casjaysdevdocker/tools
1
0
Fork 0
mirror of https://github.com/casjaysdevdocker/tools synced 2025-01-18 00:34:25 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

🗃️ Committing everything that changed 🗃️

Browse Source 
applications/php/scripts/packages.sh
applications/postgres/scripts/install.sh
applications/redis/config/
applications/redis/scripts/commands.sh
configs/nginx/nginx.conf
configs/nginx/nginx.ssl.conf
configs/nginx/vhosts.d/default.conf
configs/nginx/vhosts.d/default.conf.sample
configs/nginx/vhosts.d/default.ssl.conf
configs/nginx/vhosts.d/default.ssl.sample
configs/phppgadmin/
configs/postgres/
init/
wwwroot/404.html
wwwroot/cgi-bin/
wwwroot/css/
wwwroot/favicon.ico
wwwroot/health/
wwwroot/images/
wwwroot/index.php
wwwroot/info.php
wwwroot/js/
wwwroot/robots.txt
wwwroot/site.webmanifest
wwwroot/www/404.html
wwwroot/www/cgi-bin/env.cgi
wwwroot/www/cgi-bin/env.php
wwwroot/www/cgi-bin/env.pl
wwwroot/www/cgi-bin/env.py
wwwroot/www/cgi-bin/env.rb
wwwroot/www/cgi-bin/printenv
wwwroot/www/cgi-bin/printenv.vbs
wwwroot/www/cgi-bin/printenv.wsf
wwwroot/www/cgi-bin/test-cgi
wwwroot/www/css/bootstrap.css
wwwroot/www/css/bootstrap.min.css
wwwroot/www/css/bs.plain.css
wwwroot/www/css/cookieconsent.css
wwwroot/www/css/errorpages.css
wwwroot/www/css/index.css
wwwroot/www/favicon.ico
wwwroot/www/health/health/index.json
wwwroot/www/health/health/index.txt
wwwroot/www/health/index.json
wwwroot/www/health/index.txt
wwwroot/www/images/403.png
wwwroot/www/images/404.gif
wwwroot/www/images/bg.png
wwwroot/www/images/favicon.ico
wwwroot/www/images/icon.png
wwwroot/www/images/icon.svg
wwwroot/www/index.php
wwwroot/www/info.php
wwwroot/www/js/app.js
wwwroot/www/js/bootstrap.min.js
wwwroot/www/js/errorpages/homepage.js
wwwroot/www/js/errorpages/isup.js
wwwroot/www/js/errorpages/loaddomain.js
wwwroot/www/js/errorpages/scale.fix.js
wwwroot/www/js/jquery/default.js
wwwroot/www/js/passprotect.min.js
wwwroot/www/robots.txt
wwwroot/www/site.webmanifest
This commit is contained in:
casjay 2023-08-23 02:19:52 -04:00
parent dc77cc27c4
commit 4ed0909028
Signed by untrusted user who does not match committer: jason
GPG Key ID: 1AB309F42A764145
55 changed files with 3075 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
applications/php/scripts/packages.sh
View File

@ -1,4 +1,4 @@
${PHP_VERSION}-bcmath ${PHP_VERSION}-bz2 ${PHP_VERSION}-calendar ${PHP_VERSION}-cgi ${PHP_VERSION}-common ${PHP_VERSION}-ctype \
composer ${PHP_VERSION}-bcmath ${PHP_VERSION}-bz2 ${PHP_VERSION}-calendar ${PHP_VERSION}-cgi ${PHP_VERSION}-common ${PHP_VERSION}-ctype \
${PHP_VERSION}-curl ${PHP_VERSION}-dba ${PHP_VERSION}-dev ${PHP_VERSION}-doc ${PHP_VERSION}-dom ${PHP_VERSION}-embed ${PHP_VERSION}-enchant ${PHP_VERSION}-exif ${PHP_VERSION}-ffi \
${PHP_VERSION}-fileinfo ${PHP_VERSION}-fpm ${PHP_VERSION}-ftp ${PHP_VERSION}-gd ${PHP_VERSION}-gettext ${PHP_VERSION}-gmp ${PHP_VERSION}-iconv ${PHP_VERSION}-imap ${PHP_VERSION}-intl \
${PHP_VERSION}-ldap ${PHP_VERSION}-litespeed ${PHP_VERSION}-mbstring ${PHP_VERSION}-mysqli ${PHP_VERSION}-mysqlnd ${PHP_VERSION}-odbc ${PHP_VERSION}-opcache ${PHP_VERSION}-openssl \

9
applications/postgres/scripts/install.sh
View File

@ -1,9 +1,4 @@
mkdir -p "/etc/phppgadmin"
[ -e "/etc/php" ] && rm -Rf "/etc/php"
[ -d "/etc/apache2/conf.d" ] && rm -Rf "/etc/apache2/conf.d"/*
[ -d "/tmp/etc/php" ] && mv -f "/tmp/etc/php" "/tmp/etc/${PHP_VERSION}"
[ -d "/etc/${PHP_VERSION}" ] && ln -sf "/etc/${PHP_VERSION}" "/etc/php"
git clone -q --depth 1 "https://github.com/phppgadmin/phppgadmin" "${WWW_ROOT_DIR}}"
cp -Rf "/tmp/etc/." "/etc/"
mkdir -p "/etc/phppgadmin" "${WWW_ROOT_DIR}"
git clone -q --depth 1 "https://github.com/phppgadmin/phppgadmin" "${WWW_ROOT_DIR}"
cp -Rf "/usr/local/share/template-files/config/phppgadmin/config.php" "/etc/phppgadmin/config.php"
ln -sf "/etc/phppgadmin/config.php" "${WWW_ROOT_DIR}}/conf/config.inc.php"

8
applications/redis/config/redis/redis.conf Normal file
View File

@ -0,0 +1,8 @@
# Redis conf file
port 6379
unixsocket /run/redis.sock
unixsocketperm 770
daemonize no
pidfile /tmp/redis.pid
dir REPLACE_DATABASE_DIR
save 3600 1 300 100 60 10000

14
applications/redis/scripts/commands.sh
View File

@ -0,0 +1,14 @@
SERVICE_PORT="6379"
EXEC_CMD_BIN="redis-server" # command to execute
EXEC_CMD_ARGS="$ETC_DIR/redis.conf" # command arguments
sysctl vm.overcommit_memory=1
echo madvise >/sys/kernel/mm/transparent_hugepage/enabled
if [ -n "$root_user_name" ] && [ -n "$root_user_pass" ]; then
if ! grep -qs "$root_user_name" "$ETC_DIR/redis.conf"; then
echo 'user '$root_user_name' on +@all ~* >'$root_user_pass'' >>"$ETC_DIR/redis.conf"
fi
fi
grep -qs 'redis' /etc/passwd && chown -Rf redis. "$ETC_DIR" "$LOG_DIR" "$DATABASE_DIR"

123
configs/nginx/nginx.conf
View File

@ -12,43 +12,67 @@ events {
http {
include /etc/nginx/mime.types;
default_type "text/html";
access_log /data/logs/nginx/access.default.log;
access_log /data/logs/nginx/access.REPLACE_SERVER_NAME.log;
sendfile on;
keepalive_timeout 65;
gzip on;
map $http_upgrade $connection_upgrade { default upgrade; '' close; }
disable_symlinks off;
root REPLACE_SERVER_WWW_DIR;
server {
listen REPLACE_SERVER_PORT default_server;
listen REPLACE_SERVER_PORT;
server_name REPLACE_SERVER_NAME;
root REPLACE_SERVER_WWW_DIR;
index index.php index.html index.cgi index.pl index.aspx index.txt index.json index.unknown.php index.default.php;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-src 'self' *; object-src 'self'" always;
proxy_intercept_errors off;
location = /favicon.ico {
alias /usr/local/share/wwwroot/favicon.ico;
log_not_found off;
access_log off;
}
location = /robots.txt {
alias /usr/local/share/wwwroot/robots.txt;
allow all;
log_not_found off;
access_log off;
}
location ^~ /.well-known {
default_type "text/plain";
root /usr/local/share/wwwroot/.well-known;
}
location ^~ /health {
default_type "text/plain";
allow all;
access_log off;
root /usr/local/share/wwwroot/health;
}
location ^~ /health/txt {
default_type application/json;
allow all;
access_log off;
return 200 'ok';
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location /health {
default_type text/html;
allow all;
access_log off;
return 200 'OK';
}
location /health/json {
location ^~ /health/json {
default_type application/json;
allow all;
access_log off;
return 200 '{"status":"OK"}';
}
location /health/status {
location ^~ /health/status {
stub_status;
}
@ -57,12 +81,55 @@ http {
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_param HTTP_PROXY "";
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTP_PROXY "";
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REQUEST_SCHEME $scheme;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
}
# location /cgi-bin {
# root /usr/local/share/wwwroot/cgi-bin;
# gzip off;
# fastcgi_pass unix:/var/run/fcgiwrap.socket;
# fastcgi_param HTTP_PROXY "";
# fastcgi_param GATEWAY_INTERFACE CGI/1.1;
# fastcgi_param SERVER_SOFTWARE nginx;
# fastcgi_param QUERY_STRING $query_string;
# fastcgi_param REQUEST_METHOD $request_method;
# fastcgi_param CONTENT_TYPE $content_type;
# fastcgi_param CONTENT_LENGTH $content_length;
# fastcgi_param SCRIPT_NAME $fastcgi_script_name;
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# fastcgi_param REQUEST_URI $request_uri;
# fastcgi_param DOCUMENT_URI $document_uri;
# fastcgi_param DOCUMENT_ROOT $document_root;
# fastcgi_param SERVER_PROTOCOL $server_protocol;
# fastcgi_param REMOTE_ADDR $remote_addr;
# fastcgi_param REMOTE_PORT $remote_port;
# fastcgi_param SERVER_ADDR $server_addr;
# fastcgi_param SERVER_PORT $server_port;
# fastcgi_param SERVER_NAME $server_name;
# }
}
include /etc/nginx/vhosts.d/*.conf;
}

