From 91585a70ef08a1762d63d9b577cb69e6ddcc5b20 Mon Sep 17 00:00:00 2001 From: casjay Date: Sat, 19 Aug 2023 23:16:27 -0400 Subject: [PATCH] =?UTF-8?q?=20=F0=9F=A6=88=F0=9F=8F=A0=F0=9F=90=9C?= =?UTF-8?q?=E2=9D=97=20Initial=20Commit=20=E2=9D=97=F0=9F=90=9C?= =?UTF-8?q?=F0=9F=A6=88=F0=9F=8F=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .dockerignore | 17 + .env.scripts | 13 + .gitattributes | 223 +++++++ .gitignore | 98 +++ Dockerfile | 227 +++++++ LICENSE.md | 13 + README.md | 78 +++ rootfs/root/docker/setup/custom | 11 + rootfs/root/docker/setup/files | 28 + rootfs/root/docker/setup/init | 11 + rootfs/root/docker/setup/packages | 11 + rootfs/root/docker/setup/post | 11 + rootfs/usr/local/bin/entrypoint.sh | 579 ++++++++++++++++++ rootfs/usr/local/bin/pkmgr | 122 ++++ .../usr/local/etc/docker/env/00-directory.sh | 10 + rootfs/usr/local/etc/docker/env/addresses.sh | 5 + rootfs/usr/local/etc/docker/env/certbot.sh | 6 + rootfs/usr/local/etc/docker/env/couchdb.sh | 7 + .../usr/local/etc/docker/env/default.sample | 136 ++++ rootfs/usr/local/etc/docker/env/dockerd.sh | 4 + rootfs/usr/local/etc/docker/env/global.sh | 8 + .../usr/local/etc/docker/env/healthcheck.sh | 5 + rootfs/usr/local/etc/docker/env/mariadb.sh | 14 + rootfs/usr/local/etc/docker/env/mongodb.sh | 20 + rootfs/usr/local/etc/docker/env/networking.sh | 9 + rootfs/usr/local/etc/docker/env/other.sh | 4 + rootfs/usr/local/etc/docker/env/php.sh | 6 + rootfs/usr/local/etc/docker/env/postgres.sh | 8 + rootfs/usr/local/etc/docker/env/redis.sh | 4 + rootfs/usr/local/etc/docker/env/services.sh | 7 + rootfs/usr/local/etc/docker/env/ssl.sh | 19 + rootfs/usr/local/etc/docker/env/supabase.sh | 4 + rootfs/usr/local/etc/docker/env/webservers.sh | 8 + .../usr/local/etc/docker/env/zz-entrypoint.sh | 21 + .../local/etc/docker/functions/entrypoint.sh | 468 ++++++++++++++ rootfs/usr/local/etc/docker/init.d/ntfy.sh | 457 ++++++++++++++ .../template-files/config/env/default.sample | 136 ++++ .../template-files/config/ntfy/.env.ntfy | 73 +++ .../template-files/config/ntfy/client.yml | 57 ++ .../template-files/config/ntfy/server.yml | 363 +++++++++++ .../local/share/template-files/data/.gitkeep | 0 .../share/template-files/defaults/.gitkeep | 0 42 files changed, 3301 insertions(+) create mode 100644 .dockerignore create mode 100644 .env.scripts create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 Dockerfile create mode 100644 LICENSE.md create mode 100644 README.md create mode 100755 rootfs/root/docker/setup/custom create mode 100755 rootfs/root/docker/setup/files create mode 100755 rootfs/root/docker/setup/init create mode 100755 rootfs/root/docker/setup/packages create mode 100755 rootfs/root/docker/setup/post create mode 100755 rootfs/usr/local/bin/entrypoint.sh create mode 100755 rootfs/usr/local/bin/pkmgr create mode 100644 rootfs/usr/local/etc/docker/env/00-directory.sh create mode 100644 rootfs/usr/local/etc/docker/env/addresses.sh create mode 100644 rootfs/usr/local/etc/docker/env/certbot.sh create mode 100644 rootfs/usr/local/etc/docker/env/couchdb.sh create mode 100644 rootfs/usr/local/etc/docker/env/default.sample create mode 100644 rootfs/usr/local/etc/docker/env/dockerd.sh create mode 100644 rootfs/usr/local/etc/docker/env/global.sh create mode 100644 rootfs/usr/local/etc/docker/env/healthcheck.sh create mode 100644 rootfs/usr/local/etc/docker/env/mariadb.sh create mode 100644 rootfs/usr/local/etc/docker/env/mongodb.sh create mode 100644 rootfs/usr/local/etc/docker/env/networking.sh create mode 100644 rootfs/usr/local/etc/docker/env/other.sh create mode 100644 rootfs/usr/local/etc/docker/env/php.sh create mode 100644 rootfs/usr/local/etc/docker/env/postgres.sh create mode 100644 rootfs/usr/local/etc/docker/env/redis.sh create mode 100644 rootfs/usr/local/etc/docker/env/services.sh create mode 100644 rootfs/usr/local/etc/docker/env/ssl.sh create mode 100644 rootfs/usr/local/etc/docker/env/supabase.sh create mode 100644 rootfs/usr/local/etc/docker/env/webservers.sh create mode 100644 rootfs/usr/local/etc/docker/env/zz-entrypoint.sh create mode 100644 rootfs/usr/local/etc/docker/functions/entrypoint.sh create mode 100755 rootfs/usr/local/etc/docker/init.d/ntfy.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/default.sample create mode 100644 rootfs/usr/local/share/template-files/config/ntfy/.env.ntfy create mode 100644 rootfs/usr/local/share/template-files/config/ntfy/client.yml create mode 100644 rootfs/usr/local/share/template-files/config/ntfy/server.yml create mode 100644 rootfs/usr/local/share/template-files/data/.gitkeep create mode 100644 rootfs/usr/local/share/template-files/defaults/.gitkeep diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..71c00b7 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,17 @@ +# Files to ignore +# Tell docker to ignore .gitkeep +.gitkeep +# Tell docker to ignore .gitignore +.gitignore +# Tell docker to ignore node_modules/** +node_modules/** +# Tell docker to ignore .node_modules/** +.node_modules/** +# Tell docker to ignore **/.gitkeep +**/.gitkeep +# Tell docker to ignore **/.gitignore +**/.gitignore +# Tell docker to ignore **/node_modules/** +**/node_modules/** +# Tell docker to ignore **/.node_modules/** +**/.node_modules/** diff --git a/.env.scripts b/.env.scripts new file mode 100644 index 0000000..7d4ca18 --- /dev/null +++ b/.env.scripts @@ -0,0 +1,13 @@ +ENV_SET_REPO="casjaysdevdocker" +ENV_SET_TEMPLATE="alpine" +ENV_DISTRO_NAME="" +GEN_DOCKERFILE_VENDOR="CasjaysDev" +GEN_DOCKERFILE_AUTHOR="CasjaysDev" +GEN_DOCKERFILE_GIT_BASE="https://github.com/casjaysdevdocker/ntfy/ntfy" +GEN_DOCKERFILE_HUB_BASE="https://hub.docker.com/r/casjaysdevdocker/ntfy/ntfy" +GEN_DOCKERFILE_MAINTAINER="CasjaysDev " +SERVICE_PORT="" +EXPOSE_PORTS="" +PHP_VERSION="" +NODE_VERSION="" +NODE_MANAGER="" diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..195825d --- /dev/null +++ b/.gitattributes @@ -0,0 +1,223 @@ +# Template generated on Sat Aug 19 06:25:39 PM EDT 2023 from https://github.com/alexkaratarakis/gitattributes +# Common settings that generally should always be used with your language specific settings +# Auto detect text files and perform LF normalization +* text=auto +# The above will handle all files NOT found below +# Documents +*.bibtex text diff=bibtex +*.doc diff=astextplain +*.DOC diff=astextplain +*.docx diff=astextplain +*.DOCX diff=astextplain +*.dot diff=astextplain +*.DOT diff=astextplain +*.pdf diff=astextplain +*.PDF diff=astextplain +*.rtf diff=astextplain +*.RTF diff=astextplain +*.md text diff=markdown +*.mdx text diff=markdown +*.tex text diff=tex +*.adoc text +*.textile text +*.mustache text +*.csv text eol=crlf +*.tab text +*.tsv text +*.txt text +*.sql text +*.epub diff=astextplain +# Graphics +*.png binary +*.jpg binary +*.jpeg binary +*.gif binary +*.tif binary +*.tiff binary +*.ico binary +# SVG treated as text by default. +*.svg text +# If you want to treat it as binary, +# use the following line instead. +# *.svg binary +*.eps binary +# Scripts +*.bash text eol=lf +*.fish text eol=lf +*.sh text eol=lf +*.zsh text eol=lf +# These are explicitly windows files and should use crlf +*.bat text eol=crlf +*.cmd text eol=crlf +*.ps1 text eol=crlf +# Serialisation +*.json text +*.toml text +*.xml text +*.yaml text +*.yml text +# Archives +*.7z binary +*.gz binary +*.tar binary +*.tgz binary +*.zip binary +# Text files where line endings should be preserved +*.patch -text +# Exclude files from exporting +.gitattributes export-ignore +.gitignore export-ignore +.gitkeep export-ignore +# Template generated on Sat Aug 19 07:56:15 PM EDT 2023 from https://github.com/alexkaratarakis/gitattributes" +# Common settings that generally should always be used with your language specific settings +# Auto detect text files and perform LF normalization +* text=auto +# The above will handle all files NOT found below +# Documents +*.bibtex text diff=bibtex +*.doc diff=astextplain +*.DOC diff=astextplain +*.docx diff=astextplain +*.DOCX diff=astextplain +*.dot diff=astextplain +*.DOT diff=astextplain +*.pdf diff=astextplain +*.PDF diff=astextplain +*.rtf diff=astextplain +*.RTF diff=astextplain +*.md text diff=markdown +*.mdx text diff=markdown +*.tex text diff=tex +*.adoc text +*.textile text +*.mustache text +*.csv text eol=crlf +*.tab text +*.tsv text +*.txt text +*.sql text +*.epub diff=astextplain +# Graphics +*.png binary +*.jpg binary +*.jpeg binary +*.gif binary +*.tif binary +*.tiff binary +*.ico binary +# SVG treated as text by default. +*.svg text +# If you want to treat it as binary, +# use the following line instead. +# *.svg binary +*.eps binary +# Scripts +*.bash text eol=lf +*.fish text eol=lf +*.sh text eol=lf +*.zsh text eol=lf +# These are explicitly windows files and should use crlf +*.bat text eol=crlf +*.cmd text eol=crlf +*.ps1 text eol=crlf +# Serialisation +*.json text +*.toml text +*.xml text +*.yaml text +*.yml text +# Archives +*.7z binary +*.gz binary +*.tar binary +*.tgz binary +*.zip binary +# Text files where line endings should be preserved +*.patch -text +# Exclude files from exporting +.gitattributes export-ignore +.gitignore export-ignore +.gitkeep export-ignore +# Template generated on Sat Aug 19 07:57:44 PM EDT 2023 from https://github.com/alexkaratarakis/gitattributes" +# Common settings that generally should always be used with your language specific settings +# Auto detect text files and perform LF normalization +* text=auto +# The above will handle all files NOT found below +# Documents +*.bibtex text diff=bibtex +*.doc diff=astextplain +*.DOC diff=astextplain +*.docx diff=astextplain +*.DOCX diff=astextplain +*.dot diff=astextplain +*.DOT diff=astextplain +*.pdf diff=astextplain +*.PDF diff=astextplain +*.rtf diff=astextplain +*.RTF diff=astextplain +*.md text diff=markdown +*.mdx text diff=markdown +*.tex text diff=tex +*.adoc text +*.textile text +*.mustache text +*.csv text eol=crlf +*.tab text +*.tsv text +*.txt text +*.sql text +*.epub diff=astextplain +# Graphics +*.png binary +*.jpg binary +*.jpeg binary +*.gif binary +*.tif binary +*.tiff binary +*.ico binary +# SVG treated as text by default. +*.svg text +# If you want to treat it as binary, +# use the following line instead. +# *.svg binary +*.eps binary +# Scripts +*.bash text eol=lf +*.fish text eol=lf +*.sh text eol=lf +*.zsh text eol=lf +# These are explicitly windows files and should use crlf +*.bat text eol=crlf +*.cmd text eol=crlf +*.ps1 text eol=crlf +# Serialisation +*.json text +*.toml text +*.xml text +*.yaml text +*.yml text +# Archives +*.7z binary +*.gz binary +*.tar binary +*.tgz binary +*.zip binary +# Text files where line endings should be preserved +*.patch -text +# Exclude files from exporting +.gitattributes export-ignore +.gitignore export-ignore +.gitkeep export-ignore + +# Template generated on Sat Aug 19 07:57:44 PM EDT 2023 +# Files for git large file system +*.7z filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.tar filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.7zip filter=lfs diff=lfs merge=lfs -text +*.bzip2 filter=lfs diff=lfs merge=lfs -text + diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..eb425a2 --- /dev/null +++ b/.gitignore @@ -0,0 +1,98 @@ +# gitignore created on 08/18/23 at 22:50 +# Disable reminder in prompt +ignoredirmessage + +# OS generated files +### Linux ### +*~ + +# temporary files which can be created if a process still has a handle open of a deleted file +.fuse_hidden* + +# KDE directory preferences +.directory + +# Linux trash folder which might appear on any partition or disk +.Trash-* + +# .nfs files are created when an open file is removed but is still being accessed +.nfs* + +### macOS ### +# General +.DS_Store? +.AppleDouble +.LSOverride + +# Thumbnails +._* + +# Files that might appear in the root of a volume +.DocumentRevisions-V100 +.fseventsd +.Spotlight-V100 +.TemporaryItems +.Trashes +.VolumeIcon.icns +.com.apple.timemachine.donotpresent + +# Directories potentially created on remote AFP share +.AppleDB +.AppleDesktop +Network Trash Folder +Temporary Items +.apdisk + +### macOS Patch ### +# iCloud generated files +*.icloud + +### Windows ### +# Windows thumbnail cache files +Thumbs.db +Thumbs.db:encryptable +ehthumbs.db +ehthumbs_vista.db + +# Dump file +*.stackdump + +# Folder config file +[Dd]esktop.ini + +# Recycle Bin used on file shares +$RECYCLE.BIN/ + +# Windows Installer files +*.cab +*.msi +*.msix +*.msm +*.msp + +# misc +!*/README* +!inc/main.bash + +# Windows shortcuts +*.lnk + +# ignore commit message +**/.gitcommit + +# ignore .build_failed files +**/.build_failed* + + +# ignore .bak files +**/*.bak + +# ignore .no_push files +**/.no_push + +# ignore .no_git files +**/.no_git + +# ignore .installed files +**/.installed + diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..9da425d --- /dev/null +++ b/Dockerfile @@ -0,0 +1,227 @@ +# Docker image for ntfy using the template +ARG LICENSE="MIT" +ARG IMAGE_NAME="ntfy" +ARG PHP_SERVER="ntfy" +ARG BUILD_DATE="Fri Aug 18 11:46:34 PM EDT 2023" +ARG LANGUAGE="en_US.UTF-8" +ARG TIMEZONE="America/New_York" +ARG WWW_ROOT_DIR="/data/htdocs" +ARG DEFAULT_FILE_DIR="/usr/local/share/template-files" +ARG DEFAULT_DATA_DIR="/usr/local/share/template-files/data" +ARG DEFAULT_CONF_DIR="/usr/local/share/template-files/config" +ARG DEFAULT_TEMPLATE_DIR="/usr/local/share/template-files/defaults" + +ARG IMAGE_REPO="casjaysdev/alpine" +ARG IMAGE_VERSION="latest" +ARG CONTAINER_VERSION="${IMAGE_VERSION}" + +ARG SERVICE_PORT="" +ARG EXPOSE_PORTS="" +ARG PHP_VERSION="" +ARG NODE_VERSION="" +ARG NODE_MANAGER="" + +ARG USER="root" +ARG DISTRO_VERSION="${IMAGE_VERSION}" +ARG BUILD_VERSION="${DISTRO_VERSION}" + +FROM tianon/gosu:latest AS gosu +FROM ${IMAGE_REPO}:${DISTRO_VERSION} AS build +ARG USER +ARG LICENSE +ARG TIMEZONE +ARG LANGUAGE +ARG IMAGE_NAME +ARG PHP_SERVER +ARG BUILD_DATE +ARG SERVICE_PORT +ARG EXPOSE_PORTS +ARG BUILD_VERSION +ARG WWW_ROOT_DIR +ARG DEFAULT_FILE_DIR +ARG DEFAULT_DATA_DIR +ARG DEFAULT_CONF_DIR +ARG DEFAULT_TEMPLATE_DIR +ARG DISTRO_VERSION +ARG PHP_VERSION + +ARG PACK_LIST="bash \ + " + +ENV ENV=~/.bashrc +ENV SHELL="/bin/sh" +ENV TZ="${TIMEZONE}" +ENV TIMEZONE="${TZ}" +ENV LANG="${LANGUAGE}" +ENV TERM="xterm-256color" +ENV HOSTNAME="casjaysdev-ntfy" + +USER ${USER} +WORKDIR /root + +COPY ./rootfs/root/docker/setup/. /root/docker/setup/ +COPY ./rootfs/usr/local/bin/pkmgr /usr/local/bin/pkmgr +COPY --from=gosu /usr/local/bin/gosu /usr/local/bin/gosu + +RUN \ + set -ex; \ + echo "" + +RUN \ + set -ex; \ + if [ -f "/root/docker/setup/init" ];then echo "Running the init script";sh "/root/docker/setup/init";echo "Done running the init script";fi; \ + echo "" + +RUN set -ex; \ + echo "" + +COPY ./rootfs/. / +COPY ./Dockerfile /root/docker/Dockerfile + +RUN set -ex; \ + echo "" + +RUN \ + echo "Installing packages: $PACK_LIST"; \ + set -ex; \ + pkmgr install ${PACK_LIST}; \ + echo "" + +RUN \ + set -ex; \ + if [ -f "/root/docker/setup/packages" ];then echo "Running the packages script";sh "/root/docker/setup/packages";echo "Done running the packages script";fi + +RUN \ + echo "Setting up users and scripts "; \ + set -ex; \ + echo "" + +RUN \ + echo "" + +RUN \ + echo "Running user configurations "; \ + set -ex; \ + echo "" + +RUN \ + echo "Setting OS Settings "; \ + set -ex; \ + echo "" + +RUN \ + echo "Updating system files "; \ + set -ex; \ + echo "$TIMEZONE" >"/etc/timezone"; \ + touch "/etc/profile" "/root/.profile"; \ + echo 'hosts: files dns' >"/etc/nsswitch.conf"; \ + BASH_CMD="$(command -v bash 2>/dev/null|| echo '')"; \ + PHP_FPM="$(ls /usr/*bin/php*fpm* 2>/dev/null || echo '')"; \ + pip_bin="$(command -v python3 2>/dev/null || command -v python2 2>/dev/null || command -v python 2>/dev/null || echo "")"; \ + py_version="$($pip_bin --version | sed 's|[pP]ython ||g' | awk -F '.' '{print $1$2}' | grep '[0-9]' || echo "0")"; \ + [ "$py_version" -gt "310" ] && pip_opts="--break-system-packages " || pip_opts=""; \ + if [ -n "$pip_bin" ];then $pip_bin -m pip install certbot-dns-rfc2136 certbot-dns-duckdns certbot-dns-cloudflare certbot-nginx $pip_opts || true;fi; \ + [ -f "$BASH_CMD" ] && rm -rf "/bin/sh" && ln -sf "$BASH_CMD" "/bin/sh" || true; \ + [ -n "$BASH_CMD" ] && sed -i 's|root:x:.