From 681aaff1f7f09a2e5cab6fe2881b9408f93ba867 Mon Sep 17 00:00:00 2001 From: casjay Date: Thu, 15 Aug 2024 18:00:57 -0400 Subject: [PATCH] =?UTF-8?q?=20=F0=9F=A6=88=F0=9F=8F=A0=F0=9F=90=9C?= =?UTF-8?q?=E2=9D=97=20Initial=20Commit=20=E2=9D=97=F0=9F=90=9C?= =?UTF-8?q?=F0=9F=A6=88=F0=9F=8F=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .dockerignore | 17 + .env.scripts | 60 + .gitattributes | 98 ++ .gitignore | 98 ++ Dockerfile | 259 ++++ LICENSE.md | 13 + README.md | 78 ++ rootfs/root/docker/setup/00-init.sh | 40 + rootfs/root/docker/setup/01-system.sh | 38 + rootfs/root/docker/setup/02-packages.sh | 38 + rootfs/root/docker/setup/03-files.sh | 51 + rootfs/root/docker/setup/04-users.sh | 38 + rootfs/root/docker/setup/05-custom.sh | 43 + rootfs/root/docker/setup/06-post.sh | 38 + rootfs/root/docker/setup/07-cleanup.sh | 38 + rootfs/tmp/etc/nginx/fastcgi_params | 26 + rootfs/tmp/etc/nginx/mime.types | 99 ++ rootfs/tmp/etc/nginx/nginx.conf | 91 ++ rootfs/tmp/etc/nginx/nginx.ssl.conf | 89 ++ rootfs/tmp/etc/nginx/scgi_params | 17 + rootfs/tmp/etc/nginx/uwsgi_params | 17 + .../etc/nginx/vhosts.d/default.conf.sample | 13 + .../tmp/etc/nginx/vhosts.d/default.ssl.sample | 18 + rootfs/tmp/etc/php-fpm/php-fpm.conf | 7 + rootfs/tmp/etc/php-fpm/php-fpm.d/www.conf | 29 + rootfs/tmp/etc/php/php.ini | 347 ++++++ rootfs/tmp/etc/stikked/config.php | 297 +++++ rootfs/usr/local/bin/entrypoint.sh | 533 ++++++++ rootfs/usr/local/bin/pkmgr | 140 +++ .../local/etc/docker/functions/entrypoint.sh | 1095 +++++++++++++++++ .../usr/local/etc/docker/init.d/01-php-fpm.sh | 574 +++++++++ .../usr/local/etc/docker/init.d/99-nginx.sh | 584 +++++++++ .../share/template-files/config/.gitkeep | 0 .../template-files/config/env/default.sample | 134 ++ .../config/env/examples/00-directory.sh | 10 + .../config/env/examples/addresses.sh | 5 + .../config/env/examples/certbot.sh | 6 + .../config/env/examples/couchdb.sh | 7 + .../config/env/examples/dockerd.sh | 4 + .../config/env/examples/global.sh | 13 + .../config/env/examples/healthcheck.sh | 5 + .../config/env/examples/mariadb.sh | 14 + .../config/env/examples/mongodb.sh | 20 + .../config/env/examples/networking.sh | 9 + .../config/env/examples/other.sh | 4 + .../template-files/config/env/examples/php.sh | 6 + .../config/env/examples/postgres.sh | 8 + .../config/env/examples/redis.sh | 4 + .../config/env/examples/services.sh | 7 + .../template-files/config/env/examples/ssl.sh | 19 + .../config/env/examples/supabase.sh | 4 + .../config/env/examples/webservers.sh | 8 + .../config/env/examples/zz-entrypoint.sh | 21 + .../local/share/template-files/data/.gitkeep | 0 .../share/template-files/defaults/.gitkeep | 0 55 files changed, 5231 insertions(+) create mode 100644 .dockerignore create mode 100644 .env.scripts create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 Dockerfile create mode 100644 LICENSE.md create mode 100644 README.md create mode 100755 rootfs/root/docker/setup/00-init.sh create mode 100755 rootfs/root/docker/setup/01-system.sh create mode 100755 rootfs/root/docker/setup/02-packages.sh create mode 100755 rootfs/root/docker/setup/03-files.sh create mode 100755 rootfs/root/docker/setup/04-users.sh create mode 100755 rootfs/root/docker/setup/05-custom.sh create mode 100755 rootfs/root/docker/setup/06-post.sh create mode 100755 rootfs/root/docker/setup/07-cleanup.sh create mode 100644 rootfs/tmp/etc/nginx/fastcgi_params create mode 100644 rootfs/tmp/etc/nginx/mime.types create mode 100644 rootfs/tmp/etc/nginx/nginx.conf create mode 100644 rootfs/tmp/etc/nginx/nginx.ssl.conf create mode 100644 rootfs/tmp/etc/nginx/scgi_params create mode 100644 rootfs/tmp/etc/nginx/uwsgi_params create mode 100644 rootfs/tmp/etc/nginx/vhosts.d/default.conf.sample create mode 100644 rootfs/tmp/etc/nginx/vhosts.d/default.ssl.sample create mode 100644 rootfs/tmp/etc/php-fpm/php-fpm.conf create mode 100644 rootfs/tmp/etc/php-fpm/php-fpm.d/www.conf create mode 100644 rootfs/tmp/etc/php/php.ini create mode 100644 rootfs/tmp/etc/stikked/config.php create mode 100755 rootfs/usr/local/bin/entrypoint.sh create mode 100755 rootfs/usr/local/bin/pkmgr create mode 100644 rootfs/usr/local/etc/docker/functions/entrypoint.sh create mode 100755 rootfs/usr/local/etc/docker/init.d/01-php-fpm.sh create mode 100755 rootfs/usr/local/etc/docker/init.d/99-nginx.sh create mode 100644 rootfs/usr/local/share/template-files/config/.gitkeep create mode 100644 rootfs/usr/local/share/template-files/config/env/default.sample create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/00-directory.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/addresses.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/certbot.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/couchdb.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/dockerd.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/global.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/healthcheck.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/mariadb.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/mongodb.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/networking.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/other.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/php.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/postgres.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/redis.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/services.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/ssl.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/supabase.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/webservers.sh create mode 100644 rootfs/usr/local/share/template-files/config/env/examples/zz-entrypoint.sh create mode 100644 rootfs/usr/local/share/template-files/data/.gitkeep create mode 100644 rootfs/usr/local/share/template-files/defaults/.gitkeep diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..71c00b7 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,17 @@ +# Files to ignore +# Tell docker to ignore .gitkeep +.gitkeep +# Tell docker to ignore .gitignore +.gitignore +# Tell docker to ignore node_modules/** +node_modules/** +# Tell docker to ignore .node_modules/** +.node_modules/** +# Tell docker to ignore **/.gitkeep +**/.gitkeep +# Tell docker to ignore **/.gitignore +**/.gitignore +# Tell docker to ignore **/node_modules/** +**/node_modules/** +# Tell docker to ignore **/.node_modules/** +**/.node_modules/** diff --git a/.env.scripts b/.env.scripts new file mode 100644 index 0000000..602c8bf --- /dev/null +++ b/.env.scripts @@ -0,0 +1,60 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202408151738-git +# @@Author : CasjaysDev +# @@Contact : CasjaysDev +# @@License : MIT +# @@Copyright : Copyright 2024 CasjaysDev +# @@Created : Thu Aug 15 05:38:24 PM EDT 2024 +# @@File : .env.scripts +# @@Description : Variables for gen-dockerfile and buildx scripts +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Dockerfile info +ENV_DOCKERFILE="Dockerfile" +ENV_IMAGE_NAME="pastebin" +ENV_USE_TEMPLATE="alpine" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Maintainer info +ENV_ORG_NAME="casjaysdevdocker" +ENV_VENDOR="CasjaysDev" +ENV_AUTHOR="CasjaysDev" +ENV_MAINTAINER="CasjaysDev " +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# REPO info +ENV_GIT_REPO_URL="https://github.com/casjaysdevdocker/pastebin" +ENV_REGISTRY_URL="https://hub.docker.com/r/casjaysdevdocker/pastebin" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Push image info +ENV_IMAGE_PUSH="casjaysdevdocker/pastebin" +ENV_IMAGE_TAG="latest" +ENV_ADD_TAGS="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Pull image info +ENV_PULL_URL="casjaysdev/alpine" +ENV_DISTRO_TAG="${IMAGE_VERSION}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Env +SERVICE_PORT="80" +EXPOSE_PORTS="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Versions +PHP_VERSION="php83" +NODE_VERSION="system" +NODE_MANAGER="system" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Default directories +WWW_ROOT_DIR="/usr/share/httpd/default" +DEFAULT_FILE_DIR="/usr/local/share/template-files" +DEFAULT_DATA_DIR="/usr/local/share/template-files/data" +DEFAULT_CONF_DIR="/usr/local/share/template-files/config" +DEFAULT_TEMPLATE_DIR="/usr/local/share/template-files/defaults" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +ENV_PACKAGES="\${PHP_VERSION}-bcmath \${PHP_VERSION}-bz2 \${PHP_VERSION}-calendar \${PHP_VERSION}-cgi \${PHP_VERSION}-common \${PHP_VERSION}-ctype \${PHP_VERSION}-curl \${PHP_VERSION}-dba \${PHP_VERSION}-dev \\ +\${PHP_VERSION}-doc \${PHP_VERSION}-dom \${PHP_VERSION}-embed \${PHP_VERSION}-enchant \${PHP_VERSION}-exif \${PHP_VERSION}-ffi \${PHP_VERSION}-fileinfo \${PHP_VERSION}-fpm \${PHP_VERSION}-ftp \${PHP_VERSION}-gd \${PHP_VERSION}-gettext \\ +\${PHP_VERSION}-gmp \${PHP_VERSION}-iconv \${PHP_VERSION}-imap \${PHP_VERSION}-intl \${PHP_VERSION}-ldap \${PHP_VERSION}-litespeed \${PHP_VERSION}-mbstring \${PHP_VERSION}-mysqli \${PHP_VERSION}-mysqlnd \${PHP_VERSION}-odbc \${PHP_VERSION}-opcache \\ +\${PHP_VERSION}-openssl \${PHP_VERSION}-pcntl \${PHP_VERSION}-pdo \${PHP_VERSION}-pdo_dblib \${PHP_VERSION}-pdo_mysql \${PHP_VERSION}-pdo_odbc \${PHP_VERSION}-pdo_pgsql \${PHP_VERSION}-pdo_sqlite \${PHP_VERSION}-pear \${PHP_VERSION}-pgsql \${PHP_VERSION}-phar\\ +\${PHP_VERSION}-phpdbg \${PHP_VERSION}-posix \${PHP_VERSION}-pspell \${PHP_VERSION}-session \${PHP_VERSION}-shmop \${PHP_VERSION}-simplexml \${PHP_VERSION}-snmp \${PHP_VERSION}-soap \${PHP_VERSION}-sockets \${PHP_VERSION}-sodium \${PHP_VERSION}-sqlite3 \${PHP_VERSION}-sysvmsg \\ +\${PHP_VERSION}-sysvsem \${PHP_VERSION}-sysvshm \${PHP_VERSION}-tidy \${PHP_VERSION}-tokenizer \${PHP_VERSION}-xml \${PHP_VERSION}-xmlreader \${PHP_VERSION}-xmlwriter \${PHP_VERSION}-xsl \${PHP_VERSION}-zip \${PHP_VERSION}-pecl-memcached \${PHP_VERSION}-pecl-mcrypt\\ +\${PHP_VERSION}-pecl-mongodb \${PHP_VERSION}-pecl-redis composer nginx nginx-mod-http-brotli nginx-mod-http-cache-purge nginx-mod-http-dav-ext nginx-mod-http-echo nginx-mod-http-encrypted-session nginx-mod-http-fancyindex nginx-mod-http-geoip nginx-mod-http-geoip2 \\ +nginx-mod-http-headers-more nginx-mod-http-image-filter nginx-mod-http-js nginx-mod-http-lua nginx-mod-http-perl nginx-mod-http-redis2 nginx-mod-http-set-misc nginx-mod-http-shibboleth nginx-mod-http-untar nginx-mod-http-upload-progress \\ +nginx-mod-http-upstream-fair nginx-mod-http-xslt-filter nginx-mod-http-zip" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..3d64709 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,98 @@ +# Template generated on Fri May 10 12:52:12 PM EDT 2024 from https://github.com/alexkaratarakis/gitattributes" +# Common settings that generally should always be used with your language specific settings +# Auto detect text files and perform LF normalization +* text=auto +# The above will handle all files NOT found below +# Documents +*.bibtex text diff=bibtex +*.doc diff=astextplain +*.DOC diff=astextplain +*.docx diff=astextplain +*.DOCX diff=astextplain +*.dot diff=astextplain +*.DOT diff=astextplain +*.pdf diff=astextplain +*.PDF diff=astextplain +*.rtf diff=astextplain +*.RTF diff=astextplain +*.md text diff=markdown +*.mdx text diff=markdown +*.tex text diff=tex +*.adoc text +*.textile text +*.mustache text +*.csv text eol=crlf +*.tab text +*.tsv text +*.txt text +*.sql text +*.epub diff=astextplain +# Graphics +*.png binary +*.jpg binary +*.jpeg binary +*.gif binary +*.tif binary +*.tiff binary +*.ico binary +# SVG treated as text by default. +*.svg text +# If you want to treat it as binary, +# use the following line instead. +# *.svg binary +*.eps binary +# Scripts +*.bash text eol=lf +*.fish text eol=lf +*.ksh text eol=lf +*.sh text eol=lf +*.zsh text eol=lf +# These are explicitly windows files and should use crlf +*.bat text eol=crlf +*.cmd text eol=crlf +*.ps1 text eol=crlf +# Serialisation +*.json text +*.toml text +*.xml text +*.yaml text +*.yml text +# Archives +*.7z binary +*.bz binary +*.bz2 binary +*.bzip2 binary +*.gz binary +*.lz binary +*.lzma binary +*.rar binary +*.tar binary +*.taz binary +*.tbz binary +*.tbz2 binary +*.tgz binary +*.tlz binary +*.txz binary +*.xz binary +*.Z binary +*.zip binary +*.zst binary +# Text files where line endings should be preserved +*.patch -text +# Exclude files from exporting +.gitattributes export-ignore +.gitignore export-ignore +.gitkeep export-ignore + +# Template generated on Fri May 10 12:52:12 PM EDT 2024 +# Files for git large file system +*.7z filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.tar filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.7zip filter=lfs diff=lfs merge=lfs -text +*.bzip2 filter=lfs diff=lfs merge=lfs -text + diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..1156eb9 --- /dev/null +++ b/.gitignore @@ -0,0 +1,98 @@ +# gitignore created on 08/15/24 at 16:52 +# Disable reminder in prompt +ignoredirmessage + +# OS generated files +### Linux ### +*~ + +# temporary files which can be created if a process still has a handle open of a deleted file +.fuse_hidden* + +# KDE directory preferences +.directory + +# Linux trash folder which might appear on any partition or disk +.Trash-* + +# .nfs files are created when an open file is removed but is still being accessed +.nfs* + +### macOS ### +# General +.DS_Store? +.AppleDouble +.LSOverride + +# Thumbnails +._* + +# Files that might appear in the root of a volume +.DocumentRevisions-V100 +.fseventsd +.Spotlight-V100 +.TemporaryItems +.Trashes +.VolumeIcon.icns +.com.apple.timemachine.donotpresent + +# Directories potentially created on remote AFP share +.AppleDB +.AppleDesktop +Network Trash Folder +Temporary Items +.apdisk + +### macOS Patch ### +# iCloud generated files +*.icloud + +### Windows ### +# Windows thumbnail cache files +Thumbs.db +Thumbs.db:encryptable +ehthumbs.db +ehthumbs_vista.db + +# Dump file +*.stackdump + +# Folder config file +[Dd]esktop.ini + +# Recycle Bin used on file shares +$RECYCLE.BIN/ + +# Windows Installer files +*.cab +*.msi +*.msix +*.msm +*.msp + +# misc +!*/README* +!inc/main.bash + +# Windows shortcuts +*.lnk + +# ignore commit message +**/.gitcommit + +# ignore .build_failed files +**/.build_failed* + + +# ignore .bak files +**/*.bak + +# ignore .no_push files +**/.no_push + +# ignore .no_git files +**/.no_git + +# ignore .installed files +**/.installed + diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..ca7bef9 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,259 @@ +# syntax=docker/dockerfile:1 +# Docker image for pastebin using the alpine template +ARG IMAGE_NAME="pastebin" +ARG PHP_SERVER="pastebin" +ARG BUILD_DATE="202408151738" +ARG LANGUAGE="en_US.UTF-8" +ARG TIMEZONE="America/New_York" +ARG WWW_ROOT_DIR="/usr/share/httpd/default" +ARG DEFAULT_FILE_DIR="/usr/local/share/template-files" +ARG DEFAULT_DATA_DIR="/usr/local/share/template-files/data" +ARG DEFAULT_CONF_DIR="/usr/local/share/template-files/config" +ARG DEFAULT_TEMPLATE_DIR="/usr/local/share/template-files/defaults" + +ARG USER="root" +ARG SHELL_OPTS="set -e -o pipefail" + +ARG SERVICE_PORT="80" +ARG EXPOSE_PORTS="" +ARG PHP_VERSION="php83" +ARG NODE_VERSION="system" +ARG NODE_MANAGER="system" + +ARG IMAGE_REPO="casjaysdevdocker/pastebin" +ARG IMAGE_VERSION="latest" +ARG CONTAINER_VERSION="" + +ARG PULL_URL="casjaysdev/alpine" +ARG DISTRO_VERSION="${IMAGE_VERSION}" +ARG BUILD_VERSION="${BUILD_DATE}" + +FROM tianon/gosu:latest AS gosu +FROM ${PULL_URL}:${DISTRO_VERSION} AS build +ARG TZ +ARG USER +ARG LICENSE +ARG TIMEZONE +ARG LANGUAGE +ARG IMAGE_NAME +ARG BUILD_DATE +ARG SERVICE_PORT +ARG EXPOSE_PORTS +ARG BUILD_VERSION +ARG IMAGE_VERSION +ARG WWW_ROOT_DIR +ARG DEFAULT_FILE_DIR +ARG DEFAULT_DATA_DIR +ARG DEFAULT_CONF_DIR +ARG DEFAULT_TEMPLATE_DIR +ARG DISTRO_VERSION +ARG NODE_VERSION +ARG NODE_MANAGER +ARG PHP_VERSION +ARG PHP_SERVER +ARG SHELL_OPTS + +ARG PACK_LIST="${PHP_VERSION}-bcmath ${PHP_VERSION}-bz2 ${PHP_VERSION}-calendar ${PHP_VERSION}-cgi ${PHP_VERSION}-common ${PHP_VERSION}-ctype ${PHP_VERSION}-curl ${PHP_VERSION}-dba ${PHP_VERSION}-dev \ + ${PHP_VERSION}-doc ${PHP_VERSION}-dom ${PHP_VERSION}-embed ${PHP_VERSION}-enchant ${PHP_VERSION}-exif ${PHP_VERSION}-ffi ${PHP_VERSION}-fileinfo ${PHP_VERSION}-fpm ${PHP_VERSION}-ftp ${PHP_VERSION}-gd ${PHP_VERSION}-gettext \ + ${PHP_VERSION}-gmp ${PHP_VERSION}-iconv ${PHP_VERSION}-imap ${PHP_VERSION}-intl ${PHP_VERSION}-ldap ${PHP_VERSION}-litespeed ${PHP_VERSION}-mbstring ${PHP_VERSION}-mysqli ${PHP_VERSION}-mysqlnd ${PHP_VERSION}-odbc ${PHP_VERSION}-opcache \ + ${PHP_VERSION}-openssl ${PHP_VERSION}-pcntl ${PHP_VERSION}-pdo ${PHP_VERSION}-pdo_dblib ${PHP_VERSION}-pdo_mysql ${PHP_VERSION}-pdo_odbc ${PHP_VERSION}-pdo_pgsql ${PHP_VERSION}-pdo_sqlite ${PHP_VERSION}-pear ${PHP_VERSION}-pgsql ${PHP_VERSION}-phar\ + ${PHP_VERSION}-phpdbg ${PHP_VERSION}-posix ${PHP_VERSION}-pspell ${PHP_VERSION}-session ${PHP_VERSION}-shmop ${PHP_VERSION}-simplexml ${PHP_VERSION}-snmp ${PHP_VERSION}-soap ${PHP_VERSION}-sockets ${PHP_VERSION}-sodium ${PHP_VERSION}-sqlite3 ${PHP_VERSION}-sysvmsg \ + ${PHP_VERSION}-sysvsem ${PHP_VERSION}-sysvshm ${PHP_VERSION}-tidy ${PHP_VERSION}-tokenizer ${PHP_VERSION}-xml ${PHP_VERSION}-xmlreader ${PHP_VERSION}-xmlwriter ${PHP_VERSION}-xsl ${PHP_VERSION}-zip ${PHP_VERSION}-pecl-memcached ${PHP_VERSION}-pecl-mcrypt\ + ${PHP_VERSION}-pecl-mongodb ${PHP_VERSION}-pecl-redis composer nginx nginx-mod-http-brotli nginx-mod-http-cache-purge nginx-mod-http-dav-ext nginx-mod-http-echo nginx-mod-http-encrypted-session nginx-mod-http-fancyindex nginx-mod-http-geoip nginx-mod-http-geoip2 \ + nginx-mod-http-headers-more nginx-mod-http-image-filter nginx-mod-http-js nginx-mod-http-lua nginx-mod-http-perl nginx-mod-http-redis2 nginx-mod-http-set-misc nginx-mod-http-shibboleth nginx-mod-http-untar nginx-mod-http-upload-progress \ + nginx-mod-http-upstream-fair nginx-mod-http-xslt-filter nginx-mod-http-zip" + +ENV ENV=~/.profile +ENV SHELL="/bin/sh" +ENV TZ="${TIMEZONE}" +ENV TIMEZONE="${TZ}" +ENV LANG="${LANGUAGE}" +ENV TERM="xterm-256color" +ENV HOSTNAME="casjaysdevdocker-pastebin" + +USER ${USER} +WORKDIR /root + +COPY ./rootfs/usr/local/bin/. /usr/local/bin/ + +RUN set -e; \ + echo "Setting up prerequisites"; \ + true + +ENV SHELL="/bin/bash" +SHELL [ "/bin/bash", "-c" ] + +COPY --from=gosu /usr/local/bin/gosu /usr/local/bin/gosu + +RUN echo "Initializing the system"; \ + $SHELL_OPTS; \ + mkdir -p "${DEFAULT_DATA_DIR}" "${DEFAULT_CONF_DIR}" "${DEFAULT_TEMPLATE_DIR}" "/root/docker/setup" "/etc/profile.d"; \ + if [ -f "/root/docker/setup/00-init.sh" ];then echo "Running the init script";/root/docker/setup/00-init.sh||{ echo "Failed to execute /root/docker/setup/00-init.sh" >&2 && exit 10; };echo "Done running the init script";fi; \ + echo "" + +RUN echo "Creating and editing system files "; \ + $SHELL_OPTS; \ + [ -f "/root/.profile" ] || touch "/root/.profile"; \ + mkdir -p "${DEFAULT_DATA_DIR}" "${DEFAULT_CONF_DIR}" "${DEFAULT_TEMPLATE_DIR}" "/root/docker/setup" "/etc/profile.d"; \ + if [ -f "/root/docker/setup/01-system.sh" ];then echo "Running the system script";/root/docker/setup/01-system.sh||{ echo "Failed to execute /root/docker/setup/01-system.sh" >&2 && exit 10; };echo "Done running the system script";fi; \ + echo "" + +RUN echo "Running pre-package commands"; \ + $SHELL_OPTS; \ + echo "" + +RUN echo "Setting up and installing packages"; \ + $SHELL_OPTS; \ + if [ -n "${PACK_LIST}" ];then echo "Installing packages: $PACK_LIST";echo "${PACK_LIST}" >/root/docker/setup/packages.txt;pkmgr install ${PACK_LIST};fi; \ + echo "" + +RUN echo "Initializing packages before copying files to image"; \ + $SHELL_OPTS; \ + if [ -f "/root/docker/setup/02-packages.sh" ];then echo "Running the packages script";/root/docker/setup/02-packages.sh||{ echo "Failed to execute /root/docker/setup/02-packages.sh" >&2 && exit 10; };echo "Done running the packages script";fi; \ + echo "" + +COPY ./rootfs/. / +COPY ./Dockerfile /root/docker/Dockerfile + +RUN echo "Updating system files "; \ + $SHELL_OPTS; \ + echo "$TIMEZONE" >"/etc/timezone"; \ + touch "/etc/profile" "/root/.profile"; \ + echo 'hosts: files dns' >"/etc/nsswitch.conf"; \ + [ "$PHP_VERSION" = "system" ] && PHP_VERSION="php" || true; \ + PHP_BIN="$(command -v ${PHP_VERSION} 2>/dev/null || true)"; \ + PHP_FPM="$(ls /usr/*bin/php*fpm* 2>/dev/null || true)"; \ + pip_bin="$(command -v python3 2>/dev/null || command -v python2 2>/dev/null || command -v python 2>/dev/null || true)"; \ + py_version="$(command $pip_bin --version | sed 's|[pP]ython ||g' | awk -F '.' '{print $1$2}' | grep '[0-9]' || true)"; \ + [ "$py_version" -gt "310" ] && pip_opts="--break-system-packages " || pip_opts=""; \ + if [ -n "$pip_bin" ];then $pip_bin -m pip install certbot-dns-rfc2136 certbot-dns-duckdns certbot-dns-cloudflare certbot-nginx $pip_opts || true;fi; \ + [ -f "/usr/share/zoneinfo/${TZ}" ] && ln -sf "/usr/share/zoneinfo/${TZ}" "/etc/localtime" || true; \ + [ -n "$PHP_BIN" ] && [ -z "$(command -v php 2>/dev/null)" ] && ln -sf "$PHP_BIN" "/usr/bin/php" 2>/dev/null || true; \ + [ -n "$PHP_FPM" ] && [ -z "$(command -v php-fpm 2>/dev/null)" ] && ln -sf "$PHP_FPM" "/usr/bin/php-fpm" 2>/dev/null || true; \ + if [ -f "/etc/profile.d/color_prompt.sh.disabled" ]; then mv -f "/etc/profile.d/color_prompt.sh.disabled" "/etc/profile.d/color_prompt.sh";fi ; \ + { [ -f "/etc/bash/bashrc" ] && cp -Rf "/etc/bash/bashrc" "/root/.bashrc"; } || { [ -f "/etc/bashrc" ] && cp -Rf "/etc/bashrc" "/root/.bashrc"; } || { [ -f "/etc/bash.bashrc" ] && cp -Rf "/etc/bash.bashrc" "/root/.bashrc"; } || true; \ + if [ -z "$(command -v "apt-get" 2>/dev/null)" ];then grep -s -q 'alias quit' "/root/.bashrc" || printf '# Profile\n\n%s\n%s\n%s\n' '. /etc/profile' '. /root/.profile' "alias quit='exit 0 2>/dev/null'" >>"/root/.bashrc"; fi; \ + if [ "$PHP_VERSION" != "system" ] && [ -e "/etc/php" ] && [ -d "/etc/${PHP_VERSION}" ];then rm -Rf "/etc/php";fi; \ + if [ "$PHP_VERSION" != "system" ] && [ -n "${PHP_VERSION}" ] && [ -d "/etc/${PHP_VERSION}" ];then ln -sf "/etc/${PHP_VERSION}" "/etc/php";fi; \ + if [ -f "/root/docker/setup/03-files.sh" ];then echo "Running the files script";/root/docker/setup/03-files.sh||{ echo "Failed to execute /root/docker/setup/03-files.sh" >&2 && exit 10; };echo "Done running the files script";fi; \ + echo "" + +RUN echo "Custom Settings"; \ + $SHELL_OPTS; \ + echo "" + +RUN echo "Setting up users and scripts "; \ + $SHELL_OPTS; \ + if [ -f "/root/docker/setup/04-users.sh" ];then echo "Running the users script";/root/docker/setup/04-users.sh||{ echo "Failed to execute /root/docker/setup/04-users.sh" >&2 && exit 10; };echo "Done running the users script";fi; \ + echo "" + +RUN echo "Running the user init commands"; \ + $SHELL_OPTS; \ + echo "" + +RUN echo "Setting OS Settings "; \ + $SHELL_OPTS; \ + echo "" + +RUN echo "Custom Applications"; \ + $SHELL_OPTS; \ + echo "" + +RUN echo "Running custom commands"; \ + if [ -f "/root/docker/setup/05-custom.sh" ];then echo "Running the custom script";/root/docker/setup/05-custom.sh||{ echo "Failed to execute /root/docker/setup/05-custom.sh" && exit 10; };echo "Done running the custom script";fi; \ + echo "" + +RUN echo "Running final commands before cleanup"; \ + $SHELL_OPTS; \ + if [ -f "/root/docker/setup/06-post.sh" ];then echo "Running the post script";/root/docker/setup/06-post.sh||{ echo "Failed to execute /root/docker/setup/06-post.sh" >&2 && exit 10; };echo "Done running the post script";fi; \ + echo "" + +RUN echo "Deleting unneeded files"; \ + $SHELL_OPTS; \ + pkmgr clean; \ + rm -Rf "/config" "/data" || true; \ + rm -rf /etc/systemd/system/*.wants/* || true; \ + rm -rf /lib/systemd/system/systemd-update-utmp* || true; \ + rm -rf /lib/systemd/system/anaconda.target.wants/* || true; \ + rm -rf /lib/systemd/system/local-fs.target.wants/* || true; \ + rm -rf /lib/systemd/system/multi-user.target.wants/* || true; \ + rm -rf /lib/systemd/system/sockets.target.wants/*udev* || true; \ + rm -rf /lib/systemd/system/sockets.target.wants/*initctl* || true; \ + rm -Rf /usr/share/doc/* /var/tmp/* /var/cache/*/* /root/.cache/* /usr/share/info/* /tmp/* || true; \ + if [ -d "/lib/systemd/system/sysinit.target.wants" ];then cd "/lib/systemd/system/sysinit.target.wants" && rm -f $(ls | grep -v systemd-tmpfiles-setup);fi; \ + if [ -f "/root/docker/setup/07-cleanup.sh" ];then echo "Running the cleanup script";/root/docker/setup/07-cleanup.sh||{ echo "Failed to execute /root/docker/setup/07-cleanup.sh" >&2 && exit 10; };echo "Done running the cleanup script";fi; \ + echo "" + +RUN echo "Init done" +FROM scratch +ARG TZ +ARG USER +ARG TIMEZONE +ARG LANGUAGE +ARG IMAGE_NAME +ARG BUILD_DATE +ARG SERVICE_PORT +ARG EXPOSE_PORTS +ARG BUILD_VERSION +ARG IMAGE_VERSION +ARG WWW_ROOT_DIR +ARG DEFAULT_FILE_DIR +ARG DEFAULT_DATA_DIR +ARG DEFAULT_CONF_DIR +ARG DEFAULT_TEMPLATE_DIR +ARG DISTRO_VERSION +ARG NODE_VERSION +ARG NODE_MANAGER +ARG PHP_VERSION +ARG PHP_SERVER +ARG LICENSE="WTFPL" +ARG ENV_PORTS="${EXPOSE_PORTS}" + +USER ${USER} +WORKDIR /root + +LABEL maintainer="CasjaysDev " +LABEL org.opencontainers.image.vendor="CasjaysDev" +LABEL org.opencontainers.image.authors="CasjaysDev" +LABEL