🔧 Sync template framework updates and fix app.ini config 🔧

Bring all init scripts and support files up to the latest docker template framework, and fully configure gitea's app.ini for a performant, open, reverse-proxy-aware deployment. - rootfs/tmp/etc/gitea/app.ini: add missing sections ([server], [cache], [queue], [git], [git.timeout], [api], [webhook], [indexer], [session], [oauth2], [metrics], [repository.release]); raise MAX_RESPONSE_ITEMS=500; set PROTOCOL=http, HTTP_ADDR=0.0.0.0, USE_PROXY_PROTOCOL=false; INSTALL_LOCK=false; tune DB/session/security - rootfs/usr/local/bin/entrypoint.sh: direct template sync — new trap style, SSL_CA fix, ENTRYPOINT_PID_FILE path, mapfile, __netstat call - rootfs/usr/local/etc/docker/functions/entrypoint.sh: direct template sync — add __log_debug/info/warn/error; improve __netstat, __mkdir, __rm, __grep_test (639 changed lines) - rootfs/usr/local/etc/docker/init.d/00-server01.sh: new generic template/example init.d service script - rootfs/usr/local/etc/docker/init.d/05-dockerd.sh: framework update — __trap_err_handler ERR handler, SIGPWR split, enabled-check expanded, debug if/else, env loop guard, $(<...) PID read, __check_service guard, __run_start_script rewrite (printf %q, md5sum hash, bash launcher), errorCode=${PIPESTATUS[0]}, remove unconditional SERVICE_EXIT_CODE=0, fix __post_execute fire-and-forget - rootfs/usr/local/etc/docker/init.d/08-gitea.sh: same framework updates as 05-dockerd.sh, service-specific content preserved - rootfs/usr/local/etc/docker/init.d/zz-act_runner.sh: same framework updates; service-specific __post_execute daemon/cache-server logic kept - rootfs/root/docker/setup/00-init.sh: version stamp sync - rootfs/root/docker/setup/01-system.sh: version stamp sync - rootfs/root/docker/setup/02-packages.sh: version stamp sync - rootfs/root/docker/setup/03-files.sh: header-only patch, gitea-specific body preserved - rootfs/root/docker/setup/04-users.sh: version stamp sync - rootfs/root/docker/setup/05-custom.sh: header-only patch, gitea/act_runner binary download logic preserved - rootfs/root/docker/setup/06-post.sh: version stamp sync - rootfs/root/docker/setup/07-cleanup.sh: version stamp sync - rootfs/usr/local/share/template-files/config/env/default.sample: ENTRYPOINT_PID_FILE path → /run/init.d/entrypoint.pid - rootfs/usr/local/share/template-files/config/env/examples/zz-entrypoint.sh: ENTRYPOINT_PID_FILE path → /run/init.d/entrypoint.pid rootfs/root/docker/setup/00-init.sh rootfs/root/docker/setup/01-system.sh rootfs/root/docker/setup/02-packages.sh rootfs/root/docker/setup/03-files.sh rootfs/root/docker/setup/04-users.sh rootfs/root/docker/setup/05-custom.sh rootfs/root/docker/setup/06-post.sh rootfs/root/docker/setup/07-cleanup.sh rootfs/tmp/etc/gitea/app.ini rootfs/usr/local/bin/entrypoint.sh rootfs/usr/local/etc/docker/functions/entrypoint.sh rootfs/usr/local/etc/docker/init.d/00-server01.sh rootfs/usr/local/etc/docker/init.d/05-dockerd.sh rootfs/usr/local/etc/docker/init.d/08-gitea.sh rootfs/usr/local/etc/docker/init.d/zz-act_runner.sh rootfs/usr/local/share/template-files/config/env/default.sample rootfs/usr/local/share/template-files/config/env/examples/zz-entrypoint.sh
2026-06-24 02:01:03 -04:00 · 2026-05-24 12:19:59 -04:00
parent 4fc5a83354
commit 4d51cc0e7c
17 changed files with 2160 additions and 759 deletions
@@ -1,15 +1,15 @@
 #!/usr/bin/env bash
 # shellcheck shell=bash
 # - - - - - - - - - - - - - - - - - - - - - - - - -
-##@Version           :  202602061352-git
+##@Version           :  202605241142-git
