From fbe18132f8f1033976fcd685dffbfe4e44b41729 Mon Sep 17 00:00:00 2001 From: casjay Date: Tue, 16 Sep 2025 23:50:36 -0400 Subject: [PATCH] =?UTF-8?q?=20=F0=9F=A6=88=F0=9F=8F=A0=F0=9F=90=9C?= =?UTF-8?q?=E2=9D=97=20Initial=20Commit=20=E2=9D=97=F0=9F=90=9C?= =?UTF-8?q?=F0=9F=A6=88=F0=9F=8F=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .dockerignore | 17 + .env.scripts | 52 ++ .gitattributes | 86 +++ .gitea/workflows/docker.yaml | 52 ++ .gitignore | 98 +++ Dockerfile | 253 +++++++ LICENSE.md | 13 + README.md | 78 ++ rootfs/root/docker/setup/00-init.sh | 35 + rootfs/root/docker/setup/01-system.sh | 35 + rootfs/root/docker/setup/02-packages.sh | 38 + rootfs/root/docker/setup/03-files.sh | 35 + rootfs/root/docker/setup/04-users.sh | 35 + rootfs/root/docker/setup/05-custom.sh | 68 ++ rootfs/root/docker/setup/06-post.sh | 35 + rootfs/root/docker/setup/07-cleanup.sh | 35 + rootfs/tmp/etc/act_runner/cache_server.yaml | 8 + rootfs/tmp/etc/act_runner/default_config.yaml | 70 ++ rootfs/tmp/etc/docker/daemon.json | 8 + rootfs/tmp/etc/gitea/app.ini | 273 +++++++ rootfs/tmp/etc/ssh/sshd_config | 35 + rootfs/usr/local/bin/entrypoint.sh | 533 +++++++++++++ rootfs/usr/local/bin/pkmgr | 140 ++++ .../usr/local/etc/docker/init.d/05-dockerd.sh | 630 ++++++++++++++++ .../usr/local/etc/docker/init.d/08-gitea.sh | 627 ++++++++++++++++ .../local/etc/docker/init.d/zz-act_runner.sh | 701 ++++++++++++++++++ .../share/template-files/config/.gitkeep | 0 .../template-files/config/env/default.sample | 134 ++++ .../config/env/examples/00-directory.sh | 10 + .../config/env/examples/addresses.sh | 5 + .../config/env/examples/certbot.sh | 6 + .../config/env/examples/couchdb.sh | 7 + .../config/env/examples/dockerd.sh | 4 + .../config/env/examples/global.sh | 13 + .../config/env/examples/healthcheck.sh | 5 + .../config/env/examples/mariadb.sh | 14 + .../config/env/examples/mongodb.sh | 20 + .../config/env/examples/networking.sh | 9 + .../config/env/examples/other.sh | 4 + .../template-files/config/env/examples/php.sh | 6 + .../config/env/examples/postgres.sh | 8 + .../config/env/examples/redis.sh | 4 + .../config/env/examples/services.sh | 7 + .../template-files/config/env/examples/ssl.sh | 19 + .../config/env/examples/supabase.sh | 4 + .../config/env/examples/webservers.sh | 8 + .../config/env/examples/zz-entrypoint.sh | 21 + .../local/share/template-files/data/.gitkeep | 0 .../share/template-files/defaults/.gitkeep | 0 49 files changed, 4298 insertions(+) create mode 100644 .dockerignore create mode 100644 .env.scripts create mode 100644 .gitattributes create mode 100644 .gitea/workflows/docker.yaml create mode 100644 .gitignore create mode 100644 Dockerfile create mode 100644 LICENSE.md create mode 100644 README.md create mode 100755 rootfs/root/docker/setup/00-init.sh create mode 100755 rootfs/root/docker/setup/01-system.sh create mode 100755 rootfs/root/docker/setup/02-packages.sh create mode 100755 rootfs/root/docker/setup/03-files.sh create mode 100755 rootfs/root/docker/setup/04-users.sh create mode 100755 rootfs/root/docker/setup/05-custom.sh create mode 100755 rootfs/root/docker/setup/06-post.sh create mode 100755 rootfs/root/docker/setup/07-cleanup.sh create mode 100644 rootfs/tmp/etc/act_runner/cache_server.yaml create mode 100644 rootfs/tmp/etc/act_runner/default_config.yaml create mode 100644 rootfs/tmp/etc/docker/daemon.json create mode 100644 rootfs/tmp/etc/gitea/app.ini create mode 100644 rootfs/tmp/etc/ssh/sshd_config create mode 100755 rootfs/usr/local/bin/entrypoint.sh create mode 100755 rootfs/usr/local/bin/pkmgr create mode 100755 rootfs/usr/local/etc/docker/init.d/05-dockerd.sh create mode 100755 rootfs/usr/local/etc/docker/init.d/08-gitea.sh create mode 100755 rootfs/usr/local/etc/docker/init.d/zz-act_runner.sh create mode 100644 rootfs/usr/local/share/template-files/config/.gitkeep create mode 100644 rootfs/usr/local/share/template-files/config/env/default.sample create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/00-directory.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/addresses.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/certbot.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/couchdb.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/dockerd.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/global.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/healthcheck.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/mariadb.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/mongodb.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/networking.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/other.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/php.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/postgres.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/redis.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/services.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/ssl.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/supabase.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/webservers.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/zz-entrypoint.sh create mode 100644 rootfs/usr/local/share/template-files/data/.gitkeep create mode 100644 rootfs/usr/local/share/template-files/defaults/.gitkeep diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..71c00b7 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,17 @@ +# Files to ignore +# Tell docker to ignore .gitkeep +.gitkeep +# Tell docker to ignore .gitignore +.gitignore +# Tell docker to ignore node_modules/** +node_modules/** +# Tell docker to ignore .node_modules/** +.node_modules/** +# Tell docker to ignore **/.gitkeep +**/.gitkeep +# Tell docker to ignore **/.gitignore +**/.gitignore +# Tell docker to ignore **/node_modules/** +**/node_modules/** +# Tell docker to ignore **/.node_modules/** +**/.node_modules/** diff --git a/.env.scripts b/.env.scripts new file mode 100644 index 0000000..41d0e09 --- /dev/null +++ b/.env.scripts @@ -0,0 +1,52 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202408111112-git +# @@Author : CasjaysDev +# @@Contact : CasjaysDev +# @@License : MIT +# @@Copyright : Copyright 2024 CasjaysDev +# @@Created : Sun Aug 11 11:12:33 AM EDT 2024 +# @@File : .env.scripts +# @@Description : Variables for gen-dockerfile and buildx scripts +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Dockerfile info +ENV_DOCKERFILE="Dockerfile" +ENV_IMAGE_NAME="gitea" +ENV_USE_TEMPLATE="alpine" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Maintainer info +ENV_ORG_NAME="casjaysdevdocker" +ENV_VENDOR="CasjaysDev" +ENV_AUTHOR="CasjaysDev" +ENV_MAINTAINER="CasjaysDev " +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# REPO info +ENV_GIT_REPO_URL="https://github.com/casjaysdevdocker/gitea" +ENV_REGISTRY_URL="https://hub.docker.com/r/casjaysdevdocker/gitea" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Push image info +ENV_IMAGE_PUSH="casjaysdevdocker/gitea" +ENV_IMAGE_TAG="latest" +ENV_ADD_TAGS="USE_DATE" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Pull image info +ENV_PULL_URL="casjaysdev/alpine" +ENV_DISTRO_TAG="${IMAGE_VERSION}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Env +SERVICE_PORT="80" +EXPOSE_PORTS="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Versions +PHP_VERSION="system" +NODE_VERSION="system" +NODE_MANAGER="system" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Default directories +WWW_ROOT_DIR="/usr/local/share/httpd/default" +DEFAULT_FILE_DIR="/usr/local/share/template-files" +DEFAULT_DATA_DIR="/usr/local/share/template-files/data" +DEFAULT_CONF_DIR="/usr/local/share/template-files/config" +DEFAULT_TEMPLATE_DIR="/usr/local/share/template-files/defaults" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +ENV_PACKAGES="btrfs-progs e2fsprogs e2fsprogs-extra git ip6tables iptables openssl pigz shadow-uidmap xfsprogs xz zfs docker docker-registry nginx " +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..39bbb67 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,86 @@ +# Template generated on Fri May 10 12:52:12 PM EDT 2024 from https://github.com/alexkaratarakis/gitattributes" +# Common settings that generally should always be used with your language specific settings +# Auto detect text files and perform LF normalization +* text=auto +# The above will handle all files NOT found below +# Documents +*.bibtex text diff=bibtex +*.doc diff=astextplain +*.DOC diff=astextplain +*.docx diff=astextplain +*.DOCX diff=astextplain +*.dot diff=astextplain +*.DOT diff=astextplain +*.pdf diff=astextplain +*.PDF diff=astextplain +*.rtf diff=astextplain +*.RTF diff=astextplain +*.md text diff=markdown +*.mdx text diff=markdown +*.tex text diff=tex +*.adoc text +*.textile text +*.mustache text +*.csv text eol=crlf +*.tab text +*.tsv text +*.txt text +*.sql text +*.epub diff=astextplain +# Graphics +*.png binary +*.jpg binary +*.jpeg binary +*.gif binary +*.tif binary +*.tiff binary +*.ico binary +# SVG treated as text by default. +*.svg text +# If you want to treat it as binary, +# use the following line instead. +# *.svg binary +*.eps binary +# Scripts +*.bash text eol=lf +*.fish text eol=lf +*.ksh text eol=lf +*.sh text eol=lf +*.zsh text eol=lf +# These are explicitly windows files and should use crlf +*.bat text eol=crlf +*.cmd text eol=crlf +*.ps1 text eol=crlf +# Serialisation +*.json text +*.toml text +*.xml text +*.yaml text +*.yml text +# Archives +*.7z binary +*.bz binary +*.bz2 binary +*.bzip2 binary +*.gz binary +*.lz binary +*.lzma binary +*.rar binary +*.tar binary +*.taz binary +*.tbz binary +*.tbz2 binary +*.tgz binary +*.tlz binary +*.txz binary +*.xz binary +*.Z binary +*.zip binary +*.zst binary +# Text files where line endings should be preserved +*.patch -text +# Exclude files from exporting +.gitattributes export-ignore +.gitignore export-ignore +.gitkeep export-ignore + diff --git a/.gitea/workflows/docker.yaml b/.gitea/workflows/docker.yaml new file mode 100644 index 0000000..9102595 --- /dev/null +++ b/.gitea/workflows/docker.yaml @@ -0,0 +1,52 @@ +name: release-tag + +on: push + +jobs: + release-image: + runs-on: act_runner + container: + image: catthehacker/ubuntu:act-latest + env: + RUNNER_TOOL_CACHE: /toolcache + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + + - name: Get Meta + id: meta + run: | + echo DATE_TAG=$(date +'%y%m') >> $GITHUB_OUTPUT + echo REPO_VERSION=$(git describe --tags --always | sed 's/^v//') >> $GITHUB_OUTPUT + echo DOCKER_ORG=$(echo ${GITHUB_REPOSITORY} | awk -F"/" '{print $1}') >> $GITHUB_OUTPUT + echo DOCKER_TAG=$([ -n "$DOCKER_TAG" ] && echo ${DOCKER_TAG} || echo "latest") >> $GITHUB_OUTPUT + echo DOCKER_HUB=$([ -n "$DOCKER_HUB" ] && echo ${DOCKER_HUB} || echo "docker.io") >> $GITHUB_OUTPUT + echo REPO_NAME=$(echo ${GITHUB_REPOSITORY} | awk -F"/" '{print $2}' | sed 's|^docker-||g') >> $GITHUB_OUTPUT + echo "$DOCKER_HUB/$DOCKER_ORG/$REPO_NAME:$DOCKER_TAG" + + - name: Set up Docker BuildX + uses: docker/setup-buildx-action@v2 + + - name: Login to DockerHub + uses: docker/login-action@v2 + with: + password: ${{ secrets.DOCKER_TOKEN }} + username: ${{ secrets.DOCKER_USERNAME }} + registry: ${{ steps.meta.outputs.DOCKER_HUB }} + + - name: Build and push + uses: docker/build-push-action@v4 + with: + context: . + file: ./Dockerfile + platforms: | + linux/amd64 + linux/arm64 + push: true + tags: | # replace it with your local IP and tags + ${{ steps.meta.outputs.DOCKER_HUB }}/${{ steps.meta.outputs.DOCKER_ORG }}/${{ steps.meta.outputs.REPO_NAME }}:${{ steps.meta.outputs.DATE_TAG }} + ${{ steps.meta.outputs.DOCKER_HUB }}/${{ steps.meta.outputs.DOCKER_ORG }}/${{ steps.meta.outputs.REPO_NAME }}:${{ steps.meta.outputs.DOCKER_TAG }} + diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..453c9ef --- /dev/null +++ b/.gitignore @@ -0,0 +1,98 @@ +# gitignore created on 08/09/24 at 16:53 +# Disable reminder in prompt +ignoredirmessage + +# OS generated files +### Linux ### +*~ + +# temporary files which can be created if a process still has a handle open of a deleted file +.fuse_hidden* + +# KDE directory preferences +.directory + +# Linux trash folder which might appear on any partition or disk +.Trash-* + +# .nfs files are created when an open file is removed but is still being accessed +.nfs* + +### macOS ### +# General +.DS_Store? +.AppleDouble +.LSOverride + +# Thumbnails +._* + +# Files that might appear in the root of a volume +.DocumentRevisions-V100 +.fseventsd +.Spotlight-V100 +.TemporaryItems +.Trashes +.VolumeIcon.icns +.com.apple.timemachine.donotpresent + +# Directories potentially created on remote AFP share +.AppleDB +.AppleDesktop +Network Trash Folder +Temporary Items +.apdisk + +### macOS Patch ### +# iCloud generated files +*.icloud + +### Windows ### +# Windows thumbnail cache files +Thumbs.db +Thumbs.db:encryptable +ehthumbs.db +ehthumbs_vista.db + +# Dump file +*.stackdump + +# Folder config file +[Dd]esktop.ini + +# Recycle Bin used on file shares +$RECYCLE.BIN/ + +# Windows Installer files +*.cab +*.msi +*.msix +*.msm +*.msp + +# misc +!*/README* +!inc/main.bash + +# Windows shortcuts +*.lnk + +# ignore commit message +**/.gitcommit + +# ignore .build_failed files +**/.build_failed* + + +# ignore .bak files +**/*.bak + +# ignore .no_push files +**/.no_push + +# ignore .no_git files +**/.no_git + +# ignore .installed files +**/.installed + diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..2e12a99 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,253 @@ +# syntax=docker/dockerfile:1 +# Docker image for gitea using the alpine template +ARG IMAGE_NAME="gitea" +ARG PHP_SERVER="gitea" +ARG BUILD_DATE="202408111112" +ARG LANGUAGE="en_US.UTF-8" +ARG TIMEZONE="America/New_York" +ARG WWW_ROOT_DIR="/usr/local/share/httpd/default" +ARG DEFAULT_FILE_DIR="/usr/local/share/template-files" +ARG DEFAULT_DATA_DIR="/usr/local/share/template-files/data" +ARG DEFAULT_CONF_DIR="/usr/local/share/template-files/config" +ARG DEFAULT_TEMPLATE_DIR="/usr/local/share/template-files/defaults" + +ARG USER="root" +ARG SHELL_OPTS="set -e -o pipefail" + +ARG SERVICE_PORT="80" +ARG EXPOSE_PORTS="22" +ARG PHP_VERSION="system" +ARG NODE_VERSION="system" +ARG NODE_MANAGER="system" + +ARG IMAGE_REPO="casjaysdevdocker/gitea" +ARG IMAGE_VERSION="latest" +ARG CONTAINER_VERSION="USE_DATE" + +ARG PULL_URL="casjaysdev/alpine" +ARG DISTRO_VERSION="${IMAGE_VERSION}" +ARG BUILD_VERSION="${BUILD_DATE}" + +FROM tianon/gosu:latest AS gosu +FROM ${PULL_URL}:${DISTRO_VERSION} AS build +ARG TZ +ARG USER +ARG LICENSE +ARG TIMEZONE +ARG LANGUAGE +ARG IMAGE_NAME +ARG BUILD_DATE +ARG SERVICE_PORT +ARG EXPOSE_PORTS +ARG BUILD_VERSION +ARG IMAGE_VERSION +ARG WWW_ROOT_DIR +ARG DEFAULT_FILE_DIR +ARG DEFAULT_DATA_DIR +ARG DEFAULT_CONF_DIR +ARG DEFAULT_TEMPLATE_DIR +ARG DISTRO_VERSION +ARG NODE_VERSION +ARG NODE_MANAGER +ARG PHP_VERSION +ARG PHP_SERVER +ARG SHELL_OPTS + +ARG PACK_LIST="fuse-overlayfs btrfs-progs e2fsprogs e2fsprogs-extra git ip6tables iptables openssl pigz shadow-uidmap xfsprogs xz zfs docker docker-registry nginx openssh " + +ENV ENV=~/.profile +ENV SHELL="/bin/sh" +ENV TZ="${TIMEZONE}" +ENV TIMEZONE="${TZ}" +ENV LANG="${LANGUAGE}" +ENV TERM="xterm-256color" +ENV HOSTNAME="casjaysdevdocker-gitea" + +USER ${USER} +WORKDIR /root + +COPY ./rootfs/usr/local/bin/. /usr/local/bin/ + +RUN set -e; \ + echo "Setting up prerequisites"; \ + true + +ENV SHELL="/bin/bash" +SHELL [ "/bin/bash", "-c" ] + +COPY --from=gosu /usr/local/bin/gosu /usr/local/bin/gosu + +RUN echo "Initializing the system"; \ + $SHELL_OPTS; \ + mkdir -p "${DEFAULT_DATA_DIR}" "${DEFAULT_CONF_DIR}" "${DEFAULT_TEMPLATE_DIR}" "/root/docker/setup" "/etc/profile.d"; \ + if [ -f "/root/docker/setup/00-init.sh" ];then echo "Running the init script";/root/docker/setup/00-init.sh||{ echo "Failed to execute /root/docker/setup/00-init.sh" >&2 && exit 10; };echo "Done running the init script";fi; \ + echo "" + +RUN echo "Creating and editing system files "; \ + $SHELL_OPTS; \ + [ -f "/root/.profile" ] || touch "/root/.profile"; \ + mkdir -p "${DEFAULT_DATA_DIR}" "${DEFAULT_CONF_DIR}" "${DEFAULT_TEMPLATE_DIR}" "/root/docker/setup" "/etc/profile.d"; \ + if [ -f "/root/docker/setup/01-system.sh" ];then echo "Running the system script";/root/docker/setup/01-system.sh||{ echo "Failed to execute /root/docker/setup/01-system.sh" >&2 && exit 10; };echo "Done running the system script";fi; \ + echo "" + +RUN echo "Running pre-package commands"; \ + $SHELL_OPTS; \ + echo "" + +RUN echo "Setting up and installing packages"; \ + $SHELL_OPTS; \ + if [ -n "${PACK_LIST}" ];then echo "Installing packages: $PACK_LIST";echo "${PACK_LIST}" >/root/docker/setup/packages.txt;pkmgr install ${PACK_LIST};fi; \ + echo "" + +RUN echo "Initializing packages before copying files to image"; \ + $SHELL_OPTS; \ + if [ -f "/root/docker/setup/02-packages.sh" ];then echo "Running the packages script";/root/docker/setup/02-packages.sh||{ echo "Failed to execute /root/docker/setup/02-packages.sh" >&2 && exit 10; };echo "Done running the packages script";fi; \ + echo "" + +COPY ./rootfs/. / +COPY ./Dockerfile /root/docker/Dockerfile + +RUN echo "Updating system files "; \ + $SHELL_OPTS; \ + echo "$TIMEZONE" >"/etc/timezone"; \ + touch "/etc/profile" "/root/.profile"; \ + echo 'hosts: files dns' >"/etc/nsswitch.conf"; \ + [ "$PHP_VERSION" = "system" ] && PHP_VERSION="php" || true; \ + PHP_BIN="$(command -v ${PHP_VERSION} 2>/dev/null || true)"; \ + PHP_FPM="$(ls /usr/*bin/php*fpm* 2>/dev/null || true)"; \ + pip_bin="$(command -v python3 2>/dev/null || command -v python2 2>/dev/null || command -v python 2>/dev/null || true)"; \ + py_version="$(command $pip_bin --version | sed 's|[pP]ython ||g' | awk -F '.' '{print $1$2}' | grep '[0-9]' || true)"; \ + [ "$py_version" -gt "310" ] && pip_opts="--break-system-packages " || pip_opts=""; \ + if [ -n "$pip_bin" ];then $pip_bin -m pip install certbot-dns-rfc2136 certbot-dns-duckdns certbot-dns-cloudflare certbot-nginx $pip_opts || true;fi; \ + [ -f "/usr/share/zoneinfo/${TZ}" ] && ln -sf "/usr/share/zoneinfo/${TZ}" "/etc/localtime" || true; \ + [ -n "$PHP_BIN" ] && [ -z "$(command -v php 2>/dev/null)" ] && ln -sf "$PHP_BIN" "/usr/bin/php" 2>/dev/null || true; \ + [ -n "$PHP_FPM" ] && [ -z "$(command -v php-fpm 2>/dev/null)" ] && ln -sf "$PHP_FPM" "/usr/bin/php-fpm" 2>/dev/null || true; \ + if [ -f "/etc/profile.d/color_prompt.sh.disabled" ]; then mv -f "/etc/profile.d/color_prompt.sh.disabled" "/etc/profile.d/color_prompt.sh";fi ; \ + { [ -f "/etc/bash/bashrc" ] && cp -Rf "/etc/bash/bashrc" "/root/.bashrc"; } || { [ -f "/etc/bashrc" ] && cp -Rf "/etc/bashrc" "/root/.bashrc"; } || { [ -f "/etc/bash.bashrc" ] && cp -Rf "/etc/bash.bashrc" "/root/.bashrc"; } || true; \ + if [ -z "$(command -v "apt-get" 2>/dev/null)" ];then grep -s -q 'alias quit' "/root/.bashrc" || printf '# Profile\n\n%s\n%s\n%s\n' '. /etc/profile' '. /root/.profile' "alias quit='exit 0 2>/dev/null'" >>"/root/.bashrc"; fi; \ + if [ "$PHP_VERSION" != "system" ] && [ -e "/etc/php" ] && [ -d "/etc/${PHP_VERSION}" ];then rm -Rf "/etc/php";fi; \ + if [ "$PHP_VERSION" != "system" ] && [ -n "${PHP_VERSION}" ] && [ -d "/etc/${PHP_VERSION}" ];then ln -sf "/etc/${PHP_VERSION}" "/etc/php";fi; \ + if [ -f "/root/docker/setup/03-files.sh" ];then echo "Running the files script";/root/docker/setup/03-files.sh||{ echo "Failed to execute /root/docker/setup/03-files.sh" >&2 && exit 10; };echo "Done running the files script";fi; \ + echo "" + +RUN echo "Custom Settings"; \ + $SHELL_OPTS; \ + echo "" + +RUN echo "Setting up users and scripts "; \ + $SHELL_OPTS; \ + if [ -f "/root/docker/setup/04-users.sh" ];then echo "Running the users script";/root/docker/setup/04-users.sh||{ echo "Failed to execute /root/docker/setup/04-users.sh" >&2 && exit 10; };echo "Done running the users script";fi; \ + echo "" + +RUN echo "Running the user init commands"; \ + $SHELL_OPTS; \ + echo "" + +RUN echo "Setting OS Settings "; \ + $SHELL_OPTS; \ + echo "" + +RUN echo "Custom Applications"; \ + $SHELL_OPTS; \ + echo "" + +RUN echo "Running custom commands"; \ + if [ -f "/root/docker/setup/05-custom.sh" ];then echo "Running the custom script";/root/docker/setup/05-custom.sh||{ echo "Failed to execute /root/docker/setup/05-custom.sh" && exit 10; };echo "Done running the custom script";fi; \ + echo "" + +RUN echo "Running final commands before cleanup"; \ + $SHELL_OPTS; \ + if [ -f "/root/docker/setup/06-post.sh" ];then echo "Running the post script";/root/docker/setup/06-post.sh||{ echo "Failed to execute /root/docker/setup/06-post.sh" >&2 && exit 10; };echo "Done running the post script";fi; \ + echo "" + +RUN echo "Deleting unneeded files"; \ + $SHELL_OPTS; \ + pkmgr clean; \ + rm -Rf "/config" "/data" || true; \ + rm -rf /etc/systemd/system/*.wants/* || true; \ + rm -rf /lib/systemd/system/systemd-update-utmp* || true; \ + rm -rf /lib/systemd/system/anaconda.target.wants/* || true; \ + rm -rf /lib/systemd/system/local-fs.target.wants/* || true; \ + rm -rf /lib/systemd/system/multi-user.target.wants/* || true; \ + rm -rf /lib/systemd/system/sockets.target.wants/*udev* || true; \ + rm -rf /lib/systemd/system/sockets.target.wants/*initctl* || true; \ + rm -Rf /usr/share/doc/* /var/tmp/* /var/cache/*/* /root/.cache/* /usr/share/info/* /tmp/* || true; \ + if [ -d "/lib/systemd/system/sysinit.target.wants" ];then cd "/lib/systemd/system/sysinit.target.wants" && rm -f $(ls | grep -v systemd-tmpfiles-setup);fi; \ + if [ -f "/root/docker/setup/07-cleanup.sh" ];then echo "Running the cleanup script";/root/docker/setup/07-cleanup.sh||{ echo "Failed to execute /root/docker/setup/07-cleanup.sh" >&2 && exit 10; };echo "Done running the cleanup script";fi; \ + echo "" + +RUN echo "Init done" +FROM scratch +ARG TZ +ARG USER +ARG TIMEZONE +ARG LANGUAGE +ARG IMAGE_NAME +ARG BUILD_DATE +ARG SERVICE_PORT +ARG EXPOSE_PORTS +ARG BUILD_VERSION +ARG IMAGE_VERSION +ARG WWW_ROOT_DIR +ARG DEFAULT_FILE_DIR +ARG DEFAULT_DATA_DIR +ARG DEFAULT_CONF_DIR +ARG DEFAULT_TEMPLATE_DIR +ARG DISTRO_VERSION +ARG NODE_VERSION +ARG NODE_MANAGER +ARG PHP_VERSION +ARG PHP_SERVER +ARG LICENSE="WTFPL" +ARG ENV_PORTS="" + +USER ${USER} +WORKDIR /root + +LABEL maintainer="CasjaysDev " +LABEL org.opencontainers.image.vendor="CasjaysDev" +LABEL org.opencontainers.image.authors="CasjaysDev" +LABEL org.opencontainers.image.description="Containerized version of ${IMAGE_NAME}" +LABEL org.opencontainers.image.name="${IMAGE_NAME}" +LABEL org.opencontainers.image.base.name="${IMAGE_NAME}" +LABEL org.opencontainers.image.license="${LICENSE}" +LABEL org.opencontainers.image.build-date="${BUILD_DATE}" +LABEL org.opencontainers.image.version="${BUILD_VERSION}" +LABEL org.opencontainers.image.schema-version="${BUILD_VERSION}" +LABEL org.opencontainers.image.url="https://hub.docker.com/r/casjaysdevdocker/gitea" +LABEL org.opencontainers.image.url.source="https://hub.docker.com/r/casjaysdevdocker/gitea" +LABEL org.opencontainers.image.vcs-type="Git" +LABEL org.opencontainers.image.vcs-ref="${BUILD_VERSION}" +LABEL org.opencontainers.image.vcs-url="https://github.com/casjaysdevdocker/gitea" +LABEL org.opencontainers.image.documentation="https://github.com/casjaysdevdocker/gitea" +LABEL com.github.containers.toolbox="false" + +ENV ENV=~/.bashrc +ENV USER="${USER}" +ENV SHELL="/bin/bash" +ENV TZ="${TIMEZONE}" +ENV TIMEZONE="${TZ}" +ENV LANG="${LANGUAGE}" +ENV TERM="xterm-256color" +ENV PORT="${SERVICE_PORT}" +ENV ENV_PORTS="${EXPOSE_PORTS}" +ENV CONTAINER_NAME="${IMAGE_NAME}" +ENV HOSTNAME="casjaysdev-${IMAGE_NAME}" +ENV PHP_SERVER="${PHP_SERVER}" +ENV NODE_VERSION="${NODE_VERSION}" +ENV NODE_MANAGER="${NODE_MANAGER}" +ENV PHP_VERSION="${PHP_VERSION}" +ENV DISTRO_VERSION="${IMAGE_VERSION}" +ENV WWW_ROOT_DIR="${WWW_ROOT_DIR}" + +COPY --from=build /. / + +VOLUME [ "/config","/data" ] + +EXPOSE ${SERVICE_PORT} ${EXPOSE_PORTS} + +STOPSIGNAL SIGRTMIN+3 + +CMD [ "tail", "-f", "/dev/null" ] +ENTRYPOINT [ "tini","-p", "SIGTERM","--","/usr/local/bin/entrypoint.sh" ] +HEALTHCHECK --start-period=10m --interval=5m --timeout=15s CMD [ "/usr/local/bin/entrypoint.sh", "healthcheck" ] diff --git a/LICENSE.md b/LICENSE.md new file mode 100644 index 0000000..c76e83f --- /dev/null +++ b/LICENSE.md @@ -0,0 +1,13 @@ + DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE + Version 2, December 2004 + + Copyright (C) 2024 casjay + + Everyone is permitted to copy and distribute verbatim or modified + copies of this license document, and changing it is allowed as long + as the name is changed. + + DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 1. You just DO WHAT THE FUCK YOU WANT TO. diff --git a/README.md b/README.md new file mode 100644 index 0000000..ebff78f --- /dev/null +++ b/README.md @@ -0,0 +1,78 @@ +## 👋 Welcome to gitea 🚀 + +Description + + +## Install my system scripts + +```shell + sudo bash -c "$(curl -q -LSsf "https://github.com/systemmgr/installer/raw/main/install.sh")" + sudo systemmgr --config && sudo systemmgr install scripts +``` + +## Automatic install/update + +```shell +dockermgr update gitea +``` + +## Install and run container + +```shell +mkdir -p "$HOME/.local/share/srv/docker/gitea/rootfs" +git clone "https://github.com/dockermgr/gitea" "$HOME/.local/share/CasjaysDev/dockermgr/gitea" +cp -Rfva "$HOME/.local/share/CasjaysDev/dockermgr/gitea/rootfs/." "$HOME/.local/share/srv/docker/gitea/rootfs/" +docker run -d \ +--restart always \ +--privileged \ +--name casjaysdevdocker-gitea \ +--hostname gitea \ +-e TZ=${TIMEZONE:-America/New_York} \ +-v "$HOME/.local/share/srv/docker/casjaysdevdocker-gitea/rootfs/data:/data:z" \ +-v "$HOME/.local/share/srv/docker/casjaysdevdocker-gitea/rootfs/config:/config:z" \ +-p 80:80 \ +casjaysdevdocker/gitea:latest +``` + +## via docker-compose + +```yaml +version: "2" +services: + ProjectName: + image: casjaysdevdocker/gitea + container_name: casjaysdevdocker-gitea + environment: + - TZ=America/New_York + - HOSTNAME=gitea + volumes: + - "$HOME/.local/share/srv/docker/casjaysdevdocker-gitea/rootfs/data:/data:z" + - "$HOME/.local/share/srv/docker/casjaysdevdocker-gitea/rootfs/config:/config:z" + ports: + - 80:80 + restart: always +``` + +## Get source files + +```shell +dockermgr download src casjaysdevdocker/gitea +``` + +OR + +```shell +git clone "https://github.com/casjaysdevdocker/gitea" "$HOME/Projects/github/casjaysdevdocker/gitea" +``` + +## Build container + +```shell +cd "$HOME/Projects/github/casjaysdevdocker/gitea" +buildx +``` + +## Authors + +🤖 casjay: [Github](https://github.com/casjay) 🤖 +⛵ casjaysdevdocker: [Github](https://github.com/casjaysdevdocker) [Docker](https://hub.docker.com/u/casjaysdevdocker) ⛵ diff --git a/rootfs/root/docker/setup/00-init.sh b/rootfs/root/docker/setup/00-init.sh new file mode 100755 index 0000000..b768f3c --- /dev/null +++ b/rootfs/root/docker/setup/00-init.sh @@ -0,0 +1,35 @@ +#!/usr/bin/env bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202408091653-git +# @@Author : CasjaysDev +# @@Contact : CasjaysDev +# @@License : MIT +# @@ReadME : +# @@Copyright : Copyright 2023 CasjaysDev +# @@Created : Mon Aug 28 06:48:42 PM EDT 2023 +# @@File : 00-init.sh +# @@Description : script to run init +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck shell=bash +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +set -o pipefail +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set env variables +exitCode=0 + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Main script + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the exit code +exitCode=$? +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit $exitCode diff --git a/rootfs/root/docker/setup/01-system.sh b/rootfs/root/docker/setup/01-system.sh new file mode 100755 index 0000000..a99a9c0 --- /dev/null +++ b/rootfs/root/docker/setup/01-system.sh @@ -0,0 +1,35 @@ +#!/usr/bin/env bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202408091653-git +# @@Author : CasjaysDev +# @@Contact : CasjaysDev +# @@License : MIT +# @@ReadME : +# @@Copyright : Copyright 2023 CasjaysDev +# @@Created : Mon Aug 28 06:48:42 PM EDT 2023 +# @@File : 01-system.sh +# @@Description : script to run system +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck shell=bash +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +set -o pipefail +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set env variables +exitCode=0 + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Main script + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the exit code +exitCode=$? +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit $exitCode diff --git a/rootfs/root/docker/setup/02-packages.sh b/rootfs/root/docker/setup/02-packages.sh new file mode 100755 index 0000000..93f70e1 --- /dev/null +++ b/rootfs/root/docker/setup/02-packages.sh @@ -0,0 +1,38 @@ +#!/usr/bin/env bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202408091653-git +# @@Author : CasjaysDev +# @@Contact : CasjaysDev +# @@License : MIT +# @@ReadME : +# @@Copyright : Copyright 2023 CasjaysDev +# @@Created : Mon Aug 28 06:48:42 PM EDT 2023 +# @@File : 02-packages.sh +# @@Description : script to run packages +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck shell=bash +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +set -o pipefail +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set env variables +exitCode=0 + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Main script +[ -d "/etc/nginx" ] && rm -Rf "/etc/nginx"/* +[ -d "/etc/gitea" ] && rm -Rf "/etc/gitea"/* +[ -d "/etc/docker" ] && rm -Rf "/etc/docker"/* +[ -d "/etc/act_runner" ] && rm -Rf "/etc/act_runner"/* +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the exit code +exitCode=$? +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit $exitCode diff --git a/rootfs/root/docker/setup/03-files.sh b/rootfs/root/docker/setup/03-files.sh new file mode 100755 index 0000000..9da49a3 --- /dev/null +++ b/rootfs/root/docker/setup/03-files.sh @@ -0,0 +1,35 @@ +#!/usr/bin/env bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202408091653-git +# @@Author : CasjaysDev +# @@Contact : CasjaysDev +# @@License : MIT +# @@ReadME : +# @@Copyright : Copyright 2023 CasjaysDev +# @@Created : Mon Aug 28 06:48:42 PM EDT 2023 +# @@File : 03-files.sh +# @@Description : script to run files +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck shell=bash +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +set -o pipefail +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set env variables +exitCode=0 + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Main script +[ -d "/tmp/etc" ] && cp -Rf "/tmp/etc/." "/etc/" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the exit code +exitCode=$? +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit $exitCode diff --git a/rootfs/root/docker/setup/04-users.sh b/rootfs/root/docker/setup/04-users.sh new file mode 100755 index 0000000..aa03447 --- /dev/null +++ b/rootfs/root/docker/setup/04-users.sh @@ -0,0 +1,35 @@ +#!/usr/bin/env bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202408091653-git +# @@Author : CasjaysDev +# @@Contact : CasjaysDev +# @@License : MIT +# @@ReadME : +# @@Copyright : Copyright 2023 CasjaysDev +# @@Created : Mon Aug 28 06:48:42 PM EDT 2023 +# @@File : 04-users.sh +# @@Description : script to run users +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck shell=bash +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +set -o pipefail +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set env variables +exitCode=0 + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Main script + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the exit code +exitCode=$? +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit $exitCode diff --git a/rootfs/root/docker/setup/05-custom.sh b/rootfs/root/docker/setup/05-custom.sh new file mode 100755 index 0000000..6478546 --- /dev/null +++ b/rootfs/root/docker/setup/05-custom.sh @@ -0,0 +1,68 @@ +#!/usr/bin/env bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202408091653-git +# @@Author : CasjaysDev +# @@Contact : CasjaysDev +# @@License : MIT +# @@ReadME : +# @@Copyright : Copyright 2023 CasjaysDev +# @@Created : Mon Aug 28 06:48:42 PM EDT 2023 +# @@File : 05-custom.sh +# @@Description : script to run custom +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck shell=bash +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +set -o pipefail +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set env variables +exitCode=0 +GITEA_VERSION="${GITEA_VERSION:-latest}" +GITEA_BIN_FILE="/usr/local/bin/gitea" +ACT_BIN_FILE="/usr/local/bin/act_runner" +ARCH="$(uname -m | tr '[:upper]' '[:lower]')" +case "$ARCH" in x86_64) ARCH="amd64" ;; aarch64) ARCH="arm64" ;; *) echo "$ARCH is not supported by this script" >&2 && exit 1 ;; esac +ACT_VERSIONS="$(curl -q -LSsf 'https://gitea.com/api/v1/repos/gitea/act_runner/releases' -H 'accept: application/json' | jq -r '.[].tag_name' | sort -Vr | head -n1)" +ACT_URL="$(curl -q -LSsf "https://gitea.com/api/v1/repos/gitea/act_runner/releases/tags/$ACT_VERSIONS" -H 'accept: application/json' | jq -rc '.assets|.[]|.browser_download_url' | grep "linux.*$ARCH$")" +if [ "$GITEA_VERSION" = "latest" ] || [ "$GITEA_VERSION" = "current" ]; then + GITEA_URL="$(curl -s https://api.github.com/repos/go-gitea/gitea/releases/latest | jq -r '.assets[] | select(.name|match("linux.*'${ARCH}'$")) | .browser_download_url')" +else + GITEA_URL="https://github.com/go-gitea/gitea/releases/download/v$GITEA_VERSION/gitea-$GITEA_VERSION-linux-$ARCH" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Main script +echo "Dowloading gitea from $GITEA_URL" +if curl -q -LSsf "$GITEA_URL" -o "/tmp/gitea.$$"; then + mv -f "/tmp/gitea.$$" "$GITEA_BIN_FILE" + echo "gitea has been installed to: $GITEA_BIN_FILE" + chmod +x "$GITEA_BIN_FILE" + if [ -d "/etc/sudoers.d" ]; then + echo "gitea ALL=(ALL) NOPASSWD: ALL" >"/etc/sudoers.d/gitea" + echo "docker ALL=(ALL) NOPASSWD: ALL" >"/etc/sudoers.d/docker" + fi +else + echo "Failed to download gitea" >&2 + exitCode=$((exitCode++)) +fi +echo "Downloading act_runner from $ACT_URL" +if curl -q -LSsf "$ACT_URL" -o "/tmp/act_runner.$$"; then + mv -f "/tmp/act_runner.$$" "$ACT_BIN_FILE" + echo "act_runner has been installed to: $ACT_BIN_FILE" + chmod +x "$ACT_BIN_FILE" +else + echo "Failed to download act_runner" >&2 + exitCode=$((exitCode++)) +fi +[ -x "$ACT_BIN_FILE" ] && [ -x "$GITEA_BIN_FILE" ] && exitCode=0 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the exit code +[ $exitCode -eq 0 ] || exitCode=1 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit $exitCode diff --git a/rootfs/root/docker/setup/06-post.sh b/rootfs/root/docker/setup/06-post.sh new file mode 100755 index 0000000..ff3aa99 --- /dev/null +++ b/rootfs/root/docker/setup/06-post.sh @@ -0,0 +1,35 @@ +#!/usr/bin/env bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202408091653-git +# @@Author : CasjaysDev +# @@Contact : CasjaysDev +# @@License : MIT +# @@ReadME : +# @@Copyright : Copyright 2023 CasjaysDev +# @@Created : Mon Aug 28 06:48:42 PM EDT 2023 +# @@File : 06-post.sh +# @@Description : script to run post +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck shell=bash +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +set -o pipefail +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set env variables +exitCode=0 + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Main script + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the exit code +exitCode=$? +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit $exitCode diff --git a/rootfs/root/docker/setup/07-cleanup.sh b/rootfs/root/docker/setup/07-cleanup.sh new file mode 100755 index 0000000..e560397 --- /dev/null +++ b/rootfs/root/docker/setup/07-cleanup.sh @@ -0,0 +1,35 @@ +#!/usr/bin/env bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202408091653-git +# @@Author : CasjaysDev +# @@Contact : CasjaysDev +# @@License : MIT +# @@ReadME : +# @@Copyright : Copyright 2023 CasjaysDev +# @@Created : Mon Aug 28 06:48:42 PM EDT 2023 +# @@File : 07-cleanup.sh +# @@Description : script to run cleanup +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck shell=bash +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +set -o pipefail +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set env variables +exitCode=0 + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Main script + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the exit code +exitCode=$? +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit $exitCode diff --git a/rootfs/tmp/etc/act_runner/cache_server.yaml b/rootfs/tmp/etc/act_runner/cache_server.yaml new file mode 100644 index 0000000..df1746b --- /dev/null +++ b/rootfs/tmp/etc/act_runner/cache_server.yaml @@ -0,0 +1,8 @@ +log: + level: warn + +cache: + enabled: true + dir: 'REPLACE_RUNNER_CACHE_DIR' + host: '0.0.0.0' + port: REPLACE_RUNNER_CACHE_PORT diff --git a/rootfs/tmp/etc/act_runner/default_config.yaml b/rootfs/tmp/etc/act_runner/default_config.yaml new file mode 100644 index 0000000..df09881 --- /dev/null +++ b/rootfs/tmp/etc/act_runner/default_config.yaml @@ -0,0 +1,70 @@ +# Config for act_runner daemon +log: + # The level of logging, can be trace, debug, info, warn, error, fatal + level: warn + +host: + # The parent directory of a job's working directory. + workdir_parent: 'REPLACE_RUNNER_TEMP' + +runner: + # Where to store the registration result. + file: REPLACE_RUNNER_HOME/runners + # Execute how many tasks concurrently at the same time. + capacity: 4 + # Extra environment variables to run jobs. + envs: + A_TEST_ENV_NAME_1: a_test_env_value_1 + # Extra environment variables to run jobs from a file. + env_file: .env + # The timeout for a job to be finished. + timeout: 3h + # Whether skip verifying the TLS certificate of the Gitea instance. + insecure: true + # The timeout for fetching the job from the Gitea instance. + fetch_timeout: 5s + # The interval for fetching the job from the Gitea instance. + fetch_interval: 2s + # The labels of a runner are used to determine which jobs the runner can run, and how to run them. + labels: + #- 'macos:docker:dockurr/macos' + #- 'windows:docker:dockurr/windows' + #- 'linux:docker:casjaysdev/almalinux' + #- 'alma:docker:casjaysdev/almalinux' + #- 'alpine:docker:casjaysdev/alpine' + #- 'debian:docker:casjaysdev/debian' + #- 'arch:docker:casjaysdev/archlinux' + #- 'node:docker://node:latest' + #- 'node14:docker://node:14' + #- 'node16:docker://node:16' + #- 'node18:docker://node:18' + #- 'node20:docker://node:20' + #- 'node20:docker://node:20' + #- 'python3:docker://python:latest' + #- 'php7:docker://php:7-fpm' + #- 'php8:docker://php:8-fpm' + #- 'php:docker://php:8.4-rc-fpm-alpine3.20' + #- 'alpine:docker://casjaysdev/alpine:latest' + #- 'almalinux:docker://casjaysdev/almalinux:latest' + #- 'debian:docker://casjaysdev/debian:latest' + #- 'ubuntu:docker://casjaysdev/ubuntu:latest' + #- 'linux:host,ubuntu-latest:docker://catthehacker/ubuntu:full-latest' + +container: + # Specifies the network to which the container will connect. + network: 'bridge' + # Whether to use privileged mode or not when launching task containers (privileged mode is required for Docker-in-Docker). + privileged: true + # And other options to be used when the container is started (eg, --add-host=my.gitea.url:host-gateway). + options: + # The parent directory of a job's working directory. + workdir_parent: 'REPLACE_RUNNER_TEMP/volumes' + # Volumes (including bind mounts) can be mounted to containers. Glob syntax is supported, see https://github.com/gobwas/glob + valid_volumes: + - '**' + # overrides the docker client host with the specified one. + docker_host: '' + +cache: + enabled: true + external_server: 'http://REPLACE_RUNNER_CACHE_HOST:REPLACE_RUNNER_CACHE_PORT/' diff --git a/rootfs/tmp/etc/docker/daemon.json b/rootfs/tmp/etc/docker/daemon.json new file mode 100644 index 0000000..3823d75 --- /dev/null +++ b/rootfs/tmp/etc/docker/daemon.json @@ -0,0 +1,8 @@ +{ + "ip": "0.0.0.0", + "iptables": true, + "log-level": "error", + "experimental": true, + "pidfile": "/tmp/docker.pid", + "insecure-registries": ["localhost"] +} diff --git a/rootfs/tmp/etc/gitea/app.ini b/rootfs/tmp/etc/gitea/app.ini new file mode 100644 index 0000000..9f8a9f4 --- /dev/null +++ b/rootfs/tmp/etc/gitea/app.ini @@ -0,0 +1,273 @@ +; https://docs.gitea.io/en-us/config-cheat-sheet/#default-configuration-non-appini-configuration +APP_NAME = REPLACE_SERVER_SITE_TITLE +RUN_USER = REPLACE_SERVICE_USER +RUN_MODE = prod + +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[server] +HTTP_PORT = 80 +ROOT_URL = REPLACE_SERVER_PROTO://REPLACE_SERVER_NAME +DOMAIN = REPLACE_SERVER_NAME +APP_DATA_PATH = REPLACE_DATA_DIR +OFFLINE_MODE = false +LFS_START_SERVER = true +LFS_JWT_SECRET = REPLACE_GITEA_LFS_JWT_SECRET +LANDING_PAGE = explore +ACME_URL = +ACME_ACCEPTTOS = true +ACME_EMAIL = ssl-admin@REPLACE_SERVER_NAME +ACME_DIRECTORY = REPLACE_DATA_DIR/certs +LETSENCRYPT_ACCEPTTOS = true +DISABLE_SSH = false +START_SSH_SERVER = true +SSH_LISTEN_HOST = 0.0.0.0 +SSH_PORT = 7833 +SSH_LISTEN_PORT = 22 +SSH_CREATE_AUTHORIZED_KEYS_FILE = true +SSH_CREATE_AUTHORIZED_PRINCIPALS_FILE = true +SSH_AUTHORIZED_KEYS_BACKUP = true +SSH_ROOT_PATH = REPLACE_DATA_DIR/ssh +SSH_DOMAIN = REPLACE_SERVER_NAME +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[lfs] +STORAGE_TYPE = local +LFS_CONTENT_PATH = REPLACE_DATA_DIR/lfs +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[storage.repo-archive] +STORAGE_TYPE = local +PATH = REPLACE_DATA_DIR/repositories/archive +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[repository] +SCRIPT_TYPE = sh +ROOT = REPLACE_DATA_DIR/repositories/root +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[repository.local] +LOCAL_COPY_PATH = REPLACE_DATA_DIR/repositories/local +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[repository.upload] +TEMP_PATH = REPLACE_DATA_DIR/repositories/uploads +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[repository.pull-request] +DEFAULT_MERGE_STYLE = merge +WORK_IN_PROGRESS_PREFIXES = WIP:,[WIP] +CLOSE_KEYWORDS = close,closes,closed,fix,fixes,fixed,resolve,resolves,resolved +REOPEN_KEYWORDS = reopen,reopens,reopened +DEFAULT_MERGE_MESSAGE_COMMITS_LIMIT = 50 +DEFAULT_MERGE_MESSAGE_SIZE = 5120 +DEFAULT_MERGE_MESSAGE_ALL_AUTHORS = false +DEFAULT_MERGE_MESSAGE_MAX_APPROVERS = 10 +ADD_CO_COMMITTER_TRAILERS = true +TEST_CONFLICTING_PATCHES_WITH_GIT_APPLY = false +RETARGET_CHILDREN_ON_MERGE = true +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[repository.signing] +DEFAULT_TRUST_MODEL = collaboratorcommitter +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[packages] +ENABLED = true +CHUNKED_UPLOAD_PATH = REPLACE_DATA_DIR/tmp/package-upload +LIMIT_TOTAL_OWNER_COUNT = -1 +LIMIT_TOTAL_OWNER_SIZE = -1 +LIMIT_SIZE_ALPINE = -1 +LIMIT_SIZE_CARGO = -1 +LIMIT_SIZE_CHEF = -1 +LIMIT_SIZE_COMPOSER = -1 +LIMIT_SIZE_CONAN = -1 +LIMIT_SIZE_CONDA = -1 +LIMIT_SIZE_CONTAINER = -1 +LIMIT_SIZE_CRAN = -1 +LIMIT_SIZE_DEBIAN = -1 +LIMIT_SIZE_GENERIC = -1 +LIMIT_SIZE_GO = -1 +LIMIT_SIZE_HELM = -1 +LIMIT_SIZE_MAVEN = -1 +LIMIT_SIZE_NPM = -1 +LIMIT_SIZE_NUGET = -1 +LIMIT_SIZE_PUB = -1 +LIMIT_SIZE_PYPI = -1 +LIMIT_SIZE_RPM = -1 +LIMIT_SIZE_RUBYGEMS = -1 +LIMIT_SIZE_SWIFT = -1 +LIMIT_SIZE_VAGRANT = -1 +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[attachment] +PATH = REPLACE_DATA_DIR/attachments +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[indexer] +ISSUE_INDEXER_PATH = REPLACE_DATA_DIR/indexers/issues.bleve +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[session] +PROVIDER = file +PROVIDER_CONFIG = REPLACE_DATA_DIR/sessions +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[database] +DB_TYPE = REPLACE_SQL_TYPE +HOST = REPLACE_SQL_HOST +USER = REPLACE_SQL_USER +PASSWD = REPLACE_SQL_PASS +NAME = REPLACE_SQL_NAME +LOG_SQL = false +SCHEMA = +SSL_MODE = disable +CHARSET = utf8 +PATH = REPLACE_DATABASE_DIR/gitea.db +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[picture] +ENABLE_FEDERATED_AVATAR = true +DISABLE_GRAVATAR = false +AVATAR_UPLOAD_PATH = REPLACE_DATA_DIR/avatars/users +REPOSITORY_AVATAR_UPLOAD_PATH = REPLACE_DATA_DIR/avatars/repos +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[log] +MODE = console +LEVEL = warn +LOG_ROTATE = true +DAILY_ROTATE = true +MAX_DAYS = 1 +ROOT_PATH = REPLACE_LOG_DIR +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[security] +INSTALL_LOCK = false +SECRET_KEY = REPLACE_SECRET_KEY +INTERNAL_TOKEN = REPLACE_GITEA_INTERNAL_TOKEN +PASSWORD_HASH_ALGO = pbkdf2 +MIN_PASSWORD_LENGTH = 8 +PASSWORD_COMPLEXITY = on +LOGIN_REMEMBER_DAYS = 1825 +COOKIE_USERNAME = git_REPLACE_RANDOM_COOKIE_KEY +REVERSE_PROXY_LIMIT = 1 +REVERSE_PROXY_TRUSTED_PROXIES = * +REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER +REVERSE_PROXY_AUTHENTICATION_EMAIL = X-WEBAUTH-EMAIL +REVERSE_PROXY_AUTHENTICATION_FULL_NAME = X-WEBAUTH-FULLNAME +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[time] +DEFAULT_UI_LOCATION = REPLACE_TZ +FORMAT = RFC1123 +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[service] +DISABLE_REGISTRATION = false +REQUIRE_SIGNIN_VIEW = false +REGISTER_EMAIL_CONFIRM = REPLACE_GITEA_EMAIL_CONFIRM +ENABLE_NOTIFY_MAIL = REPLACE_GITEA_EMAIL_CONFIRM +ALLOW_ONLY_EXTERNAL_REGISTRATION = false +ENABLE_CAPTCHA = true +DEFAULT_KEEP_EMAIL_PRIVATE = true +DEFAULT_ALLOW_CREATE_ORGANIZATION = true +DEFAULT_ENABLE_TIMETRACKING = true +NO_REPLY_ADDRESS = no-reply.REPLACE_SERVER_NAME +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[actions] +ENABLED = true +DEFAULT_ACTIONS_URL = github +ARTIFACT_RETENTION_DAYS = 90 +ZOMBIE_TASK_TIMEOUT = 10m +ENDLESS_TASK_TIMEOUT = 3h +ABANDONED_JOB_TIMEOUT = 24h +SKIP_WORKFLOW_STRINGS = [skip ci],[ci skip],[no ci],[skip actions],[actions skip] +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[storage.actions_log] +STORAGE_TYPE = local +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[mailer] +ENABLED = REPLACE_GITEA_EMAIL_CONFIRM +SMTP_ADDR = REPLACE_EMAIL_RELAY +SMTP_PORT = 25 +FROM = REPLACE_SERVER_ADMIN +USER = +PASSWD = +PROTOCOL = +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[openid] +ENABLE_OPENID_SIGNIN = true +ENABLE_OPENID_SIGNUP = true +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[oauth2] +ENABLED = true +JWT_SIGNING_ALGORITHM = RS256 +ACCESS_TOKEN_EXPIRATION_TIME = 3600 +REFRESH_TOKEN_EXPIRATION_TIME = 730 +MAX_TOKEN_LENGTH = 32767 +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[oauth2_client] +REGISTER_EMAIL_CONFIRM = REPLACE_GITEA_EMAIL_CONFIRM +OPENID_CONNECT_SCOPES = +ENABLE_AUTO_REGISTRATION = true +USERNAME = nickname +UPDATE_AVATAR = false +ACCOUNT_LINKING = login +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[ui] +DEFAULT_THEME = gitea-dark +SEARCH_REPO_DESCRIPTION = true +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[ui.meta] +AUTHOR = gitea +DESCRIPTION = REPLACE_SERVER_SITE_TITLE +KEYWORDS = go,git,self-hosted,gitea +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[ui.notification] +MIN_TIMEOUT = 10s +MAX_TIMEOUT = 60s +TIMEOUT_STEP = 10s +EVENT_SOURCE_UPDATE_TIME = 10s +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[cors] +ENABLED = true +SCHEME = REPLACE_SERVER_PROTO +ALLOW_DOMAIN = * +ALLOW_SUBDOMAIN = true +METHODS = GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS +MAX_AGE = 10m +ALLOW_CREDENTIALS = true +X_FRAME_OPTIONS = SAMEORIGIN +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[project] +PROJECT_BOARD_BASIC_KANBAN_TYPE = To Do, In Progress, Done +PROJECT_BOARD_BUG_TRIAGE_TYPE = Needs Triage, High Priority, Low Priority, Closed +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[cron] +ENABLED = true +RUN_AT_START = false +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[cron.archive_cleanup] +ENABLED = true +RUN_AT_START = true +NO_SUCCESS_NOTICE = false +OLDER_THAN = 24h +SCHEDULE = @midnight +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[cron.update_mirrors] +ENABLED = true +RUN_AT_START = true +NO_SUCCESS_NOTICE = true +PULL_LIMIT = 100000 +PUSH_LIMIT = 100000 +SCHEDULE = @every 360m +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[cron.repo_health_check] +ENABLED = true +RUN_AT_START = false +NO_SUCCESS_NOTICE = false +TIMEOUT = 60s +SCHEDULE = @midnight +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[cron.delete_inactive_accounts] +ENABLED = false +RUN_AT_START = false +NO_SUCCESS_NOTICE = false +OLDER_THAN = 168h +SCHEDULE = @annually +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[cron.delete_repo_archives] +ENABLED = false +RUN_AT_START = false +NO_SUCCESS_NOTICE = false +SCHEDULE = @annually +; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +[cron.update_checker] +ENABLED = false +RUN_AT_START = false +ENABLE_SUCCESS_NOTICE = true +SCHEDULE = @every 168h +HTTP_ENDPOINT = https://dl.gitea.io/gitea/version.json diff --git a/rootfs/tmp/etc/ssh/sshd_config b/rootfs/tmp/etc/ssh/sshd_config new file mode 100644 index 0000000..d962db7 --- /dev/null +++ b/rootfs/tmp/etc/ssh/sshd_config @@ -0,0 +1,35 @@ +Port 7833 +Protocol 2 + +AddressFamily any +ListenAddress 0.0.0.0 +ListenAddress :: + +LogLevel INFO + +HostKey REPLACE_SSH_CONF_DIR/ssh_host_ed25519_key +HostKey REPLACE_SSH_CONF_DIR/ssh_host_rsa_key +HostKey REPLACE_SSH_CONF_DIR/ssh_host_ecdsa_key + +AuthorizedKeysFile REPLACE_SSH_DATA_DIR/authorized_keys +AuthorizedPrincipalsFile REPLACE_SSH_DATA_DIR/authorized_principals +TrustedUserCAKeys REPLACE_SSH_DATA_DIR/gitea-trusted-user-ca-keys.pem +CASignatureAlgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,ssh-ed25519,sk-ssh-ed25519@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa + +UseDNS no +AllowAgentForwarding no +AllowTcpForwarding no +PrintMotd no + +PermitUserEnvironment yes +PermitRootLogin no +ChallengeResponseAuthentication no +PasswordAuthentication no +PermitEmptyPasswords no + +AllowUsers gitea + +Banner none +Subsystem sftp /usr/lib/ssh/sftp-server + +AcceptEnv GIT_PROTOCOL diff --git a/rootfs/usr/local/bin/entrypoint.sh b/rootfs/usr/local/bin/entrypoint.sh new file mode 100755 index 0000000..507f1a9 --- /dev/null +++ b/rootfs/usr/local/bin/entrypoint.sh @@ -0,0 +1,533 @@ +#!/usr/bin/env bash +# shellcheck shell=bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202408091653-git +# @@Author : Jason Hempstead +# @@Contact : jason@casjaysdev.pro +# @@License : WTFPL +# @@ReadME : entrypoint.sh --help +# @@Copyright : Copyright: (c) 2024 Jason Hempstead, Casjays Developments +# @@Created : Friday, Aug 09, 2024 16:53 EDT +# @@File : entrypoint.sh +# @@Description : Entrypoint file for gitea +# @@Changelog : New script +# @@TODO : Better documentation +# @@Other : +# @@Resource : +# @@Terminal App : no +# @@sudo/root : no +# @@Template : other/docker-entrypoint +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# setup debugging - https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html +[ -f "/config/.debug" ] && [ -z "$DEBUGGER_OPTIONS" ] && export DEBUGGER_OPTIONS="$(<"/config/.debug")" || DEBUGGER_OPTIONS="${DEBUGGER_OPTIONS:-}" +{ [ "$DEBUGGER" = "on" ] || [ -f "/config/.debug" ]; } && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS && export DEBUGGER="on" || set -o pipefail +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +SCRIPT_FILE="$0" +CONTAINER_NAME="gitea" +SCRIPT_NAME="$(basename "$SCRIPT_FILE" 2>/dev/null)" +CONTAINER_NAME="${ENV_CONTAINER_NAME:-$CONTAINER_NAME}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# remove whitespaces from beginning argument +while :; do [ "$1" = " " ] && shift 1 || break; done +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ "$1" = "$SCRIPT_FILE" ] && shift 1 +[ "$1" = "$SCRIPT_NAME" ] && shift 1 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import the functions file +if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then + . "/usr/local/etc/docker/functions/entrypoint.sh" +else + echo "Can not load functions from /usr/local/etc/docker/functions/entrypoint.sh" + exit 1 +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +case "$1" in +# Help message +--help) + shift 1 + echo 'Docker container for '$CONTAINER_NAME'' + echo "Usage: $CONTAINER_NAME [cron exec start init shell certbot ssl procs ports healthcheck backup command]" + echo "" + exit 0 + ;; +esac +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Create the default env files +__create_env_file "/config/env/default.sh" "/root/env.sh" &>/dev/null +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import variables from files +for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do + [ -f "$set_env" ] && . "$set_env" +done +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# User to use to launch service - IE: postgres +RUNAS_USER="root" # normally root +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# User and group in which the service switches to - IE: nginx,apache,mysql,postgres +SERVICE_USER="git" # execute command as another user +SERVICE_GROUP="git" # Set the service group +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set user and group ID +SERVICE_UID="0" # set the user id +SERVICE_GID="0" # set the group id +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Primary server port- will be added to server ports +WEB_SERVER_PORT="" # port : 80,443 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Secondary ports +SERVER_PORTS="" # specifiy other ports +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Server directories +WWW_ROOT_DIR="" # set default web dir +DATABASE_DIR="" # set database dir +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Healthcheck variables +HEALTH_ENABLED="yes" # enable healthcheck [yes/no] +SERVICES_LIST="tini,dockerd,gitea,act_runner" # comma seperated list of processes for the healthcheck +HEALTH_ENDPOINTS="" # url endpoints: [http://localhost/health,http://localhost/test] +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Update path var +export PATH="${PATH:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Custom variables + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# show message +__run_message() { + + return +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +################## END OF CONFIGURATION ##################### +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Startup variables +export INIT_DATE="${INIT_DATE:-$(date)}" +export CONTAINER_INIT="${CONTAINER_INIT:-no}" +export START_SERVICES="${START_SERVICES:-yes}" +export ENTRYPOINT_MESSAGE="${ENTRYPOINT_MESSAGE:-yes}" +export ENTRYPOINT_FIRST_RUN="${ENTRYPOINT_FIRST_RUN:-yes}" +export DATA_DIR_INITIALIZED="${DATA_DIR_INITIALIZED:-no}" +export CONFIG_DIR_INITIALIZED="${CONFIG_DIR_INITIALIZED:-no}" +export CONTAINER_NAME="${ENV_CONTAINER_NAME:-$CONTAINER_NAME}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# System +export LANG="${LANG:-C.UTF-8}" +export LC_ALL="${LANG:-C.UTF-8}" +export TZ="${TZ:-${TIMEZONE:-America/New_York}}" +export HOSTNAME="${FULL_DOMAIN_NAME:-${SERVER_HOSTNAME:-$HOSTNAME}}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Default directories +export SSL_DIR="${SSL_DIR:-/config/ssl}" +export SSL_CA="${SSL_CERT:-/config/ssl/ca.crt}" +export SSL_KEY="${SSL_KEY:-/config/ssl/localhost.pem}" +export SSL_CERT="${SSL_CERT:-/config/ssl/localhost.crt}" +export BACKUP_DIR="${BACKUP_DIR:-/data/backups}" +export LOCAL_BIN_DIR="${LOCAL_BIN_DIR:-/usr/local/bin}" +export DEFAULT_DATA_DIR="${DEFAULT_DATA_DIR:-/usr/local/share/template-files/data}" +export DEFAULT_CONF_DIR="${DEFAULT_CONF_DIR:-/usr/local/share/template-files/config}" +export DEFAULT_TEMPLATE_DIR="${DEFAULT_TEMPLATE_DIR:-/usr/local/share/template-files/defaults}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional +export PHP_INI_DIR="${PHP_INI_DIR:-$(__find_php_ini)}" +export PHP_BIN_DIR="${PHP_BIN_DIR:-$(__find_php_bin)}" +export HTTPD_CONFIG_FILE="${HTTPD_CONFIG_FILE:-$(__find_httpd_conf)}" +export NGINX_CONFIG_FILE="${NGINX_CONFIG_FILE:-$(__find_nginx_conf)}" +export MYSQL_CONFIG_FILE="${MYSQL_CONFIG_FILE:-$(__find_mysql_conf)}" +export PGSQL_CONFIG_FILE="${PGSQL_CONFIG_FILE:-$(__find_pgsql_conf)}" +export MONGODB_CONFIG_FILE="${MONGODB_CONFIG_FILE:-$(__find_mongodb_conf)}" +export ENTRYPOINT_PID_FILE="${ENTRYPOINT_PID_FILE:-$ENTRYPOINT_PID_FILE}" +export ENTRYPOINT_INIT_FILE="${ENTRYPOINT_INIT_FILE:-/config/.entrypoint.done}" +export ENTRYPOINT_DATA_INIT_FILE="${ENTRYPOINT_DATA_INIT_FILE:-/data/.docker_has_run}" +export ENTRYPOINT_CONFIG_INIT_FILE="${ENTRYPOINT_CONFIG_INIT_FILE:-/config/.docker_has_run}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ -f "$ENTRYPOINT_PID_FILE" ] || [ -f "$ENTRYPOINT_INIT_FILE" ]; then + START_SERVICES="no" ENTRYPOINT_MESSAGE="no" ENTRYPOINT_FIRST_RUN="no" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# variables based on env/files +[ -f "/config/enable/ssl" ] && SSL_ENABLED="yes" +[ -f "/config/enable/ssh" ] && SSH_ENABLED="yes" +[ "$WEB_SERVER_PORT" = "443" ] && SSL_ENABLED="yes" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# export variables + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# is already Initialized +[ -f "$ENTRYPOINT_DATA_INIT_FILE" ] && DATA_DIR_INITIALIZED="yes" || DATA_DIR_INITIALIZED="no" +[ -f "$ENTRYPOINT_CONFIG_INIT_FILE" ] && CONFIG_DIR_INITIALIZED="yes" || CONFIG_DIR_INITIALIZED="no" +{ [ -f "$ENTRYPOINT_PID_FILE" ] || [ -f "$ENTRYPOINT_INIT_FILE" ]; } && ENTRYPOINT_FIRST_RUN="no" || ENTRYPOINT_FIRST_RUN="yes" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# clean ENV_PORTS variables +ENV_PORTS="${ENV_PORTS//,/ }" # +ENV_PORTS="${ENV_PORTS//\/*/}" # +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# clean SERVER_PORTS variables +SERVER_PORTS="${SERVER_PORTS//,/ }" # +SERVER_PORTS="${SERVER_PORTS//\/*/}" # +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# clean WEB_SERVER_PORTS variables +WEB_SERVER_PORTS="${WEB_SERVER_PORT//\/*/}" # +WEB_SERVER_PORTS="${WEB_SERVER_PORTS//\/*/}" # +WEB_SERVER_PORTS="${WEB_SERVER_PORT//,/ } ${ENV_WEB_SERVER_PORTS//,/ }" # +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# rewrite and merge variables +ENV_PORTS="$(__format_variables "$ENV_PORTS" || false)" +WEB_SERVER_PORTS="$(__format_variables "$WEB_SERVER_PORTS" || false)" +ENV_PORTS="$(__format_variables "$SERVER_PORTS" "$WEB_SERVER_PORTS" "$ENV_PORTS" "$SERVER_PORTS" || false)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# +HEALTH_ENDPOINTS="${HEALTH_ENDPOINTS//,/ }" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create required directories +mkdir -p "/run" +mkdir -p "/tmp" +mkdir -p "/root" +mkdir -p "/var/run" +mkdir -p "/var/tmp" +mkdir -p "/run/cron" +mkdir -p "/data/logs" +mkdir -p "/run/init.d" +mkdir -p "/config/enable" +mkdir -p "/config/secure" +mkdir -p "/usr/local/etc/docker/exec" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create required files +touch "/data/logs/start.log" +touch "/data/logs/entrypoint.log" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# fix permissions +chmod -f 777 "/run" +chmod -f 777 "/tmp" +chmod -f 700 "/root" +chmod -f 777 "/var/run" +chmod -f 777 "/var/tmp" +chmod -f 777 "/run/cron" +chmod -f 777 "/data/logs" +chmod -f 777 "/run/init.d" +chmod -f 777 "/config/enable" +chmod -f 777 "/config/secure" +chmod -f 777 "/data/logs/entrypoint.log" +chmod -f 777 "/usr/local/etc/docker/exec" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# lets ensure everyone can write to std* +[ -f "/dev/stdin" ] && chmod -f 777 "/dev/stdin" +[ -f "/dev/stderr" ] && chmod -f 777 "/dev/stderr" +[ -f "/dev/stdout" ] && chmod -f 777 "/dev/stdout" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +cat </dev/null +export LANG="\${LANG:-C.UTF-8}" +export LC_ALL="\${LANG:-C.UTF-8}" +export TZ="\${TZ:-\${TIMEZONE:-America/New_York}}" +EOF +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Create the backup dir +[ -n "$BACKUP_DIR" ] && { [ -d "$BACKUP_DIR" ] || mkdir -p "$BACKUP_DIR"; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ "$ENTRYPOINT_FIRST_RUN" != "no" ]; then + # Show start message + if [ "$CONFIG_DIR_INITIALIZED" = "no" ] || [ "$DATA_DIR_INITIALIZED" = "no" ]; then + [ "$ENTRYPOINT_MESSAGE" = "yes" ] && echo "Executing entrypoint script for gitea" + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Set reusable variables + { { [ -w "/etc" ] && [ ! -e "/etc/hosts" ]; } || [ -w "/etc/hosts" ]; } && UPDATE_FILE_HOSTS="yes" + { { [ -w "/etc" ] && [ ! -e "/etc/timezone" ]; } || [ -w "/etc/timezone" ]; } && UPDATE_FILE_TZ="yes" + { { [ -w "/etc" ] && [ ! -e "/etc/resolv.conf" ]; } || [ -w "/etc/resolv.conf" ]; } && UPDATE_FILE_RESOLV="yes" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Set timezone + [ -n "$TZ" ] && [ "$UPDATE_FILE_TZ" = "yes" ] && echo "$TZ" >"/etc/timezone" + [ -f "/usr/share/zoneinfo/$TZ" ] && [ "$UPDATE_FILE_TZ" = "yes" ] && ln -sf "/usr/share/zoneinfo/$TZ" "/etc/localtime" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # if ipv6 add it to /etc/hosts + if [ "$UPDATE_FILE_HOSTS" = "yes" ]; then + echo "# known hostname mappings" >"/etc/hosts" + if [ -n "$(ip a 2>/dev/null | grep 'inet6.*::' || ifconfig 2>/dev/null | grep 'inet6.*::')" ]; then + __printf_space "40" "::1" "localhost" >>"/etc/hosts" + __printf_space "40" "127.0.0.1" "localhost" >>"/etc/hosts" + else + __printf_space "40" "127.0.0.1" "localhost" >>"/etc/hosts" + fi + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # add .home domain + if [ "$UPDATE_FILE_HOSTS" = "yes" ] && [ -n "$HOSTNAME" ]; then + __grep_test " $HOSTNAME" "/etc/hosts" || __printf_space "40" "${CONTAINER_IP4_ADDRESS:-127.0.0.1}" "$HOSTNAME" >>"/etc/hosts" + __grep_test " ${HOSTNAME%%.*}.home" "/etc/hosts" || __printf_space "40" "${CONTAINER_IP4_ADDRESS:-127.0.0.1}" "${HOSTNAME%%.*}.home" >>"/etc/hosts" + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # add domainname + if [ "$UPDATE_FILE_HOSTS" = "yes" ] && [ "$DOMAINNAME" != "home" ] && [ -n "$DOMAINNAME" ] && [ "$HOSTNAME.$DOMAINNAME" != "$DOMAINNAME" ]; then + __grep_test " ${HOSTNAME%%.*}.$DOMAINNAME" "/etc/hosts" || __printf_space "40" "${CONTAINER_IP4_ADDRESS:-127.0.0.1}" "${HOSTNAME%%.*}.$DOMAINNAME" >>"/etc/hosts" + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Set containers hostname + [ -n "$HOSTNAME" ] && [ "$UPDATE_FILE_HOSTS" = "yes" ] && echo "$HOSTNAME" >"/etc/hostname" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Set containers hostname with domain + # [ -n "$DOMAINNAME" ] && [ "$UPDATE_FILE_HOSTS" = "yes" ] && echo "$HOSTNAME.$DOMAINNAME" >"/etc/hostname" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + if [ -f "/etc/hostname" ]; then + [ -n "$(type -P hostname)" ] && hostname -F "/etc/hostname" &>/dev/null || HOSTNAME="$(<"/etc/hostname")" + export HOSTNAME + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # import hosts file into container + [ -f "/usr/local/etc/hosts" ] && [ "$UPDATE_FILE_HOSTS" = "yes" ] && cat "/usr/local/etc/hosts" | grep -vF "$HOSTNAME" >>"/etc/hosts" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # import resolv.conf file into container + [ "$CUSTOM_DNS" != "yes" ] && [ -f "/usr/local/etc/resolv.conf" ] && [ "$UPDATE_FILE_RESOLV" = "yes" ] && cat "/usr/local/etc/resolv.conf" >"/etc/resolv.conf" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + if [ -d "/usr/local/etc/skel" ]; then + cp -Rf "/usr/local/etc/skel/." "$HOME/" + fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Delete any .gitkeep files +[ -d "/data" ] && rm -Rf "/data/.gitkeep" "/data"/*/*.gitkeep +[ -d "/config" ] && rm -Rf "/config/.gitkeep" "/config"/*/*.gitkeep +[ -f "/usr/local/bin/.gitkeep" ] && rm -Rf "/usr/local/bin/.gitkeep" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Setup bin directory - /config/bin > /usr/local/bin +__initialize_custom_bin_dir +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Copy default system configs - /usr/local/share/template-files/defaults > /config/ +__initialize_default_templates +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Copy custom config files - /usr/local/share/template-files/config > /config/ +__initialize_config_dir +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Copy custom data files - /usr/local/share/template-files/data > /data/ +__initialize_data_dir +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__initialize_ssl_certs +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ -f "$ENTRYPOINT_PID_FILE" ] || [ -f "$ENTRYPOINT_INIT_FILE" ]; then + START_SERVICES="no" + ENTRYPOINT_MESSAGE="no" + ENTRYPOINT_FIRST_RUN="no" + touch "$ENTRYPOINT_PID_FILE" +elif [ -d "/config" ]; then + echo "$$" >"$ENTRYPOINT_PID_FILE" + echo "Initialized on: $INIT_DATE" >"$ENTRYPOINT_INIT_FILE" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Check if this is a new container +if [ -f "$ENTRYPOINT_DATA_INIT_FILE" ]; then + DATA_DIR_INITIALIZED="yes" +elif [ -d "/data" ]; then + echo "Initialized on: $INIT_DATE" >"$ENTRYPOINT_DATA_INIT_FILE" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ -f "$ENTRYPOINT_CONFIG_INIT_FILE" ]; then + CONFIG_DIR_INITIALIZED="yes" +elif [ -d "/config" ]; then + echo "Initialized on: $INIT_DATE" >"$ENTRYPOINT_CONFIG_INIT_FILE" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ "$ENTRYPOINT_FIRST_RUN" != "no" ]; then + # setup the smtp server + __setup_mta +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# if no pid assume container restart +[ -f "$ENTRYPOINT_PID_FILE" ] && [ -f "/run/__start_init_scripts.pid" ] || START_SERVICES="yes" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ "$ENTRYPOINT_MESSAGE" = "yes" ] && __printf_space "40" "Container ip address is:" "$CONTAINER_IP4_ADDRESS" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Show configured listing processes +if [ "$ENTRYPOINT_MESSAGE" = "yes" ] && [ -n "$ENV_PORTS" ]; then + show_port="" + for port in $ENV_PORTS; do [ -n "$port" ] && show_port+="$(printf '%s ' "${port// /}") "; done + __printf_space "40" "The following ports are open:" "$show_port" + unset port show_port +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# execute init script +if [ -f "/tmp/init" ]; then sh "/tmp/init"; fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create user if needed +__create_service_user "$SERVICE_USER" "$SERVICE_GROUP" "${WORK_DIR:-/home/$SERVICE_USER}" "${SERVICE_UID:-}" "${SERVICE_GID:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Modify user if needed +__set_user_group_id $SERVICE_USER ${SERVICE_UID:-} ${SERVICE_GID:-} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Show message +__run_message +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Just start services +START_SERVICES="${START_SERVICES:-SYSTEM_INIT}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Start all services if no pidfile +if [ "$START_SERVICES" = "yes" ] && [ "$1" != "backup" ] && [ "$1" != "healthcheck" ]; then + [ "$1" = "start" ] && shift 1 + [ "$1" = "all" ] && shift 1 + [ "$1" = "init" ] && export CONTAINER_INIT="yes" + echo "$$" >"$ENTRYPOINT_PID_FILE" + __start_init_scripts "/usr/local/etc/docker/init.d" + START_SERVICES="no" + CONTAINER_INIT="${CONTAINER_INIT:-no}" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Begin options +case "$1" in +init) + shift 1 + echo "Container has been Initialized" + exit 0 + ;; + +cron) + shift 1 + __cron "$@" & + exit + ;; +# backup data and config dirs +backup) + shift 1 + save="${1:-$BACKUP_DIR}" + backupExit=0 + date="$(date '+%Y%m%d-%H%M')" + file="$save/$date.tar.gz" + echo "Backing up /data /config to $file" + sleep 1 + tar cfvz "$file" --exclude="$save" "/data" "/config" || false + backupExit=$? + [ $backupExit -eq 0 ] && echo "Backed up /data /config has finished" || echo "Backup of /data /config has failed" + exit $backupExit + ;; +# Docker healthcheck +healthcheck) + healthStatus=0 + services="${SERVICES_LIST:-$@}" + healthEnabled="${HEALTH_ENABLED:-}" + healthPorts="${WEB_SERVER_PORTS:-}" + healthEndPoints="${HEALTH_ENDPOINTS:-}" + healthMessage="Everything seems to be running" + services="${services//,/ }" + [ "$healthEnabled" = "yes" ] || exit 0 + for proc in $services; do + if [ -n "$proc" ]; then + if ! __pgrep "$proc"; then + echo "$proc is not running" >&2 + healthStatus=$((healthStatus + 1)) + fi + fi + done + for port in $ports; do + if [ -n "$(type -P netstat)" ] && [ -n "$port" ]; then + if ! netstat -taupln | grep -q ":$port "; then + echo "$port isn't open" >&2 + healthStatus=$((healthStatus + 1)) + fi + fi + done + for endpoint in $healthEndPoints; do + if [ -n "$endpoint" ]; then + if ! __curl "$endpoint"; then + echo "Can not connect to $endpoint" >&2 + healthStatus=$((healthStatus + 1)) + fi + fi + done + [ "$healthStatus" -eq 0 ] || healthMessage="Errors reported see: docker logs --follow $CONTAINER_NAME" + [ -n "$healthMessage" ] && echo "$healthMessage" + exit $healthStatus + ;; + # show open ports +ports) + shift 1 + ports="$(__netstat -taupln | awk -F ' ' '{print $4}' | awk -F ':' '{print $2}' | sort --unique --version-sort | grep -v '^$' | grep '^' || echo '')" + [ -n "$ports" ] && printf '%s\n%s\n' "The following are servers:" "$ports" | tr '\n' ' ' + exit $? + ;; + # show running processes +procs) + shift 1 + ps="$(__ps axco command | grep -vE 'COMMAND|grep|ps' | sort -u || grep '^' || echo '')" + [ -n "$ps" ] && printf '%s\n%s\n' "Found the following processes" "$ps" | tr '\n' ' ' + exit $? + ;; + # setup ssl +ssl) + shift 1 + __create_ssl_cert + exit $? + ;; +# manage ssl certificate +certbot) + shift 1 + CERT_BOT_ENABLED="yes" + if [ "$1" = "create" ]; then + shift 1 + __certbot "create" + elif [ "$1" = "renew" ]; then + shift 1 + __certbot "renew certonly --force-renew" + else + __exec_command "certbot" "$@" + fi + exit $? + ;; +# Launch shell +*/bin/sh | */bin/bash | bash | sh | shell) + shift 1 + __exec_command "${@:-/bin/bash -l}" + exit $? + ;; +# execute commands +exec) + shift 1 + __exec_command "${@:-echo "No commands given"}" + exit $? + ;; +# show/start init scripts +start) + shift 1 + export PATH="/usr/local/etc/docker/init.d:$PATH" + if [ $# -eq 0 ]; then + scripts="$(ls -A "/usr/local/etc/docker/init.d")" + [ -n "$scripts" ] && echo "$scripts" || echo "No scripts found in: /usr/local/etc/docker/init.d" + exit + elif [ "$1" = "all" ]; then + shift $# + if [ "$START_SERVICES" = "yes" ]; then + echo "$$" >"$ENTRYPOINT_PID_FILE" + __start_init_scripts "/usr/local/etc/docker/init.d" + __no_exit + elif [ -f "/usr/local/etc/docker/init.d/$1" ]; then + eval "/usr/local/etc/docker/init.d/$1" & + __no_exit + + fi + fi + ;; +# Execute primary command +*) + if [ $# -eq 0 ]; then + if [ ! -f "$ENTRYPOINT_PID_FILE" ]; then + echo "$$" >"$ENTRYPOINT_PID_FILE" + [ "$START_SERVICES" = "no" ] && [ "$CONTAINER_INIT" = "yes" ] || __start_init_scripts "/usr/local/etc/docker/init.d" + fi + __no_exit + else + __exec_command "$@" + fi + exit $? + ;; +esac +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# end of entrypoint +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + +# ex: ts=2 sw=2 et filetype=sh diff --git a/rootfs/usr/local/bin/pkmgr b/rootfs/usr/local/bin/pkmgr new file mode 100755 index 0000000..137af81 --- /dev/null +++ b/rootfs/usr/local/bin/pkmgr @@ -0,0 +1,140 @@ +#!/usr/bin/env bash +# shellcheck shell=bash +# shellcheck disable=SC2016 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ -n "$_DEBUG" ] && _DEBUG_OPTIONS="-x" +[ "$1" = "--debug" ] && _DEBUG_OPTIONS="-x" && shift 1 +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS +set -e $_DEBUG_OPTIONS +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +USER_UID="$(id -u)" +USER_GID="$(id -g)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ -f "/etc/pkmgr/options.conf" ] && . "/etc/pkmgr/options.conf" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ -x "$(command -v apt 2>/dev/null)" ]; then + export DEBIAN_FRONTEND=noninteractive + pkmgr_cmd="apt" + pkmgr_clean_cmd="$pkmgr_cmd clean" + pkmgr_mkcache_cmd="$pkmgr_cmd update" + pkmgr_update_cmd="$pkmgr_cmd upgrade -yy" + pkmgr_install_cmd="$pkmgr_cmd install -yy $PKMGR_OPTS" +elif [ -x "$(command -v apt-get 2>/dev/null)" ]; then + export DEBIAN_FRONTEND=noninteractive + pkmgr_cmd="apt-get" + pkmgr_clean_cmd="$pkmgr_cmd clean" + pkmgr_mkcache_cmd="$pkmgr_cmd update" + pkmgr_update_cmd="$pkmgr_cmd upgrade -yy" + pkmgr_install_cmd="$pkmgr_cmd install -yy $PKMGR_OPTS" +elif [ -x "$(command -v dnf 2>/dev/null)" ]; then + pkmgr_cmd="dnf" + pkmgr_clean_cmd="$pkmgr_cmd clean all" + pkmgr_mkcache_cmd="$pkmgr_cmd makecache" + pkmgr_update_cmd="$pkmgr_cmd update -y --skip-broken $PKMGR_OPTS" + pkmgr_install_cmd="$pkmgr_cmd install -y --skip-broken $PKMGR_OPTS" +elif [ -x "$(command -v yum 2>/dev/null)" ]; then + pkmgr_cmd="yum" + pkmgr_clean_cmd="$pkmgr_cmd clean all" + pkmgr_mkcache_cmd="$pkmgr_cmd makecache" + pkmgr_update_cmd="$pkmgr_cmd update -y --skip-broken $PKMGR_OPTS" + pkmgr_install_cmd="$pkmgr_cmd install -y --skip-broken $PKMGR_OPTS" +elif [ -n "$(command -v pacman 2>/dev/null)" ]; then + pkmgr_cmd="pacman" + pkmgr_mkcache_cmd="true" + pkmgr_clean_cmd="$pkmgr_cmd -Scc --noconfirm" + pkmgr_update_cmd="$pkmgr_cmd -Syyu --noconfirm $PKMGR_OPTS" + pkmgr_install_cmd="$pkmgr_cmd -Syy --noconfirm $PKMGR_OPTS" +elif [ -x "$(command -v apk 2>/dev/null)" ]; then + pkmgr_cmd="apk" + pkmgr_mkcache_cmd="true" + pkmgr_clean_cmd="$pkmgr_cmd cache clean" + pkmgr_update_cmd="$pkmgr_cmd -U upgrade --no-cache $PKMGR_OPTS" + pkmgr_install_cmd="$pkmgr_cmd add --no-cache $PKMGR_OPTS" +elif [ -x "$(command -v zypper 2>/dev/null)" ]; then + pkmgr_cmd="zypper" + pkmgr_mkcache_cmd="true" + pkmgr_clean_cmd="$pkmgr_cmd clean --all" + pkmgr_update_cmd="$pkmgr_cmd update -y $PKMGR_OPTS" + pkmgr_install_cmd="$pkmgr_cmd install -y $PKMGR_OPTS" +else + pkmgr_cmd="true" + pkmgr_mkcache_cmd="$pkmgr_cmd" + pkmgr_clean_cmd="$pkmgr_cmd" + pkmgr_update_cmd="$pkmgr_cmd" + pkmgr_install_cmd="$pkmgr_cmd" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ -f "/config/pkmgr/settings.conf" ]; then + . "/config/pkmgr/settings.conf" +elif [ -f "/etc/pkmgr/settings.conf" ]; then + . "/etc/pkmgr/settings.conf" +else + mkdir -p "/config/pkmgr" + cat <"/config/pkmgr/settings.conf" +pkmgr_cmd="$pkmgr_cmd" +pkmgr_clean_cmd="$pkmgr_clean_cmd" +pkmgr_update_cmd="$pkmgr_update_cmd" +pkmgr_install_cmd="$pkmgr_install_cmd" +pkmgr_mkcache_cmd="$pkmgr_mkcache_cmd" +EEOF +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ -n "$pkmgr_cmd" ] || { echo "Can not determine the package manager" && exit 1; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +case "$1" in +pip) + shift 1 + pip_bin="$(command -v python3 2>/dev/null || command -v python2 2>/dev/null || command -v python 2>/dev/null || echo "")" + py_version="$($pip_bin --version | sed 's|[pP]ython ||g' | awk -F '.' '{print $1$2}' | grep '[0-9]' || echo "0")" + [ "$py_version" -gt "310" ] && pip_opts="--break-system-packages " || pip_opts="" + case "$1" in + install) + shift 1 + $pip_bin -m $pip_opts "$@" + ;; + *) + $pip_bin "$@" + ;; + esac + exit $? + ;; +update | upgrade) + shift $# + [ "$USER_UID" -eq 0 ] || [ "$USER" = "root" ] || pkmgr_update_cmd="sudo $pkmgr_install_cmd" + echo "Updating packages command: $pkmgr_update_cmd" + $pkmgr_mkcache_cmd + $pkmgr_update_cmd + exit $? + ;; +clean) + shift $# + [ -n "$1" ] || exit 0 + [ "$USER_UID" -eq 0 ] || [ "$USER" = "root" ] || pkmgr_clean_cmd="sudo $pkmgr_clean_cmd" + echo "Cleaning package cache: $pkmgr_clean_cmd" + $pkmgr_clean_cmd + exit $? + ;; +install) + shift 1 + [ -n "$1" ] || exit 0 + [ "$USER_UID" -eq 0 ] || [ "$USER" = "root" ] || pkmgr_install_cmd="sudo $pkmgr_install_cmd" + if [ -f "$1" ]; then + install_list="$(cat "$1")" + echo 'installing packages from file with command: '$pkmgr_install_cmd' "$(<"$1")"' + else + install_list="$*" + echo "installing packages command: $pkmgr_install_cmd $install_list" + fi + $pkmgr_install_cmd $install_list + exit $? + ;; +*) + [ -n "$1" ] || exit 0 + [ "$USER_UID" -eq 0 ] || [ "$USER" = "root" ] || pkmgr_cmd="sudo $pkmgr_cmd" + echo "executing packages command: $pkmgr_cmd $*" + $pkmgr_cmd "$@" + exit $? + ;; +esac +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# end diff --git a/rootfs/usr/local/etc/docker/init.d/05-dockerd.sh b/rootfs/usr/local/etc/docker/init.d/05-dockerd.sh new file mode 100755 index 0000000..aa7e34f --- /dev/null +++ b/rootfs/usr/local/etc/docker/init.d/05-dockerd.sh @@ -0,0 +1,630 @@ +#!/usr/bin/env bash +# shellcheck shell=bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202408091654-git +# @@Author : Jason Hempstead +# @@Contact : jason@casjaysdev.pro +# @@License : WTFPL +# @@ReadME : 05-dockerd.sh --help +# @@Copyright : Copyright: (c) 2024 Jason Hempstead, Casjays Developments +# @@Created : Friday, Aug 09, 2024 16:54 EDT +# @@File : 05-dockerd.sh +# @@Description : +# @@Changelog : New script +# @@TODO : Better documentation +# @@Other : +# @@Resource : +# @@Terminal App : no +# @@sudo/root : no +# @@Template : other/start-service +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# run trap command on exit +trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "yes" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# setup debugging - https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html +[ -f "/config/.debug" ] && [ -z "$DEBUGGER_OPTIONS" ] && export DEBUGGER_OPTIONS="$(<"/config/.debug")" || DEBUGGER_OPTIONS="${DEBUGGER_OPTIONS:-}" +{ [ "$DEBUGGER" = "on" ] || [ -f "/config/.debug" ]; } && echo "Enabling debugging" && set -xo pipefail -x$DEBUGGER_OPTIONS && export DEBUGGER="on" || set -o pipefail +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +SCRIPT_FILE="$0" +SERVICE_NAME="docker" +SCRIPT_NAME="$(basename "$SCRIPT_FILE" 2>/dev/null)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# exit if __start_init_scripts function hasn't been Initialized +if [ ! -f "/run/__start_init_scripts.pid" ]; then + echo "__start_init_scripts function hasn't been Initialized" >&2 + SERVICE_IS_RUNNING="no" + exit 1 +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import the functions file +if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then + . "/usr/local/etc/docker/functions/entrypoint.sh" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import variables +for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do + [ -f "$set_env" ] && . "$set_env" +done +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +printf '%s\n' "# - - - Initializing $SERVICE_NAME - - - #" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Custom functions + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Script to execute +START_SCRIPT="/usr/local/etc/docker/exec/$SERVICE_NAME" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Reset environment before executing service +RESET_ENV="no" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the database root dir +DATABASE_BASE_DIR="${DATABASE_BASE_DIR:-/data/db}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set the database directory +DATABASE_DIR="${DATABASE_DIR_DOCKER:-$DATABASE_BASE_DIR/sqlite}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set webroot +WWW_ROOT_DIR="/usr/local/share/httpd/default" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Default predefined variables +DATA_DIR="/data/docker" # set data directory +CONF_DIR="/config/docker" # set config directory +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set the containers etc directory +ETC_DIR="/etc/docker" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set the var dir +VAR_DIR="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +TMP_DIR="/tmp/docker" # set the temp dir +RUN_DIR="/run/docker" # set scripts pid dir +LOG_DIR="/data/logs/docker" # set log directory +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the working dir +WORK_DIR="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# port which service is listening on +SERVICE_PORT="2375" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# User to use to launch service - IE: postgres +RUNAS_USER="root" # normally root +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# User and group in which the service switches to - IE: nginx,apache,mysql,postgres +SERVICE_USER="docker" # execute command as another user +SERVICE_GROUP="docker" # Set the service group +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set user and group ID +#SERVICE_UID="0" # set the user id +#SERVICE_GID="0" # set the group id +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# execute command variables - keep single quotes variables will be expanded later +EXEC_CMD_BIN='dockerd' # command to execute +EXEC_CMD_ARGS='-H tcp://0.0.0.0:$SERVICE_PORT ' # command arguments +EXEC_CMD_ARGS+='-H unix:///var/run/docker.sock ' # command arguments +EXEC_CMD_ARGS+='-H unix:///tmp/docker.sock --config-file $ETC_DIR/daemon.json' # command arguments +EXEC_PRE_SCRIPT='' # execute script before +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Is this service a web server +IS_WEB_SERVER="no" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Is this service a database server +IS_DATABASE_SERVICE="no" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Does this service use a database server +USES_DATABASE_SERVICE="no" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Show message before execute +PRE_EXEC_MESSAGE="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Update path var +PATH="$PATH:." +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Where to save passwords to +ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user +USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# root/admin user info password/random] +root_user_name="${DOCKER_ROOT_USER_NAME:-}" # root user name +root_user_pass="${DOCKER_ROOT_PASS_WORD:-}" # root user password +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Normal user info [password/random] +user_name="${DOCKER_USER_NAME:-}" # normal user name +user_pass="${DOCKER_USER_PASS_WORD:-}" # normal user password +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Load variables from config +[ -f "/config/env/docker.script.sh" ] && . "/config/env/docker.script.sh" # Generated by my dockermgr script +[ -f "/config/env/docker.sh" ] && . "/config/env/docker.sh" # Overwrite the variabes +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional predefined variables + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional variables + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Specifiy custom directories to be created +ADD_APPLICATION_FILES="" +ADD_APPLICATION_DIRS="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +APPLICATION_FILES="$LOG_DIR/$SERVICE_NAME.log" +APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR $TMP_DIR" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional config dirs - will be Copied to /etc/$name +ADDITIONAL_CONFIG_DIRS="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# define variables that need to be loaded into the service - escape quotes - var=\"value\",other=\"test\" +CMD_ENV="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Overwrite based on file/directory + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Per Application Variables or imports + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Custom prerun functions - IE setup WWW_ROOT_DIR +__execute_prerun() { + # Setup /config directories + __init_config_etc + + # Define other actions/commands + +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Run any pre-execution checks +__run_pre_execute_checks() { + # Set variables + local exitStatus=0 + local pre_execute_checks_MessageST="Running preexecute check for $SERVICE_NAME" # message to show at start + local pre_execute_checks_MessageEnd="Finished preexecute check for $SERVICE_NAME" # message to show at completion + __banner "$pre_execute_checks_MessageST" + # Put command to execute in parentheses + { + [ -d "/etc/docker" ] || mkdir -p "/etc/docker" + [ -d "/config/docker" ] || mkdir -p "/config/docker" + [ -L "/config/docker/daemon.json" ] && unlink "/config/docker/daemon.json" + if [ -n "$DOCKER_REGISTRIES" ]; then + local set_reg="" + local get_reg="" + DOCKER_REGISTRIES="${DOCKER_REGISTRIES//,/ }" + for get_reg in $DOCKER_REGISTRIES; do + set_reg+="\"$get_reg\" " + done + registry="$(printf '%s\n' "$set_reg" | tr ' ' '\n' | sort -V | grep -v '^$' | tr '\n' ',' | sed 's|,$||g;s| ||g' | grep '^')" + export registry + else + unset registry + fi + if [ ! -f "$HOME/.docker/config.json" ]; then + if [ -n "$registry" ]; then + cat </dev/null +{ + "auths": { "https://index.docker.io/v1/": { "auth": "$DOCKER_HUB_TOKEN" } }, + "HttpHeaders": { "User-Agent": "Docker-Client/23.0.1 (linux)" }, + "insecure-registries" : [$registry] +} +EOF + else + cat </dev/null +{ + "auths": { "https://index.docker.io/v1/": { "auth": "$DOCKER_HUB_TOKEN" } }, + "HttpHeaders": { "User-Agent": "Docker-Client/23.0.1 (linux)" } +} +EOF + fi + fi + if [ ! -f "/config/docker/daemon.json" ]; then + if [ -n "$registry" ]; then + cat </dev/null +{ + "ip": "0.0.0.0", + "iptables": true, + "log-level": "error", + "experimental": true, + "pidfile": "/tmp/docker.pid", + "insecure-registries": [$registry] +} +EOF + else + cat </dev/null +{ + "ip": "0.0.0.0", + "iptables": true, + "log-level": "error", + "experimental": true, + "pidfile": "/tmp/docker.pid" +} +EOF + fi + fi + [ -f "/config/docker/daemon.json" ] && cp -Rf "/config/docker/daemon.json" "/etc/docker/daemon.json" + [ -f "$ETC_DIR/daemon.json" ] && sed -i 's|"REPLACE_DOCKER_REGISTRIES"|'$registry'|g' "$ETC_DIR/daemon.json" + [ -f "$CONF_DIR/daemon.json" ] && sed -i 's|"REPLACE_DOCKER_REGISTRIES"|'$registry'|g' "$CONF_DIR/daemon.json" + } + exitStatus=$? + __banner "$pre_execute_checks_MessageEnd: Status $exitStatus" + + # show exit message + if [ $exitStatus -ne 0 ]; then + echo "The pre-execution check has failed" >&2 + [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE" + exit 1 + fi + return $exitStatus +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# use this function to update config files - IE: change port +__update_conf_files() { + local exitCode=0 # default exit code + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # CD into temp to bybass any permission errors + cd /tmp || false # lets keep shellcheck happy by adding false + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # delete files + #__rm "" + + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # custom commands + + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # replace variables + # __replace "" "" "$CONF_DIR/docker.conf" + # replace variables recursively + # __find_replace "" "" "$CONF_DIR" + + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # define actions + rm -Rf "/var/lib/docker" + symlink "$DATA_DIR" "/var/lib/docker" + chmod 777 "$DATA_DIR" "/var/lib/docker" + # exit function + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# function to run before executing +__pre_execute() { + local exitCode=0 # default exit code + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + + # define commands + + # execute if directories is empty + __is_dir_empty "" && true + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Set permissions + __fix_permissions "$SERVICE_USER" "$SERVICE_GROUP" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Copy /config to /etc + for config_2_etc in $CONF_DIR $ADDITIONAL_CONFIG_DIRS; do + __initialize_system_etc "$config_2_etc" 2>/dev/stderr | tee -p -a "$LOG_DIR/init.txt" + done + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Replace variables + HOSTNAME="$sysname" __initialize_replace_variables "$ETC_DIR" "$CONF_DIR" "$WWW_ROOT_DIR" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # unset unneeded variables + unset filesperms filename config_2_etc change_user change_user ADDITIONAL_CONFIG_DIRS application_files filedirs + # Lets wait a few seconds before continuing + sleep 5 + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# function to run after executing +__post_execute() { + local pid="" # init pid var + local retVal=0 # set default exit code + local waitTime=60 # how long to wait before executing + local postMessageST="Running post commands for $SERVICE_NAME" # message to show at start + local postMessageEnd="Finished post commands for $SERVICE_NAME" # message to show at completion + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + + # wait + sleep $waitTime + # execute commands + ( + # show message + __banner "$postMessageST" + # commands to execute + true + # show exit message + __banner "$postMessageEnd: Status $retVal" + ) 2>"/dev/stderr" | tee -p -a "$LOG_DIR/init.txt" & + pid=$! + # set exitCode + ps ax | awk '{print $1}' | grep -v grep | grep -q "$execPid$" && retVal=0 || retVal=10 + return $retVal +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# use