🦈🏠🐜❗ Initial Commit ❗🐜🦈🏠
93
.gitignore
vendored
Normal file
@ -0,0 +1,93 @@
|
|||||||
|
# gitignore created on 04/06/23 at 18:41
|
||||||
|
# Disable reminder in prompt
|
||||||
|
ignoredirmessage
|
||||||
|
|
||||||
|
# OS generated files
|
||||||
|
### Linux ###
|
||||||
|
*~
|
||||||
|
|
||||||
|
# temporary files which can be created if a process still has a handle open of a deleted file
|
||||||
|
.fuse_hidden*
|
||||||
|
|
||||||
|
# KDE directory preferences
|
||||||
|
.directory
|
||||||
|
|
||||||
|
# Linux trash folder which might appear on any partition or disk
|
||||||
|
.Trash-*
|
||||||
|
|
||||||
|
# .nfs files are created when an open file is removed but is still being accessed
|
||||||
|
.nfs*
|
||||||
|
|
||||||
|
### macOS ###
|
||||||
|
# General
|
||||||
|
.DS_Store
|
||||||
|
.AppleDouble
|
||||||
|
.LSOverride
|
||||||
|
|
||||||
|
# Thumbnails
|
||||||
|
._*
|
||||||
|
|
||||||
|
# Files that might appear in the root of a volume
|
||||||
|
.DocumentRevisions-V100
|
||||||
|
.fseventsd
|
||||||
|
.Spotlight-V100
|
||||||
|
.TemporaryItems
|
||||||
|
.Trashes
|
||||||
|
.VolumeIcon.icns
|
||||||
|
.com.apple.timemachine.donotpresent
|
||||||
|
|
||||||
|
# Directories potentially created on remote AFP share
|
||||||
|
.AppleDB
|
||||||
|
.AppleDesktop
|
||||||
|
Network Trash Folder
|
||||||
|
Temporary Items
|
||||||
|
.apdisk
|
||||||
|
|
||||||
|
### macOS Patch ###
|
||||||
|
# iCloud generated files
|
||||||
|
*.icloud
|
||||||
|
|
||||||
|
### Windows ###
|
||||||
|
# Windows thumbnail cache files
|
||||||
|
Thumbs.db
|
||||||
|
Thumbs.db:encryptable
|
||||||
|
ehthumbs.db
|
||||||
|
ehthumbs_vista.db
|
||||||
|
|
||||||
|
# Dump file
|
||||||
|
*.stackdump
|
||||||
|
|
||||||
|
# Folder config file
|
||||||
|
[Dd]esktop.ini
|
||||||
|
|
||||||
|
# Recycle Bin used on file shares
|
||||||
|
$RECYCLE.BIN/
|
||||||
|
|
||||||
|
# Windows Installer files
|
||||||
|
*.cab
|
||||||
|
*.msi
|
||||||
|
*.msix
|
||||||
|
*.msm
|
||||||
|
*.msp
|
||||||
|
|
||||||
|
# Windows shortcuts
|
||||||
|
*.lnk
|
||||||
|
|
||||||
|
# ignore commit message
|
||||||
|
**/.gitcommit
|
||||||
|
|
||||||
|
#ignore .failed
|
||||||
|
**/.build_failed
|
||||||
|
|
||||||
|
# ignore .bak files
|
||||||
|
**/*.bak
|
||||||
|
|
||||||
|
# ignore .no_push files
|
||||||
|
**/.no_push
|
||||||
|
|
||||||
|
# ignore .no_git files
|
||||||
|
**/.no_git
|
||||||
|
|
||||||
|
# ignore .installed files
|
||||||
|
**/.installed
|
||||||
|
|
13
LICENSE.md
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
|
||||||
|
Version 2, December 2004
|
||||||
|
|
||||||
|
Copyright (C) 2023 casjay <git-admin@casjaysdev.com>
|
||||||
|
|
||||||
|
Everyone is permitted to copy and distribute verbatim or modified
|
||||||
|
copies of this license document, and changing it is allowed as long
|
||||||
|
as the name is changed.
|
||||||
|
|
||||||
|
DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
|
||||||
|
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
|
||||||
|
|
||||||
|
1. You just DO WHAT THE FUCK YOU WANT TO.
|
8
README.md
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
## 👋 Welcome to docker-scripts 🚀
|
||||||
|
|
||||||
|
docker-scripts README
|
||||||
|
|
||||||
|
|
||||||
|
## Author
|
||||||
|
|
||||||
|
🤖 casjay: [Github](https://github.com/casjay) 🤖
|
355
configs/ampache/ampache.cfg.php
Normal file
@ -0,0 +1,355 @@
|
|||||||
|
;#<?php exit(); ?>##
|
||||||
|
;#########################################################
|
||||||
|
; General Config #
|
||||||
|
;#########################################################
|
||||||
|
config_version = 63
|
||||||
|
|
||||||
|
;#########################################################
|
||||||
|
; Auto Update #
|
||||||
|
;#########################################################
|
||||||
|
github_force_branch = "master"
|
||||||
|
composer_binary_path = "composer"
|
||||||
|
hide_ampache_messages = "false"
|
||||||
|
|
||||||
|
;#########################################################
|
||||||
|
; Path Vars #
|
||||||
|
;#########################################################
|
||||||
|
;http_host = "localhost"
|
||||||
|
;http_port = 80
|
||||||
|
;web_path = ""
|
||||||
|
;local_web_path = "http://localhost/ampache"
|
||||||
|
|
||||||
|
;#########################################################
|
||||||
|
; Database #
|
||||||
|
;#########################################################
|
||||||
|
database_name = ampache
|
||||||
|
database_hostname = localhost
|
||||||
|
database_port = 3306
|
||||||
|
database_username = root
|
||||||
|
;database_password = password
|
||||||
|
database_charset = "utf8mb4"
|
||||||
|
database_collation = "utf8mb4_unicode_ci"
|
||||||
|
|
||||||
|
;#########################################################
|
||||||
|
; Session and Security #
|
||||||
|
;#########################################################
|
||||||
|
secret_key = "abcdefghijklmnoprqstuvwyz0123456"
|
||||||
|
session_length = 3600
|
||||||
|
stream_length = 7200
|
||||||
|
remember_length = 604800
|
||||||
|
session_name = ampache
|
||||||
|
session_cookielife = 0
|
||||||
|
session_cookiesecure = 0
|
||||||
|
auth_methods = "mysql"
|
||||||
|
;external_authenticator = "/usr/sbin/pwauth"
|
||||||
|
;auth_password_save = "true"
|
||||||
|
;logout_redirect = "http://sso.example.com/logout"
|
||||||
|
access_control = "true"
|
||||||
|
require_session = "true"
|
||||||
|
require_localnet_session = "true"
|
||||||
|
;prevent_multiple_logins = "true"
|
||||||
|
;disable_xframe_sameorigin = "true"
|
||||||
|
|
||||||
|
;#########################################################
|
||||||
|
; Metadata #
|
||||||
|
;#########################################################
|
||||||
|
getid3_tag_order = "vorbiscomment,id3v2,id3v1,quicktime,matroska,ape,asf,avi,mpeg,riff"
|
||||||
|
;getid3_detect_id3v2_encoding = "true"
|
||||||
|
;write_id3 = "true"
|
||||||
|
;write_id3_art = "true"
|
||||||
|
metadata_order = "getID3,MusicBrainz,TheAudioDb,filename"
|
||||||
|
metadata_order_video = "filename,getID3"
|
||||||
|
deferred_ext_metadata = "true"
|
||||||
|
additional_genre_delimiters = "[/]{2}|[/\\\\|,;]"
|
||||||
|
;enable_custom_metadata = "true"
|
||||||
|
|
||||||
|
;#########################################################
|
||||||
|
; File Tags #
|
||||||
|
;write_tags = "true"
|
||||||
|
|
||||||
|
;#########################################################
|
||||||
|
; Catalog #
|
||||||
|
;#########################################################
|
||||||
|
catalog_file_pattern = "mp3|mpc|m4p|m4a|aac|ogg|oga|wav|aif|aiff|rm|wma|asf|flac|opus|spx|ra|ape|shn|wv"
|
||||||
|
catalog_video_pattern = "avi|mpg|mpeg|flv|m4v|mp4|webm|mkv|wmv|ogv|mov|divx|m2ts"
|
||||||
|
catalog_playlist_pattern = "m3u|m3u8|pls|asx|xspf"
|
||||||
|
catalog_prefix_pattern = "The|An|A|Die|Das|Ein|Eine|Les|Le|La"
|
||||||
|
;catalog_disable = "true"
|
||||||
|
;catalog_filter = "true"
|
||||||
|
;delete_from_disk = "true"
|
||||||
|
;catalog_verify_by_time = "true"
|
||||||
|
|
||||||
|
;#########################################################
|
||||||
|
; Program Settings #
|
||||||
|
;#########################################################
|
||||||
|
;downsample_remote = "true"
|
||||||
|
;track_user_ip = "true"
|
||||||
|
;user_ip_cardinality = "42"
|
||||||
|
;allow_zip_download = "true"
|
||||||
|
;allow_zip_types = "album"
|
||||||
|
;art_zip_add = "true"
|
||||||
|
;file_zip_comment = "Ampache - Zip Batch Download"
|
||||||
|
;webplayer_debug = "true"
|
||||||
|
;waveform = "true"
|
||||||
|
;waveform_color = "#FF0000"
|
||||||
|
;waveform_height = 32
|
||||||
|
;waveform_width = 400
|
||||||
|
;tmp_dir_path = "/tmp"
|
||||||
|
;throttle_download = 10
|
||||||
|
;generate_video_preview = "true"
|
||||||
|
;no_symlinks = "true"
|
||||||
|
use_auth = "true"
|
||||||
|
default_auth_level = "guest"
|
||||||
|
;skip_timer = 20
|
||||||
|
ratings = "true"
|
||||||
|
;rating_browse_filter = "true"
|
||||||
|
;rating_browse_minimum_stars = 1
|
||||||
|
;rating_file_tag_user = 1
|
||||||
|
directplay = "true"
|
||||||
|
sociable = "true"
|
||||||
|
;licensing = "true"
|
||||||
|
;demo_mode = "true"
|
||||||
|
;simple_user_mode = "true"
|
||||||
|
;memory_cache = "true"
|
||||||
|
;memory_limit = 32
|
||||||
|
;album_art_preferred_filename = "folder.jpg"
|
||||||
|
;artist_art_preferred_filename = "folder.jpg"
|
||||||
|
;artist_art_folder = "/data/htdocs/www/art"
|
||||||
|
;album_art_store_disk = "true"
|
||||||
|
;local_metadata_dir = "/metadata"
|
||||||
|
;max_upload_size = 1048576
|
||||||
|
;album_art_min_width = 100
|
||||||
|
;album_art_max_width = 1024
|
||||||
|
;album_art_min_height = 100
|
||||||
|
;album_art_max_height = 1024
|
||||||
|
;resize_images = "true"
|
||||||
|
playlist_art = "true"
|
||||||
|
;statistical_graphs = "true"
|
||||||
|
art_order = "db,tags,folder,spotify,musicbrainz"
|
||||||
|
;gather_song_art = "true"
|
||||||
|
;show_song_art = "true"
|
||||||
|
;spotify_art_filter = "artist"
|
||||||
|
;art_search_limit = 15
|
||||||
|
;show_similar = "true"
|
||||||
|
;hide_search = "true"
|
||||||
|
;allow_upload_scripts = "true"
|
||||||
|
|
||||||
|
;#########################################################
|
||||||
|
; API keys #
|
||||||
|
;#########################################################
|
||||||
|
lastfm_api_key = "d5df942424c71b754e54ce1832505ae2"
|
||||||
|
lastfm_api_secret = ""
|
||||||
|
|
||||||
|
;spotify_client_id = ""
|
||||||
|
;spotify_client_secret = ""
|
||||||
|
;wanted = "true"
|
||||||
|
wanted_types = "album,official"
|
||||||
|
;wanted_auto_accept = "true"
|
||||||
|
;label = "true"
|
||||||
|
;broadcast = "true"
|
||||||
|
live_stream = "true"
|
||||||
|
podcast = "true"
|
||||||
|
;websocket_address = "ws://localhost:8100"
|
||||||
|
refresh_limit = "60"
|
||||||
|
;use_now_playing_embedded = "true"
|
||||||
|
;now_playing_refresh_limit = "-1"
|
||||||
|
;now_playing_css_file = "templates/now-playing.css"
|
||||||
|
show_footer_statistics = "true"
|
||||||
|
;use_rss = "true"
|
||||||
|
;allow_php_themes = "true"
|
||||||
|
|
||||||
|
;#########################################################
|
||||||
|
; Debugging #
|
||||||
|
;#########################################################
|
||||||
|
debug = "false"
|
||||||
|
debug_level = 2
|
||||||
|
log_path = "/data/logs/httpd"
|
||||||
|
log_filename = "ampache.log"
|
||||||
|
|
||||||
|
;#########################################################
|
||||||
|
; Encoding Settings #
|
||||||
|
;#########################################################
|
||||||
|
site_charset = UTF-8
|
||||||
|
;lc_charset = "ISO8859-1"
|
||||||
|
;mb_detect_order = "ASCII,UTF-8,EUC-JP,ISO-2022-JP,SJIS,JIS"
|
||||||
|
|
||||||
|
;#########################################################
|
||||||
|
; Custom actions (optional) #
|
||||||
|
;#########################################################
|
||||||
|
;custom_play_action_title_0 = ""
|
||||||
|
;custom_play_action_icon_0 = ""
|
||||||
|
;custom_play_action_run_0 = ""
|
||||||
|
|
||||||
|
; Example for Karaoke playing
|
||||||
|
;custom_play_action_title_0 = "Karaoke"
|
||||||
|
;custom_play_action_icon_0 = "microphone"
|
||||||
|
;custom_play_action_run_0 = "sox \"%f\" -p oops | ffmpeg -i pipe:0 -f %c pipe:1"
|
||||||
|
|
||||||
|
;#########################################################
|
||||||
|
; LDAP login info (optional) #
|
||||||
|
;#########################################################
|
||||||
|
;ldap_url = "ldap://localhost/"
|
||||||
|
;ldap_url = "ldaps://localhost/"
|
||||||
|
;ldap_username = ""
|
||||||
|
;ldap_password = ""
|
||||||
|
;ldap_search_dn = "ou=People,dc=yoursubdomain,dc=yourdomain,dc=yourtld"
|
||||||
|
;ldap_objectclass = "posixAccount" ; OpenLDAP
|
||||||
|
;ldap_objectclass = "organizationalPerson" ; Microsoft Active Directory
|
||||||
|
;ldap_filter = "(uid=%v)" ; OpenLDAP
|
||||||
|
;ldap_filter = "(sAMAccountName=%v)" ; Microsoft Active Directory
|
||||||
|
;ldap_require_group = "cn=yourgroup,ou=yourorg,dc=yoursubdomain,dc=yourdomain,dc=yourtld"
|
||||||
|
;ldap_name_field = "cn"
|
||||||
|
;ldap_name_field = "displayName"
|
||||||
|
;ldap_email_field = "mail"
|
||||||
|
;ldap_avatar_field = "jpegPhoto"
|
||||||
|
;ldap_avatar_mime = "image/jpeg"
|
||||||
|
;ldap_protocol_version = 3
|
||||||
|
;ldap_start_tls = "true"
|
||||||
|
;ldap_member_attribute = "member"
|
||||||
|
;ldap_member_attribute = "memberuid"
|
||||||
|
|
||||||
|
;#########################################################
|
||||||
|
; OpenID login info (optional) #
|
||||||
|
;#########################################################
|
||||||
|
;openid_required_pape = ""
|
||||||
|
|
||||||
|
;#########################################################
|
||||||
|
; Public Registration settings, defaults to disabled #
|
||||||
|
;#########################################################
|
||||||
|
;auto_create = "true"
|
||||||
|
;external_auto_update = "true"
|
||||||
|
;allow_public_registration = "true"
|
||||||
|
;captcha_public_reg = "true"
|
||||||
|
;admin_notify_reg = "true"
|
||||||
|
;admin_enable_required = "true"
|
||||||
|
;auto_user = "guest"
|
||||||
|
;user_agreement = "true"
|
||||||
|
;user_no_email_confirm = "true"
|
||||||
|
;cookie_disclaimer = "true"
|
||||||
|
registration_display_fields = "fullname,website"
|
||||||
|
registration_mandatory_fields = "fullname"
|
||||||
|
|
||||||
|
;#########################################################
|
||||||
|
; These options control the dynamic downsampling based #
|
||||||
|
; on current usage #
|
||||||
|
; *Note* Transcoding must be enabled and working #
|
||||||
|
;#########################################################
|
||||||
|
;max_bit_rate = 576
|
||||||
|
;min_bit_rate = 48
|
||||||
|
|
||||||
|
;#########################################################
|
||||||
|
; Transcode Settings #
|
||||||
|
;#########################################################
|
||||||
|
;transcode_m4a = "allowed"
|
||||||
|
;transcode_flac = "required"
|
||||||
|
;transcode_mpc = "required"
|
||||||
|
;transcode_ogg = "required"
|
||||||
|
;transcode_oga = "required"
|
||||||
|
;transcode_opus = "required"
|
||||||
|
;transcode_wav = "required"
|
||||||
|
;transcode_wma = "required"
|
||||||
|
;transcode_aif = "required"
|
||||||
|
;transcode_aiff = "required"
|
||||||
|
;transcode_ape = "required"
|
||||||
|
;transcode_shn = "required"
|
||||||
|
transcode_mp3 = "allowed"
|
||||||