*|root:x:0:0:root:/root:$BASH_CMD|g' "/etc/passwd" || true; [ -f "/usr/share/zoneinfo/${TZ}" ] && ln -sf "/usr/share/zoneinfo/${TZ}" "/etc/localtime" || true; [ -n "$PHP_FPM" ] && [ -z "$(command -v php-fpm 2>/dev/null)" ] && ln -sf "$PHP_FPM" "/usr/bin/php-fpm" 2>/dev/null || true; if [ -f "/etc/profile.d/color_prompt.sh.disabled" ]; then mv -f "/etc/profile.d/color_prompt.sh.disabled" "/etc/profile.d/color_prompt.sh";fi ; \ + { [ -f "/etc/bash/bashrc" ] && cp -Rf "/etc/bash/bashrc" "/root/.bashrc"; } || { [ -f "/etc/bashrc" ] && cp -Rf "/etc/bashrc" "/root/.bashrc"; } || { [ -f "/etc/bash.bashrc" ] && cp -Rf "/etc/bash.bashrc" "/root/.bashrc"; } || true; \ + if [ -z "$(command -v "apt-get" 2>/dev/null)" ];then grep -s -q 'alias quit' "/root/.bashrc" || printf '# Profile\n\n%s\n%s\n%s\n' '. /etc/profile' '. /root/.profile' "alias quit='exit 0 2>/dev/null'" >>"/root/.bashrc"; fi; \ + if [ -f "/usr/local/etc/docker/env/default.sample" ] && [ -d "/etc/profile.d" ];then cp -Rf "/usr/local/etc/docker/env/default.sample" "/etc/profile.d/container.env.sh" && chmod 755 "/etc/profile.d/container.env.sh";fi; \ + echo ""; \ + echo "" + +RUN set -ex; \ + echo "" + +RUN \ + set -ex; \ + if [ -f "/root/docker/setup/custom" ];then echo "Running the custom script";sh "/root/docker/setup/custom";echo "Done running the custom script";fi; \ + echo "" + +RUN set -ex; \ + echo + +RUN \ + set -ex; \ + if [ -f "/root/docker/setup/post" ];then echo "Running the post script";sh "/root/docker/setup/post";echo "Done running the post script";fi; \ + mkdir -p "/usr/local/etc/skel";cp -Rf "/root/." "/usr/local/etc/skel/"; \ + echo "" + +RUN \ + echo "Deleting unneeded files"; \ + set -ex; \ + pkmgr clean; \ + rm -Rf "/config" "/data"; \ + rm -rf /etc/systemd/system/*.wants/*; \ + rm -rf /lib/systemd/system/systemd-update-utmp*; \ + rm -rf /lib/systemd/system/anaconda.target.wants/*; \ + rm -rf /lib/systemd/system/local-fs.target.wants/*; \ + rm -rf /lib/systemd/system/multi-user.target.wants/*; \ + rm -rf /lib/systemd/system/sockets.target.wants/*udev*; \ + rm -rf /lib/systemd/system/sockets.target.wants/*initctl*; \ + rm -Rf /usr/share/doc/* /var/tmp/* /var/cache/*/* /root/.cache/* /usr/share/info/* /tmp/*; \ + if [ -d "/lib/systemd/system/sysinit.target.wants" ];then cd "/lib/systemd/system/sysinit.target.wants" && rm -f $(ls | grep -v systemd-tmpfiles-setup);fi + +RUN echo "Init done" + +FROM scratch +ARG USER +ARG LICENSE +ARG LANGUAGE +ARG TIMEZONE +ARG IMAGE_NAME +ARG PHP_SERVER +ARG BUILD_DATE +ARG SERVICE_PORT +ARG EXPOSE_PORTS +ARG BUILD_VERSION +ARG DEFAULT_DATA_DIR +ARG DEFAULT_CONF_DIR +ARG DEFAULT_TEMPLATE_DIR +ARG DISTRO_VERSION +ARG PHP_VERSION + +USER ${USER} +WORKDIR /root + +LABEL maintainer="CasjaysDev " +LABEL org.opencontainers.image.vendor="CasjaysDev" +LABEL org.opencontainers.image.authors="CasjaysDev" +LABEL org.opencontainers.image.vcs-type="Git" +LABEL org.opencontainers.image.name="${IMAGE_NAME}" +LABEL org.opencontainers.image.base.name="${IMAGE_NAME}" +LABEL org.opencontainers.image.license="${LICENSE}" +LABEL org.opencontainers.image.vcs-ref="${BUILD_VERSION}" +LABEL org.opencontainers.image.build-date="${BUILD_DATE}" +LABEL org.opencontainers.image.version="${BUILD_VERSION}" +LABEL org.opencontainers.image.schema-version="${BUILD_VERSION}" +LABEL org.opencontainers.image.url="https://hub.docker.com/r/casjaysdevdocker/ntfy/${IMAGE_NAME}" +LABEL org.opencontainers.image.vcs-url="https://github.com/casjaysdevdocker/ntfy/${IMAGE_NAME}" +LABEL org.opencontainers.image.url.source="https://github.com/casjaysdevdocker/ntfy/${IMAGE_NAME}" +LABEL org.opencontainers.image.documentation="https://hub.docker.com/r/casjaysdevdocker/ntfy/${IMAGE_NAME}" +LABEL org.opencontainers.image.description="Containerized version of ${IMAGE_NAME}" +LABEL com.github.containers.toolbox="false" + +ENV ENV=~/.bashrc +ENV SHELL="/bin/bash" +ENV TZ="${TIMEZONE}" +ENV TIMEZONE="${TZ}" +ENV LANG="${LANGUAGE}" +ENV TERM="xterm-256color" +ENV PORT="${SERVICE_PORT}" +ENV ENV_PORTS="${EXPOSE_PORTS}" +ENV PHP_SERVER="${PHP_SERVER}" +ENV PHP_VERSION="${PHP_VERSION}" +ENV CONTAINER_NAME="${IMAGE_NAME}" +ENV HOSTNAME="casjaysdev-${IMAGE_NAME}" +ENV USER="${USER}" + +COPY --from=build /. / + +VOLUME [ "/config","/data" ] + +EXPOSE ${ENV_PORTS} + +CMD [ "start", "all" ] +ENTRYPOINT [ "tini", "--", "/usr/local/bin/entrypoint.sh" ] +HEALTHCHECK --start-period=1m --interval=2m --timeout=3s CMD [ "/usr/local/bin/entrypoint.sh", "healthcheck" ] + diff --git a/LICENSE.md b/LICENSE.md new file mode 100644 index 0000000..cececca --- /dev/null +++ b/LICENSE.md @@ -0,0 +1,13 @@ + DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE + Version 2, December 2004 + + Copyright (C) 2023 casjay + + Everyone is permitted to copy and distribute verbatim or modified + copies of this license document, and changing it is allowed as long + as the name is changed. + + DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 1. You just DO WHAT THE FUCK YOU WANT TO. diff --git a/README.md b/README.md new file mode 100644 index 0000000..46c4d11 --- /dev/null +++ b/README.md @@ -0,0 +1,78 @@ +## 👋 Welcome to ntfy 🚀 + +ntfy README + + +## Install my system scripts + +```shell + sudo bash -c "$(curl -q -LSsf "https://github.com/systemmgr/installer/raw/main/install.sh")" + sudo systemmgr --config && sudo systemmgr install scripts +``` + +## Automatic install/update + +```shell +dockermgr update ntfy +``` + +## Install and run container + +```shell +mkdir -p "$HOME/.local/share/srv/docker/ntfy/rootfs" +git clone "https://github.com/dockermgr/ntfy" "$HOME/.local/share/CasjaysDev/dockermgr/ntfy" +cp -Rfva "$HOME/.local/share/CasjaysDev/dockermgr/ntfy/rootfs/." "$HOME/.local/share/srv/docker/ntfy/rootfs/" +docker run -d \ +--restart always \ +--privileged \ +--name casjaysdevdocker-ntfy \ +--hostname ntfy \ +-e TZ=${TIMEZONE:-America/New_York} \ +-v $HOME/.local/share/srv/docker/casjaysdevdocker-ntfy/rootfs/data:/data:z \ +-v $HOME/.local/share/srv/docker/casjaysdevdocker-ntfy/rootfs/config:/config:z \ +-p 80:80 \ +casjaysdevdocker/ntfy:latest +``` + +## via docker-compose + +```yaml +version: "2" +services: + ProjectName: + image: casjaysdevdocker/ntfy + container_name: casjaysdevdocker-ntfy + environment: + - TZ=America/New_York + - HOSTNAME=ntfy + volumes: + - $HOME/.local/share/srv/docker/casjaysdevdocker-ntfy/rootfs/data:/data:z + - $HOME/.local/share/srv/docker/casjaysdevdocker-ntfy/rootfs/config:/config:z + ports: + - 80:80 + restart: always +``` + +## Get source files + +```shell +dockermgr download src casjaysdevdocker/ntfy +``` + +OR + +```shell +git clone "https://github.com/casjaysdevdocker/ntfy" "$HOME/Projects/github/casjaysdevdocker/ntfy" +``` + +## Build container + +```shell +cd "$HOME/Projects/github/casjaysdevdocker/ntfy" +buildx +``` + +## Authors + +🤖 casjay: [Github](https://github.com/casjay) 🤖 +⛵ casjaysdevdocker: [Github](https://github.com/casjaysdevdocker) [Docker](https://hub.docker.com/u/casjaysdevdocker) ⛵ diff --git a/rootfs/root/docker/setup/custom b/rootfs/root/docker/setup/custom new file mode 100755 index 0000000..fb2164d --- /dev/null +++ b/rootfs/root/docker/setup/custom @@ -0,0 +1,11 @@ +#!/usr/bin/env sh +# shellcheck shell=sh +# shellcheck disable=SC2016 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +set -ex +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# script run to custom + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit + diff --git a/rootfs/root/docker/setup/files b/rootfs/root/docker/setup/files new file mode 100755 index 0000000..c03995a --- /dev/null +++ b/rootfs/root/docker/setup/files @@ -0,0 +1,28 @@ +#!/usr/bin/env sh +# shellcheck shell=sh +# shellcheck disable=SC2016 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +set -ex +#mkdir -p "/tmp/ntfy" "/etc/ntfy" "/usr/local/share/template-files/config/ntfy" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# script run to files +case "$(uname -m)" in +aarch64 | arm64) + platorm="arm64" + url="$(curl -q -LSsf https://api.github.com/repos/binwiederhier/ntfy/releases/latest | grep 'browser_download_url' | sed 's|"||g;s|.*: ||g' | grep 'linux' | grep 'arm64.tar.gz$')" + ;; +x86_64) + platorm="amd64" + url="$(curl -q -LSsf https://api.github.com/repos/binwiederhier/ntfy/releases/latest | grep 'browser_download_url' | sed 's|"||g;s|.*: ||g' | grep 'linux' | grep 'amd64.tar.gz$')" + ;; +*) + echo "Unsupported platform" + exit 1 + ;; +esac +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +curl -q -LSSf "$url" -o "/tmp/ntfy.tar.gz" +tar zxvf "/tmp/ntfy.tar.gz" --strip=1 -C "/tmp/ntfy" +[ -f "/tmp/ntfy/ntfy" ] && cp -Rf "/tmp/ntfy/ntfy" "/usr/local/bin/ntfy" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit diff --git a/rootfs/root/docker/setup/init b/rootfs/root/docker/setup/init new file mode 100755 index 0000000..f0044ec --- /dev/null +++ b/rootfs/root/docker/setup/init @@ -0,0 +1,11 @@ +#!/usr/bin/env sh +# shellcheck shell=sh +# shellcheck disable=SC2016 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +set -ex +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# script run to init + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit + diff --git a/rootfs/root/docker/setup/packages b/rootfs/root/docker/setup/packages new file mode 100755 index 0000000..fa22ac5 --- /dev/null +++ b/rootfs/root/docker/setup/packages @@ -0,0 +1,11 @@ +#!/usr/bin/env sh +# shellcheck shell=sh +# shellcheck disable=SC2016 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +set -ex +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# script run to packages + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit + diff --git a/rootfs/root/docker/setup/post b/rootfs/root/docker/setup/post new file mode 100755 index 0000000..d80ecec --- /dev/null +++ b/rootfs/root/docker/setup/post @@ -0,0 +1,11 @@ +#!/usr/bin/env sh +# shellcheck shell=sh +# shellcheck disable=SC2016 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +set -ex +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# script run to post + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit + diff --git a/rootfs/usr/local/bin/entrypoint.sh b/rootfs/usr/local/bin/entrypoint.sh new file mode 100755 index 0000000..7c01270 --- /dev/null +++ b/rootfs/usr/local/bin/entrypoint.sh @@ -0,0 +1,579 @@ +#!/usr/bin/env bash +# shellcheck shell=bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202308182250-git +# @@Author : Jason Hempstead +# @@Contact : jason@casjaysdev.pro +# @@License : WTFPL +# @@ReadME : docker-entrypoint --help +# @@Copyright : Copyright: (c) 2023 Jason Hempstead, Casjays Developments +# @@Created : Friday, Aug 18, 2023 22:50 EDT +# @@File : docker-entrypoint +# @@Description : +# @@Changelog : New script +# @@TODO : Better documentation +# @@Other : +# @@Resource : +# @@Terminal App : no +# @@sudo/root : no +# @@Template : other/docker-entrypoint +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +SCRIPT_NAME="$(basename "$0" 2>/dev/null)" +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# remove whitespaces from beginning argument +while :; do [ "$1" = " " ] && shift 1 || break; done +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ "$1" = "$0" ] && shift 1 +[ "$1" = "$SCRIPT_NAME" ] && shift 1 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import the functions file +if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then + . "/usr/local/etc/docker/functions/entrypoint.sh" +else + echo "Can not load functions from /usr/local/etc/docker/functions/entrypoint.sh" + exit 1 +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Create the default env files +__create_env "/config/env/default.sh" "/root/env.sh" &>/dev/null +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import variables from files +for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do + [ -f "$set_env" ] && . "$set_env" +done +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Builtin functions +__is_dir_empty() { [ "$(ls -A "$1" 2>/dev/null | wc -l)" -eq 0 ] && return 0 || return 1; } + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Custom functions + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Define script variables +SERVICE_USER="root" # execute command as another user +SERVICE_GROUP="" # Set user group for permission fix +SERVICE_UID="0" # set the user id for creation of user +SERVICE_PORT="" # specifiy port which service is listening on +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Healthcheck variables +HEALTH_ENABLED="yes" # enable healthcheck [yes/no] +SERVICES_LIST="tini" # comma seperated list of processes for the healthcheck +SERVER_PORTS="" # ports : 80,443 +HEALTH_ENDPOINTS="" # url endpoints: [http://localhost/health,http://localhost/test] +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional +PHP_INI_DIR="${PHP_INI_DIR:-$(__find_php_ini)}" +PHP_BIN_DIR="${PHP_BIN_DIR:-$(__find_php_bin)}" +HTTPD_CONFIG_FILE="${HTTPD_CONFIG_FILE:-$(__find_httpd_conf)}" +NGINX_CONFIG_FILE="${NGINX_CONFIG_FILE:-$(__find_nginx_conf)}" +MYSQL_CONFIG_FILE="${MYSQL_CONFIG_FILE:-$(__find_mysql_conf)}" +PGSQL_CONFIG_FILE="${PGSQL_CONFIG_FILE:-$(__find_pgsql_conf)}" +MONGODB_CONFIG_FILE="${MONGODB_CONFIG_FILE:-$(__find_mongodb_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Overwrite variables + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Last thing to run before options +__run_pre() { + if [ "$ENTRYPOINT_FIRST_RUN" = "false" ]; then # Run on initial creation + true + fi + if [ "$CONFIG_DIR_INITIALIZED" = "false" ]; then # Initial config + true + fi + if [ "$DATA_DIR_INITIALIZED" = "false" ]; then + true + fi + # End Initial config + if [ "$START_SERVICES" = "yes" ]; then # only run on start + true + fi # end run on start + # Run everytime container starts + # __certbot + # __create_ssl_cert + # __update_ssl_certs + # end + return 0 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__run_message() { + + return +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# variables based on env/files +[ "$SERVICE_PORT" = "443" ] && SSL_ENABLED="true" +[ -f "/config/enable/ssl" ] && SSL_ENABLED="true" +[ -f "/config/enable/ssh" ] && SSH_ENABLED="true" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# export variables + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# is already Initialized +[ -f "$ENTRYPOINT_DATA_INIT_FILE" ] && DATA_DIR_INITIALIZED="true" || DATA_DIR_INITIALIZED="false" +[ -f "$ENTRYPOINT_CONFIG_INIT_FILE" ] && CONFIG_DIR_INITIALIZED="true" || CONFIG_DIR_INITIALIZED="false" +{ [ -f "$ENTRYPOINT_PID_FILE" ] || [ -f "$ENTRYPOINT_INIT_FILE" ]; } && ENTRYPOINT_FIRST_RUN="no" || ENTRYPOINT_FIRST_RUN="true" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Default directories +BACKUP_DIR="${BACKUP_DIR:-/data/backups}" +WWW_ROOT_DIR="${WWW_ROOT_DIR:-/data/htdocs/www}" +LOCAL_BIN_DIR="${LOCAL_BIN_DIR:-/usr/local/bin}" +DEFAULT_DATA_DIR="${DEFAULT_DATA_DIR:-/usr/local/share/template-files/data}" +DEFAULT_CONF_DIR="${DEFAULT_CONF_DIR:-/usr/local/share/template-files/config}" +DEFAULT_TEMPLATE_DIR="${DEFAULT_TEMPLATE_DIR:-/usr/local/share/template-files/defaults}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Rewrite base on env +WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir +WWW_ROOT_DIR="${WWW_DIR:-$WWW_ROOT_DIR}" # set default web dir +DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# clean ENV_PORTS variables +ENV_PORTS="${ENV_PORTS//,/ }" # +ENV_PORTS="${ENV_PORTS//\/*/}" # +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# clean SERVER_PORTS variables +SERVER_PORTS="${SERVER_PORTS//,/ }" # +SERVER_PORTS="${SERVER_PORTS//\/*/}" # +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# clean WEB_SERVER_PORTS variables +WEB_SERVER_PORTS="${SERVICE_PORT//\/*/}" # +WEB_SERVER_PORTS="${WEB_SERVER_PORTS//\/*/}" # +WEB_SERVER_PORTS="${SERVICE_PORT//,/ } ${WEB_SERVER_PORTS//,/ }" # +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# rewrite and merge variables +ENV_PORTS="$(echo "$ENV_PORTS" | tr ' ' '\n' | sort -u | grep -v '^$' | tr '\n' ' ' | grep '^' || false)" +WEB_SERVER_PORTS="$(echo "$WEB_SERVER_PORTS" | tr ' ' '\n' | sort -u | grep -v '^$' | tr '\n' ' ' | grep '^' || false)" +ENV_PORTS="$(echo "$SERVER_PORTS" "$WEB_SERVER_PORTS" "$ENV_PORTS" "$SERVER_PORTS" | tr ' ' '\n' | sort -u | grep -v '^$' | tr '\n' ' ' | grep '^' || false)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# +HEALTH_ENDPOINTS="${HEALTH_ENDPOINTS//,/ }" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create required directories +mkdir -p "/run" +mkdir -p "/tmp" +mkdir -p "/root" +mkdir -p "/var/run" +mkdir -p "/var/tmp" +mkdir -p "/run/cron" +mkdir -p "/data/logs" +mkdir -p "/run/init.d" +mkdir -p "/config/enable" +mkdir -p "/config/secure" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create required files +touch "/data/logs/entrypoint.log" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# fix permissions +chmod -f 777 "/run" +chmod -f 777 "/tmp" +chmod -f 700 "/root" +chmod -f 777 "/var/run" +chmod -f 777 "/var/tmp" +chmod -f 777 "/run/cron" +chmod -f 777 "/data/logs" +chmod -f 777 "/run/init.d" +chmod -f 666 "/dev/stderr" +chmod -f 666 "/dev/stdout" +chmod -f 777 "/config/enable" +chmod -f 777 "/config/secure" +chmod -f 777 "/data/logs/entrypoint.log" +################## END OF CONFIGURATION ##################### +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Create the backup dir +[ -n "$BACKUP_DIR" ] && { [ -d "$BACKUP_DIR" ] || mkdir -p "$BACKUP_DIR"; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ "$ENTRYPOINT_FIRST_RUN" != "no" ]; then + # Show start message + if [ "$CONFIG_DIR_INITIALIZED" = "false" ] || [ "$DATA_DIR_INITIALIZED" = "false" ]; then + [ "$ENTRYPOINT_MESSAGE" = "yes" ] && echo "Executing entrypoint script for ntfy" + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Set reusable variables + { { [ -w "/etc" ] && [ ! -e "/etc/hosts" ]; } || [ -w "/etc/hosts" ]; } && UPDATE_FILE_HOSTS="true" + { { [ -w "/etc" ] && [ ! -e "/etc/timezone" ]; } || [ -w "/etc/timezone" ]; } && UPDATE_FILE_TZ="true" + { { [ -w "/etc" ] && [ ! -e "/etc/resolv.conf" ]; } || [ -w "/etc/resolv.conf" ]; } && UPDATE_FILE_RESOLV="true" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Set timezone + [ -n "$TZ" ] && [ "$UPDATE_FILE_TZ" = "true" ] && echo "$TZ" >"/etc/timezone" + [ -f "/usr/share/zoneinfo/$TZ" ] && [ "$UPDATE_FILE_TZ" = "true" ] && ln -sf "/usr/share/zoneinfo/$TZ" "/etc/localtime" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # if ipv6 add it to /etc/hosts + if [ "$UPDATE_FILE_HOSTS" = "true" ]; then + echo "# known hostname mappings" >"/etc/hosts" + if [ -n "$(ip a 2>/dev/null | grep 'inet6.