From bc212ec85c47bba9982a041222e05b51da25201e Mon Sep 17 00:00:00 2001 From: casjay Date: Fri, 12 Jun 2026 05:39:45 -0400 Subject: [PATCH] =?UTF-8?q?=F0=9F=97=83=EF=B8=8F=20Updated=20=F0=9F=97=83?= =?UTF-8?q?=EF=B8=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Dockerfile .env.scripts .gitattributes .gitea/workflows/build.yml .gitignore README.md rootfs/root/docker/setup/00-init.sh rootfs/root/docker/setup/01-system.sh rootfs/root/docker/setup/02-packages.sh rootfs/root/docker/setup/03-files.sh rootfs/root/docker/setup/04-users.sh rootfs/root/docker/setup/05-custom.sh rootfs/root/docker/setup/06-post.sh rootfs/root/docker/setup/07-cleanup.sh rootfs/tmp/etc/opengist/config.yaml rootfs/usr/local/bin/entrypoint.sh rootfs/usr/local/etc/docker/functions/entrypoint.sh rootfs/usr/local/etc/docker/init.d/00-opengist.sh rootfs/usr/local/etc/resolv.conf --- .env.scripts | 19 +- .gitattributes | 2 +- .gitea/workflows/build.yml | 86 ++ .gitignore | 174 +++- Dockerfile | 26 +- README.md | 12 +- rootfs/root/docker/setup/00-init.sh | 17 +- rootfs/root/docker/setup/01-system.sh | 13 +- rootfs/root/docker/setup/02-packages.sh | 20 +- rootfs/root/docker/setup/03-files.sh | 82 +- rootfs/root/docker/setup/04-users.sh | 13 +- rootfs/root/docker/setup/05-custom.sh | 12 +- rootfs/root/docker/setup/06-post.sh | 13 +- rootfs/root/docker/setup/07-cleanup.sh | 15 +- rootfs/tmp/etc/opengist/config.yaml | 42 +- rootfs/usr/local/bin/entrypoint.sh | 762 +++++++++--------- .../local/etc/docker/functions/entrypoint.sh | 32 +- .../local/etc/docker/init.d/00-opengist.sh | 502 ++++++++---- rootfs/usr/local/etc/resolv.conf | 6 - 19 files changed, 1112 insertions(+), 736 deletions(-) create mode 100644 .gitea/workflows/build.yml delete mode 100644 rootfs/usr/local/etc/resolv.conf diff --git a/.env.scripts b/.env.scripts index 8043d50..4a6dc5d 100644 --- a/.env.scripts +++ b/.env.scripts @@ -1,10 +1,10 @@ # - - - - - - - - - - - - - - - - - - - - - - - - - -##@Version : 202511290813-git +##@Version : 202606120510-git # @@Author : CasjaysDev # @@Contact : CasjaysDev -# @@License : MIT -# @@Copyright : Copyright 2025 CasjaysDev -# @@Created : Sat Nov 29 08:13:04 AM EST 2025 +# @@License : WTFPL +# @@Copyright : Copyright 2026 CasjaysDev +# @@Created : Fri Jun 12 05:10:19 AM EDT 2026 # @@File : .env.scripts # @@Description : Variables for gen-dockerfile and buildx scripts # @@Changelog : newScript @@ -59,8 +59,8 @@ ENV_PULL_URL="casjaysdev/alpine" ENV_DISTRO_TAG="${IMAGE_VERSION}" # - - - - - - - - - - - - - - - - - - - - - - - - - # Env -SERVICE_PORT="80" -EXPOSE_PORTS="22" +SERVICE_PORT="" +EXPOSE_PORTS="" # - - - - - - - - - - - - - - - - - - - - - - - - - # IF using a lanuage such as go, php, rust, ruby, etc set the version here. LANG_VERSION="" @@ -72,12 +72,9 @@ NODE_MANAGER="system" # - - - - - - - - - - - - - - - - - - - - - - - - - # Default directories WWW_ROOT_DIR="/usr/local/share/httpd/default" -DEFAULT_FILE_DIR="/usr/local/share/template-files" -DEFAULT_DATA_DIR="/usr/local/share/template-files/data" -DEFAULT_CONF_DIR="/usr/local/share/template-files/config" -DEFAULT_TEMPLATE_DIR="/usr/local/share/template-files/defaults" # - - - - - - - - - - - - - - - - - - - - - - - - - -ENV_PACKAGES="git openssh" +ENV_PACKAGES="git openssh bash-completion curl wget sudo unzip iproute2 ssmtp openssl jq tzdata mailcap ncurses util-linux pciutils usbutils coreutils binutils findutils grep rsync zip tini py3-pip procps net-tools coreutils sed gawk grep attr findutils readline lsof less curl shadow ca-certificates" # - - - - - - - - - - - - - - - - - - - - - - - - - # ex: ts=2 sw=2 et filetype=sh # - - - - - - - - - - - - - - - - - - - - - - - - - + diff --git a/.gitattributes b/.gitattributes index 07f3b95..0861c5d 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,4 +1,4 @@ -# Template generated on Sat Nov 29 11:57:12 AM EST 2025 from https://github.com/alexkaratarakis/gitattributes" +# Template generated on Sun May 24 11:58:45 AM EDT 2026 from https://github.com/alexkaratarakis/gitattributes" # Common settings that generally should always be used with your language specific settings # Auto detect text files and perform LF normalization * text=auto diff --git a/.gitea/workflows/build.yml b/.gitea/workflows/build.yml new file mode 100644 index 0000000..efef31c --- /dev/null +++ b/.gitea/workflows/build.yml @@ -0,0 +1,86 @@ +name: Build and Push + +on: + push: + branches: [main] + schedule: + - cron: '0 2 1 * *' + workflow_dispatch: + +jobs: + build: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + + steps: + - name: Checkout + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + + - name: Set up QEMU + uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3 + + - name: Compute build metadata + id: meta + run: | + echo "build_date=$(date -u +%Y%m%d%H%M)" >> "$GITHUB_OUTPUT" + echo "tag_yymm=$(date -u +%y%m)" >> "$GITHUB_OUTPUT" + echo "git_commit=${GITHUB_SHA::7}" >> "$GITHUB_OUTPUT" + echo "registry_host=$(echo '${{ github.server_url }}' | sed 's|https://||')" >> "$GITHUB_OUTPUT" + + # ── Always: login to Gitea (GITEA_TOKEN is auto-provided) ──────────────── + - name: Login to Gitea registry + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3 + with: + registry: ${{ steps.meta.outputs.registry_host }} + username: ${{ github.repository_owner }} + password: ${{ secrets.GITEA_TOKEN }} + + # ── Optional: login to external registry when vars.DOCKER_USERNAME is set ── + # vars.DOCKER_REGISTRY defaults to docker.io; set it to push elsewhere. + # Login uses vars.DOCKER_USERNAME; secrets.DOCKER_PASSWORD is passed only + # via with: and never touches a shell. + - name: Login to Docker Hub + if: vars.DOCKER_USERNAME != '' + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3 + with: + registry: ${{ vars.DOCKER_REGISTRY || 'docker.io' }} + username: ${{ vars.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + # ── Build once, push to all logged-in registries ───────────────────────── + # Image namespace uses vars.DOCKER_ORG when set, falls back to vars.DOCKER_USERNAME. + # yymm tag pushed first; latest pushed last so registries show :latest as current. + - name: Build and push + uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6 + with: + context: . + platforms: linux/amd64,linux/arm64 + push: true + tags: | + ${{ steps.meta.outputs.registry_host }}/${{ github.repository }}:${{ steps.meta.outputs.tag_yymm }} + ${{ vars.DOCKER_USERNAME != '' && format('{0}/{1}/{2}:{3}', vars.DOCKER_REGISTRY || 'docker.io', vars.DOCKER_ORG || vars.DOCKER_USERNAME, github.event.repository.name, steps.meta.outputs.tag_yymm) || '' }} + ${{ steps.meta.outputs.registry_host }}/${{ github.repository }}:latest + ${{ vars.DOCKER_USERNAME != '' && format('{0}/{1}/{2}:{3}', vars.DOCKER_REGISTRY || 'docker.io', vars.DOCKER_ORG || vars.DOCKER_USERNAME, github.event.repository.name, 'latest') || '' }} + build-args: | + BUILD_DATE=${{ steps.meta.outputs.build_date }} + GIT_COMMIT=${{ steps.meta.outputs.git_commit }} + BUILD_VERSION=${{ steps.meta.outputs.tag_yymm }} + annotations: | + org.opencontainers.image.created=${{ steps.meta.outputs.build_date }} + org.opencontainers.image.version=latest + org.opencontainers.image.revision=${{ steps.meta.outputs.git_commit }} + org.opencontainers.image.title=${{ github.event.repository.name }} + org.opencontainers.image.description=Containerized version of ${{ github.event.repository.name }} + org.opencontainers.image.vendor=CasjaysDev + org.opencontainers.image.authors=CasjaysDev + org.opencontainers.image.licenses=WTFPL + org.opencontainers.image.url=${{ github.server_url }}/${{ github.repository }} + org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }} + org.opencontainers.image.documentation=${{ github.server_url }}/${{ github.repository }} + org.opencontainers.image.vcs-type=Git + com.github.containers.toolbox=false diff --git a/.gitignore b/.gitignore index 1bbc636..4a728ca 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,4 @@ -# gitignore created on 05/05/26 at 14:38 +# gitignore created on 06/12/26 at 05:07 # Disable reminder in prompt ignoredirmessage @@ -6,10 +6,12 @@ ignoredirmessage **/.build_failed* # OS generated files + ### Linux ### +# Backup files left by editors *~ -# temporary files which can be created if a process still has a handle open of a deleted file +# Temporary files left when a process holds an open handle to a deleted file .fuse_hidden* # KDE directory preferences @@ -18,11 +20,11 @@ ignoredirmessage # Linux trash folder which might appear on any partition or disk .Trash-* -# .nfs files are created when an open file is removed but is still being accessed +# NFS stale file handles .nfs* ### macOS ### -# General +.DS_Store .DS_Store? .AppleDouble .LSOverride @@ -46,20 +48,23 @@ Network Trash Folder Temporary Items .apdisk -### macOS Patch ### # iCloud generated files *.icloud ### Windows ### -# Windows thumbnail cache files Thumbs.db Thumbs.db:encryptable ehthumbs.db ehthumbs_vista.db -# Dump file +# Crash dump files *.stackdump +# Core dumps (Linux/macOS) +core +core.* +vgcore.* + # Folder config file [Dd]esktop.ini @@ -73,32 +78,165 @@ $RECYCLE.BIN/ *.msm *.msp -# misc -!*/README* -!inc/main.bash - # Windows shortcuts *.lnk -# ignore commit message +### Editors ### +# Visual Studio Code +.vscode/ +!.vscode/extensions.json + +# JetBrains IDEs (IntelliJ, GoLand, RustRover, PyCharm, etc.) +.idea/ +*.iml +*.iws +*.ipr + +# Vim / Neovim +*.swp +*.swo +.netrwhist +Session.vim +.vim/ + +# Sublime Text +*.sublime-workspace +*.sublime-project + +# Eclipse / generic Java IDEs +.project +.classpath +.factorypath +.settings/ + +### AI tool local configs (personal settings, never commit) ### +# Claude Code +.claude/settings.local.json +.claude/*.lock + +# Cursor +.cursor/ +.cursorignore +.cursorindexingignore + +# GitHub Copilot +.copilot/ + +# Codeium +.codeium/ + +# Tabnine +.tabnine/ + +# Aider +.aider/ +.aider.conf.yml +.aider.model.settings.yml +.aiderignore + +# General AI assistant local state +.ai/ +.ai.local/ + +### Environment and secrets ### +# Local env overrides — never commit credentials +.env +.env.local +.env.*.local + +# Private keys and certificates +*.pem +*.key +*.p12 +*.pfx + +### Build artifacts ### +build/ +dist/ +out/ + +# Rust +target/ + +# C / C++ / compiled objects +*.o +*.a +*.so +*.dylib +*.dll +*.exe + +### Dependency directories ### +# Node +node_modules/ + +# Go (vendored deps are sometimes committed intentionally, so gitignore only the cache) +# vendor/ + +# Python +__pycache__/ +*.pyc +*.pyo +*.pyd +.Python +*.egg-info/ +.eggs/ +.venv/ +venv/ +env/ + +### Logs ### +*.log +logs/ +npm-debug.log* +yarn-debug.log* +yarn-error.log* + +### Temporary and cache ### +tmp/ +.tmp/ +*.tmp +*.cache +.cache/ + +### Test and coverage ### +coverage/ +.coverage +*.cover +*.coverprofile +htmlcov/ +.nyc_output/ +.pytest_cache/ +.tox/ + +### Misc — always allow ### +!*/README* +!inc/main.bash + +### Project-specific patterns ### +# ignore commit message files **/.gitcommit -# ignore .build_failed files -**/.build_failed* - -# ignore .bak files +# ignore backup files **/*.bak # ignore .no_push files **/.no_push +**/.nopush # ignore .no_git files **/.no_git -# ignore .installed files +# ignore .installed marker files **/.installed -# ignore work in progress files +# ignore work-in-progress rewrite/refactor scripts **/*.rewrite.sh **/*.refactor.sh +# ignore local override scripts and configs +**/*.local.sh +**/*.local.conf +**/*.local.yaml +**/*.local.yml + diff --git a/Dockerfile b/Dockerfile index 6d9e3bc..55b6ea4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,21 +1,17 @@ # Docker image for opengist using the alpine template ARG IMAGE_NAME="opengist" ARG PHP_SERVER="opengist" -ARG BUILD_DATE="202511290813" +ARG BUILD_DATE="202606120510" ARG LANGUAGE="en_US.UTF-8" ARG TIMEZONE="America/New_York" ARG WWW_ROOT_DIR="/usr/local/share/httpd/default" -ARG DEFAULT_FILE_DIR="/usr/local/share/template-files" -ARG DEFAULT_DATA_DIR="/usr/local/share/template-files/data" -ARG DEFAULT_CONF_DIR="/usr/local/share/template-files/config" -ARG DEFAULT_TEMPLATE_DIR="/usr/local/share/template-files/defaults" ARG PATH="/usr/local/etc/docker/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ARG USER="root" ARG SHELL_OPTS="set -e -o pipefail" -ARG SERVICE_PORT="80" -ARG EXPOSE_PORTS="22" +ARG SERVICE_PORT="" +ARG EXPOSE_PORTS="" ARG PHP_VERSION="system" ARG NODE_VERSION="system" ARG NODE_MANAGER="system" @@ -42,10 +38,6 @@ ARG EXPOSE_PORTS ARG BUILD_VERSION ARG IMAGE_VERSION ARG WWW_ROOT_DIR -ARG DEFAULT_FILE_DIR -ARG DEFAULT_DATA_DIR -ARG DEFAULT_CONF_DIR -ARG DEFAULT_TEMPLATE_DIR ARG DISTRO_VERSION ARG NODE_VERSION ARG NODE_MANAGER @@ -54,7 +46,7 @@ ARG PHP_SERVER ARG SHELL_OPTS ARG PATH -ARG PACK_LIST="git openssh " +ARG PACK_LIST="git openssh bash-completion curl wget sudo unzip iproute2 ssmtp openssl jq tzdata mailcap ncurses util-linux pciutils usbutils coreutils binutils findutils grep rsync zip tini py3-pip procps net-tools coreutils sed gawk grep attr findutils readline lsof less curl shadow ca-certificates " ENV ENV=~/.profile ENV SHELL="/bin/sh" @@ -72,7 +64,8 @@ COPY ./rootfs/. / RUN set -e; \ echo "Updating the system and ensuring bash is installed"; \ - pkmgr update;pkmgr install bash + pkmgr update;pkmgr install bash ca-certificates; \ + update-ca-certificates RUN set -e; \ echo "Setting up prerequisites"; \ @@ -91,7 +84,7 @@ COPY --from=gosu /usr/local/bin/gosu /usr/local/bin/gosu RUN echo "Initializing the system"; \ $SHELL_OPTS; \ - mkdir -p "${DEFAULT_DATA_DIR}" "${DEFAULT_CONF_DIR}" "${DEFAULT_TEMPLATE_DIR}" "/root/docker/setup" "/etc/profile.d"; \ + mkdir -p "/root/docker/setup" "/etc/profile.d"; \ if [ -f "/root/docker/setup/00-init.sh" ];then echo "Running the init script";/root/docker/setup/00-init.sh||{ echo "Failed to execute /root/docker/setup/00-init.sh" >&2 && exit 10; };echo "Done running the init script";fi; \ echo "" @@ -205,10 +198,6 @@ ARG BUILD_VERSION ARG IMAGE_VERSION ARG GIT_COMMIT ARG WWW_ROOT_DIR -ARG DEFAULT_FILE_DIR -ARG DEFAULT_DATA_DIR -ARG DEFAULT_CONF_DIR -ARG DEFAULT_TEMPLATE_DIR ARG DISTRO_VERSION ARG NODE_VERSION ARG NODE_MANAGER @@ -267,4 +256,3 @@ STOPSIGNAL SIGRTMIN+3 ENTRYPOINT [ "tini", "-p", "SIGTERM","--", "/usr/local/bin/entrypoint.sh" ] HEALTHCHECK --start-period=10m --interval=5m --timeout=15s CMD [ "/usr/local/bin/entrypoint.sh", "healthcheck" ] - diff --git a/README.md b/README.md index 6c52e56..3999dc2 100644 --- a/README.md +++ b/README.md @@ -19,10 +19,10 @@ dockermgr update opengist ## Install and run container ```shell -dockerHome="/var/lib/srv/$USER/docker/casjaysdevdocker/opengist/opengist/latest/rootfs" -mkdir -p "/var/lib/srv/$USER/docker/opengist/rootfs" +dockerHome="/var/lib/srv/$USER/docker/casjaysdevdocker/opengist/latest/volumes" +mkdir -p "$dockerHome" git clone "https://github.com/dockermgr/opengist" "$HOME/.local/share/CasjaysDev/dockermgr/opengist" -cp -Rfva "$HOME/.local/share/CasjaysDev/dockermgr/opengist/rootfs/." "$dockerHome/" +cp -Rfva "$HOME/.local/share/CasjaysDev/dockermgr/opengist/volumes/." "$dockerHome/" docker run -d \ --restart always \ --privileged \ @@ -38,7 +38,6 @@ casjaysdevdocker/opengist:latest ## via docker-compose ```yaml -version: "2" services: ProjectName: image: casjaysdevdocker/opengist @@ -47,8 +46,8 @@ services: - TZ=America/New_York - HOSTNAME=opengist volumes: - - "/var/lib/srv/$USER/docker/casjaysdevdocker/opengist/opengist/latest/rootfs/data:/data:z" - - "/var/lib/srv/$USER/docker/casjaysdevdocker/opengist/opengist/latest/rootfs/config:/config:z" + - "/var/lib/srv/$USER/docker/casjaysdevdocker/opengist/latest/volumes/data:/data:z" + - "/var/lib/srv/$USER/docker/casjaysdevdocker/opengist/latest/volumes/config:/config:z" ports: - 80:80 restart: always @@ -77,3 +76,4 @@ buildx 🤖 casjay: [Github](https://github.com/casjay) 🤖 ⛵ casjaysdevdocker: [Github](https://github.com/casjaysdevdocker) [Docker](https://hub.docker.com/u/casjaysdevdocker) ⛵ + diff --git a/rootfs/root/docker/setup/00-init.sh b/rootfs/root/docker/setup/00-init.sh index faa26e4..8493168 100755 --- a/rootfs/root/docker/setup/00-init.sh +++ b/rootfs/root/docker/setup/00-init.sh @@ -1,12 +1,12 @@ #!/usr/bin/env bash # shellcheck shell=bash # - - - - - - - - - - - - - - - - - - - - - - - - - -##@Version : 202511290809-git +##@Version : 202606120507-git # @@Author : CasjaysDev # @@Contact : CasjaysDev -# @@License : MIT -# @@Copyright : Copyright 2025 CasjaysDev -# @@Created : Sat Nov 29 08:09:47 AM EST 2025 +# @@License : WTFPL +# @@Copyright : Copyright 2026 CasjaysDev +# @@Created : Fri Jun 12 05:07:20 AM EDT 2026 # @@File : 00-init.sh # @@Description : script to run init # @@Changelog : newScript @@ -20,7 +20,7 @@ # shellcheck disable=SC1001,SC1003,SC2001,SC2003,SC2016,SC2031,SC2090,SC2115,SC2120,SC2155,SC2199,SC2229,SC2317,SC2329 # - - - - - - - - - - - - - - - - - - - - - - - - - # Set bash options -set -o pipefail +set -eo pipefail [ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS # - - - - - - - - - - - - - - - - - - - - - - - - - # Set env variables @@ -28,17 +28,16 @@ exitCode=0 # - - - - - - - - - - - - - - - - - - - - - - - - - # Predefined actions -if [ -d "/usr/local/share/template-files/data" ]; then rm -Rf "/usr/local/share/template-files/data"/*; fi -if [ -d "/usr/local/share/template-files/config" ]; then rm -Rf "/usr/local/share/template-files/config"/*; fi -if [ -d "/usr/local/share/template-files/defaults" ]; then rm -Rf "/usr/local/share/template-files/defaults"/*; fi + # - - - - - - - - - - - - - - - - - - - - - - - - - # Main script # - - - - - - - - - - - - - - - - - - - - - - - - - # Set the exit code -#exitCode=$? +exitCode=$? # - - - - - - - - - - - - - - - - - - - - - - - - - exit $exitCode # - - - - - - - - - - - - - - - - - - - - - - - - - # ex: ts=2 sw=2 et filetype=sh # - - - - - - - - - - - - - - - - - - - - - - - - - + diff --git a/rootfs/root/docker/setup/01-system.sh b/rootfs/root/docker/setup/01-system.sh index 060f835..47dd02b 100755 --- a/rootfs/root/docker/setup/01-system.sh +++ b/rootfs/root/docker/setup/01-system.sh @@ -1,12 +1,12 @@ #!/usr/bin/env bash # shellcheck shell=bash # - - - - - - - - - - - - - - - - - - - - - - - - - -##@Version : 202511290809-git +##@Version : 202606120507-git # @@Author : CasjaysDev # @@Contact : CasjaysDev -# @@License : MIT -# @@Copyright : Copyright 2025 CasjaysDev -# @@Created : Sat Nov 29 08:09:47 AM EST 2025 +# @@License : WTFPL +# @@Copyright : Copyright 2026 CasjaysDev +# @@Created : Fri Jun 12 05:07:20 AM EDT 2026 # @@File : 01-system.sh # @@Description : script to run system # @@Changelog : newScript @@ -20,7 +20,7 @@ # shellcheck disable=SC1001,SC1003,SC2001,SC2003,SC2016,SC2031,SC2090,SC2115,SC2120,SC2155,SC2199,SC2229,SC2317,SC2329 # - - - - - - - - - - - - - - - - - - - - - - - - - # Set bash options -set -o pipefail +set -eo pipefail [ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS # - - - - - - - - - - - - - - - - - - - - - - - - - # Set env variables @@ -34,9 +34,10 @@ exitCode=0 # - - - - - - - - - - - - - - - - - - - - - - - - - # Set the exit code -#exitCode=$? +exitCode=$? # - - - - - - - - - - - - - - - - - - - - - - - - - exit $exitCode # - - - - - - - - - - - - - - - - - - - - - - - - - # ex: ts=2 sw=2 et filetype=sh # - - - - - - - - - - - - - - - - - - - - - - - - - + diff --git a/rootfs/root/docker/setup/02-packages.sh b/rootfs/root/docker/setup/02-packages.sh index ee69e4d..041c1d7 100755 --- a/rootfs/root/docker/setup/02-packages.sh +++ b/rootfs/root/docker/setup/02-packages.sh @@ -1,12 +1,12 @@ #!/usr/bin/env bash # shellcheck shell=bash # - - - - - - - - - - - - - - - - - - - - - - - - - -##@Version : 202511290809-git +##@Version : 202606120507-git # @@Author : CasjaysDev # @@Contact : CasjaysDev -# @@License : MIT -# @@Copyright : Copyright 2025 CasjaysDev -# @@Created : Sat Nov 29 08:09:47 AM EST 2025 +# @@License : WTFPL +# @@Copyright : Copyright 2026 CasjaysDev +# @@Created : Fri Jun 12 05:07:20 AM EDT 2026 # @@File : 02-packages.sh # @@Description : script to run packages # @@Changelog : newScript @@ -20,7 +20,7 @@ # shellcheck disable=SC1001,SC1003,SC2001,SC2003,SC2016,SC2031,SC2090,SC2115,SC2120,SC2155,SC2199,SC2229,SC2317,SC2329 # - - - - - - - - - - - - - - - - - - - - - - - - - # Set bash options -set -o pipefail +set -eo pipefail [ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS # - - - - - - - - - - - - - - - - - - - - - - - - - # Set env variables @@ -31,12 +31,20 @@ exitCode=0 # - - - - - - - - - - - - - - - - - - - - - - - - - # Main script +if command -v update-ca-certificates >/dev/null 2>&1; then + update-ca-certificates +elif command -v update-ca-trust >/dev/null 2>&1; then + update-ca-trust extract +elif command -v trust >/dev/null 2>&1; then + trust extract-compat +fi # - - - - - - - - - - - - - - - - - - - - - - - - - # Set the exit code -#exitCode=$? +exitCode=$? # - - - - - - - - - - - - - - - - - - - - - - - - - exit $exitCode # - - - - - - - - - - - - - - - - - - - - - - - - - # ex: ts=2 sw=2 et filetype=sh # - - - - - - - - - - - - - - - - - - - - - - - - - + diff --git a/rootfs/root/docker/setup/03-files.sh b/rootfs/root/docker/setup/03-files.sh index d8ed80a..14b4e1d 100755 --- a/rootfs/root/docker/setup/03-files.sh +++ b/rootfs/root/docker/setup/03-files.sh @@ -1,74 +1,92 @@ #!/usr/bin/env bash -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -##@Version : 202606041215-git +# shellcheck shell=bash +# - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202606120507-git # @@Author : CasjaysDev # @@Contact : CasjaysDev # @@License : WTFPL -# @@ReadME : -# @@Copyright : Copyright: (c) 2023 CasjaysDev -# @@Created : Mon Aug 28 06:48:42 PM EDT 2023 +# @@Copyright : Copyright 2026 CasjaysDev +# @@Created : Fri Jun 12 05:07:20 AM EDT 2026 # @@File : 03-files.sh # @@Description : script to run files -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# shellcheck shell=bash +# @@Changelog : newScript +# @@TODO : Refactor code +# @@Other : N/A +# @@Resource : N/A +# @@Terminal App : yes +# @@sudo/root : yes +# @@Template : templates/dockerfiles/init_scripts/03-files.sh +# - - - - - - - - - - - - - - - - - - - - - - - - - # shellcheck disable=SC1001,SC1003,SC2001,SC2003,SC2016,SC2031,SC2090,SC2115,SC2120,SC2155,SC2199,SC2229,SC2317,SC2329 -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -set -o pipefail +# - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +set -eo pipefail [ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# - - - - - - - - - - - - - - - - - - - - - - - - - +# Set env variables exitCode=0 -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + +# - - - - - - - - - - - - - - - - - - - - - - - - - +# Predefined actions if [ -d "/tmp/bin" ]; then - \mkdir -p "/usr/local/bin" + mkdir -p "/usr/local/bin" for bin in "/tmp/bin"/*; do + [ -e "$bin" ] || continue name="${bin##*/}" echo "Installing $name to /usr/local/bin/$name" - copy "$bin" "/usr/local/bin/$name" - \chmod -f +x "/usr/local/bin/$name" + cp -Rf "$bin" "/usr/local/bin/$name" + chmod -f +x "/usr/local/bin/$name" done fi unset bin if [ -d "/tmp/var" ]; then for var in "/tmp/var"/*; do + [ -e "$var" ] || continue name="${var##*/}" echo "Installing $var to /var/$name" if [ -d "$var" ]; then - \mkdir -p "/var/$name" - copy "$var/." "/var/$name/" + mkdir -p "/var/$name" + cp -Rf "$var/." "/var/$name/" else - copy "$var" "/var/$name" + cp -Rf "$var" "/var/$name" fi done fi unset var if [ -d "/tmp/etc" ]; then for config in "/tmp/etc"/*; do + [ -e "$config" ] || continue name="${config##*/}" echo "Installing $config to /etc/$name" if [ -d "$config" ]; then - \mkdir -p "/etc/$name" - copy "$config/." "/etc/$name/" + mkdir -p "/etc/$name" + cp -Rf "$config/." "/etc/$name/" else - copy "$config" "/etc/$name" + cp -Rf "$config" "/etc/$name" fi done fi unset config if [ -d "/tmp/usr" ]; then - for usrpath in "/tmp/usr"/*; do - name="${usrpath##*/}" - echo "Installing $usrpath to /usr/$name" - if [ -d "$usrpath" ]; then - \mkdir -p "/usr/$name" - copy "$usrpath/." "/usr/$name/" - else - copy "$usrpath" "/usr/$name" - fi + for share in "/tmp/usr"/*; do + [ -e "$share" ] || continue + name="${share##*/}" + dest="/usr/$name" + echo "Installing $share to $dest" + mkdir -p "$dest" + cp -Rf "$share/." "$dest/" done fi -unset usrpath -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +unset share +# - - - - - - - - - - - - - - - - - - - - - - - - - +# Main script + +# - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the exit code exitCode=$? -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# - - - - - - - - - - - - - - - - - - - - - - - - - exit $exitCode +# - - - - - - - - - - - - - - - - - - - - - - - - - # ex: ts=2 sw=2 et filetype=sh +# - - - - - - - - - - - - - - - - - - - - - - - - - + diff --git a/rootfs/root/docker/setup/04-users.sh b/rootfs/root/docker/setup/04-users.sh index 68c582c..028856c 100755 --- a/rootfs/root/docker/setup/04-users.sh +++ b/rootfs/root/docker/setup/04-users.sh @@ -1,12 +1,12 @@ #!/usr/bin/env bash # shellcheck shell=bash # - - - - - - - - - - - - - - - - - - - - - - - - - -##@Version : 202511290809-git +##@Version : 202606120507-git # @@Author : CasjaysDev # @@Contact : CasjaysDev -# @@License : MIT -# @@Copyright : Copyright 2025 CasjaysDev -# @@Created : Sat Nov 29 08:09:47 AM EST 2025 +# @@License : WTFPL +# @@Copyright : Copyright 2026 CasjaysDev +# @@Created : Fri Jun 12 05:07:20 AM EDT 2026 # @@File : 04-users.sh # @@Description : script to run users # @@Changelog : newScript @@ -20,7 +20,7 @@ # shellcheck disable=SC1001,SC1003,SC2001,SC2003,SC2016,SC2031,SC2090,SC2115,SC2120,SC2155,SC2199,SC2229,SC2317,SC2329 # - - - - - - - - - - - - - - - - - - - - - - - - - # Set bash options -set -o pipefail +set -eo pipefail [ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS # - - - - - - - - - - - - - - - - - - - - - - - - - # Set env variables @@ -34,9 +34,10 @@ exitCode=0 # - - - - - - - - - - - - - - - - - - - - - - - - - # Set the exit code -#exitCode=$? +exitCode=$? # - - - - - - - - - - - - - - - - - - - - - - - - - exit $exitCode # - - - - - - - - - - - - - - - - - - - - - - - - - # ex: ts=2 sw=2 et filetype=sh # - - - - - - - - - - - - - - - - - - - - - - - - - + diff --git a/rootfs/root/docker/setup/05-custom.sh b/rootfs/root/docker/setup/05-custom.sh index c52f67f..71d799e 100755 --- a/rootfs/root/docker/setup/05-custom.sh +++ b/rootfs/root/docker/setup/05-custom.sh @@ -1,12 +1,12 @@ #!