|
;transcode_avi = "allowed"
|
||||||
|
;transcode_flv = "allowed"
|
||||||
|
;transcode_mkv = "allowed"
|
||||||
|
;transcode_mpg = "allowed"
|
||||||
|
;transcode_mpeg = "allowed"
|
||||||
|
;transcode_m4v = "allowed"
|
||||||
|
;transcode_mp4 = "allowed"
|
||||||
|
;transcode_mov = "allowed"
|
||||||
|
;transcode_wmv = "allowed"
|
||||||
|
;transcode_ogv = "allowed"
|
||||||
|
;transcode_divx = "allowed"
|
||||||
|
;transcode_m2ts = "allowed"
|
||||||
|
;transcode_webm = "allowed"
|
||||||
|
;encode_target = mp3
|
||||||
|
;encode_video_target = webm
|
||||||
|
;encode_target_flac = opus
|
||||||
|
;transcode_player_webplayer_m4a = "required"
|
||||||
|
;transcode_player_webplayer_flac = "required"
|
||||||
|
;transcode_player_webplayer_mpc = "required"
|
||||||
|
;encode_player_webplayer_target = mp3
|
||||||
|
;encode_player_api_target = mp3
|
||||||
|
transcode_player_customize = "true"
|
||||||
|
;transcode_cmd = "ffmpeg"
|
||||||
|
;transcode_cmd = "avconv"
|
||||||
|
;transcode_cmd = "/usr/bin/neatokeen"
|
||||||
|
transcode_input = "-i %FILE%"
|
||||||
|
;transcode_cmd_mid = "timidity -Or -o – %FILE% | ffmpeg -f s16le -i pipe:0"
|
||||||
|
encode_args_mp3 = "-vn -b:a %BITRATE%K -c:a libmp3lame -f mp3 pipe:1"
|
||||||
|
encode_args_ogg = "-vn -b:a %BITRATE%K -c:a libvorbis -f ogg pipe:1"
|
||||||
|
encode_args_opus = "-vn -b:a %BITRATE%K -c:a libopus -compression_level 10 -vsync 2 -f ogg pipe:1"
|
||||||
|
encode_args_m4a = "-vn -b:a %BITRATE%K -c:a libfdk_aac -f adts pipe:1"
|
||||||
|
encode_args_wav = "-vn -b:a %BITRATE%K -c:a pcm_s16le -f wav pipe:1"
|
||||||
|
encode_args_flv = "-b:a %BITRATE%K -ar 44100 -ac 2 -v 0 -f flv -c:v libx264 -preset superfast -threads 0 pipe:1"
|
||||||
|
encode_args_webm = "-b:a %BITRATE%K -f webm -c:v libvpx -preset superfast -threads 0 pipe:1"
|
||||||
|
encode_args_ts = "-q %QUALITY% -s %RESOLUTION% -f mpegts -c:v libx264 -c:a libmp3lame -maxrate %MAXBITRATE%k -preset superfast -threads 0 pipe:1"
|
||||||
|
encode_args_ogv = "-codec:v libtheora -qscale:v 7 -codec:a libvorbis -qscale:a 5 -f ogg pipe:1"
|
||||||
|
encode_get_image = "-ss %TIME% -f image2 -vframes 1 pipe:1"
|
||||||
|
encode_srt = "-vf \"subtitles='%SRTFILE%'\""
|
||||||
|
encode_ss_frame = "-ss %TIME%"
|
||||||
|
encode_ss_duration = "-t %DURATION%"
|
||||||
|
send_full_stream = "webplayer"
|
||||||
|
|
||||||
|
;#########################################################
|
||||||
|
; Transcode Caching #
|
||||||
|
;#########################################################
|
||||||
|
;cache_path = "/tmp"
|
||||||
|
;cache_target = "mp3"
|
||||||
|
;cache_m4a = "true"
|
||||||
|
;cache_flac = "true"
|
||||||
|
;cache_mpc = "true"
|
||||||
|
;cache_ogg = "true"
|
||||||
|
;cache_oga = "true"
|
||||||
|
;cache_opus = "true"
|
||||||
|
;cache_wav = "true"
|
||||||
|
;cache_wma = "true"
|
||||||
|
;cache_aif = "true"
|
||||||
|
;cache_aiff = "true"
|
||||||
|
;cache_ape = "true"
|
||||||
|
;cache_shn = "true"
|
||||||
|
;cache_mp3 = "true"
|
||||||
|
;cache_remote = "true"
|
||||||
|
|
||||||
|
;#########################################################
|
||||||
|
; Proxy Settings (optional) #
|
||||||
|
;#########################################################
|
||||||
|
;proxy_host = "192.168.0.1"
|
||||||
|
;proxy_port = "8080"
|
||||||
|
;proxy_user = ""
|
||||||
|
;proxy_pass = ""
|
||||||
|
;force_ssl = "true"
|
||||||
|
|
||||||
|
;#########################################################
|
||||||
|
; Mail Settings #
|
||||||
|
;#########################################################
|
||||||
|
;mail_enable = "true"
|
||||||
|
;mail_type = "php"
|
||||||
|
;mail_domain = "example.com"
|
||||||
|
;mail_user = "info"
|
||||||
|
;mail_name = "Ampache"
|
||||||
|
;mail_check = "strict"
|
||||||
|
|
||||||
|
;#########################################################
|
||||||
|
; sendmail Settings #
|
||||||
|
;#########################################################
|
||||||
|
;sendmail_path = "/usr/sbin/sendmail"
|
||||||
|
|
||||||
|
;#########################################################
|
||||||
|
; SMTP Settings #
|
||||||
|
;#########################################################
|
||||||
|
;mail_host = "localhost"
|
||||||
|
;mail_port = 25
|
||||||
|
;mail_secure_smtp = tls
|
||||||
|
;mail_auth = "true"
|
||||||
|
;mail_auth_user = ""
|
||||||
|
;mail_auth_pass = ""
|
||||||
|
|
||||||
|
;#########################################################
|
||||||
|
; Abbreviation Filter #
|
||||||
|
;#########################################################
|
||||||
|
common_abbr = "divx,xvid,dvdrip,hdtv,lol,axxo,repack,xor,pdtv,real,vtv,caph,2hd,proper,fqm,uncut,topaz,tvt,notv,fpn,fov,orenji,0tv,omicron,dsr,ws,sys,crimson,wat,hiqt,internal,brrip,boheme,vost,vostfr,fastsub,addiction,x264,LOL,720p,1080p,YIFY,evolve,fihtv,first,bokutox,bluray,tvboom,info"
|
7
configs/apache2/conf.d/php-fpm.conf
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
#<FilesMatch \.php$>
|
||||||
|
# SetHandler application/x-httpd-php
|
||||||
|
#</FilesMatch>
|
||||||
|
|
||||||
|
<FilesMatch \.php$>
|
||||||
|
SetHandler "proxy:fcgi://127.0.0.1:9000"
|
||||||
|
</FilesMatch>
|
219
configs/apache2/httpd.conf
Normal file
@ -0,0 +1,219 @@
|
|||||||
|
# This is the main Apache HTTP server configuration file.
|
||||||
|
# Set to one of: Full | OS | Minor | Minimal | Major | Prod
|
||||||
|
ServerTokens PROD
|
||||||
|
ServerRoot /var/www
|
||||||
|
Listen REPLACE_SERVER_PORT
|
||||||
|
|
||||||
|
LoadModule mpm_event_module modules/mod_mpm_event.so
|
||||||
|
#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
|
||||||
|
LoadModule authn_file_module modules/mod_authn_file.so
|
||||||
|
LoadModule authn_dbm_module modules/mod_authn_dbm.so
|
||||||
|
LoadModule authn_anon_module modules/mod_authn_anon.so
|
||||||
|
LoadModule authn_dbd_module modules/mod_authn_dbd.so
|
||||||
|
LoadModule authn_socache_module modules/mod_authn_socache.so
|
||||||
|
LoadModule authn_core_module modules/mod_authn_core.so
|
||||||
|
LoadModule authz_host_module modules/mod_authz_host.so
|
||||||
|
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
|
||||||
|
LoadModule authz_user_module modules/mod_authz_user.so
|
||||||
|
LoadModule authz_dbm_module modules/mod_authz_dbm.so
|
||||||
|
LoadModule authz_owner_module modules/mod_authz_owner.so
|
||||||
|
LoadModule authz_dbd_module modules/mod_authz_dbd.so
|
||||||
|
LoadModule authz_core_module modules/mod_authz_core.so
|
||||||
|
LoadModule access_compat_module modules/mod_access_compat.so
|
||||||
|
LoadModule auth_basic_module modules/mod_auth_basic.so
|
||||||
|
LoadModule auth_form_module modules/mod_auth_form.so
|
||||||
|
LoadModule auth_digest_module modules/mod_auth_digest.so
|
||||||
|
LoadModule allowmethods_module modules/mod_allowmethods.so
|
||||||
|
LoadModule file_cache_module modules/mod_file_cache.so
|
||||||
|
LoadModule cache_module modules/mod_cache.so
|
||||||
|
LoadModule cache_disk_module modules/mod_cache_disk.so
|
||||||
|
LoadModule cache_socache_module modules/mod_cache_socache.so
|
||||||
|
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
|
||||||
|
LoadModule socache_dbm_module modules/mod_socache_dbm.so
|
||||||
|
LoadModule socache_memcache_module modules/mod_socache_memcache.so
|
||||||
|
LoadModule socache_redis_module modules/mod_socache_redis.so
|
||||||
|
LoadModule watchdog_module modules/mod_watchdog.so
|
||||||
|
LoadModule macro_module modules/mod_macro.so
|
||||||
|
LoadModule dbd_module modules/mod_dbd.so
|
||||||
|
LoadModule dumpio_module modules/mod_dumpio.so
|
||||||
|
LoadModule echo_module modules/mod_echo.so
|
||||||
|
LoadModule buffer_module modules/mod_buffer.so
|
||||||
|
LoadModule data_module modules/mod_data.so
|
||||||
|
LoadModule ratelimit_module modules/mod_ratelimit.so
|
||||||
|
LoadModule reqtimeout_module modules/mod_reqtimeout.so
|
||||||
|
LoadModule ext_filter_module modules/mod_ext_filter.so
|
||||||
|
LoadModule request_module modules/mod_request.so
|
||||||
|
LoadModule include_module modules/mod_include.so
|
||||||
|
LoadModule filter_module modules/mod_filter.so
|
||||||
|
LoadModule reflector_module modules/mod_reflector.so
|
||||||
|
LoadModule substitute_module modules/mod_substitute.so
|
||||||
|
LoadModule sed_module modules/mod_sed.so
|
||||||
|
LoadModule charset_lite_module modules/mod_charset_lite.so
|
||||||
|
LoadModule deflate_module modules/mod_deflate.so
|
||||||
|
LoadModule brotli_module modules/mod_brotli.so
|
||||||
|
LoadModule mime_module modules/mod_mime.so
|
||||||
|
LoadModule log_config_module modules/mod_log_config.so
|
||||||
|
LoadModule log_debug_module modules/mod_log_debug.so
|
||||||
|
LoadModule log_forensic_module modules/mod_log_forensic.so
|
||||||
|
LoadModule logio_module modules/mod_logio.so
|
||||||
|
LoadModule env_module modules/mod_env.so
|
||||||
|
LoadModule mime_magic_module modules/mod_mime_magic.so
|
||||||
|
LoadModule expires_module modules/mod_expires.so
|
||||||
|
LoadModule headers_module modules/mod_headers.so
|
||||||
|
LoadModule usertrack_module modules/mod_usertrack.so
|
||||||
|
LoadModule unique_id_module modules/mod_unique_id.so
|
||||||
|
LoadModule setenvif_module modules/mod_setenvif.so
|
||||||
|
LoadModule version_module modules/mod_version.so
|
||||||
|
LoadModule remoteip_module modules/mod_remoteip.so
|
||||||
|
LoadModule session_module modules/mod_session.so
|
||||||
|
LoadModule session_cookie_module modules/mod_session_cookie.so
|
||||||
|
LoadModule session_crypto_module modules/mod_session_crypto.so
|
||||||
|
LoadModule session_dbd_module modules/mod_session_dbd.so
|
||||||
|
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
|
||||||
|
LoadModule slotmem_plain_module modules/mod_slotmem_plain.so
|
||||||
|
LoadModule dialup_module modules/mod_dialup.so
|
||||||
|
LoadModule http2_module modules/mod_http2.so
|
||||||
|
LoadModule unixd_module modules/mod_unixd.so
|
||||||
|
LoadModule heartbeat_module modules/mod_heartbeat.so
|
||||||
|
LoadModule heartmonitor_module modules/mod_heartmonitor.so
|
||||||
|
LoadModule status_module modules/mod_status.so
|
||||||
|
LoadModule autoindex_module modules/mod_autoindex.so
|
||||||
|
LoadModule asis_module modules/mod_asis.so
|
||||||
|
LoadModule info_module modules/mod_info.so
|
||||||
|
LoadModule cgi_module modules/mod_cgi.so
|
||||||
|
LoadModule vhost_alias_module modules/mod_vhost_alias.so
|
||||||
|
LoadModule dir_module modules/mod_dir.so
|
||||||
|
LoadModule actions_module modules/mod_actions.so
|
||||||
|
LoadModule speling_module modules/mod_speling.so
|
||||||
|
LoadModule userdir_module modules/mod_userdir.so
|
||||||
|
LoadModule alias_module modules/mod_alias.so
|
||||||
|
LoadModule rewrite_module modules/mod_rewrite.so
|
||||||
|
LoadModule negotiation_module modules/mod_negotiation.so
|
||||||
|
LoadModule fcgid_module modules/mod_fcgid.so
|
||||||
|
LoadModule dav_module modules/mod_dav.so
|
||||||
|
LoadModule dav_fs_module modules/mod_dav_fs.so
|
||||||
|
LoadModule ssl_module modules/mod_ssl.so
|
||||||
|
LoadModule wsgi_module modules/mod_wsgi.so
|
||||||
|
LoadModule lua_module modules/mod_lua.so
|
||||||
|
LoadModule proxy_module modules/mod_proxy.so
|
||||||
|
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
|
||||||
|
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
|
||||||
|
LoadModule proxy_connect_module modules/mod_proxy_connect.so
|
||||||
|
LoadModule proxy_express_module modules/mod_proxy_express.so
|
||||||
|
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
|
||||||
|
LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
|
||||||
|
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
|
||||||
|
LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so
|
||||||
|
LoadModule proxy_http_module modules/mod_proxy_http.so
|
||||||
|
LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
|
||||||
|
LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so
|
||||||
|
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
|
||||||
|
#LoadModule suexec_module modules/mod_suexec.so
|
||||||
|
#LoadModule php_module modules/mod_php8.so
|
||||||
|
|
||||||
|
<IfModule unixd_module>
|
||||||
|
User apache
|
||||||
|
Group apache
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
# 'Main' server configuration
|
||||||
|
ServerName REPLACE_SERVER_NAME
|
||||||
|
ServerAdmin REPLACE_SERVER_ADMIN
|
||||||
|
ServerSignature On
|
||||||
|
|
||||||
|
DocumentRoot "REPLACE_SERVER_DIR"
|
||||||
|
|
||||||
|
<Directory />
|
||||||
|
AllowOverride none
|
||||||
|
Require all denied
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<Directory "/data/htdocs">
|
||||||
|
Options Indexes FollowSymLinks MultiViews ExecCGI Includes
|
||||||
|
AllowOverride All
|
||||||
|
Require all granted
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<Directory "REPLACE_SERVER_DIR">
|
||||||
|
Options Indexes FollowSymLinks MultiViews ExecCGI Includes
|
||||||
|
AllowOverride All
|
||||||
|
Require all granted
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<Directory "/usr/local/share/template-files/data/htdocs/www">
|
||||||
|
Options Indexes FollowSymLinks MultiViews ExecCGI Includes
|
||||||
|
AllowOverride All
|
||||||
|
Require all granted
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<Directorymatch "^/.*/\.git/">
|
||||||
|
Order deny,allow
|
||||||
|
Deny from all
|
||||||
|
</Directorymatch>
|
||||||
|
|
||||||
|
<IfModule dir_module>
|
||||||
|
DirectoryIndex index.php index.cgi index.asp index.aspx index.pl index.aspx index.shtml awstats.pl index.txt index.json index.html index.html.var Default.aspx default.aspx index.unknown.php index.default.php
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
<Files ".ht*">
|
||||||
|
Require all denied
|
||||||
|
</Files>
|
||||||
|
|
||||||
|
ErrorLog /data/logs/apache2/error.log
|
||||||
|
LogLevel warn
|
||||||
|
|
||||||
|
<IfModule log_config_module>
|
||||||
|
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
|
||||||
|
LogFormat "%h %l %u %t \"%r\" %>s %b" common
|
||||||
|
<IfModule logio_module>
|
||||||
|
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
|
||||||
|
</IfModule>
|
||||||
|
CustomLog /data/logs/apache2/access.default.log combined
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
<IfModule alias_module>
|
||||||
|
Alias /health /data/htdocs/www/health/index.txt
|
||||||
|
Alias /health/json /data/htdocs/www/health/index.json
|
||||||
|
ScriptAlias /cgi-bin/ "/data/htdocs/cgi-bin/"