 # @@Author           :  Jason Hempstead
 # @@Contact          :  jason@casjaysdev.pro
 # @@License          :  WTFPL
 # @@ReadME           :  entrypoint.sh --help
 # @@Copyright        :  Copyright: (c) 2026 Jason Hempstead, Casjays Developments
-# @@Created          :  Tuesday, May 05, 2026 14:38 EDT
+# @@Created          :  Sunday, May 24, 2026 11:58 EDT
 # @@File             :  entrypoint.sh
-# @@Description      :  Entrypoint file for gitea
+# @@Description      :  Entrypoint file for archlinux
 # @@Changelog        :  New script
 # @@TODO             :  Better documentation
 # @@Other            :  
@@ -21,17 +21,25 @@
 # shellcheck disable=SC1001,SC1003,SC2001,SC2003,SC2016,SC2031,SC2090,SC2115,SC2120,SC2155,SC2199,SC2229,SC2317,SC2329
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 # run trap command on exit
-trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "yes" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' INT TERM PWR
+trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "yes" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' INT TERM
+trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "yes" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGPWR 2>/dev/null || true
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 # setup debugging - https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
 [ -f "/config/.debug" ] && [ -z "$DEBUGGER_OPTIONS" ] && export DEBUGGER_OPTIONS="$(<"/config/.debug")" || DEBUGGER_OPTIONS="${DEBUGGER_OPTIONS:-}"
-{ [ "$DEBUGGER" = "on" ] || [ -f "/config/.debug" ]; } && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS && export DEBUGGER="on" || set -o pipefail
+if [ "$DEBUGGER" = "on" ] || [ -f "/config/.debug" ]; then
+  echo "Enabling debugging"
+  set -o pipefail
+  [ -n "$DEBUGGER_OPTIONS" ] && set -"$DEBUGGER_OPTIONS"
+  export DEBUGGER="on"
+else
+  set -o pipefail
+fi
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 # Set bash options
 SCRIPT_FILE="$0"
-CONTAINER_NAME="gitea"
+CONTAINER_NAME="archlinux"
 SCRIPT_NAME="${SCRIPT_FILE##*/}"
 CONTAINER_NAME="${ENV_CONTAINER_NAME:-$CONTAINER_NAME}"
 # - - - - - - - - - - - - - - - - - - - - - - - - -
@@ -87,8 +95,8 @@ SERVICE_UID="${SERVICE_UID:-0}"
 SERVICE_GID="${SERVICE_GID:-0}"
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 # User and group in which the service switches to - IE: nginx,apache,mysql,postgres
-#SERVICE_USER="${SERVICE_USER:-gitea}"   # execute command as another user
-#SERVICE_GROUP="${SERVICE_GROUP:-gitea}" # Set the service group
+#SERVICE_USER="${SERVICE_USER:-archlinux}"   # execute command as another user
+#SERVICE_GROUP="${SERVICE_GROUP:-archlinux}" # Set the service group
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 # Secondary ports
 # specifiy other ports
@@ -143,7 +151,7 @@ export DOMAINNAME="$(hostname -d)"
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 # Default directories
 export SSL_DIR="${SSL_DIR:-/config/ssl}"
-export SSL_CA="${SSL_CERT:-/config/ssl/ca.crt}"
+export SSL_CA="${SSL_CA:-/config/ssl/ca.crt}"
 export SSL_KEY="${SSL_KEY:-/config/ssl/localhost.pem}"
 export SSL_CERT="${SSL_CERT:-/config/ssl/localhost.crt}"
 export LOCAL_BIN_DIR="${LOCAL_BIN_DIR:-/usr/local/bin}"
@@ -164,7 +172,7 @@ export NGINX_CONFIG_FILE="${NGINX_CONFIG_FILE:-$(__find_nginx_conf)}"
 export MYSQL_CONFIG_FILE="${MYSQL_CONFIG_FILE:-$(__find_mysql_conf)}"
 export PGSQL_CONFIG_FILE="${PGSQL_CONFIG_FILE:-$(__find_pgsql_conf)}"
 export MONGODB_CONFIG_FILE="${MONGODB_CONFIG_FILE:-$(__find_mongodb_conf)}"