*::' || ifconfig 2>/dev/null | grep 'inet6.*::')" ]; then + echo "127.0.0.1 localhost" >>"/etc/hosts" + echo "::1 localhost" >>"/etc/hosts" + else + echo "127.0.0.1 localhost" >>"/etc/hosts" + fi + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # add .home domain + if [ "$UPDATE_FILE_HOSTS" = "true" ] && [ -n "$HOSTNAME" ]; then + __grep_test " $HOSTNAME" "/etc/hosts" || echo "${CONTAINER_IP4_ADDRESS:-127.0.0.1} $HOSTNAME" >>"/etc/hosts" + __grep_test " ${HOSTNAME%%.*}.home" "/etc/hosts" || echo "${CONTAINER_IP4_ADDRESS:-127.0.0.1} ${HOSTNAME%%.*}.home" >>"/etc/hosts" + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # add domainname + if [ "$UPDATE_FILE_HOSTS" = "true" ] && [ "$DOMAINNAME" != "home" ] && [ -n "$DOMAINNAME" ] && [ "$HOSTNAME.$DOMAINNAME" != "$DOMAINNAME" ]; then + __grep_test " $HOSTNAME.$DOMAINNAME" "/etc/hosts" || echo "${CONTAINER_IP4_ADDRESS:-127.0.0.1} $HOSTNAME.$DOMAINNAME" >>"/etc/hosts" + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Set containers hostname + [ -n "$HOSTNAME" ] && [ "$UPDATE_FILE_HOSTS" = "true" ] && echo "$HOSTNAME" >"/etc/hostname" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Set containers hostname with domain + [ -n "$DOMAINNAME" ] && [ "$UPDATE_FILE_HOSTS" = "true" ] && echo "$HOSTNAME.$DOMAINNAME" >"/etc/hostname" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + if [ -f "/etc/hostname" ]; then + [ -n "$(type -P hostname)" ] && hostname -F "/etc/hostname" &>/dev/null || HOSTNAME="$(<"/etc/hostname")" + export HOSTNAME + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # import hosts file into container + [ -f "/usr/local/etc/hosts" ] && [ "$UPDATE_FILE_HOSTS" = "true" ] && cat "/usr/local/etc/hosts" | grep -vF "$HOSTNAME" >>"/etc/hosts" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # import resolv.conf file into container + [ "$CUSTOM_DNS" != "true" ] && [ -f "/usr/local/etc/resolv.conf" ] && [ "$UPDATE_FILE_RESOLV" = "true" ] && cat "/usr/local/etc/resolv.conf" >"/etc/resolv.conf" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + if [ -d "/usr/local/etc/skel" ]; then + cp -Rf "/usr/local/etc/skel/." "$HOME/" + fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Delete any .gitkeep files +[ -d "/data" ] && rm -Rf "/data/.gitkeep" "/data"/*/*.gitkeep +[ -d "/config" ] && rm -Rf "/config/.gitkeep" "/config"/*/*.gitkeep +[ -f "/usr/local/bin/.gitkeep" ] && rm -Rf "/usr/local/bin/.gitkeep" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Setup bin directory +SET_USR_BIN="" +[ -d "/data/bin" ] && SET_USR_BIN+="$(__find /data/bin f) " +[ -d "/config/bin" ] && SET_USR_BIN+="$(__find /config/bin f) " +if [ -n "$SET_USR_BIN" ]; then + echo "Setting up bin $SET_USR_BIN > $LOCAL_BIN_DIR" + for create_bin_template in $SET_USR_BIN; do + if [ -n "$create_bin_template" ]; then + create_bin_name="$(basename "$create_bin_template")" + if [ -e "$create_bin_template" ]; then + ln -sf "$create_bin_template" "$LOCAL_BIN_DIR/$create_bin_name" + fi + fi + done + unset create_bin_template create_bin_name SET_USR_BIN +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Copy default config +if [ -n "$DEFAULT_TEMPLATE_DIR" ]; then + if [ "$CONFIG_DIR_INITIALIZED" = "false" ] && [ -d "/config" ]; then + echo "Copying default config files $DEFAULT_TEMPLATE_DIR > /config" + for create_config_template in "$DEFAULT_TEMPLATE_DIR"/*; do + if [ -n "$create_config_template" ]; then + create_template_name="$(basename "$create_config_template")" + if [ -d "$create_config_template" ]; then + mkdir -p "/config/$create_template_name/" + __is_dir_empty "/config/$create_template_name" && cp -Rf "$create_config_template/." "/config/$create_template_name/" 2>/dev/null + elif [ -e "$create_config_template" ]; then + [ -e "/config/$create_template_name" ] || cp -Rf "$create_config_template" "/config/$create_template_name" 2>/dev/null + fi + fi + done + unset create_config_template create_template_name + fi +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Copy custom config files +if [ -n "$DEFAULT_CONF_DIR" ]; then + if [ "$CONFIG_DIR_INITIALIZED" = "false" ] && [ -d "/config" ]; then + echo "Copying custom config files: $DEFAULT_CONF_DIR > /config" + for create_config_template in "$DEFAULT_CONF_DIR"/*; do + create_config_name="$(basename "$create_config_template")" + if [ -n "$create_config_template" ]; then + if [ -d "$create_config_template" ]; then + mkdir -p "/config/$create_config_name" + __is_dir_empty "/config/$create_config_name" && cp -Rf "$create_config_template/." "/config/$create_config_name/" 2>/dev/null + elif [ -e "$create_config_template" ]; then + [ -e "/config/$create_config_name" ] || cp -Rf "$create_config_template" "/config/$create_config_name" 2>/dev/null + fi + fi + done + unset create_config_template create_config_name + fi +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Copy custom data files +if [ -d "/data" ]; then + if [ "$DATA_DIR_INITIALIZED" = "false" ] && [ -n "$DEFAULT_DATA_DIR" ]; then + echo "Copying data files $DEFAULT_DATA_DIR > /data" + for create_data_template in "$DEFAULT_DATA_DIR"/*; do + create_data_name="$(basename "$create_data_template")" + if [ -n "$create_data_template" ]; then + if [ -d "$create_data_template" ]; then + mkdir -p "/data/$create_data_name" + __is_dir_empty "/data/$create_data_name" && cp -Rf "$create_data_template/." "/data/$create_data_name/" 2>/dev/null + elif [ -e "$create_data_template" ]; then + [ -e "/data/$create_data_name" ] || cp -Rf "$create_data_template" "/data/$create_data_name" 2>/dev/null + fi + fi + done + unset create_template + fi +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Copy /config to /etc +if [ -d "/config" ]; then + if [ "$CONFIG_DIR_INITIALIZED" = "false" ]; then + echo "Copy config files to system: /config > /etc" + for create_config_name in /config/*; do + if [ -n "$create_config_name" ]; then + create_conf_name="$(basename "$create_config_name")" + if [ -d "/etc/$create_conf_name" ] && [ -d "$create_config_name" ]; then + mkdir -p "/etc/$create_conf_name/" + cp -Rf "$create_config_name/." "/etc/$create_conf_name/" 2>/dev/null + elif [ -e "/etc/$create_conf_name" ] && [ -e "$create_config_name" ]; then + cp -Rf "$create_config_name" "/etc/$create_conf_name" 2>/dev/null + fi + fi + done + unset create_config_name create_conf_name + fi +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Copy html files +if [ "$DATA_DIR_INITIALIZED" = "false" ] && [ -n "$WWW_ROOT_DIR" ]; then + if [ -d "$DEFAULT_DATA_DIR/data/htdocs" ]; then + __is_dir_empty "$WWW_ROOT_DIR/" && cp -Rf "$DEFAULT_DATA_DIR/data/htdocs/." "$WWW_ROOT_DIR/" 2>/dev/null + fi +fi +if [ -n "$WWW_ROOT_DIR" ]; then + if [ -d "$DEFAULT_DATA_DIR/htdocs/www" ] && [ ! -d "$WWW_ROOT_DIR" ]; then + mkdir -p "$WWW_ROOT_DIR" "$WWW_ROOT_DIR/health" + cp -Rf "$DEFAULT_DATA_DIR/htdocs/www/." "$WWW_ROOT_DIR/" + [ -f "$WWW_ROOT_DIR/health/index.txt" ] || echo "OK" >"$WWW_ROOT_DIR/health/index.txt" + [ -f "$WWW_ROOT_DIR/health/index.json" ] || echo '{"status":"ok"}' >"$WWW_ROOT_DIR/health/index.json" + fi +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ -d "$SSL_DIR" ] || mkdir -p "$SSL_DIR" +if [ "$SSL_ENABLED" = "true" ] || [ "$SSL_ENABLED" = "yes" ]; then + if [ -f "$SSL_CERT" ] && [ -f "$SSL_KEY" ]; then + SSL_ENABLED="true" + if [ -n "$SSL_CA" ] && [ -f "$SSL_CA" ]; then + mkdir -p "$SSL_DIR/certs" + cat "$SSL_CA" >>"/etc/ssl/certs/ca-certificates.crt" + cp -Rf "/." "$SSL_DIR/" + fi + else + [ -d "$SSL_DIR" ] || mkdir -p "$SSL_DIR" + __create_ssl_cert + fi + type update-ca-certificates &>/dev/null && update-ca-certificates +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# run pre-execute function +__run_pre "$@" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ -f "$ENTRYPOINT_PID_FILE" ] || [ -f "$ENTRYPOINT_INIT_FILE" ]; then + START_SERVICES="no" + ENTRYPOINT_MESSAGE="no" + ENTRYPOINT_FIRST_RUN="no" + touch "$ENTRYPOINT_PID_FILE" +elif [ -d "/config" ]; then + echo "$$" >"$ENTRYPOINT_PID_FILE" + echo "Initialized on: $INIT_DATE" >"$ENTRYPOINT_INIT_FILE" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Check if this is a new container +if [ -f "$ENTRYPOINT_DATA_INIT_FILE" ]; then + DATA_DIR_INITIALIZED="true" +elif [ -d "/data" ]; then + echo "Initialized on: $INIT_DATE" >"$ENTRYPOINT_DATA_INIT_FILE" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ -f "$ENTRYPOINT_CONFIG_INIT_FILE" ]; then + CONFIG_DIR_INITIALIZED="true" +elif [ -d "/config" ]; then + echo "Initialized on: $INIT_DATE" >"$ENTRYPOINT_CONFIG_INIT_FILE" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ "$ENTRYPOINT_FIRST_RUN" != "no" ]; then + # setup the smtp server + __setup_mta +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ "$ENTRYPOINT_MESSAGE" = "yes" ] && echo "Container ip address is: $CONTAINER_IP4_ADDRESS" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Show configured listing processes +if [ "$ENTRYPOINT_MESSAGE" = "yes" ] && [ -n "$ENV_PORTS" ]; then + show_port="" + for port in $ENV_PORTS; do [ -n "$port" ] && show_port+="$(printf '%s ' "${port// /}") "; done + printf '%s\n' "The following ports are open: $show_port" + unset port show_port +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Show message +__run_message +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# execute init script +if [ -f "/tmp/init" ]; then + sh "/tmp/init" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Just start services +START_SERVICES="${START_SERVICES:-SYSTEM_INIT}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Begin options +case "$1" in +--help) # Help message + echo 'Docker container for '$APPNAME'' + echo "Usage: $APPNAME [cron exec start init shell certbot ssl procs ports healthcheck backup command]" + echo "" + exit 0 + ;; + +init) + shift 1 + echo "Container has been Initialized" + exit 0 + ;; + +cron) + shift 1 + __cron "$@" & + ;; + +backup) # backup data and config dirs + shift 1 + save="${1:-$BACKUP_DIR}" + backupExit=0 + date="$(date '+%Y%m%d-%H%M')" + file="$save/$date.tar.gz" + echo "Backing up /data /config to $file" + sleep 1 + tar cfvz "$file" --exclude="$save" "/data" "/config" || backupExit=1 + backupExit=$? + [ $backupExit -eq 0 ] && echo "Backed up /data /config has finished" || echo "Backup of /data /config has failed" + exit $backupExit + ;; + +healthcheck) # Docker healthcheck + healthStatus=0 + services="${SERVICES_LIST:-$@}" + healthEnabled="${HEALTH_ENABLED:-}" + healthPorts="${WEB_SERVER_PORTS:-}" + healthEndPoints="${HEALTH_ENDPOINTS:-}" + healthMessage="Everything seems to be running" + services="${services//,/ }" + [ "$healthEnabled" = "yes" ] || exit 0 + for proc in $services; do + if [ -n "$proc" ]; then + if ! __pgrep "$proc"; then + echo "$proc is not running" >&2 + healthStatus=$((healthStatus + 1)) + fi + fi + done + for port in $ports; do + if [ -n "$(type -P netstat)" ] && [ -n "$port" ]; then + netstat -taupln | grep -q ":$port " || healthStatus=$((healthStatus + 1)) + fi + done + for endpoint in $healthEndPoints; do + if [ -n "$endpoint" ]; then + __curl "$endpoint" || healthStatus=$((healthStatus + 1)) + fi + done + [ "$healthStatus" -eq 0 ] || healthMessage="Errors reported see: docker logs --follow $CONTAINER_NAME" + [ -n "$healthMessage" ] && echo "$healthMessage" + exit $healthStatus + ;; + +ports) # show open ports + shift 1 + ports="$(__netstat -taupln | awk -F ' ' '{print $4}' | awk -F ':' '{print $2}' | sort --unique --version-sort | grep -v '^$' | grep '^' || echo '')" + [ -n "$ports" ] && printf '%s\n%s\n' "The following are servers:" "$ports" | tr '\n' ' ' + exit $? + ;; + +procs) # show running processes + shift 1 + ps="$(__ps axco command | grep -vE 'COMMAND|grep|ps' | sort -u || grep '^' || echo '')" + [ -n "$ps" ] && printf '%s\n%s\n' "Found the following processes" "$ps" | tr '\n' ' ' + exit $? + ;; + +ssl) # setup ssl + shift 1 + __create_ssl_cert + exit $? + ;; + +certbot) # manage ssl certificate + shift 1 + CERT_BOT_ENABLED="true" + if [ "$1" = "create" ]; then + shift 1 + __certbot "create" + elif [ "$1" = "renew" ]; then + shift 1 + __certbot "renew certonly --force-renew" + else + __exec_command "certbot" "$@" + fi + exit $? + ;; + +*/bin/sh | */bin/bash | bash | sh | shell) # Launch shell + shift 1 + __exec_command "${@:-/bin/bash}" + exit $? + ;; + +exec) # execute commands + shift 1 + __exec_command "${@:-exit}" + ;; + +start) # show/start init scripts + shift 1 + PATH="/usr/local/etc/docker/init.d:$PATH" + if [ $# -eq 0 ]; then + scripts="$(ls -A "/usr/local/etc/docker/init.d")" + [ -n "$scripts" ] && echo "$scripts" || echo "No scripts found in: /usr/local/etc/docker/init.d" + elif [ "$1" = "all" ]; then + shift $# + echo "$$" >"/run/init.d/entrypoint.pid" + __start_init_scripts "/usr/local/etc/docker/init.d" + elif [ -f "/usr/local/etc/docker/init.d/$1" ]; then + eval "/usr/local/etc/docker/init.d/$1" + fi + __no_exit + ;; + +*) # Execute primary command + if [ $# -eq 0 ]; then + if [ "$START_SERVICES" = "yes" ] || [ ! -f "/run/init.d/entrypoint.pid" ]; then + echo "$$" >"/run/init.d/entrypoint.pid" + __start_init_scripts "/usr/local/etc/docker/init.d" + __no_exit + fi + else + __exec_command "$@" + fi + ;; +esac +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# end of entrypoint +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + +# ex: ts=2 sw=2 et filetype=sh diff --git a/rootfs/usr/local/bin/pkmgr b/rootfs/usr/local/bin/pkmgr new file mode 100755 index 0000000..ddeed12 --- /dev/null +++ b/rootfs/usr/local/bin/pkmgr @@ -0,0 +1,122 @@ +#!