org.opencontainers.image.description="Containerized version of ${IMAGE_NAME}" +LABEL org.opencontainers.image.name="${IMAGE_NAME}" +LABEL org.opencontainers.image.base.name="${IMAGE_NAME}" +LABEL org.opencontainers.image.license="${LICENSE}" +LABEL org.opencontainers.image.build-date="${BUILD_DATE}" +LABEL org.opencontainers.image.version="${BUILD_VERSION}" +LABEL org.opencontainers.image.schema-version="${BUILD_VERSION}" +LABEL org.opencontainers.image.url="https://hub.docker.com/r/casjaysdevdocker/pastebin" +LABEL org.opencontainers.image.url.source="https://hub.docker.com/r/casjaysdevdocker/pastebin" +LABEL org.opencontainers.image.vcs-type="Git" +LABEL org.opencontainers.image.vcs-ref="${BUILD_VERSION}" +LABEL org.opencontainers.image.vcs-url="https://github.com/casjaysdevdocker/pastebin" +LABEL org.opencontainers.image.documentation="https://github.com/casjaysdevdocker/pastebin" +LABEL com.github.containers.toolbox="false" + +ENV ENV=~/.bashrc +ENV USER="${USER}" +ENV SHELL="/bin/bash" +ENV TZ="${TIMEZONE}" +ENV TIMEZONE="${TZ}" +ENV LANG="${LANGUAGE}" +ENV TERM="xterm-256color" +ENV PORT="${SERVICE_PORT}" +ENV ENV_PORTS="${ENV_PORTS}" +ENV CONTAINER_NAME="${IMAGE_NAME}" +ENV HOSTNAME="casjaysdev-${IMAGE_NAME}" +ENV PHP_SERVER="${PHP_SERVER}" +ENV NODE_VERSION="${NODE_VERSION}" +ENV NODE_MANAGER="${NODE_MANAGER}" +ENV PHP_VERSION="${PHP_VERSION}" +ENV DISTRO_VERSION="${IMAGE_VERSION}" +ENV WWW_ROOT_DIR="${WWW_ROOT_DIR}" + +COPY --from=build /. / + +VOLUME [ "/config","/data" ] + +EXPOSE ${SERVICE_PORT} ${ENV_PORTS} + +CMD [ "tail", "-f", "/dev/null" ] +ENTRYPOINT [ "tini","--","/usr/local/bin/entrypoint.sh" ] +HEALTHCHECK --start-period=10m --interval=5m --timeout=15s CMD [ "/usr/local/bin/entrypoint.sh", "healthcheck" ] diff --git a/LICENSE.md b/LICENSE.md new file mode 100644 index 0000000..c76e83f --- /dev/null +++ b/LICENSE.md @@ -0,0 +1,13 @@ + DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE + Version 2, December 2004 + + Copyright (C) 2024 casjay + + Everyone is permitted to copy and distribute verbatim or modified + copies of this license document, and changing it is allowed as long + as the name is changed. + + DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 1. You just DO WHAT THE FUCK YOU WANT TO. diff --git a/README.md b/README.md new file mode 100644 index 0000000..5aa9333 --- /dev/null +++ b/README.md @@ -0,0 +1,78 @@ +## 👋 Welcome to pastebin 🚀 + + bash pastebin client + + +## Install my system scripts + +```shell + sudo bash -c "$(curl -q -LSsf "https://github.com/systemmgr/installer/raw/main/install.sh")" + sudo systemmgr --config && sudo systemmgr install scripts +``` + +## Automatic install/update + +```shell +dockermgr update pastebin +``` + +## Install and run container + +```shell +mkdir -p "$HOME/.local/share/srv/docker/pastebin/rootfs" +git clone "https://github.com/dockermgr/pastebin" "$HOME/.local/share/CasjaysDev/dockermgr/pastebin" +cp -Rfva "$HOME/.local/share/CasjaysDev/dockermgr/pastebin/rootfs/." "$HOME/.local/share/srv/docker/pastebin/rootfs/" +docker run -d \ +--restart always \ +--privileged \ +--name casjaysdevdocker-pastebin \ +--hostname pastebin \ +-e TZ=${TIMEZONE:-America/New_York} \ +-v "$HOME/.local/share/srv/docker/casjaysdevdocker-pastebin/rootfs/data:/data:z" \ +-v "$HOME/.local/share/srv/docker/casjaysdevdocker-pastebin/rootfs/config:/config:z" \ +-p 80:80 \ +casjaysdevdocker/pastebin:latest +``` + +## via docker-compose + +```yaml +version: "2" +services: + ProjectName: + image: casjaysdevdocker/pastebin + container_name: casjaysdevdocker-pastebin + environment: + - TZ=America/New_York + - HOSTNAME=pastebin + volumes: + - "$HOME/.local/share/srv/docker/casjaysdevdocker-pastebin/rootfs/data:/data:z" + - "$HOME/.local/share/srv/docker/casjaysdevdocker-pastebin/rootfs/config:/config:z" + ports: + - 80:80 + restart: always +``` + +## Get source files + +```shell +dockermgr download src casjaysdevdocker/pastebin +``` + +OR + +```shell +git clone "https://github.com/casjaysdevdocker/pastebin" "$HOME/Projects/github/casjaysdevdocker/pastebin" +``` + +## Build container + +```shell +cd "$HOME/Projects/github/casjaysdevdocker/pastebin" +buildx +``` + +## Authors + +🤖 casjay: [Github](https://github.com/casjay) 🤖 +⛵ casjaysdevdocker: [Github](https://github.com/casjaysdevdocker) [Docker](https://hub.docker.com/u/casjaysdevdocker) ⛵ diff --git a/rootfs/root/docker/setup/00-init.sh b/rootfs/root/docker/setup/00-init.sh new file mode 100755 index 0000000..6df797f --- /dev/null +++ b/rootfs/root/docker/setup/00-init.sh @@ -0,0 +1,40 @@ +#!/usr/bin/env bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202408151652-git +# @@Author : CasjaysDev +# @@Contact : CasjaysDev +# @@License : MIT +# @@ReadME : +# @@Copyright : Copyright 2023 CasjaysDev +# @@Created : Mon Aug 28 06:48:42 PM EDT 2023 +# @@File : 00-init.sh +# @@Description : script to run init +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck shell=bash +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +set -o pipefail +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set env variables +exitCode=0 + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Predifined actions +[ -d "/usr/local/share/template-files/data" ] && rm -Rf "/usr/local/share/template-files/data"/* +[ -d "/usr/local/share/template-files/config" ] && rm -Rf "/usr/local/share/template-files/config"/* +[ -d "/usr/local/share/template-files/defaults" ] && rm -Rf "/usr/local/share/template-files/defaults"/* +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Main script + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the exit code +exitCode=$? +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit $exitCode diff --git a/rootfs/root/docker/setup/01-system.sh b/rootfs/root/docker/setup/01-system.sh new file mode 100755 index 0000000..0fcb531 --- /dev/null +++ b/rootfs/root/docker/setup/01-system.sh @@ -0,0 +1,38 @@ +#!/usr/bin/env bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202408151652-git +# @@Author : CasjaysDev +# @@Contact : CasjaysDev +# @@License : MIT +# @@ReadME : +# @@Copyright : Copyright 2023 CasjaysDev +# @@Created : Mon Aug 28 06:48:42 PM EDT 2023 +# @@File : 01-system.sh +# @@Description : script to run system +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck shell=bash +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +set -o pipefail +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set env variables +exitCode=0 + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Predifined actions + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Main script + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the exit code +exitCode=$? +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit $exitCode diff --git a/rootfs/root/docker/setup/02-packages.sh b/rootfs/root/docker/setup/02-packages.sh new file mode 100755 index 0000000..d836216 --- /dev/null +++ b/rootfs/root/docker/setup/02-packages.sh @@ -0,0 +1,38 @@ +#!/usr/bin/env bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202408151652-git +# @@Author : CasjaysDev +# @@Contact : CasjaysDev +# @@License : MIT +# @@ReadME : +# @@Copyright : Copyright 2023 CasjaysDev +# @@Created : Mon Aug 28 06:48:42 PM EDT 2023 +# @@File : 02-packages.sh +# @@Description : script to run packages +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck shell=bash +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +set -o pipefail +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set env variables +exitCode=0 + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Predifined actions + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Main script + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the exit code +exitCode=$? +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit $exitCode diff --git a/rootfs/root/docker/setup/03-files.sh b/rootfs/root/docker/setup/03-files.sh new file mode 100755 index 0000000..a64f83f --- /dev/null +++ b/rootfs/root/docker/setup/03-files.sh @@ -0,0 +1,51 @@ +#!/usr/bin/env bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202408151652-git +# @@Author : CasjaysDev +# @@Contact : CasjaysDev +# @@License : MIT +# @@ReadME : +# @@Copyright : Copyright 2023 CasjaysDev +# @@Created : Mon Aug 28 06:48:42 PM EDT 2023 +# @@File : 03-files.sh +# @@Description : script to run files +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck shell=bash +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +set -o pipefail +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set env variables +exitCode=0 + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Predifined actions +if [ -d "/tmp/bin" ]; then + echo "Installing /tmp/bin to /usr/local/bin" + chmod -Rf +x "/tmp/bin" + copy "/tmp/bin/." "/usr/local/bin/" +fi +if [ -d "/tmp/etc" ]; then + echo "Installing /tmp/etc to /etc" + copy "/tmp/etc/." "/etc/" + copy "/tmp/etc/." "/usr/local/share/template-files/config/" +fi +if [ -d "/tmp/etc" ]; then + echo "Installing /tmp/etc to /etc" + copy "/tmp/data/." "/usr/local/share/template-files/data/" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Main script + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the exit code +exitCode=$? +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit $exitCode diff --git a/rootfs/root/docker/setup/04-users.sh b/rootfs/root/docker/setup/04-users.sh new file mode 100755 index 0000000..82a1e42 --- /dev/null +++ b/rootfs/root/docker/setup/04-users.sh @@ -0,0 +1,38 @@ +#!/usr/bin/env bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202408151652-git +# @@Author : CasjaysDev +# @@Contact : CasjaysDev +# @@License : MIT +# @@ReadME : +# @@Copyright : Copyright 2023 CasjaysDev +# @@Created : Mon Aug 28 06:48:42 PM EDT 2023 +# @@File : 04-users.sh +# @@Description : script to run users +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck shell=bash +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +set -o pipefail +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set env variables +exitCode=0 + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Predifined actions + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Main script + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the exit code +exitCode=$? +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit $exitCode diff --git a/rootfs/root/docker/setup/05-custom.sh b/rootfs/root/docker/setup/05-custom.sh new file mode 100755 index 0000000..754f7a7 --- /dev/null +++ b/rootfs/root/docker/setup/05-custom.sh @@ -0,0 +1,43 @@ +#!/usr/bin/env bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202408151652-git +# @@Author : CasjaysDev +# @@Contact : CasjaysDev +# @@License : MIT +# @@ReadME : +# @@Copyright : Copyright 2023 CasjaysDev +# @@Created : Mon Aug 28 06:48:42 PM EDT 2023 +# @@File : 05-custom.sh +# @@Description : script to run custom +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck shell=bash +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +set -o pipefail +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set env variables +exitCode=0 +WWW_ROOT_DIR="/usr/share/httpd/stikked" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Predifined actions + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Main script +[ -d "$WWW_ROOT_DIR" ] || mkdir -p "$WWW_ROOT_DIR" +git clone https://github.com/casjaydns/casjay.cc /tmp/stikked +cp -Rf "/tmp/stikked/htdocs/." "$WWW_ROOT_DIR/" +rm -Rf "$WWW_ROOT_DIR/application/config/stikked.php" +symlink "/etc/stikked/config.php" "$WWW_ROOT_DIR/application/config/stikked.php" +rm -Rf "/tmp/stikked" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the exit code +exitCode=$? +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit $exitCode diff --git a/rootfs/root/docker/setup/06-post.sh b/rootfs/root/docker/setup/06-post.sh new file mode 100755 index 0000000..1dd4732 --- /dev/null +++ b/rootfs/root/docker/setup/06-post.sh @@ -0,0 +1,38 @@ +#!/usr/bin/env bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202408151652-git +# @@Author : CasjaysDev +# @@Contact : CasjaysDev +# @@License : MIT +# @@ReadME : +# @@Copyright : Copyright 2023 CasjaysDev +# @@Created : Mon Aug 28 06:48:42 PM EDT 2023 +# @@File : 06-post.sh +# @@Description : script to run post +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck shell=bash +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +set -o pipefail +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set env variables +exitCode=0 + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Predifined actions + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Main script + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the exit code +exitCode=$? +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit $exitCode diff --git a/rootfs/root/docker/setup/07-cleanup.sh b/rootfs/root/docker/setup/07-cleanup.sh new file mode 100755 index 0000000..82dc71a --- /dev/null +++ b/rootfs/root/docker/setup/07-cleanup.sh @@ -0,0 +1,38 @@ +#!/usr/bin/env bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202408151652-git +# @@Author : CasjaysDev +# @@Contact : CasjaysDev +# @@License : MIT +# @@ReadME : +# @@Copyright : Copyright 2023 CasjaysDev +# @@Created : Mon Aug 28 06:48:42 PM EDT 2023 +# @@File : 07-cleanup.sh +# @@Description : script to run cleanup +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck shell=bash +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +set -o pipefail +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set env variables +exitCode=0 + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Predifined actions +[ -d "/tmp" ] && rm -Rf "/tmp"/* +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Main script + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the exit code +exitCode=$? +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit $exitCode diff --git a/rootfs/tmp/etc/nginx/fastcgi_params b/rootfs/tmp/etc/nginx/fastcgi_params new file mode 100644 index 0000000..aa8e19d --- /dev/null +++ b/rootfs/tmp/etc/nginx/fastcgi_params @@ -0,0 +1,26 @@ +# Params for fastcgi +fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; diff --git a/rootfs/tmp/etc/nginx/mime.types b/rootfs/tmp/etc/nginx/mime.types new file mode 100644 index 0000000..1c00d70 --- /dev/null +++ b/rootfs/tmp/etc/nginx/mime.types @@ -0,0 +1,99 @@ + +types { + text/html html htm shtml; + text/css css; + text/xml xml; + image/gif gif; + image/jpeg jpeg jpg; + application/javascript js; + application/atom+xml atom; + application/rss+xml rss; + + text/mathml mml; + text/plain txt; + text/vnd.sun.j2me.app-descriptor jad; + text/vnd.wap.wml wml; + text/x-component htc; + + image/avif avif; + image/png png; + image/svg+xml svg svgz; + image/tiff tif tiff; + image/vnd.wap.wbmp wbmp; + image/webp webp; + image/x-icon ico; + image/x-jng jng; + image/x-ms-bmp bmp; + + font/woff woff; + font/woff2 woff2; + + application/java-archive jar war ear; + application/json json; + application/mac-binhex40 hqx; + application/msword doc; + application/pdf pdf; + application/postscript ps eps ai; + application/rtf rtf; + application/vnd.apple.mpegurl m3u8; + application/vnd.google-earth.kml+xml kml; + application/vnd.google-earth.kmz kmz; + application/vnd.ms-excel xls; + application/vnd.ms-fontobject eot; + application/vnd.ms-powerpoint ppt; + application/vnd.oasis.opendocument.graphics odg; + application/vnd.oasis.opendocument.presentation odp; + application/vnd.oasis.opendocument.spreadsheet ods; + application/vnd.oasis.opendocument.text odt; + application/vnd.openxmlformats-officedocument.presentationml.presentation + pptx; + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet + xlsx; + application/vnd.openxmlformats-officedocument.wordprocessingml.document + docx; + application/vnd.wap.wmlc wmlc; + application/wasm wasm; + application/x-7z-compressed 7z; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-perl pl pm; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert der pem crt; + application/x-xpinstall xpi; + application/xhtml+xml xhtml; + application/xspf+xml xspf; + application/zip zip; + + application/octet-stream bin exe dll; + application/octet-stream deb; + application/octet-stream dmg; + application/octet-stream iso img; + application/octet-stream msi msp msm; + + audio/midi mid midi kar; + audio/mpeg mp3; + audio/ogg ogg; + audio/x-m4a m4a; + audio/x-realaudio ra; + + video/3gpp 3gpp 3gp; + video/mp2t ts; + video/mp4 mp4; + video/mpeg mpeg mpg; + video/quicktime mov; + video/webm webm; + video/x-flv flv; + video/x-m4v m4v; + video/x-mng mng; + video/x-ms-asf asx asf; + video/x-ms-wmv wmv; + video/x-msvideo avi; +} diff --git a/rootfs/tmp/etc/nginx/nginx.conf b/rootfs/tmp/etc/nginx/nginx.conf new file mode 100644 index 0000000..d301a21 --- /dev/null +++ b/rootfs/tmp/etc/nginx/nginx.conf @@ -0,0 +1,91 @@ +# Default nginx configuration docker containers + +user REPLACE_WWW_USER; +worker_processes auto; +daemon on; +error_log REPLACE_LOG_DIR/nginx.log warn; +pid REPLACE_RUN_DIR/nginx.pid; +events { worker_connections 1024; } + +http { + include REPLACE_ETC_DIR/mime.types; + default_type "text/html"; + sendfile on; + keepalive_timeout 65; + gzip on; + map $http_upgrade $connection_upgrade { default upgrade; '' close; } + disable_symlinks off; + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; + access_log REPLACE_LOG_DIR/access.log main; + + server { + listen 0.0.0.0:80 default_server; + server_name REPLACE_SERVER_NAME; + client_max_body_size 0; + proxy_intercept_errors off; + add_header X-Frame-Options "SAMEORIGIN" always; + add_header X-XSS-Protection "1; mode=block" always; + add_header X-Content-Type-Options "nosniff" always; + add_header Referrer-Policy "no-referrer-when-downgrade" always; + add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-src 'self' *; object-src 'self'" always; + index index.php index.cgi index.pl index.aspx index.txt index.json index.html index.unknown.php index.default.php; + root /var/lib/nginx/html; + + location /health { + default_type text/plain; + return 200 'ok'; + } + location /health/text { + default_type text/plain; + return 200 'ok'; + } + location /health/json { + default_type application/json; + return 200 '{"status":"ok","message":"running"}'; + } + + location ~ [^/]\.php(/|$) { + fastcgi_split_path_info ^(.+?\.php)(/.*)$; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_param HTTP_PROXY ""; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + fastcgi_param QUERY_STRING $query_string; + fastcgi_param REQUEST_METHOD $request_method; + fastcgi_param CONTENT_TYPE $content_type; + fastcgi_param CONTENT_LENGTH $content_length; + fastcgi_param SCRIPT_NAME $fastcgi_script_name; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param REQUEST_URI $request_uri; + fastcgi_param DOCUMENT_URI $document_uri; + fastcgi_param DOCUMENT_ROOT $document_root; + fastcgi_param SERVER_PROTOCOL $server_protocol; + fastcgi_param REQUEST_SCHEME $scheme; + fastcgi_param HTTPS $https if_not_empty; + fastcgi_param GATEWAY_INTERFACE CGI/1.1; + fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + fastcgi_param REMOTE_ADDR $remote_addr; + fastcgi_param REMOTE_PORT $remote_port; + fastcgi_param SERVER_ADDR $server_addr; + fastcgi_param SERVER_PORT $server_port; + fastcgi_param SERVER_NAME $server_name; + fastcgi_param REDIRECT_STATUS 200; + } + + location / { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + proxy_pass http://127.0.0.1:8000/; + } + + include /etc/nginx/conf.d/*.conf; + include /etc/nginx/sites-enabled/*; + include /etc/nginx/vhosts.d/*.conf; +} diff --git a/rootfs/tmp/etc/nginx/nginx.ssl.conf b/rootfs/tmp/etc/nginx/nginx.ssl.conf new file mode 100644 index 0000000..014e9db --- /dev/null +++ b/rootfs/tmp/etc/nginx/nginx.ssl.conf @@ -0,0 +1,89 @@ +# nginx configuration for proxying + +user REPLACE_WWW_USER; +worker_processes auto; +daemon on; +error_log REPLACE_LOG_DIR/nginx.log warn; +pid REPLACE_RUN_DIR/nginx.pid; +events { worker_connections 1024; } + +http { + include REPLACE_ETC_DIR/mime.types; + default_type "text/html"; + sendfile on; + keepalive_timeout 65; + gzip on; + map $http_upgrade $connection_upgrade { default upgrade; '' close; } + disable_symlinks off; + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; + access_log REPLACE_LOG_DIR/access.log main; + + server { + listen 0.0.0.0:80 default_server; + server_name REPLACE_SERVER_NAME; + client_max_body_size 0; + proxy_intercept_errors off; + add_header X-Frame-Options "SAMEORIGIN" always; + add_header X-XSS-Protection "1; mode=block" always; + add_header X-Content-Type-Options "nosniff" always; + add_header Referrer-Policy "no-referrer-when-downgrade" always; + add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-src 'self' *; object-src 'self'" always; + index index.php index.cgi index.pl index.aspx index.txt index.json index.html index.unknown.php index.default.php; + root /var/lib/nginx/html; + + location /health { + default_type text/plain; + return 200 'ok'; + } + location /health/text { + default_type text/plain; + return 200 'ok'; + } + location /health/json { + default_type application/json; + return 200 '{"status":"ok","message":"running"}'; + } + + location ~ [^/]\.php(/|$) { + fastcgi_split_path_info ^(.+?\.php)(/.*)$; + if (!-f $document_root$fastcgi_script_name) { return 404; } + fastcgi_param HTTP_PROXY ""; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + fastcgi_param QUERY_STRING $query_string; + fastcgi_param REQUEST_METHOD $request_method; + fastcgi_param CONTENT_TYPE $content_type; + fastcgi_param CONTENT_LENGTH $content_length; + fastcgi_param SCRIPT_NAME $fastcgi_script_name; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param REQUEST_URI $request_uri; + fastcgi_param DOCUMENT_URI $document_uri; + fastcgi_param DOCUMENT_ROOT $document_root; + fastcgi_param SERVER_PROTOCOL $server_protocol; + fastcgi_param REQUEST_SCHEME $scheme; + fastcgi_param HTTPS $https if_not_empty; + fastcgi_param GATEWAY_INTERFACE CGI/1.1; + fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + fastcgi_param REMOTE_ADDR $remote_addr; + fastcgi_param REMOTE_PORT $remote_port; + fastcgi_param SERVER_ADDR $server_addr; + fastcgi_param SERVER_PORT $server_port; + fastcgi_param SERVER_NAME $server_name; + fastcgi_param REDIRECT_STATUS 200; + } + + location / { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + proxy_pass http://127.0.0.1:8000/; + } + + include /etc/nginx/conf.d/*.conf; + include /etc/nginx/sites-enabled/*; + include /etc/nginx/vhosts.d/*.conf; +} diff --git a/rootfs/tmp/etc/nginx/scgi_params b/rootfs/tmp/etc/nginx/scgi_params new file mode 100644 index 0000000..a602e48 --- /dev/null +++ b/rootfs/tmp/etc/nginx/scgi_params @@ -0,0 +1,17 @@ +# Params for scgi +scgi_param REQUEST_METHOD $request_method; +scgi_param REQUEST_URI $request_uri; +scgi_param QUERY_STRING $query_string; +scgi_param CONTENT_TYPE $content_type; + +scgi_param DOCUMENT_URI $document_uri; +scgi_param DOCUMENT_ROOT $document_root; +scgi_param SCGI 1; +scgi_param SERVER_PROTOCOL $server_protocol; +scgi_param REQUEST_SCHEME $scheme; +scgi_param HTTPS $https if_not_empty; + +scgi_param REMOTE_ADDR $remote_addr; +scgi_param REMOTE_PORT $remote_port; +scgi_param SERVER_PORT $server_port; +scgi_param SERVER_NAME $server_name; diff --git a/rootfs/tmp/etc/nginx/uwsgi_params b/rootfs/tmp/etc/nginx/uwsgi_params new file mode 100644 index 0000000..86401d6 --- /dev/null +++ b/rootfs/tmp/etc/nginx/uwsgi_params @@ -0,0 +1,17 @@ +# Params for uwsgi +uwsgi_param QUERY_STRING $query_string; +uwsgi_param REQUEST_METHOD $request_method; +uwsgi_param CONTENT_TYPE $content_type; +uwsgi_param CONTENT_LENGTH $content_length; + +uwsgi_param REQUEST_URI $request_uri; +uwsgi_param PATH_INFO $document_uri; +uwsgi_param DOCUMENT_ROOT $document_root; +uwsgi_param SERVER_PROTOCOL $server_protocol; +uwsgi_param REQUEST_SCHEME $scheme; +uwsgi_param HTTPS $https if_not_empty; + +uwsgi_param REMOTE_ADDR $remote_addr; +uwsgi_param REMOTE_PORT $remote_port; +uwsgi_param SERVER_PORT $server_port; +uwsgi_param SERVER_NAME $server_name; diff --git a/rootfs/tmp/etc/nginx/vhosts.d/default.conf.sample b/rootfs/tmp/etc/nginx/vhosts.d/default.conf.sample new file mode 100644 index 0000000..8a36c35 --- /dev/null +++ b/rootfs/tmp/etc/nginx/vhosts.d/default.conf.sample @@ -0,0 +1,13 @@ + server { + listen REPLACE_SERVER_PORT default_server; + server_name REPLACE_SERVER_NAME; + root REPLACE_SERVER_WWW_DIR; + index index.php index.cgi index.pl index.aspx index.txt index.json index.html index.unknown.php index.default.php; + proxy_intercept_errors off; + add_header X-Frame-Options "SAMEORIGIN" always; + add_header X-XSS-Protection "1; mode=block" always; + add_header X-Content-Type-Options "nosniff" always; + add_header Referrer-Policy "no-referrer-when-downgrade" always; + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-src 'self' *; object-src 'self'" always; + } diff --git a/rootfs/tmp/etc/nginx/vhosts.d/default.ssl.sample b/rootfs/tmp/etc/nginx/vhosts.d/default.ssl.sample new file mode 100644 index 0000000..d33262f --- /dev/null +++ b/rootfs/tmp/etc/nginx/vhosts.d/default.ssl.sample @@ -0,0 +1,18 @@ + server { + listen ssl http2 REPLACE_SERVER_PORT; + server_name REPLACE_SERVER_NAME; + root REPLACE_SERVER_WWW_DIR; + index index.php index.cgi index.pl index.aspx awstats.pl index.txt index.json index.html index.unknown.php index.default.php; + proxy_intercept_errors off; + add_header X-Frame-Options "SAMEORIGIN" always; + add_header X-XSS-Protection "1; mode=block" always; + add_header X-Content-Type-Options "nosniff" always; + add_header Referrer-Policy "no-referrer-when-downgrade" always; + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-src 'self' *; object-src 'self'" always; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; + ssl_prefer_server_ciphers off; + ssl_certificate REPLACE_SSL_DIR/localhost.crt; + ssl_certificate_key REPLACE_SSL_DIR/localhost.key; + } diff --git a/rootfs/tmp/etc/php-fpm/php-fpm.conf b/rootfs/tmp/etc/php-fpm/php-fpm.conf new file mode 100644 index 0000000..451bfc7 --- /dev/null +++ b/rootfs/tmp/etc/php-fpm/php-fpm.conf @@ -0,0 +1,7 @@ +;;;;;;;;;;;;;;;;;;;;; + +pid = /run/php-fpm.pid +error_log = REPLACE_LOG_DIR/error_log +daemonize = yes + +include=/etc/php/php-fpm.d/*.conf diff --git a/rootfs/tmp/etc/php-fpm/php-fpm.d/www.conf b/rootfs/tmp/etc/php-fpm/php-fpm.d/www.conf new file mode 100644 index 0000000..8a74f96 --- /dev/null +++ b/rootfs/tmp/etc/php-fpm/php-fpm.d/www.conf @@ -0,0 +1,29 @@ +[www] +user = REPLACE_WWW_USER +group = REPLACE_WWW_GROUP +listen = 9000 +listen.backlog = 65535 +listen.allowed_clients = 127.0.0.1 +pm = ondemand +pm.max_children = 50 +pm.start_servers = 5 +pm.min_spare_servers = 5 +pm.max_spare_servers = 35 +pm.status_path = /status +ping.path = /ping +ping.response = pong +access.log = REPLACE_LOG_DIR/access_log +access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" +slowlog = REPLACE_LOG_DIR/error_log +clear_env = no +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp +php_flag[display_errors] = off +php_admin_flag[log_errors] = on +php_admin_value[post_max_size] = 4096M +php_admin_value[upload_max_filesize] = 4096M +php_admin_value[memory_limit] = 2048M +php_admin_value[error_log] = REPLACE_LOG_DIR/error_log diff --git a/rootfs/tmp/etc/php/php.ini b/rootfs/tmp/etc/php/php.ini new file mode 100644 index 0000000..37becc0 --- /dev/null +++ b/rootfs/tmp/etc/php/php.ini @@ -0,0 +1,347 @@ +[PHP] +user_ini.filename = "php.ini" +user_ini.filename = ".user.ini" +user_ini.cache_ttl = 300 +engine = On +short_open_tag = Off +asp_tags = Off +precision = 14 +output_buffering = 4096 +;output_handler = +zlib.output_compression = Off +;zlib.output_compression_level = -1 +;zlib.output_handler = +implicit_flush = Off +unserialize_callback_func = +serialize_precision = 17 +;open_basedir = +disable_functions = +disable_classes = +ignore_user_abort = On +realpath_cache_size = 16k +realpath_cache_ttl = 120 +zend.enable_gc = On +zend.multibyte = Off +zend.script_encoding = +expose_php = Off +max_execution_time = 3600 +max_input_time = 3600 +;max_input_nesting_level = 64 +; max_input_vars = 1000 +memory_limit = 10G +error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT +display_errors = On +display_startup_errors = Off +log_errors = On +log_errors_max_len = 1024 +ignore_repeated_errors = Off +ignore_repeated_source = Off +report_memleaks = On +;report_zend_debug = 0 +track_errors = Off +;xmlrpc_errors = 0 +;xmlrpc_error_number = 0 +html_errors = On +;docref_root = "/phpmanual/" +;docref_ext = .html +error_prepend_string = "" +error_append_string = "" +error_log = REPLACE_LOG_DIR/php.log +;arg_separator.input = ";&" +variables_order = "GPCS" +request_order = "GP" +register_argc_argv = Off +auto_globals_jit = On +;enable_post_data_reading = Off +post_max_size = 10G +auto_prepend_file = +auto_append_file = +default_mimetype = "text/html" +default_charset = "UTF-8" +;internal_encoding = +;input_encoding = +;output_encoding = +always_populate_raw_post_data = -1 +doc_root = +user_dir = +enable_dl = Off +cgi.force_redirect = 1 +;cgi.nph = 1 +cgi.redirect_status_env = +cgi.fix_pathinfo = 1 +fastcgi.impersonate = 1 +fastcgi.logging = 1 +;cgi.rfc2616_headers = 0 +file_uploads = On +upload_tmp_dir = REPLACE_TMP_DIR/uploads +upload_max_filesize =10G +max_file_uploads = 20 +allow_url_fopen = On +allow_url_include = On +;from="john@doe.com" +;user_agent="PHP" +default_socket_timeout = 60 +;auto_detect_line_endings = Off + +[CLI Server] +cli_server.color = On + +[Date] +date.timezone = REPLACE_TZ +;date.default_latitude = 31.7667 +;date.default_longitude = 35.2333 + +[filter] +;filter.default = unsafe_raw +;filter.default_flags = + +[iconv] +;iconv.input_encoding = +;iconv.internal_encoding = +;iconv.output_encoding = + +[intl] +;intl.default_locale = +;intl.error_level = E_WARNING + +[sqlite] +;sqlite.assoc_case = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;pcre.backtrack_limit=100000 +;pcre.recursion_limit=100000 + +[Pdo] +;pdo_odbc.connection_pooling=strict +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +pdo_mysql.cache_size = 2000 +pdo_mysql.default_socket= + +[Phar] +;phar.readonly = On +;phar.require_hash = On +;phar.cache_list = + +[mail function] +sendmail_path = -S localhost -t -i +;sendmail_path = /usr/sbin/sendmail -t -i +;mail.force_extra_parameters = +mail.add_x_header = On +;mail.log = syslog + +[SQL] +sql.safe_mode = Off + +[ODBC] +;odbc.default_db = Not yet implemented +;odbc.default_user = Not yet implemented +;odbc.default_pw = Not yet implemented +;odbc.default_cursortype +odbc.allow_persistent = On +odbc.check_persistent = On +odbc.max_persistent = -1 +odbc.max_links = -1 +odbc.defaultlrl = 4096 +odbc.defaultbinmode = 1 +;birdstep.max_links = -1 + +[Interbase] +ibase.allow_persistent = 1 +ibase.max_persistent = -1 +ibase.max_links = -1 +;ibase.default_db = +;ibase.default_user = +;ibase.default_password = +;ibase.default_charset = +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" +ibase.dateformat = "%Y-%m-%d" +ibase.timeformat = "%H:%M:%S" + +[MySQL] +mysql.allow_local_infile = On +mysql.allow_persistent = On +mysql.cache_size = 2000 +mysql.max_persistent = -1 +mysql.max_links = -1 +mysql.default_port = +mysql.default_socket = +mysql.default_host = +mysql.default_user = +mysql.default_password = +mysql.connect_timeout = 60 +mysql.trace_mode = Off + +[MySQLi] +mysqli.max_persistent = -1 +mysqli.allow_local_infile = On +mysqli.allow_persistent = On +mysqli.max_links = -1 +mysqli.cache_size = 2000 +mysqli.default_port = 3306 +mysqli.default_socket = +mysqli.default_host = +mysqli.default_user = +mysqli.default_pw = +mysqli.reconnect = Off + +[mysqlnd] +mysqlnd.collect_statistics = On +mysqlnd.collect_memory_statistics = Off +;mysqlnd.net_cmd_buffer_size = 2048 +;mysqlnd.net_read_buffer_size = 32768 + +[OCI8] +;oci8.privileged_connect = Off +;oci8.max_persistent = -1 +;oci8.persistent_timeout = -1 +;oci8.ping_interval = 60 +;oci8.connection_class = +;oci8.events = Off +;oci8.statement_cache_size = 20 +;oci8.default_prefetch = 100 +;oci8.old_oci_close_semantics = Off + +[PostgreSQL] +pgsql.allow_persistent = On +pgsql.auto_reset_persistent = Off +pgsql.max_persistent = -1 +pgsql.max_links = -1 +pgsql.ignore_notice = 0 +pgsql.log_notice = 0 + +[Sybase-CT] +sybct.allow_persistent = On +sybct.max_persistent = -1 +sybct.max_links = -1 +sybct.min_server_severity = 10 +sybct.min_client_severity = 10 +;sybct.timeout= +;sybct.packet_size +;sybct.login_timeout= +;sybct.hostname= +;sybct.deadlock_retry_count= + +[bcmath] +bcmath.scale = 0 + +[browscap] +;browscap = extra/browscap.ini + +[Session] +session.save_handler = files +session.save_path = "REPLACE_TMP_DIR/seesions" +session.use_strict_mode = 0 +session.use_cookies = 1 +;session.cookie_secure = +session.use_only_cookies = 1 +session.name = PHP_REPLACE_RANDOM_ID +session.auto_start = 0 +session.cookie_lifetime = 525600 +session.cookie_path = / +session.cookie_domain = +session.cookie_httponly = +session.serialize_handler = php +session.gc_probability = 1 +session.gc_divisor = 1000 +session.gc_maxlifetime = 525600 +session.referer_check = +;session.entropy_length = 32 +;session.entropy_file = /dev/urandom +session.cache_limiter = nocache +session.cache_expire = 180 +session.use_trans_sid = 0 +session.hash_function = 0 +session.hash_bits_per_character = 5 +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" +session.upload_progress.enabled = On +session.upload_progress.cleanup = On +session.upload_progress.prefix = "upload_progress_" +session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" +session.upload_progress.freq = "1%" +session.upload_progress.min_freq = "1" + +[MSSQL] +mssql.allow_persistent = On +mssql.max_persistent = -1 +mssql.max_links = -1 +mssql.min_error_severity = 10 +mssql.min_message_severity = 10 +mssql.compatibility_mode = Off +;mssql.connect_timeout = 5 +;mssql.timeout = 60 +;mssql.textlimit = 4096 +;mssql.textsize = 4096 +;mssql.batchsize = 0 +;mssql.datetimeconvert = On +mssql.secure_connection = Off +;mssql.max_procs = -1 +;mssql.charset = "ISO-8859-1" + +[Assertion] +;assert.active = On +;assert.warning = On +;assert.bail = Off +;assert.callback = 0 +;assert.quiet_eval = 0 + +[mbstring] +;mbstring.language = Japanese +;mbstring.internal_encoding = +;mbstring.http_input = +;mbstring.http_output = +;mbstring.encoding_translation = Off +;mbstring.detect_order = auto +;mbstring.substitute_character = none +;mbstring.func_overload = 0 +;mbstring.strict_detection = On +;mbstring.http_output_conv_mimetype= + +[gd] +;gd.jpeg_ignore_warning = 0 + +[exif] +;exif.encode_unicode = ISO-8859-15 +;exif.decode_unicode_motorola = UCS-2BE +;exif.decode_unicode_intel = UCS-2LE +;exif.encode_jis = +;exif.decode_jis_motorola = JIS +;exif.decode_jis_intel = JIS + +[Tidy] +;tidy.default_config = /usr/local/lib/php/default.tcfg +tidy.clean_output = Off + +[soap] +soap.wsdl_cache_enabled=1 +soap.wsdl_cache_dir="REPLACE_TMP_DIR/cache" +soap.wsdl_cache_ttl=86400 +soap.wsdl_cache_limit = 5 + +[sysvshm] +;sysvshm.init_mem = 10000 + +[ldap] +ldap.max_links = -1 + +[mcrypt] +;mcrypt.algorithms_dir= +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +[curl] +;curl.cainfo = + +[openssl] +;openssl.cafile= +;openssl.capath= + +; Local Variables: +; tab-width: 4 +; End: diff --git a/rootfs/tmp/etc/stikked/config.php b/rootfs/tmp/etc/stikked/config.php new file mode 100644 index 0000000..e877575 --- /dev/null +++ b/rootfs/tmp/etc/stikked/config.php @@ -0,0 +1,297 @@ +/dev/null)" +CONTAINER_NAME="${ENV_CONTAINER_NAME:-$CONTAINER_NAME}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# remove whitespaces from beginning argument +while :; do [ "$1" = " " ] && shift 1 || break; done +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ "$1" = "$SCRIPT_FILE" ] && shift 1 +[ "$1" = "$SCRIPT_NAME" ] && shift 1 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import the functions file +if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then + . "/usr/local/etc/docker/functions/entrypoint.sh" +else + echo "Can not load functions from /usr/local/etc/docker/functions/entrypoint.sh" + exit 1 +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +case "$1" in +# Help message +--help) + shift 1 + echo 'Docker container for '$CONTAINER_NAME'' + echo "Usage: $CONTAINER_NAME [cron exec start init shell certbot ssl procs ports healthcheck backup command]" + echo "" + exit 0 + ;; +esac +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Create the default env files +__create_env_file "/config/env/default.sh" "/root/env.sh" &>/dev/null +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import variables from files +for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do + [ -f "$set_env" ] && . "$set_env" +done +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# User to use to launch service - IE: postgres +RUNAS_USER="root" # normally root +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# User and group in which the service switches to - IE: nginx,apache,mysql,postgres +SERVICE_USER="pastebin" # execute command as another user +SERVICE_GROUP="pastebin" # Set the service group +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set user and group ID +SERVICE_UID="0" # set the user id +SERVICE_GID="0" # set the group id +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Primary server port- will be added to server ports +WEB_SERVER_PORT="" # port : 80,443 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Secondary ports +SERVER_PORTS="" # specifiy other ports +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Server directories +WWW_ROOT_DIR="" # set default web dir +DATABASE_DIR="" # set database dir +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Healthcheck variables +HEALTH_ENABLED="yes" # enable healthcheck [yes/no] +SERVICES_LIST="tini" # comma seperated list of processes for the healthcheck +HEALTH_ENDPOINTS="" # url endpoints: [http://localhost/health,http://localhost/test] +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Update path var +export PATH="${PATH:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Custom variables + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# show message +__run_message() { + + return +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +################## END OF CONFIGURATION ##################### +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Startup variables +export INIT_DATE="${INIT_DATE:-$(date)}" +export CONTAINER_INIT="${CONTAINER_INIT:-no}" +export START_SERVICES="${START_SERVICES:-yes}" +export ENTRYPOINT_MESSAGE="${ENTRYPOINT_MESSAGE:-yes}" +export ENTRYPOINT_FIRST_RUN="${ENTRYPOINT_FIRST_RUN:-yes}" +export DATA_DIR_INITIALIZED="${DATA_DIR_INITIALIZED:-no}" +export CONFIG_DIR_INITIALIZED="${CONFIG_DIR_INITIALIZED:-no}" +export CONTAINER_NAME="${ENV_CONTAINER_NAME:-$CONTAINER_NAME}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# System +export LANG="${LANG:-C.UTF-8}" +export LC_ALL="${LANG:-C.UTF-8}" +export TZ="${TZ:-${TIMEZONE:-America/New_York}}" +export HOSTNAME="${FULL_DOMAIN_NAME:-${SERVER_HOSTNAME:-$HOSTNAME}}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Default directories +export SSL_DIR="${SSL_DIR:-/config/ssl}" +export SSL_CA="${SSL_CERT:-/config/ssl/ca.crt}" +export SSL_KEY="${SSL_KEY:-/config/ssl/localhost.pem}" +export SSL_CERT="${SSL_CERT:-/config/ssl/localhost.crt}" +export BACKUP_DIR="${BACKUP_DIR:-/data/backups}" +export LOCAL_BIN_DIR="${LOCAL_BIN_DIR:-/usr/local/bin}" +export DEFAULT_DATA_DIR="${DEFAULT_DATA_DIR:-/usr/local/share/template-files/data}" +export DEFAULT_CONF_DIR="${DEFAULT_CONF_DIR:-/usr/local/share/template-files/config}" +export DEFAULT_TEMPLATE_DIR="${DEFAULT_TEMPLATE_DIR:-/usr/local/share/template-files/defaults}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional +export PHP_INI_DIR="${PHP_INI_DIR:-$(__find_php_ini)}" +export PHP_BIN_DIR="${PHP_BIN_DIR:-$(__find_php_bin)}" +export HTTPD_CONFIG_FILE="${HTTPD_CONFIG_FILE:-$(__find_httpd_conf)}" +export NGINX_CONFIG_FILE="${NGINX_CONFIG_FILE:-$(__find_nginx_conf)}" +export MYSQL_CONFIG_FILE="${MYSQL_CONFIG_FILE:-$(__find_mysql_conf)}" +export PGSQL_CONFIG_FILE="${PGSQL_CONFIG_FILE:-$(__find_pgsql_conf)}" +export MONGODB_CONFIG_FILE="${MONGODB_CONFIG_FILE:-$(__find_mongodb_conf)}" +export ENTRYPOINT_PID_FILE="${ENTRYPOINT_PID_FILE:-$ENTRYPOINT_PID_FILE}" +export ENTRYPOINT_INIT_FILE="${ENTRYPOINT_INIT_FILE:-/config/.entrypoint.done}" +export ENTRYPOINT_DATA_INIT_FILE="${ENTRYPOINT_DATA_INIT_FILE:-/data/.docker_has_run}" +export ENTRYPOINT_CONFIG_INIT_FILE="${ENTRYPOINT_CONFIG_INIT_FILE:-/config/.docker_has_run}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ -f "$ENTRYPOINT_PID_FILE" ] || [ -f "$ENTRYPOINT_INIT_FILE" ]; then + START_SERVICES="no" ENTRYPOINT_MESSAGE="no" ENTRYPOINT_FIRST_RUN="no" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# variables based on env/files +[ -f "/config/enable/ssl" ] && SSL_ENABLED="yes" +[ -f "/config/enable/ssh" ] && SSH_ENABLED="yes" +[ "$WEB_SERVER_PORT" = "443" ] && SSL_ENABLED="yes" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# export variables + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# is already Initialized +[ -f "$ENTRYPOINT_DATA_INIT_FILE" ] && DATA_DIR_INITIALIZED="yes" || DATA_DIR_INITIALIZED="no" +[ -f "$ENTRYPOINT_CONFIG_INIT_FILE" ] && CONFIG_DIR_INITIALIZED="yes" || CONFIG_DIR_INITIALIZED="no" +{ [ -f "$ENTRYPOINT_PID_FILE" ] || [ -f "$ENTRYPOINT_INIT_FILE" ]; } && ENTRYPOINT_FIRST_RUN="no" || ENTRYPOINT_FIRST_RUN="yes" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# clean ENV_PORTS variables +ENV_PORTS="${ENV_PORTS//,/ }" # +ENV_PORTS="${ENV_PORTS//\/*/}" # +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# clean SERVER_PORTS variables +SERVER_PORTS="${SERVER_PORTS//,/ }" # +SERVER_PORTS="${SERVER_PORTS//\/*/}" # +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# clean WEB_SERVER_PORTS variables +WEB_SERVER_PORTS="${WEB_SERVER_PORT//\/*/}" # +WEB_SERVER_PORTS="${WEB_SERVER_PORTS//\/*/}" # +WEB_SERVER_PORTS="${WEB_SERVER_PORT//,/ } ${ENV_WEB_SERVER_PORTS//,/ }" # +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# rewrite and merge variables +ENV_PORTS="$(__format_variables "$ENV_PORTS" || false)" +WEB_SERVER_PORTS="$(__format_variables "$WEB_SERVER_PORTS" || false)" +ENV_PORTS="$(__format_variables "$SERVER_PORTS" "$WEB_SERVER_PORTS" "$ENV_PORTS" "$SERVER_PORTS" || false)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# +HEALTH_ENDPOINTS="${HEALTH_ENDPOINTS//,/ }" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create required directories +mkdir -p "/run" +mkdir -p "/tmp" +mkdir -p "/root" +mkdir -p "/var/run" +mkdir -p "/var/tmp" +mkdir -p "/run/cron" +mkdir -p "/data/logs" +mkdir -p "/run/init.d" +mkdir -p "/config/enable" +mkdir -p "/config/secure" +mkdir -p "/usr/local/etc/docker/exec" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create required files +touch "/data/logs/start.log" +touch "/data/logs/entrypoint.log" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# fix permissions +chmod -f 777 "/run" +chmod -f 777 "/tmp" +chmod -f 700 "/root" +chmod -f 777 "/var/run" +chmod -f 777 "/var/tmp" +chmod -f 777 "/run/cron" +chmod -f 777 "/data/logs" +chmod -f 777 "/run/init.d" +chmod -f 777 "/config/enable" +chmod -f 777 "/config/secure" +chmod -f 777 "/data/logs/entrypoint.log" +chmod -f 777 "/usr/local/etc/docker/exec" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# lets ensure everyone can write to std* +[ -f "/dev/stdin" ] && chmod -f 777 "/dev/stdin" +[ -f "/dev/stderr" ] && chmod -f 777 "/dev/stderr" +[ -f "/dev/stdout" ] && chmod -f 777 "/dev/stdout" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +cat </dev/null +export LANG="\${LANG:-C.UTF-8}" +export LC_ALL="\${LANG:-C.UTF-8}" +export TZ="\${TZ:-\${TIMEZONE:-America/New_York}}" +EOF +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Create the backup dir +[ -n "$BACKUP_DIR" ] && { [ -d "$BACKUP_DIR" ] || mkdir -p "$BACKUP_DIR"; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ "$ENTRYPOINT_FIRST_RUN" != "no" ]; then + # Show start message + if [ "$CONFIG_DIR_INITIALIZED" = "no" ] || [ "$DATA_DIR_INITIALIZED" = "no" ]; then + [ "$ENTRYPOINT_MESSAGE" = "yes" ] && echo "Executing entrypoint script for pastebin" + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Set reusable variables + { { [ -w "/etc" ] && [ ! -e "/etc/hosts" ]; } || [ -w "/etc/hosts" ]; } && UPDATE_FILE_HOSTS="yes" + { { [ -w "/etc" ] && [ ! -e "/etc/timezone" ]; } || [ -w "/etc/timezone" ]; } && UPDATE_FILE_TZ="yes" + { { [ -w "/etc" ] && [ ! -e "/etc/resolv.conf" ]; } || [ -w "/etc/resolv.conf" ]; } && UPDATE_FILE_RESOLV="yes" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Set timezone + [ -n "$TZ" ] && [ "$UPDATE_FILE_TZ" = "yes" ] && echo "$TZ" >"/etc/timezone" + [ -f "/usr/share/zoneinfo/$TZ" ] && [ "$UPDATE_FILE_TZ" = "yes" ] && ln -sf "/usr/share/zoneinfo/$TZ" "/etc/localtime" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # if ipv6 add it to /etc/hosts + if [ "$UPDATE_FILE_HOSTS" = "yes" ]; then + echo "# known hostname mappings" >"/etc/hosts" + if [ -n "$(ip a 2>/dev/null | grep 'inet6.*::' || ifconfig 2>/dev/null | grep 'inet6.*::')" ]; then + __printf_space "40" "::1" "localhost" >>"/etc/hosts" + __printf_space "40" "127.0.0.1" "localhost" >>"/etc/hosts" + else + __printf_space "40" "127.0.0.1" "localhost" >>"/etc/hosts" + fi + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # add .home domain + if [ "$UPDATE_FILE_HOSTS" = "yes" ] && [ -n "$HOSTNAME" ]; then + __grep_test " $HOSTNAME" "/etc/hosts" || __printf_space "40" "${CONTAINER_IP4_ADDRESS:-127.0.0.1}" "$HOSTNAME" >>"/etc/hosts" + __grep_test " ${HOSTNAME%%.*}.home" "/etc/hosts" || __printf_space "40" "${CONTAINER_IP4_ADDRESS:-127.0.0.1}" "${HOSTNAME%%.*}.home" >>"/etc/hosts" + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # add domainname + if [ "$UPDATE_FILE_HOSTS" = "yes" ] && [ "$DOMAINNAME" != "home" ] && [ -n "$DOMAINNAME" ] && [ "$HOSTNAME.$DOMAINNAME" != "$DOMAINNAME" ]; then + __grep_test " ${HOSTNAME%%.*}.$DOMAINNAME" "/etc/hosts" || __printf_space "40" "${CONTAINER_IP4_ADDRESS:-127.0.0.1}" "${HOSTNAME%%.*}.$DOMAINNAME" >>"/etc/hosts" + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Set containers hostname + [ -n "$HOSTNAME" ] && [ "$UPDATE_FILE_HOSTS" = "yes" ] && echo "$HOSTNAME" >"/etc/hostname" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Set containers hostname with domain + # [ -n "$DOMAINNAME" ] && [ "$UPDATE_FILE_HOSTS" = "yes" ] && echo "$HOSTNAME.