mkdir -p "/root" && chmod -f 700 "/root" -mkdir -p "/run/init.d" && chmod -f 777 "/run/init.d" -mkdir -p "/config/secure" && chmod -f 777 "/config/secure" -[ -f "/config/.enable_ssh" ] && export SSL_ENABLED="true" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -[ "$WEB_SERVER_PORT" = "443" ] && SSL_ENABLED="true" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Show start message if [ "$CONFIG_DIR_INITIALIZED" = "false" ] || [ "$DATA_DIR_INITIALIZED" = "false" ]; then [ "$ENTRYPOINT_MESSAGE" = "yes" ] && echo "Executing entrypoint script for aria2" @@ -272,7 +290,7 @@ fi [ -d "$SSL_DIR" ] || mkdir -p "$SSL_DIR" if [ "$SSL_ENABLED" = "true" ] || [ "$SSL_ENABLED" = "yes" ]; then if [ -f "$SSL_CERT" ] && [ -f "$SSL_KEY" ]; then - export SSL_ENABLED="true" + SSL_ENABLED="true" if [ -n "$SSL_CA" ] && [ -f "$SSL_CA" ]; then mkdir -p "$SSL_DIR/certs" cat "$SSL_CA" >>"/etc/ssl/certs/ca-certificates.crt" @@ -290,9 +308,6 @@ __setup_mta # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __run_pre # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Show message -__run_message -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - if [ -f "$ENTRYPOINT_CONFIG_INIT_FILE" ]; then ENTRYPOINT_FIRST_RUN="no" elif [ -d "/config" ]; then @@ -317,7 +332,7 @@ if [ -f "$ENTRYPOINT_PID_FILE" ]; then ENTRYPOINT_MESSAGE="no" fi # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -export DATA_DIR_INITIALIZED CONFIG_DIR_INITIALIZED START_SERVICES ENTRYPOINT_MESSAGE +[ "$ENTRYPOINT_MESSAGE" = "yes" ] && echo "Container ip address is: $CONTAINER_IP4_ADDRESS" # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Show configured listing processes if [ -n "$ENV_PORTS" ]; then @@ -326,7 +341,9 @@ if [ -n "$ENV_PORTS" ]; then printf '%s\n' "The following ports are open: $show_port" unset port show_port fi - +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Show message +__run_message # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Just start services START_SERVICES="${START_SERVICES:-SYSTEM_INIT}" @@ -335,11 +352,16 @@ START_SERVICES="${START_SERVICES:-SYSTEM_INIT}" case "$1" in --help) # Help message echo 'Docker container for '$APPNAME'' - echo "Usage: $APPNAME [exec start init shell certbot ssl procs ports healthcheck backup command]" + echo "Usage: $APPNAME [cron exec start init shell certbot ssl procs ports healthcheck backup command]" echo "" exit 0 ;; +cron) + shift 1 + __cron "$@" & + ;; + backup) # backup data and config dirs shift 1 save="${1:-$BACKUP_DIR}" @@ -389,14 +411,14 @@ healthcheck) # Docker healthcheck ports) # show open ports shift 1 ports="$(__netstat -taupln | awk -F ' ' '{print $4}' | awk -F ':' '{print $2}' | sort --unique --version-sort | grep -v '^$' | grep '^' || echo '')" - [ -n "$ports" ] && printf '%s\n%s\n' "The followinf are servers:" "$ports" + [ -n "$ports" ] && printf '%s\n%s\n' "The following are servers:" "$ports" | tr '\n' ' ' exit $? ;; procs) # show running processes shift 1 ps="$(__ps axco command | grep -vE 'COMMAND|grep|ps' | sort -u || grep '^' || echo '')" - [ -n "$ps" ] && printf '%s\n%s\n' "Found the following processes" "$ps" + [ -n "$ps" ] && printf '%s\n%s\n' "Found the following processes" "$ps" | tr '\n' ' ' exit $? ;; @@ -411,7 +433,7 @@ certbot) # manage ssl certificate SSL_CERT_BOT="true" if [ "$1" = "create" ]; then shift 1 - __certbot + __certbot "create" elif [ "$1" = "renew" ]; then shift 1 __certbot "renew certonly --force-renew" @@ -427,12 +449,6 @@ certbot) # manage ssl certificate exit $? ;; -init) # show/execute init functions - shift 1 - __init_${1:-help} - exit $? - ;; - start) # show/start an init script shift 1 PATH="/usr/local/etc/docker/init.d:$PATH" @@ -440,28 +456,22 @@ start) # show/start an init script scripts="$(ls -A "/usr/local/etc/docker/init.d")" [ -n "$scripts" ] && echo "$scripts" || echo "No scripts found in: /usr/local/etc/docker/init.d" elif [ -f "/usr/local/etc/docker/init.d/$1" ]; then - exec "/usr/local/etc/docker/init.d/$1" + eval "/usr/local/etc/docker/init.d/$1" elif [ "$1" = "all" ]; then - eval "$0" + shift $# + echo "$$" >"/run/init.d/entrypoint.pid" + __start_init_scripts "/usr/local/etc/docker/init.d" fi - exit $? - ;; - -exec) # execute commands - shift 1 - __exec_command "${@:-/bin/bash}" - exit $? + __no_exit ;; *) # Execute primary command - if [ "$START_SERVICES" = "yes" ] && [ ! -f "/run/init.d/entrypoint.pid" ]; then + if [ "$START_SERVICES" = "yes" ] || [ ! -f "/run/init.d/entrypoint.pid" ]; then echo "$$" >"/run/init.d/entrypoint.pid" - __start_init_scripts "/usr/local/etc/docker/init.d" && sleep 3 || sleep 1 - [ -n "$1" ] && exec "$*" || exec "${SHELL:-bash -l}" - exit 0 + __start_init_scripts "/usr/local/etc/docker/init.d" + __no_exit else __exec_command "$@" - exit $? fi ;; esac diff --git a/rootfs/usr/local/etc/docker/env/zz-entrypoint.sh b/rootfs/usr/local/etc/docker/env/zz-entrypoint.sh index 3fcd85e..cc9505b 100644 --- a/rootfs/usr/local/etc/docker/env/zz-entrypoint.sh +++ b/rootfs/usr/local/etc/docker/env/zz-entrypoint.sh @@ -4,7 +4,6 @@ ENTRYPOINT_PID_FILE="${ENTRYPOINT_PID_FILE:-/run/init.d/entrypoint.pid}" ENTRYPOINT_INIT_FILE="${ENTRYPOINT_INIT_FILE:-/config/.entrypoint.done}" ENTRYPOINT_DATA_INIT_FILE="${ENTRYPOINT_DATA_INIT_FILE:-/data/.docker_has_run}" ENTRYPOINT_CONFIG_INIT_FILE="${ENTRYPOINT_CONFIG_INIT_FILE:-/config/.docker_has_run}" -export ENTRYPOINT_PID_FILE ENTRYPOINT_INIT_FILE ENTRYPOINT_DATA_INIT_FILE ENTRYPOINT_CONFIG_INIT_FILE # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Startup variables INIT_DATE="${INIT_DATE:-$(date)}" @@ -20,4 +19,3 @@ CONFIG_DIR_INITIALIZED="${CONFIG_DIR_INITIALIZED:-false}" [ -f "$ENTRYPOINT_DATA_INIT_FILE" ] && DATA_DIR_INITIALIZED="true" [ -f "$ENTRYPOINT_CONFIG_INIT_FILE" ] && CONFIG_DIR_INITIALIZED="true" # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -export DATA_DIR_INITIALIZED CONFIG_DIR_INITIALIZED START_SERVICES ENTRYPOINT_MESSAGE ENTRYPOINT_FIRST_RUN diff --git a/rootfs/usr/local/etc/docker/functions/entrypoint.sh b/rootfs/usr/local/etc/docker/functions/entrypoint.sh index 4a6d921..d92021b 100644 --- a/rootfs/usr/local/etc/docker/functions/entrypoint.sh +++ b/rootfs/usr/local/etc/docker/functions/entrypoint.sh @@ -4,12 +4,13 @@ # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __rm() { [ -f "$1" ] && rm -Rf "${1:?}"; } __cd() { [ -d "$1" ] && builtin cd "$1" || return 1; } -__ps() { [ -f "$(type -P ps)" ] && ps "$@" || return 10; } __netstat() { [ -f "$(type -P netstat)" ] && netstat "$@" || return 10; } __curl() { curl -q -sfI --max-time 3 -k -o /dev/null "$@" &>/dev/null || return 10; } __find() { find "$1" -mindepth 1 -type ${2:-f,d} 2>/dev/null | grep '^' || return 10; } -__pcheck() { [ -n "$(which pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null || return 10; } -__pgrep() { __pcheck "${1:-GEN_SCRIPT_REPLACE_APPNAME}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$GEN_SCRIPT_REPLACE_APPNAME}" | grep -qv ' grep' || return 10; } +__no_exit() { exec /bin/sh -c "trap : TERM INT; (while true; do sleep 1000; done) & wait"; } +__pcheck() { [ -n "$(which pgrep 2>/dev/null)" ] && pgrep -o "$1" &>/dev/null || return 10; } +__ps() { [ -f "$(type -P ps)" ] && ps "$@" 2>/dev/null | grep -Fw " ${1:-$GEN_SCRIPT_REPLACE_APPNAME}" || return 10; } +__pgrep() { __pcheck "${1:-GEN_SCRIPT_REPLACE_APPNAME}" || __ps "${1:-$GEN_SCRIPT_REPLACE_APPNAME}" | grep -qv ' grep' || return 10; } __get_ip6() { ip a 2>/dev/null | grep -w 'inet6' | awk '{print $2}' | grep -vE '^::1|^fe' | sed 's|/.*||g' | head -n1 | grep '^' || echo ''; } __get_ip4() { ip a 2>/dev/null | grep -w 'inet' | awk '{print $2}' | grep -vE '^127.0.0' | sed 's|/.*||g' | head -n1 | grep '^' || echo '127.0.0.1'; } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -39,26 +40,39 @@ __update_ssl_certs() { } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __certbot() { - if [ -f "/config/bin/certbot.sh" ]; then - "/config/bin/certbot.sh" + local statusCode=0 + [ -n "$(type -P 'certbot')" ] || return 1 + if [ -f "/config/certbot/env.sh" ]; then + . "/config/certbot/env.sh" + fi + if [ -f "/config/certbot/setup.sh" ]; then + eval "/config/certbot/setup.sh" + statusCode=$? elif [ -f "/etc/named/certbot.sh" ]; then - "/etc/named/certbot.sh" + eval "/etc/named/certbot.sh" + statusCode=$? + elif [ -f "/config/named/certbot-update.conf" ]; then + if certbot renew -n --dry-run --agree-tos --expand --dns-rfc2136 --dns-rfc2136-credentials /config/named/certbot-update.conf; then + certbot renew -n --agree-tos --expand --dns-rfc2136 --dns-rfc2136-credentials /config/named/certbot-update.conf + fi + statusCode=$? else local options="${1:-create}" && shift 1 domain_list="$DOMAINNAME www.