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
<Directory "/data/htdocs/cgi-bin">
|
||||||
|
AllowOverride None
|
||||||
|
Options None
|
||||||
|
Require all granted
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<IfModule cgid_module>
|
||||||
|
#Scriptsock cgisock
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
<IfModule headers_module>
|
||||||
|
RequestHeader unset Proxy early
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
<IfModule mime_module>
|
||||||
|
TypesConfig /etc/apache2/mime.types
|
||||||
|
AddType application/x-gzip .tgz
|
||||||
|
AddEncoding x-compress .Z
|
||||||
|
AddEncoding x-gzip .gz .tgz
|
||||||
|
AddType application/x-compress .Z
|
||||||
|
AddType application/x-gzip .gz .tgz
|
||||||
|
AddHandler cgi-script .cgi
|
||||||
|
AddHandler type-map var
|
||||||
|
AddType text/html .shtml
|
||||||
|
AddOutputFilter INCLUDES .shtml
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
<IfModule mime_magic_module>
|
||||||
|
MIMEMagicFile /etc/apache2/magic
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
<IfModule mod_status.c>
|
||||||
|
<Location /server-status>
|
||||||
|
SetHandler server-status
|
||||||
|
</Location>
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
ProxyErrorOverride on
|
||||||
|
IncludeOptional /etc/apache2/conf.d/*.conf
|
||||||
|
IncludeOptional /etc/apache2/vhosts.d/*.conf
|
252
configs/apache2/httpd.ssl.conf
Normal file
@ -0,0 +1,252 @@
|
|||||||
|
# This is the main Apache HTTP server configuration file.
|
||||||
|
# Set to one of: Full | OS | Minor | Minimal | Major | Prod
|
||||||
|
ServerTokens PROD
|
||||||
|
ServerRoot /var/www
|
||||||
|
Listen REPLACE_SERVER_PORT
|
||||||
|
|
||||||
|
LoadModule mpm_event_module modules/mod_mpm_event.so
|
||||||
|
#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
|
||||||
|
LoadModule authn_file_module modules/mod_authn_file.so
|
||||||
|
LoadModule authn_dbm_module modules/mod_authn_dbm.so
|
||||||
|
LoadModule authn_anon_module modules/mod_authn_anon.so
|
||||||
|
LoadModule authn_dbd_module modules/mod_authn_dbd.so
|
||||||
|
LoadModule authn_socache_module modules/mod_authn_socache.so
|
||||||
|
LoadModule authn_core_module modules/mod_authn_core.so
|
||||||
|
LoadModule authz_host_module modules/mod_authz_host.so
|
||||||
|
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
|
||||||
|
LoadModule authz_user_module modules/mod_authz_user.so
|
||||||
|
LoadModule authz_dbm_module modules/mod_authz_dbm.so
|
||||||
|
LoadModule authz_owner_module modules/mod_authz_owner.so
|
||||||
|
LoadModule authz_dbd_module modules/mod_authz_dbd.so
|
||||||
|
LoadModule authz_core_module modules/mod_authz_core.so
|
||||||
|
LoadModule access_compat_module modules/mod_access_compat.so
|
||||||
|
LoadModule auth_basic_module modules/mod_auth_basic.so
|
||||||
|
LoadModule auth_form_module modules/mod_auth_form.so
|
||||||
|
LoadModule auth_digest_module modules/mod_auth_digest.so
|
||||||
|
LoadModule allowmethods_module modules/mod_allowmethods.so
|
||||||
|
LoadModule file_cache_module modules/mod_file_cache.so
|
||||||
|
LoadModule cache_module modules/mod_cache.so
|
||||||
|
LoadModule cache_disk_module modules/mod_cache_disk.so
|
||||||
|
LoadModule cache_socache_module modules/mod_cache_socache.so
|
||||||
|
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
|
||||||
|
LoadModule socache_dbm_module modules/mod_socache_dbm.so
|
||||||
|
LoadModule socache_memcache_module modules/mod_socache_memcache.so
|
||||||
|
LoadModule socache_redis_module modules/mod_socache_redis.so
|
||||||
|
LoadModule watchdog_module modules/mod_watchdog.so
|
||||||
|
LoadModule macro_module modules/mod_macro.so
|
||||||
|
LoadModule dbd_module modules/mod_dbd.so
|
||||||
|
LoadModule dumpio_module modules/mod_dumpio.so
|
||||||
|
LoadModule echo_module modules/mod_echo.so
|
||||||
|
LoadModule buffer_module modules/mod_buffer.so
|
||||||
|
LoadModule data_module modules/mod_data.so
|
||||||
|
LoadModule ratelimit_module modules/mod_ratelimit.so
|
||||||
|
LoadModule reqtimeout_module modules/mod_reqtimeout.so
|
||||||
|
LoadModule ext_filter_module modules/mod_ext_filter.so
|
||||||
|
LoadModule request_module modules/mod_request.so
|
||||||
|
LoadModule include_module modules/mod_include.so
|
||||||
|
LoadModule filter_module modules/mod_filter.so
|
||||||
|
LoadModule reflector_module modules/mod_reflector.so
|
||||||
|
LoadModule substitute_module modules/mod_substitute.so
|
||||||
|
LoadModule sed_module modules/mod_sed.so
|
||||||
|
LoadModule charset_lite_module modules/mod_charset_lite.so
|
||||||
|
LoadModule deflate_module modules/mod_deflate.so
|
||||||
|
LoadModule brotli_module modules/mod_brotli.so
|
||||||
|
LoadModule mime_module modules/mod_mime.so
|
||||||
|
LoadModule log_config_module modules/mod_log_config.so
|
||||||
|
LoadModule log_debug_module modules/mod_log_debug.so
|
||||||
|
LoadModule log_forensic_module modules/mod_log_forensic.so
|
||||||
|
LoadModule logio_module modules/mod_logio.so
|
||||||
|
LoadModule env_module modules/mod_env.so
|
||||||
|
LoadModule mime_magic_module modules/mod_mime_magic.so
|
||||||
|
LoadModule expires_module modules/mod_expires.so
|
||||||
|
LoadModule headers_module modules/mod_headers.so
|
||||||
|
LoadModule usertrack_module modules/mod_usertrack.so
|
||||||
|
LoadModule unique_id_module modules/mod_unique_id.so
|
||||||
|
LoadModule setenvif_module modules/mod_setenvif.so
|
||||||
|
LoadModule version_module modules/mod_version.so
|
||||||
|
LoadModule remoteip_module modules/mod_remoteip.so
|
||||||
|
LoadModule session_module modules/mod_session.so
|
||||||
|
LoadModule session_cookie_module modules/mod_session_cookie.so
|
||||||
|
LoadModule session_crypto_module modules/mod_session_crypto.so
|
||||||
|
LoadModule session_dbd_module modules/mod_session_dbd.so
|
||||||
|
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
|
||||||
|
LoadModule slotmem_plain_module modules/mod_slotmem_plain.so
|
||||||
|
LoadModule dialup_module modules/mod_dialup.so
|
||||||
|
LoadModule http2_module modules/mod_http2.so
|
||||||
|
LoadModule unixd_module modules/mod_unixd.so
|
||||||
|
LoadModule heartbeat_module modules/mod_heartbeat.so
|
||||||
|
LoadModule heartmonitor_module modules/mod_heartmonitor.so
|
||||||
|
LoadModule status_module modules/mod_status.so
|
||||||
|
LoadModule autoindex_module modules/mod_autoindex.so
|
||||||
|
LoadModule asis_module modules/mod_asis.so
|
||||||
|
LoadModule info_module modules/mod_info.so
|
||||||
|
LoadModule cgi_module modules/mod_cgi.so
|
||||||
|
LoadModule vhost_alias_module modules/mod_vhost_alias.so
|
||||||
|
LoadModule negotiation_module modules/mod_negotiation.so
|
||||||
|
LoadModule dir_module modules/mod_dir.so
|
||||||
|
LoadModule actions_module modules/mod_actions.so
|
||||||
|
LoadModule speling_module modules/mod_speling.so
|
||||||
|
LoadModule userdir_module modules/mod_userdir.so
|
||||||
|
LoadModule alias_module modules/mod_alias.so
|
||||||
|
LoadModule rewrite_module modules/mod_rewrite.so
|
||||||
|
LoadModule fcgid_module modules/mod_fcgid.so
|
||||||
|
LoadModule dav_module modules/mod_dav.so
|
||||||
|
LoadModule dav_fs_module modules/mod_dav_fs.so
|
||||||
|
LoadModule ssl_module modules/mod_ssl.so
|
||||||
|
LoadModule wsgi_module modules/mod_wsgi.so
|
||||||
|
LoadModule lua_module modules/mod_lua.so
|
||||||
|
LoadModule proxy_module modules/mod_proxy.so
|
||||||
|
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
|
||||||
|
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
|
||||||
|
LoadModule proxy_connect_module modules/mod_proxy_connect.so
|
||||||
|
LoadModule proxy_express_module modules/mod_proxy_express.so
|
||||||
|
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
|
||||||
|
LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
|
||||||
|
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
|
||||||
|
LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so
|
||||||
|
LoadModule proxy_http_module modules/mod_proxy_http.so
|
||||||
|
LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
|
||||||
|
LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so
|
||||||
|
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
|
||||||
|
#LoadModule suexec_module modules/mod_suexec.so
|
||||||
|
#LoadModule php_module modules/mod_php8.so
|
||||||
|
|
||||||
|
<IfModule unixd_module>
|
||||||
|
User apache
|
||||||
|
Group apache
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
# 'Main' server configuration
|
||||||
|
ServerName REPLACE_SERVER_NAME
|
||||||
|
ServerAdmin REPLACE_SERVER_ADMIN
|
||||||
|
ServerSignature On
|
||||||
|
|
||||||
|
DocumentRoot "REPLACE_SERVER_DIR"
|
||||||
|
|
||||||
|
<Directory />
|
||||||
|
AllowOverride none
|
||||||
|
Require all denied
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<Directory "/var/www">
|
||||||
|
Options Indexes FollowSymLinks MultiViews ExecCGI Includes
|
||||||
|
AllowOverride All
|
||||||
|
Require all granted
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<Directory "/data/htdocs">
|
||||||
|
Options Indexes FollowSymLinks MultiViews ExecCGI Includes
|
||||||
|
AllowOverride All
|
||||||
|
Require all granted
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<Directory "REPLACE_SERVER_DIR">
|
||||||
|
Options Indexes FollowSymLinks MultiViews ExecCGI Includes
|
||||||
|
AllowOverride All
|
||||||
|
Require all granted
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<Directory "/usr/local/share/apache2">
|
||||||
|
Options Indexes FollowSymLinks MultiViews ExecCGI Includes
|
||||||
|
AllowOverride All
|
||||||
|
Require all granted
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<Directory "/usr/local/share/template-files/data/htdocs/www">
|
||||||
|
Options Indexes FollowSymLinks MultiViews ExecCGI Includes
|
||||||
|
AllowOverride All
|
||||||
|
Require all granted
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<IfModule dir_module>
|
||||||
|
DirectoryIndex index.php index.cgi index.asp index.aspx index.pl index.aspx index.shtml awstats.pl index.txt index.json index.html index.html.var Default.aspx default.aspx index.unknown.php index.default.php
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
<Files ".ht*">
|
||||||
|
Require all denied
|
||||||
|
</Files>
|
||||||
|
|
||||||
|
ErrorLog /data/logs/httpd/httpd.log
|
||||||
|
LogLevel warn
|
||||||
|
|
||||||
|
<IfModule log_config_module>
|
||||||
|
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
|
||||||
|
LogFormat "%h %l %u %t \"%r\" %>s %b" common
|
||||||
|
<IfModule logio_module>
|
||||||
|
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
|
||||||
|
</IfModule>
|
||||||
|
CustomLog /data/logs/httpd/access.default.log combined
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
<IfModule alias_module>
|
||||||
|
Alias /health /data/htdocs/www/health/index.txt
|
||||||
|
Alias /health/json /data/htdocs/www/health/index.json
|
||||||
|
ScriptAlias /cgi-bin/ "/data/htdocs/cgi-bin/"
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
<Directory "/data/htdocs/cgi-bin">
|
||||||
|
AllowOverride None
|
||||||
|
Options None
|
||||||
|
Require all granted
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<IfModule cgid_module>
|
||||||
|
#Scriptsock cgisock
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
<IfModule headers_module>
|
||||||
|
RequestHeader unset Proxy early
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
<IfModule mime_module>
|
||||||
|
TypesConfig /etc/apache2/mime.types
|
||||||
|
AddType application/x-gzip .tgz
|
||||||
|
AddEncoding x-compress .Z
|
||||||
|
AddEncoding x-gzip .gz .tgz
|
||||||
|
AddType application/x-compress .Z
|
||||||
|
AddType application/x-gzip .gz .tgz
|
||||||
|
AddHandler cgi-script .cgi
|
||||||
|
AddHandler type-map var
|
||||||
|
AddType text/html .shtml
|
||||||
|
AddOutputFilter INCLUDES .shtml
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
<IfModule mime_magic_module>
|
||||||
|
MIMEMagicFile /etc/apache2/magic
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
#SSLUseStapling On
|
||||||
|
#SSLOCSPEnable on
|
||||||
|
#SSLStaplingCache shmcb:/run/httpd/ssl_stapling(32768)
|
||||||
|
SSLProxyCheckPeerName off
|
||||||
|
SSLProxyCheckPeerExpire off
|
||||||
|
SSLProxyCheckPeerCN off
|
||||||
|
SSLSessionCache shmcb:/run/httpd/sslcache(512000)
|
||||||
|
SSLSessionCacheTimeout 300
|
||||||
|
SSLRandomSeed startup file:/dev/urandom 256
|
||||||
|
SSLRandomSeed connect builtin
|
||||||
|
SSLCryptoDevice builtin
|
||||||
|
SSLOpenSSLConfCmd DHParameters "/etc/ssl/dhparam/httpd.pem"
|
||||||
|
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
|
||||||
|
SSLHonorCipherOrder on
|
||||||
|
SSLOptions +StrictRequire
|
||||||
|
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
|
||||||
|
Protocols h2 http/1.1
|
||||||
|
|
||||||
|
Header set Strict-Transport-Security "max-age=31536000; preload" env=HTTPS
|
||||||
|
Header always set Access-Control-Allow-Origin "*"
|
||||||
|
Header always set Content-Security-Policy "*"
|
||||||
|
Header always set Access-Control-Max-Age "1000"
|
||||||
|
Header always set Access-Control-Allow-Headers "X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding"
|
||||||
|
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
|
||||||
|
Header always add Header "It took %D microseconds for request"
|
||||||
|
|
||||||
|
<IfModule mod_status.c>
|
||||||
|
<Location /server-status>
|
||||||
|
SetHandler server-status
|
||||||
|
</Location>
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
ProxyErrorOverride on
|
||||||
|
IncludeOptional /etc/apache2/conf.d/*.conf
|
||||||
|
IncludeOptional /etc/apache2/vhosts.d/*.conf
|
4
configs/apache2/vhosts.d/default.conf
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
# Default host
|
||||||
|
<VirtualHost _default_:REPLACE_SERVER_PORT>
|
||||||
|
DocumentRoot "REPLACE_SERVER_DIR"
|
||||||
|
</VirtualHost>
|
8
configs/apache2/vhosts.d/default.ssl.conf
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
# Default host for SSL
|
||||||
|
<VirtualHost _default_:REPLACE_SERVER_PORT>
|
||||||
|
SSLEngine on
|
||||||
|
DocumentRoot "REPLACE_SERVER_DIR"
|
||||||
|
SSLCertificateFile /config/ssl/server.crt
|
||||||
|
SSLCertificateKeyFile /config/ssl/server.key
|
||||||
|
Header always set Strict-Transport-Security "max-age=31536000; preload"
|
||||||
|
</VirtualHost>
|
7
configs/caddy/Caddyfile
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
|
||||||
|
:REPLACE_SERVER_PORT {
|
||||||
|
root * /data/htdocs/www
|
||||||
|
file_server
|
||||||
|
#reverse_proxy localhost:8080
|
||||||
|
php_fastcgi localhost:9000
|
||||||
|
}
|
3
configs/caddy/reverse.Caddyfile
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
:REPLACE_SERVER_PORT {
|
||||||
|
reverse_proxy localhost:8080
|
||||||
|
}
|
321
configs/cherokee/cherokee.conf
Normal file
@ -0,0 +1,321 @@
|
|||||||
|
config!version = 001002104
|
||||||
|
server!bind!1!port = REPLACE_SERVER_PORT
|
||||||
|
server!collector = rrd
|
||||||
|
server!keepalive = 1
|
||||||
|
server!keepalive_max_requests = 500
|
||||||
|
server!panic_action = /usr/local/share/cherokee/bin/cherokee-panic
|
||||||
|
server!pid_file = /tmp/cherokee.pid
|
||||||
|
server!post_track = post_track
|
||||||
|
server!server_tokens = product
|
||||||
|
server!timeout = 15
|
||||||
|
vserver!1!collector!enabled = 1
|
||||||
|
vserver!1!directory_index = index.php,index.cgi,index.asp,index.aspx,index.pl,index.aspx,index.shtml,index.txt,index.json,awstats.pl,Default.aspx,default.aspx,index.html,index.html.var,index.unknown.php,index.default.php
|
||||||
|
vserver!1!document_root = REPLACE_WWW_DIR
|
||||||
|
vserver!1!error_writer!filename = /data/logs/cherokee/cherokee.log
|
||||||
|
vserver!1!error_writer!type = file
|
||||||
|
vserver!1!evhost = evhost
|
||||||
|
vserver!1!evhost!tpl_document_root = REPLACE_WWW_DIR/${domain}
|
||||||
|
vserver!1!logger = combined
|
||||||
|
vserver!1!logger!access!buffsize = 16384
|
||||||
|
vserver!1!logger!access!filename = /data/logs/cherokee/access.log
|
||||||
|
vserver!1!logger!access!type = file
|
||||||
|
vserver!1!logger!x_real_ip_access = 0.0.0.0
|
||||||
|
vserver!1!logger!x_real_ip_access_all = 0
|
||||||
|
vserver!1!logger!x_real_ip_enabled = 1
|
||||||
|