$DOMAINNAME" >"/etc/hostname" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + if [ -f "/etc/hostname" ]; then + [ -n "$(type -P hostname)" ] && hostname -F "/etc/hostname" &>/dev/null || HOSTNAME="$(<"/etc/hostname")" + export HOSTNAME + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # import hosts file into container + [ -f "/usr/local/etc/hosts" ] && [ "$UPDATE_FILE_HOSTS" = "yes" ] && cat "/usr/local/etc/hosts" | grep -vF "$HOSTNAME" >>"/etc/hosts" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # import resolv.conf file into container + [ "$CUSTOM_DNS" != "yes" ] && [ -f "/usr/local/etc/resolv.conf" ] && [ "$UPDATE_FILE_RESOLV" = "yes" ] && cat "/usr/local/etc/resolv.conf" >"/etc/resolv.conf" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + if [ -d "/usr/local/etc/skel" ]; then + cp -Rf "/usr/local/etc/skel/." "$HOME/" + fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Delete any .gitkeep files +[ -d "/data" ] && rm -Rf "/data/.gitkeep" "/data"/*/*.gitkeep +[ -d "/config" ] && rm -Rf "/config/.gitkeep" "/config"/*/*.gitkeep +[ -f "/usr/local/bin/.gitkeep" ] && rm -Rf "/usr/local/bin/.gitkeep" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Setup bin directory - /config/bin > /usr/local/bin +__initialize_custom_bin_dir +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Copy default system configs - /usr/local/share/template-files/defaults > /config/ +__initialize_default_templates +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Copy custom config files - /usr/local/share/template-files/config > /config/ +__initialize_config_dir +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Copy custom data files - /usr/local/share/template-files/data > /data/ +__initialize_data_dir +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__initialize_ssl_certs +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ -f "$ENTRYPOINT_PID_FILE" ] || [ -f "$ENTRYPOINT_INIT_FILE" ]; then + START_SERVICES="no" + ENTRYPOINT_MESSAGE="no" + ENTRYPOINT_FIRST_RUN="no" + touch "$ENTRYPOINT_PID_FILE" +elif [ -d "/config" ]; then + echo "$$" >"$ENTRYPOINT_PID_FILE" + echo "Initialized on: $INIT_DATE" >"$ENTRYPOINT_INIT_FILE" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Check if this is a new container +if [ -f "$ENTRYPOINT_DATA_INIT_FILE" ]; then + DATA_DIR_INITIALIZED="yes" +elif [ -d "/data" ]; then + echo "Initialized on: $INIT_DATE" >"$ENTRYPOINT_DATA_INIT_FILE" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ -f "$ENTRYPOINT_CONFIG_INIT_FILE" ]; then + CONFIG_DIR_INITIALIZED="yes" +elif [ -d "/config" ]; then + echo "Initialized on: $INIT_DATE" >"$ENTRYPOINT_CONFIG_INIT_FILE" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ "$ENTRYPOINT_FIRST_RUN" != "no" ]; then + # setup the smtp server + __setup_mta +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# if no pid assume container restart +[ -f "$ENTRYPOINT_PID_FILE" ] && [ -f "/run/__start_init_scripts.pid" ] || START_SERVICES="yes" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ "$ENTRYPOINT_MESSAGE" = "yes" ] && __printf_space "40" "Container ip address is:" "$CONTAINER_IP4_ADDRESS" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Show configured listing processes +if [ "$ENTRYPOINT_MESSAGE" = "yes" ] && [ -n "$ENV_PORTS" ]; then + show_port="" + for port in $ENV_PORTS; do [ -n "$port" ] && show_port+="$(printf '%s ' "${port// /}") "; done + __printf_space "40" "The following ports are open:" "$show_port" + unset port show_port +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# execute init script +if [ -f "/tmp/init" ]; then sh "/tmp/init"; fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create user if needed +__create_service_user "$SERVICE_USER" "$SERVICE_GROUP" "${WORK_DIR:-/home/$SERVICE_USER}" "${SERVICE_UID:-}" "${SERVICE_GID:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Modify user if needed +__set_user_group_id $SERVICE_USER ${SERVICE_UID:-} ${SERVICE_GID:-} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Show message +__run_message +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Just start services +START_SERVICES="${START_SERVICES:-SYSTEM_INIT}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Start all services if no pidfile +if [ "$START_SERVICES" = "yes" ] && [ "$1" != "backup" ] && [ "$1" != "healthcheck" ]; then + [ "$1" = "start" ] && shift 1 + [ "$1" = "all" ] && shift 1 + [ "$1" = "init" ] && export CONTAINER_INIT="yes" + echo "$$" >"$ENTRYPOINT_PID_FILE" + __start_init_scripts "/usr/local/etc/docker/init.d" + START_SERVICES="no" + CONTAINER_INIT="${CONTAINER_INIT:-no}" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Begin options +case "$1" in +init) + shift 1 + echo "Container has been Initialized" + exit 0 + ;; + +cron) + shift 1 + __cron "$@" & + exit + ;; +# backup data and config dirs +backup) + shift 1 + save="${1:-$BACKUP_DIR}" + backupExit=0 + date="$(date '+%Y%m%d-%H%M')" + file="$save/$date.tar.gz" + echo "Backing up /data /config to $file" + sleep 1 + tar cfvz "$file" --exclude="$save" "/data" "/config" || false + backupExit=$? + [ $backupExit -eq 0 ] && echo "Backed up /data /config has finished" || echo "Backup of /data /config has failed" + exit $backupExit + ;; +# Docker healthcheck +healthcheck) + healthStatus=0 + services="${SERVICES_LIST:-$@}" + healthEnabled="${HEALTH_ENABLED:-}" + healthPorts="${WEB_SERVER_PORTS:-}" + healthEndPoints="${HEALTH_ENDPOINTS:-}" + healthMessage="Everything seems to be running" + services="${services//,/ }" + [ "$healthEnabled" = "yes" ] || exit 0 + for proc in $services; do + if [ -n "$proc" ]; then + if ! __pgrep "$proc"; then + echo "$proc is not running" >&2 + healthStatus=$((healthStatus + 1)) + fi + fi + done + for port in $ports; do + if [ -n "$(type -P netstat)" ] && [ -n "$port" ]; then + if ! netstat -taupln | grep -q ":$port "; then + echo "$port isn't open" >&2 + healthStatus=$((healthStatus + 1)) + fi + fi + done + for endpoint in $healthEndPoints; do + if [ -n "$endpoint" ]; then + if ! __curl "$endpoint"; then + echo "Can not connect to $endpoint" >&2 + healthStatus=$((healthStatus + 1)) + fi + fi + done + [ "$healthStatus" -eq 0 ] || healthMessage="Errors reported see: docker logs --follow $CONTAINER_NAME" + [ -n "$healthMessage" ] && echo "$healthMessage" + exit $healthStatus + ;; + # show open ports +ports) + shift 1 + ports="$(__netstat -taupln | awk -F ' ' '{print $4}' | awk -F ':' '{print $2}' | sort --unique --version-sort | grep -v '^$' | grep '^' || echo '')" + [ -n "$ports" ] && printf '%s\n%s\n' "The following are servers:" "$ports" | tr '\n' ' ' + exit $? + ;; + # show running processes +procs) + shift 1 + ps="$(__ps axco command | grep -vE 'COMMAND|grep|ps' | sort -u || grep '^' || echo '')" + [ -n "$ps" ] && printf '%s\n%s\n' "Found the following processes" "$ps" | tr '\n' ' ' + exit $? + ;; + # setup ssl +ssl) + shift 1 + __create_ssl_cert + exit $? + ;; +# manage ssl certificate +certbot) + shift 1 + CERT_BOT_ENABLED="yes" + if [ "$1" = "create" ]; then + shift 1 + __certbot "create" + elif [ "$1" = "renew" ]; then + shift 1 + __certbot "renew certonly --force-renew" + else + __exec_command "certbot" "$@" + fi + exit $? + ;; +# Launch shell +*/bin/sh | */bin/bash | bash | sh | shell) + shift 1 + __exec_command "${@:-/bin/bash -l}" + exit $? + ;; +# execute commands +exec) + shift 1 + __exec_command "${@:-echo "No commands given"}" + exit $? + ;; +# show/start init scripts +start) + shift 1 + export PATH="/usr/local/etc/docker/init.d:$PATH" + if [ $# -eq 0 ]; then + scripts="$(ls -A "/usr/local/etc/docker/init.d")" + [ -n "$scripts" ] && echo "$scripts" || echo "No scripts found in: /usr/local/etc/docker/init.d" + exit + elif [ "$1" = "all" ]; then + shift $# + if [ "$START_SERVICES" = "yes" ]; then + echo "$$" >"$ENTRYPOINT_PID_FILE" + __start_init_scripts "/usr/local/etc/docker/init.d" + __no_exit + elif [ -f "/usr/local/etc/docker/init.d/$1" ]; then + eval "/usr/local/etc/docker/init.d/$1" & + __no_exit + + fi + fi + ;; +# Execute primary command +*) + if [ $# -eq 0 ]; then + if [ ! -f "$ENTRYPOINT_PID_FILE" ]; then + echo "$$" >"$ENTRYPOINT_PID_FILE" + [ "$START_SERVICES" = "no" ] && [ "$CONTAINER_INIT" = "yes" ] || __start_init_scripts "/usr/local/etc/docker/init.d" + fi + __no_exit + else + __exec_command "$@" + fi + exit $? + ;; +esac +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# end of entrypoint +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + +# ex: ts=2 sw=2 et filetype=sh diff --git a/rootfs/usr/local/bin/pkmgr b/rootfs/usr/local/bin/pkmgr new file mode 100755 index 0000000..137af81 --- /dev/null +++ b/rootfs/usr/local/bin/pkmgr @@ -0,0 +1,140 @@ +#!/usr/bin/env bash +# shellcheck shell=bash +# shellcheck disable=SC2016 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ -n "$_DEBUG" ] && _DEBUG_OPTIONS="-x" +[ "$1" = "--debug" ] && _DEBUG_OPTIONS="-x" && shift 1 +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -x$DEBUGGER_OPTIONS +set -e $_DEBUG_OPTIONS +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +USER_UID="$(id -u)" +USER_GID="$(id -g)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ -f "/etc/pkmgr/options.conf" ] && . "/etc/pkmgr/options.conf" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ -x "$(command -v apt 2>/dev/null)" ]; then + export DEBIAN_FRONTEND=noninteractive + pkmgr_cmd="apt" + pkmgr_clean_cmd="$pkmgr_cmd clean" + pkmgr_mkcache_cmd="$pkmgr_cmd update" + pkmgr_update_cmd="$pkmgr_cmd upgrade -yy" + pkmgr_install_cmd="$pkmgr_cmd install -yy $PKMGR_OPTS" +elif [ -x "$(command -v apt-get 2>/dev/null)" ]; then + export DEBIAN_FRONTEND=noninteractive + pkmgr_cmd="apt-get" + pkmgr_clean_cmd="$pkmgr_cmd clean" + pkmgr_mkcache_cmd="$pkmgr_cmd update" + pkmgr_update_cmd="$pkmgr_cmd upgrade -yy" + pkmgr_install_cmd="$pkmgr_cmd install -yy $PKMGR_OPTS" +elif [ -x "$(command -v dnf 2>/dev/null)" ]; then + pkmgr_cmd="dnf" + pkmgr_clean_cmd="$pkmgr_cmd clean all" + pkmgr_mkcache_cmd="$pkmgr_cmd makecache" + pkmgr_update_cmd="$pkmgr_cmd update -y --skip-broken $PKMGR_OPTS" + pkmgr_install_cmd="$pkmgr_cmd install -y --skip-broken $PKMGR_OPTS" +elif [ -x "$(command -v yum 2>/dev/null)" ]; then + pkmgr_cmd="yum" + pkmgr_clean_cmd="$pkmgr_cmd clean all" + pkmgr_mkcache_cmd="$pkmgr_cmd makecache" + pkmgr_update_cmd="$pkmgr_cmd update -y --skip-broken $PKMGR_OPTS" + pkmgr_install_cmd="$pkmgr_cmd install -y --skip-broken $PKMGR_OPTS" +elif [ -n "$(command -v pacman 2>/dev/null)" ]; then + pkmgr_cmd="pacman" + pkmgr_mkcache_cmd="true" + pkmgr_clean_cmd="$pkmgr_cmd -Scc --noconfirm" + pkmgr_update_cmd="$pkmgr_cmd -Syyu --noconfirm $PKMGR_OPTS" + pkmgr_install_cmd="$pkmgr_cmd -Syy --noconfirm $PKMGR_OPTS" +elif [ -x "$(command -v apk 2>/dev/null)" ]; then + pkmgr_cmd="apk" + pkmgr_mkcache_cmd="true" + pkmgr_clean_cmd="$pkmgr_cmd cache clean" + pkmgr_update_cmd="$pkmgr_cmd -U upgrade --no-cache $PKMGR_OPTS" + pkmgr_install_cmd="$pkmgr_cmd add --no-cache $PKMGR_OPTS" +elif [ -x "$(command -v zypper 2>/dev/null)" ]; then + pkmgr_cmd="zypper" + pkmgr_mkcache_cmd="true" + pkmgr_clean_cmd="$pkmgr_cmd clean --all" + pkmgr_update_cmd="$pkmgr_cmd update -y $PKMGR_OPTS" + pkmgr_install_cmd="$pkmgr_cmd install -y $PKMGR_OPTS" +else + pkmgr_cmd="true" + pkmgr_mkcache_cmd="$pkmgr_cmd" + pkmgr_clean_cmd="$pkmgr_cmd" + pkmgr_update_cmd="$pkmgr_cmd" + pkmgr_install_cmd="$pkmgr_cmd" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ -f "/config/pkmgr/settings.conf" ]; then + . "/config/pkmgr/settings.conf" +elif [ -f "/etc/pkmgr/settings.conf" ]; then + . "/etc/pkmgr/settings.conf" +else + mkdir -p "/config/pkmgr" + cat <"/config/pkmgr/settings.conf" +pkmgr_cmd="$pkmgr_cmd" +pkmgr_clean_cmd="$pkmgr_clean_cmd" +pkmgr_update_cmd="$pkmgr_update_cmd" +pkmgr_install_cmd="$pkmgr_install_cmd" +pkmgr_mkcache_cmd="$pkmgr_mkcache_cmd" +EEOF +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ -n "$pkmgr_cmd" ] || { echo "Can not determine the package manager" && exit 1; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +case "$1" in +pip) + shift 1 + pip_bin="$(command -v python3 2>/dev/null || command -v python2 2>/dev/null || command -v python 2>/dev/null || echo "")" + py_version="$($pip_bin --version | sed 's|[pP]ython ||g' | awk -F '.' '{print $1$2}' | grep '[0-9]' || echo "0")" + [ "$py_version" -gt "310" ] && pip_opts="--break-system-packages " || pip_opts="" + case "$1" in + install) + shift 1 + $pip_bin -m $pip_opts "$@" + ;; + *) + $pip_bin "$@" + ;; + esac + exit $? + ;; +update | upgrade) + shift $# + [ "$USER_UID" -eq 0 ] || [ "$USER" = "root" ] || pkmgr_update_cmd="sudo $pkmgr_install_cmd" + echo "Updating packages command: $pkmgr_update_cmd" + $pkmgr_mkcache_cmd + $pkmgr_update_cmd + exit $? + ;; +clean) + shift $# + [ -n "$1" ] || exit 0 + [ "$USER_UID" -eq 0 ] || [ "$USER" = "root" ] || pkmgr_clean_cmd="sudo $pkmgr_clean_cmd" + echo "Cleaning package cache: $pkmgr_clean_cmd" + $pkmgr_clean_cmd + exit $? + ;; +install) + shift 1 + [ -n "$1" ] || exit 0 + [ "$USER_UID" -eq 0 ] || [ "$USER" = "root" ] || pkmgr_install_cmd="sudo $pkmgr_install_cmd" + if [ -f "$1" ]; then + install_list="$(cat "$1")" + echo 'installing packages from file with command: '$pkmgr_install_cmd' "$(<"$1")"' + else + install_list="$*" + echo "installing packages command: $pkmgr_install_cmd $install_list" + fi + $pkmgr_install_cmd $install_list + exit $? + ;; +*) + [ -n "$1" ] || exit 0 + [ "$USER_UID" -eq 0 ] || [ "$USER" = "root" ] || pkmgr_cmd="sudo $pkmgr_cmd" + echo "executing packages command: $pkmgr_cmd $*" + $pkmgr_cmd "$@" + exit $? + ;; +esac +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# end diff --git a/rootfs/usr/local/etc/docker/functions/entrypoint.sh b/rootfs/usr/local/etc/docker/functions/entrypoint.sh new file mode 100644 index 0000000..11757dd --- /dev/null +++ b/rootfs/usr/local/etc/docker/functions/entrypoint.sh @@ -0,0 +1,1095 @@ +#!/usr/bin/env bash +# shellcheck shell=bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202407241259-git +# @@Author : Jason Hempstead +# @@Contact : git-admin@casjaysdev.pro +# @@License : LICENSE.md +# @@ReadME : docker-entrypoint --help +# @@Copyright : Copyright: (c) 2023 Jason Hempstead, Casjays Developments +# @@Created : Sunday, Sep 03, 2023 01:40 EDT +# @@File : docker-entrypoint +# @@Description : functions for my docker containers +# @@Changelog : newScript +# @@TODO : Refactor code +# @@Other : +# @@Resource : +# @@Terminal App : no +# @@sudo/root : no +# @@Template : functions/docker-entrypoint +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# setup debugging - https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html +[ -f "/config/.debug" ] && [ -z "$DEBUGGER_OPTIONS" ] && export DEBUGGER_OPTIONS="$(<"/config/.debug")" || DEBUGGER_OPTIONS="${DEBUGGER_OPTIONS:-}" +{ [ "$DEBUGGER" = "on" ] || [ -f "/config/.debug" ]; } && echo "Enabling debugging" && set -xo pipefail -x$DEBUGGER_OPTIONS && export DEBUGGER="on" || set -o pipefail +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__remove_extra_spaces() { sed 's/\( \)*/\1/g;s|^ ||g'; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__printf_space() { + pad=$(printf '%0.1s' " "{1..60}) + padlength=$1 + string1="$2" + string2="$3" + printf '%s' "$string1" + printf '%*.*s' 0 $((padlength - ${#string1} - ${#string2})) "$pad" + printf '%s\n' "$string2" + string2=${string2:1} +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__rm() { [ -n "$1" ] && [ -e "$1" ] && rm -Rf "${1:?}"; } +__grep_test() { grep -s "$1" "$2" | grep -qwF "${3:-$1}" || return 1; } +__netstat() { [ -f "$(type -P netstat)" ] && netstat "$@" || return 10; } +__cd() { { [ -d "$1" ] || mkdir -p "$1"; } && builtin cd "$1" || return 1; } +__is_in_file() { [ -e "$2" ] && grep -Rsq "$1" "$2" && return 0 || return 1; } +__curl() { curl -q -sfI --max-time 3 -k -o /dev/null "$@" &>/dev/null || return 10; } +__find() { find "$1" -mindepth 1 -type ${2:-f,d} 2>/dev/null | grep '^' || return 10; } +__pcheck() { [ -n "$(which pgrep 2>/dev/null)" ] && pgrep -o "$1" &>/dev/null || return 10; } +__file_exists_with_content() { [ -n "$1" ] && [ -f "$1" ] && [ -s "$1" ] && return 0 || return 2; } +__sed() { sed -i 's|'$1'|'$2'|g' "$3" &>/dev/null || sed -i "s|$1|$2|g" "$3" &>/dev/null || return 1; } +__pgrep() { __pcheck "${1:-SERVICE_NAME}" || __ps "${1:-$SERVICE_NAME}" | grep -qv ' grep' || return 10; } +__ps() { [ -f "$(type -P ps)" ] && ps "$@" 2>/dev/null | sed 's|:||g' | grep -Fw " ${1:-$SERVICE_NAME}" || return 10; } +__is_dir_empty() { if [ -n "$1" ]; then [ "$(ls -A "$1" 2>/dev/null | wc -l)" -eq 0 ] && return 0 || return 1; else return 1; fi; } +__get_ip6() { ip a 2>/dev/null | grep -w 'inet6' | awk '{print $2}' | grep -vE '^::1|^fe' | sed 's|/.*||g' | head -n1 | grep '^' || echo ''; } +__get_ip4() { ip a 2>/dev/null | grep -w 'inet' | awk '{print $2}' | grep -vE '^127.0.0' | sed 's|/.*||g' | head -n1 | grep '^' || echo '127.0.0.1'; } +__find_file_relative() { find "$1"/* -not -path '*env/*' -not -path '.git*' -type f 2>/dev/null | sed 's|'$1'/||g' | sort -u | grep -v '^$' | grep '^' || false; } +__find_directory_relative() { find "$1"/* -not -path '*env/*' -not -path '.git*' -type d 2>/dev/null | sed 's|'$1'/||g' | sort -u | grep -v '^$' | grep '^' || false; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__pid_exists() { ps -ax --no-header | sed 's/^[[:space:]]*//g' | awk -F' ' '{print $1}' | sed 's|:||g' | grep '[0-9]' | sort -uV | grep "^$1$" && return 0 || return 1; } +__is_running() { ps -eo args --no-header | awk '{print $1,$2,$3}' | sed 's|:||g' | sort -u | grep -vE 'grep|COMMAND|awk|tee|ps|sed|sort|tail' | grep "$1" | grep -q "${2:-^}" && return 0 || return 1; } +__get_pid() { ps -ax --no-header | sed 's/^[[:space:]]*//g;s|;||g;s|:||g' | awk '{print $1,$5}' | sed 's|:||g' | grep "$1$" | grep -v 'grep' | awk -F' ' '{print $1}' | grep '[0-9]' | sort -uV | head -n1 | grep '^' && return 0 || return 1; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__format_variables() { printf '%s\n' "${@//,/ }" | tr ' ' '\n' | sort -RVu | grep -v '^$' | tr '\n' ' ' | __clean_variables | grep '^' || return 3; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__clean_variables() { + local var="$*" + var="${var#"${var%%[![:space:]]*}"}" # remove leading whitespace characters + var="${var%"${var##*[![:space:]]}"}" # remove trailing whitespace characters + var="$(printf '%s\n' "$var" | sed 's/\( \)*/\1/g;s|^ ||g')" + printf '%s' "$var" | grep -v '^$' +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__no_exit() { [ -f "/run/no_exit.pid" ] || exec bash -c "trap 'sleep 1;rm -Rf /run/no_exit.pid;exit 0' TERM INT;(while true; do echo $$ >/run/no_exit.pid;tail -qf /data/logs/start.log 2>/dev/null||sleep 20; done) & wait"; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__trim() { + local var="${*//;/ }" + var="${var#"${var%%[![:space:]]*}"}" # remove leading whitespace characters + var="${var%"${var##*[![:space:]]}"}" # remove trailing whitespace characters + var="$(echo "$var" | __remove_extra_spaces | sed "s| |; |g;s|;$| |g" | __remove_extra_spaces)" + printf '%s' "$var" | sed 's|;||g' | grep -v '^$' +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__banner() { printf '# - - - %-60s - - - #\n' "$*"; } +__find_php_bin() { find -L '/usr'/*bin -maxdepth 4 -name 'php-fpm*' 2>/dev/null | head -n1 | grep '^' || echo ''; } +__find_php_ini() { find -L '/etc' -maxdepth 4 -name 'php.ini' 2>/dev/null | head -n1 | sed 's|/php.ini||g' | grep '^' || echo ''; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__find_nginx_conf() { find -L '/etc' -maxdepth 4 -name 'nginx.conf' 2>/dev/null | head -n1 | grep '^' || echo ''; } +__find_caddy_conf() { find -L '/etc' -maxdepth 4 -type f -iname 'caddy.conf' 2>/dev/null | head -n1 | grep '^' || echo ''; } +__find_lighttpd_conf() { find -L '/etc' -maxdepth 4 -type f -iname 'lighttpd.conf' 2>/dev/null | head -n1 | grep '^' || echo ''; } +__find_cherokee_conf() { find -L '/etc' -maxdepth 4 -type f -iname 'cherokee.conf' 2>/dev/null | head -n1 | grep '^' || echo ''; } +__find_httpd_conf() { find -L '/etc' -maxdepth 4 -type f -iname 'httpd.conf' -o -iname 'apache2.conf' 2>/dev/null | head -n1 | grep '^' || echo ''; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__find_mysql_conf() { find -L '/etc' -maxdepth 4 -type f -name 'my.cnf' 2>/dev/null | head -n1 | grep '^' || echo ''; } +__find_pgsql_conf() { find -L '/var/lib' '/etc' -maxdepth 8 -type f -name 'postgresql.conf' 2>/dev/null | head -n1 | grep '^' || echo ''; } +__find_couchdb_conf() { return; } +__find_mongodb_conf() { return; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__random_password() { cat "/dev/urandom" | tr -dc '0-9a-zA-Z' | head -c${1:-16} && echo ""; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__init_working_dir() { + local service_name="$SERVICE_NAME" # get service name + local workdir="$(eval echo "${WORK_DIR:-}")" # expand variables + local home="$(eval echo "${workdir//\/root/\/tmp\/docker}")" # expand variables + # set working directories + [ "$home" = "$workdir" ] && workdir="" + [ "$home" = "/root" ] && home="/tmp/$service_name" + [ -z "$home" ] && home="${workdir:-/tmp/$service_name}" + # Change to working directory + [ -n "$WORK_DIR" ] && [ -n "$EXEC_CMD_BIN" ] && workdir="$WORK_DIR" + [ -z "$WORK_DIR" ] && [ "$HOME" = "/root" ] && [ "$RUNAS_USER" != "root" ] && [ "$PWD" != "/tmp" ] && home="${workdir:-$home}" + [ -z "$WORK_DIR" ] && [ "$HOME" = "/root" ] && [ "$SERVICE_USER" != "root" ] && [ "$PWD" != "/tmp" ] && home="${workdir:-$home}" + # create needed directories + [ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; } + [ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir"; } + [ "$SERVICE_USER" = "root " ] || [ -d "$home" ] && chmod -f 777 "$home" + [ "$SERVICE_USER" = "root " ] || [ -d "$workdir" ] && chmod -f 777 "$workdir" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # cd to dir + __cd "${workdir:-$home}" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + echo "Setting the working directory to: $PWD" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + export WORK_DIR="$workdir" HOME="$home" +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__exec_service() { + echo "Starting $1" + eval "$@" 2>>/dev/stderr & + [ $? -eq 0 ] && touch "/run/init.d/$1.pid" || return 1 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__update_ssl_certs() { + [ -f "/config/env/ssl.sh" ] && . "/config/env/ssl.sh" + if [ -f "$SSL_CERT" ] && [ -f "$SSL_KEY" ]; then + mkdir -p /etc/ssl + [ -f "$SSL_CA" ] && cp -Rf "$SSL_CA" "/etc/ssl/$SSL_CA" + [ -f "$SSL_KEY" ] && cp -Rf "$SSL_KEY" "/etc/ssl/$SSL_KEY" + [ -f "$SSL_CERT" ] && cp -Rf "$SSL_CERT" "/etc/ssl/$SSL_CERT" + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__certbot() { + local statusCode=0 + CERTBOT_DOMAINS="${CERTBOT_DOMAINS:-$HOSTNAME}" + [ -n "$(type -P 'certbot')" ] || return 1 + [ -f "/config/certbot/env.sh" ] && . "/config/certbot/env.sh" + if [ -f "/config/certbot/setup.sh" ]; then + eval "/config/certbot/setup.sh" + statusCode=$? + elif [ -f "/etc/named/certbot.sh" ]; then + eval "/etc/named/certbot.sh" + statusCode=$? + elif [ -f "/config/certbot/certbot.conf" ]; then + if certbot renew -n --dry-run --agree-tos --expand --dns-rfc2136 --dns-rfc2136-credentials /config/certbot/certbot.conf; then + certbot renew -n --agree-tos --expand --dns-rfc2136 --dns-rfc2136-credentials /config/certbot/certbot.conf + fi + statusCode=$? + elif [ -f "/config/named/certbot-update.conf" ]; then + if certbot renew -n --dry-run --agree-tos --expand --dns-rfc2136 --dns-rfc2136-credentials /config/named/certbot-update.conf; then + certbot renew -n --agree-tos --expand --dns-rfc2136 --dns-rfc2136-credentials /config/named/certbot-update.conf + fi + statusCode=$? + else + [ -n "$SSL_KEY" ] && mkdir -p "$(dirname "$SSL_KEY")" || { echo "The variable $SSL_KEY is not set" >&2 && return 1; } + [ -n "$SSL_CERT" ] && mkdir -p "$(dirname "$SSL_CERT")" || { echo "The variable $SSL_CERT is not set" >&2 && return 1; } + local options="${1:-create}" && shift 1 + domain_list="$DOMAINNAME www.$DOMAINNAME mail.$DOMAINNAME $CERTBOT_DOMAINS" + [ -f "/config/env/ssl.sh" ] && . "/config/env/ssl.sh" + [ "$CERT_BOT_ENABLED" = "true" ] || { export CERT_BOT_ENABLED="" && return 10; } + [ -n "$DOMAINNAME" ] || { echo "The variable DOMAINNAME is not set" >&2 && return 1; } + [ -n "$CERT_BOT_MAIL" ] || { echo "The variable CERT_BOT_MAIL is not set" >&2 && return 1; } + for domain in $$CERTBOT_DOMAINS; do + [ -n "$domain" ] && ADD_CERTBOT_DOMAINS="-d $domain $ADD_CERTBOT_DOMAINS" + done + if [ -n "$ADD_CERTBOT_DOMAINS" ]; then + certbot $options --agree-tos -m $CERT_BOT_MAIL certonly \ + --webroot "${WWW_ROOT_DIR:-/usr/share/httpd/default}" \ + --key-path "$SSL_KEY" --fullchain-path "$SSL_CERT" \ + $ADD_CERTBOT_DOMAINS + statusCode=$? + else + statusCode=1 + fi + fi + [ $statusCode -eq 0 ] && __update_ssl_certs + return $statusCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__init_config_etc() { + if __is_dir_empty "$CONF_DIR" || [ ! -d "$CONF_DIR" ]; then + if [ -d "$ETC_DIR" ]; then + mkdir -p "$CONF_DIR" + __copy_templates "$ETC_DIR/." "$CONF_DIR/" + else + __copy_templates "$ETC_DIR" "$CONF_DIR" + fi + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +} +__create_ssl_cert() { + local SSL_DIR="${SSL_DIR:-/etc/ssl}" + if ! __certbot create; then + [ -f "/config/env/ssl.sh" ] && . "/config/env/ssl.sh" + [ -n "$SSL_DIR" ] || { echo "SSL_DIR is unset" && return 1; } + [ -d "$SSL_DIR" ] || mkdir -p "$SSL_DIR" + if [ -n "$FORCE_SSL" ] || [ ! -f "$SSL_CERT" ] || [ ! -f "$SSL_KEY" ]; then + echo "Setting Country to $COUNTRY and Setting State/Province to $STATE and Setting City to $CITY" + echo "Setting OU to $UNIT and Setting ORG to $ORG and Setting server to $CN" + echo "All variables can be overwritten by creating a /config/.ssl.env and setting the variables there" + echo "Creating ssl key and certificate in $SSL_DIR and will be valid for $((VALID_FOR / 365)) year[s]" + # + openssl req \ + -new \ + -newkey rsa:$RSA \ + -days $VALID_FOR \ + -nodes \ + -x509 \ + -subj "/C=${COUNTRY// /\\ }/ST=${STATE// /\\ }/L=${CITY// /\\ }/O=${ORG// /\\ }/OU=${UNIT// /\\ }/CN=${CN// /\\ }" \ + -keyout "$SSL_KEY" \ + -out "$SSL_CERT" + fi + fi + if [ -f "$SSL_CERT" ] && [ -f "$SSL_KEY" ]; then + __update_ssl_certs + return 0 + else + return 2 + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__init_apache() { + local etc_dir="" conf_dir="" conf_dir="" www_dir="" apache_bin="" + etc_dir="/etc/${1:-apache2}" + conf_dir="/config/${1:-apache2}" + www_dir="${WWW_ROOT_DIR:-/data/htdocs}" + apache_bin="$(type -P 'httpd' || type -P 'apache2')" + # + return 0 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__init_nginx() { + local etc_dir="/etc/${1:-nginx}" + local conf_dir="/config/${1:-nginx}" + local www_dir="${WWW_ROOT_DIR:-/data/htdocs}" + local nginx_bin="$(type -P 'nginx')" + return 0 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__init_php() { + local etc_dir="/etc/${1:-php}" + local conf_dir="/config/${1:-php}" + local php_bin="${PHP_BIN_DIR:-$(__find_php_bin)}" + return 0 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__init_mysql() { + local db_dir="/data/db/mysql" + local etc_dir="${home:-/etc/${1:-mysql}}" + local db_user="${SERVICE_USER:-mysql}" + local conf_dir="/config/${1:-mysql}" + local user_pass="${MARIADB_PASSWORD:-$MARIADB_ROOT_PASSWORD}" + local user_db="${MARIADB_DATABASE}" user_name="${MARIADB_USER:-root}" + local root_pass="$MARIADB_ROOT_PASSWORD" + local mysqld_bin="$(type -P 'mysqld')" + return 0 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__init_mongodb() { + local home="${MONGODB_CONFIG_FILE:-$(__find_mongodb_conf)}" + local user_pass="${MONGO_INITDB_ROOT_PASSWORD:-$_ROOT_PASSWORD}" + local user_name="${INITDB_ROOT_USERNAME:-root}" + return +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__init_postgres() { + local home="${PGSQL_CONFIG_FILE:-$(__find_pgsql_conf)}" + local user_pass="${POSTGRES_PASSWORD:-$POSTGRES_ROOT_PASSWORD}" + local user_name="${POSTGRES_USER:-root}" + return +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__init_couchdb() { + local home="${COUCHDB_CONFIG_FILE:-$(__find_couchdb_conf)}" + local user_pass="${COUCHDB_PASSWORD:-$SET_RANDOM_PASS}" + local user_name="${COUCHDB_USER:-root}" + return +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Show available init functions +__init_help() { + echo ' +__certbot +__update_ssl_certs +__create_ssl_cert +' + return +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__run_once() { + if [ "$CONFIG_DIR_INITIALIZED" = "false" ] || [ "$DATA_DIR_INITIALIZED" = "false" ] || [ ! -f "/config/.docker_has_run" ]; then + return 0 + else + return 1 + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# run program ever n minutes +__cron() { + trap '[ -f "/run/cron/$cmd" ] && rm -Rf "/run/cron/$cmd";exit 0' SIGINT ERR EXIT + test -n "$1" && test -z "${1//[0-9]/}" && interval=$(($1 * 60)) && shift 1 || interval="5" + [ $# -eq 0 ] && echo "Usage: cron [interval] [command]" && exit 1 + local command="$*" + local cmd="${CRON_NAME:-$(echo "$command" | awk -F' ' '{print $1}')}" + [ -d "/run/cron" ] || mkdir -p "/run/cron" + echo "$command" >"/run/cron/$cmd" + while :; do + eval "$command" + sleep $interval + [ -f "/run/cron/$cmd" ] || break + done 2>/dev/stderr | tee -p /data/logs/cron.log >/dev/null +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__replace() { + local search="$1" replace="$2" file="${3:-$2}" + [ -e "$file" ] || return 1 + __sed "$search" "$replace" "$file" || return 0 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__find_replace() { + local search="$1" replace="$2" file="${3:-$2}" + [ -e "$file" ] || return 1 + find "$file" -type f -not -path '.git*' -exec sed -i "s|$search|$replace|g" {} \; 2>/dev/null +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# /config > /etc +__copy_templates() { + local from="$1" to="$2" + if [ -e "$from" ] && __is_dir_empty "$to"; then + __file_copy "$from" "$to" + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# /config/file > /etc/file +__symlink() { + local from="$1" to="$2" + if [ -e "$to" ]; then + [ -e "$from" ] && rm -rf "$from" + ln -sf "$to" "$from" && echo "Created symlink to $from > $to" + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__file_copy() { + local from="$1" + local dest="$2" + if [ -n "$from" ] && [ -e "$from" ] && [ -n "$dest" ]; then + if [ -d "$from" ]; then + if cp -Rf "$from/." "$dest/" &>/dev/null; then + printf '%s\n' "Copied: $from > $dest" + return 0 + else + printf '%s\n' "Copy failed: $from < $dest" >&2 + return 1 + fi + else + if cp -Rf "$from" "$dest" &>/dev/null; then + printf '%s\n' "Copied: $from > $dest" + return 0 + else + printf '%s\n' "Copy failed: $from < $dest" >&2 + return 1 + fi + fi + else + printf '%s\n' "$from does not exist" >&2 + return 2 + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__generate_random_uids() { + local set_random_uid="$(seq 3000 5000 | sort -R | head -n 1)" + while :; do + if grep -qs "x:.