From ec7918be39a640e117a51708936171a40cb6cf84 Mon Sep 17 00:00:00 2001 From: casjay Date: Wed, 23 Aug 2023 22:49:47 -0400 Subject: [PATCH] =?UTF-8?q?=20=F0=9F=A6=88=F0=9F=8F=A0=F0=9F=90=9C?= =?UTF-8?q?=E2=9D=97=20Initial=20Commit=20=E2=9D=97=F0=9F=90=9C?= =?UTF-8?q?=F0=9F=A6=88=F0=9F=8F=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .dockerignore | 17 + .env.scripts | 30 + .gitattributes | 83 +++ .gitignore | 98 +++ Dockerfile | 238 +++++++ LICENSE.md | 13 + README.md | 78 +++ rootfs/root/docker/setup/custom | 25 + rootfs/root/docker/setup/files | 25 + rootfs/root/docker/setup/init | 25 + rootfs/root/docker/setup/packages | 25 + rootfs/root/docker/setup/post | 25 + rootfs/usr/local/bin/entrypoint.sh | 454 ++++++++++++ rootfs/usr/local/bin/pkmgr | 121 ++++ .../usr/local/etc/docker/env/00-directory.sh | 10 + rootfs/usr/local/etc/docker/env/addresses.sh | 5 + rootfs/usr/local/etc/docker/env/certbot.sh | 6 + rootfs/usr/local/etc/docker/env/couchdb.sh | 7 + .../usr/local/etc/docker/env/default.sample | 135 ++++ rootfs/usr/local/etc/docker/env/dockerd.sh | 4 + rootfs/usr/local/etc/docker/env/global.sh | 8 + .../usr/local/etc/docker/env/healthcheck.sh | 5 + rootfs/usr/local/etc/docker/env/mariadb.sh | 14 + rootfs/usr/local/etc/docker/env/mongodb.sh | 20 + rootfs/usr/local/etc/docker/env/networking.sh | 9 + rootfs/usr/local/etc/docker/env/other.sh | 4 + rootfs/usr/local/etc/docker/env/php.sh | 6 + rootfs/usr/local/etc/docker/env/postgres.sh | 8 + rootfs/usr/local/etc/docker/env/redis.sh | 4 + rootfs/usr/local/etc/docker/env/services.sh | 7 + rootfs/usr/local/etc/docker/env/ssl.sh | 19 + rootfs/usr/local/etc/docker/env/supabase.sh | 4 + rootfs/usr/local/etc/docker/env/webservers.sh | 8 + .../usr/local/etc/docker/env/zz-entrypoint.sh | 21 + .../local/etc/docker/functions/entrypoint.sh | 647 ++++++++++++++++++ .../usr/local/etc/docker/init.d/00-couchdb.sh | 532 ++++++++++++++ .../usr/local/etc/docker/init.d/zz-nginx.sh | 485 +++++++++++++ .../template-files/config/couchdb/default.ini | 158 +++++ .../template-files/config/couchdb/local.ini | 9 + .../template-files/config/env/default.sample | 135 ++++ .../template-files/config/nginx/mime.types | 99 +++ .../template-files/config/nginx/nginx.conf | 150 ++++ .../config/nginx/nginx.ssl.conf | 131 ++++ .../config/nginx/vhosts.d/default.conf.sample | 13 + .../config/nginx/vhosts.d/default.ssl.sample | 18 + .../local/share/template-files/data/.gitkeep | 0 .../share/template-files/defaults/.gitkeep | 0 47 files changed, 3938 insertions(+) create mode 100644 .dockerignore create mode 100644 .env.scripts create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 Dockerfile create mode 100644 LICENSE.md create mode 100644 README.md create mode 100755 rootfs/root/docker/setup/custom create mode 100755 rootfs/root/docker/setup/files create mode 100755 rootfs/root/docker/setup/init create mode 100755 rootfs/root/docker/setup/packages create mode 100755 rootfs/root/docker/setup/post create mode 100755 rootfs/usr/local/bin/entrypoint.sh create mode 100755 rootfs/usr/local/bin/pkmgr create mode 100644 rootfs/usr/local/etc/docker/env/00-directory.sh create mode 100644 rootfs/usr/local/etc/docker/env/addresses.sh create mode 100644 rootfs/usr/local/etc/docker/env/certbot.sh create mode 100644 rootfs/usr/local/etc/docker/env/couchdb.sh create mode 100644 rootfs/usr/local/etc/docker/env/default.sample create mode 100644 rootfs/usr/local/etc/docker/env/dockerd.sh create mode 100644 rootfs/usr/local/etc/docker/env/global.sh create mode 100644 rootfs/usr/local/etc/docker/env/healthcheck.sh create mode 100644 rootfs/usr/local/etc/docker/env/mariadb.sh create mode 100644 rootfs/usr/local/etc/docker/env/mongodb.sh create mode 100644 rootfs/usr/local/etc/docker/env/networking.sh create mode 100644 rootfs/usr/local/etc/docker/env/other.sh create mode 100644 rootfs/usr/local/etc/docker/env/php.sh create mode 100644 rootfs/usr/local/etc/docker/env/postgres.sh create mode 100644 rootfs/usr/local/etc/docker/env/redis.sh create mode 100644 rootfs/usr/local/etc/docker/env/services.sh create mode 100644 rootfs/usr/local/etc/docker/env/ssl.sh create mode 100644 rootfs/usr/local/etc/docker/env/supabase.sh create mode 100644 rootfs/usr/local/etc/docker/env/webservers.sh create mode 100644 rootfs/usr/local/etc/docker/env/zz-entrypoint.sh create mode 100644 rootfs/usr/local/etc/docker/functions/entrypoint.sh create mode 100755 rootfs/usr/local/etc/docker/init.d/00-couchdb.sh create mode 100644 rootfs/usr/local/etc/docker/init.d/zz-nginx.sh create mode 100644 rootfs/usr/local/share/template-files/config/couchdb/default.ini create mode 100644 rootfs/usr/local/share/template-files/config/couchdb/local.ini create mode 100644 rootfs/usr/local/share/template-files/config/env/default.sample create mode 100644 rootfs/usr/local/share/template-files/config/nginx/mime.types create mode 100644 rootfs/usr/local/share/template-files/config/nginx/nginx.conf create mode 100644 rootfs/usr/local/share/template-files/config/nginx/nginx.ssl.conf create mode 100644 rootfs/usr/local/share/template-files/config/nginx/vhosts.d/default.conf.sample create mode 100644 rootfs/usr/local/share/template-files/config/nginx/vhosts.d/default.ssl.sample create mode 100644 rootfs/usr/local/share/template-files/data/.gitkeep create mode 100644 rootfs/usr/local/share/template-files/defaults/.gitkeep diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..71c00b7 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,17 @@ +# Files to ignore +# Tell docker to ignore .gitkeep +.gitkeep +# Tell docker to ignore .gitignore +.gitignore +# Tell docker to ignore node_modules/** +node_modules/** +# Tell docker to ignore .node_modules/** +.node_modules/** +# Tell docker to ignore **/.gitkeep +**/.gitkeep +# Tell docker to ignore **/.gitignore +**/.gitignore +# Tell docker to ignore **/node_modules/** +**/node_modules/** +# Tell docker to ignore **/.node_modules/** +**/.node_modules/** diff --git a/.env.scripts b/.env.scripts new file mode 100644 index 0000000..fa52304 --- /dev/null +++ b/.env.scripts @@ -0,0 +1,30 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202308230251-git +# @@Author : CasjaysDev +# @@Contact : CasjaysDev +# @@License : MIT +# @@ReadME : +# @@Copyright : Copyright 2023 CasjaysDev +# @@Created : Wed Aug 23 02:51:40 AM EDT 2023 +# @@File : .env.scripts +# @@Description : Variables for .env.scripts +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +ENV_VENDOR="CasjaysDev" +ENV_AUTHOR="CasjaysDev" +ENV_MAINTAINER="CasjaysDev " +ENV_GIT_REPO_URL="https://github.com/casjaysdevdocker/couchdb" +ENV_REGISTRY_URL="https://hub.docker.com/r/casjaysdevdocker/couchdb" +ENV_USE_TEMPLATE="debian" +ENV_ORG_NAME="casjaysdevdocker" +ENV_IMAGE_REPO="couchdb" +ENV_OS_NAME="" +SERVICE_PORT="80" +EXPOSE_PORTS="80 4369 5984 9100 17986" +PHP_VERSION="" +NODE_VERSION="" +NODE_MANAGER="" +WWW_ROOT_DIR="/usr/share/webapps/couchdb" +DEFAULT_FILE_DIR="/usr/local/share/template-files" +DEFAULT_DATA_DIR="/usr/local/share/template-files/data" +DEFAULT_CONF_DIR="/usr/local/share/template-files/config" +DEFAULT_TEMPLATE_DIR="/usr/local/share/template-files/defaults" diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..d16ad67 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,83 @@ +# Template generated on Tue Aug 22 09:10:39 AM EDT 2023 from https://github.com/alexkaratarakis/gitattributes" +# Common settings that generally should always be used with your language specific settings +# Auto detect text files and perform LF normalization +* text=auto +# The above will handle all files NOT found below +# Documents +*.bibtex text diff=bibtex +*.doc diff=astextplain +*.DOC diff=astextplain +*.docx diff=astextplain +*.DOCX diff=astextplain +*.dot diff=astextplain +*.DOT diff=astextplain +*.pdf diff=astextplain +*.PDF diff=astextplain +*.rtf diff=astextplain +*.RTF diff=astextplain +*.md text diff=markdown +*.mdx text diff=markdown +*.tex text diff=tex +*.adoc text +*.textile text +*.mustache text +*.csv text eol=crlf +*.tab text +*.tsv text +*.txt text +*.sql text +*.epub diff=astextplain +# Graphics +*.png binary +*.jpg binary +*.jpeg binary +*.gif binary +*.tif binary +*.tiff binary +*.ico binary +# SVG treated as text by default. +*.svg text +# If you want to treat it as binary, +# use the following line instead. +# *.svg binary +*.eps binary +# Scripts +*.bash text eol=lf +*.fish text eol=lf +*.sh text eol=lf +*.zsh text eol=lf +# These are explicitly windows files and should use crlf +*.bat text eol=crlf +*.cmd text eol=crlf +*.ps1 text eol=crlf +# Serialisation +*.json text +*.toml text +*.xml text +*.yaml text +*.yml text +# Archives +*.7z binary +*.gz binary +*.tar binary +*.tgz binary +*.zip binary +# Text files where line endings should be preserved +*.patch -text +# Exclude files from exporting +.gitattributes export-ignore +.gitignore export-ignore +.gitkeep export-ignore + +# Template generated on Tue Aug 22 09:10:39 AM EDT 2023 +# Files for git large file system +*.7z filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.tar filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.7zip filter=lfs diff=lfs merge=lfs -text +*.bzip2 filter=lfs diff=lfs merge=lfs -text + diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..30c7f41 --- /dev/null +++ b/.gitignore @@ -0,0 +1,98 @@ +# gitignore created on 08/23/23 at 02:19 +# Disable reminder in prompt +ignoredirmessage + +# OS generated files +### Linux ### +*~ + +# temporary files which can be created if a process still has a handle open of a deleted file +.fuse_hidden* + +# KDE directory preferences +.directory + +# Linux trash folder which might appear on any partition or disk +.Trash-* + +# .nfs files are created when an open file is removed but is still being accessed +.nfs* + +### macOS ### +# General +.DS_Store? +.AppleDouble +.LSOverride + +# Thumbnails +._* + +# Files that might appear in the root of a volume +.DocumentRevisions-V100 +.fseventsd +.Spotlight-V100 +.TemporaryItems +.Trashes +.VolumeIcon.icns +.com.apple.timemachine.donotpresent + +# Directories potentially created on remote AFP share +.AppleDB +.AppleDesktop +Network Trash Folder +Temporary Items +.apdisk + +### macOS Patch ### +# iCloud generated files +*.icloud + +### Windows ### +# Windows thumbnail cache files +Thumbs.db +Thumbs.db:encryptable +ehthumbs.db +ehthumbs_vista.db + +# Dump file +*.stackdump + +# Folder config file +[Dd]esktop.ini + +# Recycle Bin used on file shares +$RECYCLE.BIN/ + +# Windows Installer files +*.cab +*.msi +*.msix +*.msm +*.msp + +# misc +!*/README* +!inc/main.bash + +# Windows shortcuts +*.lnk + +# ignore commit message +**/.gitcommit + +# ignore .build_failed files +**/.build_failed* + + +# ignore .bak files +**/*.bak + +# ignore .no_push files +**/.no_push + +# ignore .no_git files +**/.no_git + +# ignore .installed files +**/.installed + diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..80babba --- /dev/null +++ b/Dockerfile @@ -0,0 +1,238 @@ +# Docker image for couchdb using the debian template +ARG IMAGE_NAME="couchdb" +ARG PHP_SERVER="couchdb" +ARG BUILD_DATE="Wed Aug 23 02:51:40 AM EDT 2023" +ARG LANGUAGE="en_US.UTF-8" +ARG TIMEZONE="America/New_York" +ARG WWW_ROOT_DIR="/usr/share/webapps/couchdb" +ARG DEFAULT_FILE_DIR="/usr/local/share/template-files" +ARG DEFAULT_DATA_DIR="/usr/local/share/template-files/data" +ARG DEFAULT_CONF_DIR="/usr/local/share/template-files/config" +ARG DEFAULT_TEMPLATE_DIR="/usr/local/share/template-files/defaults" + +ARG IMAGE_REPO="couchdb" +ARG IMAGE_VERSION="latest" +ARG CONTAINER_VERSION="${IMAGE_VERSION}" + +ARG SERVICE_PORT="80" +ARG EXPOSE_PORTS="80 4369 5984 9100 17986" +ARG PHP_VERSION="" +ARG NODE_VERSION="" +ARG NODE_MANAGER="" + +ARG USER="root" +ARG DISTRO_VERSION="${IMAGE_VERSION}" +ARG BUILD_VERSION="${DISTRO_VERSION}" + +FROM tianon/gosu:latest AS gosu +FROM ${IMAGE_REPO}:${DISTRO_VERSION} AS build +ARG USER +ARG LICENSE +ARG TIMEZONE +ARG LANGUAGE +ARG IMAGE_NAME +ARG PHP_SERVER +ARG BUILD_DATE +ARG SERVICE_PORT +ARG EXPOSE_PORTS +ARG BUILD_VERSION +ARG WWW_ROOT_DIR +ARG DEFAULT_FILE_DIR +ARG DEFAULT_DATA_DIR +ARG DEFAULT_CONF_DIR +ARG DEFAULT_TEMPLATE_DIR +ARG DISTRO_VERSION +ARG PHP_VERSION + +ARG PACK_LIST="bash \ + " + +ENV ENV=~/.bashrc +ENV SHELL="/bin/sh" +ENV TZ="${TIMEZONE}" +ENV TIMEZONE="${TZ}" +ENV LANG="${LANGUAGE}" +ENV TERM="xterm-256color" +ENV HOSTNAME="casjaysdev-couchdb" + +USER ${USER} +WORKDIR /root + +COPY ./rootfs/root/docker/setup/. /root/docker/setup/ +COPY ./rootfs/usr/local/bin/pkmgr /usr/local/bin/pkmgr +COPY --from=gosu /usr/local/bin/gosu /usr/local/bin/gosu + +RUN \ + set -ex; \ + echo "" + +RUN \ + set -ex; \ + if [ -f "/root/docker/setup/init" ];then echo "Running the init script";sh "/root/docker/setup/init";echo "Done running the init script";fi; \ + echo "" + +RUN set -ex; \ + echo "" + +COPY ./rootfs/. / +COPY ./Dockerfile /root/docker/Dockerfile + +RUN set -ex; \ + echo "" + +RUN \ + echo "Installing packages: $PACK_LIST"; \ + set -ex; \ + pkmgr install ${PACK_LIST}; \ + echo "" + +RUN \ + set -ex; \ + if [ -f "/root/docker/setup/packages" ];then echo "Running the packages script";sh "/root/docker/setup/packages";echo "Done running the packages script";fi + +RUN \ + echo "Setting up users and scripts "; \ + set -ex; \ + echo "" + +RUN \ + echo "" + +RUN \ + echo "Running user configurations "; \ + set -ex; \ + echo "" + +RUN \ + echo "Setting OS Settings "; \ + set -ex; \ + echo "" + +RUN \ + echo "Updating system files "; \ + set -ex; \ + echo "$TIMEZONE" >"/etc/timezone"; \ + touch "/etc/profile" "/root/.profile"; \ + echo 'hosts: files dns' >"/etc/nsswitch.conf"; \ + BASH_CMD="$(command -v bash 2>/dev/null|| echo '')"; \ + PHP_FPM="$(ls /usr/*bin/php*fpm* 2>/dev/null || echo '')"; \ + pip_bin="$(command -v python3 2>/dev/null || command -v python2 2>/dev/null || command -v python 2>/dev/null || echo "")"; \ + py_version="$($pip_bin --version | sed 's|[pP]ython ||g' | awk -F '.' '{print $1$2}' | grep '[0-9]' || echo "0")"; \ + [ "$py_version" -gt "310" ] && pip_opts="--break-system-packages " || pip_opts=""; \ + if [ -n "$pip_bin" ];then $pip_bin -m pip install certbot-dns-rfc2136 certbot-dns-duckdns certbot-dns-cloudflare certbot-nginx $pip_opts || true;fi; \ + [ -f "$BASH_CMD" ] && rm -rf "/bin/sh" && ln -sf "$BASH_CMD" "/bin/sh" || true; \ + [ -n "$BASH_CMD" ] && sed -i 's|root:x:.*|root:x:0:0:root:/root:$BASH_CMD|g' "/etc/passwd" || true; \ + [ -f "/usr/share/zoneinfo/${TZ}" ] && ln -sf "/usr/share/zoneinfo/${TZ}" "/etc/localtime" || true; \ + [ -n "$PHP_FPM" ] && [ -z "$(command -v php-fpm 2>/dev/null)" ] && ln -sf "$PHP_FPM" "/usr/bin/php-fpm" 2>/dev/null || true; \ + if [ -f "/etc/profile.d/color_prompt.sh.disabled" ]; then mv -f "/etc/profile.d/color_prompt.sh.disabled" "/etc/profile.d/color_prompt.sh";fi ; \ + { [ -f "/etc/bash/bashrc" ] && cp -Rf "/etc/bash/bashrc" "/root/.bashrc"; } || { [ -f "/etc/bashrc" ] && cp -Rf "/etc/bashrc" "/root/.bashrc"; } || { [ -f "/etc/bash.bashrc" ] && cp -Rf "/etc/bash.bashrc" "/root/.bashrc"; } || true; \ + if [ -z "$(command -v "apt-get" 2>/dev/null)" ];then grep -s -q 'alias quit' "/root/.bashrc" || printf '# Profile\n\n%s\n%s\n%s\n' '. /etc/profile' '. /root/.profile' "alias quit='exit 0 2>/dev/null'" >>"/root/.bashrc"; fi; \ + if [ -f "/usr/local/etc/docker/env/default.sample" ] && [ -d "/etc/profile.d" ];then cp -Rf "/usr/local/etc/docker/env/default.sample" "/etc/profile.d/container.env.sh" && chmod 755 "/etc/profile.d/container.env.sh";fi; \ + if [ -e "/etc/php" ] && [ -d "/etc/${PHP_VERSION}" ];then rm -Rf "/etc/php";fi; \ + if [ -n "${PHP_VERSION}" ] && [ -d "/etc/${PHP_VERSION}" ];then ln -sf "/etc/${PHP_VERSION}" "/etc/php";fi; \ + echo "" + +RUN set -ex; \ + [ -d "/etc/nginx" ] || mkdir -p "/etc/nginx"; \ + [ -d "/etc/couchdb" ] && rm -Rf "/etc/couchdb"; \ + [ -d "/tmp/etc/nginx" ] && cp -Rf "/tmp/etc/nginx/." "/etc/nginx/"; \ + [ -f "/docker-entrypoint.sh" ] && rm -Rf "/docker-entrypoint.sh"; \ + for f in $(ls -A /opt/couchdb/bin);do ln -sf "/opt/couchdb/bin/$f" "/usr/local/bin/$f";done; \ + for f in conf.d modules-available modules-enabled sites-available sites-enabled snippets;do if [ -e "/etc/nginx/$f" ];then rm -Rf "/etc/nginx/$f";fi;done; \ + chown -Rf couchdb:couchdb /opt/couchdb;chown -Rf www-data:www-data /etc/nginx; \ + echo "" + +RUN \ + set -ex; \ + if [ -f "/root/docker/setup/custom" ];then echo "Running the custom script";sh "/root/docker/setup/custom";echo "Done running the custom script";fi; \ + echo "" + +RUN set -ex; \ + echo + +RUN \ + set -ex; \ + if [ -f "/root/docker/setup/post" ];then echo "Running the post script";sh "/root/docker/setup/post";echo "Done running the post script";fi; \ + mkdir -p "/usr/local/etc/skel";cp -Rf "/root/." "/usr/local/etc/skel/"; \ + echo "" + +RUN \ + echo "Deleting unneeded files"; \ + set -ex; \ + pkmgr clean; \ + rm -Rf "/config" "/data"; \ + rm -rf /etc/systemd/system/*.wants/*; \ + rm -rf /lib/systemd/system/systemd-update-utmp*; \ + rm -rf /lib/systemd/system/anaconda.target.wants/*; \ + rm -rf /lib/systemd/system/local-fs.target.wants/*; \ + rm -rf /lib/systemd/system/multi-user.target.wants/*; \ + rm -rf /lib/systemd/system/sockets.target.wants/*udev*; \ + rm -rf /lib/systemd/system/sockets.target.wants/*initctl*; \ + rm -Rf /usr/share/doc/* /var/tmp/* /var/cache/*/* /root/.cache/* /usr/share/info/* /tmp/*; \ + if [ -d "/lib/systemd/system/sysinit.target.wants" ];then cd "/lib/systemd/system/sysinit.target.wants" && rm -f $(ls | grep -v systemd-tmpfiles-setup);fi + +RUN echo "Init done" + +FROM scratch +ARG USER +ARG LICENSE +ARG LANGUAGE +ARG TIMEZONE +ARG IMAGE_NAME +ARG PHP_SERVER +ARG BUILD_DATE +ARG SERVICE_PORT +ARG EXPOSE_PORTS +ARG NODE_VERSION +ARG NODE_MANAGER +ARG PHP_VERSION +ARG BUILD_VERSION +ARG DEFAULT_DATA_DIR +ARG DEFAULT_CONF_DIR +ARG DEFAULT_TEMPLATE_DIR +ARG DISTRO_VERSION + +USER ${USER} +WORKDIR /root + +LABEL maintainer="CasjaysDev " +LABEL org.opencontainers.image.vendor="CasjaysDev" +LABEL org.opencontainers.image.authors="CasjaysDev" +LABEL org.opencontainers.image.description="Containerized version of ${IMAGE_NAME}" +LABEL org.opencontainers.image.name="${IMAGE_NAME}" +LABEL org.opencontainers.image.base.name="${IMAGE_NAME}" +LABEL org.opencontainers.image.license="${LICENSE}" +LABEL org.opencontainers.image.build-date="${BUILD_DATE}" +LABEL org.opencontainers.image.version="${BUILD_VERSION}" +LABEL org.opencontainers.image.schema-version="${BUILD_VERSION}" +LABEL org.opencontainers.image.url="https://hub.docker.com/r/casjaysdevdocker/couchdb" +LABEL org.opencontainers.image.url.source="https://hub.docker.com/r/casjaysdevdocker/couchdb" +LABEL org.opencontainers.image.vcs-type="Git" +LABEL org.opencontainers.image.vcs-ref="${BUILD_VERSION}" +LABEL org.opencontainers.image.vcs-url="https://hub.docker.com/r/casjaysdevdocker/couchdb" +LABEL org.opencontainers.image.documentation="https://hub.docker.com/r/casjaysdevdocker/couchdb" +LABEL com.github.containers.toolbox="false" + +ENV ENV=~/.bashrc +ENV SHELL="/bin/bash" +ENV TZ="${TIMEZONE}" +ENV TIMEZONE="${TZ}" +ENV LANG="${LANGUAGE}" +ENV PORT="${SERVICE_PORT}" +ENV ENV_PORTS="${EXPOSE_PORTS}" +ENV