/usr/bin/env sh +# shellcheck shell=sh +# shellcheck disable=SC2016 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +set -e +[ -n "$_DEBUG" ] && set -x || { [ "$1" = "--debug" ]&& set -x && shift 1; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +USER_UID="$(id -u)" +USER_GID="$(id -g)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ -f "/etc/pkmgr/options.conf" ] && . "/etc/pkmgr/options.conf" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ -x "$(command -v apt 2>/dev/null)" ]; then + export DEBIAN_FRONTEND=noninteractive + pkmgr_cmd="apt" + pkmgr_clean_cmd="$pkmgr_cmd clean" + pkmgr_mkcache_cmd="$pkmgr_cmd update" + pkmgr_update_cmd="$pkmgr_cmd upgrade -yy" + pkmgr_install_cmd="$pkmgr_cmd install -yy $PKMGR_OPTS" +elif [ -x "$(command -v apt-get 2>/dev/null)" ]; then + export DEBIAN_FRONTEND=noninteractive + pkmgr_cmd="apt-get" + pkmgr_clean_cmd="$pkmgr_cmd clean" + pkmgr_mkcache_cmd="$pkmgr_cmd update" + pkmgr_update_cmd="$pkmgr_cmd upgrade -yy" + pkmgr_install_cmd="$pkmgr_cmd install -yy $PKMGR_OPTS" +elif [ -x "$(command -v dnf 2>/dev/null)" ]; then + pkmgr_cmd="dnf" + pkmgr_clean_cmd="$pkmgr_cmd clean all" + pkmgr_mkcache_cmd="$pkmgr_cmd makecache" + pkmgr_update_cmd="$pkmgr_cmd update -y --skip-broken $PKMGR_OPTS" + pkmgr_install_cmd="$pkmgr_cmd install -y --skip-broken $PKMGR_OPTS" +elif [ -x "$(command -v yum 2>/dev/null)" ]; then + pkmgr_cmd="yum" + pkmgr_clean_cmd="$pkmgr_cmd clean all" + pkmgr_mkcache_cmd="$pkmgr_cmd makecache" + pkmgr_update_cmd="$pkmgr_cmd update -y --skip-broken $PKMGR_OPTS" + pkmgr_install_cmd="$pkmgr_cmd install -y --skip-broken $PKMGR_OPTS" +elif [ -n "$(command -v pacman 2>/dev/null)" ]; then + pkmgr_cmd="pacman" + pkmgr_mkcache_cmd="true" + pkmgr_clean_cmd="$pkmgr_cmd -Scc --noconfirm" + pkmgr_update_cmd="$pkmgr_cmd -Syyu --noconfirm $PKMGR_OPTS" + pkmgr_install_cmd="$pkmgr_cmd -Syy --noconfirm $PKMGR_OPTS" +elif [ -x "$(command -v apk 2>/dev/null)" ]; then + pkmgr_cmd="apk" + pkmgr_mkcache_cmd="true" + pkmgr_clean_cmd="$pkmgr_cmd cache clean" + pkmgr_update_cmd="$pkmgr_cmd -U upgrade --no-cache $PKMGR_OPTS" + pkmgr_install_cmd="$pkmgr_cmd add --no-cache $PKMGR_OPTS" +elif [ -x "$(command -v zypper 2>/dev/null)" ]; then + pkmgr_cmd="zypper" + pkmgr_mkcache_cmd="true" + pkmgr_clean_cmd="$pkmgr_cmd clean --all" + pkmgr_update_cmd="$pkmgr_cmd update -y $PKMGR_OPTS" + pkmgr_install_cmd="$pkmgr_cmd install -y $PKMGR_OPTS" +else + pkmgr_cmd="true" + pkmgr_mkcache_cmd="$pkmgr_cmd" + pkmgr_clean_cmd="$pkmgr_cmd" + pkmgr_update_cmd="$pkmgr_cmd" + pkmgr_install_cmd="$pkmgr_cmd" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ -f "/config/pkmgr/settings.conf" ]; then + . "/config/pkmgr/settings.conf" +elif [ -f "/etc/pkmgr/settings.conf" ]; then + . "/etc/pkmgr/settings.conf" +else +mkdir -p "/config/pkmgr" +cat <"/config/pkmgr/settings.conf" +pkmgr_cmd="$pkmgr_cmd" +pkmgr_clean_cmd="$pkmgr_clean_cmd" +pkmgr_update_cmd="$pkmgr_update_cmd" +pkmgr_install_cmd="$pkmgr_install_cmd" +pkmgr_mkcache_cmd="$pkmgr_mkcache_cmd" +EEOF +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ -n "$pkmgr_cmd" ] || { echo "Can not determine the package manager" && exit 1; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +case "$1" in +update | upgrade) + shift $# + [ "$USER_UID" -eq 0 ] || [ "$USER" = "root" ] || pkmgr_update_cmd="sudo $pkmgr_install_cmd" + echo "Updating packages command: $pkmgr_update_cmd" + $pkmgr_mkcache_cmd;$pkmgr_update_cmd + exit $? +;; +clean) + shift $# + [ -n "$1" ] || exit 0 + [ "$USER_UID" -eq 0 ] || [ "$USER" = "root" ] || pkmgr_clean_cmd="sudo $pkmgr_clean_cmd" + echo "Cleaning package cache: $pkmgr_clean_cmd" + $pkmgr_clean_cmd + exit $? +;; +install) + shift 1 + [ -n "$1" ] || exit 0 + [ "$USER_UID" -eq 0 ] || [ "$USER" = "root" ] || pkmgr_install_cmd="sudo $pkmgr_install_cmd" + if [ -f "$1" ]; then + install_list="$(cat "$1")" + echo 'installing packages from file with command: '$pkmgr_install_cmd' "$(<"$1")"' + else + install_list="$*" + echo "installing packages command: $pkmgr_install_cmd $install_list" + fi + $pkmgr_install_cmd $install_list + exit $? +;; +*) + [ -n "$1" ] || exit 0 + [ "$USER_UID" -eq 0 ] || [ "$USER" = "root" ] || pkmgr_cmd="sudo $pkmgr_cmd" + echo "executing packages command: $pkmgr_cmd $*" + $pkmgr_cmd "$@" + exit $? +;; +esac +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# end + diff --git a/rootfs/usr/local/etc/docker/env/00-directory.sh b/rootfs/usr/local/etc/docker/env/00-directory.sh new file mode 100644 index 0000000..4721f84 --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/00-directory.sh @@ -0,0 +1,10 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# directory settings +BACKUP_DIR="${BACKUP_DIR:-/data/backups}" +WWW_ROOT_DIR="${WWW_ROOT_DIR:-/data/htdocs}" +LOCAL_BIN_DIR="${LOCAL_BIN_DIR:-/usr/local/bin}" +DATABASE_BASE_DIR="${DATABASE_BASE_DIR:-/data/db}" +DEFAULT_DATA_DIR="${DEFAULT_DATA_DIR:-/usr/local/share/template-files/data}" +DEFAULT_CONF_DIR="${DEFAULT_CONF_DIR:-/usr/local/share/template-files/config}" +DEFAULT_TEMPLATE_DIR="${DEFAULT_TEMPLATE_DIR:-/usr/local/share/template-files/defaults}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/addresses.sh b/rootfs/usr/local/etc/docker/env/addresses.sh new file mode 100644 index 0000000..695428c --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/addresses.sh @@ -0,0 +1,5 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# get ip addresses +CONTAINER_IP4_ADDRESS="${CONTAINER_IP4_ADDRESS:-$(__get_ip4)}" +CONTAINER_IP6_ADDRESS="${CONTAINER_IP6_ADDRESS:-$(__get_ip6)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/certbot.sh b/rootfs/usr/local/etc/docker/env/certbot.sh new file mode 100644 index 0000000..8bdfb4a --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/certbot.sh @@ -0,0 +1,6 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# cerbot +CERT_BOT_MAIL="${CERT_BOT_MAIL:-}" +CERTBOT_DOMAINS="${CERTBOT_DOMAINS:-}" +CERT_BOT_ENABLED="${CERT_BOT_ENABLED:-false}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/couchdb.sh b/rootfs/usr/local/etc/docker/env/couchdb.sh new file mode 100644 index 0000000..3fa12c4 --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/couchdb.sh @@ -0,0 +1,7 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# couchdb env +NODENAME="${NODENAME:-}" +COUCHDB_USER="${DATABASE_USER_ROOT:-$COUCHDB_USER}" +COUCHDB_PASSWORD="${DATABASE_PASS_ROOT:-$COUCHDB_PASSWORD}" +DATABASE_DIR_COUCHDB="${DATABASE_DIR_COUCHDB:-/data/db/couchdb}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/default.sample b/rootfs/usr/local/etc/docker/env/default.sample new file mode 100644 index 0000000..b888a70 --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/default.sample @@ -0,0 +1,136 @@ +#!/usr/bin/env bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import the functions file +if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then + . "/usr/local/etc/docker/functions/entrypoint.sh" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# GLOBAL enviroment variables +USER="${USER:-root}" +LANG="${LANG:-C.UTF-8}" +TZ="${TZ:-America/New_York}" +SERVICE_USER="${SERVICE_USER:-root}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# directory settings +BACKUP_DIR="${BACKUP_DIR:-/data/backups}" +WWW_ROOT_DIR="${WWW_ROOT_DIR:-/data/htdocs}" +LOCAL_BIN_DIR="${LOCAL_BIN_DIR:-/usr/local/bin}" +DATABASE_BASE_DIR="${DATABASE_BASE_DIR:-/data/db}" +DEFAULT_DATA_DIR="${DEFAULT_DATA_DIR:-/usr/local/share/template-files/data}" +DEFAULT_CONF_DIR="${DEFAULT_CONF_DIR:-/usr/local/share/template-files/config}" +DEFAULT_TEMPLATE_DIR="${DEFAULT_TEMPLATE_DIR:-/usr/local/share/template-files/defaults}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# healthcheck +HEALTH_ENABLED="${HEALTH_ENABLED:-}" +HEALTH_URL="${HEALTH_URL:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# php settings +PHP_VERSION="${PHP_VERSION//php/}" +PHP_INI_DIR="${PHP_INI_DIR:-$(__find_php_ini)}" +PHP_BIN_DIR="${PHP_BIN_DIR:-$(__find_php_bin)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# services/ports +ENV_PORTS="${ENV_PORTS:-}" +SERVICE_PORT="${SERVICE_PORT:-$PORT}" +WEB_SERVER_PORTS="${WEB_SERVER_PORTS:-}" +SERVICES_LIST="${PROCS_LIST:-$SERVICES_LIST} " +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# networing info +HOSTNAME="${HOSTNAME:-casjaysdev-GEN_SCRIPT_REPLACE_APPNAME}" +DOMAINNAME="${DOMAINNAME:-}" +FULL_DOMAIN_NAME="${FULL_DOMAIN_NAME:-${DOMAINNAME:-$HOSTNAME}}" +SERVER_ADMIN="${SERVER_ADMIN:-root@${EMAIL_DOMAIN:-$DOMAINNAME}}" +EMAIL_RELAY="${EMAIL_RELAY:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# get ip addresses +CONTAINER_IP4_ADDRESS="${CONTAINER_IP4_ADDRESS:-$(__get_ip4)}" +CONTAINER_IP6_ADDRESS="${CONTAINER_IP6_ADDRESS:-$(__get_ip6)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# cerbot +CERT_BOT_MAIL="${CERT_BOT_MAIL:-}" +CERTBOT_DOMAINS="${CERTBOT_DOMAINS:-}" +CERT_BOT_ENABLED="${CERT_BOT_ENABLED:-false}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# ssl server settings +SSL_ENABLED="${SSL_ENABLED:-false}" +SSL_DIR="${SSL_DIR:-/config/ssl}" +SSL_CA="${SSL_CA:-$SSL_DIR/ca.crt}" +SSL_KEY="${SSL_KEY:-$SSL_DIR/server.key}" +SSL_CERT="${SSL_CERT:-$SSL_DIR/server.crt}" +SSL_CONTAINER_DIR="${SSL_CONTAINER_DIR:-/etc/ssl/CA}" +COUNTRY="${COUNTRY:-US}" +STATE="${STATE:-NY}" +CITY="${CITY:-Albany}" +UNIT="${UNIT:-CasjaysDev}" +ORG="${ORG:-"Casjays Developments"}" +DAYS_VALID="${DAYS_VALID:-3650}" +RSA="${RSA:-4096}" +CN="${CN:-$FULL_DOMAIN_NAME}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# web server configs +HTTPD_CONFIG_FILE="${HTTPD_CONFIG_FILE:-$(__find_httpd_conf)}" +NGINX_CONFIG_FILE="${NGINX_CONFIG_FILE:-$(__find_nginx_conf)}" +LIGHTTPD_CONFIG_FILE="${LIGHTTPD_CONFIG_FILE:-$(__find_lighttpd_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# redis env +DATABASE_DIR_REDIS="${DATABASE_DIR_REDIS:-$DATABASE_BASE_DIR/redis}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# postgresql env +DATABASE_DIR_PGSQL="${DATABASE_DIR_PGSQL:-$PGDATA}" +PGDATA="${DATABASE_DIR_PGSQL:-$DATABASE_BASE_DIR/pgsql}" +POSTGRES_USER="${DATABASE_USER_ROOT:-$POSTGRES_USER}" +POSTGRES_PASSWORD="${DATABASE_PASS_ROOT:-$POSTGRES_PASSWORD}" +POSTGRES_CONFIG_FILE="${POSTGRES_CONFIG_FILE:-$(__find_pgsql_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# mariadb env +MARIADB_ROOT_HOST="${MARIADB_ROOT_HOST:-%}" +MARIADB_AUTO_UPGRADE="${MARIADB_AUTO_UPGRADE:-yes}" +MARIADB_DATABASE="${DATABASE_CREATE:-$MARIADB_DATABASE}" +MARIADB_USER="${DATABASE_USER_NORMAL:-$MARIADB_USER}" +MARIADB_PASSWORD="${DATABASE_PASS_NORMAL:-$MARIADB_PASSWORD}" +DATABASE_DIR_MARIADB="${DATABASE_DIR_MARIADB:-$DATABASE_BASE_DIR/mysql}" +MARIADB_ROOT_PASSWORD="${DATABASE_PASS_ROOT:-$MARIADB_ROOT_PASSWORD}" +MARIADB_ALLOW_EMPTY_ROOT_PASSWORD="${MARIADB_ALLOW_EMPTY_ROOT_PASSWORD:-}" +MARIADB_INITDB_SKIP_TZINFO="${MARIADB_INITDB_SKIP_TZINFO}:-" +MARIADB_RANDOM_ROOT_PASSWORD="${MARIADB_RANDOM_ROOT_PASSWORD:-}" +MARIADB_CONFIG_FILE="${MARIADB_CONFIG_FILE:-$(__find_mysql_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# mongodb env +NITDB_ROOT_USERNAME="${DATABASE_USER_ROOT:-$NITDB_ROOT_USERNAME}" +DATABASE_DIR_MONGODB="${DATABASE_DIR_MONGODB:-$DATABASE_BASE_DIR/mongodb}" +MONGO_INITDB_ROOT_PASSWORD="${DATABASE_PASS_ROOT:-$MONGO_INITDB_ROOT_PASSWORD}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# couchdb env +NODENAME="${NODENAME:-}" +COUCHDB_USER="${DATABASE_USER_ROOT:-$COUCHDB_USER}" +COUCHDB_PASSWORD="${DATABASE_PASS_ROOT:-$COUCHDB_PASSWORD}" +DATABASE_DIR_COUCHDB="${DATABASE_DIR_COUCHDB:-$DATABASE_BASE_DIR/couchdb}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Supabase +DATABASE_DIR_SUPABASE="${DATABASE_DIR_SUPABASE:-$DATABASE_BASE_DIR/supabase}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# docker env +DOCKER_HOST="unix://var/run/docker.sock" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# File locations +ENTRYPOINT_PID_FILE="${ENTRYPOINT_PID_FILE:-/run/init.d/entrypoint.pid}" +ENTRYPOINT_INIT_FILE="${ENTRYPOINT_INIT_FILE:-/config/.entrypoint.done}" +ENTRYPOINT_DATA_INIT_FILE="${ENTRYPOINT_DATA_INIT_FILE:-/data/.docker_has_run}" +ENTRYPOINT_CONFIG_INIT_FILE="${ENTRYPOINT_CONFIG_INIT_FILE:-/config/.docker_has_run}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Startup variables +INIT_DATE="${INIT_DATE:-$(date)}" +START_SERVICES="${START_SERVICES:-yes}" +ENTRYPOINT_MESSAGE="${ENTRYPOINT_MESSAGE:-yes}" +ENTRYPOINT_FIRST_RUN="${ENTRYPOINT_FIRST_RUN:-yes}" +DATA_DIR_INITIALIZED="${DATA_DIR_INITIALIZED:-false}" +CONFIG_DIR_INITIALIZED="${CONFIG_DIR_INITIALIZED:-false}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ -f "$ENTRYPOINT_PID_FILE" ] || [ -f "$ENTRYPOINT_INIT_FILE" ]; + then START_SERVICES="no" ENTRYPOINT_MESSAGE="no" ENTRYPOINT_FIRST_RUN="no" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + diff --git a/rootfs/usr/local/etc/docker/env/dockerd.sh b/rootfs/usr/local/etc/docker/env/dockerd.sh new file mode 100644 index 0000000..a93d690 --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/dockerd.sh @@ -0,0 +1,4 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# docker env +DOCKER_HOST="${DOCKER_HOST:-unix://var/run/docker.sock}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/global.sh b/rootfs/usr/local/etc/docker/env/global.sh new file mode 100644 index 0000000..da547a3 --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/global.sh @@ -0,0 +1,8 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# GLOBAL enviroment variables +USER="${USER:-root}" +LANG="${LANG:-C.UTF-8}" +TZ="${TZ:-America/New_York}" +SERVICE_USER="${SERVICE_USER:-root}" +ENV_PORTS="${ENV_PORTS//\/*/}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/healthcheck.sh b/rootfs/usr/local/etc/docker/env/healthcheck.sh new file mode 100644 index 0000000..0dd7d39 --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/healthcheck.sh @@ -0,0 +1,5 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# healthcheck +HEALTH_ENABLED="${HEALTH_ENABLED:-}" +HEALTH_URL="${HEALTH_URL:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/mariadb.sh b/rootfs/usr/local/etc/docker/env/mariadb.sh new file mode 100644 index 0000000..32108ca --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/mariadb.sh @@ -0,0 +1,14 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# mariadb env +MARIADB_ROOT_HOST="${MARIADB_ROOT_HOST:-%}" +MARIADB_AUTO_UPGRADE="${MARIADB_AUTO_UPGRADE:-yes}" +MARIADB_DATABASE="${DATABASE_CREATE:-$MARIADB_DATABASE}" +MARIADB_USER="${DATABASE_USER_NORMAL:-$MARIADB_USER}" +MARIADB_PASSWORD="${DATABASE_PASS_NORMAL:-$MARIADB_PASSWORD}" +DATABASE_DIR_MARIADB="${DATABASE_DIR_MARIADB:-/data/db/mariadb}" +MARIADB_ROOT_PASSWORD="${DATABASE_PASS_ROOT:-$MARIADB_ROOT_PASSWORD}" +MARIADB_ALLOW_EMPTY_ROOT_PASSWORD="${MARIADB_ALLOW_EMPTY_ROOT_PASSWORD:-}" +MARIADB_INITDB_SKIP_TZINFO="${MARIADB_INITDB_SKIP_TZINFO}:-" +MARIADB_RANDOM_ROOT_PASSWORD="${MARIADB_RANDOM_ROOT_PASSWORD:-}" +MARIADB_CONFIG_FILE="${MARIADB_CONFIG_FILE:-$(__find_mysql_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/mongodb.sh b/rootfs/usr/local/etc/docker/env/mongodb.sh new file mode 100644 index 0000000..8e014de --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/mongodb.sh @@ -0,0 +1,20 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# mongodb env +DATABASE_DIR_MONGODB="${DATABASE_DIR_MONGODB:-/data/db/mongodb}" +INITDB_ROOT_USERNAME="${DATABASE_USER_ROOT:-$INITDB_ROOT_USERNAME}" +MONGO_INITDB_ROOT_PASSWORD="${DATABASE_PASS_ROOT:-$MONGO_INITDB_ROOT_PASSWORD}" +ME_CONFIG_EDITORTHEME="${ME_CONFIG_EDITORTHEME:-dracula}" +ME_CONFIG_MONGODB_URL="${ME_CONFIG_MONGODB_URL:-mongodb://127.0.0.1:27017}" +ME_CONFIG_MONGODB_ENABLE_ADMIN="${ME_CONFIG_MONGODB_ENABLE_ADMIN:-true}" +ME_CONFIG_BASICAUTH_USERNAME="${ME_CONFIG_BASICAUTH_USERNAME:-}" +ME_CONFIG_BASICAUTH_PASSWORD="${ME_CONFIG_BASICAUTH_PASSWORD:-}" +ME_CONFIG_BASICAUTH_USERNAME_FILE="${ME_CONFIG_BASICAUTH_USERNAME_FILE:-}" +ME_CONFIG_BASICAUTH_PASSWORD_FILE="${ME_CONFIG_BASICAUTH_PASSWORD_FILE:-}" +ME_CONFIG_MONGODB_ADMINUSERNAME_FILE="${ME_CONFIG_MONGODB_ADMINUSERNAME_FILE:-}" +ME_CONFIG_MONGODB_ADMINPASSWORD_FILE="${ME_CONFIG_MONGODB_ADMINPASSWORD_FILE:-}" +ME_CONFIG_MONGODB_AUTH_USERNAME_FILE="${ME_CONFIG_MONGODB_AUTH_USERNAME_FILE:-}" +ME_CONFIG_MONGODB_AUTH_PASSWORD_FILE="${ME_CONFIG_MONGODB_AUTH_PASSWORD_FILE:-}" +ME_CONFIG_MONGODB_CA_FILE="${ME_CONFIG_MONGODB_CA_FILE:-}" +VCAP_APP_HOST="${VCAP_APP_HOST:-0.0.0.0}" +VCAP_APP_PORT="${VCAP_APP_PORT:-19054}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/networking.sh b/rootfs/usr/local/etc/docker/env/networking.sh new file mode 100644 index 0000000..4b5fdba --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/networking.sh @@ -0,0 +1,9 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# networing info +DOMAINNAME="${DOMAINNAME:-}" +EMAIL_RELAY="${EMAIL_RELAY:-}" +HOSTNAME="${HOSTNAME:-casjaysdev-GEN_SCRIPT_REPLACE_APPNAME}" +EMAIL_DOMAIN="${EMAIL_DOMAIN:-${DOMAINNAME:-$HOSTNAME}}" +FULL_DOMAIN_NAME="${FULL_DOMAIN_NAME:-${DOMAINNAME:-$HOSTNAME}}" +SERVER_ADMIN="${SERVER_ADMIN:-root@${EMAIL_DOMAIN:-$DOMAINNAME}}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/other.sh b/rootfs/usr/local/etc/docker/env/other.sh new file mode 100644 index 0000000..1a59689 --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/other.sh @@ -0,0 +1,4 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# other + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/php.sh b/rootfs/usr/local/etc/docker/env/php.sh new file mode 100644 index 0000000..a005543 --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/php.sh @@ -0,0 +1,6 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# php settings +PHP_VERSION="${PHP_VERSION//php/}" +PHP_INI_DIR="${PHP_INI_DIR:-$(__find_php_ini)}" +PHP_BIN_DIR="${PHP_BIN_DIR:-$(__find_php_bin)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/postgres.sh b/rootfs/usr/local/etc/docker/env/postgres.sh new file mode 100644 index 0000000..706117a --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/postgres.sh @@ -0,0 +1,8 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# postgresql env +PGDATA="${DATABASE_DIR_PGSQL:-$PGDATA}" +DATABASE_DIR_PGSQL="${DATABASE_DIR_PGSQL:-/data/db/pgsql}" +POSTGRES_USER="${DATABASE_USER_ROOT:-$POSTGRES_USER}" +POSTGRES_PASSWORD="${DATABASE_PASS_ROOT:-$POSTGRES_PASSWORD}" +POSTGRES_CONFIG_FILE="${POSTGRES_CONFIG_FILE:-$(__find_pgsql_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/redis.sh b/rootfs/usr/local/etc/docker/env/redis.sh new file mode 100644 index 0000000..805a14d --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/redis.sh @@ -0,0 +1,4 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# redis env +DATABASE_DIR_REDIS="${DATABASE_DIR_REDIS:-/data/db/redis}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/services.sh b/rootfs/usr/local/etc/docker/env/services.sh new file mode 