vserver!1!nick = default
|
||||||
|
vserver!1!rule!60!encoder!gzip = allow
|
||||||
|
vserver!1!rule!60!flcache = forbid
|
||||||
|
vserver!1!rule!60!flcache!policy = explicitly_allowed
|
||||||
|
vserver!1!rule!60!handler = fcgi
|
||||||
|
vserver!1!rule!60!handler!balancer = round_robin
|
||||||
|
vserver!1!rule!60!handler!balancer!source!10 = 1
|
||||||
|
vserver!1!rule!60!handler!error_handler = 1
|
||||||
|
vserver!1!rule!60!handler!x_real_ip_enabled = 1
|
||||||
|
vserver!1!rule!60!match = extensions
|
||||||
|
vserver!1!rule!60!match!check_local_file = 1
|
||||||
|
vserver!1!rule!60!match!extensions = php
|
||||||
|
vserver!1!rule!60!match!final = 0
|
||||||
|
vserver!1!rule!60!timeout = 30
|
||||||
|
vserver!1!rule!50!encoder!gzip = allow
|
||||||
|
vserver!1!rule!50!handler = server_info
|
||||||
|
vserver!1!rule!50!handler!type = just_about
|
||||||
|
vserver!1!rule!50!match = directory
|
||||||
|
vserver!1!rule!50!match!directory = /about
|
||||||
|
vserver!1!rule!40!document_root = /data/htdocs/cgi-bin
|
||||||
|
vserver!1!rule!40!handler = cgi
|
||||||
|
vserver!1!rule!40!match = directory
|
||||||
|
vserver!1!rule!40!match!directory = /cgi-bin
|
||||||
|
vserver!1!rule!30!document_root = /usr/local/share/cherokee/share/cherokee/themes
|
||||||
|
vserver!1!rule!30!handler = file
|
||||||
|
vserver!1!rule!30!match = directory
|
||||||
|
vserver!1!rule!30!match!directory = /cherokee_themes
|
||||||
|
vserver!1!rule!20!document_root = /usr/local/share/cherokee/share/cherokee/icons
|
||||||
|
vserver!1!rule!20!handler = file
|
||||||
|
vserver!1!rule!20!match = directory
|
||||||
|
vserver!1!rule!20!match!directory = /cherokee_icons
|
||||||
|
vserver!1!rule!10!handler = common
|
||||||
|
vserver!1!rule!10!handler!iocache = 1
|
||||||
|
vserver!1!rule!10!match = default
|
||||||
|
source!1!env!PHP_FCGI_CHILDREN = 5
|
||||||
|
source!1!env!PHP_FCGI_MAX_REQUESTS = 490
|
||||||
|
source!1!env_inherited = 0
|
||||||
|
source!1!host = 127.0.0.1:9000
|
||||||
|
source!1!interpreter = /usr/bin/php-cgi -b 127.0.0.1:9000
|
||||||
|
source!1!nick = PHP Interpreter
|
||||||
|
source!1!type = host
|
||||||
|
icons!default = page_white.png
|
||||||
|
icons!directory = folder.png
|
||||||
|
icons!file!bomb.png = core
|
||||||
|
icons!file!page_white_go.png = *README*
|
||||||
|
icons!parent_directory = arrow_turn_left.png
|
||||||
|
icons!suffix!camera.png = jpg,jpeg,jpe
|
||||||
|
icons!suffix!cd.png = iso,ngr,cue
|
||||||
|
icons!suffix!color_wheel.png = png,gif,xcf,bmp,pcx,tiff,tif,cdr,psd,xpm,xbm
|
||||||
|
icons!suffix!control_play.png = bin,exe,com,msi,out
|
||||||
|
icons!suffix!css.png = css
|
||||||
|
icons!suffix!cup.png = java,class,jar
|
||||||
|
icons!suffix!email.png = eml,mbox,box,email,mbx
|
||||||
|
icons!suffix!film.png = avi,mpeg,mpe,mpg,mpeg3,dl,fli,qt,mov,movie,flv,webm
|
||||||
|
icons!suffix!font.png = ttf
|
||||||
|
icons!suffix!html.png = html,htm
|
||||||
|
icons!suffix!music.png = au,snd,mid,midi,kar,mpga,mpega,mp2,mp3,sid,wav,aif,aiff,aifc,gsm,m3u,wma,wax,ra,rm,ram,pls,sd2,ogg
|
||||||
|
icons!suffix!package.png = tar,gz,bz2,zip,rar,ace,lha,7z,dmg,cpk
|
||||||
|
icons!suffix!page_white_acrobat.png = pdf
|
||||||
|
icons!suffix!page_white_c.png = c,h,cpp
|
||||||
|
icons!suffix!page_white_office.png = doc,ppt,xls
|
||||||
|
icons!suffix!page_white_php.png = php
|
||||||
|
icons!suffix!page_white_text.png = txt,text,rtf,sdw
|
||||||
|
icons!suffix!printer.png = ps,eps
|
||||||
|
icons!suffix!ruby.png = rb
|
||||||
|
icons!suffix!script.png = sh,csh,ksh,tcl,tk,py,pl
|
||||||
|
mime!application/bzip2!extensions = bz2
|
||||||
|
mime!application/gzip!extensions = gz
|
||||||
|
mime!application/hta!extensions = hta
|
||||||
|
mime!application/java-archive!extensions = jar
|
||||||
|
mime!application/java-serialized-object!extensions = ser
|
||||||
|
mime!application/java-vm!extensions = class
|
||||||
|
mime!application/json!extensions = json
|
||||||
|
mime!application/mac-binhex40!extensions = hqx
|
||||||
|
mime!application/msaccess!extensions = mdb
|
||||||
|
mime!application/msword!extensions = doc,dot
|
||||||
|
mime!application/octet-stream!extensions = bin
|
||||||
|
mime!application/octetstream!extensions = ace
|
||||||
|
mime!application/oda!extensions = oda
|
||||||
|
mime!application/ogg!extensions = ogx
|
||||||
|
mime!application/pdf!extensions = pdf
|
||||||
|
mime!application/pgp-keys!extensions = key
|
||||||
|
mime!application/pgp-signature!extensions = pgp
|
||||||
|
mime!application/pics-rules!extensions = prf
|
||||||
|
mime!application/postscript!extensions = ps,ai,eps
|
||||||
|
mime!application/rar!extensions = rar
|
||||||
|
mime!application/rdf+xml!extensions = rdf
|
||||||
|
mime!application/rss+xml!extensions = rss
|
||||||
|
mime!application/smil!extensions = smi,smil
|
||||||
|
mime!application/vnd.mozilla.xul+xml!extensions = xul
|
||||||
|
mime!application/vnd.ms-excel!extensions = xls,xlb,xlt
|
||||||
|
mime!application/vnd.ms-pki.seccat!extensions = cat
|
||||||
|
mime!application/vnd.ms-pki.stl!extensions = stl
|
||||||
|
mime!application/vnd.ms-powerpoint!extensions = ppt,pps
|
||||||
|
mime!application/vnd.oasis.opendocument.chart!extensions = odc
|
||||||
|
mime!application/vnd.oasis.opendocument.database!extensions = odb
|
||||||
|
mime!application/vnd.oasis.opendocument.formula!extensions = odf
|
||||||
|
mime!application/vnd.oasis.opendocument.graphics!extensions = odg
|
||||||
|
mime!application/vnd.oasis.opendocument.image!extensions = odi
|
||||||
|
mime!application/vnd.oasis.opendocument.presentation!extensions = odp
|
||||||
|
mime!application/vnd.oasis.opendocument.spreadsheet!extensions = ods
|
||||||
|
mime!application/vnd.oasis.opendocument.text!extensions = odt
|
||||||
|
mime!application/vnd.oasis.opendocument.text-master!extensions = odm
|
||||||
|
mime!application/vnd.oasis.opendocument.text-web!extensions = oth
|
||||||
|
mime!application/vnd.pkg5.info!extensions = p5i
|
||||||
|
mime!application/vnd.visio!extensions = vsd
|
||||||
|
mime!application/vnd.wap.wbxml!extensions = wbxml
|
||||||
|
mime!application/vnd.wap.wmlc!extensions = wmlc
|
||||||
|
mime!application/vnd.wap.wmlscriptc!extensions = wmlsc
|
||||||
|
mime!application/x-7z-compressed!extensions = 7z
|
||||||
|
mime!application/x-abiword!extensions = abw
|
||||||
|
mime!application/x-apple-diskimage!extensions = dmg
|
||||||
|
mime!application/x-bcpio!extensions = bcpio
|
||||||
|
mime!application/x-bittorrent!extensions = torrent
|
||||||
|
mime!application/x-cdf!extensions = cdf
|
||||||
|
mime!application/x-cpio!extensions = cpio
|
||||||
|
mime!application/x-csh!extensions = csh
|
||||||
|
mime!application/x-debian-package!extensions = deb,udeb
|
||||||
|
mime!application/x-director!extensions = dcr,dir,dxr
|
||||||
|
mime!application/x-dvi!extensions = dvi
|
||||||
|
mime!application/x-flac!extensions = flac
|
||||||
|
mime!application/x-font!extensions = pfa,pfb,gsf,pcf,pcf.Z
|
||||||
|
mime!application/x-freemind!extensions = mm
|
||||||
|
mime!application/x-gnumeric!extensions = gnumeric
|
||||||
|
mime!application/x-gtar!extensions = gtar,tgz,taz
|
||||||
|
mime!application/x-gzip!extensions = gz,tgz
|
||||||
|
mime!application/x-httpd-php!extensions = phtml,pht,php
|
||||||
|
mime!application/x-httpd-php-source!extensions = phps
|
||||||
|
mime!application/x-httpd-php3!extensions = php3
|
||||||
|
mime!application/x-httpd-php3-preprocessed!extensions = php3p
|
||||||
|
mime!application/x-httpd-php4!extensions = php4
|
||||||
|
mime!application/x-internet-signup!extensions = ins,isp
|
||||||
|
mime!application/x-iphone!extensions = iii
|
||||||
|
mime!application/x-iso9660-image!extensions = iso
|
||||||
|
mime!application/x-java-jnlp-file!extensions = jnlp
|
||||||
|
mime!application/x-javascript!extensions = js
|
||||||
|
mime!application/x-kchart!extensions = chrt
|
||||||
|
mime!application/x-killustrator!extensions = kil
|
||||||
|
mime!application/x-koan!extensions = skp,skd,skt,skm
|
||||||
|
mime!application/x-kpresenter!extensions = kpr,kpt
|
||||||
|
mime!application/x-kspread!extensions = ksp
|
||||||
|
mime!application/x-kword!extensions = kwd,kwt
|
||||||
|
mime!application/x-latex!extensions = latex
|
||||||
|
mime!application/x-lha!extensions = lha
|
||||||
|
mime!application/x-lzh!extensions = lzh
|
||||||
|
mime!application/x-lzx!extensions = lzx
|
||||||
|
mime!application/x-ms-wmd!extensions = wmd
|
||||||
|
mime!application/x-ms-wmz!extensions = wmz
|
||||||
|
mime!application/x-msdos-program!extensions = com,exe,bat,dll
|
||||||
|
mime!application/x-msi!extensions = msi
|
||||||
|
mime!application/x-netcdf!extensions = nc
|
||||||
|
mime!application/x-ns-proxy-autoconfig!extensions = pac
|
||||||
|
mime!application/x-nwc!extensions = nwc
|
||||||
|
mime!application/x-object!extensions = o
|
||||||
|
mime!application/x-oz-application!extensions = oza
|
||||||
|
mime!application/x-pkcs7-certreqresp!extensions = p7r
|
||||||
|
mime!application/x-pkcs7-crl!extensions = crl
|
||||||
|
mime!application/x-python-code!extensions = pyc,pyo
|
||||||
|
mime!application/x-quicktimeplayer!extensions = qtl
|
||||||
|
mime!application/x-redhat-package-manager!extensions = rpm
|
||||||
|
mime!application/x-sh!extensions = sh
|
||||||
|
mime!application/x-shar!extensions = shar
|
||||||
|
mime!application/x-shockwave-flash!extensions = swf,swfl
|
||||||
|
mime!application/x-stuffit!extensions = sit,sea
|
||||||
|
mime!application/x-sv4cpio!extensions = sv4cpio
|
||||||
|
mime!application/x-sv4crc!extensions = sv4crc
|
||||||
|
mime!application/x-tar!extensions = tar
|
||||||
|
mime!application/x-tcl!extensions = tcl
|
||||||
|
mime!application/x-tex-pk!extensions = pk
|
||||||
|
mime!application/x-texinfo!extensions = texinfo,texi
|
||||||
|
mime!application/x-trash!extensions = ~,bak,old,sik
|
||||||
|
mime!application/x-troff!extensions = t,tr,roff
|
||||||
|
mime!application/x-troff-man!extensions = man
|
||||||
|
mime!application/x-troff-me!extensions = me
|
||||||
|
mime!application/x-troff-ms!extensions = ms
|
||||||
|
mime!application/x-ustar!extensions = ustar
|
||||||
|
mime!application/x-x509-ca-cert!extensions = crt
|
||||||
|
mime!application/x-xcf!extensions = xcf
|
||||||
|
mime!application/x-xfig!extensions = fig
|
||||||
|
mime!application/x-xpinstall!extensions = xpi
|
||||||
|
mime!application/xhtml+xml!extensions = xhtml,xht
|
||||||
|
mime!application/xml!extensions = xml,xsl
|
||||||
|
mime!application/zip!extensions = zip
|
||||||
|
mime!audio/basic!extensions = au,snd
|
||||||
|
mime!audio/midi!extensions = mid,midi,kar
|
||||||
|
mime!audio/mpeg!extensions = mpga,mpega,mp2,mp3,m4a
|
||||||
|
mime!audio/ogg!extensions = ogg,oga
|
||||||
|
mime!audio/prs.sid!extensions = sid
|
||||||
|
mime!audio/x-aiff!extensions = aif,aiff,aifc
|
||||||
|
mime!audio/x-gsm!extensions = gsm
|
||||||
|
mime!audio/x-mpegurl!extensions = m3u
|
||||||
|
mime!audio/x-ms-wax!extensions = wax
|
||||||
|
mime!audio/x-ms-wma!extensions = wma
|
||||||
|
mime!audio/x-pn-realaudio!extensions = ra,rm,ram
|
||||||
|
mime!audio/x-realaudio!extensions = ra
|
||||||
|
mime!audio/x-scpls!extensions = pls
|
||||||
|
mime!audio/x-sd2!extensions = sd2
|
||||||
|
mime!audio/x-wav!extensions = wav
|
||||||
|
mime!chemical/x-cache!extensions = cac,cache
|
||||||
|
mime!chemical/x-cache-csf!extensions = csf
|
||||||
|
mime!chemical/x-cdx!extensions = cdx
|
||||||
|
mime!chemical/x-cif!extensions = cif
|
||||||
|
mime!chemical/x-cmdf!extensions = cmdf
|
||||||
|
mime!chemical/x-cml!extensions = cml
|
||||||
|
mime!chemical/x-compass!extensions = cpa
|
||||||
|
mime!chemical/x-crossfire!extensions = bsd
|
||||||
|
mime!chemical/x-csml!extensions = csml,csm
|
||||||
|
mime!chemical/x-ctx!extensions = ctx
|
||||||
|
mime!chemical/x-cxf!extensions = cxf,cef
|
||||||
|
mime!chemical/x-isostar!extensions = istr,ist
|
||||||
|
mime!chemical/x-jcamp-dx!extensions = jdx,dx
|
||||||
|
mime!chemical/x-kinemage!extensions = kin
|
||||||
|
mime!chemical/x-pdb!extensions = pdb,ent
|
||||||
|
mime!chemical/x-swissprot!extensions = sw
|
||||||
|
mime!chemical/x-vamas-iso14976!extensions = vms
|
||||||
|
mime!chemical/x-vmd!extensions = vmd
|
||||||
|
mime!chemical/x-xtel!extensions = xtel
|
||||||
|
mime!chemical/x-xyz!extensions = xyz
|
||||||
|
mime!image/gif!extensions = gif
|
||||||
|
mime!image/jpeg!extensions = jpeg,jpg,jpe
|
||||||
|
mime!image/pcx!extensions = pcx
|
||||||
|
mime!image/png!extensions = png
|
||||||
|
mime!image/svg+xml!extensions = svg,svgz
|
||||||
|
mime!image/tiff!extensions = tiff,tif
|
||||||
|
mime!image/vnd.djvu!extensions = djvu,djv
|
||||||
|
mime!image/vnd.wap.wbmp!extensions = wbmp
|
||||||
|
mime!image/x-icon!extensions = ico
|
||||||
|
mime!image/x-ms-bmp!extensions = bmp
|
||||||
|
mime!image/x-photoshop!extensions = psd
|
||||||
|
mime!image/x-portable-anymap!extensions = pnm
|
||||||
|
mime!image/x-portable-bitmap!extensions = pbm
|
||||||
|
mime!image/x-portable-graymap!extensions = pgm
|
||||||
|
mime!image/x-portable-pixmap!extensions = ppm
|
||||||
|
mime!image/x-xbitmap!extensions = xbm
|
||||||
|
mime!image/x-xpixmap!extensions = xpm
|
||||||
|
mime!image/x-xwindowdump!extensions = xwd
|
||||||
|
mime!model/iges!extensions = igs,iges
|
||||||
|
mime!model/mesh!extensions = msh,mesh,silo
|
||||||
|
mime!model/vrml!extensions = wrl,vrml
|
||||||
|
mime!text/calendar!extensions = ics,icz
|
||||||
|
mime!text/comma-separated-values!extensions = csv
|
||||||
|
mime!text/css!extensions = css
|
||||||
|
mime!text/h323!extensions = 323
|
||||||
|
mime!text/html!extensions = html,htm,shtml
|
||||||
|
mime!text/iuls!extensions = uls
|
||||||
|
mime!text/mathml!extensions = mml
|
||||||
|
mime!text/plain!extensions = asc,txt,text,diff,pot
|
||||||
|
mime!text/richtext!extensions = rtx
|
||||||
|
mime!text/rtf!extensions = rtf
|
||||||
|
mime!text/scriptlet!extensions = sct,wsc
|
||||||
|
mime!text/tab-separated-values!extensions = tsv
|
||||||
|
mime!text/vnd.sun.j2me.app-descriptor!extensions = jad
|
||||||
|
mime!text/vnd.wap.wml!extensions = wml
|
||||||
|
mime!text/vnd.wap.wmlscript!extensions = wmls
|
||||||
|
mime!text/x-boo!extensions = boo
|
||||||
|
mime!text/x-c++hdr!extensions = h++,hpp,hxx,hh
|
||||||
|
mime!text/x-c++src!extensions = c++,cpp,cxx,cc
|
||||||
|
mime!text/x-chdr!extensions = h
|
||||||
|
mime!text/x-csh!extensions = csh
|
||||||
|
mime!text/x-csrc!extensions = c
|
||||||
|
mime!text/x-dsrc!extensions = d
|
||||||
|
mime!text/x-haskell!extensions = hs
|
||||||
|
mime!text/x-java!extensions = java
|
||||||
|
mime!text/x-literate-haskell!extensions = lhs
|
||||||
|
mime!text/x-moc!extensions = moc
|
||||||
|
mime!text/x-pascal!extensions = p,pas
|
||||||
|
mime!text/x-pcs-gcd!extensions = gcd
|
||||||
|
mime!text/x-perl!extensions = pl,pm
|
||||||
|
mime!text/x-python!extensions = py
|
||||||
|
mime!text/x-setext!extensions = etx
|
||||||
|
mime!text/x-sh!extensions = sh
|
||||||
|
mime!text/x-tcl!extensions = tcl,tk
|
||||||
|
mime!text/x-tex!extensions = tex,ltx,sty,cls
|
||||||
|
mime!text/x-vcalendar!extensions = vcs
|
||||||
|
mime!text/x-vcard!extensions = vcf
|
||||||
|
mime!video/dl!extensions = dl
|
||||||
|
mime!video/dv!extensions = dif,dv
|
||||||
|
mime!video/fli!extensions = fli
|
||||||
|
mime!video/gl!extensions = gl
|
||||||
|
mime!video/mp4!extensions = mp4
|
||||||
|
mime!video/mpeg!extensions = mpeg,mpg,mpe
|
||||||
|
mime!video/ogg!extensions = ogv
|
||||||
|
mime!video/quicktime!extensions = qt,mov
|
||||||
|
mime!video/vnd.mpegurl!extensions = mxu
|
||||||
|
mime!video/webm!extensions = webm
|
||||||
|
mime!video/x-flv!extensions = flv
|
||||||
|
mime!video/x-la-asf!extensions = lsf,lsx
|
||||||
|
mime!video/x-mng!extensions = mng
|
||||||
|
mime!video/x-ms-asf!extensions = asf,asx
|
||||||
|
mime!video/x-ms-wm!extensions = wm
|
||||||
|
mime!video/x-ms-wmv!extensions = wmv
|
||||||
|
mime!video/x-ms-wmx!extensions = wmx
|
||||||
|
mime!video/x-ms-wvx!extensions = wvx
|
||||||
|
mime!video/x-msvideo!extensions = avi
|
||||||
|
mime!video/x-sgi-movie!extensions = movie
|
||||||
|
mime!x-conference/x-cooltalk!extensions = ice
|
||||||
|
mime!x-world/x-vrml!extensions = vrm,vrml,wrl
|
158
configs/couchdb/default.ini
Normal file
@ -0,0 +1,158 @@
|
|||||||
|
; Upgrading CouchDB will overwrite this file.