/usr/bin/env bash # shellcheck shell=bash # - - - - - - - - - - - - - - - - - - - - - - - - - -##@Version : 202511290809-git +##@Version : 202606120507-git # @@Author : CasjaysDev # @@Contact : CasjaysDev -# @@License : MIT -# @@Copyright : Copyright 2025 CasjaysDev -# @@Created : Sat Nov 29 08:09:47 AM EST 2025 +# @@License : WTFPL +# @@Copyright : Copyright 2026 CasjaysDev +# @@Created : Fri Jun 12 05:07:20 AM EDT 2026 # @@File : 05-custom.sh # @@Description : script to run custom # @@Changelog : newScript @@ -20,7 +20,7 @@ # shellcheck disable=SC1001,SC1003,SC2001,SC2003,SC2016,SC2031,SC2090,SC2115,SC2120,SC2155,SC2199,SC2229,SC2317,SC2329 # - - - - - - - - - - - - - - - - - - - - - - - - - # Set bash options -set -o pipefail +set -eo pipefail [ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS # - - - - - - - - - - - - - - - - - - - - - - - - - # Set env variables @@ -51,7 +51,7 @@ fi # - - - - - - - - - - - - - - - - - - - - - - - - - # Set the exit code -#exitCode=$? +exitCode=$? # - - - - - - - - - - - - - - - - - - - - - - - - - exit $exitCode # - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/root/docker/setup/06-post.sh b/rootfs/root/docker/setup/06-post.sh index 2db4767..443a30e 100755 --- a/rootfs/root/docker/setup/06-post.sh +++ b/rootfs/root/docker/setup/06-post.sh @@ -1,12 +1,12 @@ #!/usr/bin/env bash # shellcheck shell=bash # - - - - - - - - - - - - - - - - - - - - - - - - - -##@Version : 202511290809-git +##@Version : 202606120507-git # @@Author : CasjaysDev # @@Contact : CasjaysDev -# @@License : MIT -# @@Copyright : Copyright 2025 CasjaysDev -# @@Created : Sat Nov 29 08:09:47 AM EST 2025 +# @@License : WTFPL +# @@Copyright : Copyright 2026 CasjaysDev +# @@Created : Fri Jun 12 05:07:20 AM EDT 2026 # @@File : 06-post.sh # @@Description : script to run post # @@Changelog : newScript @@ -20,7 +20,7 @@ # shellcheck disable=SC1001,SC1003,SC2001,SC2003,SC2016,SC2031,SC2090,SC2115,SC2120,SC2155,SC2199,SC2229,SC2317,SC2329 # - - - - - - - - - - - - - - - - - - - - - - - - - # Set bash options -set -o pipefail +set -eo pipefail [ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS # - - - - - - - - - - - - - - - - - - - - - - - - - # Set env variables @@ -34,9 +34,10 @@ exitCode=0 # - - - - - - - - - - - - - - - - - - - - - - - - - # Set the exit code -#exitCode=$? +exitCode=$? # - - - - - - - - - - - - - - - - - - - - - - - - - exit $exitCode # - - - - - - - - - - - - - - - - - - - - - - - - - # ex: ts=2 sw=2 et filetype=sh # - - - - - - - - - - - - - - - - - - - - - - - - - + diff --git a/rootfs/root/docker/setup/07-cleanup.sh b/rootfs/root/docker/setup/07-cleanup.sh index ab4f856..94f8394 100755 --- a/rootfs/root/docker/setup/07-cleanup.sh +++ b/rootfs/root/docker/setup/07-cleanup.sh @@ -1,12 +1,12 @@ #!/usr/bin/env bash # shellcheck shell=bash # - - - - - - - - - - - - - - - - - - - - - - - - - -##@Version : 202511290809-git +##@Version : 202606120507-git # @@Author : CasjaysDev # @@Contact : CasjaysDev -# @@License : MIT -# @@Copyright : Copyright 2025 CasjaysDev -# @@Created : Sat Nov 29 08:09:47 AM EST 2025 +# @@License : WTFPL +# @@Copyright : Copyright 2026 CasjaysDev +# @@Created : Fri Jun 12 05:07:20 AM EDT 2026 # @@File : 07-cleanup.sh # @@Description : script to run cleanup # @@Changelog : newScript @@ -20,11 +20,11 @@ # shellcheck disable=SC1001,SC1003,SC2001,SC2003,SC2016,SC2031,SC2090,SC2115,SC2120,SC2155,SC2199,SC2229,SC2317,SC2329 # - - - - - - - - - - - - - - - - - - - - - - - - - # Set bash options -set -o pipefail +set -eo pipefail [ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS # - - - - - - - - - - - - - - - - - - - - - - - - - # Load functions -__find_and_remove() { [ -z "$1" ] || find "${2:-/etc}" -iname "$1" -exec rm -Rf {} \; 2>/dev/null; } +__find_and_remove() { [ -z "$1" ] || find "${2:-/etc}" -iname "$1" -exec rm -Rf {} + 2>/dev/null; } # - - - - - - - - - - - - - - - - - - - - - - - - - # Set env variables exitCode=0 @@ -38,9 +38,10 @@ if [ -d "$HOME/.cache" ]; then rm -Rf "$HOME/.cache"; fi # - - - - - - - - - - - - - - - - - - - - - - - - - # Set the exit code -#exitCode=$? +exitCode=$? # - - - - - - - - - - - - - - - - - - - - - - - - - exit $exitCode # - - - - - - - - - - - - - - - - - - - - - - - - - # ex: ts=2 sw=2 et filetype=sh # - - - - - - - - - - - - - - - - - - - - - - - - - + diff --git a/rootfs/tmp/etc/opengist/config.yaml b/rootfs/tmp/etc/opengist/config.yaml index caa03ce..c30c09b 100644 --- a/rootfs/tmp/etc/opengist/config.yaml +++ b/rootfs/tmp/etc/opengist/config.yaml @@ -1,6 +1,4 @@ -# Learn more about Opengist configuration here: -# https://github.com/thomiceli/opengist/blob/master/docs/configuration/index.md -# https://github.com/thomiceli/opengist/blob/master/docs/configuration/cheat-sheet.md +# Learn more about Opengist configuration here: https://github.com/thomiceli/opengist/blob/master/docs/configuration/index.md # Set the log level to one of the following: trace, debug, info, warn, error, fatal, panic. Default: warn log-level: warn @@ -21,15 +19,13 @@ index.enabled: true index.dirname: opengist.index # Default branch name used by Opengist when initializing Git repositories. -# If not set, uses the Git default branch name. See https://git-scm.com/book/en/v2/Getting-Started-First-Time-Git-Setup#_new_default_branch git.default-branch: main # Set the journal mode for SQLite. Default: WAL -# See https://www.sqlite.org/pragma.html#pragma_journal_mode sqlite.journal-mode: WAL # Public URL to access to Opengist -external-url: +external-url: REPLACE_HOSTNAME # HTTP server configuration # Host to bind to. Default: 0.0.0.0 @@ -42,63 +38,47 @@ http.port: REPLACE_SERVER_PORT http.git-enabled: true # SSH built-in server configuration -# Note: it is not using the SSH daemon from your machine (yet) - -# Enable or disable SSH built-in server -# for git operations (clone, pull, push) via SSH (either `true` or `false`). Default: true -ssh.git-enabled: false +ssh.git-enabled: true # Host to bind to. Default: 0.0.0.0 ssh.host: 0.0.0.0 -# Port to bind to. Default: 22 -# Note: it cannot be the same port as the SSH daemon if it's currently running -# If you want to use the port 22 for the built-in SSH server, -# you can either change the port of the SSH daemon or stop it -ssh.port: 22 +# Port to bind to. Default: 7823 +ssh.port: 7823 # Public domain for the Git SSH connection, if it has to be different from the HTTP one. -# If not set, uses the URL from the request -ssh.external-domain: +ssh.external-domain: REPLACE_HOSTNAME # Path or alias to ssh-keygen executable. Default: ssh-keygen ssh.keygen-executable: ssh-keygen -# OAuth2 configuration -# The callback/redirect URL must be http://opengist.url/oauth//callback +# OAuth2 configuration URL must be http://opengist.url/oauth//callback -# To create a new OAuth2 application using GitHub : https://github.com/settings/applications/new +# To create a new OAuth2 application using GitHub: https://github.com/settings/applications/new github.client-key: github.secret: -# To create a new OAuth2 application using Gitlab : https://gitlab.com/-/user_settings/applications +# To create a new OAuth2 application using Gitlab: https://gitlab.com/-/user_settings/applications gitlab.client-key: gitlab.secret: -# URL of the Gitlab instance. Default: https://gitlab.com/ gitlab.url: https://gitlab.com/ -# The name of the GitLab instance. It is displayed in the OAuth login button. Default: GitLab gitlab.name: GitLab -# To create a new OAuth2 application using Gitea : https://gitea.domain/user/settings/applications +# To create a new OAuth2 application using Gitea: https://gitea.domain/user/settings/applications gitea.client-key: gitea.secret: -# URL of the Gitea instance. Default: https://gitea.com/ gitea.url: https://casjay.work/ -# The name of the Gitea instance. It is displayed in the OAuth login button. Default: Gitea gitea.name: CasjaysDev GIT Server # To create a new OAuth2 application using OpenID Connect: oidc.client-key: oidc.secret: -# Discovery endpoint of the OpenID provider. Generally something like http://auth.example.com/.well-known/openid-configuration -oidc.discovery-url: +oidc.discovery-url: http://auth.example.com/.well-known/openid-configuration # Custom assets -# Add your own custom assets, that are files relatives to $opengist-home/custom/ custom.logo: custom.favicon: -# Static pages in footer (like legal notices, privacy policy, etc.) # The path can be a URL or a relative path to a file in the $opengist-home/custom/ directory custom.static-links: # - name: Gitea diff --git a/rootfs/usr/local/bin/entrypoint.sh b/rootfs/usr/local/bin/entrypoint.sh index c587117..40757d8 100755 --- a/rootfs/usr/local/bin/entrypoint.sh +++ b/rootfs/usr/local/bin/entrypoint.sh @@ -1,19 +1,19 @@ #!/usr/bin/env bash # shellcheck shell=bash # - - - - - - - - - - - - - - - - - - - - - - - - - -##@Version : 202602061352-git +##@Version : 202606041210-git # @@Author : Jason Hempstead # @@Contact : jason@casjaysdev.pro # @@License : WTFPL # @@ReadME : entrypoint.sh --help # @@Copyright : Copyright: (c) 2026 Jason Hempstead, Casjays Developments -# @@Created : Tuesday, May 05, 2026 14:38 EDT +# @@Created : Friday, Jun 12, 2026 05:07 EDT # @@File : entrypoint.sh -# @@Description : Entrypoint file for opengist +# @@Description : Entrypoint file for alpine # @@Changelog : New script # @@TODO : Better documentation -# @@Other : -# @@Resource : +# @@Other : +# @@Resource : # @@Terminal App : no # @@sudo/root : no # @@Template : other/docker-entrypoint @@ -21,17 +21,25 @@ # shellcheck disable=SC1001,SC1003,SC2001,SC2003,SC2016,SC2031,SC2090,SC2115,SC2120,SC2155,SC2199,SC2229,SC2317,SC2329 # - - - - - - - - - - - - - - - - - - - - - - - - - # run trap command on exit -trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "yes" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' INT TERM PWR +trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "yes" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' INT TERM +trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "yes" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGPWR 2>/dev/null || true # - - - - - - - - - - - - - - - - - - - - - - - - - # setup debugging - https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html [ -f "/config/.debug" ] && [ -z "$DEBUGGER_OPTIONS" ] && export DEBUGGER_OPTIONS="$(<"/config/.debug")" || DEBUGGER_OPTIONS="${DEBUGGER_OPTIONS:-}" -{ [ "$DEBUGGER" = "on" ] || [ -f "/config/.debug" ]; } && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS && export DEBUGGER="on" || set -o pipefail +if [ "$DEBUGGER" = "on" ] || [ -f "/config/.debug" ]; then + echo "Enabling debugging" + set -eo pipefail + [ -n "$DEBUGGER_OPTIONS" ] && set -"$DEBUGGER_OPTIONS" + export DEBUGGER="on" +else + set -eo pipefail +fi # - - - - - - - - - - - - - - - - - - - - - - - - - PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin" # - - - - - - - - - - - - - - - - - - - - - - - - - # Set bash options SCRIPT_FILE="$0" -CONTAINER_NAME="opengist" +CONTAINER_NAME="alpine" SCRIPT_NAME="${SCRIPT_FILE##*/}" CONTAINER_NAME="${ENV_CONTAINER_NAME:-$CONTAINER_NAME}" # - - - - - - - - - - - - - - - - - - - - - - - - - @@ -43,24 +51,24 @@ while :; do [ "$1" = " " ] && shift 1 || break; done # - - - - - - - - - - - - - - - - - - - - - - - - - # import the functions file if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then - . "/usr/local/etc/docker/functions/entrypoint.sh" + . "/usr/local/etc/docker/functions/entrypoint.sh" else - echo "Can not load functions from /usr/local/etc/docker/functions/entrypoint.sh" - exit 1 + echo "Can not load functions from /usr/local/etc/docker/functions/entrypoint.sh" + exit 1 fi # - - - - - - - - - - - - - - - - - - - - - - - - - case "$1" in # Help message -h | --help) - shift 1 - echo 'Docker container for '$CONTAINER_NAME'' - echo "Usage: $CONTAINER_NAME [help tail cron exec start init shell certbot ssl procs ports healthcheck backup command]" - echo "" - exit 0 - ;; + shift 1 + echo "Docker container for $CONTAINER_NAME" + echo "Usage: $CONTAINER_NAME [help tail cron exec start init shell procs ports healthcheck backup command]" + echo "" + exit 0 + ;; -*) - shift - ;; + shift + ;; esac # - - - - - - - - - - - - - - - - - - - - - - - - - # Create the default env files @@ -68,7 +76,7 @@ __create_env_file "/config/env/default.sh" "/root/env.sh" &>/dev/null # - - - - - - - - - - - - - - - - - - - - - - - - - # import variables from files for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do - [ -f "$set_env" ] && . "$set_env" + [ -f "$set_env" ] && . "$set_env" done unset set_env # - - - - - - - - - - - - - - - - - - - - - - - - - @@ -87,8 +95,8 @@ SERVICE_UID="${SERVICE_UID:-0}" SERVICE_GID="${SERVICE_GID:-0}" # - - - - - - - - - - - - - - - - - - - - - - - - - # User and group in which the service switches to - IE: nginx,apache,mysql,postgres -#SERVICE_USER="${SERVICE_USER:-opengist}" # execute command as another user -#SERVICE_GROUP="${SERVICE_GROUP:-opengist}" # Set the service group +#SERVICE_USER="${SERVICE_USER:-alpine}" # execute command as another user +#SERVICE_GROUP="${SERVICE_GROUP:-alpine}" # Set the service group # - - - - - - - - - - - - - - - - - - - - - - - - - # Secondary ports # specifiy other ports @@ -115,7 +123,7 @@ export PATH RUNAS_USER SERVICE_USER SERVICE_GROUP SERVICE_UID SERVICE_GID WWW_RO # show message __run_message() { - return + return } # - - - - - - - - - - - - - - - - - - - - - - - - - ################## END OF CONFIGURATION ##################### @@ -143,13 +151,10 @@ export DOMAINNAME="$(hostname -d)" # - - - - - - - - - - - - - - - - - - - - - - - - - # Default directories export SSL_DIR="${SSL_DIR:-/config/ssl}" -export SSL_CA="${SSL_CERT:-/config/ssl/ca.crt}" +export SSL_CA="${SSL_CA:-/config/ssl/ca.crt}" export SSL_KEY="${SSL_KEY:-/config/ssl/localhost.pem}" export SSL_CERT="${SSL_CERT:-/config/ssl/localhost.crt}" export LOCAL_BIN_DIR="${LOCAL_BIN_DIR:-/usr/local/bin}" -export DEFAULT_DATA_DIR="${DEFAULT_DATA_DIR:-/usr/local/share/template-files/data}" -export DEFAULT_CONF_DIR="${DEFAULT_CONF_DIR:-/usr/local/share/template-files/config}" -export DEFAULT_TEMPLATE_DIR="${DEFAULT_TEMPLATE_DIR:-/usr/local/share/template-files/defaults}" # - - - - - - - - - - - - - - - - - - - - - - - - - # Backup settings export BACKUP_MAX_DAYS="${BACKUP_MAX_DAYS:-}" @@ -164,19 +169,19 @@ export NGINX_CONFIG_FILE="${NGINX_CONFIG_FILE:-$(__find_nginx_conf)}" export MYSQL_CONFIG_FILE="${MYSQL_CONFIG_FILE:-$(__find_mysql_conf)}" export PGSQL_CONFIG_FILE="${PGSQL_CONFIG_FILE:-$(__find_pgsql_conf)}" export MONGODB_CONFIG_FILE="${MONGODB_CONFIG_FILE:-$(__find_mongodb_conf)}" -export ENTRYPOINT_PID_FILE="${ENTRYPOINT_PID_FILE:-$ENTRYPOINT_PID_FILE}" +export ENTRYPOINT_PID_FILE="${ENTRYPOINT_PID_FILE:-/run/.entrypoint.pid}" export ENTRYPOINT_INIT_FILE="${ENTRYPOINT_INIT_FILE:-/config/.entrypoint.done}" export ENTRYPOINT_DATA_INIT_FILE="${ENTRYPOINT_DATA_INIT_FILE:-/data/.docker_has_run}" export ENTRYPOINT_CONFIG_INIT_FILE="${ENTRYPOINT_CONFIG_INIT_FILE:-/config/.docker_has_run}" # - - - - - - - - - - - - - - - - - - - - - - - - - if [ -n "$CONTAINER_WEB_SERVER_WWW_REPO" ]; then - www_temp_dir="/tmp/git/${CONTAINER_WEB_SERVER_WWW_REPO##*/}" - rm -Rf "${WWW_ROOT_DIR:?