100644 index 0000000..e330031 --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/services.sh @@ -0,0 +1,7 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# services/ports +ENV_PORTS="${ENV_PORTS:-}" +SERVICE_PORT="${SERVICE_PORT:-$PORT}" +WEB_SERVER_PORTS="${WEB_SERVER_PORTS:-}" +SERVICES_LIST="${PROCS_LIST:-$SERVICES_LIST} " +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/ssl.sh b/rootfs/usr/local/etc/docker/env/ssl.sh new file mode 100644 index 0000000..78b1686 --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/ssl.sh @@ -0,0 +1,19 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# ssl server settings +SSL_ENABLED="${SSL_ENABLED:-false}" +SSL_DIR="${SSL_CONTAINER_DIR:-/config/ssl}" +SSL_DIR="${SSL_DIR:-$SSL_DIR}" +SSL_CA="${SSL_CA:-$SSL_DIR/ca.crt}" +SSL_KEY="${SSL_KEY:-$SSL_DIR/server.key}" +SSL_CERT="${SSL_CERT:-$SSL_DIR/server.crt}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# certificate settings +RSA="${RSA:-4096}" +STATE="${STATE:-NY}" +CITY="${CITY:-Albany}" +COUNTRY="${COUNTRY:-US}" +UNIT="${UNIT:-CasjaysDev}" +ORG="${ORG:-"Casjays Developments"}" +DAYS_VALID="${DAYS_VALID:-3650}" +CN="${CN:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/supabase.sh b/rootfs/usr/local/etc/docker/env/supabase.sh new file mode 100644 index 0000000..f25a9ca --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/supabase.sh @@ -0,0 +1,4 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Supabase +DATABASE_DIR_SUPABASE="${DATABASE_DIR_SUPABASE:-/data/db/supabase}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/webservers.sh b/rootfs/usr/local/etc/docker/env/webservers.sh new file mode 100644 index 0000000..15ba1af --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/webservers.sh @@ -0,0 +1,8 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# web server configs +HTTPD_CONFIG_FILE="${HTTPD_CONFIG_FILE:-$(__find_httpd_conf)}" +NGINX_CONFIG_FILE="${NGINX_CONFIG_FILE:-$(__find_nginx_conf)}" +CADDY_CONFIG_FILE="${CHEROKEE_CONFIG_FILE:-$(__find_caddy_conf)}" +LIGHTTPD_CONFIG_FILE="${LIGHTTPD_CONFIG_FILE:-$(__find_lighttpd_conf)}" +CHEROKEE_CONFIG_FILE="${CHEROKEE_CONFIG_FILE:-$(__find_cherokee_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/env/zz-entrypoint.sh b/rootfs/usr/local/etc/docker/env/zz-entrypoint.sh new file mode 100644 index 0000000..cc9505b --- /dev/null +++ b/rootfs/usr/local/etc/docker/env/zz-entrypoint.sh @@ -0,0 +1,21 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# File locations +ENTRYPOINT_PID_FILE="${ENTRYPOINT_PID_FILE:-/run/init.d/entrypoint.pid}" +ENTRYPOINT_INIT_FILE="${ENTRYPOINT_INIT_FILE:-/config/.entrypoint.done}" +ENTRYPOINT_DATA_INIT_FILE="${ENTRYPOINT_DATA_INIT_FILE:-/data/.docker_has_run}" +ENTRYPOINT_CONFIG_INIT_FILE="${ENTRYPOINT_CONFIG_INIT_FILE:-/config/.docker_has_run}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Startup variables +INIT_DATE="${INIT_DATE:-$(date)}" +START_SERVICES="${START_SERVICES:-yes}" +ENTRYPOINT_MESSAGE="${ENTRYPOINT_MESSAGE:-yes}" +ENTRYPOINT_FIRST_RUN="${ENTRYPOINT_FIRST_RUN:-yes}" +DATA_DIR_INITIALIZED="${DATA_DIR_INITIALIZED:-false}" +CONFIG_DIR_INITIALIZED="${CONFIG_DIR_INITIALIZED:-false}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Check if this is a new container +[ -f "$ENTRYPOINT_PID_FILE" ] && START_SERVICES="no" +[ -f "$ENTRYPOINT_CONFIG_INIT_FILE" ] && ENTRYPOINT_FIRST_RUN="no" +[ -f "$ENTRYPOINT_DATA_INIT_FILE" ] && DATA_DIR_INITIALIZED="true" +[ -f "$ENTRYPOINT_CONFIG_INIT_FILE" ] && CONFIG_DIR_INITIALIZED="true" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/etc/docker/functions/entrypoint.sh b/rootfs/usr/local/etc/docker/functions/entrypoint.sh new file mode 100644 index 0000000..aec6697 --- /dev/null +++ b/rootfs/usr/local/etc/docker/functions/entrypoint.sh @@ -0,0 +1,468 @@ +#!/usr/bin/env bash +# shellcheck shell=bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : GEN_SCRIPT_REPLACE_VERSION +# @@Author : GEN_SCRIPT_REPLACE_AUTHOR +# @@Contact : GEN_SCRIPT_REPLACE_EMAIL +# @@License : GEN_SCRIPT_REPLACE_LICENSE +# @@ReadME : docker-entrypoint +# @@Copyright : GEN_SCRIPT_REPLACE_COPYRIGHT +# @@Created : GEN_SCRIPT_REPLACE_DATE +# @@File : docker-entrypoint +# @@Description : GEN_SCRIPT_REPLACE_DESC +# @@Changelog : GEN_SCRIPT_REPLACE_CHANGELOG +# @@TODO : GEN_SCRIPT_REPLACE_TODO +# @@Other : GEN_SCRIPT_REPLACE_OTHER +# @@Resource : GEN_SCRIPT_REPLACE_RES +# @@Terminal App : GEN_SCRIPT_REPLACE_TERMINAL +# @@sudo/root : GEN_SCRIPT_REPLACE_SUDO +# @@Template : functions/docker-entrypoint +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__cd() { [ -d "$1" ] && builtin cd "$1" || return 1; } +__rm() { [ -n "$1" ] && [ -e "$1" ] && rm -Rf "${1:?}"; } +__grep_test() { grep -s "$1" "$2" | grep -qwF "${3:-$1}" || return 1; } +__netstat() { [ -f "$(type -P netstat)" ] && netstat "$@" || return 10; } +__curl() { curl -q -sfI --max-time 3 -k -o /dev/null "$@" &>/dev/null || return 10; } +__find() { find "$1" -mindepth 1 -type ${2:-f,d} 2>/dev/null | grep '^' || return 10; } +__is_dir_empty() { [ "$(ls -A "$1" 2>/dev/null | wc -l)" -eq 0 ] && return 0 || return 1; } +__pcheck() { [ -n "$(which pgrep 2>/dev/null)" ] && pgrep -o "$1" &>/dev/null || return 10; } +__sed() { sed -i 's|'$1'|'$2'|g' "$3" &>/dev/null || sed -i "s|$1|$2|g" "$3" &>/dev/null || return 1; } +__ps() { [ -f "$(type -P ps)" ] && ps "$@" 2>/dev/null | grep -Fw " ${1:-$GEN_SCRIPT_REPLACE_APPNAME}" || return 10; } +__pgrep() { __pcheck "${1:-GEN_SCRIPT_REPLACE_APPNAME}" || __ps "${1:-$GEN_SCRIPT_REPLACE_APPNAME}" | grep -qv ' grep' || return 10; } +__get_ip6() { ip a 2>/dev/null | grep -w 'inet6' | awk '{print $2}' | grep -vE '^::1|^fe' | sed 's|/.*||g' | head -n1 | grep '^' || echo ''; } +__get_ip4() { ip a 2>/dev/null | grep -w 'inet' | awk '{print $2}' | grep -vE '^127.0.0' | sed 's|/.*||g' | head -n1 | grep '^' || echo '127.0.0.1'; } +__no_exit() { exec /bin/sh -c "trap : TERM INT; (while true; do tail -qf /data/logs/entrypoint.log /data/logs/*/*log 2>/dev/null||sleep 20; done) & wait"; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__find_php_bin() { find -L '/usr'/*bin -maxdepth 4 -name 'php-fpm*' 2>/dev/null | head -n1 | grep '^' || echo ''; } +__find_php_ini() { find -L '/etc' -maxdepth 4 -name 'php.ini' 2>/dev/null | head -n1 | sed 's|/php.ini||g' | grep '^' || echo ''; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__find_nginx_conf() { find -L '/etc' -maxdepth 4 -name 'nginx.conf' 2>/dev/null | head -n1 | grep '^' || echo ''; } +__find_lighttpd_conf() { find -L '/etc' -maxdepth 4 -type f -iname 'lighttpd.conf' 2>/dev/null | head -n1 | grep '^' || echo ''; } +__find_cherokee_conf() { find -L '/etc' -maxdepth 4 -type f -iname 'cherokee.conf' 2>/dev/null | head -n1 | grep '^' || echo ''; } +__find_caddy_conf() { find -L '/etc' -maxdepth 4 -type f -iname 'caddy.conf' 2>/dev/null | head -n1 | grep '^' || echo ''; } +__find_httpd_conf() { find -L '/etc' -maxdepth 4 -type f -iname 'httpd.conf' -o -iname 'apache2.conf' 2>/dev/null | head -n1 | grep '^' || echo ''; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__find_mysql_conf() { find -L '/etc' -maxdepth 4 -type f -name 'my.cnf' 2>/dev/null | head -n1 | grep '^' || echo ''; } +__find_pgsql_conf() { find -L '/var/lib' '/etc' -maxdepth 8 -type f -name 'postgresql.conf' 2>/dev/null | head -n1 | grep '^' || echo ''; } +__find_mongodb_conf() { return; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__random_password() { cat "/dev/urandom" | tr -dc '0-9a-zA-Z' | head -c${1:-16} && echo ""; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__exec_service() { + echo "Starting $1" + eval "$@" 2>>/dev/stderr & + [ $? -eq 0 ] && touch "/run/init.d/$1.pid" || return 1 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__update_ssl_certs() { + [ -f "/config/env/ssl.sh" ] && . "/config/env/ssl.sh" + if [ -f "$SSL_CERT" ] && [ -f "$SSL_KEY" ]; then + mkdir -p /etc/ssl + [ -f "$SSL_CA" ] && cp -Rf "$SSL_CA" "/etc/ssl/$SSL_CA" + [ -f "$SSL_KEY" ] && cp -Rf "$SSL_KEY" "/etc/ssl/$SSL_KEY" + [ -f "$SSL_CERT" ] && cp -Rf "$SSL_CERT" "/etc/ssl/$SSL_CERT" + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__certbot() { + local statusCode=0 + CERTBOT_DOMAINS="${CERTBOT_DOMAINS:-$HOSTNAME}" + [ -n "$(type -P 'certbot')" ] || return 1 + if [ -f "/config/certbot/env.sh" ]; then + . "/config/certbot/env.sh" + fi + if [ -f "/config/certbot/setup.sh" ]; then + eval "/config/certbot/setup.sh" + statusCode=$? + elif [ -f "/etc/named/certbot.sh" ]; then + eval "/etc/named/certbot.sh" + statusCode=$? + elif [ -f "/config/named/certbot-update.conf" ]; then + if certbot renew -n --dry-run --agree-tos --expand --dns-rfc2136 --dns-rfc2136-credentials /config/named/certbot-update.conf; then + certbot renew -n --agree-tos --expand --dns-rfc2136 --dns-rfc2136-credentials /config/named/certbot-update.conf + fi + statusCode=$? + else + local options="${1:-create}" && shift 1 + domain_list="$DOMAINNAME www.$DOMAINNAME mail.$DOMAINNAME $CERTBOT_DOMAINS" + [ -f "/config/env/ssl.sh" ] && . "/config/env/ssl.sh" + [ "$CERT_BOT_ENABLED" = "true" ] || { export CERT_BOT_ENABLED="" && return 10; } + [ -n "$CERT_BOT_MAIL" ] || echo "The variable CERT_BOT_MAIL is not set" && return 1 + [ -n "$DOMAINNAME" ] || echo "The variable DOMAINNAME is not set" && return 1 + for domain in $$CERTBOT_DOMAINS; do + [ -n "$domain" ] && ADD_CERTBOT_DOMAINS="-d $domain " + done + certbot $options --agree-tos -m $CERT_BOT_MAIL certonly --webroot \ + -w "${WWW_ROOT_DIR:-/data/htdocs/www}" $ADD_CERTBOT_DOMAINS \ + --key-path "$SSL_KEY" --fullchain-path "$SSL_CERT" + statusCode=$? + fi + [ $statusCode -eq 0 ] && __update_ssl_certs + return $statusCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__create_ssl_cert() { + if ! __certbot create; then + [ -f "/config/env/ssl.sh" ] && . "/config/env/ssl.sh" + [ -n "$SSL_DIR" ] || { echo "SSL_DIR is unset" && return 1; } + [ -d "$SSL_DIR" ] || mkdir -p "$SSL_DIR" + if [ -n "$FORCE_SSL" ] || [ ! -f "$SSL_CERT" ] || [ ! -f "$SSL_KEY" ]; then + echo "Setting Country to $COUNTRY and Setting State/Province to $STATE and Setting City to $CITY" + echo "Setting OU to $UNIT and Setting ORG to $ORG and Setting server to $CN" + echo "All variables can be overwritten by creating a /config/.ssl.env and setting the variables there" + echo "Creating ssl key and certificate in $SSL_DIR and will be valid for $((VALID_FOR / 365)) year[s]" + # + openssl req \ + -new \ + -newkey rsa:$RSA \ + -days $VALID_FOR \ + -nodes \ + -x509 \ + -subj "/C=${COUNTRY// /\\ }/ST=${STATE// /\\ }/L=${CITY// /\\ }/O=${ORG// /\\ }/OU=${UNIT// /\\ }/CN=${CN// /\\ }" \ + -keyout "$SSL_KEY" \ + -out "$SSL_CERT" + fi + fi + if [ -f "$SSL_CERT" ] && [ -f "$SSL_KEY" ]; then + __update_ssl_certs + return 0 + else + return 2 + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__init_apache() { + local etc_dir="" conf_dir="" conf_dir="" www_dir="" apache_bin="" + etc_dir="/etc/${1:-apache2}" + conf_dir="/config/${1:-apache2}" + www_dir="${WWW_ROOT_DIR:-/data/htdocs}" + apache_bin="$(type -P 'httpd' || type -P 'apache2')" + # + return 0 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__init_nginx() { + local etc_dir="" conf_dir="" www_dir="" nginx_bin="" + etc_dir="/etc/${1:-nginx}" + conf_dir="/config/${1:-nginx}" + www_dir="${WWW_ROOT_DIR:-/data/htdocs}" + nginx_bin="$(type -P 'nginx')" + # + return 0 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__init_php() { + local etc_dir="/etc/${1:-php}" + local conf_dir="/config/${1:-php}" + local php_bin="${PHP_BIN_DIR:-$(__find_php_bin)}" + # + return 0 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__init_mysql() { + local db_dir="" etc_dir="" db_user="" conf_dir="" user_pass="" user_db="" root_pass="" mysqld_bin="" + db_dir="/data/db/mysql" + etc_dir="${home:-/etc/${1:-mysql}}" + db_user="${SERVICE_USER:-mysql}" + conf_dir="/config/${1:-mysql}" + user_pass="${MARIADB_PASSWORD:-$MARIADB_ROOT_PASSWORD}" + user_db="${MARIADB_DATABASE}" user_name="${MARIADB_USER:-root}" + root_pass="$MARIADB_ROOT_PASSWORD" + mysqld_bin="$(type -P 'mysqld')" + # + return 0 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__init_mongodb() { + local home="${MONGODB_CONFIG_FILE:-$(__find_mongodb_conf)}" + local user_pass="${MONGO_INITDB_ROOT_PASSWORD:-$_ROOT_PASSWORD}" + local user_name="${INITDB_ROOT_USERNAME:-root}" + # + return +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__init_postgres() { + local home="${PGSQL_CONFIG_FILE:-$(__find_pgsql_conf)}" + local user_pass="${POSTGRES_PASSWORD:-$POSTGRES_ROOT_PASSWORD}" + local user_name="${POSTGRES_USER:-root}" + # + return +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__init_couchdb() { + local home="${PGSQL_CONFIG_FILE:-$(__find_pgsql_conf)}" + local user_pass="${COUCHDB_PASSWORD:-$SET_RANDOM_PASS}" + local user_name="${COUCHDB_USER:-root}" + # + return +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Show available init functions +__init_help() { + echo ' +__certbot +__update_ssl_certs +__create_ssl_cert +' + return +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__run_once() { + if [ "$CONFIG_DIR_INITIALIZED" = "false" ] || [ "$DATA_DIR_INITIALIZED" = "false" ] || [ ! -f "/config/.docker_has_run" ]; then + return 0 + else + return 1 + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# run program ever n minutes +__cron() { + trap '[ -f "/run/cron/$cmd" ] && rm -Rf "/run/cron/$cmd";exit 0' SIGINT ERR EXIT + test -n "$1" && test -z "${1//[0-9]/}" && interval=$(($1 * 60)) && shift 1 || interval="5" + [ $# -eq 0 ] && echo "Usage: cron [interval] [command]" && exit 1 + command="$*" + cmd="$(echo "$command" | awk -F' ' '{print $1}')" + [ -d "/run/cron" ] || mkdir -p "/run/cron" + echo "$command" >"/run/cron/$cmd" + while :; do + eval "$command" + sleep $interval + [ -f "/run/cron/$cmd" ] || break + done |& tee /data/logs/entrypoint.log +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__replace() { + [ -f "$3" ] || return 1 + grep -s -qR "$1" "$3" &>/dev/null && __sed "$1" "$2" "$3" || return 0 + grep -s -qR "$2" "$3" && printf '%s\n' "Changed $1 to $2 in $3" && return 0 || { + printf '%s\n' "Failed to change $1 in $3" >&2 && return 2 + } +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__find_replace() { + [ -e "$3" ] || return 1 + grep -s -qR "$1" "$3" &>/dev/null || return 0 + find "$3" -type f -exec sed -i "|$1|$2|g" {} \; + grep -s -qR "$2" "$3" && printf '%s\n' "Changed $1 to $2 in $3" && return 0 || { + printf '%s\n' "Failed to change $1 in $3" >&2 && return 2 + } +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__file_copy() { + [ -e "$1" ] || return 1 + [ -n "$1" ] && [ -n "$2" ] && [ -e "$1" ] && cp -Rf "$1" "$2" &>/dev/null + [ -e "$1" ] && [ -e "$2" ] && printf '%s\n' "Copied: $1 > $2" && return 0 || { + printf '%s\n' "Copy failed: $1 < $2" >&2 && return 2 + } +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__create_service_user() { + local create_user="$1" + local create_home_dir="$2" + local create_gid="${USER_GID:-${USER_UID:-${3:-10000}}}" + local create_home_dir="${create_home_dir:-/home/$create_user}" set_home_dir="" + [ "$ENTRYPOINT_FIRST_RUN" = "no" ] || return 0 + [ -n "$SERVICE_USER" ] || [ "$SERVICE_USER" != "root" ] || return 0 + if ! grep -s -q "$create_user" "/etc/groups"; then + echo "creating system group $create_user" + addgroup -g $create_gid -S $create_user &>/dev/null + fi + if ! grep -s -q "$create_user" "/etc/passwd"; then + echo "creating system user $create_user" + adduser -u $create_gid -D -h "$create_home_dir" -g $create_user $create_user &>/dev/null + grep -q "$create_user" "/etc/passwd" "/etc/groups" && set_home_dir="$home_dir" && exitStatus=0 || exitStatus=1 + fi + [ $exitStatus -eq 0 ] && export WORKDIR="${set_home_dir:-}" + return $exitStatus +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__create_env() { + local dir="" + local envStatus=0 + local envFile=("${@:-}") + local sample_file="/usr/local/etc/docker/env/default.sample" + [ -f "$sample_file" ] || return 0 + for create_env in "/usr/local/etc/docker/env/default.sh" "${envFile[@]}"; do + dir="$(dirname "$create_env")" + [ -d "$dir" ] || mkdir -p "$dir" + if [ -n "$create_env" ] && [ ! -f "$create_env" ]; then + cat </dev/null +$(<"$sample_file") +EOF + fi + [ -f "$create_env" ] || envStatus=$((1 + envStatus)) + done + rm -f "$sample_file" + return $envStatus +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__exec_command() { + local arg=("$@") + local prog_bin="" + local exitCode="0" + local cmdExec="${arg:-}" + prog_bin="$(echo "${arg[@]}" | tr ' ' '\n' | grep -v '^$' | head -n1 || echo '')" + [ -n "$prog_bin" ] && prog="$(type -P "${prog_bin}" 2>/dev/null || echo ':ERROR:')" || prog="bash" + if [ -f "$prog" ]; then + echo "${exec_message:-Executing command: $cmdExec}" + eval $cmdExec || exitCode=1 + [ "$exitCode" = 