|
||||||
|
[vendor]
|
||||||
|
name = CasjaysDev
|
||||||
|
|
||||||
|
[couchdb]
|
||||||
|
;uuid =
|
||||||
|
database_dir = REPLACE_DATABASE_DIR
|
||||||
|
view_index_dir = REPLACE_DATABASE_DIR
|
||||||
|
|
||||||
|
[couchdb_engines]
|
||||||
|
couch = couch_bt_engine
|
||||||
|
|
||||||
|
[chttpd]
|
||||||
|
port = 5984
|
||||||
|
bind_address = any
|
||||||
|
require_valid_user = false
|
||||||
|
prefer_minimal = Cache-Control, Content-Length, Content-Range, Content-Type, ETag, Server, Transfer-Encoding, Vary
|
||||||
|
admin_only_all_dbs = true
|
||||||
|
allow_jsonp = true
|
||||||
|
enable_cors = true
|
||||||
|
enable_xframe_options = false
|
||||||
|
max_uri_length = 8000
|
||||||
|
x_forwarded_host = X-Forwarded-Host
|
||||||
|
x_forwarded_proto = X-Forwarded-Proto
|
||||||
|
x_forwarded_ssl = X-Forwarded-Ssl
|
||||||
|
max_http_request_size = 4294967296
|
||||||
|
decode_plus_to_space = true
|
||||||
|
|
||||||
|
[couch_peruser]
|
||||||
|
enable = true
|
||||||
|
delete_dbs = true
|
||||||
|
database_prefix = userdb_
|
||||||
|
|
||||||
|
[httpd]
|
||||||
|
port = 5986
|
||||||
|
bind_address = any
|
||||||
|
enable_cors = true
|
||||||
|
|
||||||
|
[chttpd_auth]
|
||||||
|
authentication_db = _users
|
||||||
|
authentication_redirect = /_utils/session.html
|
||||||
|
require_valid_user = false
|
||||||
|
timeout = 600
|
||||||
|
auth_cache_size = 50
|
||||||
|
allow_persistent_cookies = true
|
||||||
|
iterations = 10
|
||||||
|
|
||||||
|
[couch_httpd_auth]
|
||||||
|
authentication_db = _users
|
||||||
|
|
||||||
|
[ssl]
|
||||||
|
enable = false
|
||||||
|
verify_ssl_certificates = false
|
||||||
|
cert_file = /config/ssl/localhost.crt
|
||||||
|
key_file = /config/ssl/localhost.key
|
||||||
|
|
||||||
|
[csp]
|
||||||
|
utils_enable = true
|
||||||
|
utils_header_value = default-src 'self'; img-src 'self'; font-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
|
||||||
|
attachments_enable = true
|
||||||
|
attachments_header_value = sandbox
|
||||||
|
showlist_enable = true
|
||||||
|
showlist_header_value = sandbox
|
||||||
|
|
||||||
|
[cors]
|
||||||
|
origins = *
|
||||||
|
credentials = true
|
||||||
|
methods = GET, PUT, POST, HEAD, DELETE, PATCH
|
||||||
|
headers = accept, authorization, content-type, origin, referer
|
||||||
|
|
||||||
|
[x_frame_options]
|
||||||
|
hosts = *
|
||||||
|
same_origin = true
|
||||||
|
|
||||||
|
[native_query_servers]
|
||||||
|
enable_erlang_query_server = false
|
||||||
|
|
||||||
|
[query_server_config]
|
||||||
|
reduce_limit = true
|
||||||
|
os_process_limit = 100
|
||||||
|
group_info_timeout = 5000
|
||||||
|
query_limit = 268435456
|
||||||
|
partition_query_limit = 268435456
|
||||||
|
|
||||||
|
[mango]
|
||||||
|
default_limit = 25
|
||||||
|
index_all_disabled = false
|
||||||
|
index_scan_warning_threshold = 10
|
||||||
|
|
||||||
|
[indexers]
|
||||||
|
couch_mrview = true
|
||||||
|
|
||||||
|
[feature_flags]
|
||||||
|
partitioned||* = true
|
||||||
|
|
||||||
|
[uuids]
|
||||||
|
algorithm = sequential
|
||||||
|
utc_id_suffix =
|
||||||
|
max_count = 1000
|
||||||
|
|
||||||
|
[attachments]
|
||||||
|
compression_level = 8
|
||||||
|
compressible_types = text/*, application/javascript, application/json, application/xml
|
||||||
|
|
||||||
|
[replicator]
|
||||||
|
startup_jitter = 5000
|
||||||
|
|
||||||
|
[replicator.shares]
|
||||||
|
_replicator = 100
|
||||||
|
|
||||||
|
[log]
|
||||||
|
writer = stderr
|
||||||
|
level = error
|
||||||
|
|
||||||
|
[stats]
|
||||||
|
interval = 10
|
||||||
|
|
||||||
|
[smoosh]
|
||||||
|
db_channels = upgrade_dbs,ratio_dbs,slack_dbs
|
||||||
|
view_channels = upgrade_views,ratio_views,slack_views
|
||||||
|
|
||||||
|
[ioq]
|
||||||
|
concurrency = 10
|
||||||
|
ratio = 0.01
|
||||||
|
|
||||||
|
[ioq.bypass]
|
||||||
|
os_process = true
|
||||||
|
read = true
|
||||||
|
write = true
|
||||||
|
view_update = true
|
||||||
|
shard_sync = false
|
||||||
|
compaction = false
|
||||||
|
|
||||||
|
[dreyfus]
|
||||||
|
name = clouseau@127.0.0.1
|
||||||
|
retry_limit = 5
|
||||||
|
limit = 25
|
||||||
|
limit_partitions = 2000
|
||||||
|
max_limit = 200
|
||||||
|
max_limit_partitions = 2000
|
||||||
|
|
||||||
|
[reshard]
|
||||||
|
max_jobs = 48
|
||||||
|
max_history = 20
|
||||||
|
max_retries = 1
|
||||||
|
retry_interval_sec = 10
|
||||||
|
delete_source = true
|
||||||
|
update_shard_map_timeout_sec = 60
|
||||||
|
source_close_timeout_sec = 600
|
||||||
|
require_node_param = false
|
||||||
|
require_range_param = false
|
||||||
|
|
||||||
|
[prometheus]
|
||||||
|
bind_address = any
|
||||||
|
port = 17986
|
||||||
|
|
||||||
|
[cluster]
|
||||||
|
n = 1
|
6
configs/couchdb/local.ini
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
[couchdb]
|
||||||
|
single_node=true
|
||||||
|
|
||||||
|
[log]
|
||||||
|
writer = file
|
||||||
|
file = /data/logs/couchdb/couch.log
|
7
configs/docker/daemon.json
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
{
|
||||||
|
"ip": "127.0.0.1",
|
||||||
|
"iptables": true,
|
||||||
|
"log-level": "error" ,
|
||||||
|
"pidfile": "/tmp/docker.pid",
|
||||||
|
"insecure-registries": ["localhost:5000"]
|
||||||
|
}
|
144
configs/docker/registry.yaml
Normal file
@ -0,0 +1,144 @@
|
|||||||
|
#https://docs.docker.com/registry/configuration/
|
||||||
|
version: 0.1
|
||||||
|
log:
|
||||||
|
formatter: text
|
||||||
|
fields:
|
||||||
|
service: registry
|
||||||
|
################
|
||||||
|
storage:
|
||||||
|
delete:
|
||||||
|
enabled: true
|
||||||
|
cache:
|
||||||
|
blobdescriptor: inmemory
|
||||||
|
filesystem:
|
||||||
|
rootdirectory: /data/registry
|
||||||
|
################
|
||||||
|
http:
|
||||||
|
addr: :5000
|
||||||
|
#prefix: /my/nested/registry/
|
||||||
|
#host: https://myregistryaddress.org:5000
|
||||||
|
#secret: asecretforlocaldevelopment
|
||||||
|
#relativeurls: false
|
||||||
|
#draintimeout: 60s
|
||||||
|
# tls:
|
||||||
|
# certificate: /certs/certs/localhost.crt
|
||||||
|
# key: /certs/private/localhost.key
|
||||||
|
# letsencrypt:
|
||||||
|
# cachefile: /config/certs/cache
|
||||||
|
# email: emailused@letsencrypt.com
|
||||||
|
# hosts: [myregistryaddress.org]
|
||||||
|
headers:
|
||||||
|
X-Content-Type-Options: [nosniff]
|
||||||
|
Access-Control-Max-Age: [1728000]
|
||||||
|
Access-Control-Allow-Origin: ['*']
|
||||||
|
#Access-Control-Allow-Credentials: [true]
|
||||||
|
#Access-Control-Allow-Headers: ['Authorization', 'Accept']
|
||||||
|
#Access-Control-Expose-Headers: ['Docker-Content-Digest']
|
||||||
|
#Access-Control-Allow-Methods: ['HEAD', 'GET', 'OPTIONS', 'DELETE']
|
||||||
|
debug:
|
||||||
|
addr: :5001
|
||||||
|
prometheus:
|
||||||
|
enabled: true
|
||||||
|
path: /metrics
|
||||||
|
http2:
|
||||||
|
disabled: false
|
||||||
|
################
|
||||||
|
auth:
|
||||||
|
none:
|
||||||
|
# silly:
|
||||||
|
# realm: silly-realm
|
||||||
|
# service: silly-service
|
||||||
|
# token:
|
||||||
|
# autoredirect: true
|
||||||
|
# realm: token-realm
|
||||||
|
# service: token-service
|
||||||
|
# issuer: registry-token-issuer
|
||||||
|
# rootcertbundle: /root/certs/bundle
|
||||||
|
# htpasswd:
|
||||||
|
# realm: basic-realm
|
||||||
|
# path: /config/auth/htpasswd
|
||||||
|
################
|
||||||
|
# middleware:
|
||||||
|
# registry:
|
||||||
|
################
|
||||||
|
# reporting:
|
||||||
|
# bugsnag:
|
||||||
|
# apikey: bugsnagapikey
|
||||||
|
# releasestage: bugsnagreleasestage
|
||||||
|
# endpoint: bugsnagendpoint
|
||||||
|
# newrelic:
|
||||||
|
# licensekey: newreliclicensekey
|
||||||
|
# name: newrelicname
|
||||||
|
# verbose: true
|
||||||
|
|
||||||
|
# notifications:
|
||||||
|
# events:
|
||||||
|
# includereferences: true
|
||||||
|
# endpoints:
|
||||||
|
# - name: alistener
|
||||||
|
# disabled: false
|
||||||
|
# url: https://my.listener.com/event
|
||||||
|
# headers: <http.Header>
|
||||||
|
# timeout: 1s
|
||||||
|
# threshold: 10
|
||||||
|
# backoff: 1s
|
||||||
|
# ignoredmediatypes:
|
||||||
|
# - application/octet-stream
|
||||||
|
# ignore:
|
||||||
|
# mediatypes:
|
||||||
|
# - application/octet-stream
|
||||||
|
# actions:
|
||||||
|
# - pull
|
||||||
|
################
|
||||||
|
redis:
|
||||||
|
addr: localhost:6379
|
||||||
|
# password: asecret
|
||||||
|
# db: 0
|
||||||
|
# dialtimeout: 10ms
|
||||||
|
# readtimeout: 10ms
|
||||||
|
# writetimeout: 10ms
|
||||||
|
# pool:
|
||||||
|
# maxidle: 16
|
||||||
|
# maxactive: 64
|
||||||
|
# idletimeout: 300s
|
||||||
|
################
|
||||||
|
health:
|
||||||
|
storagedriver:
|
||||||
|
enabled: true
|
||||||
|
interval: 10s
|
||||||
|
threshold: 3
|
||||||
|
file:
|
||||||
|
- file: /config/docker/registry.yaml
|
||||||
|
interval: 10s
|
||||||
|
# http:
|
||||||
|
# - uri: http://server.to.check/must/return/200
|
||||||
|
# headers:
|
||||||
|
# Authorization: [Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==]
|
||||||
|
# statuscode: 200
|
||||||
|
# timeout: 3s
|
||||||
|
# interval: 10s
|
||||||
|
# threshold: 3
|
||||||
|
# tcp:
|
||||||
|
# - addr: redis-server.domain.com:6379
|
||||||
|
# timeout: 3s
|
||||||
|
# interval: 10s
|
||||||
|
# threshold: 3
|
||||||
|
################
|
||||||
|
# proxy:
|
||||||
|
# remoteurl: https://registry-1.docker.io
|
||||||
|
# username: [username]
|
||||||
|
# password: [password]
|
||||||
|
################
|
||||||
|
compatibility:
|
||||||
|
schema1:
|
||||||
|
# signingkeyfile: /etc/registry/key.json
|
||||||
|
enabled: true
|
||||||
|
################
|
||||||
|
# validation:
|
||||||
|
# manifests:
|
||||||
|
# urls:
|
||||||
|
# allow:
|
||||||
|
# - ^https?://([^/]+\.)*example\.com/
|
||||||
|
# deny:
|
||||||
|
# - ^https?://www\.example\.com/
|
||||||
|
|
308
configs/headphones/headphones.ini
Normal file
@ -0,0 +1,308 @@
|
|||||||
|
[General]
|
||||||
|
add_album_art = 1
|
||||||
|
advancedencoder = ""
|
||||||
|
album_art_format = folder
|
||||||
|
api_enabled = 1
|
||||||
|
api_key = ""
|
||||||
|
auto_add_artists = 1
|
||||||
|
autowant_all = 0
|
||||||
|
autowant_manually_added = 1
|
||||||
|
autowant_upcoming = 1
|
||||||
|
bitrate = 192
|
||||||
|
blackhole = 0
|
||||||
|
blackhole_dir = ""
|
||||||
|
cache_dir = /data/cache
|
||||||
|
check_github = 1
|
||||||
|
check_github_interval = 360
|
||||||
|
check_github_on_startup = 1
|
||||||
|
cleanup_files = 0
|
||||||
|
config_version = 5
|
||||||
|
correct_metadata = 0
|
||||||
|
cue_split = 1
|
||||||
|
cue_split_flac_path = ""
|
||||||
|
cue_split_shntool_path = "/usr/bin"
|
||||||
|
customauth = 0
|
||||||
|
customhost = localhost
|
||||||
|
custompass = ""
|
||||||
|
customport = REPLACE_SERVER_PORT
|
||||||
|
customsleep = 1
|
||||||
|
customuser = ""
|
||||||
|
delete_lossless_files = 1
|
||||||
|
destination_dir = ""
|
||||||
|
detect_bitrate = 0
|
||||||
|
do_not_override_git_branch = 0
|
||||||
|
download_dir = "/data/downloads"
|
||||||
|
download_scan_interval = 5
|
||||||
|
download_torrent_dir = ""
|
||||||
|
embed_album_art = 1
|
||||||
|
embed_lyrics = 1
|
||||||
|
enable_https = 0
|
||||||
|
encoder = ffmpeg
|
||||||
|
encoder_multicore = 0
|
||||||
|
encoder_multicore_count = 0
|
||||||
|
encoder_path = ""
|
||||||
|
encoderfolder = ""
|
||||||
|
encoderlossless = 1
|
||||||
|
encoderoutputformat = mp3
|
||||||
|
encoderquality = 2
|
||||||
|
encodervbrcbr = cbr
|
||||||
|
extras = ""
|
||||||
|
file_format = $Track $Artist - $Title
|
||||||
|
file_permissions = 0644
|
||||||
|
file_underscores = 0
|
||||||
|
folder_format = $Artist
|
||||||
|
folder_permissions = 0755
|
||||||
|
freeze_db = 0
|
||||||
|
git_branch = master
|
||||||
|
git_path = ""
|
||||||
|
git_user = rembo10
|
||||||
|
headphones_indexer = 0
|
||||||
|
hppass = ""
|
||||||
|
hpuser = ""
|
||||||
|
http_host = 0.0.0.0
|
||||||
|
http_port = 80
|
||||||
|
http_proxy = 0
|
||||||
|
http_root = /
|
||||||
|
http_username = ""
|
||||||
|
http_password = ""
|
||||||
|
https_cert = /config/ssl/server.crt
|
||||||
|
https_key = /config/ssl/server.key
|
||||||
|
ignore_clean_releases = 0
|
||||||
|
ignored_words = ""
|
||||||
|
include_extras = 0
|
||||||
|
interface = default
|
||||||
|
keep_nfo = 0
|
||||||
|
keep_original_folder = 0
|
||||||
|
keep_torrent_files = 0
|
||||||
|
lastfm_username = ""
|
||||||
|
