From 42d0439d9417b6fa80d1b3d6b2cb4b1ec9bb9e0a Mon Sep 17 00:00:00 2001 From: casjay Date: Tue, 9 Jun 2026 18:57:12 -0400 Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20Use=20marker=20file=20to=20gate?= =?UTF-8?q?=20config=20seeding=20=E2=80=94=20never=20re-seed=20on=20restar?= =?UTF-8?q?t=20=F0=9F=90=9B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Replace the fragile grep-for-REPLACE_ re-seed check with a .initialized marker written after __update_conf_files completes. The seed (cp from /etc/ → /config/) only runs when the marker is absent, so secrets and tokens are generated exactly once and never overwritten on container restart. To force a full re-initialisation: delete /config/$svc/.initialized - rootfs/usr/local/etc/docker/init.d/08-gitea.sh: seed on missing marker; write marker at end of __update_conf_files - rootfs/usr/local/etc/docker/init.d/05-dockerd.sh: same - rootfs/usr/local/etc/docker/init.d/zz-act_runner.sh: same rootfs/usr/local/etc/docker/init.d/05-dockerd.sh rootfs/usr/local/etc/docker/init.d/08-gitea.sh rootfs/usr/local/etc/docker/init.d/zz-act_runner.sh --- rootfs/usr/local/etc/docker/init.d/05-dockerd.sh | 4 +++- rootfs/usr/local/etc/docker/init.d/08-gitea.sh | 11 +++++++---- rootfs/usr/local/etc/docker/init.d/zz-act_runner.sh | 4 +++- 3 files changed, 13 insertions(+), 6 deletions(-) diff --git a/rootfs/usr/local/etc/docker/init.d/05-dockerd.sh b/rootfs/usr/local/etc/docker/init.d/05-dockerd.sh index e1e0191..268c651 100755 --- a/rootfs/usr/local/etc/docker/init.d/05-dockerd.sh +++ b/rootfs/usr/local/etc/docker/init.d/05-dockerd.sh @@ -267,7 +267,7 @@ __run_precopy() { # then replace the /etc/$SERVICE_NAME directory with a symlink to /config/$SERVICE_NAME # so both paths always resolve to the same processed config. if [ -d "$ETC_DIR" ] && ! [ -L "$ETC_DIR" ]; then - if [ ! -f "$CONF_DIR/daemon.json" ] || grep -q "REPLACE_" "$CONF_DIR/daemon.json" 2>/dev/null; then + if [ ! -f "$CONF_DIR/.initialized" ]; then mkdir -p "$CONF_DIR" cp -Rf "$ETC_DIR/." "$CONF_DIR/" 2>/dev/null || true fi @@ -491,6 +491,8 @@ __update_conf_files() { # define actions symlink "$DATA_DIR" "/var/lib/docker" chmod 777 "$DATA_DIR" "/var/lib/docker" + # Mark config as fully initialised so __run_precopy skips re-seeding on restart + touch "$CONF_DIR/.initialized" 2>/dev/null || true # allow custom functions if builtin type -t __update_conf_files_local | grep -q 'function'; then __update_conf_files_local; fi # exit function diff --git a/rootfs/usr/local/etc/docker/init.d/08-gitea.sh b/rootfs/usr/local/etc/docker/init.d/08-gitea.sh index 1ffa6d6..7e7a620 100755 --- a/rootfs/usr/local/etc/docker/init.d/08-gitea.sh +++ b/rootfs/usr/local/etc/docker/init.d/08-gitea.sh @@ -304,12 +304,13 @@ __run_precopy() { # during container startup, after the entrypoint's initial copy. Applying it here # (in the init.d phase) ensures it takes effect after Docker finishes network setup. [ -f "/usr/local/etc/resolv.conf" ] && cp -f "/usr/local/etc/resolv.conf" "/etc/resolv.conf" 2>/dev/null || true - # Seed /config/$SERVICE_NAME from the baked /etc copy if app.ini is missing - # or still contains unprocessed REPLACE_ tokens from a previous broken run, - # then replace the /etc/$SERVICE_NAME directory with a symlink to /config/$SERVICE_NAME + # Seed /config/$SERVICE_NAME from the baked /etc copy on first initialisation only. + # The marker file $CONF_DIR/.initialized is written after substitution completes; + # delete it to force a re-seed (e.g. after intentional config reset). + # Then replace the /etc/$SERVICE_NAME directory with a symlink to /config/$SERVICE_NAME # so both paths always resolve to the same processed config. if [ -d "$ETC_DIR" ] && ! [ -L "$ETC_DIR" ]; then - if [ ! -f "$CONF_DIR/app.ini" ] || grep -q "REPLACE_" "$CONF_DIR/app.ini" 2>/dev/null; then + if [ ! -f "$CONF_DIR/.initialized" ]; then mkdir -p "$CONF_DIR" cp -Rf "$ETC_DIR/." "$CONF_DIR/" 2>/dev/null || true fi @@ -434,6 +435,8 @@ __update_conf_files() { chown -Rf $SERVICE_USER:$SERVICE_GROUP "$DATA_DIR" 2>/dev/null fi [ -d "$DATABASE_DIR" ] && chown -Rf $SERVICE_USER:$SERVICE_GROUP "$DATABASE_DIR" 2>/dev/null + # Mark config as fully initialised so __run_precopy skips re-seeding on restart + touch "$CONF_DIR/.initialized" 2>/dev/null || true # allow custom functions if builtin type -t __update_conf_files_local | grep -q 'function'; then __update_conf_files_local; fi diff --git a/rootfs/usr/local/etc/docker/init.d/zz-act_runner.sh b/rootfs/usr/local/etc/docker/init.d/zz-act_runner.sh index 029bae0..d310eb4 100755 --- a/rootfs/usr/local/etc/docker/init.d/zz-act_runner.sh +++ b/rootfs/usr/local/etc/docker/init.d/zz-act_runner.sh @@ -337,7 +337,7 @@ __run_precopy() { # then replace the /etc/$SERVICE_NAME directory with a symlink to /config/$SERVICE_NAME # so both paths always resolve to the same processed config. if [ -d "$ETC_DIR" ] && ! [ -L "$ETC_DIR" ]; then - if [ ! -f "$CONF_DIR/default_config.yaml" ] || grep -q "REPLACE_" "$CONF_DIR/default_config.yaml" 2>/dev/null; then + if [ ! -f "$CONF_DIR/.initialized" ]; then mkdir -p "$CONF_DIR" cp -Rf "$ETC_DIR/." "$CONF_DIR/" 2>/dev/null || true fi @@ -439,6 +439,8 @@ __update_conf_files() { # - - - - - - - - - - - - - - - - - - - - - - - - - # define actions + # Mark config as fully initialised so __run_precopy skips re-seeding on restart + touch "$CONF_DIR/.initialized" 2>/dev/null || true # allow custom functions if builtin type -t __update_conf_files_local | grep -q 'function'; then __update_conf_files_local; fi # exit function