131
configs/nginx/nginx.ssl.conf Normal file
View File

@ -0,0 +1,131 @@
# Default nginx configuration
user root;
worker_processes auto;
daemon off;
error_log /data/logs/nginx/nginx.log warn;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type "text/html";
access_log /data/logs/nginx/access.default.log;
sendfile on;
keepalive_timeout 65;
gzip on;
map $http_upgrade $connection_upgrade { default upgrade; '' close; }
disable_symlinks off;
root REPLACE_SERVER_WWW_DIR;
server {
listen REPLACE_SERVER_PORT;
server_name REPLACE_SERVER_NAME;
root REPLACE_SERVER_WWW_DIR;
index index.php index.cgi index.pl index.aspx index.txt index.json index.html index.unknown.php index.default.php;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-src 'self' *; object-src 'self'" always;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
ssl_certificate /etc/ssl/localhost.crt;
ssl_certificate_key /etc/ssl/localhost.key;
proxy_intercept_errors off;
location ^~ /.well-known {
default_type "text/plain";
root REPLACE_SERVER_WWW_DIR/.well-known;
}
location ^~ = /favicon.ico {
log_not_found off;
access_log off;
}
location ^~ = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ^~ /health {
default_type text/html;
allow all;
access_log off;
return 200 'OK';
}
location ^~ /health/json {
default_type application/json;
allow all;
access_log off;
return 200 '{"status":"OK"}';
}
location ^~ /health/status {
stub_status;
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_param HTTP_PROXY "";
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REQUEST_SCHEME $scheme;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
}
# location /cgi-bin {
# root /usr/local/share/wwwroot/cgi-bin;
# gzip off;
# fastcgi_pass unix:/var/run/fcgiwrap.socket;
# fastcgi_param HTTP_PROXY "";
# fastcgi_param GATEWAY_INTERFACE CGI/1.1;
# fastcgi_param SERVER_SOFTWARE nginx;
# fastcgi_param QUERY_STRING $query_string;
# fastcgi_param REQUEST_METHOD $request_method;
# fastcgi_param CONTENT_TYPE $content_type;
# fastcgi_param CONTENT_LENGTH $content_length;
# fastcgi_param SCRIPT_NAME $fastcgi_script_name;
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# fastcgi_param REQUEST_URI $request_uri;
# fastcgi_param DOCUMENT_URI $document_uri;
# fastcgi_param DOCUMENT_ROOT $document_root;
# fastcgi_param SERVER_PROTOCOL $server_protocol;
# fastcgi_param REMOTE_ADDR $remote_addr;
# fastcgi_param REMOTE_PORT $remote_port;
# fastcgi_param SERVER_ADDR $server_addr;
# fastcgi_param SERVER_PORT $server_port;
# fastcgi_param SERVER_NAME $server_name;
# }
}
include /etc/nginx/vhosts.d/*.conf;
}

4
configs/nginx/vhosts.d/default.conf → configs/nginx/vhosts.d/default.conf.sample
View File

@ -1,8 +1,8 @@
server {
listen REPLACE_SERVER_PORT;
server_name REPLACE_SERVER_NAME;
root REPLACE_SERVER_DIR;
index index.php index.cgi index.pl index.aspx awstats.pl index.txt index.json index.html index.unknown.php index.default.php;
root REPLACE_SERVER_WWW_DIR;
index index.php index.cgi index.pl index.aspx index.txt index.json index.html index.unknown.php index.default.php;
proxy_intercept_errors off;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;

4
configs/nginx/vhosts.d/default.ssl.conf → configs/nginx/vhosts.d/default.ssl.sample
View File

@ -1,7 +1,7 @@
server {
listen REPLACE_SERVER_PORT ssl http2 default_server;
listen ssl http2 REPLACE_SERVER_PORT;
server_name REPLACE_SERVER_NAME;
root REPLACE_SERVER_DIR;
root REPLACE_SERVER_WWW_DIR;
index index.php index.cgi index.pl index.aspx awstats.pl index.txt index.json index.html index.unknown.php index.default.php;
proxy_intercept_errors off;
add_header X-Frame-Options "SAMEORIGIN" always;

52
configs/phppgadmin/config.php Normal file
View File

@ -0,0 +1,52 @@
<?php
$conf['servers'][1]['desc'] = 'local';
$conf['servers'][1]['host'] = '127.0.0.1';
$conf['servers'][1]['port'] = 5432;
$conf['servers'][1]['sslmode'] = 'allow';
$conf['servers'][1]['defaultdb'] = 'postgres';
$conf['servers'][1]['pg_dump_path'] = '/usr/bin/pg_dump';
$conf['servers'][1]['pg_dumpall_path'] = '/usr/bin/pg_dumpall';
// $conf['servers'][0]['desc'] = '';
// $conf['servers'][0]['host'] = '';
// $conf['servers'][0]['port'] = 5432;
// $conf['servers'][0]['sslmode'] = 'allow';
// $conf['servers'][0]['defaultdb'] = 'postgres';
// $conf['servers'][0]['pg_dump_path'] = '/usr/bin/pg_dump';
// $conf['servers'][0]['pg_dumpall_path'] = '/usr/bin/pg_dumpall';
//$conf['srv_groups'][0]['desc'] = 'group one';
//$conf['srv_groups'][0]['servers'] = '0,1,2';
//$conf['srv_groups'][1]['desc'] = 'group two';
//$conf['srv_groups'][1]['servers'] = '3,1';
//$conf['srv_groups'][2]['desc'] = 'group three';
//$conf['srv_groups'][2]['servers'] = '4';
//$conf['srv_groups'][2]['parents'] = '0,1';
//$conf['servers'][0]['theme']['default'] = 'default';
//$conf['servers'][0]['theme']['user']['specific_user'] = 'default';
//$conf['servers'][0]['theme']['db']['specific_db'] = 'default';
$conf['default_lang'] = 'auto';
$conf['autocomplete'] = 'default on';
$conf['extra_login_security'] = false;
$conf['owned_only'] = true;
$conf['show_comments'] = true;
$conf['show_advanced'] = false;
$conf['show_system'] = false;
$conf['min_password_length'] = 8;
$conf['left_width'] = 200;
$conf['theme'] = 'default';
$conf['show_oids'] = false;
$conf['max_rows'] = 30;
$conf['max_chars'] = 50;
$conf['use_xhtml_strict'] = false;
$conf['help_base'] = 'http://www.postgresql.org/docs/%s/interactive/';
$conf['ajax_refresh'] = 3;
$conf['plugins'] = array();
/*****************************************
* Don't modify anything below this line *
*****************************************/
$conf['version'] = 19;
?>

9
configs/postgres/pg_hba.conf Normal file
View File

@ -0,0 +1,9 @@
# ===================================================
# PostgreSQL Client Authentication Configuration File
# ===================================================
# TYPE DATABASE USER ADDRESS METHOD
local all postgres peer
local all all trust
local all all md5
host all all 0.0.0.0/0 md5
host all all ::/0 md5