launch_browser = 0
|
||||||
|
libraryscan = 1
|
||||||
|
libraryscan_interval = 300
|
||||||
|
log_dir = /data/logs/headphones
|
||||||
|
lossless_bitrate_from = 0
|
||||||
|
lossless_bitrate_to = 0
|
||||||
|
lossless_destination_dir = ""
|
||||||
|
magnet_links = 0
|
||||||
|
mb_ignore_age = 365
|
||||||
|
mirror = musicbrainz.org
|
||||||
|
move_files = 1
|
||||||
|
music_dir = "/data/music"
|
||||||
|
music_encoder = 0
|
||||||
|
numberofseeders = 10
|
||||||
|
nzb_downloader = 0
|
||||||
|
official_releases_only = 0
|
||||||
|
open_magnet_links = 0
|
||||||
|
prefer_torrents = 0
|
||||||
|
preferred_bitrate = ""
|
||||||
|
preferred_bitrate_allow_lossless = 0
|
||||||
|
preferred_bitrate_high_buffer = 0
|
||||||
|
preferred_bitrate_low_buffer = 0
|
||||||
|
preferred_quality = 320
|
||||||
|
preferred_words = ""
|
||||||
|
rename_files = 0
|
||||||
|
replace_existing_folders = 0
|
||||||
|
required_words = ""
|
||||||
|
samplingfrequency = 44100
|
||||||
|
search_interval = 1440
|
||||||
|
torrent_downloader = 0
|
||||||
|
torrent_removal_interval = 720
|
||||||
|
torrentblackhole_dir = ""
|
||||||
|
update_db_interval = 24
|
||||||
|
usenet_retention = 1500
|
||||||
|
wait_until_release_date = 0
|
||||||
|
xldprofile = ""
|
||||||
|
|
||||||
|
[Growl]
|
||||||
|
growl_enabled = 0
|
||||||
|
growl_onsnatch = 0
|
||||||
|
growl_host = ""
|
||||||
|
growl_password = ""
|
||||||
|
|
||||||
|
[Subsonic]
|
||||||
|
subsonic_host = ""
|
||||||
|
subsonic_password = ""
|
||||||
|
subsonic_enabled = 0
|
||||||
|
subsonic_username = ""
|
||||||
|
|
||||||
|
[Waffles]
|
||||||
|
waffles_passkey = ""
|
||||||
|
waffles = 0
|
||||||
|
waffles_uid = ""
|
||||||
|
waffles_ratio = ""
|
||||||
|
|
||||||
|
[Email]
|
||||||
|
email_onsnatch = 0
|
||||||
|
email_smtp_password = ""
|
||||||
|
email_tls = 0
|
||||||
|
email_smtp_port = 25
|
||||||
|
email_smtp_server = ""
|
||||||
|
email_enabled = 0
|
||||||
|
email_smtp_user = ""
|
||||||
|
email_ssl = 0
|
||||||
|
email_to = ""
|
||||||
|
email_from = ""
|
||||||
|
|
||||||
|
[Plex]
|
||||||
|
plex_token = ""
|
||||||
|
plex_client_host = ""
|
||||||
|
plex_notify = 0
|
||||||
|
plex_update = 0
|
||||||
|
plex_username = ""
|
||||||
|
plex_password = ""
|
||||||
|
plex_server_host = ""
|
||||||
|
plex_enabled = 0
|
||||||
|
|
||||||
|
[Old Piratebay]
|
||||||
|
oldpiratebay = 0
|
||||||
|
oldpiratebay_ratio = ""
|
||||||
|
oldpiratebay_url = ""
|
||||||
|
|
||||||
|
[Pushover]
|
||||||
|
pushover_apitoken = ""
|
||||||
|
pushover_onsnatch = 0
|
||||||
|
pushover_enabled = 0
|
||||||
|
pushover_keys = ""
|
||||||
|
pushover_priority = 0
|
||||||
|
|
||||||
|
[NZBget]
|
||||||
|
nzbget_priority = 0
|
||||||
|
nzbget_password = ""
|
||||||
|
nzbget_host = ""
|
||||||
|
nzbget_category = ""
|
||||||
|
nzbget_username = nzbget
|
||||||
|
|
||||||
|
[NZBsorg]
|
||||||
|
nzbsorg_hash = ""
|
||||||
|
nzbsorg = 0
|
||||||
|
nzbsorg_uid = ""
|
||||||
|
|
||||||
|
[NMA]
|
||||||
|
nma_priority = 0
|
||||||
|
nma_onsnatch = 0
|
||||||
|
nma_apikey = ""
|
||||||
|
nma_enabled = 0
|
||||||
|
|
||||||
|
[Advanced]
|
||||||
|
verify_ssl_cert = 1
|
||||||
|
ignored_files = ,
|
||||||
|
journal_mode = wal
|
||||||
|
album_completion_pct = 80
|
||||||
|
ignored_folders = ,
|
||||||
|
cache_sizemb = 32
|
||||||
|
|
||||||
|
[Newznab]
|
||||||
|
newznab = 0
|
||||||
|
newznab_apikey = ""
|
||||||
|
newznab_enabled = 1
|
||||||
|
extra_newznabs = ,
|
||||||
|
newznab_host = ""
|
||||||
|
|
||||||
|
[Prowl]
|
||||||
|
prowl_onsnatch = 0
|
||||||
|
prowl_enabled = 0
|
||||||
|
prowl_priority = 0
|
||||||
|
prowl_keys = ""
|
||||||
|
|
||||||
|
[Twitter]
|
||||||
|
twitter_prefix = Headphones
|
||||||
|
twitter_enabled = 0
|
||||||
|
twitter_username = ""
|
||||||
|
twitter_password = ""
|
||||||
|
twitter_onsnatch = 0
|
||||||
|
|
||||||
|
[SABnzbd]
|
||||||
|
sab_category = ""
|
||||||
|
sab_password = ""
|
||||||
|
sab_host = ""
|
||||||
|
sab_username = ""
|
||||||
|
sab_apikey = ""
|
||||||
|
|
||||||
|
[Songkick]
|
||||||
|
songkick_apikey = nd1We7dFW2RqxPw8
|
||||||
|
songkick_location = ""
|
||||||
|
songkick_enabled = 1
|
||||||
|
songkick_filter_enabled = 0
|
||||||
|
|
||||||
|
[uTorrent]
|
||||||
|
utorrent_password = ""
|
||||||
|
utorrent_host = ""
|
||||||
|
utorrent_username = ""
|
||||||
|
utorrent_label = ""
|
||||||
|
|
||||||
|
[LMS]
|
||||||
|
lms_enabled = 0
|
||||||
|
lms_host = ""
|
||||||
|
|
||||||
|
[PushBullet]
|
||||||
|
pushbullet_deviceid = ""
|
||||||
|
pushbullet_apikey = ""
|
||||||
|
pushbullet_enabled = 0
|
||||||
|
pushbullet_onsnatch = 0
|
||||||
|
|
||||||
|
[Pushalot]
|
||||||
|
pushalot_enabled = 0
|
||||||
|
pushalot_onsnatch = 0
|
||||||
|
pushalot_apikey = ""
|
||||||
|
|
||||||
|
[Kat]
|
||||||
|
kat_ratio = ""
|
||||||
|
kat = 0
|
||||||
|
kat_proxy_url = ""
|
||||||
|
|
||||||
|
[Piratebay]
|
||||||
|
piratebay_ratio = ""
|
||||||
|
piratebay = 0
|
||||||
|
piratebay_proxy_url = ""
|
||||||
|
|
||||||
|
[MPC]
|
||||||
|
mpc_enabled = 0
|
||||||
|
|
||||||
|
[XBMC]
|
||||||
|
xbmc_username = ""
|
||||||
|
xbmc_host = ""
|
||||||
|
xbmc_enabled = 0
|
||||||
|
xbmc_update = 0
|
||||||
|
xbmc_password = ""
|
||||||
|
xbmc_notify = 0
|
||||||
|
|
||||||
|
[Beets]
|
||||||
|
idtag = 1
|
||||||
|
|
||||||
|
[Rutracker]
|
||||||
|
rutracker_user = ""
|
||||||
|
rutracker_ratio = ""
|
||||||
|
rutracker = 0
|
||||||
|
rutracker_password = ""
|
||||||
|
|
||||||
|
[Boxcar]
|
||||||
|
boxcar_onsnatch = 0
|
||||||
|
boxcar_enabled = 0
|
||||||
|
boxcar_token = ""
|
||||||
|
|
||||||
|
[Transmission]
|
||||||
|
transmission_password = ""
|
||||||
|
transmission_username = ""
|
||||||
|
transmission_host = ""
|
||||||
|
|
||||||
|
[Mininova]
|
||||||
|
mininova = 0
|
||||||
|
mininova_ratio = ""
|
||||||
|
|
||||||
|
[OSX_Notify]
|
||||||
|
osx_notify_enabled = 0
|
||||||
|
osx_notify_app = /Applications/Headphones
|
||||||
|
osx_notify_onsnatch = 0
|
||||||
|
|
||||||
|
[What.cd]
|
||||||
|
whatcd_password = ""
|
||||||
|
whatcd_username = ""
|
||||||
|
whatcd = 0
|
||||||
|
whatcd_ratio = ""
|
||||||
|
|
||||||
|
[Synoindex]
|
||||||
|
synoindex_enabled = 0
|
||||||
|
|
||||||
|
[omgwtfnzbs]
|
||||||
|
omgwtfnzbs = 0
|
||||||
|
omgwtfnzbs_uid = ""
|
||||||
|
omgwtfnzbs_apikey = ""
|
17
configs/homepage/bookmarks.yaml
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
# For configuration options and examples, please see:
|
||||||
|
# https://gethomepage.dev/en/configs/bookmarks/
|
||||||
|
---
|
||||||
|
- Developer:
|
||||||
|
- Github:
|
||||||
|
- abbr: GH
|
||||||
|
href: https://github.com/
|
||||||
|
|
||||||
|
- Social:
|
||||||
|
- Reddit:
|
||||||
|
- abbr: RE
|
||||||
|
href: https://reddit.com/
|
||||||
|
|
||||||
|
- Entertainment:
|
||||||
|
- YouTube:
|
||||||
|
- abbr: YT
|
||||||
|
href: https://youtube.com/
|
5
configs/homepage/docker.yaml
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
# For configuration options and examples, please see:
|
||||||
|
# https://gethomepage.dev/en/configs/docker/
|
||||||
|
---
|
||||||
|
local:
|
||||||
|
socket: /var/run/docker.sock
|
3
configs/homepage/services.yaml
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
# For configuration options and examples, please see:
|
||||||
|
# https://gethomepage.dev/en/configs/services/
|
||||||
|
---
|
18
configs/homepage/settings.yaml
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
# For configuration options and examples, please see:
|
||||||
|
# https://gethomepage.dev/en/configs/settings
|
||||||
|
---
|
||||||
|
title: StartPage
|
||||||
|
theme: dark
|
||||||
|
color: purple
|
||||||
|
target: _blank
|
||||||
|
language: en
|
||||||
|
headerStyle: boxed
|
||||||
|
|
||||||
|
layout:
|
||||||
|
Media:
|
||||||
|
style: row
|
||||||
|
columns: 4
|
||||||
|
|
||||||
|
providers:
|
||||||
|
openweathermap: openweathermapapikey
|
||||||
|
weatherapi: weatherapiapikey
|
19
configs/homepage/widgets.yaml
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
# For configuration options and examples, please see:
|
||||||
|
# https://gethomepage.dev/en/configs/widgets/
|
||||||
|
---
|
||||||
|
- resources:
|
||||||
|
cpu: true
|
||||||
|
memory: true
|
||||||
|
disk: /
|
||||||
|
|
||||||
|
- search:
|
||||||
|
focus: true
|
||||||
|
target: _blank
|
||||||
|
provider: duckduckgo
|
||||||
|
url: https://search.casjay.net/?q=
|
||||||
|
|
||||||
|
- datetime:
|
||||||
|
format:
|
||||||
|
dateStyle: short
|
||||||
|
timeStyle: short
|
||||||
|
hour12: false
|
40
configs/homey/homey.yml
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
# Refer to README.md for configuration instructions
|
||||||
|
title: homey # dashboard title
|
||||||
|
minimal_mode: false # disable functionality; conserve resources
|
||||||
|
show_house: true # disable 3D house in header
|
||||||
|
compact_services: false # reduce service padding
|
||||||
|
enable_service_status: true # toggle up/down indicators for services
|
||||||
|
enable_notifications: true # toggle in-page notifications for selected events
|
||||||
|
audio_notifications: false # toggle notification audio
|
||||||
|
bookmarks_in_header: false # fill empty space in header with bookmarks
|
||||||
|
docker_api_backend: docker # valid options: docker, portainer
|
||||||
|
|
||||||
|
services:
|
||||||
|
- name: Portainer
|
||||||
|
icon: portainer.png
|
||||||
|
subtitle: Docker container management
|
||||||
|
url: https://192.168.1.XXX:9443
|
||||||
|
- name: Flood
|
||||||
|
icon: flood.png
|
||||||
|
subtitle: Web UI for rTorrent
|
||||||
|
url: http://192.168.1.XXX:<port>
|
||||||
|
- name: Router
|
||||||
|
icon: router.png
|
||||||
|
url: http://192.168.1.1
|
||||||
|
|
||||||
|
cards:
|
||||||
|
- name: Torrents
|
||||||
|
enable: false
|
||||||
|
- name: Weather
|
||||||
|
enable: true
|
||||||
|
- name: System
|
||||||
|
enable: false
|
||||||
|
- name: Bookmarks
|
||||||
|
enable: true
|
||||||
|
|
||||||
|
bookmarks:
|
||||||
|
- name: GitHub
|
||||||
|
url: https://github.com
|
||||||
|
- name: YTMND
|
||||||
|
url: https://ytmnd.com/
|
||||||
|
hover: lol internet
|
60
configs/lighttpd/lighttpd.conf
Normal file
@ -0,0 +1,60 @@
|
|||||||
|
###############################################################################
|
||||||
|
# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/files/conf/lighttpd.conf,v 1.3 2005/09/01 14:22:35 ka0ttic Exp $
|
||||||
|
###############################################################################
|
||||||
|
|
||||||
|
var.basedir = "/var/www/localhost"
|
||||||
|
var.statedir = "/var/lib/lighttpd"
|
||||||
|
var.logdir = "/data/logs/lighttpd"
|
||||||
|
|
||||||
|
server.modules = (
|
||||||
|
"mod_auth",
|
||||||
|
"mod_rewrite",
|
||||||
|
"mod_redirect",
|
||||||
|
"mod_alias",
|
||||||
|
"mod_access",
|
||||||
|
"mod_status",
|
||||||
|
"mod_setenv",
|
||||||
|
"mod_proxy",
|
||||||
|
"mod_simple_vhost",
|
||||||
|
"mod_evhost",
|
||||||
|
"mod_userdir",
|
||||||
|
"mod_deflate",
|
||||||
|
"mod_ssi",
|
||||||
|
"mod_usertrack",
|
||||||
|
"mod_expire",
|
||||||
|
"mod_secdownload",
|
||||||
|
"mod_rrdtool",
|
||||||
|
"mod_webdav",
|
||||||
|
"mod_accesslog",
|
||||||
|
"mod_cgi",
|
||||||
|
"mod_fastcgi"
|
||||||
|
)
|
||||||
|
|
||||||
|
server.username = "lighttpd"
|
||||||
|
server.groupname = "lighttpd"
|
||||||
|
|
||||||
|
server.port = REPLACE_SERVER_PORT
|
||||||
|
|
||||||
|
server.document-root = "/data/htdocs/www"
|
||||||
|
|
||||||
|
server.tag = "lighttpd"
|
||||||
|
server.follow-symlink = "enable"
|
||||||
|
server.errorfile-prefix = var.basedir + "/error/status-"
|
||||||
|
server.indexfiles = ("index.php", "index.html","index.htm", "default.htm", "index.lighttpd.html","index.txt","index.json")
|
||||||
|
|
||||||
|
server.pid-file = "/tmp/lighttpd.pid"
|
||||||
|
server.errorlog = "/data/logs/lighttpd/lighttpd.log"
|
||||||
|
accesslog.filename = "/data/logs/lighttpd/access_log"
|
||||||
|
|
||||||
|
static-file.exclude-extensions = (".php", ".pl", ".cgi", ".fcgi")
|
||||||
|
|
||||||
|
include "mime-types.conf"
|
||||||
|
include "mod_cgi.conf"
|
||||||
|
include "mod_fastcgi_fpm.conf"
|
||||||
|
|
||||||
|
url.access-deny = ("~", ".inc")
|
||||||
|
ssi.extension = (".shtml")
|
||||||
|
status.status-url = "/server-status"
|
||||||
|
status.config-url = "/server-config"