*:$set_random_uid:" "/etc/group" && ! grep -sq "x:$set_random_uid:.*:" "/etc/passwd"; then + set_random_uid=$((set_random_uid + 1)) + else + echo "$set_random_uid" + break + fi + done +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__setup_directories() { + APPLICATION_DIRS="${APPLICATION_DIRS//,/ }" + APPLICATION_FILES="${APPLICATION_FILES//,/ }" + ADD_APPLICATION_DIRS="${ADD_APPLICATION_DIRS//,/ }" + ADD_APPLICATION_FILES="${ADD_APPLICATION_FILES//,/ }" + # Setup WWW_ROOT_DIR + if [ "$IS_WEB_SERVER" = "yes" ]; then + APPLICATION_DIRS="$APPLICATION_DIRS $WWW_ROOT_DIR" + __initialize_www_root + (echo "Creating directory $WWW_ROOT_DIR with permissions 755" && mkdir -p "$WWW_ROOT_DIR" && find "$WWW_ROOT_DIR" -type d -exec chmod -f 755 {} \;) 2>/dev/stderr | tee -p -a "$LOG_DIR/init.txt" + fi + # Setup DATABASE_DIR + if [ "$IS_DATABASE_SERVICE" = "yes" ] || [ "$USES_DATABASE_SERVICE" = "yes" ]; then + APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" + if __is_dir_empty "$DATABASE_DIR" || [ ! -d "$DATABASE_DIR" ]; then + (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") 2>/dev/stderr | tee -p -a "$LOG_DIR/init.txt" + fi + fi + # create default directories + for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do + if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then + (echo "Creating directory $filedirs with permissions 777" && mkdir -p "$filedirs" && chmod -f 777 "$filedirs") 2>/dev/stderr | tee -p -a "$LOG_DIR/init.txt" + fi + done + # create default files + for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do + if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then + (echo "Creating file $application_files with permissions 777" && touch "$application_files" && chmod -Rf 777 "$application_files") 2>/dev/stderr | tee -p -a "$LOG_DIR/init.txt" + fi + done +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set user on files/folders +__fix_permissions() { + change_user="${1:-${SERVICE_USER:-root}}" + change_group="${2:-${SERVICE_GROUP:-$change_user}}" + [ -n "$RUNAS_USER" ] && [ "$RUNAS_USER" != "root" ] && change_user="$RUNAS_USER" && change_group="$change_user" + if [ -n "$change_user" ] && [ "$change_user" != "root" ]; then + if grep -sq "^$change_user:" "/etc/passwd"; then + for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do + if [ -n "$permissions" ] && [ -e "$permissions" ]; then + (chown -Rf $change_user:$change_group "$permissions" && echo "changed ownership on $permissions to user:$change_user and group:$change_group") 2>/dev/stderr | tee -p -a "$LOG_DIR/init.txt" + fi + done + fi + fi + if [ -n "$change_group" ] && [ "$change_group" != "root" ]; then + if grep -sq "^$change_group:" "/etc/group"; then + for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do + if [ -n "$permissions" ] && [ -e "$permissions" ]; then + (chgrp -Rf $change_group "$permissions" && echo "changed group ownership on $permissions to group $change_group") 2>/dev/stderr | tee -p -a "$LOG_DIR/init.txt" + fi + done + fi + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__get_gid() { grep "^$1:" /etc/group | awk -F ':' '{print $3}' || false; } +__get_uid() { grep "^$1:" /etc/passwd | awk -F ':' '{print $3}' || false; } +__check_for_uid() { cat "/etc/passwd" 2>/dev/null | awk -F ':' '{print $3}' | sort -u | grep -q "^$1$" || false; } +__check_for_guid() { cat "/etc/group" 2>/dev/null | awk -F ':' '{print $3}' | sort -u | grep -q "^$1$" || false; } +__check_for_user() { cat "/etc/passwd" 2>/dev/null | awk -F ':' '{print $1}' | sort -u | grep -q "^$1$" || false; } +__check_for_group() { cat "/etc/group" 2>/dev/null | awk -F ':' '{print $1}' | sort -u | grep -q "^$1$" || false; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# check if process is already running +__proc_check() { + cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")" + cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")" + if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then + SERVICE_IS_RUNNING="yes" + touch "$SERVICE_PID_FILE" + echo "$cmd_name is already running" + return 0 + else + return 1 + fi +} + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__set_user_group_id() { + local exitStatus=0 + local set_user="${1:-$SERVICE_USER}" + local set_uid="${2:-${SERVICE_UID:-1000}}" + local set_gid="${3:-${SERVICE_GID:-1000}}" + local random_id="$(__generate_random_uids)" + set_uid="$(__get_uid "$set_user" || echo "$set_uid")" + set_gid="$(__get_gid "$set_user" || echo "$set_gid")" + grep -sq "^$create_user:" "/etc/passwd" "/etc/group" || return 0 + [ -n "$set_user" ] && [ "$set_user" != "root" ] || return + if grep -sq "^$set_user:" "/etc/passwd" "/etc/group"; then + if __check_for_guid "$set_gid"; then + groupmod -g "${set_gid}" $set_user 2>/dev/stderr | tee -p -a "$LOG_DIR/init.txt" >/dev/null && chown -Rf ":$set_gid" + fi + if __check_for_uid "$set_uid"; then + usermod -u "${set_uid}" -g "${set_gid}" $set_user 2>/dev/stderr | tee -p -a "$LOG_DIR/init.txt" >/dev/null && chown -Rf $set_uid:$set_gid + fi + fi + export SERVICE_UID="$set_uid" + export SERVICE_GID="$set_gid" +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__create_service_user() { + local exitStatus=0 + local create_user="${1:-$SERVICE_USER}" + local create_group="${2:-${SERVICE_GROUP:-$create_user}}" + local create_home_dir="${3:-$WORK_DIR}" + local create_uid="${4:-${SERVICE_UID:-$USER_UID}}" + local create_gid="${5:-${SERVICE_GID:-$USER_GID}}" + local random_id="$(__generate_random_uids)" + local create_home_dir="${create_home_dir:-/home/$create_user}" + grep -sq "^$create_user:" "/etc/passwd" && grep -sq "^$create_group:" "/etc/group" && return + [ "$create_user" = "root" ] && [ "$create_group" = "root" ] && return 0 + if [ "$RUNAS_USER" != "root" ] && [ "$RUNAS_USER" != "" ]; then + create_user="$RUNAS_USER" + create_group="$RUNAS_USER" + create_uid="${create_uid:-1000}" + create_gid="${create_gid:-1000}" + fi + create_uid="$(__get_uid "$set_user" || echo "$create_uid")" + create_gid="$(__get_gid "$set_user" || echo "$create_gid")" + [ -n "$create_uid" ] && [ "$create_uid" != "0" ] || create_uid="$random_id" + [ -n "$create_gid" ] && [ "$create_gid" != "0" ] || create_gid="$random_id" + while :; do + if __check_for_uid "$create_uid" && __check_for_guid "$create_gid"; then + create_uid=$(($random_id + 1)) + create_gid="$create_uid" + else + break + fi + done + if ! __check_for_group "$create_group"; then + echo "creating system group $create_group" + groupadd --force --system -g $create_gid $create_group 2>/dev/stderr | tee -p -a "$LOG_DIR/init.txt" >/dev/null + fi + if ! __check_for_user "$create_user"; then + echo "creating system user $create_user" + useradd --system -u $create_uid -g $create_group -c "Account for $create_user" -d "$create_home_dir" -s /bin/false $create_user 2>/dev/stderr | tee -p -a "$LOG_DIR/init.txt" >/dev/null + fi + grep -qs "$create_group" "/etc/group" || exitStatus=$((exitCode + 1)) + grep -qs "$create_user" "/etc/passwd" || exitStatus=$((exitCode + 1)) + [ $exitStatus -eq 0 ] && export WORK_DIR="${create_home_dir:-}" + if [ -n "$WORK_DIR" ]; then + [ -d "$WORK_DIR" ] || mkdir -p "$WORK_DIR" + [ -d "/etc/.skel" ] && cp -Rf /etc/.skel/. "$WORK_DIR/" + fi + export SERVICE_UID="$create_uid" SERVICE_GID="$create_gid" + export SERVICE_USER="$create_user" SERVICE_GROUP="$create_group" + return $exitStatus +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__create_env_file() { + local dir="" + local envStatus=0 + local envFile=("${@:-}") + local sample_file="/usr/local/etc/docker/env/default.sample" + [ -f "$sample_file" ] || return 0 + for create_env in "/usr/local/etc/docker/env/default.sh" "${envFile[@]}"; do + dir="$(dirname "$create_env")" + [ -d "$dir" ] || mkdir -p "$dir" + if [ -n "$create_env" ] && [ ! -f "$create_env" ]; then + cat </dev/null +$(<"$sample_file") +EOF + fi + [ -f "$create_env" ] || envStatus=$((1 + envStatus)) + done + rm -f "$sample_file" + return $envStatus +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__exec_command() { + local arg=("$@") + local bin="" + local exitCode="0" + local cmdExec="${arg:-}" + local pre_exec="--login -c" + local shell="$(type -P bash 2>/dev/null || type -P sh 2>/dev/null)" + bin="$(echo "${arg[@]}" | tr ' ' '\n' | grep -v '^$' | head -n1 || echo 'false')" + prog="$(type -P "$bin" 2>/dev/null || echo "$bin")" + if [ -f "$prog" ] && [ -x "$prog" ]; then + echo "${exec_message:-Executing command: $cmdExec}" + eval $shell $pre_exec "$cmdExec" || exitCode=1 + exitCode=$? + elif [ -f "$prog" ] && [ ! -x "$prog" ]; then + echo "$prog is not executable" + exitCode=98 + else + echo "$prog does not exist" + exitCode=99 + fi + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Setup the server init scripts +__start_init_scripts() { + [ "$1" = " " ] && shift 1 + [ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail + local retPID="" + local basename="" + local init_pids="" + local retstatus="0" + local initStatus="0" + local init_dir="${1:-/usr/local/etc/docker/init.d}" + local init_count="$(ls -A "$init_dir"/* 2>/dev/null | grep -v '\.sample' | wc -l)" + touch /run/__start_init_scripts.pid + mkdir -p "/tmp" "/run" "/run/init.d" "/usr/local/etc/docker/exec" + chmod -R 777 "/tmp" "/run" "/run/init.d" "/usr/local/etc/docker/exec" + if [ "$init_count" -eq 0 ] || [ ! -d "$init_dir" ]; then + mkdir -p "/data/logs/init" + while :; do echo "Running: $(date)" >"/data/logs/init/keep_alive" && sleep 3600; done & + else + if [ -d "$init_dir" ]; then + chmod -Rf 755 "$init_dir/" + [ -f "$init_dir/service.sample" ] && rm -Rf "$init_dir"/*.sample + for init in "$init_dir"/*.sh; do + if [ -f "$init" ]; then + name="$(basename "$init")" + service="$(printf '%s' "$name" | sed 's/^[^-]*-//;s|.sh$||g')" + printf '# - - - executing file: %s\n' "$init" + "$init" + retPID=$(__get_pid "$service") + if [ -n "$retPID" ]; then + initStatus="0" + sleep 20 + printf '# - - - %s has been started - pid: %s\n' "$service" "${retPID:-error}" + else + initStatus="1" + sleep 10 + printf '# - - - %s has falied to start - check log %s\n' "$service" "docker log $CONTAINER_NAME" + fi + echo "" + fi + retstatus=$(($initStatus + $initStatus)) + done + fi + fi + printf '%s\n' "$SERVICE_NAME started on $(date)" >"/data/logs/start.log" + return $retstatus +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__setup_mta() { + [ -d "/etc/ssmtp" ] || [ -d "/etc/postfix" ] || return + if [ ! -d "/config/ssmtp" ] || [ ! -d "/config/postfix" ]; then + echo "Configuring smtp server" + fi + local exitCode=0 + local relay_port="${EMAIL_RELAY//*:/}" + local relay_server="${EMAIL_RELAY//:*/}" + local local_hostname="${FULL_DOMAIN_NAME:-}" + local account_user="${SERVER_ADMIN//@*/}" + local account_domain="${EMAIL_DOMAIN//*@/}" + echo "$EMAIL_RELAY" | grep '[0-9][0-9]' || relay_port="465" + ################# sSMTP relay setup + if [ -n "$(type -P 'ssmtp')" ]; then + [ -d "/config/ssmtp" ] || mkdir -p "/config/ssmtp" + [ -f "/etc/ssmtp/ssmtp.conf" ] && rm -Rf "/etc/ssmtp/ssmtp.conf" + symlink_files="$(__find_file_relative "/config/ssmtp")" + if [ ! -f "/config/ssmtp/ssmtp.conf" ]; then + cat </dev/null +# ssmtp configuration. +root=${account_user:-root}@${account_domain:-$HOSTNAME} +mailhub=${relay_server:-172.17.0.1}:$relay_port +rewriteDomain=$local_hostname +hostname=$local_hostname +TLS_CA_FILE=/etc/ssl/certs/ca-certificates.crt +UseTLS=Yes +UseSTARTTLS=No +AuthMethod=LOGIN +FromLineOverride=yes +#AuthUser=username +#AuthPass=password + +EOF + fi + if [ -f "/config/ssmtp/ssmtp.conf" ]; then + for file in $symlink_files; do + __symlink "/config/ssmtp/$file" "/etc/ssmtp/$file" + __initialize_replace_variables "/etc/ssmtp/$file" + done + if [ -f "/etc/ssmtp/revaliases" ] && [ ! -f "/config/ssmtp/revaliases" ]; then + mv -f "/etc/ssmtp/revaliases" "/config/ssmtp/revaliases" + __symlink "/config/ssmtp/revaliases" "/etc/ssmtp/revaliases" + __initialize_replace_variables "/etc/ssmtp/revaliases" + else + touch "/config/ssmtp/revaliases" + __symlink "/config/ssmtp/revaliases" "/etc/ssmtp/revaliases" + __initialize_replace_variables "/etc/ssmtp/revaliases" + fi + echo "Done setting up ssmtp" + fi + + ################# postfix relay setup + elif [ -n "$(type -P 'postfix')" ]; then + [ -d "/etc/postfix" ] || mkdir -p "/etc/postfix" + [ -d "/config/postfix" ] || mkdir -p "/config/postfix" + [ -f "/etc/postfix/main.cf" ] && rm -Rf "/etc/postfix/main.cf" + symlink_files="$(__find_file_relative "/config/postfix")" + if [ ! -f "/config/postfix/main.cf" ]; then + cat </dev/null +# postfix configuration. +smtpd_banner = \$myhostname ESMTP email server +compatibility_level = 2 +inet_protocols = ipv4 +inet_interfaces = all +mydestination = +local_transport=error: local delivery disabled +mynetworks = /etc/postfix/mynetworks +alias_maps = hash:/etc/postfix/aliases +alias_database = hash:/etc/postfix/aliases +transport_maps = hash:/etc/postfix/transport +virtual_alias_maps = hash:/etc/postfix/virtual +relay_domains = hash:/etc/postfix/mydomains, regexp:/etc/postfix/mydomains.pcre +tls_random_source = dev:/dev/urandom +smtp_use_tls = yes +smtpd_use_tls = yes +smtpd_tls_session_cache_database = btree:/etc/postfix/smtpd_scache +smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CBC3-SHA, KRB5-DES, CBC3-SHA +smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination +append_dot_mydomain = yes +myorigin = $local_hostname +myhostname = $local_hostname +relayhost = [$relay_server]:$relay_port + +EOF + fi + if [ -d "/config/postfix" ]; then + touch "/config/postfix/aliases" "/config/postfix/mynetworks" "/config/postfix/transport" + touch "/config/postfix/mydomains.pcre" "/config/postfix/mydomains" "/config/postfix/virtual" + postmap "/config/aliases" "/config/mynetworks" "/config/transport" &>/dev/null + postmap "/config/mydomains.pcre" "/config/mydomains" "/config/virtual" &>/dev/null + for f in $symlink_files; do + __symlink "/config/postfix/$f" "/etc/postfix/$f" + __initialize_replace_variables "/etc/postfix/$f" + done + fi + if [ -f "/etc/postfix/main.cf" ] && [ ! -f "/run/init.d/postfix.pid" ]; then + SERVICES_LIST+="postfix " + if [ ! -f "/run/init.d/postfix.pid" ]; then + __exec_service postfix start + fi + echo "Done setting up postfix" + fi + fi + [ -f "/root/dead.letter" ] && rm -Rf "/root/dead.letter" + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__initialize_web_health() { + local www_dir="${1:-${WWW_ROOT_DIR:-/usr/share/httpd/default}}" + [ $# -eq 1 ] && [ -d "$www_dir" ] || return 1 + if ! echo "$www_dir" | grep -q '/usr/share/httpd'; then + [ -d "$www_dir/health" ] || mkdir -p "$www_dir/health" + [ -f "$www_dir/health/index.txt" ] || echo 'OK' >"$www_dir/health/index.txt" + [ -f "$www_dir/health/index.json" ] || echo '{ "status": "OK" }' >"$www_dir/health/index.json" + __find_replace "REPLACE_CONTAINER_IP4" "${REPLACE_CONTAINER_IP4:-127.0.0.1}" "$www_dir" + __find_replace "REPLACE_COPYRIGHT_FOOTER" "${COPYRIGHT_FOOTER:-Copyright 1999 - $(date +'%Y')}" "$www_dir" + __find_replace "REPLACE_LAST_UPDATED_ON_MESSAGE" "${LAST_UPDATED_ON_MESSAGE:-$(date +'Last updated on: %Y-%m-%d at %H:%M:%S')}" "$www_dir" + fi + if [ -d "/usr/share/httpd" ]; then + __find_replace "REPLACE_CONTAINER_IP4" "${REPLACE_CONTAINER_IP4:-127.0.0.1}" "/usr/share/httpd" + __find_replace "REPLACE_COPYRIGHT_FOOTER" "${COPYRIGHT_FOOTER:-Copyright 1999 - $(date +'%Y')}" "/usr/share/httpd" + __find_replace "REPLACE_LAST_UPDATED_ON_MESSAGE" "${LAST_UPDATED_ON_MESSAGE:-$(date +'Last updated on: %Y-%m-%d at %H:%M:%S')}" "/usr/share/httpd" + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# file_dir +__initialize_replace_variables() { + local set_dir="" get_dir="$*" + [ $# -ne 0 ] || return 1 + for set_dir in $get_dir; do + __find_replace "REPLACE_SSL_DIR" "${SSL_DIR:-/etc/ssl}" "$set_dir" + __find_replace "REPLACE_RANDOM_ID" "$(__random_password 8)" "$set_dir" + __find_replace "REPLACE_TZ" "${TZ:-${TIMEZONE:-America/New_York}}" "$set_dir" + __find_replace "REPLACE_SERVER_PROTO" "${SERVICE_PROTOCOL:-http}" "$set_dir" + __find_replace "REPLACE_SERVER_SITE_TITLE" "${SERVER_SITE_TITLE:-CasjaysDev - Docker Container}" "$set_dir" + __find_replace "REPLACE_TMP_DIR" "${TMP_DIR:-/tmp/$SERVICE_NAME}" "$set_dir" + __find_replace "REPLACE_RUN_DIR" "${RUN_DIR:-/run/$SERVICE_NAME}" "$set_dir" + __find_replace "REPLACE_LOG_DIR" "${LOG_DIR:-/data/logs/$SERVICE_NAME}" "$set_dir" + __find_replace "REPLACE_ETC_DIR" "${ETC_DIR:-/etc/$SERVICE_NAME}" "$set_dir" + __find_replace "REPLACE_DATA_DIR" "${DATA_DIR:-/data/$SERVICE_NAME}" "$set_dir" + __find_replace "REPLACE_CONFIG_DIR" "${CONF_DIR:-/config/$SERVICE_NAME}" "$set_dir" + __find_replace "REPLACE_EMAIL_RELAY" "${EMAIL_RELAY:-172.17.0.1}" "$set_dir" + __find_replace "REPLACE_SERVER_ADMIN" "${SERVER_ADMIN:-root@${EMAIL_DOMAIN:-${FULL_DOMAIN_NAME:-$HOSTNAME}}}" "$set_dir" + __find_replace "REPLACE_APP_USER" "${SERVICE_USER:-${RUNAS_USER:-root}}" "$set_dir" + __find_replace "REPLACE_WWW_USER" "${SERVICE_USER:-${RUNAS_USER:-root}}" "$set_dir" + __find_replace "REPLACE_APP_GROUP" "${SERVICE_GROUP:-${SERVICE_USER:-${RUNAS_USER:-root}}}" "$set_dir" + __find_replace "REPLACE_WWW_GROUP" "${SERVICE_GROUP:-${SERVICE_USER:-${RUNAS_USER:-root}}}" "$set_dir" + __find_replace "REPLACE_SERVICE_USER" "${SERVICE_USER:-${RUNAS_USER:-root}}" "$set_dir" + __find_replace "REPLACE_SERVICE_GROUP" "${SERVICE_GROUP:-${RUNAS_USER:-root}}" "$set_dir" + if [ -n "$VAR_DIR" ]; then + mkdir -p "$VAR_DIR" + __find_replace "REPLACE_VAR_DIR" "$VAR_DIR" "$set_dir" + fi + [ -n "$SERVICE_PORT" ] && __find_replace "REPLACE_SERVER_PORT" "${SERVICE_PORT:-80}" "$set_dir" + [ -n "$HOSTNAME" ] && __find_replace "REPLACE_SERVER_NAME" "${FULL_DOMAIN_NAME:-$HOSTNAME}" "$set_dir" + [ -n "$CONTAINER_NAME" ] && __find_replace "REPLACE_SERVER_SOFTWARE" "${CONTAINER_NAME:-docker}" "$set_dir" + [ -n "$WWW_ROOT_DIR" ] && __find_replace "REPLACE_SERVER_WWW_DIR" "${WWW_ROOT_DIR:-/usr/share/httpd/default}" "$set_dir" + done + mkdir -p "${TMP_DIR:-/tmp/$SERVICE_NAME}" "${RUN_DIR:-/run/$SERVICE_NAME}" "${LOG_DIR:-/data/logs/$SERVICE_NAME}" + chmod -f 777 "${TMP_DIR:-/tmp/$SERVICE_NAME}" "${RUN_DIR:-/run/$SERVICE_NAME}" "${LOG_DIR:-/data/logs/$SERVICE_NAME}" +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__initialize_database() { + [ "$IS_DATABASE_SERVICE" = "yes" ] || [ "$USES_DATABASE_SERVICE" = "yes" ] || return 0 + local dir="${1:-$ETC_DIR}" + local db_normal_user="${DATABASE_USER_NORMAL:-$user_name}" + local db_normal_pass="${DATABASE_PASS_NORMAL:-$user_pass}" + local db_admin_user="${DATABASE_USER_ROOT:-$root_user_name}" + local db_admin_pass="${DATABASE_PASS_ROOT:-$root_user_pass}" + __find_replace "REPLACE_USER_NAME" "$db_normal_user" "$dir" + __find_replace "REPLACE_USER_PASS" "$db_normal_pass" "$dir" + __find_replace "REPLACE_DATABASE_USER" "$db_normal_user" "$dir" + __find_replace "REPLACE_DATABASE_PASS" "$db_normal_pass" "$dir" + __find_replace "REPLACE_ROOT_ADMIN" "$db_admin_user" "$dir" + __find_replace "REPLACE_ROOT_PASS" "$db_admin_pass" "$dir" + __find_replace "REPLACE_DATABASE_ROOT_USER" "$db_admin_user" "$dir" + __find_replace "REPLACE_DATABASE_ROOT_PASS" "$db_admin_pass" "$dir" + __find_replace "REPLACE_DATABASE_NAME" "$DATABASE_NAME" "$dir" + __find_replace "REPLACE_DATABASE_DIR" "$DATABASE_DIR" "$dir" + if echo "$dir" | grep -q '^/etc'; then + __find_replace "REPLACE_USER_NAME" "$db_normal_user" "/etc" + __find_replace "REPLACE_USER_PASS" "$db_normal_pass" "/etc" + __find_replace "REPLACE_DATABASE_USER" "$db_normal_user" "/etc" + __find_replace "REPLACE_DATABASE_PASS" "$db_normal_pass" "/etc" + __find_replace "REPLACE_ROOT_ADMIN" "$db_admin_user" "/etc" + __find_replace "REPLACE_ROOT_PASS" "$db_admin_pass" "/etc" + __find_replace "REPLACE_DATABASE_ROOT_USER" "$db_admin_user" "/etc" + __find_replace "REPLACE_DATABASE_ROOT_PASS" "$db_admin_pass" "/etc" + __find_replace "REPLACE_DATABASE_NAME" "$DATABASE_NAME" "/etc" + __find_replace "REPLACE_DATABASE_DIR" "$DATABASE_DIR" "/etc" + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__initialize_db_users() { + [ "$IS_DATABASE_SERVICE" = "yes" ] || [ "$USES_DATABASE_SERVICE" = "yes" ] || return 0 + db_normal_user="${DATABASE_USER_NORMAL:-$user_name}" + db_normal_pass="${DATABASE_PASS_NORMAL:-$user_pass}" + db_admin_user="${DATABASE_USER_ROOT:-$root_user_name}" + db_admin_pass="${DATABASE_PASS_ROOT:-$root_user_pass}" + export user_name="$db_normal_user" user_pass="$db_normal_pass" root_user_name="$db_admin_user" root_user_pass="$db_admin_pass" +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__initialize_system_etc() { + local conf_dir="$1" + local dir="" + local file=() + local directories="" + if [ -n "$conf_dir" ] && [ -e "$conf_dir" ]; then + files="$(find "$conf_dir"/* -not -path '*/env/*' -type f 2>/dev/null | sed 's|'/config/'||g' | sort -u | grep -v '^$' | grep '^' || false)" + directories="$(find "$conf_dir"/* -not -path '*/env/*' -type d 2>/dev/null | sed 's|'/config/'||g' | sort -u | grep -v '^$' | grep '^' || false)" + echo "Copying config files to system: $conf_dir > /etc/${conf_dir//\/config\//}" + if [ -n "$directories" ]; then + for d in $directories; do + dir="/etc/$d" + echo "Creating directory: $dir" + mkdir -p "$dir" + done + fi + for f in $files; do + etc_file="/etc/$f" + conf_file="/config/$f" + [ -f "$etc_file" ] && rm -Rf "$etc_file" + __symlink "$etc_file" "$conf_file" + __initialize_replace_variables "$etc_file" + done + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__initialize_custom_bin_dir() { + local SET_USR_BIN="" + [ -d "/data/bin" ] && SET_USR_BIN+="$(__find /data/bin f) " + [ -d "/config/bin" ] && SET_USR_BIN+="$(__find /config/bin f) " + if [ -n "$SET_USR_BIN" ]; then + echo "Setting up bin $SET_USR_BIN > $LOCAL_BIN_DIR" + for create_bin_template in $SET_USR_BIN; do + if [ -n "$create_bin_template" ]; then + create_bin_name="$(basename "$create_bin_template")" + if [ -e "$create_bin_template" ]; then + ln -sf "$create_bin_template" "$LOCAL_BIN_DIR/$create_bin_name" + fi + fi + done + unset create_bin_template create_bin_name SET_USR_BIN + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__initialize_default_templates() { + if [ -n "$DEFAULT_TEMPLATE_DIR" ]; then + if [ "$CONFIG_DIR_INITIALIZED" = "false" ] && [ -d "/config" ]; then + echo "Copying default config files $DEFAULT_TEMPLATE_DIR > /config" + for create_config_template in "$DEFAULT_TEMPLATE_DIR"/*; do + if [ -n "$create_config_template" ]; then + create_template_name="$(basename "$create_config_template")" + if [ -d "$create_config_template" ]; then + mkdir -p "/config/$create_template_name/" + __is_dir_empty "/config/$create_template_name" && cp -Rf "$create_config_template/." "/config/$create_template_name/" 2>/dev/null + elif [ -e "$create_config_template" ]; then + [ -e "/config/$create_template_name" ] || cp -Rf "$create_config_template" "/config/$create_template_name" 2>/dev/null + fi + fi + done + unset create_config_template create_template_name + fi + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__initialize_config_dir() { + if [ -n "$DEFAULT_CONF_DIR" ]; then + if [ "$CONFIG_DIR_INITIALIZED" = "false" ] && [ -d "/config" ]; then + echo "Copying custom config files: $DEFAULT_CONF_DIR > /config" + for create_config_template in "$DEFAULT_CONF_DIR"/*; do + create_config_name="$(basename "$create_config_template")" + if [ -n "$create_config_template" ]; then + if [ -d "$create_config_template" ]; then + mkdir -p "/config/$create_config_name" + __is_dir_empty "/config/$create_config_name" && cp -Rf "$create_config_template/." "/config/$create_config_name/" 2>/dev/null + elif [ -e "$create_config_template" ]; then + [ -e "/config/$create_config_name" ] || cp -Rf "$create_config_template" "/config/$create_config_name" 2>/dev/null + fi + fi + done + unset create_config_template create_config_name + fi + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__initialize_data_dir() { + if [ -d "/data" ]; then + if [ "$DATA_DIR_INITIALIZED" = "false" ] && [ -n "$DEFAULT_DATA_DIR" ]; then + echo "Copying data files $DEFAULT_DATA_DIR > /data" + for create_data_template in "$DEFAULT_DATA_DIR"/*; do + create_data_name="$(basename "$create_data_template")" + if [ -n "$create_data_template" ]; then + if [ -d "$create_data_template" ]; then + mkdir -p "/data/$create_data_name" + __is_dir_empty "/data/$create_data_name" && cp -Rf "$create_data_template/." "/data/$create_data_name/" 2>/dev/null + elif [ -e "$create_data_template" ]; then + [ -e "/data/$create_data_name" ] || cp -Rf "$create_data_template" "/data/$create_data_name" 2>/dev/null + fi + fi + done + unset create_template + fi + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__initialize_www_root() { + local WWW_INIT="" + local WWW_TEMPLATE="" + [ -d "/usr/share/httpd/default" ] && WWW_TEMPLATE="/usr/share/httpd/default" + [ "$WWW_ROOT_DIR" = "/app" ] && WWW_INIT="${WWW_INIT:-true}" + [ "$WWW_ROOT_DIR" = "/data/htdocs" ] && WWW_INIT="${WWW_INIT:-true}" + __is_dir_empty "$WWW_ROOT_DIR/" && WWW_INIT="true" || WWW_INIT="false" + if [ "$WWW_INIT" = "true" ] && [ -d "$WWW_TEMPLATE" ]; then + cp -Rf "$DEFAULT_DATA_DIR/data/htdocs/." "$WWW_ROOT_DIR/" 2>/dev/null + fi + __initialize_web_health "$WWW_ROOT_DIR" + find "$WWW_ROOT_DIR" -type d -exec chmod -f 777 {} \; 2>/dev/null +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__is_htdocs_mounted() { + echo "$IMPORT_FROM_GIT" | grep -qE 'https://|http://|git://|ssh://' || unset IMPORT_FROM_GIT + if [ -n "$IMPORT_FROM_GIT" ] && [ "$(command -v "git")" ]; then + export WWW_ROOT_DIR="/data/htdocs" + __is_dir_empty "$WWW_ROOT_DIR" || WWW_ROOT_DIR="/data/wwwroot" + echo "Importing project from $IMPORT_FROM_GIT to $WWW_ROOT_DIR" + git clone -q "$IMPORT_FROM_GIT" "$WWW_ROOT_DIR" + elif [ -d "/app" ]; then + export WWW_ROOT_DIR="/app" + elif [ -d "/data/htdocs" ]; then + export WWW_ROOT_DIR="/data/htdocs" + elif [ -d "/data/wwwroot" ]; then + export WWW_ROOT_DIR="/data/wwwroot" + else + WWW_ROOT_DIR="${ENV_WWW_ROOT_DIR:-$WWW_ROOT_DIR}" + export WWW_ROOT_DIR="${WWW_ROOT_DIR:-/usr/share/httpd/default}" + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__initialize_ssl_certs() { + [ -d "$SSL_DIR" ] || mkdir -p "$SSL_DIR" + if [ "$SSL_ENABLED" = "true" ] || [ "$SSL_ENABLED" = "yes" ]; then + if [ -f "$SSL_CERT" ] && [ -f "$SSL_KEY" ]; then + SSL_ENABLED="true" + if [ -n "$SSL_CA" ] && [ -f "$SSL_CA" ]; then + mkdir -p "$SSL_DIR/certs" + cat "$SSL_CA" >>"/etc/ssl/certs/ca-certificates.crt" + cp -Rf "/." "$SSL_DIR/" + fi + else + [ -d "$SSL_DIR" ] || mkdir -p "$SSL_DIR" + __create_ssl_cert + fi + type update-ca-certificates &>/dev/null && update-ca-certificates &>/dev/null + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__start_php_dev_server() { + if [ "$2" = "yes" ]; then + if [ -d "/usr/share/httpd" ]; then + find "/usr/share/httpd" -type f -not -path '.git*' -iname '*.php' -exec sed -i 's|[<].*SERVER_ADDR.*[>]|'${CONTAINER_IP4_ADDRESS:-127.0.0.1}'|g' {} \; 2>/dev/null + php -S 0.0.0.0:$PHP_DEV_SERVER_PORT -t "/usr/share/httpd" + fi + if ! echo "$1" | grep -q "^/usr/share/httpd"; then + find "$1" -type f -not -path '.git*' -iname '*.php' -exec sed -i 's|[<].*SERVER_ADDR.*[>]|'${CONTAINER_IP4_ADDRESS:-127.0.0.1}'|g' {} \; 2>/dev/null + php -S 0.0.0.0:$PHP_DEV_SERVER_PORT -t "$1" + fi + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__check_service() { + if [ "$1" = "check" ]; then + shift $# + __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN" + exit $? + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__switch_to_user() { + if [ "$RUNAS_USER" = "roo t" ]; then + su_cmd() { + su_exec="" + eval "$@" || return 1 + } + elif [ "$(builtin type -P gosu)" ]; then + su_exec="gosu $RUNAS_USER" + su_cmd() { gosu $RUNAS_USER "$@" || return 1; } + elif [ "$(builtin type -P runuser)" ]; then + su_exec="runuser -u $RUNAS_USER" + su_cmd() { runuser -u $RUNAS_USER "$@" || return 1; } + elif [ "$(builtin type -P sudo)" ]; then + su_exec="sudo -u $RUNAS_USER" + su_cmd() { sudo -u $RUNAS_USER "$@" || return 1; } + elif [ "$(builtin type -P su)" ]; then + su_exec="su -s /bin/sh - $RUNAS_USER" + su_cmd() { su -s /bin/sh - $RUNAS_USER -c "$@" || return 1; } + else + su_cmd() { + su_exec="" + echo "Can not switch to $RUNAS_USER: attempting to run as root" && eval "$@" || return 1 + } + fi + export su_exec +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set variables from function calls +export INIT_DATE="${INIT_DATE:-$(date)}" +export START_SERVICES="${START_SERVICES:-yes}" +export ENTRYPOINT_MESSAGE="${ENTRYPOINT_MESSAGE:-yes}" +export ENTRYPOINT_FIRST_RUN="${ENTRYPOINT_FIRST_RUN:-yes}" +export DATA_DIR_INITIALIZED="${DATA_DIR_INITIALIZED:-false}" +export CONFIG_DIR_INITIALIZED="${CONFIG_DIR_INITIALIZED:-false}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# System +export LANG="${LANG:-C.UTF-8}" +export LC_ALL="${LANG:-C.UTF-8}" +export TZ="${TZ:-${TIMEZONE:-America/New_York}}" +export HOSTNAME="${FULL_DOMAIN_NAME:-${SERVER_HOSTNAME:-$HOSTNAME}}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Default directories +export SSL_DIR="${SSL_DIR:-/config/ssl}" +export SSL_CA="${SSL_CERT:-/config/ssl/ca.crt}" +export SSL_KEY="${SSL_KEY:-/config/ssl/localhost.pem}" +export SSL_CERT="${SSL_CERT:-/config/ssl/localhost.crt}" +export BACKUP_DIR="${BACKUP_DIR:-/data/backups}" +export LOCAL_BIN_DIR="${LOCAL_BIN_DIR:-/usr/local/bin}" +export DEFAULT_DATA_DIR="${DEFAULT_DATA_DIR:-/usr/local/share/template-files/data}" +export DEFAULT_CONF_DIR="${DEFAULT_CONF_DIR:-/usr/local/share/template-files/config}" +export DEFAULT_TEMPLATE_DIR="${DEFAULT_TEMPLATE_DIR:-/usr/local/share/template-files/defaults}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +CONTAINER_IP4_ADDRESS="${CONTAINER_IP4_ADDRESS:-$(__get_ip4)}" +CONTAINER_IP6_ADDRESS="${CONTAINER_IP6_ADDRESS:-$(__get_ip6)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional +export SET_RANDOM_PASS="${SET_RANDOM_PASS:-$(__random_password 16)}" +export PHP_INI_DIR="${PHP_INI_DIR:-$(__find_php_ini)}" +export PHP_BIN_DIR="${PHP_BIN_DIR:-$(__find_php_bin)}" +export HTTPD_CONFIG_FILE="${HTTPD_CONFIG_FILE:-$(__find_httpd_conf)}" +export NGINX_CONFIG_FILE="${NGINX_CONFIG_FILE:-$(__find_nginx_conf)}" +export MYSQL_CONFIG_FILE="${MYSQL_CONFIG_FILE:-$(__find_mysql_conf)}" +export PGSQL_CONFIG_FILE="${PGSQL_CONFIG_FILE:-$(__find_pgsql_conf)}" +export LIGHTTPD_CONFIG_FILE="${LIGHTTPD_CONFIG_FILE:-$(__find_lighttpd_conf)}" +export MARIADB_CONFIG_FILE="${MARIADB_CONFIG_FILE:-$(__find_mysql_conf)}" +export POSTGRES_CONFIG_FILE="${POSTGRES_CONFIG_FILE:-$(__find_pgsql_conf)}" +export MONGODB_CONFIG_FILE="${MONGODB_CONFIG_FILE:-$(__find_mongodb_conf)}" +export ENTRYPOINT_PID_FILE="${ENTRYPOINT_PID_FILE:-/run/init.d/entrypoint.pid}" +export ENTRYPOINT_INIT_FILE="${ENTRYPOINT_INIT_FILE:-/config/.entrypoint.done}" +export ENTRYPOINT_DATA_INIT_FILE="${ENTRYPOINT_DATA_INIT_FILE:-/data/.docker_has_run}" +export ENTRYPOINT_CONFIG_INIT_FILE="${ENTRYPOINT_CONFIG_INIT_FILE:-/config/.docker_has_run}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# is already Initialized +[ -z "$DATA_DIR_INITIALIZED" ] && { [ -f "$ENTRYPOINT_DATA_INIT_FILE" ] && DATA_DIR_INITIALIZED="true" || DATA_DIR_INITIALIZED="false"; } +[ -z "$CONFIG_DIR_INITIALIZED" ] && { [ -f "$ENTRYPOINT_CONFIG_INIT_FILE" ] && CONFIG_DIR_INITIALIZED="true" || CONFIG_DIR_INITIALIZED="false"; } +[ -z "$ENTRYPOINT_FIRST_RUN" ] && { { [ -f "$ENTRYPOINT_PID_FILE" ] || [ -f "$ENTRYPOINT_INIT_FILE" ]; } && ENTRYPOINT_FIRST_RUN="no" || ENTRYPOINT_FIRST_RUN="true"; } +export ENTRYPOINT_DATA_INIT_FILE DATA_DIR_INITIALIZED ENTRYPOINT_CONFIG_INIT_FILE CONFIG_DIR_INITIALIZED +export ENTRYPOINT_PID_FILE ENTRYPOINT_INIT_FILE ENTRYPOINT_FIRST_RUN +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# export the functions +export -f __get_pid __start_init_scripts __is_running __certbot __update_ssl_certs __create_ssl_cert +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# end of functions diff --git a/rootfs/usr/local/etc/docker/init.d/01-php-fpm.sh b/rootfs/usr/local/etc/docker/init.d/01-php-fpm.sh new file mode 100755 index 0000000..4425deb --- /dev/null +++ b/rootfs/usr/local/etc/docker/init.d/01-php-fpm.sh @@ -0,0 +1,574 @@ +#!/usr/bin/env bash +# shellcheck shell=bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202408151656-git +# @@Author : Jason Hempstead +# @@Contact : jason@casjaysdev.pro +# @@License : WTFPL +# @@ReadME : 01-php-fpm.sh --help +# @@Copyright : Copyright: (c) 2024 Jason Hempstead, Casjays Developments +# @@Created : Thursday, Aug 15, 2024 16:56 EDT +# @@File : 01-php-fpm.sh +# @@Description : +# @@Changelog : New script +# @@TODO : Better documentation +# @@Other : +# @@Resource : +# @@Terminal App : no +# @@sudo/root : no +# @@Template : other/start-service +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# run trap command on exit +trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "yes" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# setup debugging - https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html +[ -f "/config/.debug" ] && [ -z "$DEBUGGER_OPTIONS" ] && export DEBUGGER_OPTIONS="$(<"/config/.debug")" || DEBUGGER_OPTIONS="${DEBUGGER_OPTIONS:-}" +{ [ "$DEBUGGER" = "on" ] || [ -f "/config/.debug" ]; } && echo "Enabling debugging" && set -xo pipefail -x$DEBUGGER_OPTIONS && export DEBUGGER="on" || set -o pipefail +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +SCRIPT_FILE="$0" +SERVICE_NAME="php-fpm" +SCRIPT_NAME="$(basename "$SCRIPT_FILE" 2>/dev/null)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# exit if __start_init_scripts function hasn't been Initialized +if [ ! -f "/run/__start_init_scripts.pid" ]; then + echo "__start_init_scripts function hasn't been Initialized" >&2 + SERVICE_IS_RUNNING="no" + exit 1 +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import the functions file +if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then + . "/usr/local/etc/docker/functions/entrypoint.sh" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import variables +for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do + [ -f "$set_env" ] && . "$set_env" +done +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +printf '%s\n' "# - - - Initializing $SERVICE_NAME - - - #" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Custom functions + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Script to execute +START_SCRIPT="/usr/local/etc/docker/exec/$SERVICE_NAME" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Reset environment before executing service +RESET_ENV="yes" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the database root dir +DATABASE_BASE_DIR="${DATABASE_BASE_DIR:-/data/db}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set the database directory +DATABASE_DIR="${DATABASE_DIR_PHP_FPM:-$DATABASE_BASE_DIR/sqlite}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set webroot +WWW_ROOT_DIR="/usr/share/httpd/default" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Default predefined variables +DATA_DIR="/data/php-fpm" # set data directory +CONF_DIR="/config/php-fpm" # set config directory +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set the containers etc directory +ETC_DIR="/etc/php-fpm" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set the var dir +VAR_DIR="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +TMP_DIR="/tmp/php-fpm" # set the temp dir +RUN_DIR="/run/php-fpm" # set scripts pid dir +LOG_DIR="/data/logs/php-fpm" # set log directory +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the working dir +WORK_DIR="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# port which service is listening on +SERVICE_PORT="9000" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# User to use to launch service - IE: postgres +RUNAS_USER="root" # normally root +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# User and group in which the service switches to - IE: nginx,apache,mysql,postgres +SERVICE_USER="nginx" # execute command as another user +SERVICE_GROUP="nginx" # Set the service group +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set user and group ID +#SERVICE_UID="0" # set the user id +#SERVICE_GID="0" # set the group id +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# execute command variables - keep single quotes variables will be expanded later +EXEC_CMD_BIN='php-fpm' # command to execute +EXEC_CMD_ARGS='--allow-to-run-as-root --fpm-config $ETC_DIR/php-fpm.conf' # command arguments +EXEC_PRE_SCRIPT='' # execute script before +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Is this service a web server +IS_WEB_SERVER="no" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Is this service a database server +IS_DATABASE_SERVICE="no" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Does this service use a database server +USES_DATABASE_SERVICE="no" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Show message before execute +PRE_EXEC_MESSAGE="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Update path var +PATH="$PATH:." +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Where to save passwords to +ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user +USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# root/admin user info password/random] +root_user_name="${PHP_FPM_ROOT_USER_NAME:-}" # root user name +root_user_pass="${PHP_FPM_ROOT_PASS_WORD:-}" # root user password +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Normal user info [password/random] +user_name="${PHP_FPM_USER_NAME:-}" # normal user name +user_pass="${PHP_FPM_USER_PASS_WORD:-}" # normal user password +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Load variables from config +[ -f "/config/env/php-fpm.script.sh" ] && . "/config/env/php-fpm.script.sh" # Generated by my dockermgr script +[ -f "/config/env/php-fpm.sh" ] && . "/config/env/php-fpm.sh" # Overwrite the variabes +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional predefined variables + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional variables + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Specifiy custom directories to be created +ADD_APPLICATION_FILES="" +ADD_APPLICATION_DIRS="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +APPLICATION_FILES="$LOG_DIR/$SERVICE_NAME.log" +APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR $TMP_DIR" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional config dirs - will be Copied to /etc/$name +ADDITIONAL_CONFIG_DIRS="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# define variables that need to be loaded into the service - escape quotes - var=\"value\",other=\"test\" +CMD_ENV="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Overwrite based on file/directory + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Per Application Variables or imports + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Custom prerun functions - IE setup WWW_ROOT_DIR +__execute_prerun() { + # Setup /config directories + __init_config_etc + + # Define other actions/commands + +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Run any pre-execution checks +__run_pre_execute_checks() { + # Set variables + local exitStatus=0 + local pre_execute_checks_MessageST="Running preexecute check for $SERVICE_NAME" # message to show at start + local pre_execute_checks_MessageEnd="Finished preexecute check for $SERVICE_NAME" # message to show at completion + __banner "$pre_execute_checks_MessageST" + # Put command to execute in parentheses + { + true + } + exitStatus=$? + __banner "$pre_execute_checks_MessageEnd: Status $exitStatus" + + # show exit message + if [ $exitStatus -ne 0 ]; then + echo "The pre-execution check has failed" >&2 + [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE" + exit 1 + fi + return $exitStatus +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# use this function to update config files - IE: change port +__update_conf_files() { + local exitCode=0 # default exit code + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # CD into temp to bybass any permission errors + cd /tmp || false # lets keep shellcheck happy by adding false + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # delete files + #__rm "" + + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # custom commands + + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # replace variables + # __replace "" "" "$CONF_DIR/php-fpm.conf" + # replace variables recursively + # __find_replace "" "" "$CONF_DIR" + + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # define actions + + # exit function + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# function to run before executing +__pre_execute() { + local exitCode=0 # default exit code + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + + # define commands + + # execute if directories is empty + if __is_dir_empty "$CONF_DIR"; then + true + else + false + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Set permissions + __fix_permissions "$SERVICE_USER" "$SERVICE_GROUP" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Copy /config to /etc + for config_2_etc in $CONF_DIR $ADDITIONAL_CONFIG_DIRS; do + __initialize_system_etc "$config_2_etc" 2>/dev/stderr | tee -p -a "$LOG_DIR/init.txt" + done + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Replace variables + HOSTNAME="$sysname" __initialize_replace_variables "$ETC_DIR" "$CONF_DIR" "$WWW_ROOT_DIR" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # define actions + + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # unset unneeded variables + unset filesperms filename config_2_etc change_user change_user ADDITIONAL_CONFIG_DIRS application_files filedirs + # Lets wait a few seconds before continuing + sleep 5 + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# function to run after executing +__post_execute() { + local pid="" # init pid var + local retVal=0 # set default exit code + local waitTime=60 # how long to wait before executing + local postMessageST="Running post commands for $SERVICE_NAME" # message to show at start + local postMessageEnd="Finished post commands for $SERVICE_NAME" # message to show at completion + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + + # wait + sleep $waitTime + # execute commands + ( + # show message + __banner "$postMessageST" + # commands to execute + true + # show exit message + __banner "$postMessageEnd: Status $retVal" + ) 2>"/dev/stderr" | tee -p -a "$LOG_DIR/init.txt" & + pid=$! + # set exitCode + ps ax | awk '{print $1}' | grep -v grep | grep -q "$execPid$" && retVal=0 || retVal=10 + return $retVal +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# use this function to update config files - IE: change port +__pre_message() { + local exitCode=0 + if [ -n "$user_name" ] || [ -n "$user_pass" ] || [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then + __banner "User info" + [ -n "$user_name" ] && __printf_space "40" "username:" "$user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name" + [ -n "$user_pass" ] && __printf_space "40" "password:" "saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" + [ -n "$root_user_name" ] && __printf_space "40" "root username:" "$root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" + [ -n "$root_user_pass" ] && __printf_space "40" "root password:" "saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" + __banner "" + fi + [ -n "$PRE_EXEC_MESSAGE" ] && eval echo "$PRE_EXEC_MESSAGE" + # execute commands + + # set exitCode + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# use this function to setup ssl support +__update_ssl_conf() { + local exitCode=0 + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + # execute commands + + # set exitCode + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__create_service_env() { + cat </dev/null +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# root/admin user info [password/random] +#ENV_ROOT_USER_NAME="${ENV_ROOT_USER_NAME:-$PHP_FPM_ROOT_USER_NAME}" # root user name +#ENV_ROOT_USER_PASS="${ENV_ROOT_USER_NAME:-$PHP_FPM_ROOT_PASS_WORD}" # root user password +#root_user_name="${ENV_ROOT_USER_NAME:-$root_user_name}" # +#root_user_pass="${ENV_ROOT_USER_PASS:-$root_user_pass}" # +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +#Normal user info [password/random] +#ENV_USER_NAME="${ENV_USER_NAME:-$PHP_FPM_USER_NAME}" # +#ENV_USER_PASS="${ENV_USER_PASS:-$PHP_FPM_USER_PASS_WORD}" # +#user_name="${ENV_USER_NAME:-$user_name}" # normal user name +#user_pass="${ENV_USER_PASS:-$user_pass}" # normal user password + +EOF + __file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" || return 1 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# script to start server +__run_start_script() { + local runExitCode=0 + local workdir="$(eval echo "${WORK_DIR:-}")" # expand variables + local cmd="$(eval echo "${EXEC_CMD_BIN:-}")" # expand variables + local args="$(eval echo "${EXEC_CMD_ARGS:-}")" # expand variables + local name="$(eval echo "${EXEC_CMD_NAME:-}")" # expand variables + local pre="$(eval echo "${EXEC_PRE_SCRIPT:-}")" # expand variables + local extra_env="$(eval echo "${CMD_ENV//,/ }")" # expand variables + local lc_type="$(eval echo "${LANG:-${LC_ALL:-$LC_CTYPE}}")" # expand variables + local home="$(eval echo "${workdir//\/root/\/tmp\/docker}")" # expand variables + local path="$(eval echo "$PATH")" # expand variables + local message="$(eval echo "")" # expand variables + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + [ -f "$CONF_DIR/$SERVICE_NAME.exec_cmd.sh" ] && . "$CONF_DIR/$SERVICE_NAME.exec_cmd.sh" + # + __run_pre_execute_checks 2>/dev/stderr | tee -a -p "/data/logs/entrypoint.log" "$LOG_DIR/init.txt" || return 20 + # + if [ -z "$cmd" ]; then + __post_execute 2>"/dev/stderr" | tee -p -a "$LOG_DIR/init.txt" + retVal=$? + echo "Initializing $SCRIPT_NAME has completed" + exit $retVal + else + # ensure the command exists + if [ ! -x "$cmd" ]; then + echo "$name is not a valid executable" + return 2 + fi + # check and exit if already running + if __proc_check "$name" || __proc_check "$cmd"; then + echo "$name is already running" >&2 + return 0 + else + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # show message if env exists + if [ -n "$cmd" ]; then + [ -n "$SERVICE_USER" ] && echo "Setting up $cmd to run as $SERVICE_USER" || SERVICE_USER="root" + [ -n "$SERVICE_PORT" ] && echo "$name will be running on port $SERVICE_PORT" || SERVICE_PORT="" + fi + if [ -n "$pre" ] && [ -n "$(command -v "$pre" 2>/dev/null)" ]; then + export cmd_exec="$pre $cmd $args" + message="Starting service: $name $args through $pre" + else + export cmd_exec="$cmd $args" + message="Starting service: $name $args" + fi + [ -n "$su_exec" ] && echo "using $su_exec" | tee -a -p "$LOG_DIR/init.txt" + echo "$message" | tee -a -p "$LOG_DIR/init.txt" + su_cmd touch "$SERVICE_PID_FILE" + __post_execute 2>"/dev/stderr" | tee -p -a "$LOG_DIR/init.txt" & + if [ "$RESET_ENV" = "yes" ]; then + env_command="$(echo "env -i HOME=\"$home\" LC_CTYPE=\"$lc_type\" PATH=\"$path\" HOSTNAME=\"$sysname\" USER=\"${SERVICE_USER:-$RUNAS_USER}\" $extra_env")" + execute_command="$(__trim "$su_exec $env_command $cmd_exec")" + if [ ! -f "$START_SCRIPT" ]; then + cat <"$START_SCRIPT" +#!/usr/bin/env bash +trap 'exitCode=\$?;[ \$exitCode -ne 0 ] && [ -f "\$SERVICE_PID_FILE" ] && rm -Rf "\$SERVICE_PID_FILE";exit \$exitCode' EXIT +# +set -Eeo pipefail +# Setting up $cmd to run as ${SERVICE_USER:-root} with env +retVal=10 +cmd="$cmd" +SERVICE_PID_FILE="$SERVICE_PID_FILE" +$execute_command 2>"/dev/stderr" >>"$LOG_DIR/$SERVICE_NAME.log" & +execPid=\$! +sleep 10 +checkPID="\$(ps ax | awk '{print \$1}' | grep -v grep | grep "\$execPid$" || false)" +[ -n "\$execPid" ] && [ -n "\$checkPID" ] && echo "\$execPid" >"\$SERVICE_PID_FILE" && retVal=0 || retVal=10 +[ "\$retVal" = 0 ] && echo "\$cmd has been started" || echo "\$cmd has failed to start - args: $args" >&2 +exit \$retVal + +EOF + fi + else + if [ ! -f "$START_SCRIPT" ]; then + execute_command="$(__trim "$su_exec $cmd_exec")" + cat <"$START_SCRIPT" +#!