-export ENTRYPOINT_PID_FILE="${ENTRYPOINT_PID_FILE:-$ENTRYPOINT_PID_FILE}"
+export ENTRYPOINT_PID_FILE="${ENTRYPOINT_PID_FILE:-/run/.entrypoint.pid}"
 export ENTRYPOINT_INIT_FILE="${ENTRYPOINT_INIT_FILE:-/config/.entrypoint.done}"
 export ENTRYPOINT_DATA_INIT_FILE="${ENTRYPOINT_DATA_INIT_FILE:-/data/.docker_has_run}"
 export ENTRYPOINT_CONFIG_INIT_FILE="${ENTRYPOINT_CONFIG_INIT_FILE:-/config/.docker_has_run}"
@@ -214,8 +222,6 @@ SERVER_PORTS="${SERVER_PORTS//,/ }"  #
 SERVER_PORTS="${SERVER_PORTS//\/*/}" #
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 # clean WEB_SERVER_PORTS variables
-WEB_SERVER_PORTS="${WEB_SERVER_PORT//\/*/}"                             #
-WEB_SERVER_PORTS="${WEB_SERVER_PORTS//\/*/}"                            #
 WEB_SERVER_PORTS="${WEB_SERVER_PORT//,/ } ${ENV_WEB_SERVER_PORTS//,/ }" #
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 # rewrite and merge variables
@@ -288,7 +294,7 @@ fi
 if [ "$ENTRYPOINT_FIRST_RUN" != "no" ]; then
  if [ "$CONFIG_DIR_INITIALIZED" = "no" ] || [ "$DATA_DIR_INITIALIZED" = "no" ]; then
    if [ "$ENTRYPOINT_MESSAGE" = "yes" ]; then
-      echo "Executing entrypoint script for gitea"
+      echo "Executing entrypoint script for archlinux"
    fi
  fi
  # - - - - - - - - - - - - - - - - - - - - - - - - -
@@ -357,7 +363,7 @@ if [ "$ENTRYPOINT_FIRST_RUN" != "no" ]; then
  fi
  # - - - - - - - - - - - - - - - - - - - - - - - - -
  if [ -f "/etc/hostname" ]; then
-    if [ -n "$(type -P hostname 2>/dev/null)" ]; then
+    if command -v hostname &>/dev/null; then
      hostname -F "/etc/hostname" 2>/dev/null || true
    else
      HOSTNAME="$(<"/etc/hostname")" 2>/dev/null || true
@@ -372,7 +378,7 @@ if [ "$ENTRYPOINT_FIRST_RUN" != "no" ]; then
  # - - - - - - - - - - - - - - - - - - - - - - - - -
  # import resolv.conf file into container
  if [ "$CUSTOM_DNS" != "yes" ] && [ -f "/usr/local/etc/resolv.conf" ] && [ "$UPDATE_FILE_RESOLV" = "yes" ]; then
-    cat "/usr/local/etc/resolv.conf" >"/etc/resolv.conf" 2>/dev/null || true
+    cp -f "/usr/local/etc/resolv.conf" "/etc/resolv.conf" 2>/dev/null || true
  fi
  # - - - - - - - - - - - - - - - - - - - - - - - - -
  if [ -n "$HOME" ] && [ -d "/usr/local/etc/skel" ]; then
@@ -383,12 +389,13 @@ if [ "$ENTRYPOINT_FIRST_RUN" != "no" ]; then
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 fi
 # - - - - - - - - - - - - - - - - - - - - - - - - -
-# Delete any .gitkeep files
+# Delete any .gitkeep files (bash * does not match dotfiles by default,
+# so the explicit /.gitkeep path is required at each depth)
 if [ -d "/data" ]; then
-  rm -Rf "/data/.gitkeep" "/data"/*/*.gitkeep 2>/dev/null || true
+  rm -Rf "/data/.gitkeep" "/data"/*/.gitkeep 2>/dev/null || true
 fi
 if [ -d "/config" ]; then
-  rm -Rf "/config/.gitkeep" "/config"/*/*.gitkeep 2>/dev/null || true
+  rm -Rf "/config/.gitkeep" "/config"/*/.gitkeep 2>/dev/null || true
 fi
 if [ -f "/usr/local/bin/.gitkeep" ]; then
  rm -Rf "/usr/local/bin/.gitkeep" 2>/dev/null || true
@@ -442,7 +449,7 @@ fi
 # if no pid assume container restart - clean stale files on restart
 if [ -f "$ENTRYPOINT_PID_FILE" ]; then
  # Check if the PID in the file is still running
-  entrypoint_pid=$(cat "$ENTRYPOINT_PID_FILE" 2>/dev/null || echo "")
+  entrypoint_pid=$(<"$ENTRYPOINT_PID_FILE") 2>/dev/null
  if [ -n "$entrypoint_pid" ] && kill -0 "$entrypoint_pid" 2>/dev/null; then
    # Process is still running, don't restart services
    START_SERVICES="no"
@@ -451,12 +458,12 @@ if [ -f "$ENTRYPOINT_PID_FILE" ]; then