263
configs/postgres/postgresql.conf Normal file
View File

@ -0,0 +1,263 @@
# -----------------------------
# CasjaysDev PostgreSQL configuration file
# -----------------------------
#
#------------------------------------------------------------------------------
# FILE LOCATIONS
#------------------------------------------------------------------------------
data_directory = 'REPLACE_DATABASE_DIR'
#hba_file = 'ConfigDir/pg_hba.conf'
#ident_file = 'ConfigDir/pg_ident.conf'
#external_pid_file = ''
#------------------------------------------------------------------------------
# CONNECTIONS AND AUTHENTICATION
#------------------------------------------------------------------------------
listen_addresses = '*'
port = 5432
max_connections = 100
unix_socket_directories = '/var/run/postgresql, /tmp'
#unix_socket_group = ''
unix_socket_permissions = 0777
#bonjour = off
#bonjour_name = ''
#authentication_timeout = 1min
#password_encryption = on
#db_user_namespace = off
#krb_server_keyfile = ''
#krb_srvname = 'postgres'
#krb_caseins_users = off
#tcp_keepalives_idle = 0
#tcp_keepalives_interval = 0
#tcp_keepalives_count = 0
#------------------------------------------------------------------------------
# SSL configuration
#------------------------------------------------------------------------------
ssl = off
ssl_ca_file = '/etc/ssl/ca.crt'
ssl_key_file = '/etc/ssl/localhost.key'
ssl_cert_file = '/etc/ssl/localhost.crt'
ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers
ssl_prefer_server_ciphers = on
ssl_ecdh_curve = 'prime256v1'
ssl_min_protocol_version = 'TLSv1.2'
#ssl_max_protocol_version = ''
#ssl_dh_params_file = ''
#ssl_passphrase_command = ''
#ssl_passphrase_command_supports_reload = off
#------------------------------------------------------------------------------
# RESOURCE USAGE (except WAL)
#------------------------------------------------------------------------------
shared_buffers = 32MB
#temp_buffers = 8MB
#work_mem = 1MB
#maintenance_work_mem = 16MB
#max_stack_depth = 2MB
#temp_file_limit = -1
#max_files_per_process = 1000
#shared_preload_libraries = ''
#vacuum_cost_delay = 0ms
#vacuum_cost_page_hit = 1
#vacuum_cost_page_miss = 10
#vacuum_cost_page_dirty = 20
#vacuum_cost_limit = 200
#bgwriter_delay = 200ms
#bgwriter_lru_maxpages = 100
#bgwriter_lru_multiplier = 2.0
#effective_io_concurrency = 1
#------------------------------------------------------------------------------
# WRITE AHEAD LOG
#wal_level = minimal
#fsync = on
#synchronous_commit = on
#wal_sync_method = fsync
#full_page_writes = on
#wal_buffers = -1
#wal_writer_delay = 200ms
#commit_delay = 0
#commit_siblings = 5
#checkpoint_segments = 3
#checkpoint_timeout = 5min
#checkpoint_completion_target = 0.5
#checkpoint_warning = 30s
#archive_mode = off
#archive_command = ''
#archive_timeout = 0
#------------------------------------------------------------------------------
# REPLICATION
#------------------------------------------------------------------------------
#max_wal_senders = 0
#wal_keep_segments = 0
#replication_timeout = 60s
#synchronous_standby_names = ''
#vacuum_defer_cleanup_age = 0
#hot_standby = off
#max_standby_archive_delay = 30s
#max_standby_streaming_delay = 30s
#wal_receiver_status_interval = 10s
#hot_standby_feedback = off
#------------------------------------------------------------------------------
# QUERY TUNING
#------------------------------------------------------------------------------
#enable_bitmapscan = on
#enable_hashagg = on
#enable_hashjoin = on
#enable_indexscan = on
#enable_indexonlyscan = on
#enable_material = on
#enable_mergejoin = on
#enable_nestloop = on
#enable_seqscan = on
#enable_sort = on
#enable_tidscan = on
#seq_page_cost = 1.0
#random_page_cost = 4.0
#cpu_tuple_cost = 0.01
#cpu_index_tuple_cost = 0.005
#cpu_operator_cost = 0.0025
#effective_cache_size = 128MB
#geqo = on
#geqo_threshold = 12
#geqo_effort = 5
#geqo_pool_size = 0
#geqo_generations = 0
#geqo_selection_bias = 2.0
#geqo_seed = 0.0
#default_statistics_target = 100
#constraint_exclusion = partition
#cursor_tuple_fraction = 0.1
#from_collapse_limit = 8
#join_collapse_limit = 8
#------------------------------------------------------------------------------
# ERROR REPORTING AND LOGGING
#------------------------------------------------------------------------------
log_destination = 'stderr'
logging_collector = on
log_directory = '/data/logs/postgres'
log_filename = 'postgresql.log'
#log_file_mode = 0600
log_truncate_on_rotation = on
log_rotation_age = 1d
log_rotation_size = 0
#syslog_facility = 'LOCAL0'
#syslog_ident = 'postgres'
#event_source = 'PostgreSQL'
#client_min_messages = notice
#log_min_messages = warning
#log_min_error_statement = error
#log_min_duration_statement = -1
#debug_print_parse = off
#debug_print_rewritten = off
#debug_print_plan = off
#debug_pretty_print = on
#log_checkpoints = off
#log_connections = off
#log_disconnections = off
#log_duration = off
#log_error_verbosity = default
#log_hostname = off
#log_line_prefix = ''
#log_lock_waits = off
#log_statement = 'none'
#log_temp_files = -1
log_timezone = 'US/Eastern'
#------------------------------------------------------------------------------
# RUNTIME STATISTICS
#------------------------------------------------------------------------------
#track_activities = on
#track_counts = on
#track_io_timing = off
#track_functions = none
#track_activity_query_size = 1024
#update_process_title = on
#stats_temp_directory = 'pg_stat_tmp'
#log_parser_stats = off
#log_planner_stats = off
#log_executor_stats = off
#log_statement_stats = off
#------------------------------------------------------------------------------
# AUTOVACUUM PARAMETERS
#------------------------------------------------------------------------------
#autovacuum = on
#log_autovacuum_min_duration = -1
#autovacuum_max_workers = 3
#autovacuum_naptime = 1min
#autovacuum_vacuum_threshold = 50
#autovacuum_analyze_threshold = 50
#autovacuum_vacuum_scale_factor = 0.2
#autovacuum_analyze_scale_factor = 0.1
#autovacuum_freeze_max_age = 200000000
#autovacuum_vacuum_cost_delay = 20ms
#autovacuum_vacuum_cost_limit = -1
#------------------------------------------------------------------------------
# CLIENT CONNECTION DEFAULTS
#------------------------------------------------------------------------------
#search_path = '"$user",public'
#default_tablespace = ''
#temp_tablespaces = ''
#check_function_bodies = on
#default_transaction_isolation = 'read committed'
#default_transaction_read_only = off
#default_transaction_deferrable = off
#session_replication_role = 'origin'
#statement_timeout = 0
#vacuum_freeze_min_age = 50000000
#vacuum_freeze_table_age = 150000000
#bytea_output = 'hex'
#xmlbinary = 'base64'
#xmloption = 'content'
#gin_fuzzy_search_limit = 0
datestyle = 'iso, mdy'
#intervalstyle = 'postgres'
timezone = 'US/Eastern'
#extra_float_digits = 0
#client_encoding = sql_ascii
lc_messages = 'en_US.UTF-8'
lc_monetary = 'en_US.UTF-8'
lc_numeric = 'en_US.UTF-8'
lc_time = 'en_US.UTF-8'
default_text_search_config = 'pg_catalog.english'
#dynamic_library_path = '$libdir'
#local_preload_libraries = ''
#------------------------------------------------------------------------------
# LOCK MANAGEMENT
#------------------------------------------------------------------------------
#deadlock_timeout = 1s
#max_locks_per_transaction = 64
#max_pred_locks_per_transaction = 64
#------------------------------------------------------------------------------
# VERSION/PLATFORM COMPATIBILITY
#------------------------------------------------------------------------------
#array_nulls = on
#backslash_quote = safe_encoding
#default_with_oids = off
#escape_string_warning = on
#lo_compat_privileges = off
#quote_all_identifiers = off
#sql_inheritance = on
#standard_conforming_strings = on
#synchronize_seqscans = on
#transform_null_equals = off
#------------------------------------------------------------------------------
# ERROR HANDLING
#------------------------------------------------------------------------------
#exit_on_error = off
#restart_after_crash = on
#------------------------------------------------------------------------------
# CUSTOMIZED OPTIONS
#------------------------------------------------------------------------------
# Add settings for extensions here