this function to update config files - IE: change port +__pre_message() { + local exitCode=0 + if [ -n "$user_name" ] || [ -n "$user_pass" ] || [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then + __banner "User info" + [ -n "$user_name" ] && __printf_space "40" "username:" "$user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name" + [ -n "$user_pass" ] && __printf_space "40" "password:" "saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" + [ -n "$root_user_name" ] && __printf_space "40" "root username:" "$root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" + [ -n "$root_user_pass" ] && __printf_space "40" "root password:" "saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" + __banner "" + fi + [ -n "$PRE_EXEC_MESSAGE" ] && eval echo "$PRE_EXEC_MESSAGE" + # execute commands + + # set exitCode + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# use this function to setup ssl support +__update_ssl_conf() { + local exitCode=0 + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + # execute commands + + # set exitCode + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__create_service_env() { + cat </dev/null +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# root/admin user info [password/random] +#ENV_ROOT_USER_NAME="${ENV_ROOT_USER_NAME:-$DOCKER_ROOT_USER_NAME}" # root user name +#ENV_ROOT_USER_PASS="${ENV_ROOT_USER_NAME:-$DOCKER_ROOT_PASS_WORD}" # root user password +#root_user_name="${ENV_ROOT_USER_NAME:-$root_user_name}" # +#root_user_pass="${ENV_ROOT_USER_PASS:-$root_user_pass}" # +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +#Normal user info [password/random] +#ENV_USER_NAME="${ENV_USER_NAME:-$DOCKER_USER_NAME}" # +#ENV_USER_PASS="${ENV_USER_PASS:-$DOCKER_USER_PASS_WORD}" # +#user_name="${ENV_USER_NAME:-$user_name}" # normal user name +#user_pass="${ENV_USER_PASS:-$user_pass}" # normal user password + +EOF + __file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" || return 1 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# script to start server +__run_start_script() { + local runExitCode=0 + local workdir="$(eval echo "${WORK_DIR:-}")" # expand variables + local cmd="$(eval echo "${EXEC_CMD_BIN:-}")" # expand variables + local args="$(eval echo "${EXEC_CMD_ARGS:-}")" # expand variables + local name="$(eval echo "${EXEC_CMD_NAME:-}")" # expand variables + local pre="$(eval echo "${EXEC_PRE_SCRIPT:-}")" # expand variables + local extra_env="$(eval echo "${CMD_ENV//,/ }")" # expand variables + local lc_type="$(eval echo "${LANG:-${LC_ALL:-$LC_CTYPE}}")" # expand variables + local home="$(eval echo "${workdir//\/root/\/tmp\/docker}")" # expand variables + local path="$(eval echo "$PATH")" # expand variables + local message="$(eval echo "")" # expand variables + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + [ -f "$CONF_DIR/$SERVICE_NAME.exec_cmd.sh" ] && . "$CONF_DIR/$SERVICE_NAME.exec_cmd.sh" + # + __run_pre_execute_checks 2>/dev/stderr | tee -a -p "/data/logs/entrypoint.log" "$LOG_DIR/init.txt" || return 20 + # + if [ -z "$cmd" ]; then + __post_execute 2>"/dev/stderr" | tee -p -a "$LOG_DIR/init.txt" + retVal=$? + echo "Initializing $SCRIPT_NAME has completed" + exit $retVal + else + # ensure the command exists + if [ ! -x "$cmd" ]; then + echo "$name is not a valid executable" + return 2 + fi + # check and exit if already running + if __proc_check "$name" || __proc_check "$cmd"; then + echo "$name is already running" >&2 + return 0 + else + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # show message if env exists + if [ -n "$cmd" ]; then + [ -n "$SERVICE_USER" ] && echo "Setting up $cmd to run as $SERVICE_USER" || SERVICE_USER="root" + [ -n "$SERVICE_PORT" ] && echo "$name will be running on port $SERVICE_PORT" || SERVICE_PORT="" + fi + if [ -n "$pre" ] && [ -n "$(command -v "$pre" 2>/dev/null)" ]; then + export cmd_exec="$pre $cmd $args" + message="Starting service: $name $args through $pre" + else + export cmd_exec="$cmd $args" + message="Starting service: $name $args" + fi + [ -n "$su_exec" ] && echo "using $su_exec" | tee -a -p "$LOG_DIR/init.txt" + echo "$message" | tee -a -p "$LOG_DIR/init.txt" + su_cmd touch "$SERVICE_PID_FILE" + __post_execute 2>"/dev/stderr" | tee -p -a "$LOG_DIR/init.txt" & + if [ "$RESET_ENV" = "yes" ]; then + env_command="$(echo "env -i HOME=\"$home\" LC_CTYPE=\"$lc_type\" PATH=\"$path\" HOSTNAME=\"$sysname\" USER=\"${SERVICE_USER:-$RUNAS_USER}\" $extra_env")" + execute_command="$(__trim "$su_exec $env_command $cmd_exec")" + if [ ! -f "$START_SCRIPT" ]; then + cat <"$START_SCRIPT" +#!/usr/bin/env bash +trap 'exitCode=\$?;[ \$exitCode -ne 0 ] && [ -f "\$SERVICE_PID_FILE" ] && rm -Rf "\$SERVICE_PID_FILE";exit \$exitCode' EXIT +# +set -Eeo pipefail +# Setting up $cmd to run as ${SERVICE_USER:-root} with env +retVal=10 +cmd="$cmd" +SERVICE_PID_FILE="$SERVICE_PID_FILE" +$execute_command 2>"/dev/stderr" >>"$LOG_DIR/$SERVICE_NAME.log" & +execPid=\$! +sleep 10 +checkPID="\$(ps ax | awk '{print \$1}' | grep -v grep | grep "\$execPid$" || false)" +[ -n "\$execPid" ] && [ -n "\$checkPID" ] && echo "\$execPid" >"\$SERVICE_PID_FILE" && retVal=0 || retVal=10 +[ "\$retVal" = 0 ] && echo "\$cmd has been started" || echo "\$cmd has failed to start - args: $args" >&2 +exit \$retVal + +EOF + fi + else + if [ ! -f "$START_SCRIPT" ]; then + execute_command="$(__trim "$su_exec $cmd_exec")" + cat <"$START_SCRIPT" +#!/usr/bin/env bash +trap 'exitCode=\$?;[ \$exitCode -ne 0 ] && [ -f "\$SERVICE_PID_FILE" ] && rm -Rf "\$SERVICE_PID_FILE";exit \$exitCode' EXIT +# +set -Eeo pipefail +# Setting up $cmd to run as ${SERVICE_USER:-root} +retVal=10 +cmd="$cmd" +SERVICE_PID_FILE="$SERVICE_PID_FILE" +$execute_command 2>>"/dev/stderr" >>"$LOG_DIR/$SERVICE_NAME.log" & +execPid=\$! +sleep 10 +checkPID="\$(ps ax | awk '{print \$1}' | grep -v grep | grep "\$execPid$" || false)" +[ -n "\$execPid" ] && [ -n "\$checkPID" ] && echo "\$execPid" >"\$SERVICE_PID_FILE" && retVal=0 || retVal=10 +[ "\$retVal" = 0 ] && echo "\$cmd has been started" || echo "\$cmd has failed to start - args: $args" >&2 +exit \$retVal + +EOF + fi + fi + fi + [ -x "$START_SCRIPT" ] || chmod 755 -Rf "$START_SCRIPT" + [ "$CONTAINER_INIT" = "yes" ] || eval sh -c "$START_SCRIPT" + runExitCode=$? + return $runExitCode + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# username and password actions +__run_secure_function() { + if [ -n "$user_name" ] || [ -n "$user_pass" ]; then + for filesperms in "${USER_FILE_PREFIX}"/*; do + if [ -e "$filesperms" ]; then + chmod -Rf 600 "$filesperms" + chown -Rf $SERVICE_USER:$SERVICE_USER "$filesperms" 2>/dev/null + fi + done 2>/dev/null | tee -p -a "$LOG_DIR/init.txt" + fi + if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then + for filesperms in "${ROOT_FILE_PREFIX}"/*; do + if [ -e "$filesperms" ]; then + chmod -Rf 600 "$filesperms" + chown -Rf $SERVICE_USER:$SERVICE_USER "$filesperms" 2>/dev/null + fi + done 2>/dev/null | tee -p -a "$LOG_DIR/init.txt" + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow ENV_ variable - Import env file +__file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +SERVICE_EXIT_CODE=0 # default exit code +# application specific +EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name +SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location +SERVICE_PID_NUMBER="$(__pgrep)" # check if running +EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path +EXEC_PRE_SCRIPT="$(type -P "$EXEC_PRE_SCRIPT" || echo "$EXEC_PRE_SCRIPT")" # set full path +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Only run check +__check_service "$1" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create auth directories +[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; } +[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ "$IS_WEB_SERVER" = "yes" ] && RESET_ENV="yes" +[ -n "$RUNAS_USER" ] || RUNAS_USER="root" +[ -n "$SERVICE_USER" ] || SERVICE_USER="${RUNAS_USER:-root}" +[ -n "$SERVICE_GROUP" ] || SERVICE_GROUP="${RUNAS_USER:-root}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Database env +if [ "$IS_DATABASE_SERVICE" = "yes" ] || [ "$USES_DATABASE_SERVICE" = "yes" ]; then + RESET_ENV="no" + DATABASE_CREATE="${ENV_DATABASE_CREATE:-$DATABASE_CREATE}" + DATABASE_USER="${ENV_DATABASE_USER:-${DATABASE_USER:-$user_name}}" + DATABASE_PASSWORD="${ENV_DATABASE_PASSWORD:-${DATABASE_PASSWORD:-$user_pass}}" + DATABASE_ROOT_USER="${ENV_DATABASE_ROOT_USER:-${DATABASE_ROOT_USER:-$root_user_name}}" + DATABASE_ROOT_PASSWORD="${ENV_DATABASE_ROOT_PASSWORD:-${DATABASE_ROOT_PASSWORD:-$root_user_pass}}" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow per init script usernames and passwords +__file_exists_with_content "$ETC_DIR/auth/user/name" && user_name="$(<"$ETC_DIR/auth/user/name")" +__file_exists_with_content "$ETC_DIR/auth/user/pass" && user_pass="$(<"$ETC_DIR/auth/user/pass")" +__file_exists_with_content "$ETC_DIR/auth/root/name" && root_user_name="$(<"$ETC_DIR/auth/root/name")" +__file_exists_with_content "$ETC_DIR/auth/root/pass" && root_user_pass="$(<"$ETC_DIR/auth/root/pass")" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set password to random if variable is random +[ "$user_pass" = "random" ] && user_pass="$(__random_password)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ "$root_user_pass" = "random" ] && root_user_pass="$(__random_password)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow setting initial users and passwords via environment +user_name="$(eval echo "${ENV_USER_NAME:-$user_name}")" +user_pass="$(eval echo "${ENV_USER_PASS:-$user_pass}")" +root_user_name="$(eval echo "${ENV_ROOT_USER_NAME:-$root_user_name}")" +root_user_pass="$(eval echo "${ENV_ROOT_USER_PASS:-$root_user_pass}")" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow variables via imports - Overwrite existing +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# ensure needed directories exists +[ -d "$LOG_DIR" ] || mkdir -p "$LOG_DIR" +[ -d "$RUN_DIR" ] || mkdir -p "$RUN_DIR" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# pre-run function +__execute_prerun +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create user if needed +__create_service_user "$SERVICE_USER" "$SERVICE_GROUP" "${WORK_DIR:-/home/$SERVICE_USER}" "${SERVICE_UID:-}" "${SERVICE_GID:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Modify user if needed +__set_user_group_id $SERVICE_USER ${SERVICE_UID:-} ${SERVICE_GID:-} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Create base directories +__setup_directories +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set switch user command +__switch_to_user +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Initialize the home/working dir +__init_working_dir +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# show init message +__pre_message +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# +__initialize_db_users +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Initialize ssl +__update_ssl_conf +__update_ssl_certs +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Updating config files +__create_service_env +__update_conf_files +__initialize_database +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__run_secure_function +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# run the pre execute commands +__pre_execute +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__run_start_script 2>>/dev/stderr | tee -p -a "/data/logs/entrypoint.log" && errorCode=0 || errorCode=10 +if [ -n "$EXEC_CMD_BIN" ]; then + if [ "$errorCode" -ne 0 ]; then + echo "Failed to execute: ${cmd_exec:-$EXEC_CMD_BIN $EXEC_CMD_ARGS}" | tee -p -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt" + rm -Rf "$SERVICE_PID_FILE" + SERVICE_EXIT_CODE=10 + SERVICE_IS_RUNNING="no" + else + SERVICE_EXIT_CODE=0 + SERVICE_IS_RUNNING="no" + fi + SERVICE_EXIT_CODE=0 +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__banner "Initializing of $SERVICE_NAME has completed with statusCode: $SERVICE_EXIT_CODE" | tee -p -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit $SERVICE_EXIT_CODE diff --git a/rootfs/usr/local/etc/docker/init.d/08-gitea.sh b/rootfs/usr/local/etc/docker/init.d/08-gitea.sh new file mode 100755 index 0000000..0591ab7 --- /dev/null +++ b/rootfs/usr/local/etc/docker/init.d/08-gitea.sh @@ -0,0 +1,627 @@ +#!/usr/bin/env bash +# shellcheck shell=bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202408091656-git +# @@Author : Jason Hempstead +# @@Contact : jason@casjaysdev.pro +# @@License : WTFPL +# @@ReadME : 08-gitea.sh --help +# @@Copyright : Copyright: (c) 2024 Jason Hempstead, Casjays Developments +# @@Created : Friday, Aug 09, 2024 16:56 EDT +# @@File : 08-gitea.sh +# @@Description : +# @@Changelog : New script +# @@TODO : Better documentation +# @@Other : +# @@Resource : +# @@Terminal App : no +# @@sudo/root : no +# @@Template : other/start-service +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# run trap command on exit +trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "yes" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# setup debugging - https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html +[ -f "/config/.debug" ] && [ -z "$DEBUGGER_OPTIONS" ] && export DEBUGGER_OPTIONS="$(<"/config/.debug")" || DEBUGGER_OPTIONS="${DEBUGGER_OPTIONS:-}" +{ [ "$DEBUGGER" = "on" ] || [ -f "/config/.debug" ]; } && echo "Enabling debugging" && set -xo pipefail -x$DEBUGGER_OPTIONS && export DEBUGGER="on" || set -o pipefail +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +SCRIPT_FILE="$0" +SERVICE_NAME="gitea" +SCRIPT_NAME="$(basename "$SCRIPT_FILE" 2>/dev/null)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# exit if __start_init_scripts function hasn't been Initialized +if [ ! -f "/run/__start_init_scripts.pid" ]; then + echo "__start_init_scripts function hasn't been Initialized" >&2 + SERVICE_IS_RUNNING="no" + exit 1 +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import the functions file +if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then + . "/usr/local/etc/docker/functions/entrypoint.sh" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import variables +for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do + [ -f "$set_env" ] && . "$set_env" +done +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +printf '%s\n' "# - - - Initializing $SERVICE_NAME - - - #" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Custom functions + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Script to execute +START_SCRIPT="/usr/local/etc/docker/exec/$SERVICE_NAME" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Reset environment before executing service +RESET_ENV="no" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the database root dir +DATABASE_BASE_DIR="${DATABASE_BASE_DIR:-/data/db}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set the database directory +DATABASE_DIR="${DATABASE_DIR_GITEA:-$DATABASE_BASE_DIR/sqlite}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set webroot +WWW_ROOT_DIR="/usr/local/share/httpd/default" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Default predefined variables +DATA_DIR="/data/gitea" # set data directory +CONF_DIR="/config/gitea" # set config directory +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set the containers etc directory +ETC_DIR="/etc/gitea" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set the var dir +VAR_DIR="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +TMP_DIR="/tmp/gitea" # set the temp dir +RUN_DIR="/run/gitea" # set scripts pid dir +LOG_DIR="/data/logs/gitea" # set log directory +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the working dir +WORK_DIR="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# port which service is listening on +SERVICE_PORT="80" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# User to use to launch service - IE: postgres +RUNAS_USER="git" # normally root +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# User and group in which the service switches to - IE: nginx,apache,mysql,postgres +SERVICE_USER="git" # execute command as another user +SERVICE_GROUP="git" # Set the service group +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set user and group ID +#SERVICE_UID="0" # set the user id +#SERVICE_GID="0" # set the group id +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# execute command variables - keep single quotes variables will be expanded later +EXEC_CMD_BIN='gitea' # command to execute +EXEC_CMD_ARGS='web ' # command arguments +EXEC_CMD_ARGS+='--port $SERVICE_PORT --config $ETC_DIR/app.ini ' # command arguments +EXEC_CMD_ARGS+='--custom-path $CONF_DIR/custom --work-path $DATA_DIR ' # command arguments +EXEC_PRE_SCRIPT='' # execute script before +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Is this service a web server +IS_WEB_SERVER="no" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Is this service a database server +IS_DATABASE_SERVICE="no" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Does this service use a database server +USES_DATABASE_SERVICE="yes" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Show message before execute +PRE_EXEC_MESSAGE="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Update path var +PATH="$PATH:." +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Where to save passwords to +ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user +USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# root/admin user info password/random] +root_user_name="${GITEA_ROOT_USER_NAME:-}" # root user name +root_user_pass="${GITEA_ROOT_PASS_WORD:-}" # root user password +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Normal user info [password/random] +user_name="${GITEA_USER_NAME:-}" # normal user name +user_pass="${GITEA_USER_PASS_WORD:-}" # normal user password +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Load variables from config +[ -f "/config/env/gitea.script.sh" ] && . "/config/env/gitea.script.sh" # Generated by my dockermgr script +[ -f "/config/env/gitea.sh" ] && . "/config/env/gitea.sh" # Overwrite the variabes +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional predefined variables + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional variables +DATABASE_BASE_DIR="${DATABASE_DIR_SQLITE:-$DATABASE_BASE_DIR}" +GITEA_SQL_NAME="${GITEA_SQL_NAME:-}" +GITEA_SQL_HOST="${GITEA_SQL_HOST:-localhost}" +GITEA_WORK_DIR="${GITEA_WORK_DIR:-$WORK_DIR}" +TZ="${GITEA_TZ:-${TZ:-America/New_York}}" +SERVICE_PROTOCOL="${GITEA_PROTO:-$SERVICE_PROTOCOL}" +EMAIL_RELAY="${GITEA_EMAIL_RELAY:-${EMAIL_RELAY:-localhost}}" +SERVER_SITE_TITLE="${GITEA_NAME:-${SERVER_SITE_TITLE:-SelfHosted GIT Server}}" +SERVER_ADMIN="${GITEA_ADMIN:-${SERVER_ADMIN:-gitea@${DOMAINNAME:-$GITEA_HOSTNAME}}}" +GITEA_SERVER="${ENV_GITEA_SERVER:-$GITEA_SERVER}" +GITEA_EMAIL_CONFIRM="${GITEA_EMAIL_CONFIRM:-false}" +GITEA_SQL_DB_HOST="${GITEA_SQL_DB_HOST:-localhost}" +GITEA_SQL_USER="${ENV_GITEA_SQL_USER:-$GITEA_SQL_USER}" +GITEA_SQL_PASS="${ENV_GITEA_SQL_PASS:-$GITEA_SQL_PASS}" +GITEA_SQL_TYPE="${ENV_GITEA_SQL_TYPE:-${GITEA_SQL_TYPE:-sqlite3}}" +HOSTNAME="${GITEA_SERVER:-${GITEA_HOSTNAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}}" +GITEA_SECRET_KEY="${GITEA_SECRET_KEY:-$(__random_password 32)}" +GITEA_LFS_JWT_SECRET="${GITEA_LFS_JWT_SECRET:-$($EXEC_CMD_BIN generate secret LFS_JWT_SECRET)}" +GITEA_INTERNAL_TOKEN="${GITEA_INTERNAL_TOKEN:-$($EXEC_CMD_BIN generate secret INTERNAL_TOKEN)}" +GITEA_RANDOM_COOKIE_KEY="${GITEA_RANDOM_COOKIE_KEY:-$(__random_password 16)}" +[ "$GITEA_EMAIL_CONFIRM" = "yes" ] && GITEA_EMAIL_CONFIRM="true" +export CUSTOM_PATH="$ETC_DIR" WORK_DIR="${GITEA_WORK_DIR:-$DATA_DIR}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Specifiy custom directories to be created +ADD_APPLICATION_FILES="" +ADD_APPLICATION_DIRS="/config/ssh" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +APPLICATION_FILES="$LOG_DIR/$SERVICE_NAME.log" +APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR $TMP_DIR" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional config dirs - will be Copied to /etc/$name +ADDITIONAL_CONFIG_DIRS="/config/ssh" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# define variables that need to be loaded into the service - escape quotes - var=\"value\",other=\"test\" +CMD_ENV="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Overwrite based on file/directory + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Per Application Variables or imports + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Custom prerun functions - IE setup WWW_ROOT_DIR +__execute_prerun() { + # Setup /config directories + __init_config_etc + + # Define other actions/commands + +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Run any pre-execution checks +__run_pre_execute_checks() { + # Set variables + local exitStatus=0 + local pre_execute_checks_MessageST="Running preexecute check for $SERVICE_NAME" # message to show at start + local pre_execute_checks_MessageEnd="Finished preexecute check for $SERVICE_NAME" # message to show at completion + __banner "$pre_execute_checks_MessageST" + # Put command to execute in parentheses + { + true + } + exitStatus=$? + __banner "$pre_execute_checks_MessageEnd: Status $exitStatus" + + # show exit message + if [ $exitStatus -ne 0 ]; then + echo "The pre-execution check has failed" >&2 + [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE" + exit 1 + fi + return $exitStatus +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# use this function to update config files - IE: change port +__update_conf_files() { + local exitCode=0 # default exit code + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # CD into temp to bybass any permission errors + cd /tmp || false # lets keep shellcheck happy by adding false + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # delete files + #__rm "" + + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # custom commands + __is_dir_empty "/config/ssh" && COPY_SSHD_CONF="yes" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # replace variables + __replace "REPLACE_SSH_CONF_DIR" "/config/ssh" "/etc/ssh/sshd_config" + __replace "REPLACE_SSH_DATA_DIR" "$DATA_DIR/ssh" "/etc/ssh/sshd_config" + __replace "REPLACE_RANDOM_COOKIE_KEY" "$GITEA_RANDOM_COOKIE_KEY" "$CONF_DIR/app.ini" + # replace variables recursively + # __find_replace "" "" "$CONF_DIR" + + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # define actions + [ -d " /config/ssh" ] || mkdir -p "/config/ssh" + [ -d "$DATA_DIR/ssh" ] || mkdir -p "$DATA_DIR/ssh" + [ "$COPY_SSHD_CONF" = "yes" ] && copy "/etc/ssh/sshd_config" "/config/ssh/" + if [ ! -f "/config/ssh/ssh_host_ed25519_key" ]; then + echo "Generating /config/ssh/ssh_host_ed25519_key..." + ssh-keygen -t ed25519 -f /config/ssh/ssh_host_ed25519_key -N "" >/dev/null && __symlink "/config/ssh/ssh_host_ed25519_key" "$DATA_DIR/ssh/ssh_host_ed25519_key" + fi + if [ ! -f "/config/ssh/ssh_host_rsa_key" ]; then + echo "Generating /config/ssh/ssh_host_rsa_key..." + ssh-keygen -t rsa -b 3072 -f /config/ssh/ssh_host_rsa_key -N "" >/dev/null && __symlink "/config/ssh/ssh_host_rsa_key" "$DATA_DIR/ssh/ssh_host_rsa_key" + fi + if [ ! -f "/config/ssh/ssh_host_ecdsa_key" ]; then + echo "Generating /config/ssh/ssh_host_ecdsa_key..." + ssh-keygen -t ecdsa -b 256 -f /config/ssh/ssh_host_ecdsa_key -N "" >/dev/null && __symlink "/config/ssh/ssh_host_ecdsa_key" "$DATA_DIR/ssh/ssh_host_ecdsa_key" + fi + chmod 0700 "$DATA_DIR/ssh" /config/ssh + chmod 0600 "$DATA_DIR/ssh"/* /config/ssh/* + [ -d "$DATA_DIR/ssh" ] || mkdir -p "$DATA_DIR/ssh" + [ -d "$CONF_DIR/custom" ] || mkdir -p "$CONF_DIR/custom" + if [ -n "$CONF_DIR" ] && [ -f "$CONF_DIR/app.ini" ]; then + sed -i "s|REPLACE_SQL_NAME|$GITEA_SQL_NAME|g" "$CONF_DIR/app.ini" + sed -i "s|REPLACE_SQL_USER|$GITEA_SQL_USER|g" "$CONF_DIR/app.ini" + sed -i "s|REPLACE_SQL_PASS|$GITEA_SQL_PASS|g" "$CONF_DIR/app.ini" + sed -i "s|REPLACE_SQL_TYPE|${GITEA_SQL_TYPE}|g" "$CONF_DIR/app.ini" + sed -i "s|REPLACE_SQL_HOST|$GITEA_SQL_DB_HOST|g" "$CONF_DIR/app.ini" + sed -i "s|REPLACE_DATABASE_DIR|$DATABASE_DIR|g" "$CONF_DIR/app.ini" + sed -i "s|REPLACE_SECRET_KEY|$GITEA_SECRET_KEY|g" "$CONF_DIR/app.ini" + sed -i "s|REPLACE_GITEA_EMAIL_CONFIRM|$GITEA_EMAIL_CONFIRM|g" "$CONF_DIR/app.ini" + sed -i "s|REPLACE_GITEA_INTERNAL_TOKEN|$GITEA_INTERNAL_TOKEN|g" "$CONF_DIR/app.ini" + sed -i "s|REPLACE_GITEA_LFS_JWT_SECRET|$GITEA_LFS_JWT_SECRET|g" "$CONF_DIR/app.ini" + fi + if [ -n "$DATA_DIR" ] && [ -d "$DATA_DIR" ]; then + find "$DATA_DIR" -type d -exec chmod 0777 {} \; + chown -Rf $SERVICE_USER:$SERVICE_GROUP "$DATA_DIR" 2>/dev/null + fi + [ -f "$DATABASE_DIR/gitea.db" ] && chown -Rf $SERVICE_USER:$SERVICE_GROUP "$DATABASE_DIR/gitea.db" 2>/dev/null + # exit function + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# function to run before executing +__pre_execute() { + local exitCode=0 # default exit code + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + + # define commands + + # execute if directories is empty + __is_dir_empty "" && true + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Set permissions + __fix_permissions "$SERVICE_USER" "$SERVICE_GROUP" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Copy /config to /etc + for config_2_etc in $CONF_DIR $ADDITIONAL_CONFIG_DIRS; do + __initialize_system_etc "$config_2_etc" 2>/dev/stderr | tee -p -a "$LOG_DIR/init.txt" + done + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Replace variables + HOSTNAME="$sysname" __initialize_replace_variables "$ETC_DIR" "$CONF_DIR" "$WWW_ROOT_DIR" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # unset unneeded variables + unset filesperms filename config_2_etc change_user change_user ADDITIONAL_CONFIG_DIRS application_files filedirs + # Lets wait a few seconds before continuing + sleep 5 + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# function to run after executing +__post_execute() { + local pid="" # init pid var + local retVal=0 # set default exit code + local waitTime=60 # how long to wait before executing + local postMessageST="Running post commands for $SERVICE_NAME" # message to show at start + local postMessageEnd="Finished post commands for $SERVICE_NAME" # message to show at completion + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + + # wait + sleep $waitTime + # execute commands + ( + # show message + __banner "$postMessageST" + # commands to execute + true + # show exit message + __banner "$postMessageEnd: Status $retVal" + ) 2>"/dev/stderr" | tee -p -a "$LOG_DIR/init.txt" & + pid=$! + # set exitCode + ps ax | awk '{print $1}' | grep -v grep | grep -q "$execPid$" && retVal=0 || retVal=10 + return $retVal +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# use this function to update config files - IE: change port +__pre_message() { + local exitCode=0 + if [ -n "$user_name" ] || [ -n "$user_pass" ] || [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then + __banner "User info" + [ -n "$user_name" ] && __printf_space "40" "username:" "$user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name" + [ -n "$user_pass" ] && __printf_space "40" "password:" "saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" + [ -n "$root_user_name" ] && __printf_space "40" "root username:" "$root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" + [ -n "$root_user_pass" ] && __printf_space "40" "root password:" "saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" + __banner "" + fi + [ -n "$PRE_EXEC_MESSAGE" ] && eval echo "$PRE_EXEC_MESSAGE" + # execute commands + + # set exitCode + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# use this function to setup ssl support +__update_ssl_conf() { + local exitCode=0 + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + # execute commands + + # set exitCode + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__create_service_env() { + cat </dev/null +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# root/admin user info [password/random] +#ENV_ROOT_USER_NAME="${ENV_ROOT_USER_NAME:-$GITEA_ROOT_USER_NAME}" # root user name +#ENV_ROOT_USER_PASS="${ENV_ROOT_USER_NAME:-$GITEA_ROOT_PASS_WORD}" # root user password +#root_user_name="${ENV_ROOT_USER_NAME:-$root_user_name}" # +#root_user_pass="${ENV_ROOT_USER_PASS:-$root_user_pass}" # +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +#Normal user info [password/random] +#ENV_USER_NAME="${ENV_USER_NAME:-$GITEA_USER_NAME}" # +#ENV_USER_PASS="${ENV_USER_PASS:-$GITEA_USER_PASS_WORD}" # +#user_name="${ENV_USER_NAME:-$user_name}" # normal user name +#user_pass="${ENV_USER_PASS:-$user_pass}" # normal user password + +EOF + __file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" || return 1 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# script to start server +__run_start_script() { + local runExitCode=0 + local workdir="$(eval echo "${WORK_DIR:-}")" # expand variables + local cmd="$(eval echo "${EXEC_CMD_BIN:-}")" # expand variables + local args="$(eval echo "${EXEC_CMD_ARGS:-}")" # expand variables + local name="$(eval echo "${EXEC_CMD_NAME:-}")" # expand variables + local pre="$(eval echo "${EXEC_PRE_SCRIPT:-}")" # expand variables + local extra_env="$(eval echo "${CMD_ENV//,/ }")" # expand variables + local lc_type="$(eval echo "${LANG:-${LC_ALL:-$LC_CTYPE}}")" # expand variables + local home="$(eval echo "${workdir//\/root/\/tmp\/docker}")" # expand variables + local path="$(eval echo "$PATH")" # expand variables + local message="$(eval echo "")" # expand variables + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + [ -f "$CONF_DIR/$SERVICE_NAME.exec_cmd.sh" ] && . "$CONF_DIR/$SERVICE_NAME.exec_cmd.sh" + # + __run_pre_execute_checks 2>/dev/stderr | tee -a -p "/data/logs/entrypoint.log" "$LOG_DIR/init.txt" || return 20 + # + if [ -z "$cmd" ]; then + __post_execute 2>"/dev/stderr" | tee -p -a "$LOG_DIR/init.txt" + retVal=$? + echo "Initializing $SCRIPT_NAME has completed" + exit $retVal + else + # ensure the command exists + if [ ! -x "$cmd" ]; then + echo "$name is not a valid executable" + return 2 + fi + # check and exit if already running + if __proc_check "$name" || __proc_check "$cmd"; then + echo "$name is already running" >&2 + return 0 + else + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # show message if env exists + if [ -n "$cmd" ]; then + [ -n "$SERVICE_USER" ] && echo "Setting up $cmd to run as $SERVICE_USER" || SERVICE_USER="root" + [ -n "$SERVICE_PORT" ] && echo "$name will be running on port $SERVICE_PORT" || SERVICE_PORT="" + fi + if [ -n "$pre" ] && [ -n "$(command -v "$pre" 2>/dev/null)" ]; then + export cmd_exec="$pre $cmd $args" + message="Starting service: $name $args through $pre" + else + export cmd_exec="$cmd $args" + message="Starting service: $name $args" + fi + [ -n "$su_exec" ] && echo "using $su_exec" | tee -a -p "$LOG_DIR/init.txt" + echo "$message" | tee -a -p "$LOG_DIR/init.txt" + su_cmd touch "$SERVICE_PID_FILE" + __post_execute 2>"/dev/stderr" | tee -p -a "$LOG_DIR/init.txt" & + if [ "$RESET_ENV" = "yes" ]; then + env_command="$(echo "env -i HOME=\"$home\" LC_CTYPE=\"$lc_type\" PATH=\"$path\" HOSTNAME=\"$sysname\" USER=\"${SERVICE_USER:-$RUNAS_USER}\" $extra_env")" + execute_command="$(__trim "$su_exec $env_command $cmd_exec")" + if [ ! -f "$START_SCRIPT" ]; then + cat <"$START_SCRIPT" +#!/usr/bin/env bash +trap 'exitCode=\$?;[ \$exitCode -ne 0 ] && [ -f "\$SERVICE_PID_FILE" ] && rm -Rf "\$SERVICE_PID_FILE";exit \$exitCode' EXIT +# +set -Eeo pipefail +# Setting up $cmd to run as ${SERVICE_USER:-root} with env +retVal=10 +cmd="$cmd" +SERVICE_PID_FILE="$SERVICE_PID_FILE" +$execute_command 2>"/dev/stderr" >>"$LOG_DIR/$SERVICE_NAME.log" & +execPid=\$! +sleep 10 +checkPID="\$(ps ax | awk '{print \$1}' | grep -v grep | grep "\$execPid$" || false)" +[ -n "\$execPid" ] && [ -n "\$checkPID" ] && echo "\$execPid" >"\$SERVICE_PID_FILE" && retVal=0 || retVal=10 +[ "\$retVal" = 0 ] && echo "\$cmd has been started" || echo "\$cmd has failed to start - args: $args" >&2 +exit \$retVal + +EOF + fi + else + if [ ! -f "$START_SCRIPT" ]; then + execute_command="$(__trim "$su_exec $cmd_exec")" + cat <"$START_SCRIPT" +#!/usr/bin/env bash +trap 'exitCode=\$?;[ \$exitCode -ne 0 ] && [ -f "\$SERVICE_PID_FILE" ] && rm -Rf "\$SERVICE_PID_FILE";exit \$exitCode' EXIT +# +set -Eeo pipefail +# Setting up $cmd to run as ${SERVICE_USER:-root} +retVal=10 +cmd="$cmd" +SERVICE_PID_FILE="$SERVICE_PID_FILE" +$execute_command 2>>"/dev/stderr" >>"$LOG_DIR/$SERVICE_NAME.log" & +execPid=\$! +sleep 10 +checkPID="\$(ps ax | awk '{print \$1}' | grep -v grep | grep "\$execPid$" || false)" +[ -n "\$execPid" ] && [ -n "\$checkPID" ] && echo "\$execPid" >"\$SERVICE_PID_FILE" && retVal=0 || retVal=10 +[ "\$retVal" = 0 ] && echo "\$cmd has been started" || echo "\$cmd has failed to start - args: $args" >&2 +exit \$retVal + +EOF + fi + fi + fi + [ -x "$START_SCRIPT" ] || chmod 755 -Rf "$START_SCRIPT" + [ "$CONTAINER_INIT" = "yes" ] || eval sh -c "$START_SCRIPT" + runExitCode=$? + return $runExitCode + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# username and password actions +__run_secure_function() { + if [ -n "$user_name" ] || [ -n "$user_pass" ]; then + for filesperms in "${USER_FILE_PREFIX}"/*; do + if [ -e "$filesperms" ]; then + chmod -Rf 600 "$filesperms" + chown -Rf $SERVICE_USER:$SERVICE_USER "$filesperms" 2>/dev/null + fi + done 2>/dev/null | tee -p -a "$LOG_DIR/init.txt" + fi + if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then + for filesperms in "${ROOT_FILE_PREFIX}"/*; do + if [ -e "$filesperms" ]; then + chmod -Rf 600 "$filesperms" + chown -Rf $SERVICE_USER:$SERVICE_USER "$filesperms" 2>/dev/null + fi + done 2>/dev/null | tee -p -a "$LOG_DIR/init.txt" + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow ENV_ variable - Import env file +__file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +SERVICE_EXIT_CODE=0 # default exit code +# application specific +EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name +SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location +SERVICE_PID_NUMBER="$(__pgrep)" # check if running +EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path +EXEC_PRE_SCRIPT="$(type -P "$EXEC_PRE_SCRIPT" || echo "$EXEC_PRE_SCRIPT")" # set full path +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Only run check +__check_service "$1" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create auth directories +[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; } +[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ "$IS_WEB_SERVER" = "yes" ] && RESET_ENV="yes" +[ -n "$RUNAS_USER" ] || RUNAS_USER="root" +[ -n "$SERVICE_USER" ] || SERVICE_USER="${RUNAS_USER:-root}" +[ -n "$SERVICE_GROUP" ] || SERVICE_GROUP="${RUNAS_USER:-root}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Database env +if [ "$IS_DATABASE_SERVICE" = "yes" ] || [ "$USES_DATABASE_SERVICE" = "yes" ]; then + RESET_ENV="no" + DATABASE_CREATE="${ENV_DATABASE_CREATE:-$DATABASE_CREATE}" + DATABASE_USER="${ENV_DATABASE_USER:-${DATABASE_USER:-$user_name}}" + DATABASE_PASSWORD="${ENV_DATABASE_PASSWORD:-${DATABASE_PASSWORD:-$user_pass}}" + DATABASE_ROOT_USER="${ENV_DATABASE_ROOT_USER:-${DATABASE_ROOT_USER:-$root_user_name}}" + DATABASE_ROOT_PASSWORD="${ENV_DATABASE_ROOT_PASSWORD:-${DATABASE_ROOT_PASSWORD:-$root_user_pass}}" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow per init script usernames and passwords +__file_exists_with_content "$ETC_DIR/auth/user/name" && user_name="$(<"$ETC_DIR/auth/user/name")" +__file_exists_with_content "$ETC_DIR/auth/user/pass" && user_pass="$(<"$ETC_DIR/auth/user/pass")" +__file_exists_with_content "$ETC_DIR/auth/root/name" && root_user_name="$(<"$ETC_DIR/auth/root/name")" +__file_exists_with_content "$ETC_DIR/auth/root/pass" && root_user_pass="$(<"$ETC_DIR/auth/root/pass")" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set password to random if variable is random +[ "$user_pass" = "random" ] && user_pass="$(__random_password)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ "$root_user_pass" = "random" ] && root_user_pass="$(__random_password)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow setting initial users and passwords via environment +user_name="$(eval echo "${ENV_USER_NAME:-$user_name}")" +user_pass="$(eval echo "${ENV_USER_PASS:-$user_pass}")" +root_user_name="$(eval echo "${ENV_ROOT_USER_NAME:-$root_user_name}")" +root_user_pass="$(eval echo "${ENV_ROOT_USER_PASS:-$root_user_pass}")" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow variables via imports - Overwrite existing +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# ensure needed directories exists +[ -d "$LOG_DIR" ] || mkdir -p "$LOG_DIR" +[ -d "$RUN_DIR" ] || mkdir -p "$RUN_DIR" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# pre-run function +__execute_prerun +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create user if needed +__create_service_user "$SERVICE_USER" "$SERVICE_GROUP" "${WORK_DIR:-/home/$SERVICE_USER}" "${SERVICE_UID:-}" "${SERVICE_GID:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Modify user if needed +__set_user_group_id $SERVICE_USER ${SERVICE_UID:-} ${SERVICE_GID:-} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Create base directories +__setup_directories +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set switch user command +__switch_to_user +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Initialize the home/working dir +__init_working_dir +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# show init message +__pre_message +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# +__initialize_db_users +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Initialize ssl +__update_ssl_conf +__update_ssl_certs +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Updating config files +__create_service_env +__update_conf_files +__initialize_database +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__run_secure_function +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# run the pre execute commands +__pre_execute +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__run_start_script 2>>/dev/stderr | tee -p -a "/data/logs/entrypoint.log" && errorCode=0 || errorCode=10 +if [ -n "$EXEC_CMD_BIN" ]; then + if [ "$errorCode" -ne 0 ]; then + echo "Failed to execute: ${cmd_exec:-$EXEC_CMD_BIN $EXEC_CMD_ARGS}" | tee -p -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt" + rm -Rf "$SERVICE_PID_FILE" + SERVICE_EXIT_CODE=10 + SERVICE_IS_RUNNING="no" + else + SERVICE_EXIT_CODE=0 + SERVICE_IS_RUNNING="no" + fi + SERVICE_EXIT_CODE=0 +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__banner "Initializing of $SERVICE_NAME has completed with statusCode: $SERVICE_EXIT_CODE" | tee -p -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit $SERVICE_EXIT_CODE diff --git a/rootfs/usr/local/etc/docker/init.d/zz-act_runner.sh b/rootfs/usr/local/etc/docker/init.d/zz-act_runner.sh new file mode 100755 index 0000000..dbc5b5f --- /dev/null +++ b/rootfs/usr/local/etc/docker/init.d/zz-act_runner.sh @@ -0,0 +1,701 @@ +#!/usr/bin/env bash +# shellcheck shell=bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202408091659-git +# @@Author : Jason Hempstead +# @@Contact : jason@casjaysdev.pro +# @@License : WTFPL +# @@ReadME : zz-act_runner.sh --help +# @@Copyright : Copyright: (c) 2024 Jason Hempstead, Casjays Developments +# @@Created : Friday, Aug 09, 2024 16:59 EDT +# @@File : zz-act_runner.sh +# @@Description : +# @@Changelog : New script +# @@TODO : Better documentation +# @@Other : +# @@Resource : +# @@Terminal App : no +# @@sudo/root : no +# @@Template : other/start-service +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# run trap command on exit +trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "yes" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# setup debugging - https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html +[ -f "/config/.debug" ] && [ -z "$DEBUGGER_OPTIONS" ] && export DEBUGGER_OPTIONS="$(<"/config/.debug")" || DEBUGGER_OPTIONS="${DEBUGGER_OPTIONS:-}" +{ [ "$DEBUGGER" = "on" ] || [ -f "/config/.debug" ]; } && echo "Enabling debugging" && set -xo pipefail -x$DEBUGGER_OPTIONS && export DEBUGGER="on" || set -o pipefail +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +SCRIPT_FILE="$0" +SERVICE_NAME="act_runner" +SCRIPT_NAME="$(basename "$SCRIPT_FILE" 2>/dev/null)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# exit if __start_init_scripts function hasn't been Initialized +if [ ! -f "/run/__start_init_scripts.pid" ]; then + echo "__start_init_scripts function hasn't been Initialized" >&2 + SERVICE_IS_RUNNING="no" + exit 1 +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import the functions file +if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then + . "/usr/local/etc/docker/functions/entrypoint.sh" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import variables +for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do + [ -f "$set_env" ] && . "$set_env" +done +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +printf '%s\n' "# - - - Initializing $SERVICE_NAME - - - #" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Custom functions +__gen_auth_token() { + local user conf_file auth_token token_dir gitea_bin exitCode + exitCode=1 + user="${GITEA_USER:-git}" + token_dir="$CONF_DIR/tokens" + gitea_bin="$(command -v gitea)" + mkdir -p "$token_dir" >/dev/null 2>&1 + conf_file="$(find "/config" "/etc" -type f -name '*.ini' 2>/dev/null | grep -E 'git/app.ini|gitea/app.ini|gitea.ini' | head -n1 | grep '^')" + if [ -n "$SYS_AUTH_TOKEN" ]; then + auth_token="$SYS_AUTH_TOKEN" + elif [ -s "$CONF_DIR/tokens/system" ]; then + auth_token="$(<"$CONF_DIR/tokens/system")" + fi + auth_token="$(echo "$auth_token" | grep -vE '# |^$')" + auth_token="${auth_token:-$(gosu $user $gitea_bin --config "$conf_file" actions generate-runner-token 2>/dev/null | grep -vE '\.\.\.