$DOMAINNAME mail.$DOMAINNAME $CERTBOT_DOMAINS" [ -f "/config/env/ssl.sh" ] && . "/config/env/ssl.sh" - [ "$SSL_CERT_BOT" = "true" ] && [ -f "$(type -P certbot)" ] || { export SSL_CERT_BOT="" && return 10; } + [ "$SSL_CERT_BOT" = "true" ] || { export SSL_CERT_BOT="" && return 10; } [ -n "$CERT_BOT_MAIL" ] || echo "The variable CERT_BOT_MAIL is not set" && return 1 [ -n "$DOMAINNAME" ] || echo "The variable DOMAINNAME is not set" && return 1 for domain in $$CERTBOT_DOMAINS; do [ -n "$domain" ] && ADD_CERTBOT_DOMAINS="-d $domain " done certbot $options --agree-tos -m $CERT_BOT_MAIL certonly --webroot \ - -w "${WWW_ROOT_DIR:-/data/htdocs/www}" \ - $ADD_CERTBOT_DOMAINS --put-all-related-files-into "$SSL_DIR" \ - -key-path "$SSL_KEY" -fullchain-path "$SSL_CERT" && __update_ssl_certs + -w "${WWW_ROOT_DIR:-/data/htdocs/www}" $ADD_CERTBOT_DOMAINS \ + --put-all-related-files-into "$SSL_DIR" -key-path "$SSL_KEY" -fullchain-path "$SSL_CERT" + statusCode=$? fi - return $? + [ $statusCode -eq 0 ] && __update_ssl_certs + return $statusCode } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __create_ssl_cert() { @@ -92,19 +106,21 @@ __create_ssl_cert() { } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __init_apache() { - local etc_dir="/etc/${1:-apache2}" - local conf_dir="/config/${1:-apache2}" - local www_dir="${WWW_ROOT_DIR:-/data/htdocs/www}" - local apache_bin="$(type -P 'httpd' || type -P 'apache2')" + local etc_dir="" conf_dir="" conf_dir="" www_dir="" apache_bin="" + etc_dir="/etc/${1:-apache2}" + conf_dir="/config/${1:-apache2}" + www_dir="${WWW_ROOT_DIR:-/data/htdocs/www}" + apache_bin="$(type -P 'httpd' || type -P 'apache2')" # return 0 } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __init_nginx() { - local etc_dir="/etc/${1:-nginx}" - local conf_dir="/config/${1:-nginx}" - local www_dir="${WWW_ROOT_DIR:-/data/htdocs}" - local nginx_bin="$(type -P 'nginx')" + local etc_dir="" conf_dir="" www_dir="" nginx_bin="" + etc_dir="/etc/${1:-nginx}" + conf_dir="/config/${1:-nginx}" + www_dir="${WWW_ROOT_DIR:-/data/htdocs}" + nginx_bin="$(type -P 'nginx')" # return 0 } @@ -118,14 +134,15 @@ __init_php() { } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __init_mysql() { - local db_dir="/data/db/mysql" - local etc_dir="${home:-/etc/${1:-mysql}}" - local db_user="${SERVICE_USER:-mysql}" - local conf_dir="/config/${1:-mysql}" - local user_pass="${MARIADB_PASSWORD:-$MARIADB_ROOT_PASSWORD}" - local user_db="${MARIADB_DATABASE}" user_name="${MARIADB_USER:-root}" - local root_pass="$MARIADB_ROOT_PASSWORD" - local mysqld_bin="$(type -P 'mysqld')" + local db_dir="" etc_dir="" db_user="" conf_dir="" user_pass="" user_db="" root_pass="" mysqld_bin="" + db_dir="/data/db/mysql" + etc_dir="${home:-/etc/${1:-mysql}}" + db_user="${SERVICE_USER:-mysql}" + conf_dir="/config/${1:-mysql}" + user_pass="${MARIADB_PASSWORD:-$MARIADB_ROOT_PASSWORD}" + user_db="${MARIADB_DATABASE}" user_name="${MARIADB_USER:-root}" + root_pass="$MARIADB_ROOT_PASSWORD" + mysqld_bin="$(type -P 'mysqld')" # return 0 } @@ -172,13 +189,20 @@ __run_once() { fi } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# run program ever n minutes __cron() { - local interval="$1" && shift 1 - local command="$*" + trap '[ -f "/run/cron/$cmd" ] && rm -Rf "/run/cron/$cmd";exit 0' SIGINT ERR EXIT + test -n "$1" && test -z "${1//[0-9]/}" && interval=$(($1 * 60)) && shift 1 || interval="5" + [ $# -eq 0 ] && echo "Usage: cron [interval] [command]" && exit 1 + command="$*" + cmd="$(echo "$command" | awk -F' ' '{print $1}')" + [ -d "/run/cron" ] || mkdir -p "/run/cron" + echo "$command" >"/run/cron/$cmd" while :; do eval "$command" sleep $interval - done + [ -f "/run/cron/$cmd" ] || break + done |& tee /var/log/entrypoint.log } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __replace() { @@ -253,6 +277,7 @@ __exec_command() { # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Setup the server init scripts __start_init_scripts() { + { [ "$1" = "" ] && shift 1; } || { [ "$1" = " " ] && shift 1; } [ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail local basename="" local init_pids="" @@ -265,13 +290,13 @@ __start_init_scripts() { for init in "$init_dir"/*.sh; do if [ -f "$init" ]; then name="$(basename "$init")" - (eval "$init" 2>/dev/stderr >/dev/stdout &) + (eval "$init" &) initStatus=$(($? + initStatus)) - sleep 