    # PID file exists but process is dead - this is a restart
    START_SERVICES="yes"
    # Clean any stale PID files on restart
-    rm -f /run/__start_init_scripts.pid /run/init.d/*.pid /run/*.pid 2>/dev/null || true
+    rm -f /run/.start_init_scripts.pid /run/init.d/*.pid /run/*.pid 2>/dev/null || true
  fi
 else
  START_SERVICES=yes
  # Clean any stale PID files on first run
-  rm -f /run/__start_init_scripts.pid /run/init.d/*.pid /run/*.pid 2>/dev/null || true
+  rm -f /run/.start_init_scripts.pid /run/init.d/*.pid /run/*.pid 2>/dev/null || true
 fi
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 [ "$ENTRYPOINT_MESSAGE" = "yes" ] && __printf_space "40" "The containers ip address is:" "$CONTAINER_IP4_ADDRESS"
@@ -482,7 +489,7 @@ __set_user_group_id $SERVICE_USER ${SERVICE_UID:-} ${SERVICE_GID:-}
 __run_message
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 # Just start services
-START_SERVICES="${START_SERVICES:-SYSTEM_INIT}"
+START_SERVICES="${START_SERVICES:-yes}"
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 # Determine if we should start services based on command
 # Only skip service start for the 'init' command
@@ -540,10 +547,10 @@ logs)
    tail -Fq /data/logs/*/*
    ;;
  clean)
-    log_files="$(find "/data/logs" -type f)"
+    mapfile -t log_files < <(find "/data/logs" -type f 2>/dev/null)
    for log in "${log_files[@]}"; do
      __log_info "Clearing log file: $log"
-      printf '' >$log
+      printf '' >"$log"
    done
    ;;
  *)
@@ -578,16 +585,16 @@ healthcheck)
    healthPorts="${WEB_SERVER_PORTS:-}"
    healthEndPoints="${HEALTH_ENDPOINTS:-}"
    SERVICES_LIST="${arguments:-$SERVICES_LIST}"
-    services="$(echo "${SERVICES_LIST//,/ }")"
+    services="${SERVICES_LIST//,/ }"
    healthMessage="Everything seems to be running"
    [ "$healthEnabled" = "yes" ] || exit 0
-    if [ -d "/run/healthcheck" ] && [ "$(ls -A "/run/healthcheck" | wc -l)" -ne 0 ]; then
+    if [ -d "/run/healthcheck" ] && ! __is_dir_empty "/run/healthcheck"; then
      for service in /run/healthcheck/*; do
        name="${service##*/}"
        services+="$name "
      done
    fi
-    services="$(echo "$services" | tr ' ' '\n' | sort -u | grep -v '^$')"
+    services="$(printf '%s\n' $services | sort -u | grep -v '^$')"
    for proc in $services; do
      if [ -n "$proc" ]; then
        if ! __pgrep "$proc"; then
@@ -596,8 +603,8 @@ healthcheck)
        fi
      fi
    done
-    for port in $ports; do
-      if [ -n "$(type -P netstat)" ] && [ -n "$port" ]; then
+    for port in $healthPorts; do
+      if command -v netstat &>/dev/null && [ -n "$port" ]; then
        if ! netstat -taupln | grep -q ":$port "; then
          echo "$port isn't open" >&2
          healthStatus=$((healthStatus + 1))
@@ -621,14 +628,14 @@ healthcheck)
  # show open ports
 ports)
  shift 1
-  ports="$(__netstat -taupln | awk -F ' ' '{print $4}' | awk -F ':' '{print $2}' | sort --unique --version-sort | grep -v '^$' | grep '^' || echo '')"
+  ports="$(__netstat -taupln 2>/dev/null | awk '{ split($4, a, ":"); if (a[2] != "") print a[2] }' | sort -uV)"
  [ -n "$ports" ] && printf '%s\n%s\n' "The following are servers:" "$ports" | tr '\n' ' '
  exit $?
  ;;
  # show running processes
 procs)
  shift 1
-  ps="$(__ps axco command | grep -vE 'COMMAND|grep|ps' | sort -u || grep '^' || echo '')"
+  ps="$(__ps axco command 2>/dev/null | grep -vE '^(COMMAND|grep|ps)$' | sort -u)"
  [ -n "$ps" ] && printf '%s\n%s\n' "Found the following processes" "$ps" | tr '\n' ' '
  exit $?
  ;;