515
init/00-mariadb.sh Normal file
View File

@ -0,0 +1,515 @@
#!/usr/bin/env bash
# shellcheck shell=bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
##@Version : 202308221958-git
# @@Author : Jason Hempstead
# @@Contact : jason@casjaysdev.pro
# @@License : WTFPL
# @@ReadME : 00-mariadb.sh --help
# @@Copyright : Copyright: (c) 2023 Jason Hempstead, Casjays Developments
# @@Created : Tuesday, Aug 22, 2023 19:58 EDT
# @@File : 00-mariadb.sh
# @@Description :
# @@Changelog : New script
# @@TODO : Better documentation
# @@Other :
# @@Resource :
# @@Terminal App : no
# @@sudo/root : no
# @@Template : shell/bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# shellcheck disable=SC2016
# shellcheck disable=SC2031
# shellcheck disable=SC2120
# shellcheck disable=SC2155
# shellcheck disable=SC2199
# shellcheck disable=SC2317
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
printf '%s\n' "# - - - Initializing mysql - - - #"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_NAME="mysql"
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run trap command on exit
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import the functions file
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
. "/usr/local/etc/docker/functions/entrypoint.sh"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import variables
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
[ -f "$set_env" ] && . "$set_env"
done
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Custom functions
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Reset environment before executing service
RESET_ENV="yes"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Show message before execute
PRE_EXEC_MESSAGE=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set the database directory
DATABASE_DIR="${DATABASE_DIR_MYSQL:-/data/db/mysql}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Set webroot
WWW_DIR="/usr/share/webapps/mariadb"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Default predefined variables
DATA_DIR="/data" # set data directory
CONF_DIR="/config" # set config directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set the containers etc directory
ETC_DIR="/etc/mysql"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
RUN_DIR="/run/init.d" # set scripts pid dir
LOG_DIR="/data/logs/mysql" # set log directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Set the working dir
WORK_DIR="" # set working directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Where to save passwords to
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# root/admin user info password/random]
root_user_name="${MYSQL_ROOT_USER_NAME:-root}" # root user name
root_user_pass="${MYSQL_ROOT_PASS_WORD:-random}" # root user password
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Normal user info [password/random]
user_name="${MYSQL_USER_NAME:-}" # normal user name
user_pass="${MYSQL_USER_PASS_WORD:-}" # normal user password
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Overwrite variables from files
__file_exists_with_content "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
__file_exists_with_content "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
__file_exists_with_content "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
__file_exists_with_content "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# port which service is listening on
SERVICE_PORT="3306"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# execute command variables
SERVICE_UID="0" # set the user id
SERVICE_USER="mysql" # execute command as another user
EXEC_CMD_BIN="mysqld" # command to execute
EXEC_CMD_ARGS="--user=$SERVICE_USER --datadir=$DATABASE_DIR" # command arguments
EXEC_PRE_SCRIPT="" # execute script before
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a web server
IS_WEB_SERVER="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a database server
IS_DATABASE_SERVICE="yes"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional predefined variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional variables
DATABASE_CREATE="${DATABASE_CREATE:-}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Specifiy custom directories to be created
ADD_APPLICATION_FILES=""
ADD_APPLICATION_DIRS=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
APPLICATION_FILES="$LOG_DIR/mysql.log"
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# define variables that need to be loaded into the service - escape quotes - var=\"value\",other=\"test\"
CMD_ENV=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__update_conf_files() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
local runas="root" # run as a different user
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
# delete files
#__rm ""
# define actions
# create default directories
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
(
echo "Creating directory $filedirs with permissions 777"
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create default files
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
(
echo "Creating file $application_files with permissions 777"
touch "$application_files" && chmod -Rf 777 "$application_files"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create directories if variable is yes"
if [ "$IS_WEB_SERVER" = "yes" ]; then
APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR"
if [ ! -d "$WWW_DIR" ]; then
(echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
__initialize_web_health "$WWW_DIR"
fi
if [ "$IS_DATABASE_SERVICE" = "yes" ]; then
APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR"
if [ ! -d "$DATABASE_DIR" ]; then
(echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
fi
# copy config files to system
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
# replace variables
# __replace "" "" "$ETC_DIR/mysql.conf"
# replace variables recursively
# __find_replace "" "" "$ETC_DIR/"
# replace defaults in ETC_DIR
__initialize_replace_variables "$ETC_DIR"
# custom commands
if [ ! -d "$DATABASE_DIR/mysql" ] || [ ! -f "$DATABASE_DIR/ibdata1" ]; then
mkdir -p "$DATABASE_DIR" && chown -Rf $user:$user "$DATABASE_DIR"
mysql_install_db --datadir=$DATABASE_DIR --user=$user 2>/dev/null
fi
# unset unneeded variables
unset application_files filedirs
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run before executing
__pre_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
local runas="root" # run as a different user
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
# define commands
# execute if directories is empty
#__is_dir_empty "" && true || false
# create user if needed
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
# set user on files/folders
if [ -n "$user" ] && [ "$user" != "root" ]; then
if grep -s -q "$user:" "/etc/passwd"; then
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
fi
fi
# unset unneeded variables
unset filesperms filename
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run after executing
__post_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
local runas="root" # run as a different user
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
sleep 60 # how long to wait before executing
echo "Running post commands" # message
# execute commands
(
if [ -f "$CONF_DIR/mysql/init.sh" ]; then
bash -c "$CONF_DIR/mysql/init.sh"
fi
if [ -n "$DATABASE_CREATE" ]; then
mysql -v -u $runas <<MYSQL_SCRIPT
CREATE DATABASE IF NOT EXISTS $DATABASE_CREATE;
MYSQL_SCRIPT
fi
if [ "$user_name" != "root" ] && [ -n "$user_name" ]; then
mysql -v -u $runas <<MYSQL_SCRIPT
CREATE USER IF NOT EXISTS '$user_name'@'%' IDENTIFIED BY '$user_pass';
MYSQL_SCRIPT
fi
if [ "$user_name" != "root" ] && [ -n "$DATABASE_CREATE" ]; then
mysql -v -u $runas <<MYSQL_SCRIPT
GRANT ALL PRIVILEGES ON $DATABASE_CREATE.* TO '$user_name'@'%';
MYSQL_SCRIPT
elif [ "$user_name" = "root" ] && [ -n "$DATABASE_CREATE" ]; then
mysql -v -u $runas <<MYSQL_SCRIPT
GRANT ALL PRIVILEGES ON $DATABASE_CREATE.* TO 'root'@'localhost';
MYSQL_SCRIPT
fi
mysql -v -u $runas <<MYSQL_SCRIPT
ALTER USER 'root'@'localhost' IDENTIFIED BY '$root_user_pass';
FLUSH PRIVILEGES;
MYSQL_SCRIPT
) 2>/dev/stderr >/dev/null
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__pre_message() {
local exitCode=0
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to setup ssl support
__update_ssl_conf() {
local exitCode=0
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__create_service_env() {
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
# ENV_WORKDIR="${ENV_WORKDIR:-$WORK_DIR}" # change to directory
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
# EXEC_PRE_SCRIPT="${ENV_EXEC_PRE_SCRIPT:-$EXEC_PRE_SCRIPT}" # execute before commands
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
EOF
__file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" || return 1
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# script to start server
__run_start_script() {
local user="${SERVICE_USER:-root}"
local cmd="${EXEC_CMD_BIN:-}"
local args="${EXEC_CMD_ARGS:-}"
local name="${EXEC_CMD_NAME:-}"
local pre="${EXEC_PRE_SCRIPT:-}"
local workdir="${WORK_DIR:-$WORK_DIR}"
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
local home="${workdir//\/root/\/tmp\/docker}"
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
local message=""
if [ -z "$cmd" ]; then
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
echo "Initializing $SCRIPT_NAME has completed"
else
# ensure the command exists
if [ ! -x "$cmd" ]; then
echo "$name is not a valid executable"
exit 2
fi
# set working directories
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
[ "$home" = "/root" ] && home="/tmp/docker"
[ "$home" = "$workdir" ] && workdir=""
# create needed directories
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
# check and exit if already running
if __proc_check "$name" || __proc_check "$cmd"; then
echo "$name is already running" >&2
exit 0
else
if [ -n "$pre" ] && [ -f "$pre" ]; then
cmd_exec="$pre $cmd $args"
message="Starting service: $name $args through $pre"
else
cmd_exec="$cmd $args"
message="Starting service: $name $args"
fi
echo "$message"
su_cmd touch "$SERVICE_PID_FILE"
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
if [ "$RESET_ENV" = "yes" ]; then
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" HOSTNAME="$sysname" USER="$user" ${CMD_ENV//,/ } sh -c "$cmd_exec" || return 10
else
eval "$cmd_exec" || return 10
fi
fi
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# username and password actions
__run_secure_function() {
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
for filesperms in "${USER_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# simple cd function
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# process check functions
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# check if process is already running
__proc_check() {
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
SERVICE_IS_RUNNING="true"
touch "$SERVICE_PID_FILE"
echo "$cmd_name is already running"
return 0
else
return 1
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow ENV_ variable - Import env file
__file_exists_with_content"/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_EXIT_CODE=0 # default exit code
WORK_DIR="${ENV_WORKDIR:-$WORK_DIR}" # change to directory
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# application specific
EXEC_PRE_SCRIPT="${ENV_EXEC_PRE_SCRIPT:-$EXEC_PRE_SCRIPT}" # Pre
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
EXEC_PRE_SCRIPT="$(type -P "$EXEC_PRE_SCRIPT" || echo "$EXEC_PRE_SCRIPT")" # set full path
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# create auth directories
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[ "$IS_WEB_SERVER" = "yes" ] && RESET_ENV="yes"
[ "$IS_DATABASE_SERVICE" = "yes" ] && RESET_ENV="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow per init script usernames and passwords
__file_exists_with_content "$ETC_DIR/auth/user/name" && user_name="$(<"$ETC_DIR/auth/user/name")"
__file_exists_with_content "$ETC_DIR/auth/user/pass" && user_pass="$(<"$ETC_DIR/auth/user/pass")"
__file_exists_with_content "$ETC_DIR/auth/root/name" && root_user_name="$(<"$ETC_DIR/auth/root/name")"
__file_exists_with_content "$ETC_DIR/auth/root/pass" && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow setting initial users and passwords via environment
user_name="${user_name:-$ENV_USER_NAME}"
user_pass="${user_pass:-$ENV_USER_PASS}"
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set password to random if variable is random
if [ "$user_pass" = "random" ]; then
user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ "$root_user_pass" = "random" ]; then
root_user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow variables via imports - Overwrite existing
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Only run check
if [ "$1" = "check" ]; then
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
exit $?
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show message if env exists
if [ -n "$EXEC_CMD_BIN" ]; then
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set switch user command
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
su_cmd() { eval "$*" || return 1; }
elif [ "$(builtin type -P gosu)" ]; then
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P runuser)" ]; then
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P sudo)" ]; then
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P su)" ]; then
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
else
echo "Can not switch to $SERVICE_USER: attempting to run as root"
su_cmd() { eval "$*" || return 1; }
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Change to working directory
[ -n "$WORK_DIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORK_DIR" && echo "Changed to $PWD"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show init message
__pre_message
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Initialize ssl
__update_ssl_conf
__update_ssl_certs
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Updating config files
__create_service_env
__update_conf_files
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run the pre execute commands
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
__pre_execute
__run_secure_function
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
SERVICE_EXIT_CODE=10
SERVICE_IS_RUNNING="false"
rm -Rf "$SERVICE_PID_FILE"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
exit $SERVICE_EXIT_CODE