|# |^$')}" + if [ -n "$auth_token" ]; then + exitCode=0 + echo "$auth_token" + echo "$auth_token" >"$CONF_DIR/tokens/system" + fi + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Script to execute +START_SCRIPT="/usr/local/etc/docker/exec/$SERVICE_NAME" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Reset environment before executing service +RESET_ENV="no" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the database root dir +DATABASE_BASE_DIR="${DATABASE_BASE_DIR:-/data/db}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set the database directory +DATABASE_DIR="${DATABASE_DIR_ACT_RUNNER:-$DATABASE_BASE_DIR/sqlite}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set webroot +WWW_ROOT_DIR="/usr/local/share/httpd/default" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Default predefined variables +DATA_DIR="/data/act_runner" # set data directory +CONF_DIR="/config/act_runner" # set config directory +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set the containers etc directory +ETC_DIR="/etc/act_runner" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set the var dir +VAR_DIR="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +TMP_DIR="/tmp/act_runner" # set the temp dir +RUN_DIR="/run/act_runner" # set scripts pid dir +LOG_DIR="/data/logs/act_runner" # set log directory +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the working dir +WORK_DIR="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# port which service is listening on +SERVICE_PORT="44015" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# User to use to launch service - IE: postgres +RUNAS_USER="root" # normally root +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# User and group in which the service switches to - IE: nginx,apache,mysql,postgres +SERVICE_USER="git" # execute command as another user +SERVICE_GROUP="git" # Set the service group +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set user and group ID +#SERVICE_UID="0" # set the user id +#SERVICE_GID="0" # set the group id +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# execute command variables - keep single quotes variables will be expanded later +EXEC_CMD_BIN='' # command to execute +EXEC_CMD_ARGS='' # command arguments +EXEC_PRE_SCRIPT='' # execute script before +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Is this service a web server +IS_WEB_SERVER="no" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Is this service a database server +IS_DATABASE_SERVICE="no" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Does this service use a database server +USES_DATABASE_SERVICE="no" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Show message before execute +PRE_EXEC_MESSAGE="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Update path var +PATH="$PATH:." +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Where to save passwords to +ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user +USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# root/admin user info password/random] +root_user_name="${ACT_RUNNER_ROOT_USER_NAME:-}" # root user name +root_user_pass="${ACT_RUNNER_ROOT_PASS_WORD:-}" # root user password +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Normal user info [password/random] +user_name="${ACT_RUNNER_USER_NAME:-}" # normal user name +user_pass="${ACT_RUNNER_USER_PASS_WORD:-}" # normal user password +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Load variables from config +[ -f "/config/env/act_runner.script.sh" ] && . "/config/env/act_runner.script.sh" # Generated by my dockermgr script +[ -f "/config/env/act_runner.sh" ] && . "/config/env/act_runner.sh" # Overwrite the variabes +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional predefined variables + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional variables +GITEA_PORT="${GITEA_PORT:-80}" +SYS_AUTH_TOKEN="$(__gen_auth_token)" +GITEA_USER="${GITEA_USER:-SERVICE_USER}" +INSTANCE_HOSTNAME="${GITEA_HOSTNAME:-$HOSTNAME}" +RUNNER_LABELS="linux:host," +RUNNER_LABELS+="node14:docker://node:14," +RUNNER_LABELS+="node16:docker://node:16," +RUNNER_LABELS+="node18:docker://node:18," +RUNNER_LABELS+="node20:docker://node:20," +RUNNER_LABELS+="node22:docker://node:22," +RUNNER_LABELS+="node:docker://node:latest," +RUNNER_LABELS+="perl:docker://perl:latest," +RUNNER_LABELS+="ruby:docker://ruby:latest," +RUNNER_LABELS+="python:docker://python:latest," +RUNNER_LABELS+="python3:docker://python:latest," +RUNNER_LABELS+="php7:docker://casjaysdevdocker/php:7," +RUNNER_LABELS+="php8:docker://casjaysdevdocker/php:8," +RUNNER_LABELS+="php:docker://casjaysdevdocker/php:latest," +RUNNER_LABELS+="alpine:docker://casjaysdev/alpine:latest," +RUNNER_LABELS+="debian:docker://casjaysdev/debian:latest," +RUNNER_LABELS+="ubuntu:docker://casjaysdev/ubuntu:latest," +RUNNER_LABELS+="rhel:docker://casjaysdev/almalinux:latest," +RUNNER_LABELS+="redhat:docker://casjaysdev/almalinux:latest," +RUNNER_LABELS+="almalinux:docker://casjaysdev/almalinux:latest," +RUNNER_LABELS+="act_runner:docker://catthehacker/ubuntu:full-latest," +RUNNER_LABELS+="ubuntu-latest:docker://catthehacker/ubuntu:full-latest" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Specifiy custom directories to be created +ADD_APPLICATION_FILES="" +ADD_APPLICATION_DIRS="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +APPLICATION_FILES="$LOG_DIR/$SERVICE_NAME.log" +APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR $TMP_DIR" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional config dirs - will be Copied to /etc/$name +ADDITIONAL_CONFIG_DIRS="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# define variables that need to be loaded into the service - escape quotes - var=\"value\",other=\"test\" +CMD_ENV="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Overwrite based on file/directory +RUNNER_IP_ADDRESS="$(__get_ip4)" +RUNNER_CACHE_HOST="${RUNNER_CACHE_HOST:-localhost}" +RUNNER_CACHE_PORT="${RUNNER_CACHE_PORT:-$SERVICE_PORT}" +RUNNER_MULTI_DIR="${RUNNER_MULTI_DIR:-$CONF_DIR/multi}" +RUNNER_CONFIG_NAME="${RUNNER_CONFIG_NAME:-runner.yaml}" +RUNNER_CONFIG_DEFAULT="${RUNNER_CONFIG_DEFAULT:-$ETC_DIR/default_config.yaml}" +RUNNER_DEFAULT_HOME="${RUNNER_DEFAULT_HOME:-$CONF_DIR/default}" +RUNNER_LOG_FILE="${RUNNER_LOG_FILE:-$LOG_DIR/runners.log}" +RUNNER_DAEMON_LOG="${RUNNER_DAEMON_LOG:-$LOG_DIR/daemon.log}" +CACHE_LOG_FILE="${CACHE_LOG_FILE:-$LOG_DIR/cache.log}" +CACHE_CONFIG_FILE="${CACHE_CONFIG_FILE:-$ETC_DIR/cache_server.yaml}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Per Application Variables or imports + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Custom prerun functions - IE setup WWW_ROOT_DIR +__execute_prerun() { + # Setup /config directories + __init_config_etc + + # Define other actions/commands + while :; do + pgrep gitea >/dev/null && break || { echo "Waiting for gitea to start before continuing" >&2 && sleep 60; } + done +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Run any pre-execution checks +__run_pre_execute_checks() { + # Set variables + local exitStatus=0 + local pre_execute_checks_MessageST="Running preexecute check for $SERVICE_NAME" # message to show at start + local pre_execute_checks_MessageEnd="Finished preexecute check for $SERVICE_NAME" # message to show at completion + __banner "$pre_execute_checks_MessageST" + # Put command to execute in parentheses + { + [ -d "$CONF_DIR/reg" ] || mkdir -p "$CONF_DIR/reg" + [ -d "$DATA_DIR/cache" ] || mkdir -p "$DATA_DIR/cache" + [ -d "$CONF_DIR/tokens" ] || mkdir -p "$CONF_DIR/tokens" + if [ -f "$RUNNER_CONFIG_DEFAULT" ]; then + if [ ! -f "$CONF_DIR/reg/default.sample" ]; then + echo "A sample registration file can be found in: $CONF_DIR/reg/default.sample" >/dev/stdout + cat <"$CONF_DIR/reg/default.sample" +#!/usr/bin/env bash +# Edit this file and execute it +exitStatus=1 +RUNNER_HOME="\$HOME/.config/act_runner" +RUNNER_NAME="\$(hostname -f|sed 's|[.]|_|g')" +RUNNER_REGISTER_URL="https://$INSTANCE_HOSTNAME" +RUNNER_AUTH_TOKEN="${RUNNER_AUTH_TOKEN:-$SYS_AUTH_TOKEN}" +RUNNER_LABELS="$RUNNER_LABELS" +ACT_API_URL="\$(curl -q -LSsf -X 'GET' 'https://gitea.com/api/v1/repos/gitea/act_runner/releases/latest' -H 'accept: application/json' | jq '.[]' | jq -rc '.[].browser_download_url' 2>/dev/null)" +echo "Installing act_runner" +mkdir -p "\$RUNNER_HOME" +case "\$(uname -m)" in x86_64) ACT_API_URL="\$(echo "\$ACT_API_URL" | grep 'linux.*amd64$')" ;; aarch64) ACT_API_URL="(echo "\$ACT_API_URL"|grep 'linux.*aarch64$')" ;; *) echo "\$(uname -m) is not supported by this script" >&2 && exit 1 ;; esac +if [ -n "\$ACT_API_URL" ]; then + [ -n "\$(type -P act_runner)" ] || curl -q -LSsf "\$ACT_API_URL" -o "/usr/local/bin/act_runner" && chmod -Rf 755 "/usr/local/bin/act_runner" + [ -n "\$(type -P act_runner)" ] || { echo "Failed to download act_runner from: \$ACT_API_URL" && exit 1; } + [ -f "\$RUNNER_HOME/config.yaml" ] || act_runner generate-config >"\$RUNNER_HOME/config.yaml" + act_runner register --config "\$RUNNER_HOME/config.yaml" --labels "\$RUNNER_LABELS" --name "\$RUNNER_NAME" --instance "\$RUNNER_REGISTER_URL" --token "\$RUNNER_AUTH_TOKEN" --no-interactive && exitStatus=0 + if [ "\$exitStatus" -eq 0 ]; then + echo "Act runner has been registered with server: \$RUNNER_REGISTER_URL" + act_runner daemon --config "\$RUNNER_HOME/config.yaml" & + exitStatus=\$? + fi +fi +exit \$exitStatus + +EOF + fi + # + mkdir -p "$RUNNER_DEFAULT_HOME" "$TMP_DIR/runners/gitea" + [ -f "$RUNNER_DEFAULT_HOME/$RUNNER_CONFIG_NAME" ] || copy "$RUNNER_CONFIG_DEFAULT" "$RUNNER_DEFAULT_HOME/$RUNNER_CONFIG_NAME" + if [ ! -f "$RUNNER_DEFAULT_HOME/runners" ] && [ -n "$SYS_AUTH_TOKEN" ] && [ -f "$RUNNER_DEFAULT_HOME/$RUNNER_CONFIG_NAME" ]; then + echo "creating gitea runner in $RUNNER_DEFAULT_HOME and registering with http://$INSTANCE_HOSTNAME" + __replace "REPLACE_RUNNER_TEMP" "$TMP_DIR/runners/gitea" "$RUNNER_DEFAULT_HOME/$RUNNER_CONFIG_NAME" + __replace "REPLACE_RUNNER_HOME" "$RUNNER_DEFAULT_HOME" "$RUNNER_DEFAULT_HOME/$RUNNER_CONFIG_NAME" + __replace "REPLACE_RUNNER_CACHE_HOST" "$RUNNER_CACHE_HOST" "$RUNNER_DEFAULT_HOME/$RUNNER_CONFIG_NAME" + __replace "REPLACE_RUNNER_CACHE_PORT" "$RUNNER_CACHE_PORT" "$RUNNER_DEFAULT_HOME/$RUNNER_CONFIG_NAME" + act_runner register --config "$RUNNER_DEFAULT_HOME/$RUNNER_CONFIG_NAME" --labels "$RUNNER_LABELS" --name "gitea" --instance "http://$RUNNER_IP_ADDRESS:$GITEA_PORT" --token "$SYS_AUTH_TOKEN" --no-interactive 2>/dev/stdout >>"$RUNNER_LOG_FILE" & + fi + fi + exitStatus="${exitStatus:-0}" + chown -Rf "$SERVICE_USER":"$SERVICE_GROUP" "$CONF_DIR" "$ETC_DIR" "$DATA_DIR" 2>/dev/null + return $exitStatus + } + exitStatus=$? + __banner "$pre_execute_checks_MessageEnd: Status $exitStatus" + + # show exit message + if [ $exitStatus -ne 0 ]; then + echo "The pre-execution check has failed" >&2 + [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE" + exit 1 + fi + return $exitStatus +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# use this function to update config files - IE: change port +__update_conf_files() { + local exitCode=0 # default exit code + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # CD into temp to bybass any permission errors + cd /tmp || false # lets keep shellcheck happy by adding false + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # delete files + #__rm "" + + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # custom commands + + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # replace variables + # __replace "" "" "$CONF_DIR/act_runner.conf" + # replace variables recursively + # __find_replace "" "" "$CONF_DIR" + + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # define actions + + # exit function + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# function to run before executing +__pre_execute() { + local exitCode=0 # default exit code + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + + # define commands + + # execute if directories is empty + __is_dir_empty "" && true + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Set permissions + __fix_permissions "$SERVICE_USER" "$SERVICE_GROUP" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Copy /config to /etc + for config_2_etc in $CONF_DIR $ADDITIONAL_CONFIG_DIRS; do + __initialize_system_etc "$config_2_etc" 2>/dev/stderr | tee -p -a "$LOG_DIR/init.txt" + done + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Replace variables + HOSTNAME="$sysname" __initialize_replace_variables "$ETC_DIR" "$CONF_DIR" "$WWW_ROOT_DIR" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # unset unneeded variables + unset filesperms filename config_2_etc change_user change_user ADDITIONAL_CONFIG_DIRS application_files filedirs + # Lets wait a few seconds before continuing + sleep 5 + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# function to run after executing +__post_execute() { + local pid="" # init pid var + local retVal=0 # set default exit code + local waitTime=60 # how long to wait before executing + local postMessageST="Running post commands for $SERVICE_NAME" # message to show at start + local postMessageEnd="Finished post commands for $SERVICE_NAME" # message to show at completion + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + + # wait + sleep $waitTime + # execute commands + ( + # show message + __banner "$postMessageST" + # commands to execute + if [ -f "$RUNNER_DEFAULT_HOME/runners" ] && [ -f "$RUNNER_DEFAULT_HOME/$RUNNER_CONFIG_NAME" ]; then + act_runner daemon --config $RUNNER_DEFAULT_HOME/$RUNNER_CONFIG_NAME >>"$RUNNER_DAEMON_LOG" 2>/dev/stderr & + pid=$! + sleep 5 + if ps ax | awk '{print $1}' | grep -v 'grep' | grep -q "$pid$"; then + echo "$(date)" >"$CONF_DIR/.runner" + echo "$pid" >"$RUN_DIR/act_runner.gitea.pid" + echo "Runner: gitea has been started with pid: $pid" | tee -a -p "$LOG_DIR/init.txt" + else + echo "Runner: gitea has failed to start" >/dev/stderr + [ -f "$RUN_DIR/act_runner.gitea.pid" ] && rm -f "$RUN_DIR/act_runner.gitea.pid" + fi + unset pid + fi + # + if [ -f "$CACHE_CONFIG_FILE" ]; then + mkdir -p "$DATA_DIR/cache" + __replace "REPLACE_RUNNER_CACHE_DIR" "$DATA_DIR/cache" "$CACHE_CONFIG_FILE" + __replace "REPLACE_RUNNER_CACHE_PORT" "$RUNNER_CACHE_PORT" "$CACHE_CONFIG_FILE" + act_runner cache-server --config $CACHE_CONFIG_FILE 2>>/dev/stderr >>"$CACHE_LOG_FILE" & + execPid=$! + sleep 5 + if ps ax | awk '{print $1}' | grep -v grep | grep -q "$execPid$"; then + echo "Cache server has been started and is listening on $RUNNER_CACHE_PORT" + else + echo "Failed to start the cache server" >&2 + fi + unset pid + fi + # show exit message + __banner "$postMessageEnd: Status $retVal" + ) 2>"/dev/stderr" | tee -p -a "$LOG_DIR/init.txt" & + pid=$! + # set exitCode + ps ax | awk '{print $1}' | grep -v grep | grep -q "$execPid$" && retVal=0 || retVal=10 + return $retVal +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# use this function to update config files - IE: change port +__pre_message() { + local exitCode=0 + if [ -n "$user_name" ] || [ -n "$user_pass" ] || [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then + __banner "User info" + [ -n "$user_name" ] && __printf_space "40" "username:" "$user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name" + [ -n "$user_pass" ] && __printf_space "40" "password:" "saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" + [ -n "$root_user_name" ] && __printf_space "40" "root username:" "$root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" + [ -n "$root_user_pass" ] && __printf_space "40" "root password:" "saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" + __banner "" + fi + [ -n "$PRE_EXEC_MESSAGE" ] && eval echo "$PRE_EXEC_MESSAGE" + # execute commands + + # set exitCode + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# use this function to setup ssl support +__update_ssl_conf() { + local exitCode=0 + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + # execute commands + + # set exitCode + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__create_service_env() { + cat </dev/null +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# root/admin user info [password/random] +#ENV_ROOT_USER_NAME="${ENV_ROOT_USER_NAME:-$ACT_RUNNER_ROOT_USER_NAME}" # root user name +#ENV_ROOT_USER_PASS="${ENV_ROOT_USER_NAME:-$ACT_RUNNER_ROOT_PASS_WORD}" # root user password +#root_user_name="${ENV_ROOT_USER_NAME:-$root_user_name}" # +#root_user_pass="${ENV_ROOT_USER_PASS:-$root_user_pass}" # +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +#Normal user info [password/random] +#ENV_USER_NAME="${ENV_USER_NAME:-$ACT_RUNNER_USER_NAME}" # +#ENV_USER_PASS="${ENV_USER_PASS:-$ACT_RUNNER_USER_PASS_WORD}" # +#user_name="${ENV_USER_NAME:-$user_name}" # normal user name +#user_pass="${ENV_USER_PASS:-$user_pass}" # normal user password + +EOF + __file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" || return 1 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# script to start server +__run_start_script() { + local runExitCode=0 + local workdir="$(eval echo "${WORK_DIR:-}")" # expand variables + local cmd="$(eval echo "${EXEC_CMD_BIN:-}")" # expand variables + local args="$(eval echo "${EXEC_CMD_ARGS:-}")" # expand variables + local name="$(eval echo "${EXEC_CMD_NAME:-}")" # expand variables + local pre="$(eval echo "${EXEC_PRE_SCRIPT:-}")" # expand variables + local extra_env="$(eval echo "${CMD_ENV//,/ }")" # expand variables + local lc_type="$(eval echo "${LANG:-${LC_ALL:-$LC_CTYPE}}")" # expand variables + local home="$(eval echo "${workdir//\/root/\/tmp\/docker}")" # expand variables + local path="$(eval echo "$PATH")" # expand variables + local message="$(eval echo "")" # expand variables + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + [ -f "$CONF_DIR/$SERVICE_NAME.exec_cmd.sh" ] && . "$CONF_DIR/$SERVICE_NAME.exec_cmd.sh" + # + __run_pre_execute_checks 2>/dev/stderr | tee -a -p "/data/logs/entrypoint.log" "$LOG_DIR/init.txt" || return 20 + # + if [ -z "$cmd" ]; then + __post_execute 2>"/dev/stderr" | tee -p -a "$LOG_DIR/init.txt" + retVal=$? + echo "Initializing $SCRIPT_NAME has completed" + exit $retVal + else + # ensure the command exists + if [ ! -x "$cmd" ]; then + echo "$name is not a valid executable" + return 2 + fi + # check and exit if already running + if __proc_check "$name" || __proc_check "$cmd"; then + echo "$name is already running" >&2 + return 0 + else + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # show message if env exists + if [ -n "$cmd" ]; then + [ -n "$SERVICE_USER" ] && echo "Setting up $cmd to run as $SERVICE_USER" || SERVICE_USER="root" + [ -n "$SERVICE_PORT" ] && echo "$name will be running on port $SERVICE_PORT" || SERVICE_PORT="" + fi + if [ -n "$pre" ] && [ -n "$(command -v "$pre" 2>/dev/null)" ]; then + export cmd_exec="$pre $cmd $args" + message="Starting service: $name $args through $pre" + else + export cmd_exec="$cmd $args" + message="Starting service: $name $args" + fi + [ -n "$su_exec" ] && echo "using $su_exec" | tee -a -p "$LOG_DIR/init.txt" + echo "$message" | tee -a -p "$LOG_DIR/init.txt" + su_cmd touch "$SERVICE_PID_FILE" + __post_execute 2>"/dev/stderr" | tee -p -a "$LOG_DIR/init.txt" & + if [ "$RESET_ENV" = "yes" ]; then + env_command="$(echo "env -i HOME=\"$home\" LC_CTYPE=\"$lc_type\" PATH=\"$path\" HOSTNAME=\"$sysname\" USER=\"${SERVICE_USER:-$RUNAS_USER}\" $extra_env")" + execute_command="$(__trim "$su_exec $env_command $cmd_exec")" + if [ ! -f "$START_SCRIPT" ]; then + cat <"$START_SCRIPT" +#!/usr/bin/env bash +trap 'exitCode=\$?;[ \$exitCode -ne 0 ] && [ -f "\$SERVICE_PID_FILE" ] && rm -Rf "\$SERVICE_PID_FILE";exit \$exitCode' EXIT +# +set -Eeo pipefail +# Setting up $cmd to run as ${SERVICE_USER:-root} with env +retVal=10 +cmd="$cmd" +SERVICE_PID_FILE="$SERVICE_PID_FILE" +$execute_command 2>"/dev/stderr" >>"$LOG_DIR/$SERVICE_NAME.log" & +execPid=\$! +sleep 10 +checkPID="\$(ps ax | awk '{print \$1}' | grep -v grep | grep "\$execPid$" || false)" +[ -n "\$execPid" ] && [ -n "\$checkPID" ] && echo "\$execPid" >"\$SERVICE_PID_FILE" && retVal=0 || retVal=10 +[ "\$retVal" = 0 ] && echo "\$cmd has been started" || echo "\$cmd has failed to start - args: $args" >&2 +exit \$retVal + +EOF + fi + else + if [ ! -f "$START_SCRIPT" ]; then + execute_command="$(__trim "$su_exec $cmd_exec")" + cat <"$START_SCRIPT" +#!/usr/bin/env bash +trap 'exitCode=\$?;[ \$exitCode -ne 0 ] && [ -f "\$SERVICE_PID_FILE" ] && rm -Rf "\$SERVICE_PID_FILE";exit \$exitCode' EXIT +# +set -Eeo pipefail +# Setting up $cmd to run as ${SERVICE_USER:-root} +retVal=10 +cmd="$cmd" +SERVICE_PID_FILE="$SERVICE_PID_FILE" +$execute_command 2>>"/dev/stderr" >>"$LOG_DIR/$SERVICE_NAME.log" & +execPid=\$! +sleep 10 +checkPID="\$(ps ax | awk '{print \$1}' | grep -v grep | grep "\$execPid$" || false)" +[ -n "\$execPid" ] && [ -n "\$checkPID" ] && echo "\$execPid" >"\$SERVICE_PID_FILE" && retVal=0 || retVal=10 +[ "\$retVal" = 0 ] && echo "\$cmd has been started" || echo "\$cmd has failed to start - args: $args" >&2 +exit \$retVal + +EOF + fi + fi + fi + [ -x "$START_SCRIPT" ] || chmod 755 -Rf "$START_SCRIPT" + [ "$CONTAINER_INIT" = "yes" ] || eval sh -c "$START_SCRIPT" + runExitCode=$? + return $runExitCode + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# username and password actions +__run_secure_function() { + if [ -n "$user_name" ] || [ -n "$user_pass" ]; then + for filesperms in "${USER_FILE_PREFIX}"/*; do + if [ -e "$filesperms" ]; then + chmod -Rf 600 "$filesperms" + chown -Rf $SERVICE_USER:$SERVICE_USER "$filesperms" 2>/dev/null + fi + done 2>/dev/null | tee -p -a "$LOG_DIR/init.txt" + fi + if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then + for filesperms in "${ROOT_FILE_PREFIX}"/*; do + if [ -e "$filesperms" ]; then + chmod -Rf 600 "$filesperms" + chown -Rf $SERVICE_USER:$SERVICE_USER "$filesperms" 2>/dev/null + fi + done 2>/dev/null | tee -p -a "$LOG_DIR/init.txt" + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow ENV_ variable - Import env file +__file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +SERVICE_EXIT_CODE=0 # default exit code +# application specific +EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name +SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location +SERVICE_PID_NUMBER="$(__pgrep)" # check if running +EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path +EXEC_PRE_SCRIPT="$(type -P "$EXEC_PRE_SCRIPT" || echo "$EXEC_PRE_SCRIPT")" # set full path +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Only run check +__check_service "$1" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create auth directories +[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; } +[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ "$IS_WEB_SERVER" = "yes" ] && RESET_ENV="yes" +[ -n "$RUNAS_USER" ] || RUNAS_USER="root" +[ -n "$SERVICE_USER" ] || SERVICE_USER="${RUNAS_USER:-root}" +[ -n "$SERVICE_GROUP" ] || SERVICE_GROUP="${RUNAS_USER:-root}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Database env +if [ "$IS_DATABASE_SERVICE" = "yes" ] || [ "$USES_DATABASE_SERVICE" = "yes" ]; then + RESET_ENV="no" + DATABASE_CREATE="${ENV_DATABASE_CREATE:-$DATABASE_CREATE}" + DATABASE_USER="${ENV_DATABASE_USER:-${DATABASE_USER:-$user_name}}" + DATABASE_PASSWORD="${ENV_DATABASE_PASSWORD:-${DATABASE_PASSWORD:-$user_pass}}" + DATABASE_ROOT_USER="${ENV_DATABASE_ROOT_USER:-${DATABASE_ROOT_USER:-$root_user_name}}" + DATABASE_ROOT_PASSWORD="${ENV_DATABASE_ROOT_PASSWORD:-${DATABASE_ROOT_PASSWORD:-$root_user_pass}}" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow per init script usernames and passwords +__file_exists_with_content "$ETC_DIR/auth/user/name" && user_name="$(<"$ETC_DIR/auth/user/name")" +__file_exists_with_content "$ETC_DIR/auth/user/pass" && user_pass="$(<"$ETC_DIR/auth/user/pass")" +__file_exists_with_content "$ETC_DIR/auth/root/name" && root_user_name="$(<"$ETC_DIR/auth/root/name")" +__file_exists_with_content "$ETC_DIR/auth/root/pass" && root_user_pass="$(<"$ETC_DIR/auth/root/pass")" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set password to random if variable is random +[ "$user_pass" = "random" ] && user_pass="$(__random_password)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ "$root_user_pass" = "random" ] && root_user_pass="$(__random_password)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow setting initial users and passwords via environment +user_name="$(eval echo "${ENV_USER_NAME:-$user_name}")" +user_pass="$(eval echo "${ENV_USER_PASS:-$user_pass}")" +root_user_name="$(eval echo "${ENV_ROOT_USER_NAME:-$root_user_name}")" +root_user_pass="$(eval echo "${ENV_ROOT_USER_PASS:-$root_user_pass}")" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow variables via imports - Overwrite existing +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# ensure needed directories exists +[ -d "$LOG_DIR" ] || mkdir -p "$LOG_DIR" +[ -d "$RUN_DIR" ] || mkdir -p "$RUN_DIR" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# pre-run function +__execute_prerun +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create user if needed +__create_service_user "$SERVICE_USER" "$SERVICE_GROUP" "${WORK_DIR:-/home/$SERVICE_USER}" "${SERVICE_UID:-}" "${SERVICE_GID:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Modify user if needed +__set_user_group_id $SERVICE_USER ${SERVICE_UID:-} ${SERVICE_GID:-} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Create base directories +__setup_directories +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set switch user command +__switch_to_user +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Initialize the home/working dir +__init_working_dir +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# show init message +__pre_message +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# +__initialize_db_users +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Initialize ssl +__update_ssl_conf +__update_ssl_certs +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Updating config files +__create_service_env +__update_conf_files +__initialize_database +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__run_secure_function +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# run the pre execute commands +__pre_execute +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__run_start_script 2>>/dev/stderr | tee -p -a "/data/logs/entrypoint.log" && errorCode=0 || errorCode=10 +if [ -n "$EXEC_CMD_BIN" ]; then + if [ "$errorCode" -ne 0 ]; then + echo "Failed to execute: ${cmd_exec:-$EXEC_CMD_BIN $EXEC_CMD_ARGS}" | tee -p -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt" + rm -Rf "$SERVICE_PID_FILE" + SERVICE_EXIT_CODE=10 + SERVICE_IS_RUNNING="no" + else + SERVICE_EXIT_CODE=0 + SERVICE_IS_RUNNING="no" + fi + SERVICE_EXIT_CODE=0 +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__banner "Initializing of $SERVICE_NAME has completed with statusCode: $SERVICE_EXIT_CODE" | tee -p -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit $SERVICE_EXIT_CODE diff --git a/rootfs/usr/local/share/template-files/config/.gitkeep b/rootfs/usr/local/share/template-files/config/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/rootfs/usr/local/share/template-files/config/env/default.sample b/rootfs/usr/local/share/template-files/config/env/default.sample new file mode 100644 index 0000000..c4271ed --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/default.sample @@ -0,0 +1,134 @@ +#!