TERM="xterm-256color" +ENV NODE_VERSION="${NODE_VERSION}" +ENV NODE_MANAGER="${NODE_MANAGER}" +ENV CONTAINER_NAME="${IMAGE_NAME}" +ENV HOSTNAME="casjaysdev-${IMAGE_NAME}" +ENV USER="${USER}" + +COPY --from=build /. / + +VOLUME [ "/config","/data" ] + +EXPOSE ${ENV_PORTS} + +CMD [ "start", "all" ] +ENTRYPOINT [ "tini", "--", "/usr/local/bin/entrypoint.sh" ] +HEALTHCHECK --start-period=1m --interval=2m --timeout=3s CMD [ "/usr/local/bin/entrypoint.sh", "healthcheck" ] diff --git a/LICENSE.md b/LICENSE.md new file mode 100644 index 0000000..e744b9c --- /dev/null +++ b/LICENSE.md @@ -0,0 +1,13 @@ + DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE + Version 2, December 2004 + + Copyright (C) 2023 casjay + + Everyone is permitted to copy and distribute verbatim or modified + copies of this license document, and changing it is allowed as long + as the name is changed. + + DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 1. You just DO WHAT THE FUCK YOU WANT TO. diff --git a/README.md b/README.md new file mode 100644 index 0000000..eb8261e --- /dev/null +++ b/README.md @@ -0,0 +1,78 @@ +## 👋 Welcome to couchdb 🚀 + +couchdb README + + +## Install my system scripts + +```shell + sudo bash -c "$(curl -q -LSsf "https://github.com/systemmgr/installer/raw/main/install.sh")" + sudo systemmgr --config && sudo systemmgr install scripts +``` + +## Automatic install/update + +```shell +dockermgr update couchdb +``` + +## Install and run container + +```shell +mkdir -p "$HOME/.local/share/srv/docker/couchdb/rootfs" +git clone "https://github.com/dockermgr/couchdb" "$HOME/.local/share/CasjaysDev/dockermgr/couchdb" +cp -Rfva "$HOME/.local/share/CasjaysDev/dockermgr/couchdb/rootfs/." "$HOME/.local/share/srv/docker/couchdb/rootfs/" +docker run -d \ +--restart always \ +--privileged \ +--name casjaysdevdocker-couchdb \ +--hostname couchdb \ +-e TZ=${TIMEZONE:-America/New_York} \ +-v $HOME/.local/share/srv/docker/casjaysdevdocker-couchdb/rootfs/data:/data:z \ +-v $HOME/.local/share/srv/docker/casjaysdevdocker-couchdb/rootfs/config:/config:z \ +-p 80:80 \ +casjaysdevdocker/couchdb:latest +``` + +## via docker-compose + +```yaml +version: "2" +services: + ProjectName: + image: casjaysdevdocker/couchdb + container_name: casjaysdevdocker-couchdb + environment: + - TZ=America/New_York + - HOSTNAME=couchdb + volumes: + - $HOME/.local/share/srv/docker/casjaysdevdocker-couchdb/rootfs/data:/data:z + - $HOME/.local/share/srv/docker/casjaysdevdocker-couchdb/rootfs/config:/config:z + ports: + - 80:80 + restart: always +``` + +## Get source files + +```shell +dockermgr download src casjaysdevdocker/couchdb +``` + +OR + +```shell +git clone "https://github.com/casjaysdevdocker/couchdb" "$HOME/Projects/github/casjaysdevdocker/couchdb" +``` + +## Build container + +```shell +cd "$HOME/Projects/github/casjaysdevdocker/couchdb" +buildx +``` + +## Authors + +🤖 casjay: [Github](https://github.com/casjay) 🤖 +⛵ casjaysdevdocker: [Github](https://github.com/casjaysdevdocker) [Docker](https://hub.docker.com/u/casjaysdevdocker) ⛵ diff --git a/rootfs/root/docker/setup/custom b/rootfs/root/docker/setup/custom new file mode 100755 index 0000000..7320c50 --- /dev/null +++ b/rootfs/root/docker/setup/custom @@ -0,0 +1,25 @@ +#!/usr/bin/env sh +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202308230218-git +# @@Author : CasjaysDev +# @@Contact : CasjaysDev +# @@License : MIT +# @@ReadME : +# @@Copyright : Copyright 2023 CasjaysDev +# @@Created : Wed Aug 23 02:18:59 AM EDT 2023 +# @@File : custom" +# @@Description : script run to custom" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck shell=sh +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +set -ex +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit diff --git a/rootfs/root/docker/setup/files b/rootfs/root/docker/setup/files new file mode 100755 index 0000000..b109c0b --- /dev/null +++ b/rootfs/root/docker/setup/files @@ -0,0 +1,25 @@ +#!/usr/bin/env sh +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202308230218-git +# @@Author : CasjaysDev +# @@Contact : CasjaysDev +# @@License : MIT +# @@ReadME : +# @@Copyright : Copyright 2023 CasjaysDev +# @@Created : Wed Aug 23 02:18:59 AM EDT 2023 +# @@File : files" +# @@Description : script run to files" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck shell=sh +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +set -ex +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit diff --git a/rootfs/root/docker/setup/init b/rootfs/root/docker/setup/init new file mode 100755 index 0000000..1a49cc9 --- /dev/null +++ b/rootfs/root/docker/setup/init @@ -0,0 +1,25 @@ +#!/usr/bin/env sh +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202308230218-git +# @@Author : CasjaysDev +# @@Contact : CasjaysDev +# @@License : MIT +# @@ReadME : +# @@Copyright : Copyright 2023 CasjaysDev +# @@Created : Wed Aug 23 02:18:59 AM EDT 2023 +# @@File : init" +# @@Description : script run to init" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck shell=sh +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +set -ex +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit diff --git a/rootfs/root/docker/setup/packages b/rootfs/root/docker/setup/packages new file mode 100755 index 0000000..31abdac --- /dev/null +++ b/rootfs/root/docker/setup/packages @@ -0,0 +1,25 @@ +#!/usr/bin/env sh +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202308230218-git +# @@Author : CasjaysDev +# @@Contact : CasjaysDev +# @@License : MIT +# @@ReadME : +# @@Copyright : Copyright 2023 CasjaysDev +# @@Created : Wed Aug 23 02:18:59 AM EDT 2023 +# @@File : packages" +# @@Description : script run to packages" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck shell=sh +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +set -ex +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit diff --git a/rootfs/root/docker/setup/post b/rootfs/root/docker/setup/post new file mode 100755 index 0000000..601eb3f --- /dev/null +++ b/rootfs/root/docker/setup/post @@ -0,0 +1,25 @@ +#!/usr/bin/env sh +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202308230218-git +# @@Author : CasjaysDev +# @@Contact : CasjaysDev +# @@License : MIT +# @@ReadME : +# @@Copyright : Copyright 2023 CasjaysDev +# @@Created : Wed Aug 23 02:19:00 AM EDT 2023 +# @@File : post" +# @@Description : script run to post" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck shell=sh +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +set -ex +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit diff --git a/rootfs/usr/local/bin/entrypoint.sh b/rootfs/usr/local/bin/entrypoint.sh new file mode 100755 index 0000000..1c992d8 --- /dev/null +++ b/rootfs/usr/local/bin/entrypoint.sh @@ -0,0 +1,454 @@ +#!/usr/bin/env bash +# shellcheck shell=bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202308230218-git +# @@Author : Jason Hempstead +# @@Contact : jason@casjaysdev.pro +# @@License : WTFPL +# @@ReadME : docker-entrypoint --help +# @@Copyright : Copyright: (c) 2023 Jason Hempstead, Casjays Developments +# @@Created : Wednesday, Aug 23, 2023 02:18 EDT +# @@File : docker-entrypoint +# @@Description : +# @@Changelog : New script +# @@TODO : Better documentation +# @@Other : +# @@Resource : +# @@Terminal App : no +# @@sudo/root : no +# @@Template : other/docker-entrypoint +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +CONTAINER_NAME="couchdb" +SCRIPT_NAME="$(basename "$0" 2>/dev/null)" +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# remove whitespaces from beginning argument +while :; do [ "$1" = " " ] && shift 1 || break; done +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ "$1" = "$0" ] && shift 1 +[ "$1" = "$SCRIPT_NAME" ] && shift 1 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import the functions file +if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then + . "/usr/local/etc/docker/functions/entrypoint.sh" +else + echo "Can not load functions from /usr/local/etc/docker/functions/entrypoint.sh" + exit 1 +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Create the default env files +__create_env_file "/config/env/default.sh" "/root/env.sh" &>/dev/null +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import variables from files +for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do + [ -f "$set_env" ] && . "$set_env" +done +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Builtin functions +__is_dir_empty() { [ "$(ls -A "$1" 2>/dev/null | wc -l)" -eq 0 ] && return 0 || return 1; } + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Custom functions + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Define script variables +SERVICE_USER="root" # execute command as another user +SERVICE_GROUP="" # Set user group for permission fix +SERVICE_UID="0" # set the user id for creation of user +SERVICE_PORT="" # specifiy port which service is listening on +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Healthcheck variables +HEALTH_ENABLED="yes" # enable healthcheck [yes/no] +SERVICES_LIST="tini" # comma seperated list of processes for the healthcheck +SERVER_PORTS="" # ports : 80,443 +HEALTH_ENDPOINTS="" # url endpoints: [http://localhost/health,http://localhost/test] +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional +PHP_INI_DIR="${PHP_INI_DIR:-$(__find_php_ini)}" +PHP_BIN_DIR="${PHP_BIN_DIR:-$(__find_php_bin)}" +HTTPD_CONFIG_FILE="${HTTPD_CONFIG_FILE:-$(__find_httpd_conf)}" +NGINX_CONFIG_FILE="${NGINX_CONFIG_FILE:-$(__find_nginx_conf)}" +MYSQL_CONFIG_FILE="${MYSQL_CONFIG_FILE:-$(__find_mysql_conf)}" +PGSQL_CONFIG_FILE="${PGSQL_CONFIG_FILE:-$(__find_pgsql_conf)}" +MONGODB_CONFIG_FILE="${MONGODB_CONFIG_FILE:-$(__find_mongodb_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Overwrite variables + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__run_message() { + + return +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# variables based on env/files +[ "$SERVICE_PORT" = "443" ] && SSL_ENABLED="true" +[ -f "/config/enable/ssl" ] && SSL_ENABLED="true" +[ -f "/config/enable/ssh" ] && SSH_ENABLED="true" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# export variables + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# is already Initialized +[ -f "$ENTRYPOINT_DATA_INIT_FILE" ] && DATA_DIR_INITIALIZED="true" || DATA_DIR_INITIALIZED="false" +[ -f "$ENTRYPOINT_CONFIG_INIT_FILE" ] && CONFIG_DIR_INITIALIZED="true" || CONFIG_DIR_INITIALIZED="false" +{ [ -f "$ENTRYPOINT_PID_FILE" ] || [ -f "$ENTRYPOINT_INIT_FILE" ]; } && ENTRYPOINT_FIRST_RUN="no" || ENTRYPOINT_FIRST_RUN="true" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Default directories +BACKUP_DIR="${BACKUP_DIR:-/data/backups}" +LOCAL_BIN_DIR="${LOCAL_BIN_DIR:-/usr/local/bin}" +WWW_ROOT_DIR="${WWW_ROOT_DIR:-/usr/share/webapps}" +DEFAULT_DATA_DIR="${DEFAULT_DATA_DIR:-/usr/local/share/template-files/data}" +DEFAULT_CONF_DIR="${DEFAULT_CONF_DIR:-/usr/local/share/template-files/config}" +DEFAULT_TEMPLATE_DIR="${DEFAULT_TEMPLATE_DIR:-/usr/local/share/template-files/defaults}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Rewrite base on env +WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir +WWW_ROOT_DIR="${WWW_DIR:-$WWW_ROOT_DIR}" # set default web dir +DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# clean ENV_PORTS variables +ENV_PORTS="${ENV_PORTS//,/ }" # +ENV_PORTS="${ENV_PORTS//\/*/}" # +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# clean SERVER_PORTS variables +SERVER_PORTS="${SERVER_PORTS//,/ }" # +SERVER_PORTS="${SERVER_PORTS//\/*/}" # +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# clean WEB_SERVER_PORTS variables +WEB_SERVER_PORTS="${SERVICE_PORT//\/*/}" # +WEB_SERVER_PORTS="${WEB_SERVER_PORTS//\/*/}" # +WEB_SERVER_PORTS="${SERVICE_PORT//,/ } ${WEB_SERVER_PORTS//,/ }" # +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# rewrite and merge variables +ENV_PORTS="$(echo "$ENV_PORTS" | tr ' ' '\n' | sort -u | grep -v '^$' | tr '\n' ' ' | grep '^' || false)" +WEB_SERVER_PORTS="$(echo "$WEB_SERVER_PORTS" | tr ' ' '\n' | sort -u | grep -v '^$' | tr '\n' ' ' | grep '^' || false)" +ENV_PORTS="$(echo "$SERVER_PORTS" "$WEB_SERVER_PORTS" "$ENV_PORTS" "$SERVER_PORTS" | tr ' ' '\n' | sort -u | grep -v '^$' | tr '\n' ' ' | grep '^' || false)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# +HEALTH_ENDPOINTS="${HEALTH_ENDPOINTS//,/ }" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create required directories +mkdir -p "/run" +mkdir -p "/tmp" +mkdir -p "/root" +mkdir -p "/var/run" +mkdir -p "/var/tmp" +mkdir -p "/run/cron" +mkdir -p "/data/logs" +mkdir -p "/run/init.d" +mkdir -p "/config/enable" +mkdir -p "/config/secure" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create required files +touch "/data/logs/entrypoint.log" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# fix permissions +chmod -f 777 "/run" +chmod -f 777 "/tmp" +chmod -f 700 "/root" +chmod -f 777 "/var/run" +chmod -f 777 "/var/tmp" +chmod -f 777 "/run/cron" +chmod -f 777 "/data/logs" +chmod -f 777 "/run/init.d" +chmod -f 666 "/dev/stderr" +chmod -f 666 "/dev/stdout" +chmod -f 777 "/config/enable" +chmod -f 777 "/config/secure" +chmod -f 777 "/data/logs/entrypoint.log" +################## END OF CONFIGURATION ##################### +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Create the backup dir +[ -n "$BACKUP_DIR" ] && { [ -d "$BACKUP_DIR" ] || mkdir -p "$BACKUP_DIR"; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ "$ENTRYPOINT_FIRST_RUN" != "no" ]; then + # Show start message + if [ "$CONFIG_DIR_INITIALIZED" = "false" ] || [ "$DATA_DIR_INITIALIZED" = "false" ]; then + [ "$ENTRYPOINT_MESSAGE" = "yes" ] && echo "Executing entrypoint script for couchdb" + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Set reusable variables + { { [ -w "/etc" ] && [ ! -e "/etc/hosts" ]; } || [ -w "/etc/hosts" ]; } && UPDATE_FILE_HOSTS="true" + { { [ -w "/etc" ] && [ ! -e "/etc/timezone" ]; } || [ -w "/etc/timezone" ]; } && UPDATE_FILE_TZ="true" + { { [ -w "/etc" ] && [ ! -e "/etc/resolv.conf" ]; } || [ -w "/etc/resolv.conf" ]; } && UPDATE_FILE_RESOLV="true" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Set timezone + [ -n "$TZ" ] && [ "$UPDATE_FILE_TZ" = "true" ] && echo "$TZ" >"/etc/timezone" + [ -f "/usr/share/zoneinfo/$TZ" ] && [ "$UPDATE_FILE_TZ" = "true" ] && ln -sf "/usr/share/zoneinfo/$TZ" "/etc/localtime" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # if ipv6 add it to /etc/hosts + if [ "$UPDATE_FILE_HOSTS" = "true" ]; then + echo "# known hostname mappings" >"/etc/hosts" + if [ -n "$(ip a 2>/dev/null | grep 'inet6.*::' || ifconfig 2>/dev/null | grep 'inet6.*::')" ]; then + echo "127.0.0.1 localhost" >>"/etc/hosts" + echo "::1 localhost" >>"/etc/hosts" + else + echo "127.0.0.1 localhost" >>"/etc/hosts" + fi + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # add .home domain + if [ "$UPDATE_FILE_HOSTS" = "true" ] && [ -n "$HOSTNAME" ]; then + __grep_test " $HOSTNAME" "/etc/hosts" || echo "${CONTAINER_IP4_ADDRESS:-127.0.0.1} $HOSTNAME" >>"/etc/hosts" + __grep_test " ${HOSTNAME%%.*}.home" "/etc/hosts" || echo "${CONTAINER_IP4_ADDRESS:-127.0.0.1} ${HOSTNAME%%.*}.home" >>"/etc/hosts" + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # add domainname + if [ "$UPDATE_FILE_HOSTS" = "true" ] && [ "$DOMAINNAME" != "home" ] && [ -n "$DOMAINNAME" ] && [ "$HOSTNAME.$DOMAINNAME" != "$DOMAINNAME" ]; then + __grep_test " $HOSTNAME.$DOMAINNAME" "/etc/hosts" || echo "${CONTAINER_IP4_ADDRESS:-127.0.0.1} $HOSTNAME.$DOMAINNAME" >>"/etc/hosts" + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Set containers hostname + [ -n "$HOSTNAME" ] && [ "$UPDATE_FILE_HOSTS" = "true" ] && echo "$HOSTNAME" >"/etc/hostname" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Set containers hostname with domain + [ -n "$DOMAINNAME" ] && [ "$UPDATE_FILE_HOSTS" = "true" ] && echo "$HOSTNAME.$DOMAINNAME" >"/etc/hostname" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + if [ -f "/etc/hostname" ]; then + [ -n "$(type -P hostname)" ] && hostname -F "/etc/hostname" &>/dev/null || HOSTNAME="$(<"/etc/hostname")" + export HOSTNAME + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # import hosts file into container + [ -f "/usr/local/etc/hosts" ] && [ "$UPDATE_FILE_HOSTS" = "true" ] && cat "/usr/local/etc/hosts" | grep -vF "$HOSTNAME" >>"/etc/hosts" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # import resolv.conf file into container + [ "$CUSTOM_DNS" != "true" ] && [ -f "/usr/local/etc/resolv.conf" ] && [ "$UPDATE_FILE_RESOLV" = "true" ] && cat "/usr/local/etc/resolv.conf" >"/etc/resolv.conf" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + if [ -d "/usr/local/etc/skel" ]; then + cp -Rf "/usr/local/etc/skel/." "$HOME/" + fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Delete any .gitkeep files +[ -d "/data" ] && rm -Rf "/data/.gitkeep" "/data"/*/*.gitkeep +[ -d "/config" ] && rm -Rf "/config/.gitkeep" "/config"/*/*.gitkeep +[ -f "/usr/local/bin/.gitkeep" ] && rm -Rf "/usr/local/bin/.gitkeep" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Setup bin directory +__initialize_custom_bin_dir +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Copy default config +__initialize_default_templates +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Copy custom config files +__initialize_config_dir +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Copy custom data files +__initialize_data_dir +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Replace variables before copying to system +__initialize_replace_variables "/config" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Copy /config to /etc +__initialize_system_etc +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Copy html files +__initialize_www_root +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__initialize_ssl_certs +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# run pre-execute function +__run_pre "$@" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ -f "$ENTRYPOINT_PID_FILE" ] || [ -f "$ENTRYPOINT_INIT_FILE" ]; then + START_SERVICES="no" + ENTRYPOINT_MESSAGE="no" + ENTRYPOINT_FIRST_RUN="no" + touch "$ENTRYPOINT_PID_FILE" +elif [ -d "/config" ]; then + echo "$$" >"$ENTRYPOINT_PID_FILE" + echo "Initialized on: $INIT_DATE" >"$ENTRYPOINT_INIT_FILE" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Check if this is a new container +if [ -f "$ENTRYPOINT_DATA_INIT_FILE" ]; then + DATA_DIR_INITIALIZED="true" +elif [ -d "/data" ]; then + echo "Initialized on: $INIT_DATE" >"$ENTRYPOINT_DATA_INIT_FILE" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ -f "$ENTRYPOINT_CONFIG_INIT_FILE" ]; then + CONFIG_DIR_INITIALIZED="true" +elif [ -d "/config" ]; then + echo "Initialized on: $INIT_DATE" >"$ENTRYPOINT_CONFIG_INIT_FILE" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ "$ENTRYPOINT_FIRST_RUN" != "no" ]; then + # setup the smtp server + __setup_mta +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ "$ENTRYPOINT_MESSAGE" = "yes" ] && echo "Container ip address is: $CONTAINER_IP4_ADDRESS" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Show configured listing processes +if [ "$ENTRYPOINT_MESSAGE" = "yes" ] && [ -n "$ENV_PORTS" ]; then + show_port="" + for port in $ENV_PORTS; do [ -n "$port" ] && show_port+="$(printf '%s ' "${port// /}") "; done + printf '%s\n' "The following ports are open: $show_port" + unset port show_port +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Show message +__run_message +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# execute init script +if [ -f "/tmp/init" ]; then sh "/tmp/init"; fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Just start services +START_SERVICES="${START_SERVICES:-SYSTEM_INIT}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Begin options +case "$1" in +--help) # Help message + echo 'Docker container for '$APPNAME'' + echo "Usage: $APPNAME [cron exec start init shell certbot ssl procs ports healthcheck backup command]" + echo "" + exit 0 + ;; + +init) + shift 1 + echo "Container has been Initialized" + exit 0 + ;; + +cron) + shift 1 + __cron "$@" & + ;; + +backup) # backup data and config dirs + shift 1 + save="${1:-$BACKUP_DIR}" + backupExit=0 + date="$(date '+%Y%m%d-%H%M')" + file="$save/$date.tar.gz" + echo "Backing up /data /config to $file" + sleep 1 + tar cfvz "$file" --exclude="$save" "/data" "/config" || backupExit=1 + backupExit=$? + [ $backupExit -eq 0 ] && echo "Backed up /data /config has finished" || echo "Backup of /data /config has failed" + exit $backupExit + ;; + +healthcheck) # Docker healthcheck + healthStatus=0 + services="${SERVICES_LIST:-$@}" + healthEnabled="${HEALTH_ENABLED:-}" + healthPorts="${WEB_SERVER_PORTS:-}" + healthEndPoints="${HEALTH_ENDPOINTS:-}" + healthMessage="Everything seems to be running" + services="${services//,/ }" + [ "$healthEnabled" = "yes" ] || exit 0 + for proc in $services; do + if [ -n "$proc" ]; then + if ! __pgrep "$proc"; then + echo "$proc is not running" >&2 + healthStatus=$((healthStatus + 1)) + fi + fi + done + for port in $ports; do + if [ -n "$(type -P netstat)" ] && [ -n "$port" ]; then + netstat -taupln | grep -q ":$port " || healthStatus=$((healthStatus + 1)) + fi + done + for endpoint in $healthEndPoints; do + if [ -n "$endpoint" ]; then + __curl "$endpoint" || healthStatus=$((healthStatus + 1)) + fi + done + [ "$healthStatus" -eq 0 ] || healthMessage="Errors reported see: docker logs --follow $CONTAINER_NAME" + [ -n "$healthMessage" ] && echo "$healthMessage" + exit $healthStatus + ;; + +ports) # show open ports + shift 1 + ports="$(__netstat -taupln | awk -F ' ' '{print $4}' | awk -F ':' '{print $2}' | sort --unique --version-sort | grep -v '^$' | grep '^' || echo '')" + [ -n "$ports" ] && printf '%s\n%s\n' "The following are servers:" "$ports" | tr '\n' ' ' + exit $? + ;; + +procs) # show running processes + shift 1 + ps="$(__ps axco command | grep -vE 'COMMAND|grep|ps' | sort -u || grep '^' || echo '')" + [ -n "$ps" ] && printf '%s\n%s\n' "Found the following processes" "$ps" | tr '\n' ' ' + exit $? + ;; + +ssl) # setup ssl + shift 1 + __create_ssl_cert + exit $? + ;; + +certbot) # manage ssl certificate + shift 1 + CERT_BOT_ENABLED="true" + if [ "$1" = "create" ]; then + shift 1 + __certbot "create" + elif [ "$1" = "renew" ]; then + shift 1 + __certbot "renew certonly --force-renew" + else + __exec_command "certbot" "$@" + fi + exit $? + ;; + +*/bin/sh | */bin/bash | bash | sh | shell) # Launch shell + shift 1 + __exec_command "${@:-/bin/bash}" + exit $? + ;; + +exec) # execute commands + shift 1 + __exec_command "${@:-exit}" + ;; + +start) # show/start init scripts + shift 1 + PATH="/usr/local/etc/docker/init.d:$PATH" + if [ $# -eq 0 ]; then + scripts="$(ls -A "/usr/local/etc/docker/init.d")" + [ -n "$scripts" ] && echo "$scripts" || echo "No scripts found in: /usr/local/etc/docker/init.d" + elif [ "$1" = "all" ]; then + shift $# + echo "$$" >"/run/init.d/entrypoint.pid" + __start_init_scripts "/usr/local/etc/docker/init.d" + elif [ -f "/usr/local/etc/docker/init.d/$1" ]; then + eval "/usr/local/etc/docker/init.d/$1" + fi + __no_exit + ;; + +*) # Execute primary command + if [ $# -eq 0 ]; then + if [ "$START_SERVICES" = "yes" ] || [ ! -f "/run/init.d/entrypoint.pid" ]; then + echo "$$" >"/run/init.d/entrypoint.pid" + __start_init_scripts "/usr/local/etc/docker/init.d" + __no_exit + fi + else + __exec_command "$@" + fi + ;; +esac +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# end of entrypoint +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + +# ex: ts=2 sw=2 et filetype=sh diff --git a/rootfs/usr/local/bin/pkmgr b/rootfs/usr/local/bin/pkmgr new file mode 100755 index 0000000..f8addb5 --- /dev/null +++ b/rootfs/usr/local/bin/pkmgr @@ -0,0 +1,121 @@ +#!/usr/bin/env sh +# shellcheck shell=sh +# shellcheck disable=SC2016 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +set -e +[ -n "$_DEBUG" ] && set -x || { [ "$1" = "--debug" ]&& set -x && shift 1; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +USER_UID="$(id -u)" +USER_GID="$(id -g)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ -f "/etc/pkmgr/options.conf" ] && . "/etc/pkmgr/options.conf" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ -x "$(command -v apt 2>/dev/null)" ]; then + export DEBIAN_FRONTEND=noninteractive + pkmgr_cmd="apt" + pkmgr_clean_cmd="$pkmgr_cmd clean" + pkmgr_mkcache_cmd="$pkmgr_cmd update" + pkmgr_update_cmd="$pkmgr_cmd upgrade -yy" + pkmgr_install_cmd="$pkmgr_cmd install -yy $PKMGR_OPTS" +elif [ -x "$(command -v apt-get 2>/dev/null)" ]; then + export DEBIAN_FRONTEND=noninteractive + pkmgr_cmd="apt-get" + pkmgr_clean_cmd="$pkmgr_cmd clean" + pkmgr_mkcache_cmd="$pkmgr_cmd update" + pkmgr_update_cmd="$pkmgr_cmd upgrade -yy" + pkmgr_install_cmd="$pkmgr_cmd install -yy $PKMGR_OPTS" +elif [ -x "$(command -v dnf 2>/dev/null)" ]; then + pkmgr_cmd="dnf" + pkmgr_clean_cmd="$pkmgr_cmd clean all" + pkmgr_mkcache_cmd="$pkmgr_cmd makecache" + pkmgr_update_cmd="$pkmgr_cmd update -y --skip-broken $PKMGR_OPTS" + pkmgr_install_cmd="$pkmgr_cmd install -y --skip-broken $PKMGR_OPTS" +elif [ -x "$(command -v yum 2>/dev/null)" ]; then + pkmgr_cmd="yum" + pkmgr_clean_cmd="$pkmgr_cmd clean all" + pkmgr_mkcache_cmd="$pkmgr_cmd makecache" + pkmgr_update_cmd="$pkmgr_cmd update -y --skip-broken $PKMGR_OPTS" + pkmgr_install_cmd="$pkmgr_cmd install -y --skip-broken $PKMGR_OPTS" +elif [ -n "$(command -v pacman 2>/dev/null)" ]; then + pkmgr_cmd="pacman" + pkmgr_mkcache_cmd="true" + pkmgr_clean_cmd="$pkmgr_cmd -Scc --noconfirm" + pkmgr_update_cmd="$pkmgr_cmd -Syyu --noconfirm $PKMGR_OPTS" + pkmgr_install_cmd="$pkmgr_cmd -Syy --noconfirm $PKMGR_OPTS" +elif [ -x "$(command -v apk 2>/dev/null)" ]; then + pkmgr_cmd="apk" + pkmgr_mkcache_cmd="true" + pkmgr_clean_cmd="$pkmgr_cmd cache clean" + pkmgr_update_cmd="$pkmgr_cmd -U upgrade --no-cache $PKMGR_OPTS" + pkmgr_install_cmd="$pkmgr_cmd add --no-cache $PKMGR_OPTS" +elif [ -x "$(command -v zypper 2>/dev/null)" ]; then + pkmgr_cmd="zypper" + pkmgr_mkcache_cmd="true" + pkmgr_clean_cmd="$pkmgr_cmd clean --all" + pkmgr_update_cmd="$pkmgr_cmd update -y $PKMGR_OPTS" + pkmgr_install_cmd="$pkmgr_cmd install -y $PKMGR_OPTS" +else + pkmgr_cmd="true" + pkmgr_mkcache_cmd="$pkmgr_cmd" + pkmgr_clean_cmd="$pkmgr_cmd" + pkmgr_update_cmd="$pkmgr_cmd" + pkmgr_install_cmd="$pkmgr_cmd" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ -f "/config/pkmgr/settings.conf" ]; then + . "/config/pkmgr/settings.conf" +elif [ -f "/etc/pkmgr/settings.conf" ]; then + . "/etc/pkmgr/settings.conf" +else +mkdir -p "/config/pkmgr" +cat <"/config/pkmgr/settings.conf" +pkmgr_cmd="$pkmgr_cmd" +pkmgr_clean_cmd="$pkmgr_clean_cmd" +pkmgr_update_cmd="$pkmgr_update_cmd" +pkmgr_install_cmd="$pkmgr_install_cmd" +pkmgr_mkcache_cmd="$pkmgr_mkcache_cmd" +EEOF +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ -n "$pkmgr_cmd" ] || { echo "Can not determine the package manager" && exit 1; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +case "$1" in +update | upgrade) + shift $# + [ "$USER_UID" -eq 0 ] || [ "$USER" = "root" ] || pkmgr_update_cmd="sudo $pkmgr_install_cmd" + echo "Updating packages command: $pkmgr_update_cmd" + $pkmgr_mkcache_cmd;$pkmgr_update_cmd + exit $? +;; +clean) + shift $# + [ -n "$1" ] || exit 0 + [ "$USER_UID" -eq 0 ] || [ "$USER" = "root" ] || pkmgr_clean_cmd="sudo $pkmgr_clean_cmd" + echo "Cleaning package cache: $pkmgr_clean_cmd" + $pkmgr_clean_cmd + exit $? +;; +install) + shift 1 + [ -n "$1" ] || exit 0 + [ "$USER_UID" -eq 0 ] || [ "$USER" = "root" ] || pkmgr_install_cmd="sudo $pkmgr_install_cmd" + if [ -f "$1" ]; then + install_list="$(cat "$1")" + echo 'installing packages from file with command: '$pkmgr_install_cmd' "$(<"$1")"' + else + install_list="$*" + echo "installing packages command: $pkmgr_install_cmd $install_list" + fi + $pkmgr_install_cmd $install_list + exit $? +;; +*) + [ -n "$1" ] || exit 0 + [ "$USER_UID" -eq 0 ] || [ "$USER" = "root" ] || pkmgr_cmd="sudo $pkmgr_cmd" + echo "executing packages command: $pkmgr_cmd $*" + $pkmgr_cmd "$@" + exit $? +;; +esac +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# end diff --git a/rootfs/usr/local/etc/docker/env/00-directory.sh b/rootfs/usr/local/etc/docker/env/00-directory.sh new file mode 100644 index 0000000..27818af --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/00-directory.sh @@ -0,0 +1,10 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# directory settings +WWW_ROOT_DIR="${WWW_ROOT_DIR:-}" +BACKUP_DIR="${BACKUP_DIR:-/data/backups}" +LOCAL_BIN_DIR="${LOCAL_BIN_DIR:-/usr/local/bin}" +DATABASE_BASE_DIR="${DATABASE_BASE_DIR:-/data/db}" +DEFAULT_DATA_DIR="${DEFAULT_DATA_DIR:-/usr/local/share/template-files/data}" +DEFAULT_CONF_DIR="${DEFAULT_CONF_DIR:-/usr/local/share/template-files/config}" +DEFAULT_TEMPLATE_DIR="${DEFAULT_TEMPLATE_DIR:-/usr/local/share/template-files/defaults}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/addresses.sh b/rootfs/usr/local/etc/docker/env/addresses.sh new file mode 100644 index 0000000..695428c --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/addresses.sh @@ -0,0 +1,5 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# get ip addresses +CONTAINER_IP4_ADDRESS="${CONTAINER_IP4_ADDRESS:-$(__get_ip4)}" +CONTAINER_IP6_ADDRESS="${CONTAINER_IP6_ADDRESS:-$(__get_ip6)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/certbot.sh b/rootfs/usr/local/etc/docker/env/certbot.sh new file mode 100644 index 0000000..8bdfb4a --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/certbot.sh @@ -0,0 +1,6 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# cerbot +CERT_BOT_MAIL="${CERT_BOT_MAIL:-}" +CERTBOT_DOMAINS="${CERTBOT_DOMAINS:-}" +CERT_BOT_ENABLED="${CERT_BOT_ENABLED:-false}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/couchdb.sh b/rootfs/usr/local/etc/docker/env/couchdb.sh new file mode 100644 index 0000000..3fa12c4 --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/couchdb.sh @@ -0,0 +1,7 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# couchdb env +NODENAME="${NODENAME:-}" +COUCHDB_USER="${DATABASE_USER_ROOT:-$COUCHDB_USER}" +COUCHDB_PASSWORD="${DATABASE_PASS_ROOT:-$COUCHDB_PASSWORD}" +DATABASE_DIR_COUCHDB="${DATABASE_DIR_COUCHDB:-/data/db/couchdb}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/default.sample b/rootfs/usr/local/etc/docker/env/default.sample new file mode 100644 index 0000000..b131965 --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/default.sample @@ -0,0 +1,135 @@ +#!/usr/bin/env bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import the functions file +if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then + . "/usr/local/etc/docker/functions/entrypoint.sh" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# GLOBAL enviroment variables +USER="${USER:-root}" +LANG="${LANG:-C.UTF-8}" +TZ="${TZ:-America/New_York}" +SERVICE_USER="${SERVICE_USER:-root}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# directory settings +BACKUP_DIR="${BACKUP_DIR:-/data/backups}" +WWW_ROOT_DIR="${WWW_ROOT_DIR:-/usr/share/webapps/couchdb}" +LOCAL_BIN_DIR="${LOCAL_BIN_DIR:-/usr/local/bin}" +DATABASE_BASE_DIR="${DATABASE_BASE_DIR:-/data/db}" +DEFAULT_DATA_DIR="${DEFAULT_DATA_DIR:-/usr/local/share/template-files/data}" +DEFAULT_CONF_DIR="${DEFAULT_CONF_DIR:-/usr/local/share/template-files/config}" +DEFAULT_TEMPLATE_DIR="${DEFAULT_TEMPLATE_DIR:-/usr/local/share/template-files/defaults}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# healthcheck +HEALTH_ENABLED="${HEALTH_ENABLED:-}" +HEALTH_URL="${HEALTH_URL:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# php settings +PHP_VERSION="${PHP_VERSION//php/}" +PHP_INI_DIR="${PHP_INI_DIR:-$(__find_php_ini)}" +PHP_BIN_DIR="${PHP_BIN_DIR:-$(__find_php_bin)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# services/ports +ENV_PORTS="${ENV_PORTS:-}" +SERVICE_PORT="${SERVICE_PORT:-$PORT}" +WEB_SERVER_PORTS="${WEB_SERVER_PORTS:-}" +SERVICES_LIST="${PROCS_LIST:-$SERVICES_LIST} " +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# networing info +HOSTNAME="${HOSTNAME:-casjaysdev-GEN_SCRIPT_REPLACE_APPNAME}" +DOMAINNAME="${DOMAINNAME:-}" +FULL_DOMAIN_NAME="${FULL_DOMAIN_NAME:-${DOMAINNAME:-$HOSTNAME}}" +SERVER_ADMIN="${SERVER_ADMIN:-root@${EMAIL_DOMAIN:-$DOMAINNAME}}" +EMAIL_RELAY="${EMAIL_RELAY:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# get ip addresses +CONTAINER_IP4_ADDRESS="${CONTAINER_IP4_ADDRESS:-$(__get_ip4)}" +CONTAINER_IP6_ADDRESS="${CONTAINER_IP6_ADDRESS:-$(__get_ip6)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# cerbot +CERT_BOT_MAIL="${CERT_BOT_MAIL:-}" +CERTBOT_DOMAINS="${CERTBOT_DOMAINS:-}" +CERT_BOT_ENABLED="${CERT_BOT_ENABLED:-false}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# ssl server settings +SSL_ENABLED="${SSL_ENABLED:-false}" +SSL_DIR="${SSL_DIR:-/config/ssl}" +SSL_CA="${SSL_CA:-$SSL_DIR/ca.crt}" +SSL_KEY="${SSL_KEY:-$SSL_DIR/server.key}" +SSL_CERT="${SSL_CERT:-$SSL_DIR/server.crt}" +SSL_CONTAINER_DIR="${SSL_CONTAINER_DIR:-/etc/ssl/CA}" +COUNTRY="${COUNTRY:-US}" +STATE="${STATE:-NY}" +CITY="${CITY:-Albany}" +UNIT="${UNIT:-CasjaysDev}" +ORG="${ORG:-"Casjays Developments"}" +DAYS_VALID="${DAYS_VALID:-3650}" +RSA="${RSA:-4096}" +CN="${CN:-$FULL_DOMAIN_NAME}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# web server configs +HTTPD_CONFIG_FILE="${HTTPD_CONFIG_FILE:-$(__find_httpd_conf)}" +NGINX_CONFIG_FILE="${NGINX_CONFIG_FILE:-$(__find_nginx_conf)}" +LIGHTTPD_CONFIG_FILE="${LIGHTTPD_CONFIG_FILE:-$(__find_lighttpd_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# redis env +DATABASE_DIR_REDIS="${DATABASE_DIR_REDIS:-$DATABASE_BASE_DIR/redis}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# postgresql env +DATABASE_DIR_PGSQL="${DATABASE_DIR_PGSQL:-$PGDATA}" +PGDATA="${DATABASE_DIR_PGSQL:-$DATABASE_BASE_DIR/pgsql}" +POSTGRES_USER="${DATABASE_USER_ROOT:-$POSTGRES_USER}" +POSTGRES_PASSWORD="${DATABASE_PASS_ROOT:-$POSTGRES_PASSWORD}" +POSTGRES_CONFIG_FILE="${POSTGRES_CONFIG_FILE:-$(__find_pgsql_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# mariadb env +MARIADB_ROOT_HOST="${MARIADB_ROOT_HOST:-%}" +MARIADB_AUTO_UPGRADE="${MARIADB_AUTO_UPGRADE:-yes}" +MARIADB_DATABASE="${DATABASE_CREATE:-$MARIADB_DATABASE}" +MARIADB_USER="${DATABASE_USER_NORMAL:-$MARIADB_USER}" +MARIADB_PASSWORD="${DATABASE_PASS_NORMAL:-$MARIADB_PASSWORD}" +DATABASE_DIR_MARIADB="${DATABASE_DIR_MARIADB:-$DATABASE_BASE_DIR/mysql}" +MARIADB_ROOT_PASSWORD="${DATABASE_PASS_ROOT:-$MARIADB_ROOT_PASSWORD}" +MARIADB_ALLOW_EMPTY_ROOT_PASSWORD="${MARIADB_ALLOW_EMPTY_ROOT_PASSWORD:-}" +MARIADB_INITDB_SKIP_TZINFO="${MARIADB_INITDB_SKIP_TZINFO}:-" +MARIADB_RANDOM_ROOT_PASSWORD="${MARIADB_RANDOM_ROOT_PASSWORD:-}" +MARIADB_CONFIG_FILE="${MARIADB_CONFIG_FILE:-$(__find_mysql_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# mongodb env +NITDB_ROOT_USERNAME="${DATABASE_USER_ROOT:-$NITDB_ROOT_USERNAME}" +DATABASE_DIR_MONGODB="${DATABASE_DIR_MONGODB:-$DATABASE_BASE_DIR/mongodb}" +MONGO_INITDB_ROOT_PASSWORD="${DATABASE_PASS_ROOT:-$MONGO_INITDB_ROOT_PASSWORD}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# couchdb env +NODENAME="${NODENAME:-}" +COUCHDB_USER="${DATABASE_USER_ROOT:-$COUCHDB_USER}" +COUCHDB_PASSWORD="${DATABASE_PASS_ROOT:-$COUCHDB_PASSWORD}" +DATABASE_DIR_COUCHDB="${DATABASE_DIR_COUCHDB:-$DATABASE_BASE_DIR/couchdb}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Supabase +DATABASE_DIR_SUPABASE="${DATABASE_DIR_SUPABASE:-$DATABASE_BASE_DIR/supabase}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# docker env +DOCKER_HOST="unix://var/run/docker.sock" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# File locations +ENTRYPOINT_PID_FILE="${ENTRYPOINT_PID_FILE:-/run/init.d/entrypoint.pid}" +ENTRYPOINT_INIT_FILE="${ENTRYPOINT_INIT_FILE:-/config/.entrypoint.done}" +ENTRYPOINT_DATA_INIT_FILE="${ENTRYPOINT_DATA_INIT_FILE:-/data/.docker_has_run}" +ENTRYPOINT_CONFIG_INIT_FILE="${ENTRYPOINT_CONFIG_INIT_FILE:-/config/.docker_has_run}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Startup variables +INIT_DATE="${INIT_DATE:-$(date)}" +START_SERVICES="${START_SERVICES:-yes}" +ENTRYPOINT_MESSAGE="${ENTRYPOINT_MESSAGE:-yes}" +ENTRYPOINT_FIRST_RUN="${ENTRYPOINT_FIRST_RUN:-yes}" +DATA_DIR_INITIALIZED="${DATA_DIR_INITIALIZED:-false}" +CONFIG_DIR_INITIALIZED="${CONFIG_DIR_INITIALIZED:-false}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ -f "$ENTRYPOINT_PID_FILE" ] || [ -f "$ENTRYPOINT_INIT_FILE" ]; + then START_SERVICES="no" ENTRYPOINT_MESSAGE="no" ENTRYPOINT_FIRST_RUN="no" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/dockerd.sh b/rootfs/usr/local/etc/docker/env/dockerd.sh new file mode 100644 index 0000000..a93d690 --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/dockerd.sh @@ -0,0 +1,4 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# docker env +DOCKER_HOST="${DOCKER_HOST:-unix://var/run/docker.sock}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/global.sh b/rootfs/usr/local/etc/docker/env/global.sh new file mode 100644 index 0000000..da547a3 --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/global.sh @@ -0,0 +1,8 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# GLOBAL enviroment variables +USER="${USER:-root}" +LANG="${LANG:-C.UTF-8}" +TZ="${TZ:-America/New_York}" +SERVICE_USER="${SERVICE_USER:-root}" +ENV_PORTS="${ENV_PORTS//\/*/}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/healthcheck.sh b/rootfs/usr/local/etc/docker/env/healthcheck.sh new file mode 100644 index 0000000..0dd7d39 --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/healthcheck.sh @@ -0,0 +1,5 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# healthcheck +HEALTH_ENABLED="${HEALTH_ENABLED:-}" +HEALTH_URL="${HEALTH_URL:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/mariadb.sh b/rootfs/usr/local/etc/docker/env/mariadb.sh new file mode 100644 index 0000000..32108ca --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/mariadb.sh @@ -0,0 +1,14 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# mariadb env +MARIADB_ROOT_HOST="${MARIADB_ROOT_HOST:-%}" +MARIADB_AUTO_UPGRADE="${MARIADB_AUTO_UPGRADE:-yes}" +MARIADB_DATABASE="${DATABASE_CREATE:-$MARIADB_DATABASE}" +MARIADB_USER="${DATABASE_USER_NORMAL:-$MARIADB_USER}" +MARIADB_PASSWORD="${DATABASE_PASS_NORMAL:-$MARIADB_PASSWORD}" +DATABASE_DIR_MARIADB="${DATABASE_DIR_MARIADB:-/data/db/mariadb}" +MARIADB_ROOT_PASSWORD="${DATABASE_PASS_ROOT:-$MARIADB_ROOT_PASSWORD}" +MARIADB_ALLOW_EMPTY_ROOT_PASSWORD="${MARIADB_ALLOW_EMPTY_ROOT_PASSWORD:-}" +MARIADB_INITDB_SKIP_TZINFO="${MARIADB_INITDB_SKIP_TZINFO}:-" +MARIADB_RANDOM_ROOT_PASSWORD="${MARIADB_RANDOM_ROOT_PASSWORD:-}" +MARIADB_CONFIG_FILE="${MARIADB_CONFIG_FILE:-$(__find_mysql_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/mongodb.sh