/usr/bin/env bash +trap 'exitCode=\$?;[ \$exitCode -ne 0 ] && [ -f "\$SERVICE_PID_FILE" ] && rm -Rf "\$SERVICE_PID_FILE";exit \$exitCode' EXIT +# +set -Eeo pipefail +# Setting up $cmd to run as ${SERVICE_USER:-root} +retVal=10 +cmd="$cmd" +SERVICE_PID_FILE="$SERVICE_PID_FILE" +$execute_command 2>>"/dev/stderr" >>"$LOG_DIR/$SERVICE_NAME.log" & +execPid=\$! +sleep 10 +checkPID="\$(ps ax | awk '{print \$1}' | grep -v grep | grep "\$execPid$" || false)" +[ -n "\$execPid" ] && [ -n "\$checkPID" ] && echo "\$execPid" >"\$SERVICE_PID_FILE" && retVal=0 || retVal=10 +[ "\$retVal" = 0 ] && echo "\$cmd has been started" || echo "\$cmd has failed to start - args: $args" >&2 +exit \$retVal + +EOF + fi + fi + fi + [ -x "$START_SCRIPT" ] || chmod 755 -Rf "$START_SCRIPT" + [ "$CONTAINER_INIT" = "yes" ] || eval sh -c "$START_SCRIPT" + runExitCode=$? + return $runExitCode + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# username and password actions +__run_secure_function() { + if [ -n "$user_name" ] || [ -n "$user_pass" ]; then + for filesperms in "${USER_FILE_PREFIX}"/*; do + if [ -e "$filesperms" ]; then + chmod -Rf 600 "$filesperms" + chown -Rf $SERVICE_USER:$SERVICE_USER "$filesperms" 2>/dev/null + fi + done 2>/dev/null | tee -p -a "$LOG_DIR/init.txt" + fi + if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then + for filesperms in "${ROOT_FILE_PREFIX}"/*; do + if [ -e "$filesperms" ]; then + chmod -Rf 600 "$filesperms" + chown -Rf $SERVICE_USER:$SERVICE_USER "$filesperms" 2>/dev/null + fi + done 2>/dev/null | tee -p -a "$LOG_DIR/init.txt" + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow ENV_ variable - Import env file +__file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +SERVICE_EXIT_CODE=0 # default exit code +# application specific +EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name +SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location +SERVICE_PID_NUMBER="$(__pgrep)" # check if running +EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path +EXEC_PRE_SCRIPT="$(type -P "$EXEC_PRE_SCRIPT" || echo "$EXEC_PRE_SCRIPT")" # set full path +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Only run check +__check_service "$1" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create auth directories +[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; } +[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ "$IS_WEB_SERVER" = "yes" ] && RESET_ENV="yes" +[ -n "$RUNAS_USER" ] || RUNAS_USER="root" +[ -n "$SERVICE_USER" ] || SERVICE_USER="${RUNAS_USER:-root}" +[ -n "$SERVICE_GROUP" ] || SERVICE_GROUP="${RUNAS_USER:-root}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Database env +if [ "$IS_DATABASE_SERVICE" = "yes" ] || [ "$USES_DATABASE_SERVICE" = "yes" ]; then + RESET_ENV="no" + DATABASE_CREATE="${ENV_DATABASE_CREATE:-$DATABASE_CREATE}" + DATABASE_USER="${ENV_DATABASE_USER:-${DATABASE_USER:-$user_name}}" + DATABASE_PASSWORD="${ENV_DATABASE_PASSWORD:-${DATABASE_PASSWORD:-$user_pass}}" + DATABASE_ROOT_USER="${ENV_DATABASE_ROOT_USER:-${DATABASE_ROOT_USER:-$root_user_name}}" + DATABASE_ROOT_PASSWORD="${ENV_DATABASE_ROOT_PASSWORD:-${DATABASE_ROOT_PASSWORD:-$root_user_pass}}" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow per init script usernames and passwords +__file_exists_with_content "$ETC_DIR/auth/user/name" && user_name="$(<"$ETC_DIR/auth/user/name")" +__file_exists_with_content "$ETC_DIR/auth/user/pass" && user_pass="$(<"$ETC_DIR/auth/user/pass")" +__file_exists_with_content "$ETC_DIR/auth/root/name" && root_user_name="$(<"$ETC_DIR/auth/root/name")" +__file_exists_with_content "$ETC_DIR/auth/root/pass" && root_user_pass="$(<"$ETC_DIR/auth/root/pass")" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set password to random if variable is random +[ "$user_pass" = "random" ] && user_pass="$(__random_password)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ "$root_user_pass" = "random" ] && root_user_pass="$(__random_password)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow setting initial users and passwords via environment +user_name="$(eval echo "${ENV_USER_NAME:-$user_name}")" +user_pass="$(eval echo "${ENV_USER_PASS:-$user_pass}")" +root_user_name="$(eval echo "${ENV_ROOT_USER_NAME:-$root_user_name}")" +root_user_pass="$(eval echo "${ENV_ROOT_USER_PASS:-$root_user_pass}")" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow variables via imports - Overwrite existing +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# ensure needed directories exists +[ -d "$LOG_DIR" ] || mkdir -p "$LOG_DIR" +[ -d "$RUN_DIR" ] || mkdir -p "$RUN_DIR" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# pre-run function +__execute_prerun +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create user if needed +__create_service_user "$SERVICE_USER" "$SERVICE_GROUP" "${WORK_DIR:-/home/$SERVICE_USER}" "${SERVICE_UID:-}" "${SERVICE_GID:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Modify user if needed +__set_user_group_id $SERVICE_USER ${SERVICE_UID:-} ${SERVICE_GID:-} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Create base directories +__setup_directories +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set switch user command +__switch_to_user +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Initialize the home/working dir +__init_working_dir +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# show init message +__pre_message +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# +__initialize_db_users +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Initialize ssl +__update_ssl_conf +__update_ssl_certs +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Updating config files +__create_service_env +__update_conf_files +__initialize_database +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__run_secure_function +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# run the pre execute commands +__pre_execute +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__run_start_script 2>>/dev/stderr | tee -p -a "/data/logs/entrypoint.log" && errorCode=0 || errorCode=10 +if [ -n "$EXEC_CMD_BIN" ]; then + if [ "$errorCode" -ne 0 ]; then + echo "Failed to execute: ${cmd_exec:-$EXEC_CMD_BIN $EXEC_CMD_ARGS}" | tee -p -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt" + rm -Rf "$SERVICE_PID_FILE" + SERVICE_EXIT_CODE=10 + SERVICE_IS_RUNNING="no" + else + SERVICE_EXIT_CODE=0 + SERVICE_IS_RUNNING="no" + fi + SERVICE_EXIT_CODE=0 +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__banner "Initializing of $SERVICE_NAME has completed with statusCode: $SERVICE_EXIT_CODE" | tee -p -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit $SERVICE_EXIT_CODE diff --git a/rootfs/usr/local/etc/docker/init.d/99-nginx.sh b/rootfs/usr/local/etc/docker/init.d/99-nginx.sh new file mode 100755 index 0000000..5a4b2f2 --- /dev/null +++ b/rootfs/usr/local/etc/docker/init.d/99-nginx.sh @@ -0,0 +1,584 @@ +#!/usr/bin/env bash +# shellcheck shell=bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +##@Version : 202408151656-git +# @@Author : Jason Hempstead +# @@Contact : jason@casjaysdev.pro +# @@License : WTFPL +# @@ReadME : 99-nginx.sh --help +# @@Copyright : Copyright: (c) 2024 Jason Hempstead, Casjays Developments +# @@Created : Thursday, Aug 15, 2024 16:56 EDT +# @@File : 99-nginx.sh +# @@Description : +# @@Changelog : New script +# @@TODO : Better documentation +# @@Other : +# @@Resource : +# @@Terminal App : no +# @@sudo/root : no +# @@Template : other/start-service +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# shellcheck disable=SC2016 +# shellcheck disable=SC2031 +# shellcheck disable=SC2120 +# shellcheck disable=SC2155 +# shellcheck disable=SC2199 +# shellcheck disable=SC2317 +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# run trap command on exit +trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "yes" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# setup debugging - https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html +[ -f "/config/.debug" ] && [ -z "$DEBUGGER_OPTIONS" ] && export DEBUGGER_OPTIONS="$(<"/config/.debug")" || DEBUGGER_OPTIONS="${DEBUGGER_OPTIONS:-}" +{ [ "$DEBUGGER" = "on" ] || [ -f "/config/.debug" ]; } && echo "Enabling debugging" && set -xo pipefail -x$DEBUGGER_OPTIONS && export DEBUGGER="on" || set -o pipefail +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +SCRIPT_FILE="$0" +SERVICE_NAME="nginx" +SCRIPT_NAME="$(basename "$SCRIPT_FILE" 2>/dev/null)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# exit if __start_init_scripts function hasn't been Initialized +if [ ! -f "/run/__start_init_scripts.pid" ]; then + echo "__start_init_scripts function hasn't been Initialized" >&2 + SERVICE_IS_RUNNING="no" + exit 1 +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import the functions file +if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then + . "/usr/local/etc/docker/functions/entrypoint.sh" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import variables +for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do + [ -f "$set_env" ] && . "$set_env" +done +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +printf '%s\n' "# - - - Initializing $SERVICE_NAME - - - #" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Custom functions + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Script to execute +START_SCRIPT="/usr/local/etc/docker/exec/$SERVICE_NAME" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Reset environment before executing service +RESET_ENV="yes" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the database root dir +DATABASE_BASE_DIR="${DATABASE_BASE_DIR:-/data/db}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set the database directory +DATABASE_DIR="${DATABASE_DIR_NGINX:-$DATABASE_BASE_DIR/sqlite}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set webroot +WWW_ROOT_DIR="/usr/share/httpd/stikked" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Default predefined variables +DATA_DIR="/data/nginx" # set data directory +CONF_DIR="/config/nginx" # set config directory +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set the containers etc directory +ETC_DIR="/etc/nginx" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set the var dir +VAR_DIR="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +TMP_DIR="/tmp/nginx" # set the temp dir +RUN_DIR="/run/nginx" # set scripts pid dir +LOG_DIR="/data/logs/nginx" # set log directory +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set the working dir +WORK_DIR="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# port which service is listening on +SERVICE_PORT="80" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# User to use to launch service - IE: postgres +RUNAS_USER="root" # normally root +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# User and group in which the service switches to - IE: nginx,apache,mysql,postgres +SERVICE_USER="nginx" # execute command as another user +SERVICE_GROUP="nginx" # Set the service group +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set user and group ID +#SERVICE_UID="0" # set the user id +#SERVICE_GID="0" # set the group id +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# execute command variables - keep single quotes variables will be expanded later +EXEC_CMD_BIN='nginx' # command to execute +EXEC_CMD_ARGS='-c $ETC_DIR/nginx.conf' # command arguments +EXEC_PRE_SCRIPT='' # execute script before +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Is this service a web server +IS_WEB_SERVER="yes" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Is this service a database server +IS_DATABASE_SERVICE="no" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Does this service use a database server +USES_DATABASE_SERVICE="yes" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Show message before execute +PRE_EXEC_MESSAGE="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Update path var +PATH="$PATH:." +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Where to save passwords to +ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user +USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# root/admin user info password/random] +root_user_name="${NGINX_ROOT_USER_NAME:-}" # root user name +root_user_pass="${NGINX_ROOT_PASS_WORD:-}" # root user password +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Normal user info [password/random] +user_name="${NGINX_USER_NAME:-}" # normal user name +user_pass="${NGINX_USER_PASS_WORD:-}" # normal user password +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Load variables from config +[ -f "/config/env/nginx.script.sh" ] && . "/config/env/nginx.script.sh" # Generated by my dockermgr script +[ -f "/config/env/nginx.sh" ] && . "/config/env/nginx.sh" # Overwrite the variabes +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional predefined variables + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional variables +STIKKED_SITE_NAME="${STIKKED_SITE_NAME:-CasjaysDev PasteBin}" +STIKKED_CRON_KEY="${STIKKED_CRON_KEY:-$(__random_password 16)}" +STIKKED_ADMIN_PASS="${STIKKED_ADMIN_PASS:-$(__random_password 16)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Specifiy custom directories to be created +ADD_APPLICATION_FILES="" +ADD_APPLICATION_DIRS="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +APPLICATION_FILES="$LOG_DIR/$SERVICE_NAME.log" +APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR $TMP_DIR" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Additional config dirs - will be Copied to /etc/$name +ADDITIONAL_CONFIG_DIRS="/config/stikked" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# define variables that need to be loaded into the service - escape quotes - var=\"value\",other=\"test\" +CMD_ENV="" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Overwrite based on file/directory + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Per Application Variables or imports + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Custom prerun functions - IE setup WWW_ROOT_DIR +__execute_prerun() { + # Setup /config directories + __init_config_etc + + # Define other actions/commands + +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Run any pre-execution checks +__run_pre_execute_checks() { + # Set variables + local exitStatus=0 + local pre_execute_checks_MessageST="Running preexecute check for $SERVICE_NAME" # message to show at start + local pre_execute_checks_MessageEnd="Finished preexecute check for $SERVICE_NAME" # message to show at completion + __banner "$pre_execute_checks_MessageST" + # Put command to execute in parentheses + { + true + } + exitStatus=$? + __banner "$pre_execute_checks_MessageEnd: Status $exitStatus" + + # show exit message + if [ $exitStatus -ne 0 ]; then + echo "The pre-execution check has failed" >&2 + [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE" + exit 1 + fi + return $exitStatus +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# use this function to update config files - IE: change port +__update_conf_files() { + local exitCode=0 # default exit code + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # CD into temp to bybass any permission errors + cd /tmp || false # lets keep shellcheck happy by adding false + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # delete files + #__rm "" + + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # custom commands + if [ ! -f "/config/stikked/config.php" ] && [ -f "/etc/stikked/config.php" ]; then + cp -Rf "/etc/stikked/config.php" "/config/stikked/config.php" + fi + symlink "/config/stikked/config.php" "$WWW_ROOT_DIR/application/config/stikked.php" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # replace variables + __replace "REPLACE_STIKKED_SITE_NAME" "$STIKKED_SITE_NAME" "/config/stikked/config.php" + __replace "REPLACE_STIKKED_CRON_KEY" "$STIKKED_CRON_KEY" "/config/stikked/config.php" + __replace "REPLACE_STIKKED_ADMIN_PASS" "$STIKKED_ADMIN_PASS" "/config/stikked/config.php" + # replace variables recursively + # __find_replace "" "" "$CONF_DIR" + + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # define actions + + # exit function + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# function to run before executing +__pre_execute() { + local exitCode=0 # default exit code + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + + # define commands + + # execute if directories is empty + if __is_dir_empty "$CONF_DIR"; then + true + else + false + fi + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Set permissions + __fix_permissions "$SERVICE_USER" "$SERVICE_GROUP" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Copy /config to /etc + for config_2_etc in $CONF_DIR $ADDITIONAL_CONFIG_DIRS; do + __initialize_system_etc "$config_2_etc" 2>/dev/stderr | tee -p -a "$LOG_DIR/init.txt" + done + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Replace variables + HOSTNAME="$sysname" __initialize_replace_variables "$ETC_DIR" "$CONF_DIR" "$WWW_ROOT_DIR" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # define actions + + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # unset unneeded variables + unset filesperms filename config_2_etc change_user change_user ADDITIONAL_CONFIG_DIRS application_files filedirs + # Lets wait a few seconds before continuing + sleep 5 + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# function to run after executing +__post_execute() { + local pid="" # init pid var + local retVal=0 # set default exit code + local waitTime=60 # how long to wait before executing + local postMessageST="Running post commands for $SERVICE_NAME" # message to show at start + local postMessageEnd="Finished post commands for $SERVICE_NAME" # message to show at completion + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + + # wait + sleep $waitTime + # execute commands + ( + # show message + __banner "$postMessageST" + # commands to execute + true + # show exit message + __banner "$postMessageEnd: Status $retVal" + ) 2>"/dev/stderr" | tee -p -a "$LOG_DIR/init.txt" & + pid=$! + # set exitCode + ps ax | awk '{print $1}' | grep -v grep | grep -q "$execPid$" && retVal=0 || retVal=10 + return $retVal +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# use this function to update config files - IE: change port +__pre_message() { + local exitCode=0 + if [ -n "$user_name" ] || [ -n "$user_pass" ] || [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then + __banner "User info" + [ -n "$user_name" ] && __printf_space "40" "username:" "$user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name" + [ -n "$user_pass" ] && __printf_space "40" "password:" "saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" + [ -n "$root_user_name" ] && __printf_space "40" "root username:" "$root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" + [ -n "$root_user_pass" ] && __printf_space "40" "root password:" "saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" + __banner "" + fi + [ -n "$PRE_EXEC_MESSAGE" ] && eval echo "$PRE_EXEC_MESSAGE" + # execute commands + __printf_space "40" "Admin username is:" "root" + __printf_space "40" "Admin password is:" "$STIKKED_ADMIN_PASS" + __printf_space "40" "cron key is:" "$STIKKED_CRON_KEY" + + # set exitCode + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# use this function to setup ssl support +__update_ssl_conf() { + local exitCode=0 + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + # execute commands + + # set exitCode + return $exitCode +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__create_service_env() { + cat </dev/null +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# root/admin user info [password/random] +#ENV_ROOT_USER_NAME="${ENV_ROOT_USER_NAME:-$NGINX_ROOT_USER_NAME}" # root user name +#ENV_ROOT_USER_PASS="${ENV_ROOT_USER_NAME:-$NGINX_ROOT_PASS_WORD}" # root user password +#root_user_name="${ENV_ROOT_USER_NAME:-$root_user_name}" # +#root_user_pass="${ENV_ROOT_USER_PASS:-$root_user_pass}" # +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +#Normal user info [password/random] +#ENV_USER_NAME="${ENV_USER_NAME:-$NGINX_USER_NAME}" # +#ENV_USER_PASS="${ENV_USER_PASS:-$NGINX_USER_PASS_WORD}" # +#user_name="${ENV_USER_NAME:-$user_name}" # normal user name +#user_pass="${ENV_USER_PASS:-$user_pass}" # normal user password + +EOF + __file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" || return 1 +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# script to start server +__run_start_script() { + local runExitCode=0 + local workdir="$(eval echo "${WORK_DIR:-}")" # expand variables + local cmd="$(eval echo "${EXEC_CMD_BIN:-}")" # expand variables + local args="$(eval echo "${EXEC_CMD_ARGS:-}")" # expand variables + local name="$(eval echo "${EXEC_CMD_NAME:-}")" # expand variables + local pre="$(eval echo "${EXEC_PRE_SCRIPT:-}")" # expand variables + local extra_env="$(eval echo "${CMD_ENV//,/ }")" # expand variables + local lc_type="$(eval echo "${LANG:-${LC_ALL:-$LC_CTYPE}}")" # expand variables + local home="$(eval echo "${workdir//\/root/\/tmp\/docker}")" # expand variables + local path="$(eval echo "$PATH")" # expand variables + local message="$(eval echo "")" # expand variables + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + [ -f "$CONF_DIR/$SERVICE_NAME.exec_cmd.sh" ] && . "$CONF_DIR/$SERVICE_NAME.exec_cmd.sh" + # + __run_pre_execute_checks 2>/dev/stderr | tee -a -p "/data/logs/entrypoint.log" "$LOG_DIR/init.txt" || return 20 + # + if [ -z "$cmd" ]; then + __post_execute 2>"/dev/stderr" | tee -p -a "$LOG_DIR/init.txt" + retVal=$? + echo "Initializing $SCRIPT_NAME has completed" + exit $retVal + else + # ensure the command exists + if [ ! -x "$cmd" ]; then + echo "$name is not a valid executable" + return 2 + fi + # check and exit if already running + if __proc_check "$name" || __proc_check "$cmd"; then + echo "$name is already running" >&2 + return 0 + else + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # show message if env exists + if [ -n "$cmd" ]; then + [ -n "$SERVICE_USER" ] && echo "Setting up $cmd to run as $SERVICE_USER" || SERVICE_USER="root" + [ -n "$SERVICE_PORT" ] && echo "$name will be running on port $SERVICE_PORT" || SERVICE_PORT="" + fi + if [ -n "$pre" ] && [ -n "$(command -v "$pre" 2>/dev/null)" ]; then + export cmd_exec="$pre $cmd $args" + message="Starting service: $name $args through $pre" + else + export cmd_exec="$cmd $args" + message="Starting service: $name $args" + fi + [ -n "$su_exec" ] && echo "using $su_exec" | tee -a -p "$LOG_DIR/init.txt" + echo "$message" | tee -a -p "$LOG_DIR/init.txt" + su_cmd touch "$SERVICE_PID_FILE" + __post_execute 2>"/dev/stderr" | tee -p -a "$LOG_DIR/init.txt" & + if [ "$RESET_ENV" = "yes" ]; then + env_command="$(echo "env -i HOME=\"$home\" LC_CTYPE=\"$lc_type\" PATH=\"$path\" HOSTNAME=\"$sysname\" USER=\"${SERVICE_USER:-$RUNAS_USER}\" $extra_env")" + execute_command="$(__trim "$su_exec $env_command $cmd_exec")" + if [ ! -f "$START_SCRIPT" ]; then + cat <"$START_SCRIPT" +#!/usr/bin/env bash +trap 'exitCode=\$?;[ \$exitCode -ne 0 ] && [ -f "\$SERVICE_PID_FILE" ] && rm -Rf "\$SERVICE_PID_FILE";exit \$exitCode' EXIT +# +set -Eeo pipefail +# Setting up $cmd to run as ${SERVICE_USER:-root} with env +retVal=10 +cmd="$cmd" +SERVICE_PID_FILE="$SERVICE_PID_FILE" +$execute_command 2>"/dev/stderr" >>"$LOG_DIR/$SERVICE_NAME.log" & +execPid=\$! +sleep 10 +checkPID="\$(ps ax | awk '{print \$1}' | grep -v grep | grep "\$execPid$" || false)" +[ -n "\$execPid" ] && [ -n "\$checkPID" ] && echo "\$execPid" >"\$SERVICE_PID_FILE" && retVal=0 || retVal=10 +[ "\$retVal" = 0 ] && echo "\$cmd has been started" || echo "\$cmd has failed to start - args: $args" >&2 +exit \$retVal + +EOF + fi + else + if [ ! -f "$START_SCRIPT" ]; then + execute_command="$(__trim "$su_exec $cmd_exec")" + cat <"$START_SCRIPT" +#!