516
init/00-postgres.sh Normal file
View File

@ -0,0 +1,516 @@
#!/usr/bin/env bash
# shellcheck shell=bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
##@Version : 202308222209-git
# @@Author : Jason Hempstead
# @@Contact : jason@casjaysdev.pro
# @@License : WTFPL
# @@ReadME : 00-postgres.sh --help
# @@Copyright : Copyright: (c) 2023 Jason Hempstead, Casjays Developments
# @@Created : Tuesday, Aug 22, 2023 22:09 EDT
# @@File : 00-postgres.sh
# @@Description :
# @@Changelog : New script
# @@TODO : Better documentation
# @@Other :
# @@Resource :
# @@Terminal App : no
# @@sudo/root : no
# @@Template : shell/bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# shellcheck disable=SC2016
# shellcheck disable=SC2031
# shellcheck disable=SC2120
# shellcheck disable=SC2155
# shellcheck disable=SC2199
# shellcheck disable=SC2317
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
printf '%s\n' "# - - - Initializing postgres - - - #"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_NAME="postgres"
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run trap command on exit
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import the functions file
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
. "/usr/local/etc/docker/functions/entrypoint.sh"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import variables
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
[ -f "$set_env" ] && . "$set_env"
done
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Custom functions
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Reset environment before executing service
RESET_ENV="yes"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Show message before execute
PRE_EXEC_MESSAGE=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set the database directory
DATABASE_DIR="${DATABASE_DIR_POSTGRES:-/data/db/postgres}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Set webroot
WWW_DIR="/usr/share/webapps/postgres"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Default predefined variables
DATA_DIR="/data" # set data directory
CONF_DIR="/config" # set config directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set the containers etc directory
ETC_DIR="/etc/postgres"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
RUN_DIR="/run/init.d" # set scripts pid dir
LOG_DIR="/data/logs/postgres" # set log directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Set the working dir
WORK_DIR="" # set working directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Where to save passwords to
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# root/admin user info password/random]
root_user_name="${POSTGRES_ROOT_USER_NAME:-}" # root user name
root_user_pass="${POSTGRES_ROOT_PASS_WORD:-}" # root user password
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Normal user info [password/random]
user_name="${POSTGRES_USER_NAME:-}" # normal user name
user_pass="${POSTGRES_USER_PASS_WORD:-}" # normal user password
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Overwrite variables from files
__file_exists_with_content "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
__file_exists_with_content "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
__file_exists_with_content "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
__file_exists_with_content "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# port which service is listening on
SERVICE_PORT="5432"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# execute command variables
SERVICE_UID="0" # set the user id
SERVICE_USER="postgres" # execute command as another user
EXEC_CMD_BIN="postgres" # command to execute
EXEC_CMD_ARGS="-D $DATABASE_DIR" # command arguments
EXEC_PRE_SCRIPT="" # execute script before
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a web server
IS_WEB_SERVER="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a database server
IS_DATABASE_SERVICE="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional predefined variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional variables
DATABASE_CREATE="${DATABASE_CREATE:-}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Specifiy custom directories to be created
ADD_APPLICATION_FILES=""
ADD_APPLICATION_DIRS=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
APPLICATION_FILES="$LOG_DIR/postgres.log"
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# define variables that need to be loaded into the service - escape quotes - var=\"value\",other=\"test\"
CMD_ENV=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__update_conf_files() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
local runas="root" # run as a different user
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
# delete files
#__rm ""
# define actions
# create default directories
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
(
echo "Creating directory $filedirs with permissions 777"
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create default files
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
(
echo "Creating file $application_files with permissions 777"
touch "$application_files" && chmod -Rf 777 "$application_files"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create directories if variable is yes"
if [ "$IS_WEB_SERVER" = "yes" ]; then
APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR"
if [ ! -d "$WWW_DIR" ]; then
(echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
__initialize_web_health "$WWW_DIR"
fi
if [ "$IS_DATABASE_SERVICE" = "yes" ]; then
APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR"
if [ ! -d "$DATABASE_DIR" ]; then
(echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
fi
# copy config files to system
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
# replace variables
# __replace "" "" "$ETC_DIR/postgres.conf"
# replace variables recursively
# __find_replace "" "" "$ETC_DIR/"
# replace defaults in ETC_DIR
__initialize_replace_variables "$ETC_DIR"
# custom commands
if [ ! -s "$DATABASE_DIR/PG_VERSION" ]; then
sudo -u $user initdb --username="$user" -A md5 --pwfile="${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" -D "$DATABASE_DIR" >/dev/null
fi
chmod -f 0750 "$DATABASE_DIR"
__file_copy "$CONF_DIR/." "$DATABASE_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
# unset unneeded variables
unset application_files filedirs
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run before executing
__pre_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
local runas="root" # run as a different user
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
# define commands
# execute if directories is empty
#__is_dir_empty "" && true || false
# create user if needed
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
# set user on files/folders
if [ -n "$user" ] && [ "$user" != "root" ]; then
if grep -s -q "$user:" "/etc/passwd"; then
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
fi
fi
# unset unneeded variables
unset filesperms filename
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run after executing
__post_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
local runas="postgres" # run as a different user
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
sleep 60 # how long to wait before executing
echo "Running post commands" # message
# execute commands
(
if [ -f "$CONF_DIR/postgres/init.sh" ]; then
bash -c "$CONF_DIR/postgres/init.sh"
fi
if [ -n "$DATABASE_CREATE" ]; then
sudo -u $runas psql -d template1 -U postgres -d template1 -U postgres <<-PGSQL_SCRIPT
CREATE DATABASE IF NOT EXISTS $DATABASE_CREATE;
PGSQL_SCRIPT
fi
if [ "$user_name" != "root" ] && [ -n "$user_name" ]; then
sudo -u $runas psql -d template1 -U postgres <<-PGSQL_SCRIPT
CREATE USER IF NOT EXISTS '$user_name'@'%' IDENTIFIED BY '$user_pass';
PGSQL_SCRIPT
fi
if [ "$user_name" != "root" ] && [ -n "$DATABASE_CREATE" ]; then
sudo -u $runas psql -d template1 -U postgres <<-PGSQL_SCRIPT
GRANT ALL PRIVILEGES ON $DATABASE_CREATE.* TO '$user_name'@'%';
PGSQL_SCRIPT
elif [ "$user_name" = "root" ] && [ -n "$DATABASE_CREATE" ]; then
sudo -u $runas psql -d template1 -U postgres <<-PGSQL_SCRIPT
GRANT ALL PRIVILEGES ON $DATABASE_CREATE.* TO 'root'@'localhost';
PGSQL_SCRIPT
fi
sudo -u $runas psql -d template1 -U postgres <<-PGSQL_SCRIPT
ALTER USER 'root'@'localhost' IDENTIFIED BY '$root_user_pass';
FLUSH PRIVILEGES;
PGSQL_SCRIPT
) 2>/dev/stderr >/dev/null
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__pre_message() {
local exitCode=0
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to setup ssl support
__update_ssl_conf() {
local exitCode=0
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__create_service_env() {
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
# ENV_WORKDIR="${ENV_WORKDIR:-$WORK_DIR}" # change to directory
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
# EXEC_PRE_SCRIPT="${ENV_EXEC_PRE_SCRIPT:-$EXEC_PRE_SCRIPT}" # execute before commands
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
EOF
__file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" || return 1
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# script to start server
__run_start_script() {
local user="${SERVICE_USER:-root}"
local cmd="${EXEC_CMD_BIN:-}"
local args="${EXEC_CMD_ARGS:-}"
local name="${EXEC_CMD_NAME:-}"
local pre="${EXEC_PRE_SCRIPT:-}"
local workdir="${WORK_DIR:-$WORK_DIR}"
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
local home="${workdir//\/root/\/tmp\/docker}"
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
local message=""
if [ -z "$cmd" ]; then
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
echo "Initializing $SCRIPT_NAME has completed"
else
# ensure the command exists
if [ ! -x "$cmd" ]; then
echo "$name is not a valid executable"
exit 2
fi
# set working directories
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
[ "$home" = "/root" ] && home="/tmp/docker"
[ "$home" = "$workdir" ] && workdir=""
# create needed directories
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
# check and exit if already running
if __proc_check "$name" || __proc_check "$cmd"; then
echo "$name is already running" >&2
exit 0
else
if [ -n "$pre" ] && [ -f "$pre" ]; then
cmd_exec="$pre $cmd $args"
message="Starting service: $name $args through $pre"
else
cmd_exec="$cmd $args"
message="Starting service: $name $args"
fi
echo "$message"
su_cmd touch "$SERVICE_PID_FILE"
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
if [ "$RESET_ENV" = "yes" ]; then
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" HOSTNAME="$sysname" USER="$user" ${CMD_ENV//,/ } sh -c "$cmd_exec" || return 10
else
eval "$cmd_exec" || return 10
fi
fi
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# username and password actions
__run_secure_function() {
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
for filesperms in "${USER_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# simple cd function
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# process check functions
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# check if process is already running
__proc_check() {
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
SERVICE_IS_RUNNING="true"
touch "$SERVICE_PID_FILE"
echo "$cmd_name is already running"
return 0
else
return 1
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow ENV_ variable - Import env file
__file_exists_with_content"/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_EXIT_CODE=0 # default exit code
WORK_DIR="${ENV_WORKDIR:-$WORK_DIR}" # change to directory
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# application specific
EXEC_PRE_SCRIPT="${ENV_EXEC_PRE_SCRIPT:-$EXEC_PRE_SCRIPT}" # Pre
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
EXEC_PRE_SCRIPT="$(type -P "$EXEC_PRE_SCRIPT" || echo "$EXEC_PRE_SCRIPT")" # set full path
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# create auth directories
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[ "$IS_WEB_SERVER" = "yes" ] && RESET_ENV="yes"
[ "$IS_DATABASE_SERVICE" = "yes" ] && RESET_ENV="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow per init script usernames and passwords
__file_exists_with_content "$ETC_DIR/auth/user/name" && user_name="$(<"$ETC_DIR/auth/user/name")"
__file_exists_with_content "$ETC_DIR/auth/user/pass" && user_pass="$(<"$ETC_DIR/auth/user/pass")"
__file_exists_with_content "$ETC_DIR/auth/root/name" && root_user_name="$(<"$ETC_DIR/auth/root/name")"
__file_exists_with_content "$ETC_DIR/auth/root/pass" && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow setting initial users and passwords via environment
user_name="${user_name:-$ENV_USER_NAME}"
user_pass="${user_pass:-$ENV_USER_PASS}"
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set password to random if variable is random
if [ "$user_pass" = "random" ]; then
user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ "$root_user_pass" = "random" ]; then
root_user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow variables via imports - Overwrite existing
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Only run check
if [ "$1" = "check" ]; then
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
exit $?
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show message if env exists
if [ -n "$EXEC_CMD_BIN" ]; then
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set switch user command
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
su_cmd() { eval "$*" || return 1; }
elif [ "$(builtin type -P gosu)" ]; then
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P runuser)" ]; then
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P sudo)" ]; then
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P su)" ]; then
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
else
echo "Can not switch to $SERVICE_USER: attempting to run as root"
su_cmd() { eval "$*" || return 1; }
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Change to working directory
[ -n "$WORK_DIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORK_DIR" && echo "Changed to $PWD"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show init message
__pre_message
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Initialize ssl
__update_ssl_conf
__update_ssl_certs
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Updating config files
__create_service_env
__update_conf_files
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run the pre execute commands
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
__pre_execute
__run_secure_function
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
SERVICE_EXIT_CODE=10
SERVICE_IS_RUNNING="false"
rm -Rf "$SERVICE_PID_FILE"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
exit $SERVICE_EXIT_CODE