b/rootfs/usr/local/etc/docker/env/mongodb.sh new file mode 100644 index 0000000..8e014de --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/mongodb.sh @@ -0,0 +1,20 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# mongodb env +DATABASE_DIR_MONGODB="${DATABASE_DIR_MONGODB:-/data/db/mongodb}" +INITDB_ROOT_USERNAME="${DATABASE_USER_ROOT:-$INITDB_ROOT_USERNAME}" +MONGO_INITDB_ROOT_PASSWORD="${DATABASE_PASS_ROOT:-$MONGO_INITDB_ROOT_PASSWORD}" +ME_CONFIG_EDITORTHEME="${ME_CONFIG_EDITORTHEME:-dracula}" +ME_CONFIG_MONGODB_URL="${ME_CONFIG_MONGODB_URL:-mongodb://127.0.0.1:27017}" +ME_CONFIG_MONGODB_ENABLE_ADMIN="${ME_CONFIG_MONGODB_ENABLE_ADMIN:-true}" +ME_CONFIG_BASICAUTH_USERNAME="${ME_CONFIG_BASICAUTH_USERNAME:-}" +ME_CONFIG_BASICAUTH_PASSWORD="${ME_CONFIG_BASICAUTH_PASSWORD:-}" +ME_CONFIG_BASICAUTH_USERNAME_FILE="${ME_CONFIG_BASICAUTH_USERNAME_FILE:-}" +ME_CONFIG_BASICAUTH_PASSWORD_FILE="${ME_CONFIG_BASICAUTH_PASSWORD_FILE:-}" +ME_CONFIG_MONGODB_ADMINUSERNAME_FILE="${ME_CONFIG_MONGODB_ADMINUSERNAME_FILE:-}" +ME_CONFIG_MONGODB_ADMINPASSWORD_FILE="${ME_CONFIG_MONGODB_ADMINPASSWORD_FILE:-}" +ME_CONFIG_MONGODB_AUTH_USERNAME_FILE="${ME_CONFIG_MONGODB_AUTH_USERNAME_FILE:-}" +ME_CONFIG_MONGODB_AUTH_PASSWORD_FILE="${ME_CONFIG_MONGODB_AUTH_PASSWORD_FILE:-}" +ME_CONFIG_MONGODB_CA_FILE="${ME_CONFIG_MONGODB_CA_FILE:-}" +VCAP_APP_HOST="${VCAP_APP_HOST:-0.0.0.0}" +VCAP_APP_PORT="${VCAP_APP_PORT:-19054}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/networking.sh b/rootfs/usr/local/etc/docker/env/networking.sh new file mode 100644 index 0000000..4b5fdba --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/networking.sh @@ -0,0 +1,9 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# networing info +DOMAINNAME="${DOMAINNAME:-}" +EMAIL_RELAY="${EMAIL_RELAY:-}" +HOSTNAME="${HOSTNAME:-casjaysdev-GEN_SCRIPT_REPLACE_APPNAME}" +EMAIL_DOMAIN="${EMAIL_DOMAIN:-${DOMAINNAME:-$HOSTNAME}}" +FULL_DOMAIN_NAME="${FULL_DOMAIN_NAME:-${DOMAINNAME:-$HOSTNAME}}" +SERVER_ADMIN="${SERVER_ADMIN:-root@${EMAIL_DOMAIN:-$DOMAINNAME}}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/other.sh b/rootfs/usr/local/etc/docker/env/other.sh new file mode 100644 index 0000000..1a59689 --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/other.sh @@ -0,0 +1,4 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# other + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/php.sh b/rootfs/usr/local/etc/docker/env/php.sh new file mode 100644 index 0000000..a005543 --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/php.sh @@ -0,0 +1,6 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# php settings +PHP_VERSION="${PHP_VERSION//php/}" +PHP_INI_DIR="${PHP_INI_DIR:-$(__find_php_ini)}" +PHP_BIN_DIR="${PHP_BIN_DIR:-$(__find_php_bin)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/postgres.sh b/rootfs/usr/local/etc/docker/env/postgres.sh new file mode 100644 index 0000000..706117a --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/postgres.sh @@ -0,0 +1,8 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# postgresql env +PGDATA="${DATABASE_DIR_PGSQL:-$PGDATA}" +DATABASE_DIR_PGSQL="${DATABASE_DIR_PGSQL:-/data/db/pgsql}" +POSTGRES_USER="${DATABASE_USER_ROOT:-$POSTGRES_USER}" +POSTGRES_PASSWORD="${DATABASE_PASS_ROOT:-$POSTGRES_PASSWORD}" +POSTGRES_CONFIG_FILE="${POSTGRES_CONFIG_FILE:-$(__find_pgsql_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/redis.sh b/rootfs/usr/local/etc/docker/env/redis.sh new file mode 100644 index 0000000..805a14d --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/redis.sh @@ -0,0 +1,4 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# redis env +DATABASE_DIR_REDIS="${DATABASE_DIR_REDIS:-/data/db/redis}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/services.sh b/rootfs/usr/local/etc/docker/env/services.sh new file mode 100644 index 0000000..e330031 --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/services.sh @@ -0,0 +1,7 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# services/ports +ENV_PORTS="${ENV_PORTS:-}" +SERVICE_PORT="${SERVICE_PORT:-$PORT}" +WEB_SERVER_PORTS="${WEB_SERVER_PORTS:-}" +SERVICES_LIST="${PROCS_LIST:-$SERVICES_LIST} " +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/ssl.sh b/rootfs/usr/local/etc/docker/env/ssl.sh new file mode 100644 index 0000000..78b1686 --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/ssl.sh @@ -0,0 +1,19 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# ssl server settings +SSL_ENABLED="${SSL_ENABLED:-false}" +SSL_DIR="${SSL_CONTAINER_DIR:-/config/ssl}" +SSL_DIR="${SSL_DIR:-$SSL_DIR}" +SSL_CA="${SSL_CA:-$SSL_DIR/ca.crt}" +SSL_KEY="${SSL_KEY:-$SSL_DIR/server.key}" +SSL_CERT="${SSL_CERT:-$SSL_DIR/server.crt}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# certificate settings +RSA="${RSA:-4096}" +STATE="${STATE:-NY}" +CITY="${CITY:-Albany}" +COUNTRY="${COUNTRY:-US}" +UNIT="${UNIT:-CasjaysDev}" +ORG="${ORG:-"Casjays Developments"}" +DAYS_VALID="${DAYS_VALID:-3650}" +CN="${CN:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/supabase.sh b/rootfs/usr/local/etc/docker/env/supabase.sh new file mode 100644 index 0000000..f25a9ca --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/supabase.sh @@ -0,0 +1,4 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Supabase +DATABASE_DIR_SUPABASE="${DATABASE_DIR_SUPABASE:-/data/db/supabase}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/webservers.sh b/rootfs/usr/local/etc/docker/env/webservers.sh new file mode 100644 index 0000000..15ba1af --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/webservers.sh @@ -0,0 +1,8 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# web server configs +HTTPD_CONFIG_FILE="${HTTPD_CONFIG_FILE:-$(__find_httpd_conf)}" +NGINX_CONFIG_FILE="${NGINX_CONFIG_FILE:-$(__find_nginx_conf)}" +CADDY_CONFIG_FILE="${CHEROKEE_CONFIG_FILE:-$(__find_caddy_conf)}" +LIGHTTPD_CONFIG_FILE="${LIGHTTPD_CONFIG_FILE:-$(__find_lighttpd_conf)}" +CHEROKEE_CONFIG_FILE="${CHEROKEE_CONFIG_FILE:-$(__find_cherokee_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/zz-entrypoint.sh b/rootfs/usr/local/etc/docker/env/zz-entrypoint.sh new file mode 100644 index 0000000..cc9505b --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/zz-entrypoint.sh @@ -0,0 +1,21 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# File locations +ENTRYPOINT_PID_FILE="${ENTRYPOINT_PID_FILE:-/run/init.d/entrypoint.pid}" +ENTRYPOINT_INIT_FILE="${ENTRYPOINT_INIT_FILE:-/config/.entrypoint.done}" +ENTRYPOINT_DATA_INIT_FILE="${ENTRYPOINT_DATA_INIT_FILE:-/data/.docker_has_run}" +ENTRYPOINT_CONFIG_INIT_FILE="${ENTRYPOINT_CONFIG_INIT_FILE:-/config/.docker_has_run}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Startup variables +INIT_DATE="${INIT_DATE:-$(date)}" +START_SERVICES="${START_SERVICES:-yes}" +ENTRYPOINT_MESSAGE="${ENTRYPOINT_MESSAGE:-yes}" +ENTRYPOINT_FIRST_RUN="${ENTRYPOINT_FIRST_RUN:-yes}" +DATA_DIR_INITIALIZED="${DATA_DIR_INITIALIZED:-false}" +CONFIG_DIR_INITIALIZED="${CONFIG_DIR_INITIALIZED:-false}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Check if this is a new container +[ -f "$ENTRYPOINT_PID_FILE" ] && START_SERVICES="no" +[ -f "$ENTRYPOINT_CONFIG_INIT_FILE" ] && ENTRYPOINT_FIRST_RUN="no" +[ -f "$ENTRYPOINT_DATA_INIT_FILE" ] && DATA_DIR_INITIALIZED="true" +[ -f "$ENTRYPOINT_CONFIG_INIT_FILE" ] && CONFIG_DIR_INITIALIZED="true" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/functions/entrypoint.sh b/rootfs/usr/local/etc/docker/functions/entrypoint.sh new file mode 100644 index 0000000..ce28076 --- /dev/null +++ b/rootfs/usr/local/etc/docker/functions/entrypoint.sh @@ -0,0 +1,647 @@ +#!/usr/bin/env bash +# shellcheck shell=bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : GEN_SCRIPT_REPLACE_VERSION +# @@Author : GEN_SCRIPT_REPLACE_AUTHOR +# @@Contact : GEN_SCRIPT_REPLACE_EMAIL +# @@License : GEN_SCRIPT_REPLACE_LICENSE +# @@ReadME : docker-entrypoint +# @@Copyright : GEN_SCRIPT_REPLACE_COPYRIGHT +# @@Created : GEN_SCRIPT_REPLACE_DATE +# @@File : docker-entrypoint +# @@Description : GEN_SCRIPT_REPLACE_DESC +# @@Changelog : GEN_SCRIPT_REPLACE_CHANGELOG +# @@TODO : GEN_SCRIPT_REPLACE_TODO +# @@Other : GEN_SCRIPT_REPLACE_OTHER +# @@Resource : GEN_SCRIPT_REPLACE_RES +# @@Terminal App : GEN_SCRIPT_REPLACE_TERMINAL +# @@sudo/root : GEN_SCRIPT_REPLACE_SUDO +# @@Template : functions/docker-entrypoint +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__cd() { [ -d "$1" ] && builtin cd "$1" || return 1; } +__rm() { [ -n "$1" ] && [ -e "$1" ] && rm -Rf "${1:?}"; } +__grep_test() { grep -s "$1" "$2" | grep -qwF "${3:-$1}" || return 1; } +__netstat() { [ -f "$(type -P netstat)" ] && netstat "$@" || return 10; } +__curl() { curl -q -sfI --max-time 3 -k -o /dev/null "$@" &>/dev/null || return 10; } +__find() { find "$1" -mindepth 1 -type ${2:-f,d} 2>/dev/null | grep '^' || return 10; } +__is_dir_empty() { [ "$(ls -A "$1" 2>/dev/null | wc -l)" -eq 0 ] && return 0 || return 1; } +__pcheck() { [ -n "$(which pgrep 2>/dev/null)" ] && pgrep -o "$1" &>/dev/null || return 10; } +__file_exists_with_content() { [ -n "$1" ] && [ -f "$1" ] && [ -s "$1" ] && return 0 || return 2; } +__sed() { sed -i 's|'$1'|'$2'|g' "$3" &>/dev/null || sed -i "s|$1|$2|g" "$3" &>/dev/null || return 1; } +__ps() { [ -f "$(type -P ps)" ] && ps "$@" 2>/dev/null | grep -Fw " ${1:-$GEN_SCRIPT_REPLACE_APPNAME}" || return 10; } +__pgrep() { __pcheck "${1:-GEN_SCRIPT_REPLACE_APPNAME}" || __ps "${1:-$GEN_SCRIPT_REPLACE_APPNAME}" | grep -qv ' grep' || return 10; } +__get_ip6() { ip a 2>/dev/null | grep -w 'inet6' | awk '{print $2}' | grep -vE '^::1|^fe' | sed 's|/.*||g' | head -n1 | grep '^' || echo ''; } +__get_ip4() { ip a 2>/dev/null | grep -w 'inet' | awk '{print $2}' | grep -vE '^127.0.0' | sed 's|/.*||g' | head -n1 | grep '^' || echo '127.0.0.1'; } +__no_exit() { exec /bin/sh -c "trap : TERM INT; (while true; do tail -qf /data/logs/entrypoint.log /data/logs/*/*log 2>/dev/null||sleep 20; done) & wait"; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__find_php_bin() { find -L '/usr'/*bin -maxdepth 4 -name 'php-fpm*' 2>/dev/null | head -n1 | grep '^' || echo ''; } +__find_php_ini() { find -L '/etc' -maxdepth 4 -name 'php.ini' 2>/dev/null | head -n1 | sed 's|/php.ini||g' | grep '^' || echo ''; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__find_nginx_conf() { find -L '/etc' -maxdepth 4 -name 'nginx.conf' 2>/dev/null | head -n1 | grep '^' || echo ''; } +__find_caddy_conf() { find -L '/etc' -maxdepth 4 -type f -iname 'caddy.conf' 2>/dev/null | head -n1 | grep '^' || echo ''; } +__find_lighttpd_conf() { find -L '/etc' -maxdepth 4 -type f -iname 'lighttpd.conf' 2>/dev/null | head -n1 | grep '^' || echo ''; } +__find_cherokee_conf() { find -L '/etc' -maxdepth 4 -type f -iname 'cherokee.conf' 2>/dev/null | head -n1 | grep '^' || echo ''; } +__find_httpd_conf() { find -L '/etc' -maxdepth 4 -type f -iname 'httpd.conf' -o -iname 'apache2.conf' 2>/dev/null | head -n1 | grep '^' || echo ''; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__find_mysql_conf() { find -L '/etc' -maxdepth 4 -type f -name 'my.cnf' 2>/dev/null | head -n1 | grep '^' || echo ''; } +__find_pgsql_conf() { find -L '/var/lib' '/etc' -maxdepth 8 -type f -name 'postgresql.conf' 2>/dev/null | head -n1 | grep '^' || echo ''; } +__find_couchdb_conf() { return; } +__find_mongodb_conf() { return; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__random_password() { cat "/dev/urandom" | tr -dc '0-9a-zA-Z' | head -c${1:-16} && echo ""; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__exec_service() { + echo "Starting $1" + eval "$@" 2>>/dev/stderr & + [ $? -eq 0 ] && touch "/run/init.d/$1.pid" || return 1 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__update_ssl_certs() { + [ -f "/config/env/ssl.sh" ] && . "/config/env/ssl.sh" + if [ -f "$SSL_CERT" ] && [ -f "$SSL_KEY" ]; then + mkdir -p /etc/ssl + [ -f "$SSL_CA" ] && cp -Rf "$SSL_CA" "/etc/ssl/$SSL_CA" + [ -f "$SSL_KEY" ] && cp -Rf "$SSL_KEY" "/etc/ssl/$SSL_KEY" + [ -f "$SSL_CERT" ] && cp -Rf "$SSL_CERT" "/etc/ssl/$SSL_CERT" + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__certbot() { + local statusCode=0 + CERTBOT_DOMAINS="${CERTBOT_DOMAINS:-$HOSTNAME}" + [ -n "$(type -P 'certbot')" ] || return 1 + if [ -f "/config/certbot/env.sh" ]; then + . "/config/certbot/env.sh" + fi + if [ -f "/config/certbot/setup.sh" ]; then + eval "/config/certbot/setup.sh" + statusCode=$? + elif [ -f "/etc/named/certbot.sh" ]; then + eval "/etc/named/certbot.sh" + statusCode=$? + elif [ -f "/config/named/certbot-update.conf" ]; then + if certbot renew -n --dry-run --agree-tos --expand --dns-rfc2136 --dns-rfc2136-credentials /config/named/certbot-update.conf; then + certbot renew -n --agree-tos --expand --dns-rfc2136 --dns-rfc2136-credentials /config/named/certbot-update.conf + fi + statusCode=$? + else + local options="${1:-create}" && shift 1 + domain_list="$DOMAINNAME www.$DOMAINNAME mail.$DOMAINNAME $CERTBOT_DOMAINS" + [ -f "/config/env/ssl.sh" ] && . "/config/env/ssl.sh" + [ "$CERT_BOT_ENABLED" = "true" ] || { export CERT_BOT_ENABLED="" && return 10; } + [ -n "$CERT_BOT_MAIL" ] || echo "The variable CERT_BOT_MAIL is not set" && return 1 + [ -n "$DOMAINNAME" ] || echo "The variable DOMAINNAME is not set" && return 1 + for domain in $$CERTBOT_DOMAINS; do + [ -n "$domain" ] && ADD_CERTBOT_DOMAINS="-d $domain " + done + certbot $options --agree-tos -m $CERT_BOT_MAIL certonly --webroot \ + -w "${WWW_ROOT_DIR:-/data/htdocs/www}" $ADD_CERTBOT_DOMAINS \ + --key-path "$SSL_KEY" --fullchain-path "$SSL_CERT" + statusCode=$? + fi + [ $statusCode -eq 0 ] && __update_ssl_certs + return $statusCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__create_ssl_cert() { + if ! __certbot create; then + [ -f "/config/env/ssl.sh" ] && . "/config/env/ssl.sh" + [ -n "$SSL_DIR" ] || { echo "SSL_DIR is unset" && return 1; } + [ -d "$SSL_DIR" ] || mkdir -p "$SSL_DIR" + if [ -n "$FORCE_SSL" ] || [ ! -f "$SSL_CERT" ] || [ ! -f "$SSL_KEY" ]; then + echo "Setting Country to $COUNTRY and Setting State/Province to $STATE and Setting City to $CITY" + echo "Setting OU to $UNIT and Setting ORG to $ORG and Setting server to $CN" + echo "All variables can be overwritten by creating a /config/.ssl.env and setting the variables there" + echo "Creating ssl key and certificate in $SSL_DIR and will be valid for $((VALID_FOR / 365)) year[s]" + # + openssl req \ + -new \ + -newkey rsa:$RSA \ + -days $VALID_FOR \ + -nodes \ + -x509 \ + -subj "/C=${COUNTRY// /\\ }/ST=${STATE// /\\ }/L=${CITY// /\\ }/O=${ORG// /\\ }/OU=${UNIT// /\\ }/CN=${CN// /\\ }" \ + -keyout "$SSL_KEY" \ + -out "$SSL_CERT" + fi + fi + if [ -f "$SSL_CERT" ] && [ -f "$SSL_KEY" ]; then + __update_ssl_certs + return 0 + else + return 2 + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__init_apache() { + local etc_dir="" conf_dir="" conf_dir="" www_dir="" apache_bin="" + etc_dir="/etc/${1:-apache2}" + conf_dir="/config/${1:-apache2}" + www_dir="${WWW_ROOT_DIR:-/data/htdocs}" + apache_bin="$(type -P 'httpd' || type -P 'apache2')" + # + return 0 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__init_nginx() { + local etc_dir="" conf_dir="" www_dir="" nginx_bin="" + etc_dir="/etc/${1:-nginx}" + conf_dir="/config/${1:-nginx}" + www_dir="${WWW_ROOT_DIR:-/data/htdocs}" + nginx_bin="$(type -P 'nginx')" + # + return 0 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__init_php() { + local etc_dir="/etc/${1:-php}" + local conf_dir="/config/${1:-php}" + local php_bin="${PHP_BIN_DIR:-$(__find_php_bin)}" + # + return 0 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__init_mysql() { + local db_dir="" etc_dir="" db_user="" conf_dir="" user_pass="" user_db="" root_pass="" mysqld_bin="" + db_dir="/data/db/mysql" + etc_dir="${home:-/etc/${1:-mysql}}" + db_user="${SERVICE_USER:-mysql}" + conf_dir="/config/${1:-mysql}" + user_pass="${MARIADB_PASSWORD:-$MARIADB_ROOT_PASSWORD}" + user_db="${MARIADB_DATABASE}" user_name="${MARIADB_USER:-root}" + root_pass="$MARIADB_ROOT_PASSWORD" + mysqld_bin="$(type -P 'mysqld')" + # + return 0 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__init_mongodb() { + local home="${MONGODB_CONFIG_FILE:-$(__find_mongodb_conf)}" + local user_pass="${MONGO_INITDB_ROOT_PASSWORD:-$_ROOT_PASSWORD}" + local user_name="${INITDB_ROOT_USERNAME:-root}" + # + return +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__init_postgres() { + local home="${PGSQL_CONFIG_FILE:-$(__find_pgsql_conf)}" + local user_pass="${POSTGRES_PASSWORD:-$POSTGRES_ROOT_PASSWORD}" + local user_name="${POSTGRES_USER:-root}" + # + return +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__init_couchdb() { + local home="${COUCHDB_CONFIG_FILE:-$(__find_couchdb_conf)}" + local user_pass="${COUCHDB_PASSWORD:-$SET_RANDOM_PASS}" + local user_name="${COUCHDB_USER:-root}" + # + return +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Show available init functions +__init_help() { + echo ' +__certbot +__update_ssl_certs +__create_ssl_cert +' + return +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__run_pre() { + if [ "$ENTRYPOINT_FIRST_RUN" = "false" ]; then # Run on initial creation + true + fi + if [ "$CONFIG_DIR_INITIALIZED" = "false" ]; then # Initial config + true + fi + if [ "$DATA_DIR_INITIALIZED" = "false" ]; then + true + fi + # End Initial config + if [ "$START_SERVICES" = "yes" ]; then # only run on start + true + fi # end run on start + # Run everytime container starts + for arg in "$@"; do + if [ -n "$(command -v "$arg" 2>/dev/null)" ]; then + $arg + fi + done + # end + return 0 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__run_once() { + if [ "$CONFIG_DIR_INITIALIZED" = "false" ] || [ "$DATA_DIR_INITIALIZED" = "false" ] || [ ! -f "/config/.docker_has_run" ]; then + return 0 + else + return 1 + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# run program ever n minutes +__cron() { + trap '[ -f "/run/cron/$cmd" ] && rm -Rf "/run/cron/$cmd";exit 0' SIGINT ERR EXIT + test -n "$1" && test -z "${1//[0-9]/}" && interval=$(($1 * 60)) && shift 1 || interval="5" + [ $# -eq 0 ] && echo "Usage: cron [interval] [command]" && exit 1 + command="$*" + cmd="$(echo "$command" | awk -F' ' '{print $1}')" + [ -d "/run/cron" ] || mkdir -p "/run/cron" + echo "$command" >"/run/cron/$cmd" + while :; do + eval "$command" + sleep $interval + [ -f "/run/cron/$cmd" ] || break + done |& tee /data/logs/entrypoint.log +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__replace() { + [ -n "$3" ] && [ -f "$3" ] || return 1 + grep -s -qR "$1" "$3" &>/dev/null && __sed "$1" "$2" "$3" || return 0 + grep -s -qR "$2" "$3" && printf '%s\n' "Changed $1 to $2 in $3" && return 0 || { + printf '%s\n' "Failed to change $1 in $3" >&2 && return 2 + } +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__find_replace() { + [ -n "$3" ] && [ -e "$3" ] || return 1 + grep -s -qR "$1" "$3" &>/dev/null || return 0 + find "$3" -type f -not -path '.git*' -exec sed -i "s|$1|$2|g" {} \; + grep -s -qR "$2" "$3" && printf '%s\n' "Changed $1 to $2 in $3" && return 0 || { + printf '%s\n' "Failed to change $1 in $3" >&2 && return 2 + } +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__file_copy() { + [ -n "$1" ] && [ -e "$1" ] || return 1 + [ -n "$1" ] && [ -n "$2" ] && [ -e "$1" ] && cp -Rf "$1" "$2" &>/dev/null + [ -e "$1" ] && [ -e "$2" ] && printf '%s\n' "Copied: $1 > $2" && return 0 || { + printf '%s\n' "Copy failed: $1 < $2" >&2 && return 2 + } +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__create_service_user() { + local create_user="$1" + local create_home_dir="$2" + local create_gid="${USER_GID:-${USER_UID:-${3:-10000}}}" + local create_home_dir="${create_home_dir:-/home/$create_user}" set_home_dir="" + [ "$ENTRYPOINT_FIRST_RUN" = "no" ] || return 0 + [ -n "$SERVICE_USER" ] || [ "$SERVICE_USER" != "root" ] || return 0 + if ! grep -s -q "$create_user" "/etc/groups"; then + echo "creating system group $create_user" + addgroup -g $create_gid -S $create_user &>/dev/null + fi + if ! grep -s -q "$create_user" "/etc/passwd"; then + echo "creating system user $create_user" + adduser -u $create_gid -D -h "$create_home_dir" -g $create_user $create_user &>/dev/null + grep -q "$create_user" "/etc/passwd" "/etc/groups" && set_home_dir="$home_dir" && exitStatus=0 || exitStatus=1 + fi + [ $exitStatus -eq 0 ] && export WORK_DIR="${set_home_dir:-}" + return $exitStatus +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__create_env_file() { + local dir="" + local envStatus=0 + local envFile=("${@:-}") + local sample_file="/usr/local/etc/docker/env/default.sample" + [ -f "$sample_file" ] || return 0 + for create_env in "/usr/local/etc/docker/env/default.sh" "${envFile[@]}"; do + dir="$(dirname "$create_env")" + [ -d "$dir" ] || mkdir -p "$dir" + if [ -n "$create_env" ] && [ ! -f "$create_env" ]; then + cat </dev/null +$(<"$sample_file") +EOF + fi + [ -f "$create_env" ] || envStatus=$((1 + envStatus)) + done + rm -f "$sample_file" + return $envStatus +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__exec_command() { + local arg=("$@") + local prog_bin="" + local exitCode="0" + local cmdExec="${arg:-}" + prog_bin="$(echo "${arg[@]}" | tr ' ' '\n' | grep -v '^$' | head -n1 || echo '')" + [ -n "$prog_bin" ] && prog="$(type -P "${prog_bin}" 2>/dev/null || echo ':ERROR:')" || prog="bash" + if [ -f "$prog" ]; then + echo "${exec_message:-Executing command: $cmdExec}" + eval $cmdExec || exitCode=1 + [ "$exitCode" = 0 ] || exitCode=10 + elif [ -f "$prog" ] && [ ! -x "$prog" ]; then + echo "$prog is not executable" + exitCode=4 + else + echo "$prog does not exist" + exitCode=5 + fi + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Setup the server init scripts +__start_init_scripts() { + [ "$1" = " " ] && shift 1 + [ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail + local basename="" + local init_pids="" + local init_dir="${1:-/usr/local/etc/docker/init.d}" + local init_count="$(ls -A "$init_dir"/* 2>/dev/null | grep -v '\.sample' | wc -l)" + mkdir -p "/tmp" "/run" "/run/init.d" + chmod -R 777 "/tmp" "/run" "/run/init.d" + if [ "$init_count" -eq 0 ] || [ ! -d "$init_dir" ]; then + mkdir -p "/data/logs/init" + while :; do echo "Running" >"/data/logs/init/keep_alive" && sleep 3600; done & + else + if [ -d "$init_dir" ]; then + chmod -Rf 755 "$init_dir/" + [ -f "$init_dir/service.sample" ] && rm -Rf "$init_dir/service.sample" + for init in "$init_dir"/*.sh; do + if [ -f "$init" ]; then + name="$(basename "$init")" + (eval "$init" &) + initStatus=$(($? + initStatus)) + sleep 10 + echo "" + fi + done + fi + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__setup_mta() { + [ -d "/etc/ssmtp" ] || [ -d "/etc/postfix" ] || return + if [ ! -d "/config/ssmtp" ] || [ ! -d "/config/postfix" ]; then + echo "Configuring smtp server" + fi + local exitCode=0 + local relay_port="${EMAIL_RELAY//*:/}" + local relay_server="${EMAIL_RELAY//:*/}" + local local_hostname="${FULL_DOMAIN_NAME:-}" + local account_user="${SERVER_ADMIN//@*/}" + local account_domain="${EMAIL_DOMAIN//*@/}" + echo "$EMAIL_RELAY" | grep '[0-9][0-9]' || relay_port="465" + ################# sSMTP relay setup + if [ -n "$(type -P 'ssmtp')" ]; then + [ -d "/config/ssmtp" ] || mkdir -p "/config/ssmtp" + [ -f "/etc/ssmtp/ssmtp.conf" ] && rm -Rf "/etc/ssmtp/ssmtp.conf" + if [ ! -f "/config/ssmtp/ssmtp.conf" ]; then + cat </dev/null +# ssmtp configuration. +root=${account_user:-root}@${account_domain:-$HOSTNAME} +mailhub=${relay_server:-172.17.0.1}:$relay_port +rewriteDomain=$local_hostname +hostname=$local_hostname +TLS_CA_FILE=/etc/ssl/certs/ca-certificates.crt +UseTLS=Yes +UseSTARTTLS=No +AuthMethod=LOGIN +FromLineOverride=yes +#AuthUser=username +#AuthPass=password + +EOF + fi + if [ -f "/config/ssmtp/ssmtp.conf" ]; then + cp -Rf "/config/ssmtp/." "/etc/ssmtp/" + echo "Done setting up ssmtp" + fi + + ################# postfix relay setup + elif [ -n "$(type -P 'postfix')" ]; then + [ -d "/config" ] || mkdir -p "/config" + [ -d "/etc/postfix" ] || mkdir -p "/etc/postfix" + [ -f "/etc/postfix/main.cf" ] && rm -Rf "/etc/postfix/main.cf" + if [ ! -f "/config/postfix/main.cf" ]; then + cat </dev/null +# postfix configuration. +smtpd_banner = \$myhostname ESMTP email server +compatibility_level = 2 +inet_protocols = ipv4 +inet_interfaces = all +mydestination = +local_transport=error: local delivery disabled +mynetworks = /etc/postfix/mynetworks +alias_maps = hash:/etc/postfix/aliases +alias_database = hash:/etc/postfix/aliases +transport_maps = hash:/etc/postfix/transport +virtual_alias_maps = hash:/etc/postfix/virtual +relay_domains = hash:/etc/postfix/mydomains, regexp:/etc/postfix/mydomains.pcre +tls_random_source = dev:/dev/urandom +smtp_use_tls = yes +smtpd_use_tls = yes +smtpd_tls_session_cache_database = btree:/etc/postfix/smtpd_scache +smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CBC3-SHA, KRB5-DES, CBC3-SHA +smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination +append_dot_mydomain = yes +myorigin = $local_hostname +myhostname = $local_hostname +relayhost = [$relay_server]:$relay_port + +EOF + fi + if [ -d "/config/postfix" ]; then + touch "/config/postfix/aliases" "/config/postfix/mynetworks" "/config/postfix/transport" + touch "/config/postfix/mydomains.pcre" "/config/postfix/mydomains" "/config/postfix/virtual" + postmap "/config/aliases" "/config/mynetworks" "/config/transport" &>/dev/null + postmap "/config/mydomains.pcre" "/config/mydomains" "/config/virtual" &>/dev/null + cp -Rf "/config/postfix/." "/etc/postfix/" + fi + if [ -f "/etc/postfix/main.cf" ] && [ ! -f "/run/init.d/postfix.pid" ]; then + SERVICES_LIST+="postfix " + if [ ! -f "/run/init.d/postfix.pid" ]; then + __exec_service postfix start + fi + echo "Done setting up postfix" + fi + fi + [ -f "/root/dead.letter" ] && rm -Rf "/root/dead.letter" + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__initialize_web_health() { + [ $# -eq 1 ] && [ -d "$1" ] || return 1 + [ -d "$1/health" ] || mkdir -p "$1/health" + [ -f "$1/health/index.txt" ] || echo 'ok' >"$1/health/index.txt" + [ -f "$1/health/index.json" ] || echo '{ "status": "ok" }' >"$1/health/index.json" +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# file_dir +__initialize_replace_variables() { + [ $# -eq 1 ] || return 1 + __find_replace "REPLACE_SERVER_NAME" "$HOSTNAME" "$1" + __find_replace "REPLACE_DATA_DIR" "${DATA_DIR:-/data}" "$1" + __find_replace "REPLACE_CONFIG_DIR" "${CONF_DIR:-/config}" "$1" + __find_replace "REPLACE_SERVER_PORT" "${SERVICE_PORT:-80}" "$1" + __find_replace "REPLACE_SERVER_SOFTWARE" "${CONTAINER_NAME:-docker}" "$1" + __find_replace "REPLACE_SERVER_DIR" "${WWW_DIR:-/usr/share/webapps}" "$1" + __find_replace "REPLACE_DATABASE_DIR" "${DATABASE_DIR:-/data/db/$SERVICE_NAME}" "$1" + __find_replace "REPLACE_SERVER_WWW_DIR" "${WWW_ROOT_DIR:--/usr/share/webapps}" "$1" + __find_replace "REPLACE_SERVER_ADMIN" "${SERVER_ADMIN:-root@${sysname:-$HOSTNAME}}" "$1" +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__initialize_custom_bin_dir() { + SET_USR_BIN="" + [ -d "/data/bin" ] && SET_USR_BIN+="$(__find /data/bin f) " + [ -d "/config/bin" ] && SET_USR_BIN+="$(__find /config/bin f) " + if [ -n "$SET_USR_BIN" ]; then + echo "Setting up bin $SET_USR_BIN > $LOCAL_BIN_DIR" + for create_bin_template in $SET_USR_BIN; do + if [ -n "$create_bin_template" ]; then + create_bin_name="$(basename "$create_bin_template")" + if [ -e "$create_bin_template" ]; then + ln -sf "$create_bin_template" "$LOCAL_BIN_DIR/$create_bin_name" + fi + fi + done + unset create_bin_template create_bin_name SET_USR_BIN + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__initialize_default_templates() { + if [ -n "$DEFAULT_TEMPLATE_DIR" ]; then + if [ "$CONFIG_DIR_INITIALIZED" = "false" ] && [ -d "/config" ]; then + echo "Copying default config files $DEFAULT_TEMPLATE_DIR > /config" + for create_config_template in "$DEFAULT_TEMPLATE_DIR"/*; do + if [ -n "$create_config_template" ]; then + create_template_name="$(basename "$create_config_template")" + if [ -d "$create_config_template" ]; then + mkdir -p "/config/$create_template_name/" + __is_dir_empty "/config/$create_template_name" && cp -Rf "$create_config_template/." "/config/$create_template_name/" 2>/dev/null + elif [ -e "$create_config_template" ]; then + [ -e "/config/$create_template_name" ] || cp -Rf "$create_config_template" "/config/$create_template_name" 2>/dev/null + fi + fi + done + unset create_config_template create_template_name + fi + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__initialize_config_dir() { + if [ -n "$DEFAULT_CONF_DIR" ]; then + if [ "$CONFIG_DIR_INITIALIZED" = "false" ] && [ -d "/config" ]; then + echo "Copying custom config files: $DEFAULT_CONF_DIR > /config" + for create_config_template in "$DEFAULT_CONF_DIR"/*; do + create_config_name="$(basename "$create_config_template")" + if [ -n "$create_config_template" ]; then + if [ -d "$create_config_template" ]; then + mkdir -p "/config/$create_config_name" + __is_dir_empty "/config/$create_config_name" && cp -Rf "$create_config_template/." "/config/$create_config_name/" 2>/dev/null + elif [ -e "$create_config_template" ]; then + [ -e "/config/$create_config_name" ] || cp -Rf "$create_config_template" "/config/$create_config_name" 2>/dev/null + fi + fi + done + unset create_config_template create_config_name + fi + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__initialize_data_dir() { + if [ -d "/data" ]; then + if [ "$DATA_DIR_INITIALIZED" = "false" ] && [ -n "$DEFAULT_DATA_DIR" ]; then + echo "Copying data files $DEFAULT_DATA_DIR > /data" + for create_data_template in "$DEFAULT_DATA_DIR"/*; do + create_data_name="$(basename "$create_data_template")" + if [ -n "$create_data_template" ]; then + if [ -d "$create_data_template" ]; then + mkdir -p "/data/$create_data_name" + __is_dir_empty "/data/$create_data_name" && cp -Rf "$create_data_template/." "/data/$create_data_name/" 2>/dev/null + elif [ -e "$create_data_template" ]; then + [ -e "/data/$create_data_name" ] || cp -Rf "$create_data_template" "/data/$create_data_name" 2>/dev/null + fi + fi + done + unset create_template + fi + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__initialize_system_etc() { + if [ -d "/config" ]; then + if [ "$CONFIG_DIR_INITIALIZED" = "false" ]; then + echo "Copying config files to system: /config > /etc" + for create_config_name in /config/*; do + if [ -n "$create_config_name" ]; then + create_conf_name="$(basename "$create_config_name")" + if [ -d "/etc/$create_conf_name" ] && [ -d "$create_config_name" ]; then + mkdir -p "/etc/$create_conf_name/" + cp -Rf "$create_config_name/." "/etc/$create_conf_name/" 2>/dev/null + elif [ -e "/etc/$create_conf_name" ] && [ -e "$create_config_name" ]; then + cp -Rf "$create_config_name" "/etc/$create_conf_name" 2>/dev/null + fi + fi + done + unset create_config_name create_conf_name + fi + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__initialize_www_root() { + if [ "$DATA_DIR_INITIALIZED" = "false" ] && [ -n "$WWW_ROOT_DIR" ]; then + if [ -d "$DEFAULT_DATA_DIR/data/htdocs" ]; then + __is_dir_empty "$WWW_ROOT_DIR/" && cp -Rf "$DEFAULT_DATA_DIR/data/htdocs/." "$WWW_ROOT_DIR/" 2>/dev/null + fi + fi + if [ -n "$WWW_ROOT_DIR" ]; then + if [ -d "$DEFAULT_DATA_DIR/htdocs/www" ] && [ ! -d "$WWW_ROOT_DIR" ]; then + mkdir -p "$WWW_ROOT_DIR" "$WWW_ROOT_DIR/health" + cp -Rf "$DEFAULT_DATA_DIR/htdocs/www/." "$WWW_ROOT_DIR/" + [ -f "$WWW_ROOT_DIR/health/index.txt" ] || echo "OK" >"$WWW_ROOT_DIR/health/index.txt" + [ -f "$WWW_ROOT_DIR/health/index.json" ] || echo '{"status":"ok"}' >"$WWW_ROOT_DIR/health/index.json" + fi + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__initialize_ssl_certs() { + [ -d "$SSL_DIR" ] || mkdir -p "$SSL_DIR" + if [ "$SSL_ENABLED" = "true" ] || [ "$SSL_ENABLED" = "yes" ]; then + if [ -f "$SSL_CERT" ] && [ -f "$SSL_KEY" ]; then + SSL_ENABLED="true" + if [ -n "$SSL_CA" ] && [ -f "$SSL_CA" ]; then + mkdir -p "$SSL_DIR/certs" + cat "$SSL_CA" >>"/etc/ssl/certs/ca-certificates.crt" + cp -Rf "/." "$SSL_DIR/" + fi + else + [ -d "$SSL_DIR" ] || mkdir -p "$SSL_DIR" + __create_ssl_cert + fi + type update-ca-certificates &>/dev/null && update-ca-certificates + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set variables from function calls +SET_RANDOM_PASS="${SET_RANDOM_PASS:-$(__random_password 16)}" +CONTAINER_IP4_ADDRESS="${CONTAINER_IP4_ADDRESS:-$(__get_ip4)}" +CONTAINER_IP6_ADDRESS="${CONTAINER_IP6_ADDRESS:-$(__get_ip6)}" +PHP_INI_DIR="${PHP_INI_DIR:-$(__find_php_ini)}" +PHP_BIN_DIR="${PHP_BIN_DIR:-$(__find_php_bin)}" +HTTPD_CONFIG_FILE="${HTTPD_CONFIG_FILE:-$(__find_httpd_conf)}" +NGINX_CONFIG_FILE="${NGINX_CONFIG_FILE:-$(__find_nginx_conf)}" +LIGHTTPD_CONFIG_FILE="${LIGHTTPD_CONFIG_FILE:-$(__find_lighttpd_conf)}" +MARIADB_CONFIG_FILE="${MARIADB_CONFIG_FILE:-$(__find_mysql_conf)}" +POSTGRES_CONFIG_FILE="${POSTGRES_CONFIG_FILE:-$(__find_pgsql_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# export variables + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# export the functions +export -f __start_init_scripts +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# end of functions diff --git a/rootfs/usr/local/etc/docker/init.d/00-couchdb.sh b/rootfs/usr/local/etc/docker/init.d/00-couchdb.sh new file mode 100755 index 0000000..c236a42 --- /dev/null +++ b/rootfs/usr/local/etc/docker/init.d/00-couchdb.sh @@ -0,0 +1,532 @@ +#!/usr/bin/env bash +# shellcheck shell=bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202308230219-git +# @@Author : Jason Hempstead +# @@Contact : jason@casjaysdev.pro +# @@License : WTFPL +# @@ReadME : 00-couchdb.sh --help +# @@Copyright : Copyright: (c) 2023 Jason Hempstead, Casjays Developments +# @@Created : Wednesday, Aug 23, 2023 02:19 EDT +# @@File : 00-couchdb.sh +# @@Description : +# @@Changelog : New script +# @@TODO : Better documentation +# @@Other : +# @@Resource : +# @@Terminal App : no +# @@sudo/root : no +# @@Template : other/start-service +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +printf '%s\n' "# - - - Initializing couchdb - - - #" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +SERVICE_NAME="couchdb" +SCRIPT_NAME="$(basename "$0" 2>/dev/null)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# run trap command on exit +trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import the functions file +if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then + . "/usr/local/etc/docker/functions/entrypoint.sh" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import variables +for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do + [ -f "$set_env" ] && . "$set_env" +done +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Custom functions +__curl() { curl -q -LSsf --user "$root_user_name:$root_user_pass" "$@"; } +__curl_users() { __curl -X PUT -H 'Accept: application/json' -H 'Content-Type: application/json' 'http://'$COUCHDB_SERVER':'$SERVICE_PORT'/_users/org.couchdb.user:'$1'' -d "{\"name\": \"$1\", \"password\": \"$2\", \"roles\": [], \"type\": \"user\"}" || return 2; } +__curl_database() { curl -q -LSsf -X PUT 'http://'$root_user_name:$root_user_pass'@'$COUCHDB_SERVER':'$SERVICE_PORT'/'$1'' || return 2; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Reset environment before executing service +RESET_ENV="yes" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Show message before execute +PRE_EXEC_MESSAGE="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set the database directory +DATABASE_DIR="${DATABASE_DIR_COUCHDB:-/data/db/couchdb}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set webroot +WWW_DIR="/usr/share/webapps/couchdb" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Default predefined variables +DATA_DIR="/data" # set data directory +CONF_DIR="/config" # set config directory +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set the containers etc directory +ETC_DIR="/etc/couchdb" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +RUN_DIR="/run/init.d" # set scripts pid dir +LOG_DIR="/data/logs/couchdb" # set log directory +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the working dir +WORK_DIR="" # set working directory +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Where to save passwords to +ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user +USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# root/admin user info password/random] +root_user_name="${COUCHDB_ROOT_USER_NAME:-root}" # root user name +root_user_pass="${COUCHDB_ROOT_PASS_WORD:-random}" # root user password +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Normal user info [password/random] +user_name="${COUCHDB_USER_NAME:-}" # normal user name +user_pass="${COUCHDB_USER_PASS_WORD:-}" # normal user password +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Overwrite variables from files +__file_exists_with_content "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")" +__file_exists_with_content "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")" +__file_exists_with_content "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")" +__file_exists_with_content "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# port which service is listening on +SERVICE_PORT="5984" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# execute command variables +SERVICE_UID="0" # set the user id +SERVICE_USER="root" # execute command as another user +EXEC_CMD_BIN="couchdb" # command to execute +EXEC_CMD_ARGS="-vvvvv" # command arguments +EXEC_PRE_SCRIPT="" # execute script before +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Is this service a web server +IS_WEB_SERVER="no" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Is this service a database server +IS_DATABASE_SERVICE="no" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional predefined variables + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional variables +COUCHDB_SERVER="${COUCHDB_SERVER:-localhost}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Specifiy custom directories to be created +ADD_APPLICATION_FILES="" +ADD_APPLICATION_DIRS="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +APPLICATION_FILES="$LOG_DIR/couchdb.log" +APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# define variables that need to be loaded into the service - escape quotes - var=\"value\",other=\"test\" +CMD_ENV="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# use this function to update config files - IE: change port +__update_conf_files() { + local exitCode=0 # default exit code + local user="${SERVICE_USER:-root}" # specifiy different user + local runas="root" # run as a different user + local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname + + # delete files + #__rm "" + + # define actions + + # create default directories + for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do + if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then + ( + echo "Creating directory $filedirs with permissions 777" + mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs" + ) |& tee -a "$LOG_DIR/init.txt" &>/dev/null + fi + done + # create default files + for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do + if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then + ( + echo "Creating file $application_files with permissions 777" + touch "$application_files" && chmod -Rf 777 "$application_files" + ) |& tee -a "$LOG_DIR/init.txt" &>/dev/null + fi + done + # create directories if variable is yes" + if [ "$IS_WEB_SERVER" = "yes" ]; then + APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" + if __is_dir_empty "$WWW_DIR" || [ ! -d "$WWW_DIR" ]; then + (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null + fi + __initialize_web_health "$WWW_DIR" + fi + if [ "$IS_DATABASE_SERVICE" = "yes" ]; then + APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" + if __is_dir_empty "$DATABASE_DIR" || [ ! -d "$DATABASE_DIR" ]; then + (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null + fi + fi + # copy config files to system + __file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null + # replace variables + __replace "REPLACE_ROOT_PASS" "$root_user_pass" "$CONF_DIR/default.ini" + __replace "REPLACE_ROOT_ADMIN" "$root_user_name" "$CONF_DIR/default.ini" + __replace "REPLACE_ROOT_PASS" "$root_user_pass" "$ETC_DIR/default.ini" + __replace "REPLACE_ROOT_ADMIN" "$root_user_name" "$ETC_DIR/default.ini" + # replace variables recursively + # __find_replace "" "" "$ETC_DIR/" + # replace defaults in ETC_DIR + __initialize_replace_variables "$ETC_DIR" + __initialize_replace_variables "$CONF_DIR" + __initialize_replace_variables "$WWW_DIR" + __initialize_replace_variables "$CONF_DIR" + # custom commands + touch "$ETC_DIR/local.d/docker.ini" 2>/dev/null + ln -sf "$DATABASE_DIR" "/opt/couchdb/data" 2>/dev/null + # unset unneeded variables + unset application_files filedirs + + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# function to run before executing +__pre_execute() { + local exitCode=0 # default exit code + local user="${SERVICE_USER:-root}" # specifiy different user + local runas="root" # run as a different user + local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname + + # define commands + + # execute if directories is empty + #__is_dir_empty "" && true || false + + # create user if needed + # __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}" + # set user on files/folders + if [ -n "$user" ] && [ "$user" != "root" ]; then + if grep -s -q "$user:" "/etc/passwd"; then + for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do + if [ -n "$permissions" ] && [ -e "$permissions" ]; then + (chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null + fi + done + fi + fi + + # unset unneeded variables + unset filesperms filename + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# function to run after executing +__post_execute() { + local exitCode=0 # default exit code + local user="${SERVICE_USER:-root}" # specifiy different user + local runas="root" # run as a different user + local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname + sleep 60 # how long to wait before executing + echo "Running post commands" # message + # execute commands + ( + if ! __curl "http://$COUCHDB_SERVER:$SERVICE_PORT/_users" | grep -q 'db_name":"_users'; then + echo "Creating the _users databases" + if __curl_database "_users" | grep -qE '200|"ok":true'; then + echo "Created database _users" + else + echo "Failed to create database _users" >&2 + fi + sleep 1 + fi + if ! __curl "http://$COUCHDB_SERVER:$SERVICE_PORT/_replicator" | grep -q 'db_name":"_replicator'; then + echo "Creating the _replicator databases" + if __curl_database "_replicator" | grep -qE '200|"ok":true'; then + echo "Created database _replicator" + else + echo "Failed to create database _replicator" >&2 + fi + sleep 1 + fi + if ! __curl "http://$COUCHDB_SERVER:$SERVICE_PORT/_global_changes" | grep -q 'db_name":"_global_changes'; then + echo "Creating the _global_changes databases" + if __curl_database "_global_changes" | grep -qE '200|"ok":true'; then + echo "Created database _global_changes" + else + echo "Failed to create database _global_changes" >&2 + fi + sleep 1 + fi + if [ -n "$user_name" ] && [ -n "$user_pass" ]; then + echo "Creating new user $username" + if __curl_users "$user_name" "$user_pass"; then + echo "Created user: $user_name" + else + echo "Failed to create user: $user_name" >&2 + fi + fi + if [ -n "$CREATE_DATABASE" ]; then + echo "Creating database: $CREATE_DATABASE" + __curl_database "$CREATE_DATABASE" || echo "Failed to create database: $CREATE_DATABASE" >&2 + fi + ) | tee -a "$LOG_DIR/init.txt" + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# use this function to update config files - IE: change port +__pre_message() { + local exitCode=0 + [ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name" + [ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" + [ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" + [ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" + + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# use this function to setup ssl support +__update_ssl_conf() { + local exitCode=0 + local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname + + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__create_service_env() { + cat </dev/null +# ENV_WORKDIR="${ENV_WORKDIR:-$WORK_DIR}" # change to directory +# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir +# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir +# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir +# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir +# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir +# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user +# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id +# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on +# EXEC_PRE_SCRIPT="${ENV_EXEC_PRE_SCRIPT:-$EXEC_PRE_SCRIPT}" # execute before commands +# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute +# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments +# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name +# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" # +# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" # +# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" # +# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" # + +EOF + __file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" || return 1 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# script to start server +__run_start_script() { + local user="${SERVICE_USER:-root}" + local cmd="${EXEC_CMD_BIN:-}" + local args="${EXEC_CMD_ARGS:-}" + local name="${EXEC_CMD_NAME:-}" + local pre="${EXEC_PRE_SCRIPT:-}" + local workdir="${WORK_DIR:-$WORK_DIR}" + local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}" + local home="${workdir//\/root/\/tmp\/docker}" + local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin" + local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname + local message="" + if [ -z "$cmd" ]; then + __post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null + echo "Initializing $SCRIPT_NAME has completed" + else + # ensure the command exists + if [ ! -x "$cmd" ]; then + echo "$name is not a valid executable" + exit 2 + fi + # set working directories + [ -z "$home" ] && home="${workdir:-/tmp/docker}" + [ "$home" = "/root" ] && home="/tmp/docker" + [ "$home" = "$workdir" ] && workdir="" + # create needed directories + [ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; } + [ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; } + [ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp" + [ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home" + [ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir" + # check and exit if already running + if __proc_check "$name" || __proc_check "$cmd"; then + echo "$name is already running" >&2 + exit 0 + else + if [ -n "$pre" ] && [ -f "$pre" ]; then + cmd_exec="$pre $cmd $args" + message="Starting service: $name $args through $pre" + else + cmd_exec="$cmd $args" + message="Starting service: $name $args" + fi + echo "$message" + su_cmd touch "$SERVICE_PID_FILE" + __post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null & + if [ "$RESET_ENV" = "yes" ]; then + su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" HOSTNAME="$sysname" USER="$user" ${CMD_ENV//,/ } sh -c "$cmd_exec" || return 10 + else + eval "$cmd_exec" || return 10 + fi + fi + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# username and password actions +__run_secure_function() { + if [ -n "$user_name" ] || [ -n "$user_pass" ]; then + for filesperms in "${USER_FILE_PREFIX}"/*; do + if [ -e "$filesperms" ]; then + chmod -Rf 600 "$filesperms" + chown -Rf root:root "$filesperms" + fi + done |& tee -a "$LOG_DIR/init.txt" &>/dev/null + fi + if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then + for filesperms in "${ROOT_FILE_PREFIX}"/*; do + if [ -e "$filesperms" ]; then + chmod -Rf 600 "$filesperms" + chown -Rf root:root "$filesperms" + fi + done |& tee -a "$LOG_DIR/init.txt" &>/dev/null + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# simple cd function +__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# process check functions +__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; } +__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# check if process is already running +__proc_check() { + cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")" + cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")" + if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then + SERVICE_IS_RUNNING="true" + touch "$SERVICE_PID_FILE" + echo "$cmd_name is already running" + return 0 + else + return 1 + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow ENV_ variable - Import env file +__file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +SERVICE_EXIT_CODE=0 # default exit code +WORK_DIR="${ENV_WORKDIR:-$WORK_DIR}" # change to directory +WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir +ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir +DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir +CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir +DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir +SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user +SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id +SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on +PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# application specific +EXEC_PRE_SCRIPT="${ENV_EXEC_PRE_SCRIPT:-$EXEC_PRE_SCRIPT}" # Pre +EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute +EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name +SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location +EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments +SERVICE_PID_NUMBER="$(__pgrep)" # check if running +EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path +EXEC_PRE_SCRIPT="$(type -P "$EXEC_PRE_SCRIPT" || echo "$EXEC_PRE_SCRIPT")" # set full path +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create auth directories +[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; } +[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ "$IS_WEB_SERVER" = "yes" ] && RESET_ENV="yes" +[ "$IS_DATABASE_SERVICE" = "yes" ] && RESET_ENV="no" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow per init script usernames and passwords +__file_exists_with_content "$ETC_DIR/auth/user/name" && user_name="$(<"$ETC_DIR/auth/user/name")" +__file_exists_with_content "$ETC_DIR/auth/user/pass" && user_pass="$(<"$ETC_DIR/auth/user/pass")" +__file_exists_with_content "$ETC_DIR/auth/root/name" && root_user_name="$(<"$ETC_DIR/auth/root/name")" +__file_exists_with_content "$ETC_DIR/auth/root/pass" && root_user_pass="$(<"$ETC_DIR/auth/root/pass")" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow setting initial users and passwords via environment +user_name="${user_name:-$ENV_USER_NAME}" +user_pass="${user_pass:-$ENV_USER_PASS}" +root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}" +root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set password to random if variable is random +if [ "$user_pass" = "random" ]; then + user_pass="$(__random_password)" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ "$root_user_pass" = "random" ]; then + root_user_pass="$(__random_password)" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow variables via imports - Overwrite existing +[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Only run check +if [ "$1" = "check" ]; then + __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN" + exit $? +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# show message if env exists +if [ -n "$EXEC_CMD_BIN" ]; then + [ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root" + [ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT="" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set switch user command +if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then + su_cmd() { eval "$*" || return 1; } +elif [ "$(builtin type -P gosu)" ]; then + su_cmd() { gosu $SERVICE_USER "$@" || return 1; } +elif [ "$(builtin type -P runuser)" ]; then + su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; } +elif [ "$(builtin type -P sudo)" ]; then + su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; } +elif [ "$(builtin type -P su)" ]; then + su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; } +else + echo "Can not switch to $SERVICE_USER: attempting to run as root" + su_cmd() { eval "$*" || return 1; } +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Change to working directory +[ -n "$WORK_DIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORK_DIR" && echo "Changed to $PWD" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# show init message +__pre_message +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Initialize ssl +__update_ssl_conf +__update_ssl_certs +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Updating config files +__create_service_env +__update_conf_files +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# run the pre execute commands +[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE" +__pre_execute +__run_secure_function +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null +if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then + echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt" + SERVICE_EXIT_CODE=10 + SERVICE_IS_RUNNING="false" + rm -Rf "$SERVICE_PID_FILE" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit $SERVICE_EXIT_CODE diff --git a/rootfs/usr/local/etc/docker/init.d/zz-nginx.sh b/rootfs/usr/local/etc/docker/init.d/zz-nginx.sh new file mode 100644 index 0000000..27fdc47 --- /dev/null +++ b/rootfs/usr/local/etc/docker/init.d/zz-nginx.sh @@ -0,0 +1,485 @@ +#!/usr/bin/env bash +# shellcheck shell=bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202308221957-git +# @@Author : Jason Hempstead +# @@Contact : jason@casjaysdev.pro +# @@License : WTFPL +# @@ReadME : zz-nginx.sh --help +# @@Copyright : Copyright: (c) 2023 Jason Hempstead, Casjays Developments +# @@Created : Tuesday, Aug 22, 2023 19:57 EDT +# @@File : zz-nginx.sh +# @@Description : +# @@Changelog : New script +# @@TODO : Better documentation +# @@Other : +# @@Resource : +# @@Terminal App : no +# @@sudo/root : no +# @@Template : shell/bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +printf '%s\n' "# - - - Initializing nginx - - - #" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +SERVICE_NAME="nginx" +SCRIPT_NAME="$(basename "$0" 2>/dev/null)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# run trap command on exit +trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import the functions file +if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then + . "/usr/local/etc/docker/functions/entrypoint.sh" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import variables +for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do + [ -f "$set_env" ] && . "$set_env" +done +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Custom functions + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Reset environment before executing service +RESET_ENV="yes" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Show message before execute +PRE_EXEC_MESSAGE="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set the database directory +DATABASE_DIR="${DATABASE_DIR_NGINX:-/data/db/nginx}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set webroot +WWW_DIR="/usr/share/webapps/nginx" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Default predefined variables +DATA_DIR="/data" # set data directory +CONF_DIR="/config" # set config directory +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set the containers etc directory +ETC_DIR="/etc/nginx" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +RUN_DIR="/run/init.d" # set scripts pid dir +LOG_DIR="/data/logs/nginx" # set log directory +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the working dir +WORK_DIR="" # set working directory +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Where to save passwords to +ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user +USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# root/admin user info password/random] +root_user_name="${NGINX_ROOT_USER_NAME:-}" # root user name +root_user_pass="${NGINX_ROOT_PASS_WORD:-}" # root user password +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Normal user info [password/random] +user_name="${NGINX_USER_NAME:-}" # normal user name +user_pass="${NGINX_USER_PASS_WORD:-}" # normal user password +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Overwrite variables from files +__file_exists_with_content "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")" +__file_exists_with_content "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")" +__file_exists_with_content "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")" +__file_exists_with_content "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# port which service is listening on +SERVICE_PORT="80" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# execute command variables +SERVICE_UID="0" # set