/usr/bin/env bash +trap 'exitCode=\$?;[ \$exitCode -ne 0 ] && [ -f "\$SERVICE_PID_FILE" ] && rm -Rf "\$SERVICE_PID_FILE";exit \$exitCode' EXIT +# +set -Eeo pipefail +# Setting up $cmd to run as ${SERVICE_USER:-root} +retVal=10 +cmd="$cmd" +SERVICE_PID_FILE="$SERVICE_PID_FILE" +$execute_command 2>>"/dev/stderr" >>"$LOG_DIR/$SERVICE_NAME.log" & +execPid=\$! +sleep 10 +checkPID="\$(ps ax | awk '{print \$1}' | grep -v grep | grep "\$execPid$" || false)" +[ -n "\$execPid" ] && [ -n "\$checkPID" ] && echo "\$execPid" >"\$SERVICE_PID_FILE" && retVal=0 || retVal=10 +[ "\$retVal" = 0 ] && echo "\$cmd has been started" || echo "\$cmd has failed to start - args: $args" >&2 +exit \$retVal + +EOF + fi + fi + fi + [ -x "$START_SCRIPT" ] || chmod 755 -Rf "$START_SCRIPT" + [ "$CONTAINER_INIT" = "yes" ] || eval sh -c "$START_SCRIPT" + runExitCode=$? + return $runExitCode + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# username and password actions +__run_secure_function() { + if [ -n "$user_name" ] || [ -n "$user_pass" ]; then + for filesperms in "${USER_FILE_PREFIX}"/*; do + if [ -e "$filesperms" ]; then + chmod -Rf 600 "$filesperms" + chown -Rf $SERVICE_USER:$SERVICE_USER "$filesperms" 2>/dev/null + fi + done 2>/dev/null | tee -p -a "$LOG_DIR/init.txt" + fi + if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then + for filesperms in "${ROOT_FILE_PREFIX}"/*; do + if [ -e "$filesperms" ]; then + chmod -Rf 600 "$filesperms" + chown -Rf $SERVICE_USER:$SERVICE_USER "$filesperms" 2>/dev/null + fi + done 2>/dev/null | tee -p -a "$LOG_DIR/init.txt" + fi +} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow ENV_ variable - Import env file +__file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +SERVICE_EXIT_CODE=0 # default exit code +# application specific +EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name +SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location +SERVICE_PID_NUMBER="$(__pgrep)" # check if running +EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path +EXEC_PRE_SCRIPT="$(type -P "$EXEC_PRE_SCRIPT" || echo "$EXEC_PRE_SCRIPT")" # set full path +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Only run check +__check_service "$1" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create auth directories +[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; } +[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; } +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ "$IS_WEB_SERVER" = "yes" ] && RESET_ENV="yes" +[ -n "$RUNAS_USER" ] || RUNAS_USER="root" +[ -n "$SERVICE_USER" ] || SERVICE_USER="${RUNAS_USER:-root}" +[ -n "$SERVICE_GROUP" ] || SERVICE_GROUP="${RUNAS_USER:-root}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Database env +if [ "$IS_DATABASE_SERVICE" = "yes" ] || [ "$USES_DATABASE_SERVICE" = "yes" ]; then + RESET_ENV="no" + DATABASE_CREATE="${ENV_DATABASE_CREATE:-$DATABASE_CREATE}" + DATABASE_USER="${ENV_DATABASE_USER:-${DATABASE_USER:-$user_name}}" + DATABASE_PASSWORD="${ENV_DATABASE_PASSWORD:-${DATABASE_PASSWORD:-$user_pass}}" + DATABASE_ROOT_USER="${ENV_DATABASE_ROOT_USER:-${DATABASE_ROOT_USER:-$root_user_name}}" + DATABASE_ROOT_PASSWORD="${ENV_DATABASE_ROOT_PASSWORD:-${DATABASE_ROOT_PASSWORD:-$root_user_pass}}" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow per init script usernames and passwords +__file_exists_with_content "$ETC_DIR/auth/user/name" && user_name="$(<"$ETC_DIR/auth/user/name")" +__file_exists_with_content "$ETC_DIR/auth/user/pass" && user_pass="$(<"$ETC_DIR/auth/user/pass")" +__file_exists_with_content "$ETC_DIR/auth/root/name" && root_user_name="$(<"$ETC_DIR/auth/root/name")" +__file_exists_with_content "$ETC_DIR/auth/root/pass" && root_user_pass="$(<"$ETC_DIR/auth/root/pass")" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set password to random if variable is random +[ "$user_pass" = "random" ] && user_pass="$(__random_password)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ "$root_user_pass" = "random" ] && root_user_pass="$(__random_password)" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow setting initial users and passwords via environment +user_name="$(eval echo "${ENV_USER_NAME:-$user_name}")" +user_pass="$(eval echo "${ENV_USER_PASS:-$user_pass}")" +root_user_name="$(eval echo "${ENV_ROOT_USER_NAME:-$root_user_name}")" +root_user_pass="$(eval echo "${ENV_ROOT_USER_PASS:-$root_user_pass}")" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Allow variables via imports - Overwrite existing +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# ensure needed directories exists +[ -d "$LOG_DIR" ] || mkdir -p "$LOG_DIR" +[ -d "$RUN_DIR" ] || mkdir -p "$RUN_DIR" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# pre-run function +__execute_prerun +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# create user if needed +__create_service_user "$SERVICE_USER" "$SERVICE_GROUP" "${WORK_DIR:-/home/$SERVICE_USER}" "${SERVICE_UID:-}" "${SERVICE_GID:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Modify user if needed +__set_user_group_id $SERVICE_USER ${SERVICE_UID:-} ${SERVICE_GID:-} +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Create base directories +__setup_directories +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# set switch user command +__switch_to_user +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Initialize the home/working dir +__init_working_dir +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# show init message +__pre_message +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# +__initialize_db_users +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Initialize ssl +__update_ssl_conf +__update_ssl_certs +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Updating config files +__create_service_env +__update_conf_files +__initialize_database +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__run_secure_function +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# run the pre execute commands +__pre_execute +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__run_start_script 2>>/dev/stderr | tee -p -a "/data/logs/entrypoint.log" && errorCode=0 || errorCode=10 +if [ -n "$EXEC_CMD_BIN" ]; then + if [ "$errorCode" -ne 0 ]; then + echo "Failed to execute: ${cmd_exec:-$EXEC_CMD_BIN $EXEC_CMD_ARGS}" | tee -p -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt" + rm -Rf "$SERVICE_PID_FILE" + SERVICE_EXIT_CODE=10 + SERVICE_IS_RUNNING="no" + else + SERVICE_EXIT_CODE=0 + SERVICE_IS_RUNNING="no" + fi + SERVICE_EXIT_CODE=0 +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +__banner "Initializing of $SERVICE_NAME has completed with statusCode: $SERVICE_EXIT_CODE" | tee -p -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +exit $SERVICE_EXIT_CODE diff --git a/rootfs/usr/local/share/template-files/config/.gitkeep b/rootfs/usr/local/share/template-files/config/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/rootfs/usr/local/share/template-files/config/env/default.sample b/rootfs/usr/local/share/template-files/config/env/default.sample new file mode 100644 index 0000000..65ff1df --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/default.sample @@ -0,0 +1,134 @@ +#!/usr/bin/env bash +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Set bash options +[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# import the functions file +[ -f "/usr/local/etc/docker/functions/entrypoint.sh" ] && . "/usr/local/etc/docker/functions/entrypoint.sh" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# GLOBAL enviroment variables +#USER="${USER:-root}" +#LANG="${LANG:-C.UTF-8}" +#TZ="${TZ:-America/New_York}" +#SERVICE_USER="${SERVICE_USER:-root}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# directory settings +#BACKUP_DIR="${BACKUP_DIR:-/data/backups}" +#WWW_ROOT_DIR="${WWW_ROOT_DIR:-/usr/share/httpd/default}" +#LOCAL_BIN_DIR="${LOCAL_BIN_DIR:-/usr/local/bin}" +#DATABASE_BASE_DIR="${DATABASE_BASE_DIR:-/data/db}" +#DEFAULT_DATA_DIR="${DEFAULT_DATA_DIR:-/usr/local/share/template-files/data}" +#DEFAULT_CONF_DIR="${DEFAULT_CONF_DIR:-/usr/local/share/template-files/config}" +#DEFAULT_TEMPLATE_DIR="${DEFAULT_TEMPLATE_DIR:-/usr/local/share/template-files/defaults}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# healthcheck +#HEALTH_ENABLED="${HEALTH_ENABLED:-$ENV_HEALTH_ENABLED}" +#HEALTH_URL="${HEALTH_URL:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# php settings +#PHP_VERSION="${PHP_VERSION//php/}" +#PHP_INI_DIR="${PHP_INI_DIR:-$(__find_php_ini)}" +#PHP_BIN_DIR="${PHP_BIN_DIR:-$(__find_php_bin)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# services/ports +#ENV_PORTS="${ENV_PORTS:-}" +#SERVICE_PORT="${SERVICE_PORT:-$PORT}" +#WEB_SERVER_PORTS="${WEB_SERVER_PORTS:-$ENV_WEB_SERVER_PORTS}" +#SERVICES_LIST="${PROCS_LIST:-$SERVICES_LIST} " +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# networing info +DOMAINNAME="${DOMAINNAME:-}" +HOSTNAME="${HOSTNAME:-casjaysdev-GEN_SCRIPT_REPLACE_APPNAME}" +FULL_DOMAIN_NAME="${FULL_DOMAIN_NAME:-${DOMAINNAME:-$HOSTNAME}}" +SERVER_ADMIN="${SERVER_ADMIN:-root@${EMAIL_DOMAIN:-${DOMAINNAME:-$FULL_DOMAIN_NAME}}}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +EMAIL_RELAY="${EMAIL_RELAY:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# get ip addresses +CONTAINER_IP4_ADDRESS="${CONTAINER_IP4_ADDRESS:-$(__get_ip4)}" +CONTAINER_IP6_ADDRESS="${CONTAINER_IP6_ADDRESS:-$(__get_ip6)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# cerbot +#CERT_BOT_MAIL="${CERT_BOT_MAIL:-}" +#CERTBOT_DOMAINS="${CERTBOT_DOMAINS:-}" +#CERT_BOT_ENABLED="${CERT_BOT_ENABLED:-false}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# ssl server settings +#SSL_ENABLED="${SSL_ENABLED:-false}" +#SSL_DIR="${SSL_DIR:-/config/ssl}" +#SSL_CA="${SSL_CA:-$SSL_DIR/ca.crt}" +#SSL_KEY="${SSL_KEY:-$SSL_DIR/server.key}" +#SSL_CERT="${SSL_CERT:-$SSL_DIR/server.crt}" +#SSL_CONTAINER_DIR="${SSL_CONTAINER_DIR:-/etc/ssl/CA}" +#COUNTRY="${COUNTRY:-US}" +#STATE="${STATE:-NY}" +#CITY="${CITY:-Albany}" +#UNIT="${UNIT:-CasjaysDev}" +#ORG="${ORG:-"Casjays Developments"}" +#DAYS_VALID="${DAYS_VALID:-3650}" +#RSA="${RSA:-4096}" +#CN="${CN:-$FULL_DOMAIN_NAME}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# web server configs +HTTPD_CONFIG_FILE="${HTTPD_CONFIG_FILE:-$(__find_httpd_conf)}" +NGINX_CONFIG_FILE="${NGINX_CONFIG_FILE:-$(__find_nginx_conf)}" +LIGHTTPD_CONFIG_FILE="${LIGHTTPD_CONFIG_FILE:-$(__find_lighttpd_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# redis env +DATABASE_DIR_REDIS="${DATABASE_DIR_REDIS:-$DATABASE_BASE_DIR/redis}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# postgresql env +DATABASE_DIR_PGSQL="${DATABASE_DIR_PGSQL:-$PGDATA}" +PGDATA="${DATABASE_DIR_PGSQL:-$DATABASE_BASE_DIR/postgres}" +POSTGRES_USER="${DATABASE_USER_ROOT:-$POSTGRES_USER}" +POSTGRES_PASSWORD="${DATABASE_PASS_ROOT:-$POSTGRES_PASSWORD}" +POSTGRES_CONFIG_FILE="${POSTGRES_CONFIG_FILE:-$(__find_pgsql_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# mariadb env +MARIADB_ROOT_HOST="${MARIADB_ROOT_HOST:-%}" +MARIADB_AUTO_UPGRADE="${MARIADB_AUTO_UPGRADE:-yes}" +MARIADB_DATABASE="${DATABASE_CREATE:-$MARIADB_DATABASE}" +MARIADB_USER="${DATABASE_USER_NORMAL:-$MARIADB_USER}" +MARIADB_PASSWORD="${DATABASE_PASS_NORMAL:-$MARIADB_PASSWORD}" +DATABASE_DIR_MARIADB="${DATABASE_DIR_MARIADB:-$DATABASE_BASE_DIR/mysql}" +MARIADB_ROOT_PASSWORD="${DATABASE_PASS_ROOT:-$MARIADB_ROOT_PASSWORD}" +MARIADB_ALLOW_EMPTY_ROOT_PASSWORD="${MARIADB_ALLOW_EMPTY_ROOT_PASSWORD:-}" +MARIADB_INITDB_SKIP_TZINFO="${MARIADB_INITDB_SKIP_TZINFO}:-" +MARIADB_RANDOM_ROOT_PASSWORD="${MARIADB_RANDOM_ROOT_PASSWORD:-}" +MARIADB_CONFIG_FILE="${MARIADB_CONFIG_FILE:-$(__find_mysql_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# mongodb env +INITDB_ROOT_USERNAME="${DATABASE_USER_ROOT:-$INITDB_ROOT_USERNAME}" +DATABASE_DIR_MONGODB="${DATABASE_DIR_MONGODB:-$DATABASE_BASE_DIR/mongodb}" +MONGO_INITDB_ROOT_PASSWORD="${DATABASE_PASS_ROOT:-$MONGO_INITDB_ROOT_PASSWORD}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# couchdb env +NODENAME="${NODENAME:-}" +COUCHDB_USER="${DATABASE_USER_ROOT:-$COUCHDB_USER}" +COUCHDB_PASSWORD="${DATABASE_PASS_ROOT:-$COUCHDB_PASSWORD}" +DATABASE_DIR_COUCHDB="${DATABASE_DIR_COUCHDB:-$DATABASE_BASE_DIR/couchdb}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Supabase +DATABASE_DIR_SUPABASE="${DATABASE_DIR_SUPABASE:-$DATABASE_BASE_DIR/supabase}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# docker env +DOCKER_HOST="unix://var/run/docker.sock" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# File locations +ENTRYPOINT_PID_FILE="${ENTRYPOINT_PID_FILE:-/run/init.d/entrypoint.pid}" +ENTRYPOINT_INIT_FILE="${ENTRYPOINT_INIT_FILE:-/config/.entrypoint.done}" +ENTRYPOINT_DATA_INIT_FILE="${ENTRYPOINT_DATA_INIT_FILE:-/data/.docker_has_run}" +ENTRYPOINT_CONFIG_INIT_FILE="${ENTRYPOINT_CONFIG_INIT_FILE:-/config/.docker_has_run}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Startup variables +INIT_DATE="${INIT_DATE:-$(date)}" +START_SERVICES="${START_SERVICES:-yes}" +ENTRYPOINT_MESSAGE="${ENTRYPOINT_MESSAGE:-yes}" +ENTRYPOINT_FIRST_RUN="${ENTRYPOINT_FIRST_RUN:-yes}" +DATA_DIR_INITIALIZED="${DATA_DIR_INITIALIZED:-false}" +CONFIG_DIR_INITIALIZED="${CONFIG_DIR_INITIALIZED:-false}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +if [ -f "$ENTRYPOINT_PID_FILE" ] || [ -f "$ENTRYPOINT_INIT_FILE" ]; then + START_SERVICES="no" ENTRYPOINT_MESSAGE="no" ENTRYPOINT_FIRST_RUN="no" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/00-directory.sh b/rootfs/usr/local/share/template-files/config/env/examples/00-directory.sh new file mode 100644 index 0000000..b41c7b7 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/00-directory.sh @@ -0,0 +1,10 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# directory settings +WWW_ROOT_DIR="${ENV_WWW_ROOT_DIR:-${WWW_ROOT_DIR}}" +BACKUP_DIR="${ENV_BACKUP_DIR:-${BACKUP_DIR:-/data/backups}}" +LOCAL_BIN_DIR="${ENV_LOCAL_BIN_DIR:-${LOCAL_BIN_DIR:-/usr/local/bin}}" +DATABASE_BASE_DIR="${ENV_DATABASE_BASE_DIR:-${DATABASE_BASE_DIR:-/data/db}}" +DEFAULT_DATA_DIR="${ENV_DEFAULT_DATA_DIR:-${DEFAULT_DATA_DIR:-/usr/local/share/template-files/data}}" +DEFAULT_CONF_DIR="${ENV_DEFAULT_CONF_DIR:-${DEFAULT_CONF_DIR:-/usr/local/share/template-files/config}}" +DEFAULT_TEMPLATE_DIR="${ENV_DEFAULT_TEMPLATE_DIR:-${EDEFAULT_TEMPLATE_DIR:-/usr/local/share/template-files/defaults}}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/addresses.sh b/rootfs/usr/local/share/template-files/config/env/examples/addresses.sh new file mode 100644 index 0000000..695428c --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/addresses.sh @@ -0,0 +1,5 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# get ip addresses +CONTAINER_IP4_ADDRESS="${CONTAINER_IP4_ADDRESS:-$(__get_ip4)}" +CONTAINER_IP6_ADDRESS="${CONTAINER_IP6_ADDRESS:-$(__get_ip6)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/certbot.sh b/rootfs/usr/local/share/template-files/config/env/examples/certbot.sh new file mode 100644 index 0000000..9f52b28 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/certbot.sh @@ -0,0 +1,6 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# cerbot +CERT_BOT_MAIL="${ENV_CERT_BOT_MAIL:-$CERT_BOT_MAIL}" +CERTBOT_DOMAINS="${ENV_CERTBOT_DOMAINS:-$CERTBOT_DOMAINS}" +CERT_BOT_ENABLED="${ENV_CERT_BOT_ENABLED:-${CERT_BOT_ENABLED:-false}}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/couchdb.sh b/rootfs/usr/local/share/template-files/config/env/examples/couchdb.sh new file mode 100644 index 0000000..4a7fb91 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/couchdb.sh @@ -0,0 +1,7 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# couchdb env +COUCHDB_NODENAME="${ENV_COUCHDB_NODENAME:-${COUCHDB_NODENAME:-$NODENAME}}" +COUCHDB_USER="${ENV_COUCHDB_USER:-${COUCHDB_USER:-$DATABASE_USER_ROOT}}" +COUCHDB_PASSWORD="${ENV_COUCHDB_PASSWORD:-${COUCHDB_PASSWORD:-$DATABASE_PASS_ROOT}}" +DATABASE_DIR_COUCHDB="${ENV_DATABASE_DIR_COUCHDB:-${DATABASE_DIR_COUCHDB:-/data/db/couchdb}}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/dockerd.sh b/rootfs/usr/local/share/template-files/config/env/examples/dockerd.sh new file mode 100644 index 0000000..a93d690 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/dockerd.sh @@ -0,0 +1,4 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# docker env +DOCKER_HOST="${DOCKER_HOST:-unix://var/run/docker.sock}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/global.sh b/rootfs/usr/local/share/template-files/config/env/examples/global.sh new file mode 100644 index 0000000..fece9c8 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/global.sh @@ -0,0 +1,13 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# GLOBAL enviroment variables +USER="${USER:-root}" +LANG="${LANG:-C.UTF-8}" +TZ="${TZ:-America/New_York}" +ENV_PORTS="${ENV_PORTS//\/*/}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# How to set permissions +SERVICE_USER="${SERVICE_USER:-}" +SERVICE_GROUP="${SERVICE_GROUP:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +SERVICE_UID="${SERVICE_UID:-}" # set the user id +SERVICE_GID="${SERVICE_GID:-}" # set the group id diff --git a/rootfs/usr/local/share/template-files/config/env/examples/healthcheck.sh b/rootfs/usr/local/share/template-files/config/env/examples/healthcheck.sh new file mode 100644 index 0000000..0dd7d39 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/healthcheck.sh @@ -0,0 +1,5 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# healthcheck +HEALTH_ENABLED="${HEALTH_ENABLED:-}" +HEALTH_URL="${HEALTH_URL:-}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/mariadb.sh b/rootfs/usr/local/share/template-files/config/env/examples/mariadb.sh new file mode 100644 index 0000000..223fce3 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/mariadb.sh @@ -0,0 +1,14 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# mariadb env +MARIADB_ROOT_HOST="${MARIADB_ROOT_HOST:-%}" +MARIADB_AUTO_UPGRADE="${MARIADB_AUTO_UPGRADE:-yes}" +MARIADB_DATABASE="${MARIADB_DATABASE:-$DATABASE_CREATE}" +MARIADB_USER="${MARIADB_USER:-$DATABASE_USER_NORMAL}" +MARIADB_PASSWORD="${MARIADB_PASSWORD:-$DATABASE_PASS_NORMAL}" +DATABASE_DIR_MARIADB="${DATABASE_DIR_MARIADB:-/data/db/mariadb}" +MARIADB_ROOT_PASSWORD="${MARIADB_ROOT_PASSWORD:-$DATABASE_PASS_ROOT}" +MARIADB_ALLOW_EMPTY_ROOT_PASSWORD="${MARIADB_ALLOW_EMPTY_ROOT_PASSWORD:-}" +MARIADB_INITDB_SKIP_TZINFO="${MARIADB_INITDB_SKIP_TZINFO}:-" +MARIADB_RANDOM_ROOT_PASSWORD="${MARIADB_RANDOM_ROOT_PASSWORD:-}" +MARIADB_CONFIG_FILE="${MARIADB_CONFIG_FILE:-$(__find_mysql_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/mongodb.sh b/rootfs/usr/local/share/template-files/config/env/examples/mongodb.sh new file mode 100644 index 0000000..8e014de --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/mongodb.sh @@ -0,0 +1,20 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# mongodb env +DATABASE_DIR_MONGODB="${DATABASE_DIR_MONGODB:-/data/db/mongodb}" +INITDB_ROOT_USERNAME="${DATABASE_USER_ROOT:-$INITDB_ROOT_USERNAME}" +MONGO_INITDB_ROOT_PASSWORD="${DATABASE_PASS_ROOT:-$MONGO_INITDB_ROOT_PASSWORD}" +ME_CONFIG_EDITORTHEME="${ME_CONFIG_EDITORTHEME:-dracula}" +ME_CONFIG_MONGODB_URL="${ME_CONFIG_MONGODB_URL:-mongodb://127.0.0.1:27017}" +ME_CONFIG_MONGODB_ENABLE_ADMIN="${ME_CONFIG_MONGODB_ENABLE_ADMIN:-true}" +ME_CONFIG_BASICAUTH_USERNAME="${ME_CONFIG_BASICAUTH_USERNAME:-}" +ME_CONFIG_BASICAUTH_PASSWORD="${ME_CONFIG_BASICAUTH_PASSWORD:-}" +ME_CONFIG_BASICAUTH_USERNAME_FILE="${ME_CONFIG_BASICAUTH_USERNAME_FILE:-}" +ME_CONFIG_BASICAUTH_PASSWORD_FILE="${ME_CONFIG_BASICAUTH_PASSWORD_FILE:-}" +ME_CONFIG_MONGODB_ADMINUSERNAME_FILE="${ME_CONFIG_MONGODB_ADMINUSERNAME_FILE:-}" +ME_CONFIG_MONGODB_ADMINPASSWORD_FILE="${ME_CONFIG_MONGODB_ADMINPASSWORD_FILE:-}" +ME_CONFIG_MONGODB_AUTH_USERNAME_FILE="${ME_CONFIG_MONGODB_AUTH_USERNAME_FILE:-}" +ME_CONFIG_MONGODB_AUTH_PASSWORD_FILE="${ME_CONFIG_MONGODB_AUTH_PASSWORD_FILE:-}" +ME_CONFIG_MONGODB_CA_FILE="${ME_CONFIG_MONGODB_CA_FILE:-}" +VCAP_APP_HOST="${VCAP_APP_HOST:-0.0.0.0}" +VCAP_APP_PORT="${VCAP_APP_PORT:-19054}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/networking.sh b/rootfs/usr/local/share/template-files/config/env/examples/networking.sh new file mode 100644 index 0000000..3af24bb --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/networking.sh @@ -0,0 +1,9 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# networing info +DOMAINNAME="${DOMAINNAME:-}" +EMAIL_RELAY="${EMAIL_RELAY:-}" +HOSTNAME="${HOSTNAME:-casjaysdev-GEN_SCRIPT_REPLACE_APPNAME}" +EMAIL_DOMAIN="${EMAIL_DOMAIN:-${DOMAINNAME:-$HOSTNAME}}" +FULL_DOMAIN_NAME="${FULL_DOMAIN_NAME:-${DOMAINNAME:-$HOSTNAME}}" +SERVER_ADMIN="${SERVER_ADMIN:-root@${EMAIL_DOMAIN:-$FULL_DOMAIN_NAME}}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/other.sh b/rootfs/usr/local/share/template-files/config/env/examples/other.sh new file mode 100644 index 0000000..1a59689 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/other.sh @@ -0,0 +1,4 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# other + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/php.sh b/rootfs/usr/local/share/template-files/config/env/examples/php.sh new file mode 100644 index 0000000..a005543 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/php.sh @@ -0,0 +1,6 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# php settings +PHP_VERSION="${PHP_VERSION//php/}" +PHP_INI_DIR="${PHP_INI_DIR:-$(__find_php_ini)}" +PHP_BIN_DIR="${PHP_BIN_DIR:-$(__find_php_bin)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/postgres.sh b/rootfs/usr/local/share/template-files/config/env/examples/postgres.sh new file mode 100644 index 0000000..348b4bf --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/postgres.sh @@ -0,0 +1,8 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# postgresql env +PGDATA="${DATABASE_DIR_PGSQL:-$PGDATA}" +DATABASE_DIR_PGSQL="${DATABASE_DIR_PGSQL:-/data/db/postgres}" +POSTGRES_USER="${DATABASE_USER_ROOT:-$POSTGRES_USER}" +POSTGRES_PASSWORD="${DATABASE_PASS_ROOT:-$POSTGRES_PASSWORD}" +POSTGRES_CONFIG_FILE="${POSTGRES_CONFIG_FILE:-$(__find_pgsql_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/redis.sh b/rootfs/usr/local/share/template-files/config/env/examples/redis.sh new file mode 100644 index 0000000..805a14d --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/redis.sh @@ -0,0 +1,4 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# redis env +DATABASE_DIR_REDIS="${DATABASE_DIR_REDIS:-/data/db/redis}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/services.sh b/rootfs/usr/local/share/template-files/config/env/examples/services.sh new file mode 100644 index 0000000..e330031 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/services.sh @@ -0,0 +1,7 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# services/ports +ENV_PORTS="${ENV_PORTS:-}" +SERVICE_PORT="${SERVICE_PORT:-$PORT}" +WEB_SERVER_PORTS="${WEB_SERVER_PORTS:-}" +SERVICES_LIST="${PROCS_LIST:-$SERVICES_LIST} " +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/ssl.sh b/rootfs/usr/local/share/template-files/config/env/examples/ssl.sh new file mode 100644 index 0000000..78b1686 --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/ssl.sh @@ -0,0 +1,19 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# ssl server settings +SSL_ENABLED="${SSL_ENABLED:-false}" +SSL_DIR="${SSL_CONTAINER_DIR:-/config/ssl}" +SSL_DIR="${SSL_DIR:-$SSL_DIR}" +SSL_CA="${SSL_CA:-$SSL_DIR/ca.crt}" +SSL_KEY="${SSL_KEY:-$SSL_DIR/server.key}" +SSL_CERT="${SSL_CERT:-$SSL_DIR/server.crt}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# certificate settings +RSA="${RSA:-4096}" +STATE="${STATE:-NY}" +CITY="${CITY:-Albany}" +COUNTRY="${COUNTRY:-US}" +UNIT="${UNIT:-CasjaysDev}" +ORG="${ORG:-"Casjays Developments"}" +DAYS_VALID="${DAYS_VALID:-3650}" +CN="${CN:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/supabase.sh b/rootfs/usr/local/share/template-files/config/env/examples/supabase.sh new file mode 100644 index 0000000..f25a9ca --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/supabase.sh @@ -0,0 +1,4 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Supabase +DATABASE_DIR_SUPABASE="${DATABASE_DIR_SUPABASE:-/data/db/supabase}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/webservers.sh b/rootfs/usr/local/share/template-files/config/env/examples/webservers.sh new file mode 100644 index 0000000..15ba1af --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/webservers.sh @@ -0,0 +1,8 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# web server configs +HTTPD_CONFIG_FILE="${HTTPD_CONFIG_FILE:-$(__find_httpd_conf)}" +NGINX_CONFIG_FILE="${NGINX_CONFIG_FILE:-$(__find_nginx_conf)}" +CADDY_CONFIG_FILE="${CHEROKEE_CONFIG_FILE:-$(__find_caddy_conf)}" +LIGHTTPD_CONFIG_FILE="${LIGHTTPD_CONFIG_FILE:-$(__find_lighttpd_conf)}" +CHEROKEE_CONFIG_FILE="${CHEROKEE_CONFIG_FILE:-$(__find_cherokee_conf)}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/config/env/examples/zz-entrypoint.sh b/rootfs/usr/local/share/template-files/config/env/examples/zz-entrypoint.sh new file mode 100644 index 0000000..cc9505b --- /dev/null +++ b/rootfs/usr/local/share/template-files/config/env/examples/zz-entrypoint.sh @@ -0,0 +1,21 @@ +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# File locations +ENTRYPOINT_PID_FILE="${ENTRYPOINT_PID_FILE:-/run/init.d/entrypoint.pid}" +ENTRYPOINT_INIT_FILE="${ENTRYPOINT_INIT_FILE:-/config/.entrypoint.done}" +ENTRYPOINT_DATA_INIT_FILE="${ENTRYPOINT_DATA_INIT_FILE:-/data/.docker_has_run}" +ENTRYPOINT_CONFIG_INIT_FILE="${ENTRYPOINT_CONFIG_INIT_FILE:-/config/.docker_has_run}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Startup variables +INIT_DATE="${INIT_DATE:-$(date)}" +START_SERVICES="${START_SERVICES:-yes}" +ENTRYPOINT_MESSAGE="${ENTRYPOINT_MESSAGE:-yes}" +ENTRYPOINT_FIRST_RUN="${ENTRYPOINT_FIRST_RUN:-yes}" +DATA_DIR_INITIALIZED="${DATA_DIR_INITIALIZED:-false}" +CONFIG_DIR_INITIALIZED="${CONFIG_DIR_INITIALIZED:-false}" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Check if this is a new container +[ -f "$ENTRYPOINT_PID_FILE" ] && START_SERVICES="no" +[ -f "$ENTRYPOINT_CONFIG_INIT_FILE" ] && ENTRYPOINT_FIRST_RUN="no" +[ -f "$ENTRYPOINT_DATA_INIT_FILE" ] && DATA_DIR_INITIALIZED="true" +[ -f "$ENTRYPOINT_CONFIG_INIT_FILE" ] && CONFIG_DIR_INITIALIZED="true" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/rootfs/usr/local/share/template-files/data/.gitkeep b/rootfs/usr/local/share/template-files/data/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/rootfs/usr/local/share/template-files/defaults/.gitkeep b/rootfs/usr/local/share/template-files/defaults/.gitkeep new file mode 100644 index 0000000..e69de29