491
init/00-redis.sh Executable file
View File

@ -0,0 +1,491 @@
#!/usr/bin/env bash
# shellcheck shell=bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
##@Version : 202308221821-git
# @@Author : Jason Hempstead
# @@Contact : jason@casjaysdev.pro
# @@License : WTFPL
# @@ReadME : 00-redis.sh --help
# @@Copyright : Copyright: (c) 2023 Jason Hempstead, Casjays Developments
# @@Created : Tuesday, Aug 22, 2023 18:21 EDT
# @@File : 00-redis.sh
# @@Description :
# @@Changelog : New script
# @@TODO : Better documentation
# @@Other :
# @@Resource :
# @@Terminal App : no
# @@sudo/root : no
# @@Template : shell/bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# shellcheck disable=SC2016
# shellcheck disable=SC2031
# shellcheck disable=SC2120
# shellcheck disable=SC2155
# shellcheck disable=SC2199
# shellcheck disable=SC2317
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
printf '%s\n' "# - - - Initializing redis - - - #"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_NAME="redis"
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run trap command on exit
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import the functions file
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
. "/usr/local/etc/docker/functions/entrypoint.sh"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import variables
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
[ -f "$set_env" ] && . "$set_env"
done
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Custom functions
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Reset environment before executing service
RESET_ENV="yes"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Show message before execute
PRE_EXEC_MESSAGE=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set the database directory
DATABASE_DIR="${DATABASE_DIR_REDIS:-/data/db/redis}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Set webroot
WWW_DIR="/usr/share/webapps/redis"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Default predefined variables
DATA_DIR="/data" # set data directory
CONF_DIR="/config" # set config directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set the containers etc directory
ETC_DIR="/etc/redis"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
RUN_DIR="/run/init.d" # set scripts pid dir
LOG_DIR="/data/logs/redis" # set log directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Set the working dir
WORK_DIR="" # set working directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Where to save passwords to
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# root/admin user info password/random]
root_user_name="${REDIS_ROOT_USER_NAME:-root}" # root user name
root_user_pass="${REDIS_ROOT_PASS_WORD:-random}" # root user password
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Normal user info [password/random]
user_name="${REDIS_USER_NAME:-}" # normal user name
user_pass="${REDIS_USER_PASS_WORD:-}" # normal user password
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Overwrite variables from files
__file_exists_with_content "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
__file_exists_with_content "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
__file_exists_with_content "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
__file_exists_with_content "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# port which service is listening on
SERVICE_PORT="6379"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# execute command variables
SERVICE_UID="0" # set the user id
SERVICE_USER="root" # execute command as another user
EXEC_CMD_BIN="redis" # command to execute
EXEC_CMD_ARGS="redis-server" # command arguments
EXEC_PRE_SCRIPT="$ETC_DIR/redis.conf" # execute script before
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a web server
IS_WEB_SERVER="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a database server
IS_DATABASE_SERVICE="yes"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional predefined variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Specifiy custom directories to be created
ADD_APPLICATION_FILES=""
ADD_APPLICATION_DIRS=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
APPLICATION_FILES="$LOG_DIR/redis.log"
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# define variables that need to be loaded into the service - escape quotes - var=\"value\",other=\"test\"
CMD_ENV=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__update_conf_files() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
local runas="root" # run as a different user
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
# delete files
#__rm ""
# define actions
# create default directories
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
(
echo "Creating directory $filedirs with permissions 777"
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create default files
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
(
echo "Creating file $application_files with permissions 777"
touch "$application_files" && chmod -Rf 777 "$application_files"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create directories if variable is yes"
if [ "$IS_WEB_SERVER" = "yes" ]; then
APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR"
if [ ! -d "$WWW_DIR" ]; then
(echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
__initialize_web_health "$WWW_DIR"
fi
if [ "$IS_DATABASE_SERVICE" = "yes" ]; then
APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR"
if [ ! -d "$DATABASE_DIR" ]; then
(echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
fi
# copy config files to system
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
# replace variables
# __replace "" "" "$ETC_DIR/redis.conf"
# replace variables recursively
# __find_replace "" "" "$ETC_DIR/"
# replace defaults in ETC_DIR
__initialize_replace_variables "$ETC_DIR"
# custom commands
sysctl vm.overcommit_memory=1
echo madvise >/sys/kernel/mm/transparent_hugepage/enabled
if [ -n "$root_user_name" ] && [ -n "$root_user_pass" ]; then
if ! grep -qs "$root_user_name" "$ETC_DIR/redis.conf"; then
echo 'user '$root_user_name' on +@all ~* >'$root_user_pass'' >>"$ETC_DIR/redis.conf"
fi
fi
grep -qs 'redis' /etc/passwd && chown -Rf redis. "$ETC_DIR" "$LOG_DIR" "$DATABASE_DIR"
# unset unneeded variables
unset application_files filedirs
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run before executing
__pre_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
local runas="root" # run as a different user
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
# define commands
# execute if directories is empty
#__is_dir_empty "" && true || false
# create user if needed
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
# set user on files/folders
if [ -n "$user" ] && [ "$user" != "root" ]; then
if grep -s -q "$user:" "/etc/passwd"; then
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
fi
fi
# unset unneeded variables
unset filesperms filename
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run after executing
__post_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
local runas="root" # run as a different user
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
sleep 60 # how long to wait before executing
echo "Running post commands" # message
# execute commands
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__pre_message() {
local exitCode=0
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to setup ssl support
__update_ssl_conf() {
local exitCode=0
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__create_service_env() {
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
# ENV_WORKDIR="${ENV_WORKDIR:-$WORK_DIR}" # change to directory
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
# EXEC_PRE_SCRIPT="${ENV_EXEC_PRE_SCRIPT:-$EXEC_PRE_SCRIPT}" # execute before commands
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
EOF
__file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" || return 1
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# script to start server
__run_start_script() {
local user="${SERVICE_USER:-root}"
local cmd="${EXEC_CMD_BIN:-}"
local args="${EXEC_CMD_ARGS:-}"
local name="${EXEC_CMD_NAME:-}"
local pre="${EXEC_PRE_SCRIPT:-}"
local workdir="${WORK_DIR:-$WORK_DIR}"
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
local home="${workdir//\/root/\/tmp\/docker}"
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
local message=""
if [ -z "$cmd" ]; then
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
echo "Initializing $SCRIPT_NAME has completed"
else
# ensure the command exists
if [ ! -x "$cmd" ]; then
echo "$name is not a valid executable"
exit 2
fi
# set working directories
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
[ "$home" = "/root" ] && home="/tmp/docker"
[ "$home" = "$workdir" ] && workdir=""
# create needed directories
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
# check and exit if already running
if __proc_check "$name" || __proc_check "$cmd"; then
echo "$name is already running" >&2
exit 0
else
if [ -n "$pre" ] && [ -f "$pre" ]; then
cmd_exec="$pre $cmd $args"
message="Starting service: $name $args through $pre"
else
cmd_exec="$cmd $args"
message="Starting service: $name $args"
fi
echo "$message"
su_cmd touch "$SERVICE_PID_FILE"
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
if [ "$RESET_ENV" = "yes" ]; then
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" HOSTNAME="$sysname" USER="$user" ${CMD_ENV//,/ } sh -c "$cmd_exec" || return 10
else
eval "$cmd_exec" || return 10
fi
fi
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# username and password actions
__run_secure_function() {
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
for filesperms in "${USER_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# simple cd function
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# process check functions
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# check if process is already running
__proc_check() {
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
SERVICE_IS_RUNNING="true"
touch "$SERVICE_PID_FILE"
echo "$cmd_name is already running"
return 0
else
return 1
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow ENV_ variable - Import env file
__file_exists_with_content"/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_EXIT_CODE=0 # default exit code
WORK_DIR="${ENV_WORKDIR:-$WORK_DIR}" # change to directory
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# application specific
EXEC_PRE_SCRIPT="${ENV_EXEC_PRE_SCRIPT:-$EXEC_PRE_SCRIPT}" # Pre
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
EXEC_PRE_SCRIPT="$(type -P "$EXEC_PRE_SCRIPT" || echo "$EXEC_PRE_SCRIPT")" # set full path
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# create auth directories
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[ "$IS_WEB_SERVER" = "yes" ] && RESET_ENV="yes"
[ "$IS_DATABASE_SERVICE" = "yes" ] && RESET_ENV="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow per init script usernames and passwords
__file_exists_with_content "$ETC_DIR/auth/user/name" && user_name="$(<"$ETC_DIR/auth/user/name")"
__file_exists_with_content "$ETC_DIR/auth/user/pass" && user_pass="$(<"$ETC_DIR/auth/user/pass")"
__file_exists_with_content "$ETC_DIR/auth/root/name" && root_user_name="$(<"$ETC_DIR/auth/root/name")"
__file_exists_with_content "$ETC_DIR/auth/root/pass" && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow setting initial users and passwords via environment
user_name="${user_name:-$ENV_USER_NAME}"
user_pass="${user_pass:-$ENV_USER_PASS}"
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set password to random if variable is random
if [ "$user_pass" = "random" ]; then
user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ "$root_user_pass" = "random" ]; then
root_user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow variables via imports - Overwrite existing
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Only run check
if [ "$1" = "check" ]; then
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
exit $?
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show message if env exists
if [ -n "$EXEC_CMD_BIN" ]; then
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set switch user command
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
su_cmd() { eval "$*" || return 1; }
elif [ "$(builtin type -P gosu)" ]; then
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P runuser)" ]; then
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P sudo)" ]; then
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P su)" ]; then
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
else
echo "Can not switch to $SERVICE_USER: attempting to run as root"
su_cmd() { eval "$*" || return 1; }
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Change to working directory
[ -n "$WORK_DIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORK_DIR" && echo "Changed to $PWD"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show init message
__pre_message
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Initialize ssl
__update_ssl_conf
__update_ssl_certs
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Updating config files
__create_service_env
__update_conf_files
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run the pre execute commands
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
__pre_execute
__run_secure_function
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
SERVICE_EXIT_CODE=10
SERVICE_IS_RUNNING="false"
rm -Rf "$SERVICE_PID_FILE"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
exit $SERVICE_EXIT_CODE