}"/* "${www_temp_dir:?}"/* 2>/dev/null || true - mkdir -p "$WWW_ROOT_DIR" "$www_temp_dir" 2>/dev/null || true - git clone -q "$CONTAINER_WEB_SERVER_WWW_REPO" "$www_temp_dir" 2>/dev/null || true - rm -Rf "$www_temp_dir/.git" "$www_temp_dir"/.git* 2>/dev/null || true - rsync -ra "$www_temp_dir/" "$WWW_ROOT_DIR" --delete 2>/dev/null || true - rm -Rf "$www_temp_dir" 2>/dev/null || true + www_temp_dir="/tmp/git/${CONTAINER_WEB_SERVER_WWW_REPO##*/}" + rm -Rf "${WWW_ROOT_DIR:?}"/* "${www_temp_dir:?}"/* 2>/dev/null || true + mkdir -p "$WWW_ROOT_DIR" "$www_temp_dir" 2>/dev/null || true + git clone -q "$CONTAINER_WEB_SERVER_WWW_REPO" "$www_temp_dir" 2>/dev/null || true + rm -Rf "$www_temp_dir/.git" "$www_temp_dir"/.git* 2>/dev/null || true + rsync -ra "$www_temp_dir/" "$WWW_ROOT_DIR" --delete 2>/dev/null || true + rm -Rf "$www_temp_dir" 2>/dev/null || true fi # - - - - - - - - - - - - - - - - - - - - - - - - - # variables based on env/files @@ -190,33 +195,31 @@ if [ "$CONTAINER_WEB_SERVER_PROTOCOL" = "https" ]; then SSL_ENABLED="yes"; fi # - - - - - - - - - - - - - - - - - - - - - - - - - # is already Initialized if [ -f "$ENTRYPOINT_DATA_INIT_FILE" ]; then - DATA_DIR_INITIALIZED="yes" + DATA_DIR_INITIALIZED="yes" else - DATA_DIR_INITIALIZED="no" + DATA_DIR_INITIALIZED="no" fi if [ -f "$ENTRYPOINT_CONFIG_INIT_FILE" ]; then - CONFIG_DIR_INITIALIZED="yes" + CONFIG_DIR_INITIALIZED="yes" else - CONFIG_DIR_INITIALIZED="no" + CONFIG_DIR_INITIALIZED="no" fi if [ -f "$ENTRYPOINT_PID_FILE" ] || [ -f "$ENTRYPOINT_INIT_FILE" ]; then - ENTRYPOINT_FIRST_RUN="no" + ENTRYPOINT_FIRST_RUN="no" else - ENTRYPOINT_FIRST_RUN="yes" + ENTRYPOINT_FIRST_RUN="yes" fi # - - - - - - - - - - - - - - - - - - - - - - - - - # clean ENV_PORTS variables -ENV_PORTS="${ENV_PORTS//,/ }" # -ENV_PORTS="${ENV_PORTS//\/*/}" # +ENV_PORTS="${ENV_PORTS//,/ }" +ENV_PORTS="${ENV_PORTS//\/*/}" # - - - - - - - - - - - - - - - - - - - - - - - - - # clean SERVER_PORTS variables -SERVER_PORTS="${SERVER_PORTS//,/ }" # -SERVER_PORTS="${SERVER_PORTS//\/*/}" # +SERVER_PORTS="${SERVER_PORTS//,/ }" +SERVER_PORTS="${SERVER_PORTS//\/*/}" # - - - - - - - - - - - - - - - - - - - - - - - - - # clean WEB_SERVER_PORTS variables -WEB_SERVER_PORTS="${WEB_SERVER_PORT//\/*/}" # -WEB_SERVER_PORTS="${WEB_SERVER_PORTS//\/*/}" # -WEB_SERVER_PORTS="${WEB_SERVER_PORT//,/ } ${ENV_WEB_SERVER_PORTS//,/ }" # +WEB_SERVER_PORTS="${WEB_SERVER_PORT//,/ } ${ENV_WEB_SERVER_PORTS//,/ }" # - - - - - - - - - - - - - - - - - - - - - - - - - # rewrite and merge variables ENV_PORTS="$(__format_variables "$ENV_PORTS" || false)" @@ -259,13 +262,13 @@ chmod -f 777 "/usr/local/etc/docker/exec" 2>/dev/null || true # - - - - - - - - - - - - - - - - - - - - - - - - - # lets ensure everyone can write to std* if [ -f "/dev/stdin" ]; then - chmod -f 777 "/dev/stdin" 2>/dev/null || true + chmod -f 777 "/dev/stdin" 2>/dev/null || true fi if [ -f "/dev/stderr" ]; then - chmod -f 777 "/dev/stderr" 2>/dev/null || true + chmod -f 777 "/dev/stderr" 2>/dev/null || true fi if [ -f "/dev/stdout" ]; then - chmod -f 777 "/dev/stdout" 2>/dev/null || true + chmod -f 777 "/dev/stdout" 2>/dev/null || true fi # - - - - - - - - - - - - - - - - - - - - - - - - - cat </dev/null | tee /etc/profile.d/locales.shadow /etc/profile.d/locales.sh >/dev/null 2>&1 || true @@ -276,197 +279,183 @@ EOF # - - - - - - - - - - - - - - - - - - - - - - - - - # Create the backup dir if [ -n "$BACKUP_DIR" ]; then - if [ ! -d "$BACKUP_DIR" ]; then - mkdir -p "$BACKUP_DIR" 2>/dev/null || true - fi + if [ ! -d "$BACKUP_DIR" ]; then + mkdir -p "$BACKUP_DIR" 2>/dev/null || true + fi fi # - - - - - - - - - - - - - - - - - - - - - - - - - if [ -f "$ENTRYPOINT_INIT_FILE" ]; then - ENTRYPOINT_MESSAGE="no" ENTRYPOINT_FIRST_RUN="no" + ENTRYPOINT_MESSAGE="no" ENTRYPOINT_FIRST_RUN="no" fi # - - - - - - - - - - - - - - - - - - - - - - - - - if [ "$ENTRYPOINT_FIRST_RUN" != "no" ]; then - if [ "$CONFIG_DIR_INITIALIZED" = "no" ] || [ "$DATA_DIR_INITIALIZED" = "no" ]; then - if [ "$ENTRYPOINT_MESSAGE" = "yes" ]; then - echo "Executing entrypoint script for opengist" - fi - fi - # - - - - - - - - - - - - - - - - - - - - - - - - - - # Set reusable variables - if [ -w "/etc" ] && [ ! -f "/etc/hosts" ]; then - UPDATE_FILE_HOSTS="yes" - touch "/etc/hosts" - elif [ -w "/etc/hosts" ]; then - UPDATE_FILE_HOSTS="yes" - touch "/etc/hosts" - fi - if [ -w "/etc" ] && [ ! -f "/etc/timezone" ]; then - UPDATE_FILE_TZ="yes" - touch "/etc/timezone" - elif [ -w "/etc/timezone" ]; then - UPDATE_FILE_TZ="yes" - touch "/etc/timezone" - fi - if [ -w "/etc" ] && [ ! -f "/etc/resolv.conf" ]; then - UPDATE_FILE_RESOLV="yes" - touch "/etc/resolv.conf" - elif [ -w "/etc/resolv.conf" ]; then - UPDATE_FILE_RESOLV="yes" - touch "/etc/resolv.conf" - fi - # - - - - - - - - - - - - - - - - - - - - - - - - - - # Set timezone - if [ -n "$TZ" ] && [ "$UPDATE_FILE_TZ" = "yes" ]; then - echo "$TZ" >"/etc/timezone" 2>/dev/null || true - fi - if [ -f "/usr/share/zoneinfo/$TZ" ] && [ "$UPDATE_FILE_TZ" = "yes" ]; then - ln -sf "/usr/share/zoneinfo/$TZ" "/etc/localtime" 2>/dev/null || true - fi - # - - - - - - - - - - - - - - - - - - - - - - - - - - # if ipv6 add it to /etc/hosts - if [ "$UPDATE_FILE_HOSTS" = "yes" ]; then - echo "# known hostname mappings" >"/etc/hosts" 2>/dev/null || true - if [ -n "$(ip a 2>/dev/null | grep 'inet6.*::' || ifconfig 2>/dev/null | grep 'inet6.*::')" ]; then - __printf_space "40" "::1" "localhost" >>"/etc/hosts" 2>/dev/null || true - __printf_space "40" "127.0.0.1" "localhost" >>"/etc/hosts" 2>/dev/null || true - else - __printf_space "40" "127.0.0.1" "localhost" >>"/etc/hosts" 2>/dev/null || true - fi - fi - # - - - - - - - - - - - - - - - - - - - - - - - - - - # add .internal domain - if [ "$UPDATE_FILE_HOSTS" = "yes" ] && [ -n "$HOSTNAME" ]; then - if ! __grep_test " $HOSTNAME" "/etc/hosts"; then - __printf_space "40" "${CONTAINER_IP4_ADDRESS:-127.0.0.1}" "$HOSTNAME" >>"/etc/hosts" 2>/dev/null || true - fi - if ! __grep_test " ${HOSTNAME%%.*}.internal" "/etc/hosts"; then - __printf_space "40" "${CONTAINER_IP4_ADDRESS:-127.0.0.1}" "${HOSTNAME%%.*}.internal" >>"/etc/hosts" 2>/dev/null || true - fi - fi - # - - - - - - - - - - - - - - - - - - - - - - - - - - # add domainname - if [ "$UPDATE_FILE_HOSTS" = "yes" ] && [ "$DOMAINNAME" != "internal" ] && [ -n "$DOMAINNAME" ] && [ "$HOSTNAME.$DOMAINNAME" != "$DOMAINNAME" ]; then - if ! __grep_test " ${HOSTNAME%%.*}.$DOMAINNAME" "/etc/hosts"; then - __printf_space "40" "${CONTAINER_IP4_ADDRESS:-127.0.0.1}" "${HOSTNAME%%.*}.$DOMAINNAME" >>"/etc/hosts" 2>/dev/null || true - fi - fi - # - - - - - - - - - - - - - - - - - - - - - - - - - - # Set containers hostname - if [ -n "$HOSTNAME" ] && [ "$UPDATE_FILE_HOSTS" = "yes" ]; then - echo "$HOSTNAME" >"/etc/hostname" 2>/dev/null || true - fi - # - - - - - - - - - - - - - - - - - - - - - - - - - - if [ -f "/etc/hostname" ]; then - if [ -n "$(type -P hostname 2>/dev/null)" ]; then - hostname -F "/etc/hostname" 2>/dev/null || true - else - HOSTNAME="$(<"/etc/hostname")" 2>/dev/null || true - fi - export HOSTNAME - fi - # - - - - - - - - - - - - - - - - - - - - - - - - - - # import hosts file into container - if [ -f "/usr/local/etc/hosts" ] && [ "$UPDATE_FILE_HOSTS" = "yes" ]; then - grep -vF "$HOSTNAME" "/usr/local/etc/hosts" 2>/dev/null >>"/etc/hosts" 2>/dev/null || true - fi - # - - - - - - - - - - - - - - - - - - - - - - - - - - # import resolv.conf file into container - if [ "$CUSTOM_DNS" != "yes" ] && [ -f "/usr/local/etc/resolv.conf" ] && [ "$UPDATE_FILE_RESOLV" = "yes" ]; then - cat "/usr/local/etc/resolv.conf" >"/etc/resolv.conf" 2>/dev/null || true - fi - # - - - - - - - - - - - - - - - - - - - - - - - - - - if [ -n "$HOME" ] && [ -d "/usr/local/etc/skel" ]; then - if [ -d "$HOME" ]; then - cp -Rf "/usr/local/etc/skel/." "$HOME/" 2>/dev/null || true - fi - fi + if [ "$CONFIG_DIR_INITIALIZED" = "no" ] || [ "$DATA_DIR_INITIALIZED" = "no" ]; then + if [ "$ENTRYPOINT_MESSAGE" = "yes" ]; then + echo "Executing entrypoint script for alpine" + fi + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - + # Set reusable variables + if [ -w "/etc" ] && [ ! -f "/etc/hosts" ]; then + UPDATE_FILE_HOSTS="yes" + touch "/etc/hosts" + elif [ -w "/etc/hosts" ]; then + UPDATE_FILE_HOSTS="yes" + touch "/etc/hosts" + fi + if [ -w "/etc" ] && [ ! -f "/etc/timezone" ]; then + UPDATE_FILE_TZ="yes" + touch "/etc/timezone" + elif [ -w "/etc/timezone" ]; then + UPDATE_FILE_TZ="yes" + touch "/etc/timezone" + fi + if [ -w "/etc" ] && [ ! -f "/etc/resolv.conf" ]; then + UPDATE_FILE_RESOLV="yes" + touch "/etc/resolv.conf" + elif [ -w "/etc/resolv.conf" ]; then + UPDATE_FILE_RESOLV="yes" + touch "/etc/resolv.conf" + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - + # Set timezone + if [ -n "$TZ" ] && [ "$UPDATE_FILE_TZ" = "yes" ]; then + echo "$TZ" >"/etc/timezone" 2>/dev/null || true + fi + if [ -f "/usr/share/zoneinfo/$TZ" ] && [ "$UPDATE_FILE_TZ" = "yes" ]; then + ln -sf "/usr/share/zoneinfo/$TZ" "/etc/localtime" 2>/dev/null || true + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - + # if ipv6 add it to /etc/hosts + if [ "$UPDATE_FILE_HOSTS" = "yes" ]; then + echo "# known hostname mappings" >"/etc/hosts" 2>/dev/null || true + if [ -n "$(ip a 2>/dev/null | grep 'inet6.*::' || ifconfig 2>/dev/null | grep 'inet6.*::')" ]; then + __printf_space "40" "::1" "localhost" >>"/etc/hosts" 2>/dev/null || true + __printf_space "40" "127.0.0.1" "localhost" >>"/etc/hosts" 2>/dev/null || true + else + __printf_space "40" "127.0.0.1" "localhost" >>"/etc/hosts" 2>/dev/null || true + fi + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - + # add .internal domain + if [ "$UPDATE_FILE_HOSTS" = "yes" ] && [ -n "$HOSTNAME" ]; then + if ! __grep_test " $HOSTNAME" "/etc/hosts"; then + __printf_space "40" "${CONTAINER_IP4_ADDRESS:-127.0.0.1}" "$HOSTNAME" >>"/etc/hosts" 2>/dev/null || true + fi + if ! __grep_test " ${HOSTNAME%%.*}.internal" "/etc/hosts"; then + __printf_space "40" "${CONTAINER_IP4_ADDRESS:-127.0.0.1}" "${HOSTNAME%%.*}.internal" >>"/etc/hosts" 2>/dev/null || true + fi + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - + # add domainname + if [ "$UPDATE_FILE_HOSTS" = "yes" ] && [ "$DOMAINNAME" != "internal" ] && [ -n "$DOMAINNAME" ] && [ "$HOSTNAME.$DOMAINNAME" != "$DOMAINNAME" ]; then + if ! __grep_test " ${HOSTNAME%%.*}.$DOMAINNAME" "/etc/hosts"; then + __printf_space "40" "${CONTAINER_IP4_ADDRESS:-127.0.0.1}" "${HOSTNAME%%.*}.