0 ] || exitCode=10 + elif [ -f "$prog" ] && [ ! -x "$prog" ]; then + echo "$prog is not executable" + exitCode=4 + else + echo "$prog does not exist" + exitCode=5 + fi + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Setup the server init scripts +__start_init_scripts() { + [ "$1" = " " ] && shift 1 + [ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail + local basename="" + local init_pids="" + local init_dir="${1:-/usr/local/etc/docker/init.d}" + local init_count="$(ls -A "$init_dir"/* 2>/dev/null | grep -v '\.sample' | wc -l)" + mkdir -p "/tmp" "/run" "/run/init.d" + chmod -R 777 "/tmp" "/run" "/run/init.d" + if [ "$init_count" -eq 0 ] || [ ! -d "$init_dir" ]; then + mkdir -p "/data/logs/init" + while :; do echo "Running" >"/data/logs/init/keep_alive" && sleep 3600; done & + else + if [ -d "$init_dir" ]; then + chmod -Rf 755 "$init_dir/" + [ -f "$init_dir/service.sample" ] && rm -Rf "$init_dir/service.sample" + for init in "$init_dir"/*.sh; do + if [ -f "$init" ]; then + name="$(basename "$init")" + (eval "$init" &) + initStatus=$(($? + initStatus)) + sleep 10 + echo "" + fi + done + fi + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__setup_mta() { + [ -d "/etc/ssmtp" ] || [ -d "/etc/postfix" ] || return + if [ ! -d "/config/ssmtp" ] || [ ! -d "/config/postfix" ]; then + echo "Configuring smtp server" + fi + local exitCode=0 + local relay_port="${EMAIL_RELAY//*:/}" + local relay_server="${EMAIL_RELAY//:*/}" + local local_hostname="${FULL_DOMAIN_NAME:-}" + local account_user="${SERVER_ADMIN//@*/}" + local account_domain="${EMAIL_DOMAIN//*@/}" + echo "$EMAIL_RELAY" | grep '[0-9][0-9]' || relay_port="465" + ################# sSMTP relay setup + if [ -n "$(type -P 'ssmtp')" ]; then + [ -d "/config/ssmtp" ] || mkdir -p "/config/ssmtp" + [ -f "/etc/ssmtp/ssmtp.conf" ] && rm -Rf "/etc/ssmtp/ssmtp.conf" + if [ ! -f "/config/ssmtp/ssmtp.conf" ]; then + cat </dev/null +# ssmtp configuration. +root=${account_user:-root}@${account_domain:-$HOSTNAME} +mailhub=${relay_server:-172.17.0.1}:$relay_port +rewriteDomain=$local_hostname +hostname=$local_hostname +TLS_CA_FILE=/etc/ssl/certs/ca-certificates.crt +UseTLS=Yes +UseSTARTTLS=No +AuthMethod=LOGIN +FromLineOverride=yes +#AuthUser=username +#AuthPass=password + +EOF + fi + if [ -f "/config/ssmtp/ssmtp.conf" ]; then + cp -Rf "/config/ssmtp/." "/etc/ssmtp/" + echo "Done setting up ssmtp" + fi + + ################# postfix relay setup + elif [ -n "$(type -P 'postfix')" ]; then + [ -d "/config" ] || mkdir -p "/config" + [ -d "/etc/postfix" ] || mkdir -p "/etc/postfix" + [ -f "/etc/postfix/main.cf" ] && rm -Rf "/etc/postfix/main.cf" + if [ ! -f "/config/postfix/main.cf" ]; then + cat </dev/null +# postfix configuration. +smtpd_banner = \$myhostname ESMTP email server +compatibility_level = 2 +inet_protocols = ipv4 +inet_interfaces = all +mydestination = +local_transport=error: local delivery disabled +mynetworks = /etc/postfix/mynetworks +alias_maps = hash:/etc/postfix/aliases +alias_database = hash:/etc/postfix/aliases +transport_maps = hash:/etc/postfix/transport +virtual_alias_maps = hash:/etc/postfix/virtual +relay_domains = hash:/etc/postfix/mydomains, regexp:/etc/postfix/mydomains.pcre +tls_random_source = dev:/dev/urandom +smtp_use_tls = yes +smtpd_use_tls = yes +smtpd_tls_session_cache_database = btree:/etc/postfix/smtpd_scache +smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CBC3-SHA, KRB5-DES, CBC3-SHA +smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination +append_dot_mydomain = yes +myorigin = $local_hostname +myhostname = $local_hostname +relayhost = [$relay_server]:$relay_port + +EOF + fi + if [ -d "/config/postfix" ]; then + touch "/config/postfix/aliases" "/config/postfix/mynetworks" "/config/postfix/transport" + touch "/config/postfix/mydomains.pcre" "/config/postfix/mydomains" "/config/postfix/virtual" + postmap "/config/aliases" "/config/mynetworks" "/config/transport" &>/dev/null + postmap "/config/mydomains.pcre" "/config/mydomains" "/config/virtual" &>/dev/null + cp -Rf "/config/postfix/." "/etc/postfix/" + fi + if [ -f "/etc/postfix/main.cf" ] && [ ! -f "/run/init.d/postfix.pid" ]; then + SERVICES_LIST+="postfix " + if [ ! -f "/run/init.d/postfix.pid" ]; then + __exec_service postfix start + fi + echo "Done setting up postfix" + fi + fi + [ -f "/root/dead.letter" ] && rm -Rf "/root/dead.letter" + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set variables from function calls +SET_RANDOM_PASS="${SET_RANDOM_PASS:-$(__random_password 16)}" +CONTAINER_IP4_ADDRESS="${CONTAINER_IP4_ADDRESS:-$(__get_ip4)}" +CONTAINER_IP6_ADDRESS="${CONTAINER_IP6_ADDRESS:-$(__get_ip6)}" +PHP_INI_DIR="${PHP_INI_DIR:-$(__find_php_ini)}" +PHP_BIN_DIR="${PHP_BIN_DIR:-$(__find_php_bin)}" +HTTPD_CONFIG_FILE="${HTTPD_CONFIG_FILE:-$(__find_httpd_conf)}" +NGINX_CONFIG_FILE="${NGINX_CONFIG_FILE:-$(__find_nginx_conf)}" +LIGHTTPD_CONFIG_FILE="${LIGHTTPD_CONFIG_FILE:-$(__find_lighttpd_conf)}" +MARIADB_CONFIG_FILE="${MARIADB_CONFIG_FILE:-$(__find_mysql_conf)}" +POSTGRES_CONFIG_FILE="${POSTGRES_CONFIG_FILE:-$(__find_pgsql_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# export variables + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# export the functions +export -f __start_init_scripts +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# end of functions diff --git a/rootfs/usr/local/etc/docker/init.d/ntfy.sh b/rootfs/usr/local/etc/docker/init.d/ntfy.sh new file mode 100755 index 0000000..5b0519c --- /dev/null +++ b/rootfs/usr/local/etc/docker/init.d/ntfy.sh @@ -0,0 +1,457 @@ +#!/usr/bin/env bash +# shellcheck shell=bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202308182250-git +# @@Author : Jason Hempstead +# @@Contact : jason@casjaysdev.pro +# @@License : WTFPL +# @@ReadME : zz-default.sh --help +# @@Copyright : Copyright: (c) 2023 Jason Hempstead, Casjays Developments +# @@Created : Friday, Aug 18, 2023 22:50 EDT +# @@File : zz-default.sh +# @@Description : +# @@Changelog : New script +# @@TODO : Better documentation +# @@Other : +# @@Resource : +# @@Terminal App : no +# @@sudo/root : no +# @@Template : shell/zsh +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +printf '%s\n' "# - - - Initializing ntfy - - - #" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +SERVICE_NAME="ntfy" +SCRIPT_NAME="$(basename "$0" 2>/dev/null)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# run trap command on exit +trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import the functions file +if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then + . "/usr/local/etc/docker/functions/entrypoint.sh" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import variables +for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do + [ -f "$set_env" ] && . "$set_env" +done +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Custom functions + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Reset environment before executing service +RESET_ENV="yes" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Show message before execute +PRE_EXEC_MESSAGE="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Default predefined variables +WORKDIR="" # set working directory +DATA_DIR="/data" # set data directory +WWW_DIR="/data/htdocs/www" # set the web root +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +ETC_DIR="/etc/ntfy" # set etc directory +CONF_DIR="/config/ntfy" # set config directory +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +RUN_DIR="/run/init.d" # set scripts pid dir +LOG_DIR="/data/logs/ntfy" # set log directory +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user +USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set the database directory +DATABASE_DIR="${DATABASE_DIR_NTFY:-/data/db/ntfy}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional predefined variables + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# port which service is listening on +SERVICE_PORT="80" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# execute command variables +SERVICE_UID="0" # set the user id +SERVICE_USER="root" # execute command as another user +EXEC_CMD_BIN="ntfy" # command to execute +EXEC_CMD_ARGS="serve" # command arguments +EXEC_PRE_SCRIPT="" # execute script before +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Is this service a web server +IS_WEB_SERVER="no" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Is this service a database server +IS_DATABASE_SERVICE="yes" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional variables + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# usernames +user_name="${NTFY_USER_NAME:-}" # normal user name +root_user_name="${NTFY_ROOT_USER_NAME:-}" # root user name +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# passwords [password/random] +user_pass="${NTFY_USER_PASS_WORD:-}" # normal user password +root_user_pass="${NTFY_ROOT_PASS_WORD:-}" # root user password +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Overwrite variables from files +[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")" +[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")" +[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")" +[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Specifiy custom directories to be created +ADD_APPLICATION_FILES="" +ADD_APPLICATION_DIRS="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +APPLICATION_FILES="$LOG_DIR/ntfy.log" +APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# define variables that need to be loaded into the service - escape quotes - var=\"value\",other=\"test\" +CMD_ENV="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# use this function to update config files - IE: change port +__update_conf_files() { + local exitCode=0 # default exit code + local user="${SERVICE_USER:-root}" # specifiy different user + + # delete files + #__rm "" + + # define actions + + # create default directories + for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do + if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then + ( + echo "Creating directory $filedirs with permissions 777" + mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs" + ) |& tee -a "$LOG_DIR/init.txt" &>/dev/null + fi + done + # create default files + for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do + if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then + ( + echo "Creating file $application_files with permissions 777" + touch "$application_files" && chmod -Rf 777 "$application_files" + ) |& tee -a "$LOG_DIR/init.txt" &>/dev/null + fi + done + # create directories if variable is yes" + [ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; } + [ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; } + # copy config files to system + __file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null + # replace variables + # __replace "" "" "$CONF_DIR/ntfy.conf" + # replace variables recursively + # __find_replace "" "" "$CONF_DIR/" + # custom commands + + # other + + # unset unneeded variables + unset application_files filedirs + + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# function to run before executing +__pre_execute() { + local exitCode=0 # default exit code + local user="${SERVICE_USER:-root}" # specifiy different user + # define commands + + # execute if directories is empty + #__is_dir_empty "" && true || false + + # create user if needed + # __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}" + # set user on files/folders + if [ -n "$user" ] && [ "$user" != "root" ]; then + if grep -s -q "$user:" "/etc/passwd"; then + for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do + if [ -n "$permissions" ] && [ -e "$permissions" ]; then + (chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null + fi + done + fi + fi + + # unset unneeded variables + unset filesperms filename + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# function to run after executing +__post_execute() { + local exitCode=0 # default exit code + local user="${SERVICE_USER:-root}" # specifiy different user + sleep 60 # how long to wait before executing + echo "Running post commands" # message + # execute commands + + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# use this function to update config files - IE: change port +__pre_message() { + local exitCode=0 + [ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name" + [ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" + [ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" + [ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" + + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# use this function to setup ssl support +__update_ssl_conf() { + local exitCode=0 + + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__create_env() { + cat </dev/null +# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory +# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir +# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir +# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir +# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir +# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir +# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user +# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id +# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on +# EXEC_PRE_SCRIPT="${ENV_EXEC_PRE_SCRIPT:-$EXEC_PRE_SCRIPT}" # execute before commands +# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute +# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments +# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name +# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" # +# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" # +# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" # +# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" # + +EOF + [ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# script to start server +__run_start_script() { + local user="${SERVICE_USER:-root}" + local cmd="${EXEC_CMD_BIN:-}" + local args="${EXEC_CMD_ARGS:-}" + local name="${EXEC_CMD_NAME:-}" + local pre="${EXEC_PRE_SCRIPT:-}" + local workdir="${WORKDIR:-$WORK_DIR}" + local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}" + local home="${workdir//\/root/\/tmp\/docker}" + local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin" + local message="" + if [ -z "$cmd" ]; then + __post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null + echo "Initializing $SCRIPT_NAME has completed" + else + # ensure the command exists + if [ ! -x "$cmd" ]; then + echo "$name is not a valid executable" + exit 2 + fi + # set working directories + [ -z "$home" ] && home="${workdir:-/tmp/docker}" + [ "$home" = "/root" ] && home="/tmp/docker" + [ "$home" = "$workdir" ] && workdir="" + # create needed directories + [ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; } + [ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; } + [ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp" + [ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home" + [ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir" + # check and exit if already running + if __proc_check "$name" || __proc_check "$cmd"; then + echo "$name is already running" >&2 + exit 0 + else + if [ -n "$pre" ] && [ -f "$pre" ]; then + cmd_exec="$pre $cmd $args" + message="Starting service: $name $args through $pre" + else + cmd_exec="$cmd $args" + message="Starting service: $name $args" + fi + echo "$message" + su_cmd touch "$SERVICE_PID_FILE" + __post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null & + if [ "$RESET_ENV" = "yes" ]; then + su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" ${CMD_ENV//,/ } sh -c "$cmd_exec" || return 10 + else + eval "$cmd_exec" || return 10 + fi + fi + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# username and password actions +__run_secure_function() { + if [ -n "$user_name" ] || [ -n "$user_pass" ]; then + for filesperms in "${USER_FILE_PREFIX}"/*; do + if [ -e "$filesperms" ]; then + chmod -Rf 600 "$filesperms" + chown -Rf root:root "$filesperms" + fi + done |& tee -a "$LOG_DIR/init.txt" &>/dev/null + fi + if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then + for filesperms in "${ROOT_FILE_PREFIX}"/*; do + if [ -e "$filesperms" ]; then + chmod -Rf 600 "$filesperms" + chown -Rf root:root "$filesperms" + fi + done |& tee -a "$LOG_DIR/init.txt" &>/dev/null + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# simple cd function +__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# process check functions +__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; } +__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# check if process is already running +__proc_check() { + cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")" + cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")" + if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then + SERVICE_IS_RUNNING="true" + touch "$SERVICE_PID_FILE" + echo "$cmd_name is already running" + return 0 + else + return 1 + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow ENV_ variable - Import env file +[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +SERVICE_EXIT_CODE=0 # default exit code +WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory +WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir +ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir +DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir +CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir +DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir +SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user +SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id +SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on +PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# application specific +EXEC_PRE_SCRIPT="${ENV_EXEC_PRE_SCRIPT:-$EXEC_PRE_SCRIPT}" # Pre +EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute +EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name +SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location +EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments +SERVICE_PID_NUMBER="$(__pgrep)" # check if running +EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path +EXEC_PRE_SCRIPT="$(type -P "$EXEC_PRE_SCRIPT" || echo "$EXEC_PRE_SCRIPT")" # set full path +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create auth directories +[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; } +[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ "$IS_WEB_SERVER" = "yes" ] && RESET_ENV="yes" +[ "$IS_DATABASE_SERVICE" = "yes" ] && RESET_ENV="no" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow per init script usernames and passwords +[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")" +[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")" +[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")" +[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow setting initial users and passwords via environment +user_name="${user_name:-$ENV_USER_NAME}" +user_pass="${user_pass:-$ENV_USER_PASS}" +root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}" +root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set password to random if variable is random +if [ "$user_pass" = "random" ]; then + user_pass="$(__random_password)" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ "$root_user_pass" = "random" ]; then + root_user_pass="$(__random_password)" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow variables via imports - Overwrite existing +[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Only run check +if [ "$1" = "check" ]; then + __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN" + exit $? +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# show message if env exists +if [ -n "$EXEC_CMD_BIN" ]; then + [ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root" + [ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT="" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set switch user command +if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then + su_cmd() { eval "$*" || return 1; } +elif [ "$(builtin type -P gosu)" ]; then + su_cmd() { gosu $SERVICE_USER "$@" || return 1; } +elif [ "$(builtin type -P runuser)" ]; then + su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; } +elif [ "$(builtin type -P sudo)" ]; then + su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; } +elif [ "$(builtin type -P su)" ]; then + su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; } +else + echo "Can not switch to $SERVICE_USER: attempting to run as root" + su_cmd() { eval "$*" || return 1; } +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Change to working directory +[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# show init message +__pre_message +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Initialize ssl +__update_ssl_conf +__update_ssl_certs +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Updating config files +__create_env +__update_conf_files +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# run the pre execute commands +[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE" +__pre_execute +__run_secure_function +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null +if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then + echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt" + SERVICE_EXIT_CODE=10 + SERVICE_IS_RUNNING="false" + rm -Rf "$SERVICE_PID_FILE" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit $SERVICE_EXIT_CODE diff --git a/rootfs/usr/local/share/template-files/config/env/default.sample b/rootfs/usr/local/share/template-files/config/env/default.sample new file mode 100644 index 0000000..b888a70 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/default.sample @@ -0,0 +1,136 @@ +#!/usr/bin/env bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import the functions file +if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then + . "/usr/local/etc/docker/functions/entrypoint.sh" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# GLOBAL enviroment variables +USER="${USER:-root}" +LANG="${LANG:-C.UTF-8}" +TZ="${TZ:-America/New_York}" +SERVICE_USER="${SERVICE_USER:-root}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# directory settings +BACKUP_DIR="${BACKUP_DIR:-/data/backups}" +WWW_ROOT_DIR="${WWW_ROOT_DIR:-/data/htdocs}" +LOCAL_BIN_DIR="${LOCAL_BIN_DIR:-/usr/local/bin}" +DATABASE_BASE_DIR="${DATABASE_BASE_DIR:-/data/db}" +DEFAULT_DATA_DIR="${DEFAULT_DATA_DIR:-/usr/local/share/template-files/data}" +DEFAULT_CONF_DIR="${DEFAULT_CONF_DIR:-/usr/local/share/template-files/config}" +DEFAULT_TEMPLATE_DIR="${DEFAULT_TEMPLATE_DIR:-/usr/local/share/template-files/defaults}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# healthcheck +HEALTH_ENABLED="${HEALTH_ENABLED:-}" +HEALTH_URL="${HEALTH_URL:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# php settings +PHP_VERSION="${PHP_VERSION//php/}" +PHP_INI_DIR="${PHP_INI_DIR:-$(__find_php_ini)}" +PHP_BIN_DIR="${PHP_BIN_DIR:-$(__find_php_bin)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# services/ports +ENV_PORTS="${ENV_PORTS:-}" +SERVICE_PORT="${SERVICE_PORT:-$PORT}" +WEB_SERVER_PORTS="${WEB_SERVER_PORTS:-}" +SERVICES_LIST="${PROCS_LIST:-$SERVICES_LIST} " +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# networing info +HOSTNAME="${HOSTNAME:-casjaysdev-GEN_SCRIPT_REPLACE_APPNAME}" +DOMAINNAME="${DOMAINNAME:-}" +FULL_DOMAIN_NAME="${FULL_DOMAIN_NAME:-${DOMAINNAME:-$HOSTNAME}}" +SERVER_ADMIN="${SERVER_ADMIN:-root@${EMAIL_DOMAIN:-$DOMAINNAME}}" +EMAIL_RELAY="${EMAIL_RELAY:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# get ip addresses +CONTAINER_IP4_ADDRESS="${CONTAINER_IP4_ADDRESS:-$(__get_ip4)}" +CONTAINER_IP6_ADDRESS="${CONTAINER_IP6_ADDRESS:-$(__get_ip6)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# cerbot +CERT_BOT_MAIL="${CERT_BOT_MAIL:-}" +CERTBOT_DOMAINS="${CERTBOT_DOMAINS:-}" +CERT_BOT_ENABLED="${CERT_BOT_ENABLED:-false}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# ssl server settings +SSL_ENABLED="${SSL_ENABLED:-false}" +SSL_DIR="${SSL_DIR:-/config/ssl}" +SSL_CA="${SSL_CA:-$SSL_DIR/ca.crt}" +SSL_KEY="${SSL_KEY:-$SSL_DIR/server.key}" +SSL_CERT="${SSL_CERT:-$SSL_DIR/server.crt}" +SSL_CONTAINER_DIR="${SSL_CONTAINER_DIR:-/etc/ssl/CA}" +COUNTRY="${COUNTRY:-US}" +STATE="${STATE:-NY}" +CITY="${CITY:-Albany}" +UNIT="${UNIT:-CasjaysDev}" +ORG="${ORG:-"Casjays Developments"}" +DAYS_VALID="${DAYS_VALID:-3650}" +RSA="${RSA:-4096}" +CN="${CN:-$FULL_DOMAIN_NAME}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# web server configs +HTTPD_CONFIG_FILE="${HTTPD_CONFIG_FILE:-$(__find_httpd_conf)}" +NGINX_CONFIG_FILE="${NGINX_CONFIG_FILE:-$(__find_nginx_conf)}" +LIGHTTPD_CONFIG_FILE="${LIGHTTPD_CONFIG_FILE:-$(__find_lighttpd_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# redis env +DATABASE_DIR_REDIS="${DATABASE_DIR_REDIS:-$DATABASE_BASE_DIR/redis}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# postgresql env +DATABASE_DIR_PGSQL="${DATABASE_DIR_PGSQL:-$PGDATA}" +PGDATA="${DATABASE_DIR_PGSQL:-$DATABASE_BASE_DIR/pgsql}" +POSTGRES_USER="${DATABASE_USER_ROOT:-$POSTGRES_USER}" +POSTGRES_PASSWORD="${DATABASE_PASS_ROOT:-$POSTGRES_PASSWORD}" +POSTGRES_CONFIG_FILE="${POSTGRES_CONFIG_FILE:-$(__find_pgsql_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# mariadb env +MARIADB_ROOT_HOST="${MARIADB_ROOT_HOST:-%}" +MARIADB_AUTO_UPGRADE="${MARIADB_AUTO_UPGRADE:-yes}" +MARIADB_DATABASE="${DATABASE_CREATE:-$MARIADB_DATABASE}" +MARIADB_USER="${DATABASE_USER_NORMAL:-$MARIADB_USER}" +MARIADB_PASSWORD="${DATABASE_PASS_NORMAL:-$MARIADB_PASSWORD}" +DATABASE_DIR_MARIADB="${DATABASE_DIR_MARIADB:-$DATABASE_BASE_DIR/mysql}" +MARIADB_ROOT_PASSWORD="${DATABASE_PASS_ROOT:-$MARIADB_ROOT_PASSWORD}" +MARIADB_ALLOW_EMPTY_ROOT_PASSWORD="${MARIADB_ALLOW_EMPTY_ROOT_PASSWORD:-}" +MARIADB_INITDB_SKIP_TZINFO="${MARIADB_INITDB_SKIP_TZINFO}:-" +MARIADB_RANDOM_ROOT_PASSWORD="${MARIADB_RANDOM_ROOT_PASSWORD:-}" +MARIADB_CONFIG_FILE="${MARIADB_CONFIG_FILE:-$(__find_mysql_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# mongodb env +NITDB_ROOT_USERNAME="${DATABASE_USER_ROOT:-$NITDB_ROOT_USERNAME}" +DATABASE_DIR_MONGODB="${DATABASE_DIR_MONGODB:-$DATABASE_BASE_DIR/mongodb}" +MONGO_INITDB_ROOT_PASSWORD="${DATABASE_PASS_ROOT:-$MONGO_INITDB_ROOT_PASSWORD}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# couchdb env +NODENAME="${NODENAME:-}" +COUCHDB_USER="${DATABASE_USER_ROOT:-$COUCHDB_USER}" +COUCHDB_PASSWORD="${DATABASE_PASS_ROOT:-$COUCHDB_PASSWORD}" +DATABASE_DIR_COUCHDB="${DATABASE_DIR_COUCHDB:-$DATABASE_BASE_DIR/couchdb}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Supabase +DATABASE_DIR_SUPABASE="${DATABASE_DIR_SUPABASE:-$DATABASE_BASE_DIR/supabase}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# docker env +DOCKER_HOST="unix://var/run/docker.sock" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# File locations +ENTRYPOINT_PID_FILE="${ENTRYPOINT_PID_FILE:-/run/init.d/entrypoint.pid}" +ENTRYPOINT_INIT_FILE="${ENTRYPOINT_INIT_FILE:-/config/.entrypoint.done}" +ENTRYPOINT_DATA_INIT_FILE="${ENTRYPOINT_DATA_INIT_FILE:-/data/.docker_has_run}" +ENTRYPOINT_CONFIG_INIT_FILE="${ENTRYPOINT_CONFIG_INIT_FILE:-/config/.docker_has_run}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Startup variables +INIT_DATE="${INIT_DATE:-$(date)}" +START_SERVICES="${START_SERVICES:-yes}" +ENTRYPOINT_MESSAGE="${ENTRYPOINT_MESSAGE:-yes}" +ENTRYPOINT_FIRST_RUN="${ENTRYPOINT_FIRST_RUN:-yes}" +DATA_DIR_INITIALIZED="${DATA_DIR_INITIALIZED:-false}" +CONFIG_DIR_INITIALIZED="${CONFIG_DIR_INITIALIZED:-false}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ -f "$ENTRYPOINT_PID_FILE" ] || [ -f "$ENTRYPOINT_INIT_FILE" ]; + then START_SERVICES="no" ENTRYPOINT_MESSAGE="no" ENTRYPOINT_FIRST_RUN="no" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + diff --git a/rootfs/usr/local/share/template-files/config/ntfy/.env.ntfy b/rootfs/usr/local/share/template-files/config/ntfy/.env.ntfy new file mode 100644 index 0000000..b1aa408 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/ntfy/.env.ntfy @@ -0,0 +1,73 @@ +# from https://docs.ntfy.sh/config/#command-line-options + +NTFY_DEBUG="" +NTFY_TRACE="" +NTFY_NO_LOG_DATES="" +NTFY_LOG_LEVEL="" +NTFY_LOG_LEVEL_OVERRIDES="" +NTFY_LOG_FORMAT="" +NTFY_LOG_FILE="" +NTFY_CONFIG_FILE="" +NTFY_BASE_URL="$HOSTNAME" +NTFY_LISTEN_HTTP="" +NTFY_LISTEN_HTTPS="" +NTFY_LISTEN_UNIX="" +NTFY_LISTEN_UNIX_MODE="" +NTFY_KEY_FILE="" +NTFY_CERT_FILE="" +NTFY_FIREBASE_KEY_FILE="" +NTFY_CACHE_FILE="$DATABASE_BASE_DIR/ntfy/cache.db" +NTFY_CACHE_DURATION="" +NTFY_BATCH_SIZE="" +NTFY_CACHE_BATCH_TIMEOUT="" +NTFY_CACHE_STARTUP_QUERIES="" +NTFY_AUTH_FILE="$DATABASE_BASE_DIR/ntfy/auth.db" +NTFY_AUTH_STARTUP_QUERIES="" +NTFY_AUTH_DEFAULT_ACCESS="" +NTFY_ATTACHMENT_CACHE_DIR="" +NTFY_ATTACHMENT_TOTAL_SIZE_LIMIT="" +NTFY_ATTACHMENT_FILE_SIZE_LIMIT="" +NTFY_ATTACHMENT_EXPIRY_DURATION="" +NTFY_KEEPALIVE_INTERVAL="" +NTFY_MANAGER_INTERVAL="" +NTFY_DISALLOWED_TOPICS="" +NTFY_WEB_ROOT="" +NTFY_ENABLE_SIGNUP="true" +NTFY_ENABLE_LOGIN="true" +NTFY_ENABLE_RESERVATIONS="" +NTFY_UPSTREAM_BASE_URL="" +NTFY_UPSTREAM_ACCESS_TOKEN="" +NTFY_SMTP_SENDER_ADDR="" +NTFY_SMTP_SENDER_USER="" +NTFY_SMTP_SENDER_PASS="" +NTFY_SMTP_SENDER_FROM="" +NTFY_SMTP_SERVER_LISTEN="" +NTFY_SMTP_SERVER_DOMAIN="" +NTFY_SMTP_SERVER_ADDR_PREFIX="" +NTFY_TWILIO_ACCOUNT="" +NTFY_TWILIO_AUTH_TOKEN="" +NTFY_TWILIO_PHONE_NUMBER="" +NTFY_TWILIO_VERIFY_SERVICE="" +NTFY_GLOBAL_TOPIC_LIMIT="" +NTFY_VISITOR_SUBSCRIPTION_LIMIT="" +NTFY_VISITOR_ATTACHMENT_TOTAL_SIZE_LIMIT="" +NTFY_VISITOR_ATTACHMENT_DAILY_BANDWIDTH_LIMIT="" +NTFY_VISITOR_REQUEST_LIMIT_BURST="" +NTFY_VISITOR_REQUEST_LIMIT_REPLENISH="" +NTFY_VISITOR_REQUEST_LIMIT_EXEMPT_HOSTS="" +NTFY_VISITOR_MESSAGE_DAILY_LIMIT="" +NTFY_VISITOR_EMAIL_LIMIT_BURST="" +NTFY_VISITOR_EMAIL_LIMIT_REPLENISH="" +NTFY_VISITOR_SUBSCRIBER_RATE_LIMITING="" +NTFY_BEHIND_PROXY="" +NTFY_STRIPE_SECRET_KEY="" +NTFY_STRIPE_WEBHOOK_KEY="" +NTFY_BILLING_CONTACT="" +NTFY_ENABLE_METRICS="" +NTFY_METRICS_LISTEN_HTTP="" +NTFY_PROFILE_LISTEN_HTTP="" +NTFY_WEB_PUSH_PUBLIC_KEY="" +NTFY_WEB_PUSH_PRIVATE_KEY="" +NTFY_WEB_PUSH_FILE="" +NTFY_WEB_PUSH_EMAIL_ADDRESS="" +NTFY_WEB_PUSH_STARTUP_QUERIES="" diff --git a/rootfs/usr/local/share/template-files/config/ntfy/client.yml b/rootfs/usr/local/share/template-files/config/ntfy/client.yml new file mode 100644 index 0000000..ebf4c28 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/ntfy/client.yml @@ -0,0 +1,57 @@ +# ntfy client config file + +# Base URL used to expand short topic names in the "ntfy publish" and "ntfy subscribe" commands. +# If you self-host a ntfy server, you'll likely want to change this. +# +# default-host: https://ntfy.sh + +# Default credentials will be used with "ntfy publish" and "ntfy subscribe" if no other credentials are provided. +# You can set a default token to use or a default user:password combination, but not both. For an empty password, +# use empty double-quotes (""). +# +# To override the default user:password combination or default token for a particular subscription (e.g., to send +# no Authorization header), set the user:pass/token for the subscription to empty double-quotes (""). + +# default-token: + +# default-user: +# default-password: + +# Default command will execute after "ntfy subscribe" receives a message if no command is provided in subscription below +# default-command: + +# Subscriptions to topics and their actions. This option is primarily used by the systemd service, +# or if you cann "ntfy subscribe --from-config" directly. +# +# Example: +# subscribe: +# - topic: mytopic +# command: /usr/local/bin/mytopic-triggered.sh +# - topic: myserver.com/anothertopic +# command: 'echo "$message"' +# if: +# priority: high,urgent +# - topic: secret +# command: 'notify-send "$m"' +# user: phill +# password: mypass +# - topic: token_topic +# token: tk_AgQdq7mVBoFD37zQVN29RhuMzNIz2 +# +# Variables: +# Variable Aliases Description +# --------------- --------------------- ----------------------------------- +# $NTFY_ID $id Unique message ID +# $NTFY_TIME $time Unix timestamp of the message delivery +# $NTFY_TOPIC $topic Topic name +# $NTFY_MESSAGE $message, $m Message body +# $NTFY_TITLE $title, $t Message title +# $NTFY_PRIORITY $priority, $prio, $p Message priority (1=min, 5=max) +# $NTFY_TAGS $tags, $tag, $ta Message tags (comma separated list) +# $NTFY_RAW $raw Raw JSON message +# +# Filters ('if:'): +# You can filter 'message', 'title', 'priority' (comma-separated list, logical OR) +# and 'tags' (comma-separated list, logical AND). See https://ntfy.sh/docs/subscribe/api/#filter-messages. +# +# subscribe: diff --git a/rootfs/usr/local/share/template-files/config/ntfy/server.yml b/rootfs/usr/local/share/template-files/config/ntfy/server.yml new file mode 100644 index 0000000..b044a91 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/ntfy/server.yml @@ -0,0 +1,363 @@ +# ntfy server config file +# +# Please refer to the documentation at https://ntfy.sh/docs/config/ for details. +# All options also support underscores (_) instead of dashes (-) to comply with the YAML spec. + +# Public facing base URL of the service (e.g. https://ntfy.sh or https://ntfy.example.com) +# +# This setting is required for any of the following features: +# - attachments (to return a download URL) +# - e-mail sending (for the topic URL in the email footer) +# - iOS push notifications for self-hosted servers (to calculate the Firebase poll_request topic) +# - Matrix Push Gateway (to validate that the pushkey is correct) +# +# base-url: + +# Listen