485
init/05-php-fpm.sh Normal file
View File

@ -0,0 +1,485 @@
#!/usr/bin/env bash
# shellcheck shell=bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
##@Version : 202308221958-git
# @@Author : Jason Hempstead
# @@Contact : jason@casjaysdev.pro
# @@License : WTFPL
# @@ReadME : 05-php-fpm.sh --help
# @@Copyright : Copyright: (c) 2023 Jason Hempstead, Casjays Developments
# @@Created : Tuesday, Aug 22, 2023 19:58 EDT
# @@File : 05-php-fpm.sh
# @@Description :
# @@Changelog : New script
# @@TODO : Better documentation
# @@Other :
# @@Resource :
# @@Terminal App : no
# @@sudo/root : no
# @@Template : shell/bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# shellcheck disable=SC2016
# shellcheck disable=SC2031
# shellcheck disable=SC2120
# shellcheck disable=SC2155
# shellcheck disable=SC2199
# shellcheck disable=SC2317
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
printf '%s\n' "# - - - Initializing php - - - #"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_NAME="php"
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run trap command on exit
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import the functions file
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
. "/usr/local/etc/docker/functions/entrypoint.sh"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import variables
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
[ -f "$set_env" ] && . "$set_env"
done
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Custom functions
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Reset environment before executing service
RESET_ENV="yes"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Show message before execute
PRE_EXEC_MESSAGE=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set the database directory
DATABASE_DIR="${DATABASE_DIR_PHP:-/data/db/php}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Set webroot
WWW_DIR="/usr/share/webapps/php"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Default predefined variables
DATA_DIR="/data" # set data directory
CONF_DIR="/config" # set config directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set the containers etc directory
ETC_DIR="/etc/php"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
RUN_DIR="/run/init.d" # set scripts pid dir
LOG_DIR="/data/logs/php" # set log directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Set the working dir
WORK_DIR="" # set working directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Where to save passwords to
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# root/admin user info password/random]
root_user_name="${PHP_ROOT_USER_NAME:-}" # root user name
root_user_pass="${PHP_ROOT_PASS_WORD:-}" # root user password
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Normal user info [password/random]
user_name="${PHP_USER_NAME:-}" # normal user name
user_pass="${PHP_USER_PASS_WORD:-}" # normal user password
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Overwrite variables from files
__file_exists_with_content "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
__file_exists_with_content "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
__file_exists_with_content "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
__file_exists_with_content "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# port which service is listening on
SERVICE_PORT="9000"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# execute command variables
SERVICE_UID="0" # set the user id
SERVICE_USER="nginx" # execute command as another user
EXEC_CMD_BIN="php-fpm" # command to execute
EXEC_CMD_ARGS="--allow-to-run-as-root --nodaemonize --fpm-config /etc/php/php-fpm.conf" # command arguments
EXEC_PRE_SCRIPT="" # execute script before
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a web server
IS_WEB_SERVER="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a database server
IS_DATABASE_SERVICE="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional predefined variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Specifiy custom directories to be created
ADD_APPLICATION_FILES=""
ADD_APPLICATION_DIRS=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
APPLICATION_FILES="$LOG_DIR/php.log"
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# define variables that need to be loaded into the service - escape quotes - var=\"value\",other=\"test\"
CMD_ENV=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__update_conf_files() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
local runas="root" # run as a different user
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
# delete files
#__rm ""
# define actions
# create default directories
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
(
echo "Creating directory $filedirs with permissions 777"
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create default files
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
(
echo "Creating file $application_files with permissions 777"
touch "$application_files" && chmod -Rf 777 "$application_files"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create directories if variable is yes"
if [ "$IS_WEB_SERVER" = "yes" ]; then
APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR"
if [ ! -d "$WWW_DIR" ]; then
(echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
__initialize_web_health "$WWW_DIR"
fi
if [ "$IS_DATABASE_SERVICE" = "yes" ]; then
APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR"
if [ ! -d "$DATABASE_DIR" ]; then
(echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
fi
# copy config files to system
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
# replace variables
# __replace "" "" "$ETC_DIR/php.conf"
# replace variables recursively
# __find_replace "" "" "$ETC_DIR/"
# replace defaults in ETC_DIR
__initialize_replace_variables "$ETC_DIR"
# custom commands
sed -i 's|user.*=.*|user = '$user'|g' "$ETC_DIR"/*/www.conf
sed -i 's|group.*=.*|group = '$user'|g' "$ETC_DIR"/*/www.conf
# unset unneeded variables
unset application_files filedirs
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run before executing
__pre_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
local runas="root" # run as a different user
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
# define commands
# execute if directories is empty
#__is_dir_empty "" && true || false
# create user if needed
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
# set user on files/folders
if [ -n "$user" ] && [ "$user" != "root" ]; then
if grep -s -q "$user:" "/etc/passwd"; then
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
fi
fi
# unset unneeded variables
unset filesperms filename
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run after executing
__post_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
local runas="root" # run as a different user
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
sleep 60 # how long to wait before executing
echo "Running post commands" # message
# execute commands
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__pre_message() {
local exitCode=0
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to setup ssl support
__update_ssl_conf() {
local exitCode=0
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__create_service_env() {
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
# ENV_WORKDIR="${ENV_WORKDIR:-$WORK_DIR}" # change to directory
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
# EXEC_PRE_SCRIPT="${ENV_EXEC_PRE_SCRIPT:-$EXEC_PRE_SCRIPT}" # execute before commands
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
EOF
__file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" || return 1
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# script to start server
__run_start_script() {
local user="${SERVICE_USER:-root}"
local cmd="${EXEC_CMD_BIN:-}"
local args="${EXEC_CMD_ARGS:-}"
local name="${EXEC_CMD_NAME:-}"
local pre="${EXEC_PRE_SCRIPT:-}"
local workdir="${WORK_DIR:-$WORK_DIR}"
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
local home="${workdir//\/root/\/tmp\/docker}"
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
local message=""
if [ -z "$cmd" ]; then
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
echo "Initializing $SCRIPT_NAME has completed"
else
# ensure the command exists
if [ ! -x "$cmd" ]; then
echo "$name is not a valid executable"
exit 2
fi
# set working directories
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
[ "$home" = "/root" ] && home="/tmp/docker"
[ "$home" = "$workdir" ] && workdir=""
# create needed directories
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
# check and exit if already running
if __proc_check "$name" || __proc_check "$cmd"; then
echo "$name is already running" >&2
exit 0
else
if [ -n "$pre" ] && [ -f "$pre" ]; then
cmd_exec="$pre $cmd $args"
message="Starting service: $name $args through $pre"
else
cmd_exec="$cmd $args"
message="Starting service: $name $args"
fi
echo "$message"
su_cmd touch "$SERVICE_PID_FILE"
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
if [ "$RESET_ENV" = "yes" ]; then
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" HOSTNAME="$sysname" USER="$user" ${CMD_ENV//,/ } sh -c "$cmd_exec" || return 10
else
eval "$cmd_exec" || return 10
fi
fi
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# username and password actions
__run_secure_function() {
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
for filesperms in "${USER_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# simple cd function
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# process check functions
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# check if process is already running
__proc_check() {
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
SERVICE_IS_RUNNING="true"
touch "$SERVICE_PID_FILE"
echo "$cmd_name is already running"
return 0
else
return 1
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow ENV_ variable - Import env file
__file_exists_with_content"/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_EXIT_CODE=0 # default exit code
WORK_DIR="${ENV_WORKDIR:-$WORK_DIR}" # change to directory
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# application specific
EXEC_PRE_SCRIPT="${ENV_EXEC_PRE_SCRIPT:-$EXEC_PRE_SCRIPT}" # Pre
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
EXEC_PRE_SCRIPT="$(type -P "$EXEC_PRE_SCRIPT" || echo "$EXEC_PRE_SCRIPT")" # set full path
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# create auth directories
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[ "$IS_WEB_SERVER" = "yes" ] && RESET_ENV="yes"
[ "$IS_DATABASE_SERVICE" = "yes" ] && RESET_ENV="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow per init script usernames and passwords
__file_exists_with_content "$ETC_DIR/auth/user/name" && user_name="$(<"$ETC_DIR/auth/user/name")"
__file_exists_with_content "$ETC_DIR/auth/user/pass" && user_pass="$(<"$ETC_DIR/auth/user/pass")"
__file_exists_with_content "$ETC_DIR/auth/root/name" && root_user_name="$(<"$ETC_DIR/auth/root/name")"
__file_exists_with_content "$ETC_DIR/auth/root/pass" && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow setting initial users and passwords via environment
user_name="${user_name:-$ENV_USER_NAME}"
user_pass="${user_pass:-$ENV_USER_PASS}"
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set password to random if variable is random
if [ "$user_pass" = "random" ]; then
user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ "$root_user_pass" = "random" ]; then
root_user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow variables via imports - Overwrite existing
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Only run check
if [ "$1" = "check" ]; then
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
exit $?
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show message if env exists
if [ -n "$EXEC_CMD_BIN" ]; then
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set switch user command
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
su_cmd() { eval "$*" || return 1; }
elif [ "$(builtin type -P gosu)" ]; then
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P runuser)" ]; then
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P sudo)" ]; then
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P su)" ]; then
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
else
echo "Can not switch to $SERVICE_USER: attempting to run as root"
su_cmd() { eval "$*" || return 1; }
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Change to working directory
[ -n "$WORK_DIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORK_DIR" && echo "Changed to $PWD"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show init message
__pre_message
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Initialize ssl
__update_ssl_conf
__update_ssl_certs
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Updating config files
__create_service_env
__update_conf_files
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run the pre execute commands
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
__pre_execute
__run_secure_function
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
SERVICE_EXIT_CODE=10
SERVICE_IS_RUNNING="false"
rm -Rf "$SERVICE_PID_FILE"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
exit $SERVICE_EXIT_CODE