|
||||||
|
|
||||||
|
# vim: set ft=conf foldmethod=marker et :
|
23
configs/lighttpd/mod_cgi.conf
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
###############################################################################
|
||||||
|
# mod_cgi.conf
|
||||||
|
# include'd by lighttpd.conf.
|
||||||
|
# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/files/conf/mod_cgi.conf,v 1.1 2005/08/27 12:36:13 ka0ttic Exp $
|
||||||
|
###############################################################################
|
||||||
|
# NOTE: this requires mod_alias
|
||||||
|
alias.url = (
|
||||||
|
"/cgi-bin/" => "/data/htdocs/cgi-bin"
|
||||||
|
)
|
||||||
|
|
||||||
|
cgi.assign = (
|
||||||
|
".pl" => "/usr/bin/perl",
|
||||||
|
".cgi" => "/usr/bin/perl",
|
||||||
|
".rb" => "/usr/bin/ruby",
|
||||||
|
".py" => "/usr/bin/python",
|
||||||
|
".php" => "/usr/bin/php-cgi"
|
||||||
|
)
|
||||||
|
|
||||||
|
$HTTP["url"] =~ "^/cgi-bin/" {
|
||||||
|
dir-listing.activate = "disable"
|
||||||
|
}
|
||||||
|
|
||||||
|
# vim: set ft=conf foldmethod=marker et :
|
23
configs/lighttpd/mod_fastcgi_fpm.conf
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
###############################################################################
|
||||||
|
# mod_fastcgi_fpm.conf
|
||||||
|
# include'd by lighttpd.conf.
|
||||||
|
###############################################################################
|
||||||
|
fastcgi.server = (
|
||||||
|
".php" =>
|
||||||
|
(( "host" => "127.0.0.1",
|
||||||
|
"port" => 9000,
|
||||||
|
"bin-path" => "/usr/bin/php"
|
||||||
|
))
|
||||||
|
)
|
||||||
|
|
||||||
|
fastcgi.map-extensions = (
|
||||||
|
".php3" => ".php",
|
||||||
|
".php4" => ".php",
|
||||||
|
".php5" => ".php",
|
||||||
|
".php7" => ".php",
|
||||||
|
".php8" => ".php",
|
||||||
|
".phps" => ".php",
|
||||||
|
".phtml" => ".php"
|
||||||
|
)
|
||||||
|
|
||||||
|
# vim: set ft=conf foldmethod=marker et :
|
24
configs/mongodb/mongod.conf
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
# mongod.conf
|
||||||
|
|
||||||
|
# where to write logging data.
|
||||||
|
systemLog:
|
||||||
|
destination: file
|
||||||
|
logAppend: true
|
||||||
|
path: /dev/stdout
|
||||||
|
|
||||||
|
# Where and how to store data.
|
||||||
|
storage:
|
||||||
|
dbPath: /data/db/mongo
|
||||||
|
journal:
|
||||||
|
enabled: true
|
||||||
|
# engine:
|
||||||
|
# wiredTiger:
|
||||||
|
|
||||||
|
# how the process runs
|
||||||
|
processManagement:
|
||||||
|
timeZoneInfo: /usr/share/zoneinfo
|
||||||
|
|
||||||
|
# network interfaces
|
||||||
|
net:
|
||||||
|
port: 27017
|
||||||
|
bindIp: 0.0.0.0
|
38
configs/mysql/my.cnf
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
# Default mariadb config file
|
||||||
|
|
||||||
|
[client]
|
||||||
|
port = 3306
|
||||||
|
socket = /tmp/mysql.sock
|
||||||
|
default_character_set = utf8
|
||||||
|
|
||||||
|
[mysqld_safe]
|
||||||
|
datadir = REPLACE_DATABASE_DIR
|
||||||
|
port = 3306
|
||||||
|
socket = /tmp/mysql.sock
|
||||||
|
open_files_limit = 16384
|
||||||
|
log-error = /data/logs/mysql/mysql.err.log
|
||||||
|
|
||||||
|
[mysqld]
|
||||||
|
datadir = REPLACE_DATABASE_DIR
|
||||||
|
port = 3306
|
||||||
|
bind-address = 0.0.0.0
|
||||||
|
socket = /tmp/mysql.sock
|
||||||
|
open_files_limit = 16384
|
||||||
|
max_allowed_packet = 1024M
|
||||||
|
max_connections = 200
|
||||||
|
max_user_connections = 50
|
||||||
|
log_warnings = 2
|
||||||
|
slow_query_log = 1
|
||||||
|
general_log = 1
|
||||||
|
key_buffer_size = 8M
|
||||||
|
general_log_file = /data/logs/mysql/mysql.log
|
||||||
|
slow_query_log_file = /data/logs/mysql/mysql.err.log
|
||||||
|
log_error = /data/logs/mysql/mysql.err.log
|
||||||
|
|
||||||
|
[mysql]
|
||||||
|
no_auto_rehash
|
||||||
|
max_allowed_packet = 1024M
|
||||||
|
prompt = '\u@\h [\d]> '
|
||||||
|
|
||||||
|
[mysqldump]
|
||||||
|
max_allowed_packet = 1024M
|
8
configs/named/certbot-update.conf
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
#Certbot DNS
|
||||||
|
dns_rfc2136_server = 127.0.0.1
|
||||||
|
# TSIG key name
|
||||||
|
dns_rfc2136_name = certbot.
|
||||||
|
# TSIG key secret
|
||||||
|
dns_rfc2136_secret = REPLACE_KEY_CERTBOT
|
||||||
|
# TSIG key algorithm
|
||||||
|
dns_rfc2136_algorithm = HMAC-SHA256
|
77
configs/named/named.conf
Normal file
@ -0,0 +1,77 @@
|
|||||||
|
# default options - https://bind9.readthedocs.io/en/latest/chapter3.html
|
||||||
|
options {
|
||||||
|
version "9";
|
||||||
|
listen-on { any; };
|
||||||
|
listen-on-v6 { any; };
|
||||||
|
zone-statistics yes;
|
||||||
|
max-cache-size 60m;
|
||||||
|
interface-interval 60;
|
||||||
|
max-ncache-ttl 10800;
|
||||||
|
max-udp-size 4096;
|
||||||
|
forwarders { 1.1.1.1; 8.8.8.8; 8.8.4.4; };
|
||||||
|
notify yes;
|
||||||
|
allow-transfer { trusted; };
|
||||||
|
transfer-format many-answers;
|
||||||
|
allow-query { any; };
|
||||||
|
allow-recursion { any; };
|
||||||
|
allow-query-cache { any; };
|
||||||
|
auth-nxdomain no;
|
||||||
|
dnssec-validation auto;
|
||||||
|
directory "/var/bind";
|
||||||
|
managed-keys-directory "/etc/bind/keys";
|
||||||
|
pid-file "/run/named/named.pid";
|
||||||
|
dump-file "/data/logs/named/dump.db";
|
||||||
|
statistics-file "/data/logs/named/named.stats";
|
||||||
|
memstatistics-file "/data/logs/named/mem.stats";
|
||||||
|
};
|
||||||
|
#####################################################################
|
||||||
|
# access settings
|
||||||
|
acl "all" { 0.0.0.0/0; ::/0; };
|
||||||
|
acl "trusted" { 10.0.0.0/8; 127.0.0.0/8; 172.16.0.0/12; 192.168.0.0/16; };
|
||||||
|
#####################################################################
|
||||||
|
# named logging options
|
||||||
|
logging {
|
||||||
|
channel xfer-in { stderr; severity info; print-category yes; print-severity yes; print-time yes; };
|
||||||
|
channel xfer-out { stderr; severity info; print-category yes; print-severity yes; print-time yes; };
|
||||||
|
channel update { stderr; severity info; print-category yes; print-severity yes; print-time yes; };
|
||||||
|
channel notify { stderr; severity info; print-category yes; print-severity yes; print-time yes; };
|
||||||
|
channel querylog { stderr; severity info; print-time yes; };
|
||||||
|
channel security { file "/data/logs/named/security.log"; severity dynamic; print-severity yes; print-time yes; };
|
||||||
|
channel default { file "/data/logs/named/default.log"; severity debug; print-category yes; print-severity yes; print-time yes; };
|
||||||
|
channel debug { file "/data/logs/named/debug.log"; severity debug; };
|
||||||
|
category lame-servers { default; debug; };
|
||||||
|
category dispatch { default; debug; };
|
||||||
|
category queries { querylog; debug; };
|
||||||
|
category update { default; update; debug; };
|
||||||
|
category network { default; debug; };
|
||||||
|
category unmatched { default; debug; };
|
||||||
|
category client { default; debug; };
|
||||||
|
category notify { notify; debug; };
|
||||||
|
category xfer-out { xfer-out; debug; };
|
||||||
|
category xfer-in { xfer-in; debug; };
|
||||||
|
category resolver { default; debug; };
|
||||||
|
category config { default; debug; };
|
||||||
|
category security { security; debug; };
|
||||||
|
category database { default; debug; };
|
||||||
|
category general { default; debug; };
|
||||||
|
category default { default; };
|
||||||
|
category dnssec { security; debug; };
|
||||||
|
};
|
||||||
|
#####################################################################
|
||||||
|
# rndc keys
|
||||||
|
key "certbot." { algorithm hmac-sha256; secret "REPLACE_KEY_CERTBOT"; };
|
||||||
|
key "rndc-key" { algorithm hmac-sha256; secret "REPLACE_KEY_RNDC"; };
|
||||||
|
key "dhcp-key" { algorithm hmac-sha256; secret "REPLACE_KEY_DHCP"; };
|
||||||
|
key "backup-key" { algorithm hmac-sha256; secret "REPLACE_KEY_BACKUP"; };
|
||||||
|
#####################################################################
|
||||||
|
# rndc settings
|
||||||
|
controls { inet 127.0.0.1 allow { trusted; } keys { "rndc-key"; }; };
|
||||||
|
#####################################################################
|
||||||
|
# ********** begin root info **********
|
||||||
|
zone "." {
|
||||||
|
type hint;
|
||||||
|
file "/var/bind/root.cache";
|
||||||
|
};
|
||||||
|
# ********** end root info **********
|
||||||
|
# end
|
||||||
|
#####################################################################
|
5
configs/named/rndc.key
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
# rndc keys
|
||||||
|
key "certbot." { algorithm hmac-sha256; secret "REPLACE_KEY_CERTBOT"; };
|
||||||
|
key "rndc-key" { algorithm hmac-sha256; secret "REPLACE_KEY_RNDC"; };
|
||||||
|
key "dhcp-key" { algorithm hmac-sha256; secret "REPLACE_KEY_DHCP"; };
|
||||||
|
key "backup-key" { algorithm hmac-sha256; secret "REPLACE_KEY_BACKUP"; };
|
99
configs/nginx/mime.types
Normal file
@ -0,0 +1,99 @@
|
|||||||
|
|
||||||
|
types {
|
||||||
|
text/html html htm shtml;
|
||||||
|
text/css css;
|
||||||
|
text/xml xml;
|
||||||
|
image/gif gif;
|
||||||
|
image/jpeg jpeg jpg;
|
||||||
|
application/javascript js;
|
||||||
|
application/atom+xml atom;
|
||||||
|
application/rss+xml rss;
|
||||||
|
|
||||||
|
text/mathml mml;
|
||||||
|
text/plain txt;
|
||||||
|
text/vnd.sun.j2me.app-descriptor jad;
|
||||||
|
text/vnd.wap.wml wml;
|
||||||
|
text/x-component htc;
|
||||||
|
|
||||||
|
image/avif avif;
|
||||||
|
image/png png;
|
||||||
|
image/svg+xml svg svgz;
|
||||||
|
image/tiff tif tiff;
|
||||||
|
image/vnd.wap.wbmp wbmp;
|
||||||
|
image/webp webp;
|
||||||
|
image/x-icon ico;
|
||||||
|
image/x-jng jng;
|
||||||
|
image/x-ms-bmp bmp;
|
||||||
|
|
||||||
|
font/woff woff;
|
||||||
|
font/woff2 woff2;
|
||||||
|
|
||||||
|
application/java-archive jar war ear;
|
||||||
|
application/json json;
|
||||||
|
application/mac-binhex40 hqx;
|
||||||
|
application/msword doc;
|
||||||
|
application/pdf pdf;
|
||||||
|
application/postscript ps eps ai;
|
||||||
|
application/rtf rtf;
|
||||||
|
application/vnd.apple.mpegurl m3u8;
|
||||||
|
application/vnd.google-earth.kml+xml kml;
|
||||||
|
application/vnd.google-earth.kmz kmz;
|
||||||
|
application/vnd.ms-excel xls;
|
||||||
|
application/vnd.ms-fontobject eot;
|
||||||
|
application/vnd.ms-powerpoint ppt;
|
||||||
|
application/vnd.oasis.opendocument.graphics odg;
|
||||||
|
application/vnd.oasis.opendocument.presentation odp;
|
||||||
|
application/vnd.oasis.opendocument.spreadsheet ods;
|
||||||
|
application/vnd.oasis.opendocument.text odt;
|
||||||
|
application/vnd.openxmlformats-officedocument.presentationml.presentation
|
||||||
|
pptx;
|
||||||
|
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
|
||||||
|
xlsx;
|
||||||
|
application/vnd.openxmlformats-officedocument.wordprocessingml.document
|
||||||
|
docx;
|
||||||
|
application/vnd.wap.wmlc wmlc;
|
||||||
|
application/wasm wasm;
|
||||||
|
application/x-7z-compressed 7z;
|
||||||
|
application/x-cocoa cco;
|
||||||
|
application/x-java-archive-diff jardiff;
|
||||||
|
application/x-java-jnlp-file jnlp;
|
||||||
|
application/x-makeself run;
|
||||||
|
application/x-perl pl pm;
|
||||||
|
application/x-pilot prc pdb;
|
||||||
|
application/x-rar-compressed rar;
|
||||||
|
application/x-redhat-package-manager rpm;
|
||||||
|
application/x-sea sea;
|
||||||
|
application/x-shockwave-flash swf;
|
||||||
|
application/x-stuffit sit;
|
||||||
|
application/x-tcl tcl tk;
|
||||||
|
application/x-x509-ca-cert der pem crt;
|
||||||
|
application/x-xpinstall xpi;
|
||||||
|
application/xhtml+xml xhtml;
|
||||||
|
application/xspf+xml xspf;
|
||||||
|
application/zip zip;
|
||||||
|
|
||||||
|
application/octet-stream bin exe dll;
|
||||||
|
application/octet-stream deb;
|
||||||
|
application/octet-stream dmg;
|
||||||
|
application/octet-stream iso img;
|
||||||
|
application/octet-stream msi msp msm;
|
||||||
|
|
||||||
|
audio/midi mid midi kar;
|
||||||
|
audio/mpeg mp3;
|
||||||
|
audio/ogg ogg;
|
||||||
|
audio/x-m4a m4a;
|
||||||
|
audio/x-realaudio ra;
|
||||||
|
|
||||||
|
video/3gpp 3gpp 3gp;
|
||||||
|
video/mp2t ts;
|
||||||
|
video/mp4 mp4;
|
||||||
|
video/mpeg mpeg mpg;
|
||||||
|
video/quicktime mov;
|
||||||
|
video/webm webm;
|
||||||
|
video/x-flv flv;
|
||||||
|
video/x-m4v m4v;
|
||||||
|
video/x-mng mng;
|
||||||
|
video/x-ms-asf asx asf;
|
||||||
|
video/x-ms-wmv wmv;
|
||||||
|
video/x-msvideo avi;
|
||||||
|
}
|
68
configs/nginx/nginx.conf
Normal file
@ -0,0 +1,68 @@
|
|||||||
|
# Default nginx configuration
|
||||||
|
user root;
|
||||||
|
worker_processes auto;
|
||||||
|
daemon off;
|
||||||
|
error_log /data/logs/nginx/nginx.log warn;
|
||||||
|
pid /run/nginx.pid;
|
||||||
|
|
||||||
|
events {
|
||||||
|
worker_connections 1024;
|
||||||
|
}
|
||||||
|
|
||||||
|
http {
|
||||||
|
include /etc/nginx/mime.types;
|
||||||
|
default_type "text/html";
|
||||||
|
access_log /data/logs/nginx/access.default.log;
|
||||||
|
sendfile on;
|
||||||
|
keepalive_timeout 65;
|
||||||
|
gzip on;
|
||||||
|
map $http_upgrade $connection_upgrade { default upgrade; '' close; }
|
||||||
|
disable_symlinks off;
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen REPLACE_SERVER_PORT default_server;
|
||||||
|
server_name REPLACE_SERVER_NAME;
|
||||||
|
|
||||||
|
location = /favicon.ico {
|
||||||
|
log_not_found off;
|
||||||
|
access_log off;
|
||||||
|
}
|
||||||
|
|
||||||
|
location = /robots.txt {
|
||||||
|
allow all;
|
||||||
|
log_not_found off;
|
||||||
|
access_log off;
|
||||||
|
}
|
||||||
|
|
||||||
|
location /health {
|
||||||
|
default_type text/html;
|
||||||
|
allow all;
|
||||||
|
access_log off;
|
||||||
|
return 200 'OK';
|
||||||
|
}
|
||||||
|
|
||||||
|
location /health/json {
|
||||||
|
default_type application/json;
|
||||||
|
allow all;
|
||||||
|
access_log off;
|
||||||
|
return 200 '{"status":"OK"}';
|
||||||
|
}
|
||||||
|
|
||||||
|
location /health/status {
|
||||||
|
stub_status;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ [^/]\.php(/|$) {
|
||||||
|
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
||||||
|