the user id +SERVICE_USER="root" # execute command as another user +EXEC_CMD_BIN="nginx" # command to execute +EXEC_CMD_ARGS="-c $ETC_DIR/nginx.conf" # command arguments +EXEC_PRE_SCRIPT="" # execute script before +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Is this service a web server +IS_WEB_SERVER="yes" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Is this service a database server +IS_DATABASE_SERVICE="no" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional predefined variables + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional variables + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Specifiy custom directories to be created +ADD_APPLICATION_FILES="" +ADD_APPLICATION_DIRS="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +APPLICATION_FILES="$LOG_DIR/nginx.log" +APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# define variables that need to be loaded into the service - escape quotes - var=\"value\",other=\"test\" +CMD_ENV="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# use this function to update config files - IE: change port +__update_conf_files() { + local exitCode=0 # default exit code + local user="${SERVICE_USER:-root}" # specifiy different user + local runas="root" # run as a different user + local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname + # delete files + #__rm "" + + # define actions + + # create default directories + for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do + if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then + ( + echo "Creating directory $filedirs with permissions 777" + mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs" + ) |& tee -a "$LOG_DIR/init.txt" &>/dev/null + fi + done + # create default files + for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do + if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then + ( + echo "Creating file $application_files with permissions 777" + touch "$application_files" && chmod -Rf 777 "$application_files" + ) |& tee -a "$LOG_DIR/init.txt" &>/dev/null + fi + done + # create directories if variable is yes" + if [ "$IS_WEB_SERVER" = "yes" ]; then + APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" + if __is_dir_empty "$WWW_DIR" || [ ! -d "$WWW_DIR" ]; then + (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null + fi + __initialize_web_health "$WWW_DIR" + fi + if [ "$IS_DATABASE_SERVICE" = "yes" ]; then + APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" + if __is_dir_empty "$DATABASE_DIR" || [ ! -d "$DATABASE_DIR" ]; then + (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null + fi + fi + # copy config files to system + __file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null + # replace variables + __replace "REPLACE_PROXY_ADDRESS" "localhost:5984" "$ETC_DIR/nginx.conf" + # __replace "" "" "$ETC_DIR/nginx.conf" + # replace variables recursively + # __find_replace "" "" "$ETC_DIR/" + # replace defaults in ETC_DIR + __initialize_replace_variables "$ETC_DIR" + __initialize_replace_variables "$CONF_DIR" + __initialize_replace_variables "$WWW_DIR" + # custom commands + + # unset unneeded variables + unset application_files filedirs + + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# function to run before executing +__pre_execute() { + local exitCode=0 # default exit code + local user="${SERVICE_USER:-root}" # specifiy different user + local runas="root" # run as a different user + local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname + + # define commands + + # execute if directories is empty + #__is_dir_empty "" && true || false + + # create user if needed + # __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}" + # set user on files/folders + if [ -n "$user" ] && [ "$user" != "root" ]; then + if grep -s -q "$user:" "/etc/passwd"; then + for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do + if [ -n "$permissions" ] && [ -e "$permissions" ]; then + (chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null + fi + done + fi + fi + + # unset unneeded variables + unset filesperms filename + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# function to run after executing +__post_execute() { + local exitCode=0 # default exit code + local user="${SERVICE_USER:-root}" # specifiy different user + local runas="root" # run as a different user + local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname + sleep 60 # how long to wait before executing + echo "Running post commands" # message + # execute commands + + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# use this function to update config files - IE: change port +__pre_message() { + local exitCode=0 + [ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name" + [ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" + [ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" + [ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" + + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# use this function to setup ssl support +__update_ssl_conf() { + local exitCode=0 + local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname + + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__create_service_env() { + cat </dev/null +# ENV_WORKDIR="${ENV_WORKDIR:-$WORK_DIR}" # change to directory +# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir +# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir +# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir +# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir +# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir +# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user +# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id +# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on +# EXEC_PRE_SCRIPT="${ENV_EXEC_PRE_SCRIPT:-$EXEC_PRE_SCRIPT}" # execute before commands +# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute +# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments +# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name +# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" # +# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" # +# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" # +# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" # + +EOF + __file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" || return 1 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# script to start server +__run_start_script() { + local user="${SERVICE_USER:-root}" + local cmd="${EXEC_CMD_BIN:-}" + local args="${EXEC_CMD_ARGS:-}" + local name="${EXEC_CMD_NAME:-}" + local pre="${EXEC_PRE_SCRIPT:-}" + local workdir="${WORK_DIR:-$WORK_DIR}" + local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}" + local home="${workdir//\/root/\/tmp\/docker}" + local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin" + local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname + local message="" + if [ -z "$cmd" ]; then + __post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null + echo "Initializing $SCRIPT_NAME has completed" + else + # ensure the command exists + if [ ! -x "$cmd" ]; then + echo "$name is not a valid executable" + exit 2 + fi + # set working directories + [ -z "$home" ] && home="${workdir:-/tmp/docker}" + [ "$home" = "/root" ] && home="/tmp/docker" + [ "$home" = "$workdir" ] && workdir="" + # create needed directories + [ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; } + [ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; } + [ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp" + [ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home" + [ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir" + # check and exit if already running + if __proc_check "$name" || __proc_check "$cmd"; then + echo "$name is already running" >&2 + exit 0 + else + if [ -n "$pre" ] && [ -f "$pre" ]; then + cmd_exec="$pre $cmd $args" + message="Starting service: $name $args through $pre" + else + cmd_exec="$cmd $args" + message="Starting service: $name $args" + fi + echo "$message" + su_cmd touch "$SERVICE_PID_FILE" + __post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null & + if [ "$RESET_ENV" = "yes" ]; then + su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" HOSTNAME="$sysname" USER="$user" ${CMD_ENV//,/ } sh -c "$cmd_exec" || return 10 + else + eval "$cmd_exec" || return 10 + fi + fi + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# username and password actions +__run_secure_function() { + if [ -n "$user_name" ] || [ -n "$user_pass" ]; then + for filesperms in "${USER_FILE_PREFIX}"/*; do + if [ -e "$filesperms" ]; then + chmod -Rf 600 "$filesperms" + chown -Rf root:root "$filesperms" + fi + done |& tee -a "$LOG_DIR/init.txt" &>/dev/null + fi + if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then + for filesperms in "${ROOT_FILE_PREFIX}"/*; do + if [ -e "$filesperms" ]; then + chmod -Rf 600 "$filesperms" + chown -Rf root:root "$filesperms" + fi + done |& tee -a "$LOG_DIR/init.txt" &>/dev/null + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# simple cd function +__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# process check functions +__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; } +__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# check if process is already running +__proc_check() { + cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")" + cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")" + if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then + SERVICE_IS_RUNNING="true" + touch "$SERVICE_PID_FILE" + echo "$cmd_name is already running" + return 0 + else + return 1 + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow ENV_ variable - Import env file +__file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +SERVICE_EXIT_CODE=0 # default exit code +WORK_DIR="${ENV_WORKDIR:-$WORK_DIR}" # change to directory +WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir +ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir +DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir +CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir +DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir +SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user +SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id +SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on +PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# application specific +EXEC_PRE_SCRIPT="${ENV_EXEC_PRE_SCRIPT:-$EXEC_PRE_SCRIPT}" # Pre +EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute +EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name +SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location +EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments +SERVICE_PID_NUMBER="$(__pgrep)" # check if running +EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path +EXEC_PRE_SCRIPT="$(type -P "$EXEC_PRE_SCRIPT" || echo "$EXEC_PRE_SCRIPT")" # set full path +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create auth directories +[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; } +[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ "$IS_WEB_SERVER" = "yes" ] && RESET_ENV="yes" +[ "$IS_DATABASE_SERVICE" = "yes" ] && RESET_ENV="no" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow per init script usernames and passwords +__file_exists_with_content "$ETC_DIR/auth/user/name" && user_name="$(<"$ETC_DIR/auth/user/name")" +__file_exists_with_content "$ETC_DIR/auth/user/pass" && user_pass="$(<"$ETC_DIR/auth/user/pass")" +__file_exists_with_content "$ETC_DIR/auth/root/name" && root_user_name="$(<"$ETC_DIR/auth/root/name")" +__file_exists_with_content "$ETC_DIR/auth/root/pass" && root_user_pass="$(<"$ETC_DIR/auth/root/pass")" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow setting initial users and passwords via environment +user_name="${user_name:-$ENV_USER_NAME}" +user_pass="${user_pass:-$ENV_USER_PASS}" +root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}" +root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set password to random if variable is random +if [ "$user_pass" = "random" ]; then + user_pass="$(__random_password)" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ "$root_user_pass" = "random" ]; then + root_user_pass="$(__random_password)" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow variables via imports - Overwrite existing +[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Only run check +if [ "$1" = "check" ]; then + __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN" + exit $? +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# show message if env exists +if [ -n "$EXEC_CMD_BIN" ]; then + [ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root" + [ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT="" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set switch user command +if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then + su_cmd() { eval "$*" || return 1; } +elif [ "$(builtin type -P gosu)" ]; then + su_cmd() { gosu $SERVICE_USER "$@" || return 1; } +elif [ "$(builtin type -P runuser)" ]; then + su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; } +elif [ "$(builtin type -P sudo)" ]; then + su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; } +elif [ "$(builtin type -P su)" ]; then + su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; } +else + echo "Can not switch to $SERVICE_USER: attempting to run as root" + su_cmd() { eval "$*" || return 1; } +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Change to working directory +[ -n "$WORK_DIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORK_DIR" && echo "Changed to $PWD" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# show init message +__pre_message +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Initialize ssl +__update_ssl_conf +__update_ssl_certs +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Updating config files +__create_service_env +__update_conf_files +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# run the pre execute commands +[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE" +__pre_execute +__run_secure_function +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null +if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then + echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt" + SERVICE_EXIT_CODE=10 + SERVICE_IS_RUNNING="false" + rm -Rf "$SERVICE_PID_FILE" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit $SERVICE_EXIT_CODE diff --git a/rootfs/usr/local/share/template-files/config/couchdb/default.ini b/rootfs/usr/local/share/template-files/config/couchdb/default.ini new file mode 100644 index 0000000..5c4d1b6 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/couchdb/default.ini @@ -0,0 +1,158 @@ +; Upgrading CouchDB will overwrite this file. +[vendor] +name = CasjaysDev + +[couchdb] +;uuid = +database_dir = REPLACE_DATABASE_DIR +view_index_dir = REPLACE_DATABASE_DIR + +[couchdb_engines] +couch = couch_bt_engine + +[chttpd] +port = 5984 +bind_address = any +require_valid_user = false +prefer_minimal = Cache-Control, Content-Length, Content-Range, Content-Type, ETag, Server, Transfer-Encoding, Vary +admin_only_all_dbs = true +allow_jsonp = true +enable_cors = true +enable_xframe_options = false +max_uri_length = 8000 +x_forwarded_host = X-Forwarded-Host +x_forwarded_proto = X-Forwarded-Proto +x_forwarded_ssl = X-Forwarded-Ssl +max_http_request_size = 4294967296 +decode_plus_to_space = true + +[couch_peruser] +enable = true +delete_dbs = true +database_prefix = userdb_ + +[httpd] +port = 5986 +bind_address = any +enable_cors = true + +[chttpd_auth] +authentication_db = _users +authentication_redirect = /_utils/session.html +require_valid_user = false +timeout = 600 +auth_cache_size = 50 +allow_persistent_cookies = true +iterations = 10 + +[couch_httpd_auth] +authentication_db = _users + +[ssl] +enable = false +verify_ssl_certificates = false +cert_file = /config/ssl/localhost.crt +key_file = /config/ssl/localhost.key + +[csp] +utils_enable = true +utils_header_value = default-src 'self'; img-src 'self'; font-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; +attachments_enable = true +attachments_header_value = sandbox +showlist_enable = true +showlist_header_value = sandbox + +[cors] +origins = * +credentials = true +methods = GET, PUT, POST, HEAD, DELETE, PATCH +headers = accept, authorization, content-type, origin, referer + +[x_frame_options] +hosts = * +same_origin = true + +[native_query_servers] +enable_erlang_query_server = false + +[query_server_config] +reduce_limit = true +os_process_limit = 100 +group_info_timeout = 5000 +query_limit = 268435456 +partition_query_limit = 268435456 + +[mango] +default_limit = 25 +index_all_disabled = false +index_scan_warning_threshold = 10 + +[indexers] +couch_mrview = true + +[feature_flags] +partitioned||* = true + +[uuids] +algorithm = sequential +utc_id_suffix = +max_count = 1000 + +[attachments] +compression_level = 8 +compressible_types = text/*, application/javascript, application/json, application/xml + +[replicator] +startup_jitter = 5000 + +[replicator.shares] +_replicator = 100 + +[log] +writer = stderr +level = error + +[stats] +interval = 10 + +[smoosh] +db_channels = upgrade_dbs,ratio_dbs,slack_dbs +view_channels = upgrade_views,ratio_views,slack_views + +[ioq] +concurrency = 10 +ratio = 0.01 + +[ioq.bypass] +os_process = true +read = true +write = true +view_update = true +shard_sync = false +compaction = false + +[dreyfus] +name = clouseau@127.0.0.1 +retry_limit = 5 +limit = 25 +limit_partitions = 2000 +max_limit = 200 +max_limit_partitions = 2000 + +[reshard] +max_jobs = 48 +max_history = 20 +max_retries = 1 +retry_interval_sec = 10 +delete_source = true +update_shard_map_timeout_sec = 60 +source_close_timeout_sec = 600 +require_node_param = false +require_range_param = false + +[prometheus] +bind_address = any +port = 17986 + +[cluster] +n = 1 diff --git a/rootfs/usr/local/share/template-files/config/couchdb/local.ini b/rootfs/usr/local/share/template-files/config/couchdb/local.ini new file mode 100644 index 0000000..b6f6e69 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/couchdb/local.ini @@ -0,0 +1,9 @@ +[couchdb] +single_node=true + +[log] +writer = file +file = /data/logs/couchdb/couch.log + +[admins] +REPLACE_ROOT_ADMIN=REPLACE_ROOT_PASS diff --git a/rootfs/usr/local/share/template-files/config/env/default.sample b/rootfs/usr/local/share/template-files/config/env/default.sample new file mode 100644 index 0000000..b131965 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/default.sample @@ -0,0 +1,135 @@ +#!