489
init/zz-nginx.sh Normal file
View File

@ -0,0 +1,489 @@
#!/usr/bin/env bash
# shellcheck shell=bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
##@Version : 202308221957-git
# @@Author : Jason Hempstead
# @@Contact : jason@casjaysdev.pro
# @@License : WTFPL
# @@ReadME : zz-nginx.sh --help
# @@Copyright : Copyright: (c) 2023 Jason Hempstead, Casjays Developments
# @@Created : Tuesday, Aug 22, 2023 19:57 EDT
# @@File : zz-nginx.sh
# @@Description :
# @@Changelog : New script
# @@TODO : Better documentation
# @@Other :
# @@Resource :
# @@Terminal App : no
# @@sudo/root : no
# @@Template : shell/bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# shellcheck disable=SC2016
# shellcheck disable=SC2031
# shellcheck disable=SC2120
# shellcheck disable=SC2155
# shellcheck disable=SC2199
# shellcheck disable=SC2317
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
printf '%s\n' "# - - - Initializing nginx - - - #"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_NAME="nginx"
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run trap command on exit
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import the functions file
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
. "/usr/local/etc/docker/functions/entrypoint.sh"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import variables
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
[ -f "$set_env" ] && . "$set_env"
done
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Custom functions
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Reset environment before executing service
RESET_ENV="yes"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Show message before execute
PRE_EXEC_MESSAGE=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set the database directory
DATABASE_DIR="${DATABASE_DIR_NGINX:-/data/db/nginx}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Set webroot
WWW_DIR="/usr/share/webapps/nginx"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Default predefined variables
DATA_DIR="/data" # set data directory
CONF_DIR="/config" # set config directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set the containers etc directory
ETC_DIR="/etc/nginx"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
RUN_DIR="/run/init.d" # set scripts pid dir
LOG_DIR="/data/logs/nginx" # set log directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Set the working dir
WORK_DIR="" # set working directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Where to save passwords to
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# root/admin user info password/random]
root_user_name="${NGINX_ROOT_USER_NAME:-}" # root user name
root_user_pass="${NGINX_ROOT_PASS_WORD:-}" # root user password
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Normal user info [password/random]
user_name="${NGINX_USER_NAME:-}" # normal user name
user_pass="${NGINX_USER_PASS_WORD:-}" # normal user password
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Overwrite variables from files
__file_exists_with_content "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
__file_exists_with_content "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
__file_exists_with_content "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
__file_exists_with_content "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# port which service is listening on
SERVICE_PORT="80"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# execute command variables
SERVICE_UID="0" # set the user id
SERVICE_USER="root" # execute command as another user
EXEC_CMD_BIN="nginx" # command to execute
EXEC_CMD_ARGS="-c $ETC_DIR/nginx.conf" # command arguments
EXEC_PRE_SCRIPT="" # execute script before
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a web server
IS_WEB_SERVER="yes"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a database server
IS_DATABASE_SERVICE="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional predefined variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Specifiy custom directories to be created
ADD_APPLICATION_FILES=""
ADD_APPLICATION_DIRS=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
APPLICATION_FILES="$LOG_DIR/nginx.log"
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# define variables that need to be loaded into the service - escape quotes - var=\"value\",other=\"test\"
CMD_ENV=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__update_conf_files() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
local runas="root" # run as a different user
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
local blowfish_pass="$(htpasswd -bnBC 10 "" password | tr -d ':\n' | sed 's/$2y/$2a/')"
# delete files
#__rm ""
# define actions
# create default directories
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
(
echo "Creating directory $filedirs with permissions 777"
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create default files
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
(
echo "Creating file $application_files with permissions 777"
touch "$application_files" && chmod -Rf 777 "$application_files"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create directories if variable is yes"
if [ "$IS_WEB_SERVER" = "yes" ]; then
APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR"
if [ ! -d "$WWW_DIR" ]; then
(echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
__initialize_web_health "$WWW_DIR"
fi
if [ "$IS_DATABASE_SERVICE" = "yes" ]; then
APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR"
if [ ! -d "$DATABASE_DIR" ]; then
(echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
fi
# copy config files to system
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
__file_copy "/config/phpmyadmin/." "/etc/phpmyadmin/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
# replace variables
sed -i 's|REPLACE_BLOWFISH_SECRECT|'$blowfish_pass'|g' /config/phpmyadmin/config.inc.php
# __replace "" "" "$ETC_DIR/nginx.conf"
# replace variables recursively
# __find_replace "" "" "$ETC_DIR/"
# replace defaults in ETC_DIR
__initialize_replace_variables "$ETC_DIR"
__initialize_replace_variables "/usr/local/share/wwwroot"
# custom commands
if [ ! -d "/config/phpmyadmin" ]; then
mkdir -p "/config/phpmyadmin"
__file_copy "/etc/phpmyadmin/." "/config/phpmyadmin/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
# unset unneeded variables
unset application_files filedirs
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run before executing
__pre_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
local runas="root" # run as a different user
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
# define commands
# execute if directories is empty
#__is_dir_empty "" && true || false
# create user if needed
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
# set user on files/folders
if [ -n "$user" ] && [ "$user" != "root" ]; then
if grep -s -q "$user:" "/etc/passwd"; then
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
fi
fi
# unset unneeded variables
unset filesperms filename
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run after executing
__post_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
local runas="root" # run as a different user
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
sleep 60 # how long to wait before executing
echo "Running post commands" # message
# execute commands
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__pre_message() {
local exitCode=0
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to setup ssl support
__update_ssl_conf() {
local exitCode=0
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__create_service_env() {
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
# ENV_WORKDIR="${ENV_WORKDIR:-$WORK_DIR}" # change to directory
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
# EXEC_PRE_SCRIPT="${ENV_EXEC_PRE_SCRIPT:-$EXEC_PRE_SCRIPT}" # execute before commands
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
EOF
__file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" || return 1
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# script to start server
__run_start_script() {
local user="${SERVICE_USER:-root}"
local cmd="${EXEC_CMD_BIN:-}"
local args="${EXEC_CMD_ARGS:-}"
local name="${EXEC_CMD_NAME:-}"
local pre="${EXEC_PRE_SCRIPT:-}"
local workdir="${WORK_DIR:-$WORK_DIR}"
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
local home="${workdir//\/root/\/tmp\/docker}"
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
local message=""
if [ -z "$cmd" ]; then
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
echo "Initializing $SCRIPT_NAME has completed"
else
# ensure the command exists
if [ ! -x "$cmd" ]; then
echo "$name is not a valid executable"
exit 2
fi
# set working directories
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
[ "$home" = "/root" ] && home="/tmp/docker"
[ "$home" = "$workdir" ] && workdir=""
# create needed directories
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
# check and exit if already running
if __proc_check "$name" || __proc_check "$cmd"; then
echo "$name is already running" >&2
exit 0
else
if [ -n "$pre" ] && [ -f "$pre" ]; then
cmd_exec="$pre $cmd $args"
message="Starting service: $name $args through $pre"
else
cmd_exec="$cmd $args"
message="Starting service: $name $args"
fi
echo "$message"
su_cmd touch "$SERVICE_PID_FILE"
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
if [ "$RESET_ENV" = "yes" ]; then
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" HOSTNAME="$sysname" USER="$user" ${CMD_ENV//,/ } sh -c "$cmd_exec" || return 10
else
eval "$cmd_exec" || return 10
fi
fi
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# username and password actions
__run_secure_function() {
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
for filesperms in "${USER_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# simple cd function
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# process check functions
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# check if process is already running
__proc_check() {
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
SERVICE_IS_RUNNING="true"
touch "$SERVICE_PID_FILE"
echo "$cmd_name is already running"
return 0
else
return 1
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow ENV_ variable - Import env file
__file_exists_with_content"/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_EXIT_CODE=0 # default exit code
WORK_DIR="${ENV_WORKDIR:-$WORK_DIR}" # change to directory
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# application specific
EXEC_PRE_SCRIPT="${ENV_EXEC_PRE_SCRIPT:-$EXEC_PRE_SCRIPT}" # Pre
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
EXEC_PRE_SCRIPT="$(type -P "$EXEC_PRE_SCRIPT" || echo "$EXEC_PRE_SCRIPT")" # set full path
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# create auth directories
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[ "$IS_WEB_SERVER" = "yes" ] && RESET_ENV="yes"
[ "$IS_DATABASE_SERVICE" = "yes" ] && RESET_ENV="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow per init script usernames and passwords
__file_exists_with_content "$ETC_DIR/auth/user/name" && user_name="$(<"$ETC_DIR/auth/user/name")"
__file_exists_with_content "$ETC_DIR/auth/user/pass" && user_pass="$(<"$ETC_DIR/auth/user/pass")"
__file_exists_with_content "$ETC_DIR/auth/root/name" && root_user_name="$(<"$ETC_DIR/auth/root/name")"
__file_exists_with_content "$ETC_DIR/auth/root/pass" && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow setting initial users and passwords via environment
user_name="${user_name:-$ENV_USER_NAME}"
user_pass="${user_pass:-$ENV_USER_PASS}"
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set password to random if variable is random
if [ "$user_pass" = "random" ]; then
user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ "$root_user_pass" = "random" ]; then
root_user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow variables via imports - Overwrite existing
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Only run check
if [ "$1" = "check" ]; then
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
exit $?
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show message if env exists
if [ -n "$EXEC_CMD_BIN" ]; then
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set switch user command
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
su_cmd() { eval "$*" || return 1; }
elif [ "$(builtin type -P gosu)" ]; then
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P runuser)" ]; then
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P sudo)" ]; then
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P su)" ]; then
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
else
echo "Can not switch to $SERVICE_USER: attempting to run as root"
su_cmd() { eval "$*" || return 1; }
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Change to working directory
[ -n "$WORK_DIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORK_DIR" && echo "Changed to $PWD"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show init message
__pre_message
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Initialize ssl
__update_ssl_conf
__update_ssl_certs
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Updating config files
__create_service_env
__update_conf_files
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run the pre execute commands
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
__pre_execute
__run_secure_function
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
SERVICE_EXIT_CODE=10
SERVICE_IS_RUNNING="false"
rm -Rf "$SERVICE_PID_FILE"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
exit $SERVICE_EXIT_CODE

0
wwwroot/www/404.html → wwwroot/404.html
View File

0
wwwroot/www/cgi-bin/env.cgi → wwwroot/cgi-bin/env.cgi
View File

0
wwwroot/www/cgi-bin/env.php → wwwroot/cgi-bin/env.php
View File

0
wwwroot/www/cgi-bin/env.pl → wwwroot/cgi-bin/env.pl
View File

0
wwwroot/www/cgi-bin/env.py → wwwroot/cgi-bin/env.py
View File

0
wwwroot/www/cgi-bin/env.rb → wwwroot/cgi-bin/env.rb
View File

0
wwwroot/www/cgi-bin/printenv → wwwroot/cgi-bin/printenv
View File

0
wwwroot/www/cgi-bin/printenv.vbs → wwwroot/cgi-bin/printenv.vbs
View File

0
wwwroot/www/cgi-bin/printenv.wsf → wwwroot/cgi-bin/printenv.wsf
View File

0
wwwroot/www/cgi-bin/test-cgi → wwwroot/cgi-bin/test-cgi
View File

0
wwwroot/www/css/bootstrap.css → wwwroot/css/bootstrap.css vendored
View File

0
wwwroot/www/css/bootstrap.min.css → wwwroot/css/bootstrap.min.css vendored
View File

0
wwwroot/www/css/bs.plain.css → wwwroot/css/bs.plain.css
View File

0
wwwroot/www/css/cookieconsent.css → wwwroot/css/cookieconsent.css
View File

0
wwwroot/www/css/errorpages.css → wwwroot/css/errorpages.css
View File

0
wwwroot/www/css/index.css → wwwroot/css/index.css
View File

0
wwwroot/www/favicon.ico → wwwroot/favicon.ico
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 766 B

After

Width:  |  Height:  |  Size: 766 B

0
wwwroot/www/health/health/index.json → wwwroot/health/health/index.json
View File

0
wwwroot/www/health/health/index.txt → wwwroot/health/health/index.txt
View File

0
wwwroot/www/health/index.json → wwwroot/health/index.json
View File

0
wwwroot/www/health/index.txt → wwwroot/health/index.txt
View File

0
wwwroot/www/images/403.png → wwwroot/images/403.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 35 KiB

After

Width:  |  Height:  |  Size: 35 KiB

0
wwwroot/www/images/404.gif → wwwroot/images/404.gif
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 93 KiB

After

Width:  |  Height:  |  Size: 93 KiB

0
wwwroot/www/images/bg.png → wwwroot/images/bg.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.2 KiB

After

Width:  |  Height:  |  Size: 1.2 KiB

0
wwwroot/www/images/favicon.ico → wwwroot/images/favicon.ico
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 766 B

After

Width:  |  Height:  |  Size: 766 B

0
wwwroot/www/images/icon.png → wwwroot/images/icon.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 3.9 KiB

After

Width:  |  Height:  |  Size: 3.9 KiB

0
wwwroot/www/images/icon.svg → wwwroot/images/icon.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 429 B

After

Width:  |  Height:  |  Size: 429 B

0
wwwroot/www/index.php → wwwroot/index.php
View File

0
wwwroot/www/info.php → wwwroot/info.php
View File

0
wwwroot/www/js/app.js → wwwroot/js/app.js
View File

0
wwwroot/www/js/bootstrap.min.js → wwwroot/js/bootstrap.min.js vendored
View File

0
wwwroot/www/js/errorpages/homepage.js → wwwroot/js/errorpages/homepage.js
View File

0
wwwroot/www/js/errorpages/isup.js → wwwroot/js/errorpages/isup.js
View File

0
wwwroot/www/js/errorpages/loaddomain.js → wwwroot/js/errorpages/loaddomain.js
View File

0
wwwroot/www/js/errorpages/scale.fix.js → wwwroot/js/errorpages/scale.fix.js
View File

0
wwwroot/www/js/jquery/default.js → wwwroot/js/jquery/default.js vendored
View File

0
wwwroot/www/js/passprotect.min.js → wwwroot/js/passprotect.min.js vendored
View File

0
wwwroot/www/robots.txt → wwwroot/robots.txt
View File

0
wwwroot/www/site.webmanifest → wwwroot/site.webmanifest
View File