30 + sleep 10 + echo "" fi done fi - return $initStatus } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __setup_mta() { @@ -283,11 +308,12 @@ __setup_mta() { local account_domain="${EMAIL_DOMAIN//*@/}" echo "$EMAIL_RELAY" | grep '[0-9][0-9]' || relay_port="465" - if [ -d "/etc/ssmtp" ] || [ -d "/config/ssmtp" ]; then - # sSMTP relay setup - [ -d "/etc/ssmtp" ] && rm -Rf "/etc/ssmtp" || return 0 + ################# sSMTP relay setup + if [ -n "$(type -P 'ssmtp')" ] || [ -d "/etc/ssmtp" ] || [ -d "/config/ssmtp" ]; then [ -d "/config/ssmtp" ] || mkdir -p "/config/ssmtp" - cat </dev/null + [ -f "/etc/ssmtp/ssmtp.conf" ] && rm -Rf "/etc/ssmtp/ssmtp.conf" + if [ ! -f "/config/ssmtp/ssmtp.conf" ]; then + cat </dev/null # ssmtp configuration. root=${account_user:-root}@${account_domain:-$HOSTNAME} mailhub=${relay_server:-172.17.0.1}:$relay_port @@ -302,20 +328,22 @@ FromLineOverride=yes #AuthPass=password EOF - # if [ -f "/config/ssmtp/ssmtp.conf" ] && [ ! -f "/run/init.d/ssmtp.pid" ]; then - # SERVICES_LIST+="ssmtp " - # cp -Rf "/config/ssmtp/." "/etc/ssmtp/" - # __exec_command ssmtp "/etc/ssmtp/ssmtp.conf" & - # [ $? -eq 0 ] && touch "/run/init.d/ssmtp.pid" || exitCode=1 - # fi - # postfix relay setup - elif [ -d "/config/postfix" ] || [ -d "/etc/postfix" ]; then - cat </dev/null + fi + if [ -f "/config/ssmtp/ssmtp.conf" ]; then + cp -Rf "/config/ssmtp/." "/etc/ssmtp/" + fi + + ################# postfix relay setup + elif [ -n "$(type -P 'postfix')" ] || [ -d "/config/postfix" ] || [ -d "/etc/postfix" ]; then + [ -d "/etc/postfix" ] || mkdir -p "/etc/postfix" + [ -f "/etc/postfix/main.cf" ] && rm -Rf "/etc/postfix/main.cf" + if [ ! -f "/config/postfix/main.cf" ]; then + cat </dev/null # postfix configuration. -smtpd_banner = \$myhostname ESMTP CasjaysDev mail +smtpd_banner = \$myhostname ESMTP email server compatibility_level = 2 -alias_maps = hash:/etc/aliases -alias_database = hash:/etc/aliases +alias_maps = hash:/etc/postfix/aliases +alias_database = hash:/etc/postfix/aliases mynetworks = /etc/postfix/mynetworks transport_maps = hash:/etc/postfix/transport virtual_alias_maps = hash:/etc/postfix/virtual @@ -324,7 +352,6 @@ tls_random_source = dev:/dev/urandom smtp_use_tls = yes smtpd_use_tls = yes smtpd_tls_session_cache_database = btree:/etc/postfix/smtpd_scache -smtpd_tls_dh1024_param_file = /etc/ssl/dhparam/1024.pem smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CBC3-SHA, KRB5-DES, CBC3-SHA smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination mydestination = @@ -337,13 +364,14 @@ relayhost = [$relay_server]:$relay_port inet_protocols = ipv4 EOF - touch "/etc/aliases" "/etc/postfix/mynetworks" "/etc/postfix/transport" - touch "/etc/postfix/mydomains.pcre" "/etc/postfix/mydomains" "/etc/postfix/virtual" - postmap "/etc/aliases" "/etc/postfix/mynetworks" "/etc/postfix/transport" &>/dev/null - postmap "/etc/postfix/mydomains.pcre" "/etc/postfix/mydomains" "/etc/postfix/virtual" &>/dev/null + fi + touch "/config/postfix/aliases" "/config/postfix/mynetworks" "/config/postfix/transport" + touch "/config/postfix/mydomains.pcre" "/config/postfix/mydomains" "/config/postfix/virtual" if [ -f "/config/postfix/main.cf" ] && [ ! -f "/run/init.d/postfix.pid" ]; then SERVICES_LIST+="postfix " cp -Rf "/config/postfix/." "/etc/postfix/" + postmap "/etc/postfix/aliases" "/etc/postfix/mynetworks" "/etc/postfix/transport" &>/dev/null + postmap "/etc/postfix/mydomains.pcre" "/etc/postfix/mydomains" "/etc/postfix/virtual" &>/dev/null __exec_command postfix "/etc/postfix/main.cf" & [ $? -eq 0 ] && touch "/run/init.d/postfix.pid" || exitCode=1 fi @@ -365,13 +393,9 @@ MARIADB_CONFIG_FILE="${MARIADB_CONFIG_FILE:-$(__find_mysql_conf)}" POSTGRES_CONFIG_FILE="${POSTGRES_CONFIG_FILE:-$(__find_pgsql_conf)}" # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # export variables -export CONTAINER_IP4_ADDRESS CONTAINER_IP6_ADDRESS -export PHP_INI_DIR PHP_BIN_DIR HTTPD_CONFIG_FILE -export NGINX_CONFIG_FILE MYSQL_CONFIG_FILE PGSQL_CONFIG_FILE -export ENTRYPOINT_FIRST_RUN SET_RANDOM_PASS + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # export the functions -export -f __update_ssl_certs __certbot __create_ssl_cert __init_apache __init_nginx -export -f __init_php __init_mysql __init_mongodb __init_postgres __init_couchdb + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # end of functions diff --git a/rootfs/usr/local/etc/docker/init.d/00-aria2c.sh b/rootfs/usr/local/etc/docker/init.d/00-aria2c.sh index efc9da6..f06ec19 100755 --- a/rootfs/usr/local/etc/docker/init.d/00-aria2c.sh +++ b/rootfs/usr/local/etc/docker/init.d/00-aria2c.sh @@ -1,6 +1,7 @@ #!