/usr/bin/env bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import the functions file +[ -f "/usr/local/etc/docker/functions/entrypoint.sh" ] && . "/usr/local/etc/docker/functions/entrypoint.sh" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# GLOBAL enviroment variables +#USER="${USER:-root}" +#LANG="${LANG:-C.UTF-8}" +#TZ="${TZ:-America/New_York}" +#SERVICE_USER="${SERVICE_USER:-root}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# directory settings +#BACKUP_DIR="${BACKUP_DIR:-/data/backups}" +#WWW_ROOT_DIR="${WWW_ROOT_DIR:-/usr/local/share/httpd/default}" +#LOCAL_BIN_DIR="${LOCAL_BIN_DIR:-/usr/local/bin}" +#DATABASE_BASE_DIR="${DATABASE_BASE_DIR:-/data/db}" +#DEFAULT_DATA_DIR="${DEFAULT_DATA_DIR:-/usr/local/share/template-files/data}" +#DEFAULT_CONF_DIR="${DEFAULT_CONF_DIR:-/usr/local/share/template-files/config}" +#DEFAULT_TEMPLATE_DIR="${DEFAULT_TEMPLATE_DIR:-/usr/local/share/template-files/defaults}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# healthcheck +#HEALTH_ENABLED="${HEALTH_ENABLED:-$ENV_HEALTH_ENABLED}" +#HEALTH_URL="${HEALTH_URL:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# php settings +#PHP_VERSION="${PHP_VERSION//php/}" +#PHP_INI_DIR="${PHP_INI_DIR:-$(__find_php_ini)}" +#PHP_BIN_DIR="${PHP_BIN_DIR:-$(__find_php_bin)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# services/ports +#ENV_PORTS="${ENV_PORTS:-}" +#SERVICE_PORT="${SERVICE_PORT:-$PORT}" +#WEB_SERVER_PORTS="${WEB_SERVER_PORTS:-$ENV_WEB_SERVER_PORTS}" +#SERVICES_LIST="${PROCS_LIST:-$SERVICES_LIST} " +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# networing info +DOMAINNAME="${DOMAINNAME:-}" +HOSTNAME="${HOSTNAME:-casjaysdev-GEN_SCRIPT_REPLACE_APPNAME}" +FULL_DOMAIN_NAME="${FULL_DOMAIN_NAME:-${DOMAINNAME:-$HOSTNAME}}" +SERVER_ADMIN="${SERVER_ADMIN:-root@${EMAIL_DOMAIN:-${DOMAINNAME:-$FULL_DOMAIN_NAME}}}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +EMAIL_RELAY="${EMAIL_RELAY:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# get ip addresses +CONTAINER_IP4_ADDRESS="${CONTAINER_IP4_ADDRESS:-$(__get_ip4)}" +CONTAINER_IP6_ADDRESS="${CONTAINER_IP6_ADDRESS:-$(__get_ip6)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# cerbot +#CERT_BOT_MAIL="${CERT_BOT_MAIL:-}" +#CERTBOT_DOMAINS="${CERTBOT_DOMAINS:-}" +#CERT_BOT_ENABLED="${CERT_BOT_ENABLED:-false}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# ssl server settings +#SSL_ENABLED="${SSL_ENABLED:-false}" +#SSL_DIR="${SSL_DIR:-/config/ssl}" +#SSL_CA="${SSL_CA:-$SSL_DIR/ca.crt}" +#SSL_KEY="${SSL_KEY:-$SSL_DIR/server.key}" +#SSL_CERT="${SSL_CERT:-$SSL_DIR/server.crt}" +#SSL_CONTAINER_DIR="${SSL_CONTAINER_DIR:-/etc/ssl/CA}" +#COUNTRY="${COUNTRY:-US}" +#STATE="${STATE:-NY}" +#CITY="${CITY:-Albany}" +#UNIT="${UNIT:-CasjaysDev}" +#ORG="${ORG:-"Casjays Developments"}" +#DAYS_VALID="${DAYS_VALID:-3650}" +#RSA="${RSA:-4096}" +#CN="${CN:-$FULL_DOMAIN_NAME}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# web server configs +HTTPD_CONFIG_FILE="${HTTPD_CONFIG_FILE:-$(__find_httpd_conf)}" +NGINX_CONFIG_FILE="${NGINX_CONFIG_FILE:-$(__find_nginx_conf)}" +LIGHTTPD_CONFIG_FILE="${LIGHTTPD_CONFIG_FILE:-$(__find_lighttpd_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# redis env +DATABASE_DIR_REDIS="${DATABASE_DIR_REDIS:-$DATABASE_BASE_DIR/redis}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# postgresql env +DATABASE_DIR_PGSQL="${DATABASE_DIR_PGSQL:-$PGDATA}" +PGDATA="${DATABASE_DIR_PGSQL:-$DATABASE_BASE_DIR/postgres}" +POSTGRES_USER="${DATABASE_USER_ROOT:-$POSTGRES_USER}" +POSTGRES_PASSWORD="${DATABASE_PASS_ROOT:-$POSTGRES_PASSWORD}" +POSTGRES_CONFIG_FILE="${POSTGRES_CONFIG_FILE:-$(__find_pgsql_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# mariadb env +MARIADB_ROOT_HOST="${MARIADB_ROOT_HOST:-%}" +MARIADB_AUTO_UPGRADE="${MARIADB_AUTO_UPGRADE:-yes}" +MARIADB_DATABASE="${DATABASE_CREATE:-$MARIADB_DATABASE}" +MARIADB_USER="${DATABASE_USER_NORMAL:-$MARIADB_USER}" +MARIADB_PASSWORD="${DATABASE_PASS_NORMAL:-$MARIADB_PASSWORD}" +DATABASE_DIR_MARIADB="${DATABASE_DIR_MARIADB:-$DATABASE_BASE_DIR/mysql}" +MARIADB_ROOT_PASSWORD="${DATABASE_PASS_ROOT:-$MARIADB_ROOT_PASSWORD}" +MARIADB_ALLOW_EMPTY_ROOT_PASSWORD="${MARIADB_ALLOW_EMPTY_ROOT_PASSWORD:-}" +MARIADB_INITDB_SKIP_TZINFO="${MARIADB_INITDB_SKIP_TZINFO}:-" +MARIADB_RANDOM_ROOT_PASSWORD="${MARIADB_RANDOM_ROOT_PASSWORD:-}" +MARIADB_CONFIG_FILE="${MARIADB_CONFIG_FILE:-$(__find_mysql_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# mongodb env +INITDB_ROOT_USERNAME="${DATABASE_USER_ROOT:-$INITDB_ROOT_USERNAME}" +DATABASE_DIR_MONGODB="${DATABASE_DIR_MONGODB:-$DATABASE_BASE_DIR/mongodb}" +MONGO_INITDB_ROOT_PASSWORD="${DATABASE_PASS_ROOT:-$MONGO_INITDB_ROOT_PASSWORD}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# couchdb env +NODENAME="${NODENAME:-}" +COUCHDB_USER="${DATABASE_USER_ROOT:-$COUCHDB_USER}" +COUCHDB_PASSWORD="${DATABASE_PASS_ROOT:-$COUCHDB_PASSWORD}" +DATABASE_DIR_COUCHDB="${DATABASE_DIR_COUCHDB:-$DATABASE_BASE_DIR/couchdb}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Supabase +DATABASE_DIR_SUPABASE="${DATABASE_DIR_SUPABASE:-$DATABASE_BASE_DIR/supabase}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# docker env +DOCKER_HOST="unix://var/run/docker.sock" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# File locations +ENTRYPOINT_PID_FILE="${ENTRYPOINT_PID_FILE:-/run/init.d/entrypoint.pid}" +ENTRYPOINT_INIT_FILE="${ENTRYPOINT_INIT_FILE:-/config/.entrypoint.done}" +ENTRYPOINT_DATA_INIT_FILE="${ENTRYPOINT_DATA_INIT_FILE:-/data/.docker_has_run}" +ENTRYPOINT_CONFIG_INIT_FILE="${ENTRYPOINT_CONFIG_INIT_FILE:-/config/.docker_has_run}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Startup variables +INIT_DATE="${INIT_DATE:-$(date)}" +START_SERVICES="${START_SERVICES:-yes}" +ENTRYPOINT_MESSAGE="${ENTRYPOINT_MESSAGE:-yes}" +ENTRYPOINT_FIRST_RUN="${ENTRYPOINT_FIRST_RUN:-yes}" +DATA_DIR_INITIALIZED="${DATA_DIR_INITIALIZED:-false}" +CONFIG_DIR_INITIALIZED="${CONFIG_DIR_INITIALIZED:-false}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ -f "$ENTRYPOINT_PID_FILE" ] || [ -f "$ENTRYPOINT_INIT_FILE" ]; then + START_SERVICES="no" ENTRYPOINT_MESSAGE="no" ENTRYPOINT_FIRST_RUN="no" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/00-directory.sh b/rootfs/usr/local/share/template-files/config/env/examples/00-directory.sh new file mode 100644 index 0000000..b41c7b7 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/00-directory.sh @@ -0,0 +1,10 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# directory settings +WWW_ROOT_DIR="${ENV_WWW_ROOT_DIR:-${WWW_ROOT_DIR}}" +BACKUP_DIR="${ENV_BACKUP_DIR:-${BACKUP_DIR:-/data/backups}}" +LOCAL_BIN_DIR="${ENV_LOCAL_BIN_DIR:-${LOCAL_BIN_DIR:-/usr/local/bin}}" +DATABASE_BASE_DIR="${ENV_DATABASE_BASE_DIR:-${DATABASE_BASE_DIR:-/data/db}}" +DEFAULT_DATA_DIR="${ENV_DEFAULT_DATA_DIR:-${DEFAULT_DATA_DIR:-/usr/local/share/template-files/data}}" +DEFAULT_CONF_DIR="${ENV_DEFAULT_CONF_DIR:-${DEFAULT_CONF_DIR:-/usr/local/share/template-files/config}}" +DEFAULT_TEMPLATE_DIR="${ENV_DEFAULT_TEMPLATE_DIR:-${EDEFAULT_TEMPLATE_DIR:-/usr/local/share/template-files/defaults}}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/addresses.sh b/rootfs/usr/local/share/template-files/config/env/examples/addresses.sh new file mode 100644 index 0000000..695428c --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/addresses.sh @@ -0,0 +1,5 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# get ip addresses +CONTAINER_IP4_ADDRESS="${CONTAINER_IP4_ADDRESS:-$(__get_ip4)}" +CONTAINER_IP6_ADDRESS="${CONTAINER_IP6_ADDRESS:-$(__get_ip6)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/certbot.sh b/rootfs/usr/local/share/template-files/config/env/examples/certbot.sh new file mode 100644 index 0000000..9f52b28 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/certbot.sh @@ -0,0 +1,6 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# cerbot +CERT_BOT_MAIL="${ENV_CERT_BOT_MAIL:-$CERT_BOT_MAIL}" +CERTBOT_DOMAINS="${ENV_CERTBOT_DOMAINS:-$CERTBOT_DOMAINS}" +CERT_BOT_ENABLED="${ENV_CERT_BOT_ENABLED:-${CERT_BOT_ENABLED:-false}}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/couchdb.sh b/rootfs/usr/local/share/template-files/config/env/examples/couchdb.sh new file mode 100644 index 0000000..4a7fb91 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/couchdb.sh @@ -0,0 +1,7 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# couchdb env +COUCHDB_NODENAME="${ENV_COUCHDB_NODENAME:-${COUCHDB_NODENAME:-$NODENAME}}" +COUCHDB_USER="${ENV_COUCHDB_USER:-${COUCHDB_USER:-$DATABASE_USER_ROOT}}" +COUCHDB_PASSWORD="${ENV_COUCHDB_PASSWORD:-${COUCHDB_PASSWORD:-$DATABASE_PASS_ROOT}}" +DATABASE_DIR_COUCHDB="${ENV_DATABASE_DIR_COUCHDB:-${DATABASE_DIR_COUCHDB:-/data/db/couchdb}}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/dockerd.sh b/rootfs/usr/local/share/template-files/config/env/examples/dockerd.sh new file mode 100644 index 0000000..a93d690 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/dockerd.sh @@ -0,0 +1,4 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# docker env +DOCKER_HOST="${DOCKER_HOST:-unix://var/run/docker.sock}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/global.sh b/rootfs/usr/local/share/template-files/config/env/examples/global.sh new file mode 100644 index 0000000..fece9c8 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/global.sh @@ -0,0 +1,13 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# GLOBAL enviroment variables +USER="${USER:-root}" +LANG="${LANG:-C.UTF-8}" +TZ="${TZ:-America/New_York}" +ENV_PORTS="${ENV_PORTS//\/*/}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# How to set permissions +SERVICE_USER="${SERVICE_USER:-}" +SERVICE_GROUP="${SERVICE_GROUP:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +SERVICE_UID="${SERVICE_UID:-}" # set the user id +SERVICE_GID="${SERVICE_GID:-}" # set the group id diff --git a/rootfs/usr/local/share/template-files/config/env/examples/healthcheck.sh b/rootfs/usr/local/share/template-files/config/env/examples/healthcheck.sh new file mode 100644 index 0000000..0dd7d39 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/healthcheck.sh @@ -0,0 +1,5 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# healthcheck +HEALTH_ENABLED="${HEALTH_ENABLED:-}" +HEALTH_URL="${HEALTH_URL:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/mariadb.sh b/rootfs/usr/local/share/template-files/config/env/examples/mariadb.sh new file mode 100644 index 0000000..223fce3 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/mariadb.sh @@ -0,0 +1,14 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# mariadb env +MARIADB_ROOT_HOST="${MARIADB_ROOT_HOST:-%}" +MARIADB_AUTO_UPGRADE="${MARIADB_AUTO_UPGRADE:-yes}" +MARIADB_DATABASE="${MARIADB_DATABASE:-$DATABASE_CREATE}" +MARIADB_USER="${MARIADB_USER:-$DATABASE_USER_NORMAL}" +MARIADB_PASSWORD="${MARIADB_PASSWORD:-$DATABASE_PASS_NORMAL}" +DATABASE_DIR_MARIADB="${DATABASE_DIR_MARIADB:-/data/db/mariadb}" +MARIADB_ROOT_PASSWORD="${MARIADB_ROOT_PASSWORD:-$DATABASE_PASS_ROOT}" +MARIADB_ALLOW_EMPTY_ROOT_PASSWORD="${MARIADB_ALLOW_EMPTY_ROOT_PASSWORD:-}" +MARIADB_INITDB_SKIP_TZINFO="${MARIADB_INITDB_SKIP_TZINFO}:-" +MARIADB_RANDOM_ROOT_PASSWORD="${MARIADB_RANDOM_ROOT_PASSWORD:-}" +MARIADB_CONFIG_FILE="${MARIADB_CONFIG_FILE:-$(__find_mysql_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/mongodb.sh b/rootfs/usr/local/share/template-files/config/env/examples/mongodb.sh new file mode 100644 index 0000000..8e014de --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/mongodb.sh @@ -0,0 +1,20 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# mongodb env +DATABASE_DIR_MONGODB="${DATABASE_DIR_MONGODB:-/data/db/mongodb}" +INITDB_ROOT_USERNAME="${DATABASE_USER_ROOT:-$INITDB_ROOT_USERNAME}" +MONGO_INITDB_ROOT_PASSWORD="${DATABASE_PASS_ROOT:-$MONGO_INITDB_ROOT_PASSWORD}" +ME_CONFIG_EDITORTHEME="${ME_CONFIG_EDITORTHEME:-dracula}" +ME_CONFIG_MONGODB_URL="${ME_CONFIG_MONGODB_URL:-mongodb://127.0.0.1:27017}" +ME_CONFIG_MONGODB_ENABLE_ADMIN="${ME_CONFIG_MONGODB_ENABLE_ADMIN:-true}" +ME_CONFIG_BASICAUTH_USERNAME="${ME_CONFIG_BASICAUTH_USERNAME:-}" +ME_CONFIG_BASICAUTH_PASSWORD="${ME_CONFIG_BASICAUTH_PASSWORD:-}" +ME_CONFIG_BASICAUTH_USERNAME_FILE="${ME_CONFIG_BASICAUTH_USERNAME_FILE:-}" +ME_CONFIG_BASICAUTH_PASSWORD_FILE="${ME_CONFIG_BASICAUTH_PASSWORD_FILE:-}" +ME_CONFIG_MONGODB_ADMINUSERNAME_FILE="${ME_CONFIG_MONGODB_ADMINUSERNAME_FILE:-}" +ME_CONFIG_MONGODB_ADMINPASSWORD_FILE="${ME_CONFIG_MONGODB_ADMINPASSWORD_FILE:-}" +ME_CONFIG_MONGODB_AUTH_USERNAME_FILE="${ME_CONFIG_MONGODB_AUTH_USERNAME_FILE:-}" +ME_CONFIG_MONGODB_AUTH_PASSWORD_FILE="${ME_CONFIG_MONGODB_AUTH_PASSWORD_FILE:-}" +ME_CONFIG_MONGODB_CA_FILE="${ME_CONFIG_MONGODB_CA_FILE:-}" +VCAP_APP_HOST="${VCAP_APP_HOST:-0.0.0.0}" +VCAP_APP_PORT="${VCAP_APP_PORT:-19054}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/networking.sh b/rootfs/usr/local/share/template-files/config/env/examples/networking.sh new file mode 100644 index 0000000..3af24bb --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/networking.sh @@ -0,0 +1,9 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# networing info +DOMAINNAME="${DOMAINNAME:-}" +EMAIL_RELAY="${EMAIL_RELAY:-}" +HOSTNAME="${HOSTNAME:-casjaysdev-GEN_SCRIPT_REPLACE_APPNAME}" +EMAIL_DOMAIN="${EMAIL_DOMAIN:-${DOMAINNAME:-$HOSTNAME}}" +FULL_DOMAIN_NAME="${FULL_DOMAIN_NAME:-${DOMAINNAME:-$HOSTNAME}}" +SERVER_ADMIN="${SERVER_ADMIN:-root@${EMAIL_DOMAIN:-$FULL_DOMAIN_NAME}}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/other.sh b/rootfs/usr/local/share/template-files/config/env/examples/other.sh new file mode 100644 index 0000000..1a59689 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/other.sh @@ -0,0 +1,4 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# other + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/php.sh b/rootfs/usr/local/share/template-files/config/env/examples/php.sh new file mode 100644 index 0000000..a005543 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/php.sh @@ -0,0 +1,6 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# php settings +PHP_VERSION="${PHP_VERSION//php/}" +PHP_INI_DIR="${PHP_INI_DIR:-$(__find_php_ini)}" +PHP_BIN_DIR="${PHP_BIN_DIR:-$(__find_php_bin)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/postgres.sh b/rootfs/usr/local/share/template-files/config/env/examples/postgres.sh new file mode 100644 index 0000000..348b4bf --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/postgres.sh @@ -0,0 +1,8 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# postgresql env +PGDATA="${DATABASE_DIR_PGSQL:-$PGDATA}" +DATABASE_DIR_PGSQL="${DATABASE_DIR_PGSQL:-/data/db/postgres}" +POSTGRES_USER="${DATABASE_USER_ROOT:-$POSTGRES_USER}" +POSTGRES_PASSWORD="${DATABASE_PASS_ROOT:-$POSTGRES_PASSWORD}" +POSTGRES_CONFIG_FILE="${POSTGRES_CONFIG_FILE:-$(__find_pgsql_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/redis.sh b/rootfs/usr/local/share/template-files/config/env/examples/redis.sh new file mode 100644 index 0000000..805a14d --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/redis.sh @@ -0,0 +1,4 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# redis env +DATABASE_DIR_REDIS="${DATABASE_DIR_REDIS:-/data/db/redis}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/services.sh b/rootfs/usr/local/share/template-files/config/env/examples/services.sh new file mode 100644 index 0000000..e330031 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/services.sh @@ -0,0 +1,7 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# services/ports +ENV_PORTS="${ENV_PORTS:-}" +SERVICE_PORT="${SERVICE_PORT:-$PORT}" +WEB_SERVER_PORTS="${WEB_SERVER_PORTS:-}" +SERVICES_LIST="${PROCS_LIST:-$SERVICES_LIST} " +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/ssl.sh b/rootfs/usr/local/share/template-files/config/env/examples/ssl.sh new file mode 100644 index 0000000..78b1686 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/ssl.sh @@ -0,0 +1,19 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# ssl server settings +SSL_ENABLED="${SSL_ENABLED:-false}" +SSL_DIR="${SSL_CONTAINER_DIR:-/config/ssl}" +SSL_DIR="${SSL_DIR:-$SSL_DIR}" +SSL_CA="${SSL_CA:-$SSL_DIR/ca.crt}" +SSL_KEY="${SSL_KEY:-$SSL_DIR/server.key}" +SSL_CERT="${SSL_CERT:-$SSL_DIR/server.crt}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# certificate settings +RSA="${RSA:-4096}" +STATE="${STATE:-NY}" +CITY="${CITY:-Albany}" +COUNTRY="${COUNTRY:-US}" +UNIT="${UNIT:-CasjaysDev}" +ORG="${ORG:-"Casjays Developments"}" +DAYS_VALID="${DAYS_VALID:-3650}" +CN="${CN:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/supabase.sh b/rootfs/usr/local/share/template-files/config/env/examples/supabase.sh new file mode 100644 index 0000000..f25a9ca --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/supabase.sh @@ -0,0 +1,4 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Supabase +DATABASE_DIR_SUPABASE="${DATABASE_DIR_SUPABASE:-/data/db/supabase}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/webservers.sh b/rootfs/usr/local/share/template-files/config/env/examples/webservers.sh new file mode 100644 index 0000000..15ba1af --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/webservers.sh @@ -0,0 +1,8 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# web server configs +HTTPD_CONFIG_FILE="${HTTPD_CONFIG_FILE:-$(__find_httpd_conf)}" +NGINX_CONFIG_FILE="${NGINX_CONFIG_FILE:-$(__find_nginx_conf)}" +CADDY_CONFIG_FILE="${CHEROKEE_CONFIG_FILE:-$(__find_caddy_conf)}" +LIGHTTPD_CONFIG_FILE="${LIGHTTPD_CONFIG_FILE:-$(__find_lighttpd_conf)}" +CHEROKEE_CONFIG_FILE="${CHEROKEE_CONFIG_FILE:-$(__find_cherokee_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/zz-entrypoint.sh b/rootfs/usr/local/share/template-files/config/env/examples/zz-entrypoint.sh new file mode 100644 index 0000000..cc9505b --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/zz-entrypoint.sh @@ -0,0 +1,21 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# File locations +ENTRYPOINT_PID_FILE="${ENTRYPOINT_PID_FILE:-/run/init.d/entrypoint.pid}" +ENTRYPOINT_INIT_FILE="${ENTRYPOINT_INIT_FILE:-/config/.entrypoint.done}" +ENTRYPOINT_DATA_INIT_FILE="${ENTRYPOINT_DATA_INIT_FILE:-/data/.docker_has_run}" +ENTRYPOINT_CONFIG_INIT_FILE="${ENTRYPOINT_CONFIG_INIT_FILE:-/config/.docker_has_run}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Startup variables +INIT_DATE="${INIT_DATE:-$(date)}" +START_SERVICES="${START_SERVICES:-yes}" +ENTRYPOINT_MESSAGE="${ENTRYPOINT_MESSAGE:-yes}" +ENTRYPOINT_FIRST_RUN="${ENTRYPOINT_FIRST_RUN:-yes}" +DATA_DIR_INITIALIZED="${DATA_DIR_INITIALIZED:-false}" +CONFIG_DIR_INITIALIZED="${CONFIG_DIR_INITIALIZED:-false}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Check if this is a new container +[ -f "$ENTRYPOINT_PID_FILE" ] && START_SERVICES="no" +[ -f "$ENTRYPOINT_CONFIG_INIT_FILE" ] && ENTRYPOINT_FIRST_RUN="no" +[ -f "$ENTRYPOINT_DATA_INIT_FILE" ] && DATA_DIR_INITIALIZED="true" +[ -f "$ENTRYPOINT_CONFIG_INIT_FILE" ] && CONFIG_DIR_INITIALIZED="true" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/data/.gitkeep b/rootfs/usr/local/share/template-files/data/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/rootfs/usr/local/share/template-files/defaults/.gitkeep b/rootfs/usr/local/share/template-files/defaults/.gitkeep new file mode 100644 index 0000000..e69de29