$DOMAINNAME" >>"/etc/hosts" 2>/dev/null || true + fi + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - + # Set containers hostname + if [ -n "$HOSTNAME" ] && [ "$UPDATE_FILE_HOSTS" = "yes" ]; then + echo "$HOSTNAME" >"/etc/hostname" 2>/dev/null || true + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - + if [ -f "/etc/hostname" ]; then + if command -v hostname &>/dev/null; then + hostname -F "/etc/hostname" 2>/dev/null || true + else + HOSTNAME="$(<"/etc/hostname")" 2>/dev/null || true + fi + export HOSTNAME + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - + # import hosts file into container + if [ -f "/usr/local/etc/hosts" ] && [ "$UPDATE_FILE_HOSTS" = "yes" ]; then + grep -vF "$HOSTNAME" "/usr/local/etc/hosts" 2>/dev/null >>"/etc/hosts" || true + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - + # import resolv.conf file into container + if [ "$CUSTOM_DNS" != "yes" ] && [ -f "/usr/local/etc/resolv.conf" ] && [ "$UPDATE_FILE_RESOLV" = "yes" ]; then + cp -f "/usr/local/etc/resolv.conf" "/etc/resolv.conf" 2>/dev/null || true + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - + if [ -n "$HOME" ] && [ -d "/usr/local/etc/skel" ]; then + if [ -d "$HOME" ]; then + cp -Rf "/usr/local/etc/skel/." "$HOME/" 2>/dev/null || true + fi + fi # - - - - - - - - - - - - - - - - - - - - - - - - - fi # - - - - - - - - - - - - - - - - - - - - - - - - - -# Delete any .gitkeep files +# Delete any .gitkeep files (bash * does not match dotfiles by default, +# so the explicit /.gitkeep path is required at each depth) if [ -d "/data" ]; then - rm -Rf "/data/.gitkeep" "/data"/*/*.gitkeep 2>/dev/null || true + rm -Rf "/data/.gitkeep" "/data"/*/.gitkeep 2>/dev/null || true fi if [ -d "/config" ]; then - rm -Rf "/config/.gitkeep" "/config"/*/*.gitkeep 2>/dev/null || true + rm -Rf "/config/.gitkeep" "/config"/*/.gitkeep 2>/dev/null || true fi if [ -f "/usr/local/bin/.gitkeep" ]; then - rm -Rf "/usr/local/bin/.gitkeep" 2>/dev/null || true + rm -Rf "/usr/local/bin/.gitkeep" 2>/dev/null || true fi # - - - - - - - - - - - - - - - - - - - - - - - - - # Only run initialization on first run or when directories are not initialized if [ "$ENTRYPOINT_FIRST_RUN" != "no" ] || [ "$CONFIG_DIR_INITIALIZED" = "no" ] || [ "$DATA_DIR_INITIALIZED" = "no" ]; then - # - - - - - - - - - - - - - - - - - - - - - - - - - - # Setup bin directory - /config/bin > /usr/local/bin - __initialize_custom_bin_dir - # - - - - - - - - - - - - - - - - - - - - - - - - - - # Copy default system configs - /usr/local/share/template-files/defaults > /config/ - if [ "$CONFIG_DIR_INITIALIZED" = "no" ]; then - __initialize_default_templates - fi - # - - - - - - - - - - - - - - - - - - - - - - - - - - # Copy custom config files - /usr/local/share/template-files/config > /config/ - if [ "$CONFIG_DIR_INITIALIZED" = "no" ]; then - __initialize_config_dir - fi - # - - - - - - - - - - - - - - - - - - - - - - - - - - # Copy custom data files - /usr/local/share/template-files/data > /data/ - if [ "$DATA_DIR_INITIALIZED" = "no" ]; then - __initialize_data_dir - fi - # - - - - - - - - - - - - - - - - - - - - - - - - - - # Initialize SSL certificates - __initialize_ssl_certs - # - - - - - - - - - - - - - - - - - - - - - - - - - - # Mark directories as initialized (only write if not already initialized) - if [ -d "/config" ] && [ "$CONFIG_DIR_INITIALIZED" = "no" ]; then - echo "Initialized on: $INIT_DATE" >"$ENTRYPOINT_CONFIG_INIT_FILE" 2>/dev/null || true - CONFIG_DIR_INITIALIZED="yes" - fi - # - - - - - - - - - - - - - - - - - - - - - - - - - - if [ -d "/data" ] && [ "$DATA_DIR_INITIALIZED" = "no" ]; then - echo "Initialized on: $INIT_DATE" >"$ENTRYPOINT_DATA_INIT_FILE" 2>/dev/null || true - DATA_DIR_INITIALIZED="yes" - fi - # - - - - - - - - - - - - - - - - - - - - - - - - - - if [ -d "/config" ] && [ ! -f "$ENTRYPOINT_INIT_FILE" ]; then - echo "Initialized on: $INIT_DATE" >"$ENTRYPOINT_INIT_FILE" 2>/dev/null || true - fi - # - - - - - - - - - - - - - - - - - - - - - - - - - - # setup the smtp server - __setup_mta - # - - - - - - - - - - - - - - - - - - - - - - - - - - ENTRYPOINT_FIRST_RUN="no" + # - - - - - - - - - - - - - - - - - - - - - - - - - + # Setup bin directory - /config/bin > /usr/local/bin + __initialize_custom_bin_dir + # - - - - - - - - - - - - - - - - - - - - - - - - - + # Initialize SSL certificates + __initialize_ssl_certs + # - - - - - - - - - - - - - - - - - - - - - - - - - + # Mark directories as initialized (only write if not already initialized) + if [ -d "/config" ] && [ "$CONFIG_DIR_INITIALIZED" = "no" ]; then + echo "Initialized on: $INIT_DATE" >"$ENTRYPOINT_CONFIG_INIT_FILE" 2>/dev/null || true + CONFIG_DIR_INITIALIZED="yes" + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - + if [ -d "/data" ] && [ "$DATA_DIR_INITIALIZED" = "no" ]; then + echo "Initialized on: $INIT_DATE" >"$ENTRYPOINT_DATA_INIT_FILE" 2>/dev/null || true + DATA_DIR_INITIALIZED="yes" + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - + if [ -d "/config" ] && [ ! -f "$ENTRYPOINT_INIT_FILE" ]; then + echo "Initialized on: $INIT_DATE" >"$ENTRYPOINT_INIT_FILE" 2>/dev/null || true + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - + # setup the smtp server + __setup_mta + # - - - - - - - - - - - - - - - - - - - - - - - - - + ENTRYPOINT_FIRST_RUN="no" fi # - - - - - - - - - - - - - - - - - - - - - - - - - # if no pid assume container restart - clean stale files on restart if [ -f "$ENTRYPOINT_PID_FILE" ]; then - # Check if the PID in the file is still running - entrypoint_pid=$(cat "$ENTRYPOINT_PID_FILE" 2>/dev/null || echo "") - if [ -n "$entrypoint_pid" ] && kill -0 "$entrypoint_pid" 2>/dev/null; then - # Process is still running, don't restart services - START_SERVICES="no" - touch "$ENTRYPOINT_PID_FILE" - else - # PID file exists but process is dead - this is a restart - START_SERVICES="yes" - # Clean any stale PID files on restart - rm -f /run/__start_init_scripts.pid /run/init.d/*.pid /run/*.pid 2>/dev/null || true - fi + # Check if the PID in the file is still running + entrypoint_pid=$(<"$ENTRYPOINT_PID_FILE") 2>/dev/null + if [ -n "$entrypoint_pid" ] && kill -0 "$entrypoint_pid" 2>/dev/null; then + # Process is still running, don't restart services + START_SERVICES="no" + touch "$ENTRYPOINT_PID_FILE" + else + # PID file exists but process is dead - this is a restart + START_SERVICES="yes" + # Clean any stale PID files on restart + rm -f /run/.start_init_scripts.pid /run/init.d/*.pid /run/*.pid 2>/dev/null || true + fi else - START_SERVICES=yes - # Clean any stale PID files on first run - rm -f /run/__start_init_scripts.pid /run/init.d/*.pid /run/*.pid 2>/dev/null || true + START_SERVICES=yes + # Clean any stale PID files on first run + rm -f /run/.start_init_scripts.pid /run/init.d/*.pid /run/*.pid 2>/dev/null || true fi # - - - - - - - - - - - - - - - - - - - - - - - - - [ "$ENTRYPOINT_MESSAGE" = "yes" ] && __printf_space "40" "The containers ip address is:" "$CONTAINER_IP4_ADDRESS" # - - - - - - - - - - - - - - - - - - - - - - - - - # Show configured listing processes if [ "$ENTRYPOINT_MESSAGE" = "yes" ] && [ -n "$ENV_PORTS" ]; then - show_port="" - for port in $ENV_PORTS; do [ -n "$port" ] && show_port+="$(printf '%s ' "${port// /}") "; done - __printf_space "40" "The following ports are open:" "$show_port" - unset port show_port + show_port="" + for port in $ENV_PORTS; do [ -n "$port" ] && show_port+="$(printf '%s ' "${port// /}") "; done + __printf_space "40" "The following ports are open:" "$show_port" + unset port show_port fi # - - - - - - - - - - - - - - - - - - - - - - - - - # execute init script @@ -482,7 +471,7 @@ __set_user_group_id $SERVICE_USER ${SERVICE_UID:-} ${SERVICE_GID:-} __run_message # - - - - - - - - - - - - - - - - - - - - - - - - - # Just start services -START_SERVICES="${START_SERVICES:-SYSTEM_INIT}" +START_SERVICES="${START_SERVICES:-yes}" # - - - - - - - - - - - - - - - - - - - - - - - - - # Determine if we should start services based on command # Only skip service start for the 'init' command @@ -492,212 +481,191 @@ SKIP_SERVICE_START="no" # - - - - - - - - - - - - - - - - - - - - - - - - - # Start all services if no pidfile and not skipping if [ "$START_SERVICES" = "yes" ] || [ -z "$1" ]; then - if [ "$SKIP_SERVICE_START" = "no" ]; then - [ "$1" = "start" ] && shift 1 - [ "$1" = "all" ] && shift 1 - rm -Rf "/run"/*/*pid 2>/dev/null || true - echo "$$" >"$ENTRYPOINT_PID_FILE" - __start_init_scripts "/usr/local/etc/docker/init.d" - CONTAINER_INIT="${CONTAINER_INIT:-no}" - # Services started successfully - enter monitoring mode - __no_exit - exit $? - fi - START_SERVICES="no" + if [ "$SKIP_SERVICE_START" = "no" ]; then + [ "$1" = "start" ] && shift 1 + [ "$1" = "all" ] && shift 1 + rm -Rf "/run"/*/*pid 2>/dev/null || true + echo "$$" >"$ENTRYPOINT_PID_FILE" + __start_init_scripts "/usr/local/etc/docker/init.d" + CONTAINER_INIT="${CONTAINER_INIT:-no}" + # Services started successfully - enter monitoring mode + __no_exit + exit $? + fi + START_SERVICES="no" fi export START_SERVICES CONTAINER_INIT ENTRYPOINT_PID_FILE # - - - - - - - - - - - - - - - - - - - - - - - - - # Begin options case "$1" in init) - shift 1 - __log_info "Container has been initialized" - exit 0 - ;; + shift 1 + __log_info "Container has been initialized" + exit 0 + ;; tail) - shift 1 - case "$1" in - null) - shift $# - tail -F "/dev/null" - ;; - app) - shift $# - tail -F /data/logs/*/*.log - ;; - -*) - tail "$@" - ;; - *) - tail -F "${@:-/dev/null}" - ;; - esac - ;; + shift 1 + case "$1" in + null) + shift $# + tail -F "/dev/null" + ;; + app) + shift $# + tail -F /data/logs/*/*.log + ;; + -*) + tail "$@" + ;; + *) + tail -F "${@:-/dev/null}" + ;; + esac + ;; logs) - shift 1 - case "$1" in - follow) - tail -Fq /data/logs/*/* - ;; - clean) - log_files="$(find "/data/logs" -type f)" - for log in "${log_files[@]}"; do - __log_info "Clearing log file: $log" - printf '' >$log - done - ;; - *) - echo "Usage: logs [follow,clean]" - exit 0 - ;; - esac - ;; + shift 1 + case "$1" in + follow) + tail -Fq /data/logs/*/* + ;; + clean) + mapfile -t log_files < <(find "/data/logs" -type f 2>/dev/null) + for log in "${log_files[@]}"; do + __log_info "Clearing log file: $log" + printf '' >"$log" + done + ;; + *) + echo "Usage: logs [follow,clean]" + exit 0 + ;; + esac + ;; cron) - shift 1 - __cron "$@" & - __log_info "Cron script is running with PID: $!" - exit - ;; + shift 1 + __cron "$@" & + __log_info "Cron script is running with PID: $!" + exit + ;; # backup data and config dirs backup) - shift 1 - __backup $BACKUP_MAX_DAYS $1 - exit $? - ;; + shift 1 + __backup $BACKUP_MAX_DAYS $1 + exit $? + ;; # Docker healthcheck healthcheck) - shift 1 - case "$1" in - init | test) - exit 0 - ;; - *) - arguments="$*" - healthStatus=0 - healthEnabled="${HEALTH_ENABLED:-}" - healthPorts="${WEB_SERVER_PORTS:-}" - healthEndPoints="${HEALTH_ENDPOINTS:-}" - SERVICES_LIST="${arguments:-$SERVICES_LIST}" - services="$(echo "${SERVICES_LIST//,/ }")" - healthMessage="Everything seems to be running" - [ "$healthEnabled" = "yes" ] || exit 0 - if [ -d "/run/healthcheck" ] && [ "$(ls -A "/run/healthcheck" | wc -l)" -ne 0 ]; then - for service in /run/healthcheck/*; do - name="${service##*/}" - services+="$name " - done - fi - services="$(echo "$services" | tr ' ' '\n' | sort -u | grep -v '^$')" - for proc in $services; do - if [ -n "$proc" ]; then - if ! __pgrep "$proc"; then - echo "$proc is not running" >&2 - healthStatus=$((healthStatus + 1)) - fi - fi - done - for port in $ports; do - if [ -n "$(type -P netstat)" ] && [ -n "$port" ]; then - if ! netstat -taupln | grep -q ":$port "; then - echo "$port isn't open" >&2 - healthStatus=$((healthStatus + 1)) - fi - fi - done - for endpoint in $healthEndPoints; do - if [ -n "$endpoint" ]; then - if ! __curl "$endpoint"; then - echo "Can not connect to $endpoint" >&2 - healthStatus=$((healthStatus + 1)) - fi - fi - done - [ "$healthStatus" -eq 0 ] || healthMessage="Errors reported see: docker logs --follow $CONTAINER_NAME" - [ -n "$healthMessage" ] && echo "$healthMessage" - exit $healthStatus - ;; - esac - ;; - # show open ports + shift 1 + case "$1" in + init | test) + exit 0 + ;; + *) + arguments="$*" + healthStatus=0 + healthEnabled="${HEALTH_ENABLED:-}" + healthPorts="${WEB_SERVER_PORTS:-}" + healthEndPoints="${HEALTH_ENDPOINTS:-}" + SERVICES_LIST="${arguments:-$SERVICES_LIST}" + services="${SERVICES_LIST//,/ }" + healthMessage="Everything seems to be running" + [ "$healthEnabled" = "yes" ] || exit 0 + if [ -d "/run/healthcheck" ] && ! __is_dir_empty "/run/healthcheck"; then + for service in /run/healthcheck/*; do + name="${service##*/}" + services+="$name " + done + fi + services="$(printf '%s\n' $services | sort -u | grep -v '^$')" + for proc in $services; do + if [ -n "$proc" ]; then + if ! __pgrep "$proc"; then + echo "$proc is not running" >&2 + healthStatus=$((healthStatus + 1)) + fi + fi + done + for port in $healthPorts; do + if command -v netstat &>/dev/null && [ -n "$port" ]; then + if ! netstat -taupln | grep -q ":$port "; then + echo "$port isn't open" >&2 + healthStatus=$((healthStatus + 1)) + fi + fi + done + for endpoint in $healthEndPoints; do + if [ -n "$endpoint" ]; then + if ! __curl "$endpoint"; then + echo "Can not connect to $endpoint" >&2 + healthStatus=$((healthStatus + 1)) + fi + fi + done + [ "$healthStatus" -eq 0 ] || healthMessage="Errors reported see: docker logs --follow $CONTAINER_NAME" + [ -n "$healthMessage" ] && echo "$healthMessage" + exit $healthStatus + ;; + esac + ;; + # show open ports ports) - shift 1 - ports="$(__netstat -taupln | awk -F ' ' '{print $4}' | awk -F ':' '{print $2}' | sort --unique --version-sort | grep -v '^$' | grep '^' || echo '')" - [ -n "$ports" ] && printf '%s\n%s\n' "The following are servers:" "$ports" | tr '\n' ' ' - exit $? - ;; - # show running processes + shift 1 + ports="$(__netstat -taupln 2>/dev/null | awk '{ split($4, a, ":"); if (a[2] != "") print a[2] }' | sort -uV)" + [ -n "$ports" ] && printf '%s\n%s\n' "The following are servers:" "$ports" | tr '\n' ' ' + exit $? + ;; + # show running processes procs) - shift 1 - ps="$(__ps axco command | grep -vE 'COMMAND|grep|ps' | sort -u || grep '^' || echo '')" - [ -n "$ps" ] && printf '%s\n%s\n' "Found the following processes" "$ps" | tr '\n' ' ' - exit $? - ;; - # setup ssl -ssl) - shift 1 - __create_ssl_cert - exit $? - ;; -# manage ssl certificate -certbot) - shift 1 - CERT_BOT_ENABLED="yes" - if [ "$1" = "create" ]; then - shift 1 - __certbot "create" - elif [ "$1" = "renew" ]; then - shift 1 - __certbot "renew certonly --force-renew" - else - __exec_command "certbot" "$@" - fi - exit $? - ;; + shift 1 + ps="$(__ps axco command 2>/dev/null | grep -vE '^(COMMAND|grep|ps)$' | sort -u)" + [ -n "$ps" ] && printf '%s\n%s\n' "Found the following processes" "$ps" | tr '\n' ' ' + exit $? + ;; # Launch shell */bin/sh | */bin/bash | bash | sh | shell) - shift 1 - __exec_command "${@:-/bin/bash -l}" - exit $? - ;; + shift 1 + __exec_command "${@:-/bin/bash -l}" + exit $? + ;; # execute commands exec) - shift 1 - __exec_command "${@:-echo "No commands given"}" - exit $? - ;; + shift 1 + __exec_command "${@:-echo "No commands given"}" + exit $? + ;; # show/start init scripts start) - shift 1 - export PATH="/usr/local/etc/docker/init.d:$PATH" - if [ $# -eq 0 ]; then - scripts="$(ls -A "/usr/local/etc/docker/init.d")" - [ -n "$scripts" ] && echo "$scripts" || echo "No scripts found in: /usr/local/etc/docker/init.d" - exit - elif [ "$1" = "all" ]; then - shift $# - if [ "$START_SERVICES" = "yes" ]; then - echo "$$" >"$ENTRYPOINT_PID_FILE" - __start_init_scripts "/usr/local/etc/docker/init.d" - __no_exit - elif [ -f "/usr/local/etc/docker/init.d/$1" ]; then - eval "/usr/local/etc/docker/init.d/$1" & - __no_exit - fi - fi - ;; + shift 1 + export PATH="/usr/local/etc/docker/init.d:$PATH" + if [ $# -eq 0 ]; then + scripts="$(ls -A "/usr/local/etc/docker/init.d")" + [ -n "$scripts" ] && echo "$scripts" || echo "No scripts found in: /usr/local/etc/docker/init.d" + exit + elif [ "$1" = "all" ]; then + shift $# + if [ "$START_SERVICES" = "yes" ]; then + echo "$$" >"$ENTRYPOINT_PID_FILE" + __start_init_scripts "/usr/local/etc/docker/init.d" + __no_exit + elif [ -f "/usr/local/etc/docker/init.d/$1" ]; then + eval "/usr/local/etc/docker/init.d/$1" & + __no_exit + fi + fi + ;; # Execute primary command *) - if [ $# -eq 0 ]; then - if [ ! -f "$ENTRYPOINT_PID_FILE" ]; then - echo "$$" >"$ENTRYPOINT_PID_FILE" - [ "$START_SERVICES" = "no" ] && [ "$CONTAINER_INIT" = "yes" ] || __start_init_scripts "/usr/local/etc/docker/init.d" - fi - __no_exit - else - __exec_command "$@" - fi - exit $? - ;; + if [ $# -eq 0 ]; then + if [ ! -f "$ENTRYPOINT_PID_FILE" ]; then + echo "$$" >"$ENTRYPOINT_PID_FILE" + [ "$START_SERVICES" = "no" ] && [ "$CONTAINER_INIT" = "yes" ] || __start_init_scripts "/usr/local/etc/docker/init.d" + fi + __no_exit + else + __exec_command "$@" + fi + exit $? + ;; esac # - - - - - - - - - - - - - - - - - - - - - - - - - # end of entrypoint diff --git a/rootfs/usr/local/etc/docker/functions/entrypoint.sh b/rootfs/usr/local/etc/docker/functions/entrypoint.sh index 46003c3..3e62e2a 100644 --- a/rootfs/usr/local/etc/docker/functions/entrypoint.sh +++ b/rootfs/usr/local/etc/docker/functions/entrypoint.sh @@ -1,7 +1,7 @@ #!/usr/bin/env bash # shellcheck shell=bash # - - - - - - - - - - - - - - - - - - - - - - - - - -##@Version : 202606041215-git +##@Version : 202606051249-git # @@Author : Jason Hempstead # @@Contact : git-admin@casjaysdev.pro # @@License : LICENSE.md @@ -25,11 +25,11 @@ if [ -f "/config/.debug" ] && [ -z "$DEBUGGER_OPTIONS" ]; then export DEBUGGER_OPTIONS="$(<"/config/.debug")" fi if [ "$DEBUGGER" = "on" ] || [ -f "/config/.debug" ]; then - set -o pipefail + set -eo pipefail [ -n "$DEBUGGER_OPTIONS" ] && set -"$DEBUGGER_OPTIONS" export DEBUGGER="on" else - set -o pipefail + set -eo pipefail fi # - - - - - - - - - - - - - - - - - - - - - - - - - __remove_extra_spaces() { sed -E 's/ +/ /g; s|^ ||'; } @@ -257,7 +257,8 @@ __trim() { __banner() { local message="$*" local total_width=80 - local content_width=$((total_width - 14)) # Account for "# - - - " and " - - - #" + # Account for "# - - - " and " - - - #" + local content_width=$((total_width - 14)) printf '# - - - %-*s - - - #\n' "$content_width" "$message" } # - - - - - - - - - - - - - - - - - - - - - - - - - @@ -267,9 +268,12 @@ __service_banner() { local service="${3:-service}" local full_message="$message $service" local total_width=80 - local content_width=$((total_width - 14)) # Account for "# - - - " and " - - - #" - local icon_width=2 # Most emojis are 2 chars wide - local text_width=$((content_width - icon_width * 2 - 2)) # Account for both icons and spaces + # Account for "# - - - " and " - - - #" + local content_width=$((total_width - 14)) + # Most emojis are 2 chars wide + local icon_width=2 + # Account for both icons and spaces + local text_width=$((content_width - icon_width * 2 - 2)) printf '# - - - %s %-*s %s - - - #\n' "$icon" "$text_width" "$full_message" "$icon" } # - - - - - - - - - - - - - - - - - - - - - - - - - @@ -325,9 +329,12 @@ __find_mongodb_conf() { __random_password() { tr -dc '0-9a-zA-Z' < /dev/urandom | head -c${1:-16} && echo ""; } # - - - - - - - - - - - - - - - - - - - - - - - - - __init_working_dir() { - local service_name="$SERVICE_NAME" # get service name - local workdir="$(eval echo "${WORK_DIR:-}")" # expand variables - local home="$(eval echo "${workdir//\/root/\/tmp\/docker}")" # expand variables + # get service name + local service_name="$SERVICE_NAME" + # expand variables + local workdir="$(eval echo "${WORK_DIR:-}")" + # expand variables + local home="$(eval echo "${workdir//\/root/\/tmp\/docker}")" # set working directories [ "$home" = "$workdir" ] && workdir="" [ "$home" = "/root" ] && home="/tmp/$service_name" @@ -978,10 +985,10 @@ __start_init_scripts() { [ "$1" = " " ] && shift 1 if [ "$DEBUGGER" = "on" ]; then echo "Enabling debugging" - set -o pipefail + set -eo pipefail [ -n "$DEBUGGER_OPTIONS" ] && set -"$DEBUGGER_OPTIONS" else - set -o pipefail + set -eo pipefail fi local retPID="" local basename="" @@ -1614,3 +1621,4 @@ export ENTRYPOINT_PID_FILE ENTRYPOINT_INIT_FILE ENTRYPOINT_FIRST_RUN export -f __get_pid __start_init_scripts __is_running __update_ssl_certs __create_ssl_cert # - - - - - - - - - - - - - - - - - - - - - - - - - # end of functions +# vim: set ft=sh ts=4 sw=4 st=4 et : diff --git a/rootfs/usr/local/etc/docker/init.d/00-opengist.sh b/rootfs/usr/local/etc/docker/init.d/00-opengist.sh index dc270f5..7bc7070 100755 --- a/rootfs/usr/local/etc/docker/init.d/00-opengist.sh +++ b/rootfs/usr/local/etc/docker/init.d/00-opengist.sh @@ -1,13 +1,13 @@ #!/usr/bin/env bash # shellcheck shell=bash # - - - - - - - - - - - - - - - - - - - - - - - - - -##@Version : 202511290807-git +##@Version : 202606051249-git # @@Author : Jason Hempstead # @@Contact : jason@casjaysdev.pro # @@License : LICENSE.md # @@ReadME : 00-opengist.sh --help -# @@Copyright : Copyright: (c) 2025 Jason Hempstead, Casjays Developments -# @@Created : Saturday, Nov 29, 2025 08:07 EST +# @@Copyright : Copyright: (c) 2026 Jason Hempstead, Casjays Developments +# @@Created : Friday, Jun 12, 2026 05:22 EDT # @@File : 00-opengist.sh # @@Description : # @@Changelog : New script @@ -20,11 +20,34 @@ # - - - - - - - - - - - - - - - - - - - - - - - - - # shellcheck disable=SC1001,SC1003,SC2001,SC2003,SC2016,SC2031,SC2090,SC2115,SC2120,SC2155,SC2199,SC2229,SC2317,SC2329 # - - - - - - - - - - - - - - - - - - - - - - - - - -set -e +set -eo pipefail # - - - - - - - - - - - - - - - - - - - - - - - - - # run trap command on exit -trap 'retVal=$?; echo "❌ Fatal error occurred: Exit code $retVal at line $LINENO in command: $BASH_COMMAND"; kill -TERM 1' ERR -trap 'retVal=$?;if [ "$SERVICE_IS_RUNNING" != "yes" ] && [ -f "$SERVICE_PID_FILE" ]; then rm -Rf "$SERVICE_PID_FILE"; fi;exit $retVal' SIGINT SIGTERM SIGPWR +trap '__trap_err_handler' ERR +trap 'retVal=$?;if [ "$SERVICE_IS_RUNNING" != "yes" ] && [ -f "$SERVICE_PID_FILE" ]; then rm -Rf "$SERVICE_PID_FILE"; fi;exit $retVal' SIGINT SIGTERM +trap 'retVal=$?;if [ "$SERVICE_IS_RUNNING" != "yes" ] && [ -f "$SERVICE_PID_FILE" ]; then rm -Rf "$SERVICE_PID_FILE"; fi;exit $retVal' SIGPWR 2>/dev/null || true +# - - - - - - - - - - - - - - - - - - - - - - - - - +# ERR trap handler - smart about critical vs non-critical errors +__trap_err_handler() { + local retVal=$? + local command="$BASH_COMMAND" + # Ignore SIGPIPE and user interrupts + [ $retVal -eq 130 ] || [ $retVal -eq 141 ] && return $retVal + # Non-critical: file operations, text processing, user/group operations + if [[ "$command" =~ (mkdir|touch|chmod|chown|chgrp|ln|cp|mv|rm|echo|printf|cat|tee|sed|awk|grep|find|sort|uniq|adduser|addgroup|usermod|groupmod|id|getent) ]]; then + return 0 + fi + # Non-critical: conditional checks that might fail + if [[ "$command" =~ (test|\[|\[\[|kill -0|pgrep|pidof|ps) ]]; then + return 0 + fi + # Critical error - but only fail if service hasn't started yet + if [ "$SERVICE_IS_RUNNING" != "yes" ]; then + echo "❌ Critical error (exit $retVal): $command" >&2 + kill -TERM 1 2>/dev/null || exit $retVal + fi + return 0 +} # - - - - - - - - - - - - - - - - - - - - - - - - - SCRIPT_FILE="$0" SERVICE_NAME="opengist" @@ -43,11 +66,20 @@ __script_exit() { } # - - - - - - - - - - - - - - - - - - - - - - - - - # Exit if service is disabled -[ -z "$OPENGIST_APPNAME_ENABLED" ] || if [ "$OPENGIST_APPNAME_ENABLED" != "yes" ]; then export SERVICE_DISABLED="$SERVICE_NAME" && __script_exit 0; fi +if [ -n "$OPENGIST_APPNAME_ENABLED" ]; then + if [ "$OPENGIST_APPNAME_ENABLED" != "yes" ]; then + export SERVICE_DISABLED="$SERVICE_NAME" + __script_exit 0 + fi +fi # - - - - - - - - - - - - - - - - - - - - - - - - - # setup debugging - https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html [ -f "/config/.debug" ] && [ -z "$DEBUGGER_OPTIONS" ] && export DEBUGGER_OPTIONS="$(<"/config/.debug")" || DEBUGGER_OPTIONS="${DEBUGGER_OPTIONS:-}" -{ [ "$DEBUGGER" = "on" ] || [ -f "/config/.debug" ]; } && echo "Enabling debugging" && set -xo pipefail -x$DEBUGGER_OPTIONS && export DEBUGGER="on" || set -o pipefail +if [ "$DEBUGGER" = "on" ] || [ -f "/config/.debug" ]; then + echo "Enabling debugging" + [ -n "$DEBUGGER_OPTIONS" ] && set -"$DEBUGGER_OPTIONS" + export DEBUGGER="on" +fi # - - - - - - - - - - - - - - - - - - - - - - - - - export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin" # - - - - - - - - - - - - - - - - - - - - - - - - - @@ -58,7 +90,9 @@ fi # - - - - - - - - - - - - - - - - - - - - - - - - - # import variables for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do - [ -f "$set_env" ] && . "$set_env" + if [ -f "$set_env" ]; then + . "$set_env" + fi done # - - - - - - - - - - - - - - - - - - - - - - - - - # exit if __start_init_scripts function hasn't been Initialized @@ -69,7 +103,7 @@ if [ ! -f "/run/.start_init_scripts.pid" ]; then fi # Clean up any stale PID file for this service on startup if [ -n "$SERVICE_NAME" ] && [ -f "/run/init.d/$SERVICE_NAME.pid" ]; then - old_pid=$(cat "/run/init.d/$SERVICE_NAME.pid" 2>/dev/null) + old_pid=$(<"/run/init.d/$SERVICE_NAME.pid") 2>/dev/null if [ -n "$old_pid" ] && ! kill -0 "$old_pid" 2>/dev/null; then echo "🧹 Removing stale PID file for $SERVICE_NAME" rm -f "/run/init.d/$SERVICE_NAME.pid" @@ -108,7 +142,7 @@ RUN_DIR="/run/opengist" LOG_DIR="/data/logs/opengist" # - - - - - - - - - - - - - - - - - - - - - - - - - # Set the working dir -WORK_DIR="" +WORK_DIR="$DATA_DIR" # - - - - - - - - - - - - - - - - - - - - - - - - - # port which service is listening on SERVICE_PORT="80" @@ -140,7 +174,7 @@ EXEC_CMD_BIN='opengist' EXEC_CMD_ARGS='--config $ETC_DIR/config.yaml start' # execute script before EXEC_PRE_SCRIPT='' -# Set to no if the service is not running otherwise leave blank +# Set to 'no' for configuration services (no daemon process), leave blank for actual services SERVICE_USES_PID='' # - - - - - - - - - - - - - - - - - - - - - - - - - # Is this service a web server @@ -164,10 +198,6 @@ POST_EXECUTE_WAIT_TIME="1" # Update path var PATH="$PATH:." # - - - - - - - - - - - - - - - - - - - - - - - - - -# Lets get containers ip address -IP4_ADDRESS="$(__get_ip4)" -IP6_ADDRESS="$(__get_ip6)" -# - - - - - - - - - - - - - - - - - - - - - - - - - # Where to save passwords to # directory to save username/password for root user ROOT_FILE_PREFIX="/config/secure/auth/root" @@ -188,12 +218,16 @@ user_pass="${OPENGIST_USER_PASS_WORD:-}" # - - - - - - - - - - - - - - - - - - - - - - - - - # Load variables from config # Generated by my dockermgr script -[ -f "/config/env/opengist.script.sh" ] && . "/config/env/opengist.script.sh" -# Overwrite the variabes -[ -f "/config/env/opengist.sh" ] && . "/config/env/opengist.sh" +if [ -f "/config/env/opengist.script.sh" ]; then + . "/config/env/opengist.script.sh" +fi +# Overwrite the variables +if [ -f "/config/env/opengist.sh" ]; then + . "/config/env/opengist.sh" +fi # - - - - - - - - - - - - - - - - - - - - - - - - - # Additional predefined variables -DATABASE_DIR="/data/db/sqlite" + # - - - - - - - - - - - - - - - - - - - - - - - - - # Additional variables @@ -221,11 +255,15 @@ CMD_ENV="" __run_precopy() { # Define environment local hostname=${HOSTNAME} - [ -d "/run/healthcheck" ] || mkdir -p "/run/healthcheck" + if [ ! -d "/run/healthcheck" ]; then + mkdir -p "/run/healthcheck" + fi # Define actions/commands # allow custom functions - if builtin type -t __run_precopy_local | grep -q 'function'; then __run_precopy_local; fi + if builtin type -t __run_precopy_local | grep -q 'function'; then + __run_precopy_local + fi } # - - - - - - - - - - - - - - - - - - - - - - - - - # Custom prerun functions - IE setup WWW_ROOT_DIR @@ -235,7 +273,9 @@ __execute_prerun() { # Define actions/commands # allow custom functions - if builtin type -t __execute_prerun_local | grep -q 'function'; then __execute_prerun_local; fi + if builtin type -t __execute_prerun_local | grep -q 'function'; then + __execute_prerun_local + fi } # - - - - - - - - - - - - - - - - - - - - - - - - - # Run any pre-execution checks @@ -257,11 +297,15 @@ __run_pre_execute_checks() { # show exit message if [ $exitStatus -ne 0 ]; then echo "The pre-execution check has failed" >&2 - [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE" + if [ -f "$SERVICE_PID_FILE" ]; then + rm -Rf "$SERVICE_PID_FILE" + fi __script_exit 1 fi # allow custom functions - if builtin type -t __run_pre_execute_checks_local | grep -q 'function'; then __run_pre_execute_checks_local; fi + if builtin type -t __run_pre_execute_checks_local | grep -q 'function'; then + __run_pre_execute_checks_local + fi # exit function return $exitStatus } @@ -281,15 +325,19 @@ __update_conf_files() { # - - - - - - - - - - - - - - - - - - - - - - - - - # replace variables - # __replace "" "" "$CONF_DIR/opengist.conf" + __replace "REPLACE_HOSTNAME" "$sysname" "$ETC_DIR/opengist.yaml" + __replace "REPLACE_DATA_DIR" "$DATA_DIR" "$ETC_DIR/opengist.yaml" + __replace "REPLACE_SERVER_PORT" "$SERVICE_PORT" "$ETC_DIR/opengist.yaml" # replace variables recursively - __initialize_replace_variables "$ETC_DIR" "$CONF_DIR" + # __find_replace "" "" "$CONF_DIR" # - - - - - - - - - - - - - - - - - - - - - - - - - # define actions - [ "$DATABASE_DIR" ] && chown -Rf $SERVICE_USER:$SERVICE_GROUP "$DATABASE_DIR" + # allow custom functions - if builtin type -t __update_conf_files_local | grep -q 'function'; then __update_conf_files_local; fi + if builtin type -t __update_conf_files_local | grep -q 'function'; then + __update_conf_files_local + fi # exit function return $exitCode } @@ -311,7 +359,9 @@ __pre_execute() { # Lets wait a few seconds before continuing sleep 2 # allow custom functions - if builtin type -t __pre_execute_local | grep -q 'function'; then __pre_execute_local; fi + if builtin type -t __pre_execute_local | grep -q 'function'; then + __pre_execute_local + fi # exit function return $exitCode } @@ -341,10 +391,12 @@ __post_execute() { # show exit message __banner "$postMessageEnd: Status $retVal" ) 2>"/dev/stderr" | tee -p -a "/data/logs/init.txt" & - pid=$! - ps ax | awk '{print $1}' | grep -v grep | grep -q "$execPid$" && retVal=0 || retVal=10 + # fire-and-forget: backgrounded subshell always succeeds at launch + retVal=0 # allow custom functions - if builtin type -t __post_execute_local | grep -q 'function'; then __post_execute_local; fi + if builtin type -t __post_execute_local | grep -q 'function'; then + __post_execute_local + fi # exit function return $retVal } @@ -352,11 +404,15 @@ __post_execute() { # use this function to update config files - IE: change port __pre_message() { local exitCode=0 - [ -n "$PRE_EXEC_MESSAGE" ] && eval echo "$PRE_EXEC_MESSAGE" + if [ -n "$PRE_EXEC_MESSAGE" ]; then + eval echo "$PRE_EXEC_MESSAGE" + fi # execute commands # allow custom functions - if builtin type -t __pre_message_local | grep -q 'function'; then __pre_message_local; fi + if builtin type -t __pre_message_local | grep -q 'function'; then + __pre_message_local + fi # exit function return $exitCode } @@ -364,12 +420,13 @@ __pre_message() { # use this function to setup ssl support __update_ssl_conf() { local exitCode=0 - # set hostname local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # execute commands # allow custom functions - if builtin type -t __update_ssl_conf_local | grep -q 'function'; then __update_ssl_conf_local; fi + if builtin type -t __update_ssl_conf_local | grep -q 'function'; then + __update_ssl_conf_local + fi # set exitCode return $exitCode } @@ -412,8 +469,12 @@ EOF __update_ssl_conf_local() { true; } # - - - - - - - - - - - - - - - - - - - - - - - - - fi - __file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" || exitCode=$((exitCode + 1)) - __file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.local.sh" || exitCode=$((exitCode + 1)) + if ! __file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"; then + exitCode=$((exitCode + 1)) + fi + if ! __file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.local.sh"; then + exitCode=$((exitCode + 1)) + fi return $exitCode } # - - - - - - - - - - - - - - - - - - - - - - - - - @@ -440,99 +501,146 @@ __run_start_script() { local path="$(eval echo "$PATH")" # expand variables local message="$(eval echo "")" - # set hostname local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" - [ -f "$CONF_DIR/$SERVICE_NAME.exec_cmd.sh" ] && . "$CONF_DIR/$SERVICE_NAME.exec_cmd.sh" + if [ -f "$CONF_DIR/$SERVICE_NAME.exec_cmd.sh" ]; then + . "$CONF_DIR/$SERVICE_NAME.exec_cmd.sh" + fi # if [ -z "$cmd" ]; then __post_execute 2>"/dev/stderr" | tee -p -a "/data/logs/init.txt" retVal=$? - echo "Initializing $SCRIPT_NAME has completed" + __log_info "Initialization of $SCRIPT_NAME has completed" __script_exit $retVal else # ensure the command exists if [ ! -x "$cmd" ]; then - echo "$name is not a valid executable" + __log_error "$name is not a valid executable" return 2 fi - # check and exit if already running + # check and exit if already running (respects SERVICE_USES_PID in __proc_check) if __proc_check "$name" || __proc_check "$cmd"; then + __log_debug "Service $name is already running" return 0 else # - - - - - - - - - - - - - - - - - - - - - - - - - # show message if env exists if [ -n "$cmd" ]; then - [ -n "$SERVICE_USER" ] && echo "Setting up $cmd to run as $SERVICE_USER" || SERVICE_USER="root" - [ -n "$SERVICE_PORT" ] && echo "$name will be running on port $SERVICE_PORT" || SERVICE_PORT="" + if [ -n "$SERVICE_USER" ]; then + __log_info "Setting up $cmd to run as $SERVICE_USER" + else + SERVICE_USER="root" + fi + if [ -n "$SERVICE_PORT" ]; then + __log_info "$name will be running on port $SERVICE_PORT" + else + SERVICE_PORT="" + fi fi - if [ -n "$pre" ] && [ -n "$(command -v "$pre" 2>/dev/null)" ]; then + if [ -n "$pre" ] && command -v "$pre" &>/dev/null; then export cmd_exec="$pre $cmd $args" message="Starting service: $name $args through $pre" else export cmd_exec="$cmd $args" message="Starting service: $name $args" fi - [ -n "$su_exec" ] && echo "using $su_exec" | tee -a -p "/data/logs/init.txt" - echo "$message" | tee -a -p "/data/logs/init.txt" + if [ -n "$su_exec" ]; then + __log_debug "Using $su_exec" | tee -a -p "/data/logs/init.txt" + fi + __log_info "$message" | tee -a -p "/data/logs/init.txt" su_cmd touch "$SERVICE_PID_FILE" + # W14: invalidate cached START_SCRIPT if key variables changed + local _script_hash_src="$cmd $args $SERVICE_USER $RESET_ENV $su_exec" + local _script_hash + _script_hash=$(printf '%s' "$_script_hash_src" | md5sum 2>/dev/null | cut -c1-8 || true) + if [ -f "${START_SCRIPT}.hash" ] && [ -f "$START_SCRIPT" ]; then + if [ "$(<"${START_SCRIPT}.hash")" != "$_script_hash" ]; then + rm -f "$START_SCRIPT" "${START_SCRIPT}.hash" + fi + fi if [ "$RESET_ENV" = "yes" ]; then - env_command="$(echo "env -i HOME=\"$home\" LC_CTYPE=\"$lc_type\" PATH=\"$path\" HOSTNAME=\"$sysname\" USER=\"${SERVICE_USER:-$RUNAS_USER}\" $extra_env")" - execute_command="$(__trim "$su_exec $env_command $cmd_exec")" + # RESET_ENV=yes intentionally strips all inherited vars; only explicit vars are passed if [ ! -f "$START_SCRIPT" ]; then - cat <"$START_SCRIPT" -#!/usr/bin/env bash -trap 'exitCode=\$?;[ \$exitCode -ne 0 ] && [ -f "\$SERVICE_PID_FILE" ] && rm -Rf "\$SERVICE_PID_FILE";exit \$exitCode' EXIT -# -set -Eeo pipefail -# Setting up $cmd to run as ${SERVICE_USER:-root} with env -retVal=10 -cmd="$cmd" -args="$args" -SERVICE_NAME="$SERVICE_NAME" -SERVICE_PID_FILE="$SERVICE_PID_FILE" -LOG_DIR="$LOG_DIR" -execute_command="$execute_command" -\$execute_command 2>"/dev/stderr" >>"\$LOG_DIR/\$SERVICE_NAME.log" & -execPid=\$! -sleep 1 -checkPID="\$(ps ax | awk '{print \$1}' | grep -v grep | grep "\$execPid$" || false)" -[ -n "\$execPid" ] && [ -n "\$checkPID" ] && echo "\$execPid" >"\$SERVICE_PID_FILE" && retVal=0 || retVal=10 -[ "\$retVal" = 0 ] && printf '%s\n' "\$SERVICE_NAME: \$execPid" >"/run/healthcheck/\$SERVICE_NAME" || echo "Failed to start $execute_command" >&2 -exit \$retVal - -EOF + # Use printf %q to safely quote each env component for embedding in the script + local _q_home _q_lc _q_path _q_sysname _q_svcuser _q_su _q_cmd _q_args _q_extra + _q_home=$(printf '%q' "$home") + _q_lc=$(printf '%q' "$lc_type") + _q_path=$(printf '%q' "$path") + _q_sysname=$(printf '%q' "$sysname") + _q_svcuser=$(printf '%q' "${SERVICE_USER:-$RUNAS_USER}") + _q_su='' + [ -n "$su_exec" ] && _q_su=$(printf '%q ' $su_exec) + _q_cmd=$(printf '%q' "$cmd") + _q_args='' + [ -n "$args" ] && _q_args=$(printf '%q ' $args) + _q_extra='' + [ -n "$extra_env" ] && _q_extra=$(printf '%q ' $extra_env) + { + printf '#!/usr/bin/env bash\n' + printf "trap 'exitCode=\$?;[ \$exitCode -ne 0 ] && [ -f \"\$SERVICE_PID_FILE\" ] && rm -Rf \"\$SERVICE_PID_FILE\";exit \$exitCode' EXIT\n" + printf 'set -Eeo pipefail\n' + printf '# Setting up %s to run as %s with env\n' "$cmd" "${SERVICE_USER:-root}" + printf 'retVal=10\n' + printf 'SERVICE_NAME=%q\n' "$SERVICE_NAME" + printf 'SERVICE_PID_FILE=%q\n' "$SERVICE_PID_FILE" + printf 'LOG_DIR=%q\n' "$LOG_DIR" + printf '%s env -i HOME=%s LC_CTYPE=%s PATH=%s HOSTNAME=%s USER=%s %s %s %s 2>>"/dev/stderr" >>"$LOG_DIR/$SERVICE_NAME.log" &\n' \ + "$_q_su" "$_q_home" "$_q_lc" "$_q_path" "$_q_sysname" "$_q_svcuser" "$_q_extra" "$_q_cmd" "$_q_args" + printf 'execPid=$!\n' + printf 'sleep 1\n' + printf 'if [ -n "$execPid" ] && kill -0 "$execPid" 2>/dev/null; then\n' + printf ' echo "$execPid" >"$SERVICE_PID_FILE"\n' + printf ' retVal=0\n' + printf ' printf '"'"'%%s\n'"'"' "$SERVICE_NAME: $execPid" >"/run/healthcheck/$SERVICE_NAME"\n' + printf 'else\n' + printf ' retVal=10\n' + printf ' echo "Failed to start service %s" >&2\n' "$cmd" + printf 'fi\n' + printf 'exit $retVal\n' + } >"$START_SCRIPT" + printf '%s' "$_script_hash" >"${START_SCRIPT}.hash" fi else if [ ! -f "$START_SCRIPT" ]; then - execute_command="$(__trim "$su_exec $cmd_exec")" - cat <"$START_SCRIPT" -#!/usr/bin/env bash -trap 'exitCode=\$?;[ \$exitCode -ne 0 ] && [ -f "\$SERVICE_PID_FILE" ] && rm -Rf "\$SERVICE_PID_FILE";exit \$exitCode' EXIT -# -set -Eeo pipefail -# Setting up $cmd to run as ${SERVICE_USER:-root} -retVal=10 -cmd="$cmd" -args="$args" -SERVICE_NAME="$SERVICE_NAME" -SERVICE_PID_FILE="$SERVICE_PID_FILE" -LOG_DIR="$LOG_DIR" -execute_command="$execute_command" -\$execute_command 2>>"/dev/stderr" >>"\$LOG_DIR/\$SERVICE_NAME.log" & -execPid=\$! -sleep 1 -checkPID="\$(ps ax | awk '{print \$1}' | grep -v grep | grep "\$execPid$" || false)" -[ -n "\$execPid" ] && [ -n "\$checkPID" ] && echo "\$execPid" >"\$SERVICE_PID_FILE" && retVal=0 || retVal=10 -[ "\$retVal" = 0 ] || echo "Failed to start $execute_command" >&2 -exit \$retVal - -EOF + local _q_su _q_cmd _q_args + _q_su='' + [ -n "$su_exec" ] && _q_su=$(printf '%q ' $su_exec) + _q_cmd=$(printf '%q' "$cmd") + _q_args='' + [ -n "$args" ] && _q_args=$(printf '%q ' $args) + { + printf '#!/usr/bin/env bash\n' + printf "trap 'exitCode=\$?;[ \$exitCode -ne 0 ] && [ -f \"\$SERVICE_PID_FILE\" ] && rm -Rf \"\$SERVICE_PID_FILE\";exit \$exitCode' EXIT\n" + printf 'set -Eeo pipefail\n' + printf '# Setting up %s to run as %s\n' "$cmd" "${SERVICE_USER:-root}" + printf 'retVal=10\n' + printf 'SERVICE_NAME=%q\n' "$SERVICE_NAME" + printf 'SERVICE_PID_FILE=%q\n' "$SERVICE_PID_FILE" + printf 'LOG_DIR=%q\n' "$LOG_DIR" + printf '%s %s %s 2>>"/dev/stderr" >>"$LOG_DIR/$SERVICE_NAME.log" &\n' \ + "$_q_su" "$_q_cmd" "$_q_args" + printf 'execPid=$!\n' + printf 'sleep 1\n' + printf 'if [ -n "$execPid" ] && kill -0 "$execPid" 2>/dev/null; then\n' + printf ' echo "$execPid" >"$SERVICE_PID_FILE"\n' + printf ' retVal=0\n' + printf 'else\n' + printf ' retVal=10\n' + printf ' echo "Failed to start service %s" >&2\n' "$cmd" + printf 'fi\n' + printf 'exit $retVal\n' + } >"$START_SCRIPT" + printf '%s' "$_script_hash" >"${START_SCRIPT}.hash" fi fi fi - [ -x "$START_SCRIPT" ] || chmod 755 -Rf "$START_SCRIPT" - [ "$CONTAINER_INIT" = "yes" ] || eval sh -c "$START_SCRIPT" - runExitCode=$? + if [ ! -x "$START_SCRIPT" ]; then + chmod 755 -Rf "$START_SCRIPT" + fi + if [ "$CONTAINER_INIT" != "yes" ]; then + # W15: launch as bash, not sh, since the generated script uses bash-specific features + bash "$START_SCRIPT" + runExitCode=$? + fi fi return $runExitCode } @@ -544,7 +652,7 @@ __run_secure_function() { for filesperms in "${USER_FILE_PREFIX}"/*; do if [ -e "$filesperms" ]; then chmod -Rf 600 "$filesperms" - chown -Rf $SERVICE_USER:$SERVICE_USER "$filesperms" 2>/dev/null + [ -n "$SERVICE_USER" ] && chown -Rf "$SERVICE_USER:$SERVICE_USER" "$filesperms" 2>/dev/null fi done 2>/dev/null | tee -p -a "/data/logs/init.txt" fi @@ -552,7 +660,7 @@ __run_secure_function() { for filesperms in "${ROOT_FILE_PREFIX}"/*; do if [ -e "$filesperms" ]; then chmod -Rf 600 "$filesperms" - chown -Rf $SERVICE_USER:$SERVICE_USER "$filesperms" 2>/dev/null + [ -n "$SERVICE_USER" ] && chown -Rf "$SERVICE_USER:$SERVICE_USER" "$filesperms" 2>/dev/null fi done 2>/dev/null | tee -p -a "/data/logs/init.txt" fi @@ -560,39 +668,67 @@ __run_secure_function() { } # - - - - - - - - - - - - - - - - - - - - - - - - - # Allow ENV_ variable - Import env file -__file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" -__file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.local.sh" && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.local.sh" +if __file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"; then + . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" +fi +if __file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.local.sh"; then + . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.local.sh" +fi # - - - - - - - - - - - - - - - - - - - - - - - - - # default exit code SERVICE_EXIT_CODE=0 # application specific -# set the binary name EXEC_CMD_NAME="${EXEC_CMD_BIN##*/}" -# set the pid file location SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" -# check if running -SERVICE_PID_NUMBER="$(__pgrep "$EXEC_CMD_NAME" || echo '')" -# set full path -EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" -# set full path -EXEC_PRE_SCRIPT="$(type -P "$EXEC_PRE_SCRIPT" || echo "$EXEC_PRE_SCRIPT")" +_resolved="$(type -P "$EXEC_CMD_BIN" 2>/dev/null)" +[ -n "$_resolved" ] && EXEC_CMD_BIN="$_resolved" +_resolved="$(type -P "$EXEC_PRE_SCRIPT" 2>/dev/null)" +[ -n "$_resolved" ] && EXEC_PRE_SCRIPT="$_resolved" +unset _resolved # - - - - - - - - - - - - - - - - - - - - - - - - - -# Only run check -__check_service "$1" && SERVICE_IS_RUNNING=yes || SERVICE_IS_RUNNING="no" +# Only run check when explicitly requested +if [ "$1" = "check" ] && __check_service "$1"; then + SERVICE_IS_RUNNING=yes +elif [ "$1" = "check" ]; then + SERVICE_IS_RUNNING="no" +fi # - - - - - - - - - - - - - - - - - - - - - - - - - # ensure needed directories exists -[ -d "$LOG_DIR" ] || mkdir -p "$LOG_DIR" -[ -d "$RUN_DIR" ] || mkdir -p "$RUN_DIR" +if [ ! -d "$LOG_DIR" ]; then + mkdir -p "$LOG_DIR" +fi +if [ ! -d "$RUN_DIR" ]; then + mkdir -p "$RUN_DIR" +fi # - - - - - - - - - - - - - - - - - - - - - - - - - # create auth directories -[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; } -[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; } +if [ -n "$USER_FILE_PREFIX" ]; then + if [ ! -d "$USER_FILE_PREFIX" ]; then + mkdir -p "$USER_FILE_PREFIX" + fi +fi +if [ -n "$ROOT_FILE_PREFIX" ]; then + if [ ! -d "$ROOT_FILE_PREFIX" ]; then + mkdir -p "$ROOT_FILE_PREFIX" + fi +fi # - - - - - - - - - - - - - - - - - - - - - - - - - -[ -n "$RUNAS_USER" ] || RUNAS_USER="root" -[ -n "$SERVICE_USER" ] || SERVICE_USER="$RUNAS_USER" -[ -n "$SERVICE_GROUP" ] || SERVICE_GROUP="${SERVICE_USER:-$RUNAS_USER}" -[ "$IS_WEB_SERVER" = "yes" ] && RESET_ENV="yes" && __is_htdocs_mounted -[ "$IS_WEB_SERVER" = "yes" ] && [ -z "$SERVICE_PORT" ] && SERVICE_PORT="80" +if [ -z "$RUNAS_USER" ]; then + RUNAS_USER="root" +fi +if [ -z "$SERVICE_USER" ]; then + SERVICE_USER="$RUNAS_USER" +fi +if [ -z "$SERVICE_GROUP" ]; then + SERVICE_GROUP="${SERVICE_USER:-$RUNAS_USER}" +fi +if [ "$IS_WEB_SERVER" = "yes" ]; then + RESET_ENV="yes" + __is_htdocs_mounted +fi +if [ "$IS_WEB_SERVER" = "yes" ] && [ -z "$SERVICE_PORT" ]; then + SERVICE_PORT="80" +fi # - - - - - - - - - - - - - - - - - - - - - - - - - # Database env if [ "$IS_DATABASE_SERVICE" = "yes" ] || [ "$USES_DATABASE_SERVICE" = "yes" ]; then @@ -602,11 +738,15 @@ if [ "$IS_DATABASE_SERVICE" = "yes" ] || [ "$USES_DATABASE_SERVICE" = "yes" ]; t DATABASE_PASS_NORMAL="${ENV_DATABASE_PASSWORD:-${DATABASE_PASS_NORMAL:-$user_pass}}" DATABASE_USER_ROOT="${ENV_DATABASE_ROOT_USER:-${DATABASE_USER_ROOT:-$root_user_name}}" DATABASE_PASS_ROOT="${ENV_DATABASE_ROOT_PASSWORD:-${DATABASE_PASS_ROOT:-$root_user_pass}}" - if [ -n "$DATABASE_PASS_NORMAL" ] && [ ! -f "${USER_FILE_PREFIX}/db_pass_user" ]; then - echo "$DATABASE_PASS_NORMAL" >"${USER_FILE_PREFIX}/db_pass_user" + if [ -n "$DATABASE_PASS_NORMAL" ]; then + if [ ! -f "${USER_FILE_PREFIX}/db_pass_user" ]; then + echo "$DATABASE_PASS_NORMAL" >"${USER_FILE_PREFIX}/db_pass_user" + fi fi - if [ -n "$DATABASE_PASS_ROOT" ] && [ ! -f "${ROOT_FILE_PREFIX}/db_pass_root" ]; then - echo "$DATABASE_PASS_ROOT" >"${ROOT_FILE_PREFIX}/db_pass_root" + if [ -n "$DATABASE_PASS_ROOT" ]; then + if [ ! -f "${ROOT_FILE_PREFIX}/db_pass_root" ]; then + echo "$DATABASE_PASS_ROOT" >"${ROOT_FILE_PREFIX}/db_pass_root" + fi fi fi # - - - - - - - - - - - - - - - - - - - - - - - - - @@ -615,77 +755,123 @@ if [ "$DATABASE_SERVICE_TYPE" = "custom" ]; then DATABASE_DIR="${DATABASE_DIR_CUSTOM:-/data/db/custom}" DATABASE_BASE_DIR="${DATABASE_DIR_CUSTOM:-/data/db/custom}" DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_CUSTOM:-/usr/local/share/httpd/admin/databases}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_CUSTOM:-/admin/dbadmin}" + if [ -d "$DATABASE_ADMIN_WWW_ROOT" ]; then + SERVER_ADMIN_URL="${SERVER_ADMIN_URL_CUSTOM:-/admin/dbadmin}" + fi elif [ "$SERVICE_NAME" = "redis" ] || [ "$DATABASE_SERVICE_TYPE" = "redis" ]; then DATABASE_DIR="${DATABASE_DIR_REDIS:-/data/db/redis}" DATABASE_BASE_DIR="${DATABASE_DIR_REDIS:-/data/db/redis}" DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_REDIS:-/usr/local/share/httpd/admin/redis}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_REDIS:-/admin/redis}" + if [ -d "$DATABASE_ADMIN_WWW_ROOT" ]; then + SERVER_ADMIN_URL="${SERVER_ADMIN_URL_REDIS:-/admin/redis}" + fi elif [ "$SERVICE_NAME" = "postgres" ] || [ "$DATABASE_SERVICE_TYPE" = "postgres" ]; then DATABASE_DIR="${DATABASE_DIR_POSTGRES:-/data/db/postgres}" DATABASE_BASE_DIR="${DATABASE_DIR_POSTGRES:-/data/db/postgres}" DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_POSTGRES:-/usr/local/share/httpd/admin/postgres}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_POSTGRES:-/admin/postgres}" + if [ -d "$DATABASE_ADMIN_WWW_ROOT" ]; then + SERVER_ADMIN_URL="${SERVER_ADMIN_URL_POSTGRES:-/admin/postgres}" + fi elif [ "$SERVICE_NAME" = "mariadb" ] || [ "$DATABASE_SERVICE_TYPE" = "mariadb" ]; then DATABASE_DIR="${DATABASE_DIR_MARIADB:-/data/db/mariadb}" DATABASE_BASE_DIR="${DATABASE_DIR_MARIADB:-/data/db/mariadb}" DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_MARIADB:-/usr/local/share/httpd/admin/mysql}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_MARIADB:-/admin/mysql}" + if [ -d "$DATABASE_ADMIN_WWW_ROOT" ]; then + SERVER_ADMIN_URL="${SERVER_ADMIN_URL_MARIADB:-/admin/mysql}" + fi elif [ "$SERVICE_NAME" = "mysql" ] || [ "$DATABASE_SERVICE_TYPE" = "mysql" ]; then DATABASE_DIR="${DATABASE_DIR_MYSQL:-/data/db/mysql}" DATABASE_BASE_DIR="${DATABASE_DIR_MYSQL:-/data/db/mysql}" DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_MYSQL:-/usr/local/share/httpd/admin/mysql}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_MYSQL:-/admin/mysql}" + if [ -d "$DATABASE_ADMIN_WWW_ROOT" ]; then + SERVER_ADMIN_URL="${SERVER_ADMIN_URL_MYSQL:-/admin/mysql}" + fi elif [ "$SERVICE_NAME" = "couchdb" ] || [ "$DATABASE_SERVICE_TYPE" = "couchdb" ]; then DATABASE_DIR="${DATABASE_DIR_COUCHDB:-/data/db/couchdb}" DATABASE_BASE_DIR="${DATABASE_DIR_COUCHDB:-/data/db/couchdb}" DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_COUCHDB:-/usr/local/share/httpd/admin/couchdb}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_COUCHDB:-/admin/couchdb}" + if [ -d "$DATABASE_ADMIN_WWW_ROOT" ]; then + SERVER_ADMIN_URL="${SERVER_ADMIN_URL_COUCHDB:-/admin/couchdb}" + fi elif [ "$SERVICE_NAME" = "mongodb" ] || [ "$DATABASE_SERVICE_TYPE" = "mongodb" ]; then DATABASE_DIR="${DATABASE_DIR_MONGODB:-/data/db/mongodb}" DATABASE_BASE_DIR="${DATABASE_DIR_MONGODB:-/data/db/mongodb}" DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_MONGODB:-/usr/local/share/httpd/admin/mongodb}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_MONGODB:-/admin/mongodb}" + if [ -d "$DATABASE_ADMIN_WWW_ROOT" ]; then + SERVER_ADMIN_URL="${SERVER_ADMIN_URL_MONGODB:-/admin/mongodb}" + fi elif [ "$SERVICE_NAME" = "supabase" ] || [ "$DATABASE_SERVICE_TYPE" = "supabase" ]; then DATABASE_DIR="${DATABASE_DIR_SUPABASE:-/data/db/supabase}" DATABASE_BASE_DIR="${DATABASE_DIR_SUPABASE:-/data/db/supabase}" DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_SUPABASE:-/usr/local/share/httpd/admin/supabase}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_SUPBASE:-/admin/supabase}" + if [ -d "$DATABASE_ADMIN_WWW_ROOT" ]; then + SERVER_ADMIN_URL="${SERVER_ADMIN_URL_SUPBASE:-/admin/supabase}" + fi elif [ "$SERVICE_NAME" = "sqlite" ] || [ "$DATABASE_SERVICE_TYPE" = "sqlite" ]; then DATABASE_DIR="${DATABASE_DIR_SQLITE:-/data/db/sqlite}/$SERVER_NAME" DATABASE_BASE_DIR="${DATABASE_DIR_SQLITE:-/data/db/sqlite}/$SERVER_NAME" DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_SQLITE:-/usr/local/share/httpd/admin/sqlite}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_SQLITE:-/admin/sqlite}" - [ -d "$DATABASE_DIR" ] || mkdir -p "$DATABASE_DIR" + if [ -d "$DATABASE_ADMIN_WWW_ROOT" ]; then + SERVER_ADMIN_URL="${SERVER_ADMIN_URL_SQLITE:-/admin/sqlite}" + fi + if [ ! -d "$DATABASE_DIR" ]; then + mkdir -p "$DATABASE_DIR" + fi chmod 777 "$DATABASE_DIR" fi -[ -n "$DATABASE_ADMIN_WWW_ROOT" ] && { [ ! -d "$DATABASE_ADMIN_WWW_ROOT" ] || mkdir -p "${DATABASE_ADMIN_WWW_ROOT}"; } +if [ -n "$DATABASE_ADMIN_WWW_ROOT" ]; then + if [ ! -d "$DATABASE_ADMIN_WWW_ROOT" ]; then + mkdir -p "${DATABASE_ADMIN_WWW_ROOT}" + fi +fi # - - - - - - - - - - - - - - - - - - - - - - - - - # Allow variables via imports - Overwrite existing -[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" +if [ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ]; then + . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" +fi # - - - - - - - - - - - - - - - - - - - - - - - - - # set password to random if variable is random -[ "$user_pass" = "random" ] && user_pass="$(__random_password ${RANDOM_PASS_USER:-16})" +if [ "$user_pass" = "random" ]; then + user_pass="$(__random_password ${RANDOM_PASS_USER:-16})" +fi # - - - - - - - - - - - - - - - - - - - - - - - - - -[ "$root_user_pass" = "random" ] && root_user_pass="$(__random_password ${RANDOM_PASS_ROOT:-16})" +if [ "$root_user_pass" = "random" ]; then + root_user_pass="$(__random_password ${RANDOM_PASS_ROOT:-16})" +fi # - - - - - - - - - - - - - - - - - - - - - - - - - # Allow setting initial users and passwords via environment and save to file -[ -n "$user_name" ] && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name" -[ -n "$user_pass" ] && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" -[ -n "$root_user_name" ] && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" -[ -n "$root_user_pass" ] && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" -# - - - - - - - - - - - - - - - - - - - - - - - - - -# create needed dirs -[ -d "$LOG_DIR" ] || mkdir -p "$LOG_DIR" -[ -d "$RUN_DIR" ] || mkdir -p "$RUN_DIR" +if [ -n "$user_name" ]; then + echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name" +fi +if [ -n "$user_pass" ]; then + echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" +fi +if [ -n "$root_user_name" ]; then + echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" +fi +if [ -n "$root_user_pass" ]; then + echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" +fi # - - - - - - - - - - - - - - - - - - - - - - - - - # Allow per init script usernames and passwords -__file_exists_with_content "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")" -__file_exists_with_content "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")" -__file_exists_with_content "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")" -__file_exists_with_content "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")" -__file_exists_with_content "${USER_FILE_PREFIX}/db_pass_user" && DATABASE_PASS_NORMAL="$(<"${USER_FILE_PREFIX}/db_pass_user")" -__file_exists_with_content "${ROOT_FILE_PREFIX}/db_pass_root" && DATABASE_PASS_ROOT="$(<"${ROOT_FILE_PREFIX}/db_pass_root")" +if __file_exists_with_content "${USER_FILE_PREFIX}/${SERVICE_NAME}_name"; then + user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")" +fi +if __file_exists_with_content "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"; then + user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")" +fi +if __file_exists_with_content "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"; then + root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")" +fi +if __file_exists_with_content "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"; then + root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")" +fi +if __file_exists_with_content "${USER_FILE_PREFIX}/db_pass_user"; then + DATABASE_PASS_NORMAL="$(<"${USER_FILE_PREFIX}/db_pass_user")" +fi +if __file_exists_with_content "${ROOT_FILE_PREFIX}/db_pass_root"; then + DATABASE_PASS_ROOT="$(<"${ROOT_FILE_PREFIX}/db_pass_root")" +fi # - - - - - - - - - - - - - - - - - - - - - - - - - # set hostname for script sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" @@ -752,7 +938,7 @@ __fix_permissions "$SERVICE_USER" "$SERVICE_GROUP" __run_pre_execute_checks 2>/dev/stderr | tee -a -p "/data/logs/entrypoint.log" "/data/logs/init.txt" || return 20 # - - - - - - - - - - - - - - - - - - - - - - - - - __run_start_script 2>>/dev/stderr | tee -p -a "/data/logs/entrypoint.log" -errorCode=$? +errorCode=${PIPESTATUS[0]} if [ -n "$EXEC_CMD_BIN" ]; then if [ "$errorCode" -eq 0 ]; then SERVICE_EXIT_CODE=0 @@ -760,12 +946,14 @@ if [ -n "$EXEC_CMD_BIN" ]; then else SERVICE_EXIT_CODE=$errorCode SERVICE_IS_RUNNING="${SERVICE_IS_RUNNING:-no}" - [ -s "$SERVICE_PID_FILE" ] || rm -Rf "$SERVICE_PID_FILE" + if [ ! -s "$SERVICE_PID_FILE" ]; then + rm -Rf "$SERVICE_PID_FILE" + fi fi - SERVICE_EXIT_CODE=0 fi # - - - - - - - - - - - - - - - - - - - - - - - - - # start the post execute function in background __post_execute 2>"/dev/stderr" | tee -p -a "/data/logs/init.txt" & # - - - - - - - - - - - - - - - - - - - - - - - - - __script_exit $SERVICE_EXIT_CODE +# vim: set ft=sh ts=4 sw=4 st=4 et : diff --git a/rootfs/usr/local/etc/resolv.conf b/rootfs/usr/local/etc/resolv.conf deleted file mode 100644 index 7b7a70b..0000000 --- a/rootfs/usr/local/etc/resolv.conf +++ /dev/null @@ -1,6 +0,0 @@ -nameserver 1.1.1.1 -nameserver 1.0.0.1 -nameserver 8.8.8.8 -nameserver 8.8.4.4 -search . -options ndots:0