/usr/bin/env bash # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html +SCRIPT_NAME="$(basename "$0" 2>/dev/null)" [ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin" @@ -25,13 +26,13 @@ done WORKDIR="" # set working directory SERVICE_UID="0" # set the user id SERVICE_USER="root" # execute command as another user -SERVICE_PORT="" # port which service is listening on +SERVICE_PORT="8000" # port which service is listening on EXEC_CMD_BIN="aria2c" # command to execute EXEC_CMD_ARGS="--conf-path=/etc/aria2/aria2.conf" # command arguments PRE_EXEC_MESSAGE="" # Show message before execute # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Other variables that are needed -ARIA2RPCPORT="${ARIA2RPCPORT:-$SERVICE_PORT}" +ARIA2RPCPORT="${ARIA2RPCPORT:-8000}" etc_dir="/etc/aria2" conf_dir="/config/aria2" www_dir="/usr/local/share/ariang" @@ -40,14 +41,23 @@ get_config="$(find "$www_dir/js" -name 'aria-ng-*.min.js' | grep -v 'f1dd57abb9. # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # use this function to update config files - IE: change port __update_conf_files() { + local port="${SERVICE_PORT:-${ARIA2RPCPORT:-8000}}" [ -d "$etc_dir" ] || mkdir -p "$etc_dir" [ -d "$data_dir" ] || mkdir -p "$data_dir" + [ -d "/var/log/aria2" ] || mkdir -p "/var/log/aria2" cp -Rf "$conf_dir/." "$etc_dir/" + ln -sf "/dev/stdout" "/var/log/aria2/aria2.log" + ln -sf "$conf_dir/aria2.session" "$etc_dir/aria2.session" + __replace "ARIA_RPC_PORT" "$port" "$etc_dir/aria2.conf" + if [ -f "/config/nginx/nginx.conf" ]; then + __replace "127.0.0.1:.*/jsonrpc" "127.0.0.1:$port/jsonrpc" "/config/nginx/nginx.conf" + fi if [ -f "$etc_dir/aria-ng.config.js" ]; then rm -Rf "$get_config" ln -sf "$etc_dir/aria-ng.config.js" "$get_config" ln -sf "$etc_dir/aria-ng.config.js" "$www_dir/js/aria-ng-f1dd57abb9.min.js" - [ -n "$CONTAINER_IP_ADDRESS" ] && sed "s|127.0.0.1|0.0.0.0|g" "$etc_dir/aria-ng.config.js" + __replace "127.0.0.1" "0.0.0.0" "$etc_dir/aria-ng.config.js" + __replace "ARIA_RPC_PORT" "$port" "$etc_dir/aria-ng.config.js" fi if [ -n "$RPC_SECRET" ]; then echo "Changing rpc secret to $RPC_SECRET" @@ -58,6 +68,7 @@ __update_conf_files() { echo "rpc-secret=$RPC_SECRET" >>"$etc_dir/aria2.conf" fi fi + return 0 } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -69,16 +80,21 @@ __update_ssl_conf() { # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # function to run before executing __pre_execute() { - [ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE" return 0 } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # script to start server __run_start_script() { + local workdir="${WORKDIR:-$HOME}" + local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS" + local user="${SERVICE_USER:-root}" + local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}" + local home="${workdir//\/root/\/home\/docker}" + local path="/usr/local/bin:/usr/bin:/bin:/usr/sbin" case "$1" in check) shift 1 && __pgrep $EXEC_CMD_BIN || return 5 ;; - *) su_cmd $EXEC_CMD_BIN $EXEC_CMD_ARGS || return 10 ;; + *) su_cmd env -i PWD="$home" HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10 ;; esac } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -122,46 +138,48 @@ fi # Change to working directory [ -n "$WORKDIR" ] && mkdir -p "$WORKDIR" && __cd "$WORKDIR" && echo "Changed to $PWD" # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Updating config files -__update_conf_files -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Initialize ssl __update_ssl_conf __update_ssl_certs # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Updating config files +__update_conf_files +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # run the pre execute commands +[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE" __pre_execute # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - WORKDIR="${WORKDIR:-}" if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then - su_cmd_bin="eval" - su_cmd() { "$@" || return 1; } + su_cmd() { eval "$@" || return 1; } elif [ "$(builtin type -P gosu)" ]; then - su_cmd_bin="gosu $SERVICE_USER" - su_cmd() { eval $su_cmd_bin "$@" || return 1; } + su_cmd() { gosu $SERVICE_USER "$@" || return 1; } elif [ "$(builtin type -P runuser)" ]; then - su_cmd_bin="runuser -u $SERVICE_USER" - su_cmd() { eval $su_cmd_bin "$@" || return 1; } + su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; } elif [ "$(builtin type -P sudo)" ]; then - su_cmd_bin="sudo -u $SERVICE_USER" - su_cmd() { eval $su_cmd_bin "$@" || return 1; } + su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; } elif [ "$(builtin type -P su)" ]; then - su_cmd_bin="su -s /bin/sh - $SERVICE_USER" - su_cmd() { eval $su_cmd_bin -c "$@" || return 1; } + su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; } else - echo "Can not switch to $SERVICE_USER" - exit 10 + echo "Can not switch to $SERVICE_USER: attempting to run as root" + su_cmd() { eval "$@" || return 1; } fi -if [ -n "$WORKDIR" ] && [ -n "$SERVICE_USER" ]; then +if [ -n "$WORKDIR" ] && [ "${SERVICE_USER:-$USER}" != "root" ]; then echo "Fixing file permissions" - su_cmd chown -Rf $SERVICE_USER $WORKDIR + su_cmd chown -Rf $SERVICE_USER $WORKDIR $etc_dir $var_dir $log_dir +fi +if __pgrep $EXEC_CMD_BIN && [ -f "/run/init.d/$EXEC_CMD_BIN.pid" ]; then + SERVICE_EXIT_CODE=1 + echo "$EXEC_CMD_BIN" is already running +else + echo "Starting service: $EXEC_CMD_BIN $EXEC_CMD_ARGS" + su_cmd touch /run/init.d/$EXEC_CMD_BIN.pid + __run_start_script "$@" |& tee -a "/tmp/entrypoint.log" + if [ "$?" -ne 0 ]; then + echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" + SERVICE_EXIT_CODE=10 SERVICE_IS_RUNNING="false" + su_cmd rm -Rf "/run/init.d/$EXEC_CMD_BIN.pid" + fi fi -echo "Starting service: $EXEC_CMD_BIN $EXEC_CMD_ARGS" -export -f __run_start_script -export SERVICE_IS_RUNNING="true" -su_cmd "touch /run/init.d/$EXEC_CMD_BIN.pid" -su_cmd __run_start_script "$@" || echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" -[ "$?" -ne 0 ] && SERVICE_IS_RUNNING="false" && SERVICE_EXIT_CODE=10 && rm -Rf "/run/init.d/$EXEC_CMD_BIN.pid" -# su_cmd "$EXEC_CMD_BIN $EXEC_CMD_ARGS" # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - exit $SERVICE_EXIT_CODE diff --git a/rootfs/usr/local/etc/docker/init.d/zz-nginx.sh b/rootfs/usr/local/etc/docker/init.d/zz-nginx.sh index dd9a313..b2f7e64 100755 --- a/rootfs/usr/local/etc/docker/init.d/zz-nginx.sh +++ b/rootfs/usr/local/etc/docker/init.d/zz-nginx.sh @@ -25,12 +25,13 @@ done WORKDIR="" # set working directory SERVICE_UID="0" # set the user id SERVICE_USER="root" # execute command as another user -SERVICE_PORT="${PORT:-6800}" # port which service is listening on +SERVICE_PORT="${PORT:-80}" # port which service is listening on EXEC_CMD_BIN="nginx" # command to execute EXEC_CMD_ARGS="-c /etc/nginx/nginx.conf" # command arguments PRE_EXEC_MESSAGE="" # Show message before execute # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Other variables that are needed +data_dir="/data" etc_dir="/etc/nginx" conf_dir="/config/nginx" www_dir="${WWW_ROOT_DIR:-/data/htdocs}" @@ -38,10 +39,13 @@ nginx_bin="$(type -P 'nginx')" # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # use this function to update config files - IE: change port __update_conf_files() { - [ -e "$etc_dir" ] && [ -n "$nginx_bin" ] || return 1 echo "Initializing nginx web server in $conf_dir" + mkdir -p "$data_dir/log/nginx" + chmod -Rf 777 "$data_dir/log/nginx" [ -d "$etc_dir" ] || mkdir -p "$etc_dir" [ -d "$conf_dir" ] && cp -Rf "$conf_dir/." "$etc_dir/" + ln -sf "/dev/stderr" "var/log/nginx/nginx.log" + ln -sf "/dev/stdout" "/var/log/nginx/access.log" if [ "$SSL_ENABLED" = "true" ]; then __file_copy "$conf_dir/nginx.ssl.conf" "$etc_dir/nginx.conf" __file_copy "$conf_dir/vhosts.d/default.ssl.conf" "$etc_dir/vhosts.d/default.conf" @@ -50,20 +54,19 @@ __update_conf_files() { [ -f "$etc_dir/vhosts.d/default.ssl.conf" ] && rm -Rf "$etc_dir/vhosts.d/default.ssl.conf" # [ -d "$www_dir" ] || mkdir -p "$www_dir" - [ -d "$www_dir/health" ] || mkdir -p "$www_dir/health" - [ -f "$www_dir/health/index.txt" ] || echo 'ok' >"$www_dir/health/index.txt" - [ -f "$www_dir/health/index.json" ] || echo '{ "status": "ok" }' >"$www_dir/health/index.json" + [ -d "$www_dir/www/health" ] || mkdir -p "$www_dir/www/health" + [ -f "$www_dir/www/health/index.txt" ] || echo 'ok' >"$www_dir/www/health/index.txt" + [ -f "$www_dir/www/health/index.json" ] || echo '{ "status": "ok" }' >"$www_dir/www/health/index.json" # - __replace "SERVER_PORT" "${SERVICE_PORT:-6800}" "$etc_dir/nginx.conf" - [ -f "$www_dir/www/index.php" ] && __replace "SERVER_SOFTWARE" "nginx" "$www_dir/www/index.php" - [ -f "$www_dir/www/index.html" ] && __replace "SERVER_SOFTWARE" "nginx" "$www_dir/www/index.html" + __replace "SERVER_PORT" "${SERVICE_PORT:-80}" "$etc_dir/nginx.conf" + __replace "SERVER_PORT" "${SERVICE_PORT:-80}" "$etc_dir/vhosts.d/nginx.conf" + [ -f "$www_dir/www/index.php" ] && __replace "SERVER_SOFTWARE" "dns" "$www_dir/www/index.php" + [ -f "$www_dir/www/index.html" ] && __replace "SERVER_SOFTWARE" "dns" "$www_dir/www/index.html" if [ -z "$PHP_BIN_DIR" ]; then [ -f "$www_dir/www/info.php" ] && echo "PHP support is not enabled" >"$www_dir/www/info.php" [ -f "$etc_dir/conf.d/php-fpm.conf" ] && echo "# PHP support is not enabled" >"$etc_dir/conf.d/php-fpm.conf" fi - if grep -s -q "nginx:" "/etc/passwd"; then - chown -Rf nginx:nginx "$etc_dir" "$www_dir" - fi + return 0 } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -75,17 +78,22 @@ __update_ssl_conf() { # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # function to run before executing __pre_execute() { - [ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE" - [ -d "/run/init.d" ] || { mkdir -p "/run/init.d" && chmod 777 "/run/init.d"; } + grep -s -q "nginx:" "/etc/passwd" && chown -Rf nginx:nginx "$etc_dir" "$www_dir" "$data_dir/log/nginx" return 0 } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # script to start server __run_start_script() { + local workdir="${WORKDIR:-$HOME}" + local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS" + local user="${SERVICE_USER:-root}" + local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}" + local home="${workdir//\/root/\/home\/docker}" + local path="/usr/local/bin:/usr/bin:/bin:/usr/sbin" case "$1" in check) shift 1 && __pgrep $EXEC_CMD_BIN || return 5 ;; - *) __pgrep $EXEC_CMD_BIN || su_cmd $EXEC_CMD_BIN $EXEC_CMD_ARGS || return 10 ;; + *) su_cmd env -i PWD="$home" HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10 ;; esac } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -129,45 +137,48 @@ fi # Change to working directory [ -n "$WORKDIR" ] && mkdir -p "$WORKDIR" && __cd "$WORKDIR" && echo "Changed to $PWD" # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Updating config files -__update_conf_files -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Initialize ssl __update_ssl_conf __update_ssl_certs # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Updating config files +__update_conf_files +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # run the pre execute commands +[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE" __pre_execute # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - WORKDIR="${WORKDIR:-}" if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then - su_cmd_bin="eval" - su_cmd() { "$@" || return 1; } + su_cmd() { eval "$@" || return 1; } elif [ "$(builtin type -P gosu)" ]; then - su_cmd_bin="gosu $SERVICE_USER" - su_cmd() { eval $su_cmd_bin "$@" || return 1; } + su_cmd() { gosu $SERVICE_USER "$@" || return 1; } elif [ "$(builtin type -P runuser)" ]; then - su_cmd_bin="runuser -u $SERVICE_USER" - su_cmd() { eval $su_cmd_bin "$@" || return 1; } + su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; } elif [ "$(builtin type -P sudo)" ]; then - su_cmd_bin="sudo -u $SERVICE_USER" - su_cmd() { eval $su_cmd_bin "$@" || return 1; } + su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; } elif [ "$(builtin type -P su)" ]; then - su_cmd_bin="su -s /bin/sh - $SERVICE_USER" - su_cmd() { eval $su_cmd_bin -c "$@" || return 1; } + su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; } else - echo "Can not switch to $SERVICE_USER" - exit 10 + echo "Can not switch to $SERVICE_USER: attempting to run as root" + su_cmd() { eval "$@" || return 1; } fi -if [ -n "$WORKDIR" ] && [ -n "$SERVICE_USER" ]; then +if [ -n "$WORKDIR" ] && [ "${SERVICE_USER:-$USER}" != "root" ]; then echo "Fixing file permissions" - su_cmd chown -Rf $SERVICE_USER $WORKDIR + su_cmd chown -Rf $SERVICE_USER $WORKDIR $etc_dir $var_dir $log_dir +fi +if __pgrep $EXEC_CMD_BIN && [ -f "/run/init.d/$EXEC_CMD_BIN.pid" ]; then + SERVICE_EXIT_CODE=1 + echo "$EXEC_CMD_BIN" is already running +else + echo "Starting service: $EXEC_CMD_BIN $EXEC_CMD_ARGS" + su_cmd touch /run/init.d/$EXEC_CMD_BIN.pid + __run_start_script "$@" |& tee -a "/tmp/entrypoint.log" + if [ "$?" -ne 0 ]; then + echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" + SERVICE_EXIT_CODE=10 SERVICE_IS_RUNNING="false" + su_cmd rm -Rf "/run/init.d/$EXEC_CMD_BIN.pid" + fi fi -echo "Starting service: $EXEC_CMD_BIN $EXEC_CMD_ARGS" -export SERVICE_IS_RUNNING="true" -su_cmd touch /run/init.d/$EXEC_CMD_BIN.pid -__run_start_script "$@" || echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" -[ "$?" -ne 0 ] && SERVICE_IS_RUNNING="false" && SERVICE_EXIT_CODE=10 && rm -Rf "/run/init.d/$EXEC_CMD_BIN.pid" -# su_cmd "$EXEC_CMD_BIN $EXEC_CMD_ARGS" # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - exit $SERVICE_EXIT_CODE diff --git a/rootfs/usr/local/share/template-files/config/.gitkeep b/rootfs/usr/local/share/template-files/config/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/rootfs/usr/local/share/template-files/config/aria2/aria-ng.config.js b/rootfs/usr/local/share/template-files/config/aria2/aria-ng.config.js index 795a6c2..6011a55 100755 --- a/rootfs/usr/local/share/template-files/config/aria2/aria-ng.config.js +++ b/rootfs/usr/local/share/template-files/config/aria2/aria-ng.config.js @@ -525,7 +525,7 @@ browserNotification: !1, rpcAlias: 'aria2', rpcHost: '127.0.0.1', - rpcPort: '8080', + rpcPort: 'ARIA_RPC_PORT', rpcInterface: 'jsonrpc', protocol: 'http', httpMethod: 'POST', diff --git a/rootfs/usr/local/share/template-files/config/aria2/aria2.conf b/rootfs/usr/local/share/template-files/config/aria2/aria2.conf index 3ad4bb4..501c01e 100644 --- a/rootfs/usr/local/share/template-files/config/aria2/aria2.conf +++ b/rootfs/usr/local/share/template-files/config/aria2/aria2.conf @@ -1,10 +1,10 @@ # Default configuration for aria2 dir=/data/downloads/aria2 -log=/proc/self/fd/2 +log=/var/log/aria2/aria2.log input-file=/config/aria2/aria2.session save-session=/config/aria2/aria2.session enable-rpc=true -rpc-listen-port=8080 +rpc-listen-port=ARIA_RPC_PORT rpc-allow-origin-all=true rpc-listen-all=true disable-ipv6=true @@ -31,5 +31,5 @@ bt-seed-unverified=false bt-save-metadata=true bt-tracker=udp://62.138.0.158:6969/announce,udp://188.241.58.209:6969/announce,udp://151.80.120.112:2710/announce,udp://151.80.120.114:2710/announce,udp://93.158.213.92:1337/announce,udp://185.19.107.254:80/announce,udp://185.225.17.100:1337/announce,udp://208.83.20.20:6969/announce,udp://5.206.19.247:6969/announce,udp://37.235.174.46:2710/announce,udp://142.44.243.4:1337/announce,udp://195.154.52.99:80/announce,udp://54.37.235.149:6969/announce,udp://212.1.226.176:2710/announce,udp://89.234.156.205:451/announce,udp://159.100.245.181:6969/announce,udp://45.56.74.11:6969/announce,udp://51.15.226.113:6969/announce,udp://176.113.71.19:6961/announce,udp://51.15.40.114:80/announce -on-download-error=/config/aria2/scripts/post-hook.sh -on-download-complete=/config/aria2/scripts/post-hook.sh +on-download-error=/etc/aria2/scripts/post-hook.sh +on-download-complete=/etc/aria2/scripts/post-hook.sh diff --git a/rootfs/usr/local/share/template-files/config/nginx/nginx.conf b/rootfs/usr/local/share/template-files/config/nginx/nginx.conf index 8154c31..c945f08 100644 --- a/rootfs/usr/local/share/template-files/config/nginx/nginx.conf +++ b/rootfs/usr/local/share/template-files/config/nginx/nginx.conf @@ -1,9 +1,9 @@ # Default nginx configuration user root; -worker_processes 1; +worker_processes auto; daemon off; -error_log /proc/self/fd/2 error; +error_log /var/log/nginx/nginx.log error; pid /var/run/nginx.pid; events { @@ -35,7 +35,7 @@ http { add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-src 'self' *; object-src 'self'" always; location /jsonrpc { - proxy_pass http://127.0.0.1:8080/jsonrpc; + proxy_pass http://127.0.0.1:ARIA_RPC_PORT/jsonrpc; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; @@ -43,7 +43,7 @@ http { } location /rpc { - proxy_pass http://127.0.0.1:8080/jsonrpc; + proxy_pass http://127.0.0.1:ARIA_RPC_PORT/jsonrpc; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; @@ -72,7 +72,7 @@ http { return 200 'OK'; } - location /health.json { + location /health/json { default_type application/json; allow all; access_log off;