address for the HTTP & HTTPS web server. If "listen-https" is set, you must also +# set "key-file" and "cert-file". Format: []:, e.g. "1.2.3.4:8080". +# +# To listen on all interfaces, you may omit the IP address, e.g. ":443". +# To disable HTTP, set "listen-http" to "-". +# +# listen-http: ":80" +# listen-https: + +# Listen on a Unix socket, e.g. /var/lib/ntfy/ntfy.sock +# This can be useful to avoid port issues on local systems, and to simplify permissions. +# +# listen-unix: +# listen-unix-mode: + +# Path to the private key & cert file for the HTTPS web server. Not used if "listen-https" is not set. +# +# key-file: +# cert-file: + +# If set, also publish messages to a Firebase Cloud Messaging (FCM) topic for your app. +# This is optional and only required to save battery when using the Android app. +# +# firebase-key-file: + +# If "cache-file" is set, messages are cached in a local SQLite database instead of only in-memory. +# This allows for service restarts without losing messages in support of the since= parameter. +# +# The "cache-duration" parameter defines the duration for which messages will be buffered +# before they are deleted. This is required to support the "since=..." and "poll=1" parameter. +# To disable the cache entirely (on-disk/in-memory), set "cache-duration" to 0. +# The cache file is created automatically, provided that the correct permissions are set. +# +# The "cache-startup-queries" parameter allows you to run commands when the database is initialized, +# e.g. to enable WAL mode (see https://phiresky.github.io/blog/2020/sqlite-performance-tuning/)). +# Example: +# cache-startup-queries: | +# pragma journal_mode = WAL; +# pragma synchronous = normal; +# pragma temp_store = memory; +# pragma busy_timeout = 15000; +# vacuum; +# +# The "cache-batch-size" and "cache-batch-timeout" parameter allow enabling async batch writing +# of messages. If set, messages will be queued and written to the database in batches of the given +# size, or after the given timeout. This is only required for high volume servers. +# +# Debian/RPM package users: +# Use /var/cache/ntfy/cache.db as cache file to avoid permission issues. The package +# creates this folder for you. +# +# Check your permissions: +# If you are running ntfy with systemd, make sure this cache file is owned by the +# ntfy user and group by running: chown ntfy.ntfy . +# +# cache-file: +# cache-duration: "12h" +# cache-startup-queries: +# cache-batch-size: 0 +# cache-batch-timeout: "0ms" + +# If set, access to the ntfy server and API can be controlled on a granular level using +# the 'ntfy user' and 'ntfy access' commands. See the --help pages for details, or check the docs. +# +# - auth-file is the SQLite user/access database; it is created automatically if it doesn't already exist +# - auth-default-access defines the default/fallback access if no access control entry is found; it can be +# set to "read-write" (default), "read-only", "write-only" or "deny-all". +# - auth-startup-queries allows you to run commands when the database is initialized, e.g. to enable +# WAL mode. This is similar to cache-startup-queries. See above for details. +# +# Debian/RPM package users: +# Use /var/lib/ntfy/user.db as user database to avoid permission issues. The package +# creates this folder for you. +# +# Check your permissions: +# If you are running ntfy with systemd, make sure this user database file is owned by the +# ntfy user and group by running: chown ntfy.ntfy . +# +# auth-file: +# auth-default-access: "read-write" +# auth-startup-queries: + +# If set, the X-Forwarded-For header is used to determine the visitor IP address +# instead of the remote address of the connection. +# +# WARNING: If you are behind a proxy, you must set this, otherwise all visitors are rate limited +# as if they are one. +# +# behind-proxy: false + +# If enabled, clients can attach files to notifications as attachments. Minimum settings to enable attachments +# are "attachment-cache-dir" and "base-url". +# +# - attachment-cache-dir is the cache directory for attached files +# - attachment-total-size-limit is the limit of the on-disk attachment cache directory (total size) +# - attachment-file-size-limit is the per-file attachment size limit (e.g. 300k, 2M, 100M) +# - attachment-expiry-duration is the duration after which uploaded attachments will be deleted (e.g. 3h, 20h) +# +# attachment-cache-dir: +# attachment-total-size-limit: "5G" +# attachment-file-size-limit: "15M" +# attachment-expiry-duration: "3h" + +# If enabled, allow outgoing e-mail notifications via the 'X-Email' header. If this header is set, +# messages will additionally be sent out as e-mail using an external SMTP server. +# +# As of today, only SMTP servers with plain text auth (or no auth at all), and STARTLS are supported. +# Please also refer to the rate limiting settings below (visitor-email-limit-burst & visitor-email-limit-burst). +# +# - smtp-sender-addr is the hostname:port of the SMTP server +# - smtp-sender-from is the e-mail address of the sender +# - smtp-sender-user/smtp-sender-pass are the username and password of the SMTP user (leave blank for no auth) +# +# smtp-sender-addr: +# smtp-sender-from: +# smtp-sender-user: +# smtp-sender-pass: + +# If enabled, ntfy will launch a lightweight SMTP server for incoming messages. Once configured, users can send +# emails to a topic e-mail address to publish messages to a topic. +# +# - smtp-server-listen defines the IP address and port the SMTP server will listen on, e.g. :25 or 1.2.3.4:25 +# - smtp-server-domain is the e-mail domain, e.g. ntfy.sh +# - smtp-server-addr-prefix is an optional prefix for the e-mail addresses to prevent spam. If set to "ntfy-", +# for instance, only e-mails to ntfy-$topic@ntfy.sh will be accepted. If this is not set, all emails to +# $topic@ntfy.sh will be accepted (which may obviously be a spam problem). +# +# smtp-server-listen: +# smtp-server-domain: +# smtp-server-addr-prefix: + +# Web Push support (background notifications for browsers) +# +# If enabled, allows ntfy to receive push notifications, even when the ntfy web app is closed. When enabled, users +# can enable background notifications in the web app. Once enabled, ntfy will forward published messages to the push +# endpoint, which will then forward it to the browser. +# +# You must configure web-push-public/private key, web-push-file, and web-push-email-address below to enable Web Push. +# Run "ntfy webpush keys" to generate the keys. +# +# - web-push-public-key is the generated VAPID public key, e.g. AA1234BBCCddvveekaabcdfqwertyuiopasdfghjklzxcvbnm1234567890 +# - web-push-private-key is the generated VAPID private key, e.g. AA2BB1234567890abcdefzxcvbnm1234567890 +# - web-push-file is a database file to keep track of browser subscription endpoints, e.g. `/var/cache/ntfy/webpush.db` +# - web-push-email-address is the admin email address send to the push provider, e.g. `sysadmin@example.com` +# - web-push-startup-queries is an optional list of queries to run on startup` +# +# web-push-public-key: +# web-push-private-key: +# web-push-file: +# web-push-email-address: +# web-push-startup-queries: + +# If enabled, ntfy can perform voice calls via Twilio via the "X-Call" header. +# +# - twilio-account is the Twilio account SID, e.g. AC12345beefbeef67890beefbeef122586 +# - twilio-auth-token is the Twilio auth token, e.g. affebeef258625862586258625862586 +# - twilio-phone-number is the outgoing phone number you purchased, e.g. +18775132586 +# - twilio-verify-service is the Twilio Verify service SID, e.g. VA12345beefbeef67890beefbeef122586 +# +# twilio-account: +# twilio-auth-token: +# twilio-phone-number: +# twilio-verify-service: + +# Interval in which keepalive messages are sent to the client. This is to prevent +# intermediaries closing the connection for inactivity. +# +# Note that the Android app has a hardcoded timeout at 77s, so it should be less than that. +# +# keepalive-interval: "45s" + +# Interval in which the manager prunes old messages, deletes topics +# and prints the stats. +# +# manager-interval: "1m" + +# Defines topic names that are not allowed, because they are otherwise used. There are a few default topics +# that cannot be used (e.g. app, account, settings, ...). To extend the default list, define them here. +# +# Example: +# disallowed-topics: +# - about +# - pricing +# - contact +# +# disallowed-topics: + +# Defines the root path of the web app, or disables the web app entirely. +# +# Can be any simple path, e.g. "/", "/app", or "/ntfy". For backwards-compatibility reasons, +# the values "app" (maps to "/"), "home" (maps to "/app"), or "disable" (maps to "") to disable +# the web app entirely. +# +# web-root: / + +# Various feature flags used to control the web app, and API access, mainly around user and +# account management. +# +# - enable-signup allows users to sign up via the web app, or API +# - enable-login allows users to log in via the web app, or API +# - enable-reservations allows users to reserve topics (if their tier allows it) +# +# enable-signup: false +# enable-login: false +# enable-reservations: false + +# Server URL of a Firebase/APNS-connected ntfy server (likely "https://ntfy.sh"). +# +# iOS users: +# If you use the iOS ntfy app, you MUST configure this to receive timely notifications. You'll like want this: +# upstream-base-url: "https://ntfy.sh" +# +# If set, all incoming messages will publish a "poll_request" message to the configured upstream server, containing +# the message ID of the original message, instructing the iOS app to poll this server for the actual message contents. +# This is to prevent the upstream server and Firebase/APNS from being able to read the message. +# +# - upstream-base-url is the base URL of the upstream server. Should be "https://ntfy.sh". +# - upstream-access-token is the token used to authenticate with the upstream server. This is only required +# if you exceed the upstream rate limits, or the uptream server requires authentication. +# +# upstream-base-url: +# upstream-access-token: + +# Rate limiting: Total number of topics before the server rejects new topics. +# +# global-topic-limit: 15000 + +# Rate limiting: Number of subscriptions per visitor (IP address) +# +# visitor-subscription-limit: 30 + +# Rate limiting: Allowed GET/PUT/POST requests per second, per visitor: +# - visitor-request-limit-burst is the initial bucket of requests each visitor has +# - visitor-request-limit-replenish is the rate at which the bucket is refilled +# - visitor-request-limit-exempt-hosts is a comma-separated list of hostnames, IPs or CIDRs to be +# exempt from request rate limiting. Hostnames are resolved at the time the server is started. +# Example: "1.2.3.4,ntfy.example.com,8.7.6.0/24" +# +# visitor-request-limit-burst: 60 +# visitor-request-limit-replenish: "5s" +# visitor-request-limit-exempt-hosts: "" + +# Rate limiting: Hard daily limit of messages per visitor and day. The limit is reset +# every day at midnight UTC. If the limit is not set (or set to zero), the request +# limit (see above) governs the upper limit. +# +# visitor-message-daily-limit: 0 + +# Rate limiting: Allowed emails per visitor: +# - visitor-email-limit-burst is the initial bucket of emails each visitor has +# - visitor-email-limit-replenish is the rate at which the bucket is refilled +# +# visitor-email-limit-burst: 16 +# visitor-email-limit-replenish: "1h" + +# Rate limiting: Attachment size and bandwidth limits per visitor: +# - visitor-attachment-total-size-limit is the total storage limit used for attachments per visitor +# - visitor-attachment-daily-bandwidth-limit is the total daily attachment download/upload traffic limit per visitor +# +# visitor-attachment-total-size-limit: "100M" +# visitor-attachment-daily-bandwidth-limit: "500M" + +# Rate limiting: Enable subscriber-based rate limiting (mostly used for UnifiedPush) +# +# If enabled, subscribers may opt to have published messages counted against their own rate limits, as opposed +# to the publisher's rate limits. This is especially useful to increase the amount of messages that high-volume +# publishers (e.g. Matrix/Mastodon servers) are allowed to send. +# +# Once enabled, a client may send a "Rate-Topics: ,,..." header when subscribing to topics via +# HTTP stream, or websockets, thereby registering itself as the "rate visitor", i.e. the visitor whose rate limits +# to use when publishing on this topic. Note: Setting the rate visitor requires READ-WRITE permission on the topic. +# +# UnifiedPush only: If this setting is enabled, publishing to UnifiedPush topics will lead to a HTTP 507 response if +# no "rate visitor" has been previously registered. This is to avoid burning the publisher's "visitor-message-daily-limit". +# +# visitor-subscriber-rate-limiting: false + +# Payments integration via Stripe +# +# - stripe-secret-key is the key used for the Stripe API communication. Setting this values +# enables payments in the ntfy web app (e.g. Upgrade dialog). See https://dashboard.stripe.com/apikeys. +# - stripe-webhook-key is the key required to validate the authenticity of incoming webhooks from Stripe. +# Webhooks are essential up keep the local database in sync with the payment provider. See https://dashboard.stripe.com/webhooks. +# - billing-contact is an email address or website displayed in the "Upgrade tier" dialog to let people reach +# out with billing questions. If unset, nothing will be displayed. +# +# stripe-secret-key: +# stripe-webhook-key: +# billing-contact: + +# Metrics +# +# ntfy can expose Prometheus-style metrics via a /metrics endpoint, or on a dedicated listen IP/port. +# Metrics may be considered sensitive information, so before you enable them, be sure you know what you are +# doing, and/or secure access to the endpoint in your reverse proxy. +# +# - enable-metrics enables the /metrics endpoint for the default ntfy server (i.e. HTTP, HTTPS and/or Unix socket) +# - metrics-listen-http exposes the metrics endpoint via a dedicated [IP]:port. If set, this option implicitly +# enables metrics as well, e.g. "10.0.1.1:9090" or ":9090" +# +# enable-metrics: false +# metrics-listen-http: + +# Profiling +# +# ntfy can expose Go's net/http/pprof endpoints to support profiling of the ntfy server. If enabled, ntfy will listen +# on a dedicated listen IP/port, which can be accessed via the web browser on http://:/debug/pprof/. +# This can be helpful to expose bottlenecks, and visualize call flows. See https://pkg.go.dev/net/http/pprof for details. +# +# profile-listen-http: + +# Logging options +# +# By default, ntfy logs to the console (stderr), with an "info" log level, and in a human-readable text format. +# ntfy supports five different log levels, can also write to a file, log as JSON, and even supports granular +# log level overrides for easier debugging. Some options (log-level and log-level-overrides) can be hot reloaded +# by calling "kill -HUP $pid" or "systemctl reload ntfy". +# +# - log-format defines the output format, can be "text" (default) or "json" +# - log-file is a filename to write logs to. If this is not set, ntfy logs to stderr. +# - log-level defines the default log level, can be one of "trace", "debug", "info" (default), "warn" or "error". +# Be aware that "debug" (and particularly "trace") can be VERY CHATTY. Only turn them on briefly for debugging purposes. +# - log-level-overrides lets you override the log level if certain fields match. This is incredibly powerful +# for debugging certain parts of the system (e.g. only the account management, or only a certain visitor). +# This is an array of strings in the format: +# - "field=value -> level" to match a value exactly, e.g. "tag=manager -> trace" +# - "field -> level" to match any value, e.g. "time_taken_ms -> debug" +# Warning: Using log-level-overrides has a performance penalty. Only use it for temporary debugging. +# +# Check your permissions: +# If you are running ntfy with systemd, make sure this log file is owned by the +# ntfy user and group by running: chown ntfy.ntfy . +# +# Example (good for production): +# log-level: info +# log-format: json +# log-file: /var/log/ntfy.log +# +# Example level overrides (for debugging, only use temporarily): +# log-level-overrides: +# - "tag=manager -> trace" +# - "visitor_ip=1.2.3.4 -> debug" +# - "time_taken_ms -> debug" +# +# log-level: info +# log-level-overrides: +# log-format: text +# log-file: diff --git a/rootfs/usr/local/share/template-files/data/.gitkeep b/rootfs/usr/local/share/template-files/data/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/rootfs/usr/local/share/template-files/defaults/.gitkeep b/rootfs/usr/local/share/template-files/defaults/.gitkeep new file mode 100644 index 0000000..e69de29