/usr/bin/env bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import the functions file +if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then + . "/usr/local/etc/docker/functions/entrypoint.sh" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# GLOBAL enviroment variables +USER="${USER:-root}" +LANG="${LANG:-C.UTF-8}" +TZ="${TZ:-America/New_York}" +SERVICE_USER="${SERVICE_USER:-root}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# directory settings +BACKUP_DIR="${BACKUP_DIR:-/data/backups}" +WWW_ROOT_DIR="${WWW_ROOT_DIR:-/usr/share/webapps/couchdb}" +LOCAL_BIN_DIR="${LOCAL_BIN_DIR:-/usr/local/bin}" +DATABASE_BASE_DIR="${DATABASE_BASE_DIR:-/data/db}" +DEFAULT_DATA_DIR="${DEFAULT_DATA_DIR:-/usr/local/share/template-files/data}" +DEFAULT_CONF_DIR="${DEFAULT_CONF_DIR:-/usr/local/share/template-files/config}" +DEFAULT_TEMPLATE_DIR="${DEFAULT_TEMPLATE_DIR:-/usr/local/share/template-files/defaults}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# healthcheck +HEALTH_ENABLED="${HEALTH_ENABLED:-}" +HEALTH_URL="${HEALTH_URL:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# php settings +PHP_VERSION="${PHP_VERSION//php/}" +PHP_INI_DIR="${PHP_INI_DIR:-$(__find_php_ini)}" +PHP_BIN_DIR="${PHP_BIN_DIR:-$(__find_php_bin)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# services/ports +ENV_PORTS="${ENV_PORTS:-}" +SERVICE_PORT="${SERVICE_PORT:-$PORT}" +WEB_SERVER_PORTS="${WEB_SERVER_PORTS:-}" +SERVICES_LIST="${PROCS_LIST:-$SERVICES_LIST} " +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# networing info +HOSTNAME="${HOSTNAME:-casjaysdev-GEN_SCRIPT_REPLACE_APPNAME}" +DOMAINNAME="${DOMAINNAME:-}" +FULL_DOMAIN_NAME="${FULL_DOMAIN_NAME:-${DOMAINNAME:-$HOSTNAME}}" +SERVER_ADMIN="${SERVER_ADMIN:-root@${EMAIL_DOMAIN:-$DOMAINNAME}}" +EMAIL_RELAY="${EMAIL_RELAY:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# get ip addresses +CONTAINER_IP4_ADDRESS="${CONTAINER_IP4_ADDRESS:-$(__get_ip4)}" +CONTAINER_IP6_ADDRESS="${CONTAINER_IP6_ADDRESS:-$(__get_ip6)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# cerbot +CERT_BOT_MAIL="${CERT_BOT_MAIL:-}" +CERTBOT_DOMAINS="${CERTBOT_DOMAINS:-}" +CERT_BOT_ENABLED="${CERT_BOT_ENABLED:-false}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# ssl server settings +SSL_ENABLED="${SSL_ENABLED:-false}" +SSL_DIR="${SSL_DIR:-/config/ssl}" +SSL_CA="${SSL_CA:-$SSL_DIR/ca.crt}" +SSL_KEY="${SSL_KEY:-$SSL_DIR/server.key}" +SSL_CERT="${SSL_CERT:-$SSL_DIR/server.crt}" +SSL_CONTAINER_DIR="${SSL_CONTAINER_DIR:-/etc/ssl/CA}" +COUNTRY="${COUNTRY:-US}" +STATE="${STATE:-NY}" +CITY="${CITY:-Albany}" +UNIT="${UNIT:-CasjaysDev}" +ORG="${ORG:-"Casjays Developments"}" +DAYS_VALID="${DAYS_VALID:-3650}" +RSA="${RSA:-4096}" +CN="${CN:-$FULL_DOMAIN_NAME}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# web server configs +HTTPD_CONFIG_FILE="${HTTPD_CONFIG_FILE:-$(__find_httpd_conf)}" +NGINX_CONFIG_FILE="${NGINX_CONFIG_FILE:-$(__find_nginx_conf)}" +LIGHTTPD_CONFIG_FILE="${LIGHTTPD_CONFIG_FILE:-$(__find_lighttpd_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# redis env +DATABASE_DIR_REDIS="${DATABASE_DIR_REDIS:-$DATABASE_BASE_DIR/redis}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# postgresql env +DATABASE_DIR_PGSQL="${DATABASE_DIR_PGSQL:-$PGDATA}" +PGDATA="${DATABASE_DIR_PGSQL:-$DATABASE_BASE_DIR/pgsql}" +POSTGRES_USER="${DATABASE_USER_ROOT:-$POSTGRES_USER}" +POSTGRES_PASSWORD="${DATABASE_PASS_ROOT:-$POSTGRES_PASSWORD}" +POSTGRES_CONFIG_FILE="${POSTGRES_CONFIG_FILE:-$(__find_pgsql_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# mariadb env +MARIADB_ROOT_HOST="${MARIADB_ROOT_HOST:-%}" +MARIADB_AUTO_UPGRADE="${MARIADB_AUTO_UPGRADE:-yes}" +MARIADB_DATABASE="${DATABASE_CREATE:-$MARIADB_DATABASE}" +MARIADB_USER="${DATABASE_USER_NORMAL:-$MARIADB_USER}" +MARIADB_PASSWORD="${DATABASE_PASS_NORMAL:-$MARIADB_PASSWORD}" +DATABASE_DIR_MARIADB="${DATABASE_DIR_MARIADB:-$DATABASE_BASE_DIR/mysql}" +MARIADB_ROOT_PASSWORD="${DATABASE_PASS_ROOT:-$MARIADB_ROOT_PASSWORD}" +MARIADB_ALLOW_EMPTY_ROOT_PASSWORD="${MARIADB_ALLOW_EMPTY_ROOT_PASSWORD:-}" +MARIADB_INITDB_SKIP_TZINFO="${MARIADB_INITDB_SKIP_TZINFO}:-" +MARIADB_RANDOM_ROOT_PASSWORD="${MARIADB_RANDOM_ROOT_PASSWORD:-}" +MARIADB_CONFIG_FILE="${MARIADB_CONFIG_FILE:-$(__find_mysql_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# mongodb env +NITDB_ROOT_USERNAME="${DATABASE_USER_ROOT:-$NITDB_ROOT_USERNAME}" +DATABASE_DIR_MONGODB="${DATABASE_DIR_MONGODB:-$DATABASE_BASE_DIR/mongodb}" +MONGO_INITDB_ROOT_PASSWORD="${DATABASE_PASS_ROOT:-$MONGO_INITDB_ROOT_PASSWORD}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# couchdb env +NODENAME="${NODENAME:-}" +COUCHDB_USER="${DATABASE_USER_ROOT:-$COUCHDB_USER}" +COUCHDB_PASSWORD="${DATABASE_PASS_ROOT:-$COUCHDB_PASSWORD}" +DATABASE_DIR_COUCHDB="${DATABASE_DIR_COUCHDB:-$DATABASE_BASE_DIR/couchdb}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Supabase +DATABASE_DIR_SUPABASE="${DATABASE_DIR_SUPABASE:-$DATABASE_BASE_DIR/supabase}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# docker env +DOCKER_HOST="unix://var/run/docker.sock" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# File locations +ENTRYPOINT_PID_FILE="${ENTRYPOINT_PID_FILE:-/run/init.d/entrypoint.pid}" +ENTRYPOINT_INIT_FILE="${ENTRYPOINT_INIT_FILE:-/config/.entrypoint.done}" +ENTRYPOINT_DATA_INIT_FILE="${ENTRYPOINT_DATA_INIT_FILE:-/data/.docker_has_run}" +ENTRYPOINT_CONFIG_INIT_FILE="${ENTRYPOINT_CONFIG_INIT_FILE:-/config/.docker_has_run}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Startup variables +INIT_DATE="${INIT_DATE:-$(date)}" +START_SERVICES="${START_SERVICES:-yes}" +ENTRYPOINT_MESSAGE="${ENTRYPOINT_MESSAGE:-yes}" +ENTRYPOINT_FIRST_RUN="${ENTRYPOINT_FIRST_RUN:-yes}" +DATA_DIR_INITIALIZED="${DATA_DIR_INITIALIZED:-false}" +CONFIG_DIR_INITIALIZED="${CONFIG_DIR_INITIALIZED:-false}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ -f "$ENTRYPOINT_PID_FILE" ] || [ -f "$ENTRYPOINT_INIT_FILE" ]; + then START_SERVICES="no" ENTRYPOINT_MESSAGE="no" ENTRYPOINT_FIRST_RUN="no" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/nginx/mime.types b/rootfs/usr/local/share/template-files/config/nginx/mime.types new file mode 100644 index 0000000..1c00d70 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/nginx/mime.types @@ -0,0 +1,99 @@ + +types { + text/html html htm shtml; + text/css css; + text/xml xml; + image/gif gif; + image/jpeg jpeg jpg; + application/javascript js; + application/atom+xml atom; + application/rss+xml rss; + + text/mathml mml; + text/plain txt; + text/vnd.sun.j2me.app-descriptor jad; + text/vnd.wap.wml wml; + text/x-component htc; + + image/avif avif; + image/png png; + image/svg+xml svg svgz; + image/tiff tif tiff; + image/vnd.wap.wbmp wbmp; + image/webp webp; + image/x-icon ico; + image/x-jng jng; + image/x-ms-bmp bmp; + + font/woff woff; + font/woff2 woff2; + + application/java-archive jar war ear; + application/json json; + application/mac-binhex40 hqx; + application/msword doc; + application/pdf pdf; + application/postscript ps eps ai; + application/rtf rtf; + application/vnd.apple.mpegurl m3u8; + application/vnd.google-earth.kml+xml kml; + application/vnd.google-earth.kmz kmz; + application/vnd.ms-excel xls; + application/vnd.ms-fontobject eot; + application/vnd.ms-powerpoint ppt; + application/vnd.oasis.opendocument.graphics odg; + application/vnd.oasis.opendocument.presentation odp; + application/vnd.oasis.opendocument.spreadsheet ods; + application/vnd.oasis.opendocument.text odt; + application/vnd.openxmlformats-officedocument.presentationml.presentation + pptx; + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet + xlsx; + application/vnd.openxmlformats-officedocument.wordprocessingml.document + docx; + application/vnd.wap.wmlc wmlc; + application/wasm wasm; + application/x-7z-compressed 7z; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-perl pl pm; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert der pem crt; + application/x-xpinstall xpi; + application/xhtml+xml xhtml; + application/xspf+xml xspf; + application/zip zip; + + application/octet-stream bin exe dll; + application/octet-stream deb; + application/octet-stream dmg; + application/octet-stream iso img; + application/octet-stream msi msp msm; + + audio/midi mid midi kar; + audio/mpeg mp3; + audio/ogg ogg; + audio/x-m4a m4a; + audio/x-realaudio ra; + + video/3gpp 3gpp 3gp; + video/mp2t ts; + video/mp4 mp4; + video/mpeg mpeg mpg; + video/quicktime mov; + video/webm webm; + video/x-flv flv; + video/x-m4v m4v; + video/x-mng mng; + video/x-ms-asf asx asf; + video/x-ms-wmv wmv; + video/x-msvideo avi; +} diff --git a/rootfs/usr/local/share/template-files/config/nginx/nginx.conf b/rootfs/usr/local/share/template-files/config/nginx/nginx.conf new file mode 100644 index 0000000..c99473a --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/nginx/nginx.conf @@ -0,0 +1,150 @@ +# Default nginx configuration +user root; +worker_processes auto; +daemon off; +error_log /data/logs/nginx/nginx.log warn; +pid /run/nginx.pid; + +events { + worker_connections 1024; +} + +http { + include /etc/nginx/mime.types; + default_type "text/html"; + access_log /data/logs/nginx/access.REPLACE_SERVER_NAME.log; + sendfile on; + keepalive_timeout 65; + gzip on; + map $http_upgrade $connection_upgrade { default upgrade; '' close; } + disable_symlinks off; + root REPLACE_SERVER_WWW_DIR; + + server { + listen REPLACE_SERVER_PORT; + server_name REPLACE_SERVER_NAME; + root REPLACE_SERVER_WWW_DIR; + index index.php index.html index.cgi index.pl index.aspx index.txt index.json index.unknown.php index.default.php; + add_header X-Frame-Options "SAMEORIGIN" always; + add_header X-XSS-Protection "1; mode=block" always; + add_header X-Content-Type-Options "nosniff" always; + add_header Referrer-Policy "no-referrer-when-downgrade" always; + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-src 'self' *; object-src 'self'" always; + proxy_intercept_errors off; + + location / { + proxy_pass http://REPLACE_PROXY_ADDRESS; + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location ~ ^/(.*)/_changes { + proxy_pass http://REPLACE_PROXY_ADDRESS; + proxy_redirect off; + proxy_buffering off; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location = /favicon.ico { + alias /usr/local/share/wwwroot/favicon.ico; + log_not_found off; + access_log off; + } + + location = /robots.txt { + alias /usr/local/share/wwwroot/robots.txt; + allow all; + log_not_found off; + access_log off; + } + + location ^~ /.well-known { + default_type "text/plain"; + root /usr/local/share/wwwroot/.well-known; + } + + location ^~ /health { + default_type "text/plain"; + allow all; + access_log off; + root /usr/local/share/wwwroot/health; + } + + location ^~ /health/txt { + default_type application/json; + allow all; + access_log off; + return 200 'ok'; + } + + location ^~ /health/json { + default_type application/json; + allow all; + access_log off; + return 200 '{"status":"OK"}'; + } + + location ^~ /health/status { + stub_status; + } + + location ~ [^/]\.php(/|$) { + fastcgi_split_path_info ^(.+?\.php)(/.*)$; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_param HTTP_PROXY ""; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + fastcgi_param QUERY_STRING $query_string; + fastcgi_param REQUEST_METHOD $request_method; + fastcgi_param CONTENT_TYPE $content_type; + fastcgi_param CONTENT_LENGTH $content_length; + fastcgi_param SCRIPT_NAME $fastcgi_script_name; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param REQUEST_URI $request_uri; + fastcgi_param DOCUMENT_URI $document_uri; + fastcgi_param DOCUMENT_ROOT $document_root; + fastcgi_param SERVER_PROTOCOL $server_protocol; + fastcgi_param REQUEST_SCHEME $scheme; + fastcgi_param HTTPS $https if_not_empty; + fastcgi_param GATEWAY_INTERFACE CGI/1.1; + fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + fastcgi_param REMOTE_ADDR $remote_addr; + fastcgi_param REMOTE_PORT $remote_port; + fastcgi_param SERVER_ADDR $server_addr; + fastcgi_param SERVER_PORT $server_port; + fastcgi_param SERVER_NAME $server_name; + # PHP only, required if PHP was built with --enable-force-cgi-redirect + fastcgi_param REDIRECT_STATUS 200; + + } + # location /cgi-bin { + # root /usr/local/share/wwwroot/cgi-bin; + # gzip off; + # fastcgi_pass unix:/var/run/fcgiwrap.socket; + # fastcgi_param HTTP_PROXY ""; + # fastcgi_param GATEWAY_INTERFACE CGI/1.1; + # fastcgi_param SERVER_SOFTWARE nginx; + # fastcgi_param QUERY_STRING $query_string; + # fastcgi_param REQUEST_METHOD $request_method; + # fastcgi_param CONTENT_TYPE $content_type; + # fastcgi_param CONTENT_LENGTH $content_length; + # fastcgi_param SCRIPT_NAME $fastcgi_script_name; + # fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + # fastcgi_param REQUEST_URI $request_uri; + # fastcgi_param DOCUMENT_URI $document_uri; + # fastcgi_param DOCUMENT_ROOT $document_root; + # fastcgi_param SERVER_PROTOCOL $server_protocol; + # fastcgi_param REMOTE_ADDR $remote_addr; + # fastcgi_param REMOTE_PORT $remote_port; + # fastcgi_param SERVER_ADDR $server_addr; + # fastcgi_param SERVER_PORT $server_port; + # fastcgi_param SERVER_NAME $server_name; +# } + } + include /etc/nginx/vhosts.d/*.conf; +} diff --git a/rootfs/usr/local/share/template-files/config/nginx/nginx.ssl.conf b/rootfs/usr/local/share/template-files/config/nginx/nginx.ssl.conf new file mode 100644 index 0000000..2bdd6b8 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/nginx/nginx.ssl.conf @@ -0,0 +1,131 @@ +# Default nginx configuration +user root; +worker_processes auto; +daemon off; +error_log /data/logs/nginx/nginx.log warn; +pid /run/nginx.pid; + +events { + worker_connections 1024; +} + +http { + include /etc/nginx/mime.types; + default_type "text/html"; + access_log /data/logs/nginx/access.default.log; + sendfile on; + keepalive_timeout 65; + gzip on; + map $http_upgrade $connection_upgrade { default upgrade; '' close; } + disable_symlinks off; + root REPLACE_SERVER_WWW_DIR; + + server { + listen REPLACE_SERVER_PORT; + server_name REPLACE_SERVER_NAME; + root REPLACE_SERVER_WWW_DIR; + index index.php index.cgi index.pl index.aspx index.txt index.json index.html index.unknown.php index.default.php; + add_header X-Frame-Options "SAMEORIGIN" always; + add_header X-XSS-Protection "1; mode=block" always; + add_header X-Content-Type-Options "nosniff" always; + add_header Referrer-Policy "no-referrer-when-downgrade" always; + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-src 'self' *; object-src 'self'" always; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; + ssl_prefer_server_ciphers off; + ssl_certificate /etc/ssl/localhost.crt; + ssl_certificate_key /etc/ssl/localhost.key; + proxy_intercept_errors off; + + location ^~ /.well-known { + default_type "text/plain"; + root REPLACE_SERVER_WWW_DIR/.well-known; + } + + location ^~ = /favicon.ico { + log_not_found off; + access_log off; + } + + location ^~ = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ^~ /health { + default_type text/html; + allow all; + access_log off; + return 200 'OK'; + } + + location ^~ /health/json { + default_type application/json; + allow all; + access_log off; + return 200 '{"status":"OK"}'; + } + + location ^~ /health/status { + stub_status; + } + + location ~ [^/]\.php(/|$) { + fastcgi_split_path_info ^(.+?\.php)(/.*)$; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_param HTTP_PROXY ""; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + fastcgi_param QUERY_STRING $query_string; + fastcgi_param REQUEST_METHOD $request_method; + fastcgi_param CONTENT_TYPE $content_type; + fastcgi_param CONTENT_LENGTH $content_length; + fastcgi_param SCRIPT_NAME $fastcgi_script_name; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param REQUEST_URI $request_uri; + fastcgi_param DOCUMENT_URI $document_uri; + fastcgi_param DOCUMENT_ROOT $document_root; + fastcgi_param SERVER_PROTOCOL $server_protocol; + fastcgi_param REQUEST_SCHEME $scheme; + fastcgi_param HTTPS $https if_not_empty; + fastcgi_param GATEWAY_INTERFACE CGI/1.1; + fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + fastcgi_param REMOTE_ADDR $remote_addr; + fastcgi_param REMOTE_PORT $remote_port; + fastcgi_param SERVER_ADDR $server_addr; + fastcgi_param SERVER_PORT $server_port; + fastcgi_param SERVER_NAME $server_name; + # PHP only, required if PHP was built with --enable-force-cgi-redirect + fastcgi_param REDIRECT_STATUS 200; + + } + # location /cgi-bin { + # root /usr/local/share/wwwroot/cgi-bin; + # gzip off; + # fastcgi_pass unix:/var/run/fcgiwrap.socket; + # fastcgi_param HTTP_PROXY ""; + # fastcgi_param GATEWAY_INTERFACE CGI/1.1; + # fastcgi_param SERVER_SOFTWARE nginx; + # fastcgi_param QUERY_STRING $query_string; + # fastcgi_param REQUEST_METHOD $request_method; + # fastcgi_param CONTENT_TYPE $content_type; + # fastcgi_param CONTENT_LENGTH $content_length; + # fastcgi_param SCRIPT_NAME $fastcgi_script_name; + # fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + # fastcgi_param REQUEST_URI $request_uri; + # fastcgi_param DOCUMENT_URI $document_uri; + # fastcgi_param DOCUMENT_ROOT $document_root; + # fastcgi_param SERVER_PROTOCOL $server_protocol; + # fastcgi_param REMOTE_ADDR $remote_addr; + # fastcgi_param REMOTE_PORT $remote_port; + # fastcgi_param SERVER_ADDR $server_addr; + # fastcgi_param SERVER_PORT $server_port; + # fastcgi_param SERVER_NAME $server_name; +# } + } + include /etc/nginx/vhosts.d/*.conf; +} diff --git a/rootfs/usr/local/share/template-files/config/nginx/vhosts.d/default.conf.sample b/rootfs/usr/local/share/template-files/config/nginx/vhosts.d/default.conf.sample new file mode 100644 index 0000000..1de7f80 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/nginx/vhosts.d/default.conf.sample @@ -0,0 +1,13 @@ + server { + listen REPLACE_SERVER_PORT; + server_name REPLACE_SERVER_NAME; + root REPLACE_SERVER_WWW_DIR; + index index.php index.cgi index.pl index.aspx index.txt index.json index.html index.unknown.php index.default.php; + proxy_intercept_errors off; + add_header X-Frame-Options "SAMEORIGIN" always; + add_header X-XSS-Protection "1; mode=block" always; + add_header X-Content-Type-Options "nosniff" always; + add_header Referrer-Policy "no-referrer-when-downgrade" always; + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-src 'self' *; object-src 'self'" always; + } diff --git a/rootfs/usr/local/share/template-files/config/nginx/vhosts.d/default.ssl.sample b/rootfs/usr/local/share/template-files/config/nginx/vhosts.d/default.ssl.sample new file mode 100644 index 0000000..50089af --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/nginx/vhosts.d/default.ssl.sample @@ -0,0 +1,18 @@ + server { + listen ssl http2 REPLACE_SERVER_PORT; + server_name REPLACE_SERVER_NAME; + root REPLACE_SERVER_WWW_DIR; + index index.php index.cgi index.pl index.aspx awstats.pl index.txt index.json index.html index.unknown.php index.default.php; + proxy_intercept_errors off; + add_header X-Frame-Options "SAMEORIGIN" always; + add_header X-XSS-Protection "1; mode=block" always; + add_header X-Content-Type-Options "nosniff" always; + add_header Referrer-Policy "no-referrer-when-downgrade" always; + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-src 'self' *; object-src 'self'" always; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; + ssl_prefer_server_ciphers off; + ssl_certificate /etc/ssl/localhost.crt; + ssl_certificate_key /etc/ssl/localhost.key; + } diff --git a/rootfs/usr/local/share/template-files/data/.gitkeep b/rootfs/usr/local/share/template-files/data/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/rootfs/usr/local/share/template-files/defaults/.gitkeep b/rootfs/usr/local/share/template-files/defaults/.gitkeep new file mode 100644 index 0000000..e69de29