if (!-f $document_root$fastcgi_script_name) {
|
||||||
|
return 404;
|
||||||
|
}
|
||||||
|
fastcgi_param HTTP_PROXY "";
|
||||||
|
fastcgi_pass 127.0.0.1:9000;
|
||||||
|
fastcgi_index index.php;
|
||||||
|
include fastcgi_params;
|
||||||
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
include /etc/nginx/vhosts.d/*.conf;
|
||||||
|
}
|
13
configs/nginx/vhosts.d/default.conf
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
server {
|
||||||
|
listen REPLACE_SERVER_PORT;
|
||||||
|
server_name REPLACE_SERVER_NAME;
|
||||||
|
root REPLACE_SERVER_DIR;
|
||||||
|
index index.php index.cgi index.pl index.aspx awstats.pl index.txt index.json index.html index.unknown.php index.default.php;
|
||||||
|
proxy_intercept_errors off;
|
||||||
|
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||||
|
add_header X-XSS-Protection "1; mode=block" always;
|
||||||
|
add_header X-Content-Type-Options "nosniff" always;
|
||||||
|
add_header Referrer-Policy "no-referrer-when-downgrade" always;
|
||||||
|
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
|
||||||
|
add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-src 'self' *; object-src 'self'" always;
|
||||||
|
}
|
18
configs/nginx/vhosts.d/default.ssl.conf
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
server {
|
||||||
|
listen REPLACE_SERVER_PORT ssl http2 default_server;
|
||||||
|
server_name REPLACE_SERVER_NAME;
|
||||||
|
root REPLACE_SERVER_DIR;
|
||||||
|
index index.php index.cgi index.pl index.aspx awstats.pl index.txt index.json index.html index.unknown.php index.default.php;
|
||||||
|
proxy_intercept_errors off;
|
||||||
|
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||||
|
add_header X-XSS-Protection "1; mode=block" always;
|
||||||
|
add_header X-Content-Type-Options "nosniff" always;
|
||||||
|
add_header Referrer-Policy "no-referrer-when-downgrade" always;
|
||||||
|
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
|
||||||
|
add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-src 'self' *; object-src 'self'" always;
|
||||||
|
ssl_protocols TLSv1.2 TLSv1.3;
|
||||||
|
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
|
||||||
|
ssl_prefer_server_ciphers off;
|
||||||
|
ssl_certificate /etc/ssl/localhost.crt;
|
||||||
|
ssl_certificate_key /etc/ssl/localhost.key;
|
||||||
|
}
|
7
configs/php/php-fpm.conf
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
;;;;;;;;;;;;;;;;;;;;;
|
||||||
|
|
||||||
|
pid = /run/php-fpm.pid
|
||||||
|
error_log = /data/logs/php/error_log
|
||||||
|
daemonize = no
|
||||||
|
|
||||||
|
include=/etc/php/php-fpm.d/*.conf
|
27
configs/php/php-fpm.d/www.conf
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
[www]
|
||||||
|
user = root
|
||||||
|
group = root
|
||||||
|
listen = 9000
|
||||||
|
listen.backlog = 65535
|
||||||
|
listen.allowed_clients = 127.0.0.1
|
||||||
|
pm = ondemand
|
||||||
|
pm.max_children = 50
|
||||||
|
pm.start_servers = 5
|
||||||
|
pm.min_spare_servers = 5
|
||||||
|
pm.max_spare_servers = 35
|
||||||
|
pm.status_path = /status
|
||||||
|
ping.path = /ping
|
||||||
|
ping.response = pong
|
||||||
|
access.log = /data/logs/php/access_log
|
||||||
|
access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
|
||||||
|
slowlog = /data/logs/php/error_log
|
||||||
|
clear_env = no
|
||||||
|
env[HOSTNAME] = $HOSTNAME
|
||||||
|
env[PATH] = /usr/local/bin:/usr/bin:/bin
|
||||||
|
env[TMP] = /tmp
|
||||||
|
env[TMPDIR] = /tmp
|
||||||
|
env[TEMP] = /tmp
|
||||||
|
php_flag[display_errors] = on
|
||||||
|
php_admin_value[error_log] = /data/logs/php/error_log
|
||||||
|
php_admin_flag[log_errors] = on
|
||||||
|
php_admin_value[memory_limit] = 512M
|
347
configs/php/php.ini
Normal file
@ -0,0 +1,347 @@
|
|||||||
|
[PHP]
|
||||||
|
user_ini.filename = "php.ini"
|
||||||
|
user_ini.filename = ".user.ini"
|
||||||
|
user_ini.cache_ttl = 300
|
||||||
|
engine = On
|
||||||
|
short_open_tag = Off
|
||||||
|
asp_tags = Off
|
||||||
|
precision = 14
|
||||||
|
output_buffering = 4096
|
||||||
|
;output_handler =
|
||||||
|
zlib.output_compression = Off
|
||||||
|
;zlib.output_compression_level = -1
|
||||||
|
;zlib.output_handler =
|
||||||
|
implicit_flush = Off
|
||||||
|
unserialize_callback_func =
|
||||||
|
serialize_precision = 17
|
||||||
|
;open_basedir =
|
||||||
|
disable_functions =
|
||||||
|
disable_classes =
|
||||||
|
ignore_user_abort = On
|
||||||
|
realpath_cache_size = 16k
|
||||||
|
realpath_cache_ttl = 120
|
||||||
|
zend.enable_gc = On
|
||||||
|
zend.multibyte = Off
|
||||||
|
zend.script_encoding =
|
||||||
|
expose_php = Off
|
||||||
|
max_execution_time = 3600
|
||||||
|
max_input_time = 3600
|
||||||
|
;max_input_nesting_level = 64
|
||||||
|
; max_input_vars = 1000
|
||||||
|
memory_limit = 512M
|
||||||
|
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
|
||||||
|
display_errors = On
|
||||||
|
display_startup_errors = Off
|
||||||
|
log_errors = On
|
||||||
|
log_errors_max_len = 1024
|
||||||
|
ignore_repeated_errors = Off
|
||||||
|
ignore_repeated_source = Off
|
||||||
|
report_memleaks = On
|
||||||
|
;report_zend_debug = 0
|
||||||
|
track_errors = Off
|
||||||
|
;xmlrpc_errors = 0
|
||||||
|
;xmlrpc_error_number = 0
|
||||||
|
html_errors = On
|
||||||
|
;docref_root = "/phpmanual/"
|
||||||
|
;docref_ext = .html
|
||||||
|
error_prepend_string = "<span style='color: #ff0000'>"
|
||||||
|
error_append_string = "</span>"
|
||||||
|
error_log = /data/logs/php/php.log
|
||||||
|
;arg_separator.input = ";&"
|
||||||
|
variables_order = "GPCS"
|
||||||
|
request_order = "GP"
|
||||||
|
register_argc_argv = Off
|
||||||
|
auto_globals_jit = On
|
||||||
|
;enable_post_data_reading = Off
|
||||||
|
post_max_size = 1G
|
||||||
|
auto_prepend_file =
|
||||||
|
auto_append_file =
|
||||||
|
default_mimetype = "text/html"
|
||||||
|
default_charset = "UTF-8"
|
||||||
|
;internal_encoding =
|
||||||
|
;input_encoding =
|
||||||
|
;output_encoding =
|
||||||
|
always_populate_raw_post_data = -1
|
||||||
|
doc_root =
|
||||||
|
user_dir =
|
||||||
|
enable_dl = Off
|
||||||
|
cgi.force_redirect = 1
|
||||||
|
;cgi.nph = 1
|
||||||
|
cgi.redirect_status_env =
|
||||||
|
cgi.fix_pathinfo = 1
|
||||||
|
fastcgi.impersonate = 1
|
||||||
|
fastcgi.logging = 1
|
||||||
|
;cgi.rfc2616_headers = 0
|
||||||
|
file_uploads = On
|
||||||
|
upload_tmp_dir = /var/tmp
|
||||||
|
upload_max_filesize =1G
|
||||||
|
max_file_uploads = 20
|
||||||
|
allow_url_fopen = On
|
||||||
|
allow_url_include = On
|
||||||
|
;from="john@doe.com"
|
||||||
|
;user_agent="PHP"
|
||||||
|
default_socket_timeout = 60
|
||||||
|
;auto_detect_line_endings = Off
|
||||||
|
|
||||||
|
[CLI Server]
|
||||||
|
cli_server.color = On
|
||||||
|
|
||||||
|
[Date]
|
||||||
|
date.timezone = America/New_York
|
||||||
|
;date.default_latitude = 31.7667
|
||||||
|
;date.default_longitude = 35.2333
|
||||||
|
|
||||||
|
[filter]
|
||||||
|
;filter.default = unsafe_raw
|
||||||
|
;filter.default_flags =
|
||||||
|
|
||||||
|
[iconv]
|
||||||
|
;iconv.input_encoding =
|
||||||
|
;iconv.internal_encoding =
|
||||||
|
;iconv.output_encoding =
|
||||||
|
|
||||||
|
[intl]
|
||||||
|
;intl.default_locale =
|
||||||
|
;intl.error_level = E_WARNING
|
||||||
|
|
||||||
|
[sqlite]
|
||||||
|
;sqlite.assoc_case = 0
|
||||||
|
|
||||||
|
[sqlite3]
|
||||||
|
;sqlite3.extension_dir =
|
||||||
|
|
||||||
|
[Pcre]
|
||||||
|
;pcre.backtrack_limit=100000
|
||||||
|
;pcre.recursion_limit=100000
|
||||||
|
|
||||||
|
[Pdo]
|
||||||
|
;pdo_odbc.connection_pooling=strict
|
||||||
|
;pdo_odbc.db2_instance_name
|
||||||
|
|
||||||
|
[Pdo_mysql]
|
||||||
|
pdo_mysql.cache_size = 2000
|
||||||
|
pdo_mysql.default_socket=
|
||||||
|
|
||||||
|
[Phar]
|
||||||
|
;phar.readonly = On
|
||||||
|
;phar.require_hash = On
|
||||||
|
;phar.cache_list =
|
||||||
|
|
||||||
|
[mail function]
|
||||||
|
sendmail_path = -S localhost -t -i
|
||||||
|
;sendmail_path = /usr/sbin/sendmail -t -i
|
||||||
|
;mail.force_extra_parameters =
|
||||||
|
mail.add_x_header = On
|
||||||
|
;mail.log = syslog
|
||||||
|
|
||||||
|
[SQL]
|
||||||
|
sql.safe_mode = Off
|
||||||
|
|
||||||
|
[ODBC]
|
||||||
|
;odbc.default_db = Not yet implemented
|
||||||
|
;odbc.default_user = Not yet implemented
|
||||||
|
;odbc.default_pw = Not yet implemented
|
||||||
|
;odbc.default_cursortype
|
||||||
|
odbc.allow_persistent = On
|
||||||
|
odbc.check_persistent = On
|
||||||
|
odbc.max_persistent = -1
|
||||||
|
odbc.max_links = -1
|
||||||
|
odbc.defaultlrl = 4096
|
||||||
|
odbc.defaultbinmode = 1
|
||||||
|
;birdstep.max_links = -1
|
||||||
|
|
||||||
|
[Interbase]
|
||||||
|
ibase.allow_persistent = 1
|
||||||
|
ibase.max_persistent = -1
|
||||||
|
ibase.max_links = -1
|
||||||
|
;ibase.default_db =
|
||||||
|
;ibase.default_user =
|
||||||
|
;ibase.default_password =
|
||||||
|
;ibase.default_charset =
|
||||||
|
ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
|
||||||
|
ibase.dateformat = "%Y-%m-%d"
|
||||||
|
ibase.timeformat = "%H:%M:%S"
|
||||||
|
|
||||||
|
[MySQL]
|
||||||
|
mysql.allow_local_infile = On
|
||||||
|
mysql.allow_persistent = On
|
||||||
|
mysql.cache_size = 2000
|
||||||
|
mysql.max_persistent = -1
|
||||||
|
mysql.max_links = -1
|
||||||
|
mysql.default_port =
|
||||||
|
mysql.default_socket =
|
||||||
|
mysql.default_host =
|
||||||
|
mysql.default_user =
|
||||||
|
mysql.default_password =
|
||||||
|
mysql.connect_timeout = 60
|
||||||
|
mysql.trace_mode = Off
|
||||||
|
|
||||||
|
[MySQLi]
|
||||||
|
mysqli.max_persistent = -1
|
||||||
|
mysqli.allow_local_infile = On
|
||||||
|
mysqli.allow_persistent = On
|
||||||
|
mysqli.max_links = -1
|
||||||
|
mysqli.cache_size = 2000
|
||||||
|
mysqli.default_port = 3306
|
||||||
|
mysqli.default_socket =
|
||||||
|
mysqli.default_host =
|
||||||
|
mysqli.default_user =
|
||||||
|
mysqli.default_pw =
|
||||||
|
mysqli.reconnect = Off
|
||||||
|
|
||||||
|
[mysqlnd]
|
||||||
|
mysqlnd.collect_statistics = On
|
||||||
|
mysqlnd.collect_memory_statistics = Off
|
||||||
|
;mysqlnd.net_cmd_buffer_size = 2048
|
||||||
|
;mysqlnd.net_read_buffer_size = 32768
|
||||||
|
|
||||||
|
[OCI8]
|
||||||
|
;oci8.privileged_connect = Off
|
||||||
|
;oci8.max_persistent = -1
|
||||||
|
;oci8.persistent_timeout = -1
|
||||||
|
;oci8.ping_interval = 60
|
||||||
|
;oci8.connection_class =
|
||||||
|
;oci8.events = Off
|
||||||
|
;oci8.statement_cache_size = 20
|
||||||
|
;oci8.default_prefetch = 100
|
||||||
|
;oci8.old_oci_close_semantics = Off
|
||||||
|
|
||||||
|
[PostgreSQL]
|
||||||
|
pgsql.allow_persistent = On
|
||||||
|
pgsql.auto_reset_persistent = Off
|
||||||
|
pgsql.max_persistent = -1
|
||||||
|
pgsql.max_links = -1
|
||||||
|
pgsql.ignore_notice = 0
|
||||||
|
pgsql.log_notice = 0
|
||||||
|
|
||||||
|
[Sybase-CT]
|
||||||
|
sybct.allow_persistent = On
|
||||||
|
sybct.max_persistent = -1
|
||||||
|
sybct.max_links = -1
|
||||||
|
sybct.min_server_severity = 10
|
||||||
|
sybct.min_client_severity = 10
|
||||||
|
;sybct.timeout=
|
||||||
|
;sybct.packet_size
|
||||||
|
;sybct.login_timeout=
|
||||||
|
;sybct.hostname=
|
||||||
|
;sybct.deadlock_retry_count=
|
||||||
|
|
||||||
|
[bcmath]
|
||||||
|
bcmath.scale = 0
|
||||||
|
|
||||||
|
[browscap]
|
||||||
|
;browscap = extra/browscap.ini
|
||||||
|
|
||||||
|
[Session]
|
||||||
|
session.save_handler = files
|
||||||
|
session.save_path = "/tmp"
|
||||||
|
session.use_strict_mode = 0
|
||||||
|
session.use_cookies = 1
|
||||||
|
;session.cookie_secure =
|
||||||
|
session.use_only_cookies = 1
|
||||||
|
session.name = PHPSESSID
|
||||||
|
session.auto_start = 0
|
||||||
|
session.cookie_lifetime = 525600
|
||||||
|
session.cookie_path = /
|
||||||
|
session.cookie_domain =
|
||||||
|
session.cookie_httponly =
|
||||||
|
session.serialize_handler = php
|
||||||
|
session.gc_probability = 1
|
||||||
|
session.gc_divisor = 1000
|
||||||
|
session.gc_maxlifetime = 525600
|
||||||
|
session.referer_check =
|
||||||
|
;session.entropy_length = 32
|
||||||
|
;session.entropy_file = /dev/urandom
|
||||||
|
session.cache_limiter = nocache
|
||||||
|
session.cache_expire = 180
|
||||||
|
session.use_trans_sid = 0
|
||||||
|
session.hash_function = 0
|
||||||
|
session.hash_bits_per_character = 5
|
||||||
|
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
|
||||||
|
session.upload_progress.enabled = On
|
||||||
|
session.upload_progress.cleanup = On
|
||||||
|
session.upload_progress.prefix = "upload_progress_"
|
||||||
|
session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS"
|
||||||
|
session.upload_progress.freq = "1%"
|
||||||
|
session.upload_progress.min_freq = "1"
|
||||||
|
|
||||||
|
[MSSQL]
|
||||||
|
mssql.allow_persistent = On
|
||||||
|
mssql.max_persistent = -1
|
||||||
|
mssql.max_links = -1
|
||||||
|
mssql.min_error_severity = 10
|
||||||
|
mssql.min_message_severity = 10
|
||||||
|
mssql.compatibility_mode = Off
|
||||||
|
;mssql.connect_timeout = 5
|
||||||
|
;mssql.timeout = 60
|
||||||
|
;mssql.textlimit = 4096
|
||||||
|
;mssql.textsize = 4096
|
||||||
|
;mssql.batchsize = 0
|
||||||
|
;mssql.datetimeconvert = On
|
||||||
|
mssql.secure_connection = Off
|
||||||
|
;mssql.max_procs = -1
|
||||||
|
;mssql.charset = "ISO-8859-1"
|
||||||
|
|
||||||
|
[Assertion]
|
||||||
|
;assert.active = On
|
||||||
|
;assert.warning = On
|
||||||
|
;assert.bail = Off
|
||||||
|
;assert.callback = 0
|
||||||
|
;assert.quiet_eval = 0
|
||||||
|
|
||||||
|
[mbstring]
|
||||||
|
;mbstring.language = Japanese
|
||||||
|
;mbstring.internal_encoding =
|
||||||
|
;mbstring.http_input =
|
||||||
|
;mbstring.http_output =
|
||||||
|
;mbstring.encoding_translation = Off
|
||||||
|
;mbstring.detect_order = auto
|
||||||
|
;mbstring.substitute_character = none
|
||||||
|
;mbstring.func_overload = 0
|
||||||
|
;mbstring.strict_detection = On
|
||||||
|
;mbstring.http_output_conv_mimetype=
|
||||||
|
|
||||||
|
[gd]
|
||||||
|
;gd.jpeg_ignore_warning = 0
|
||||||
|
|
||||||
|
[exif]
|
||||||
|
;exif.encode_unicode = ISO-8859-15
|
||||||
|
;exif.decode_unicode_motorola = UCS-2BE
|
||||||
|
;exif.decode_unicode_intel = UCS-2LE
|
||||||
|
;exif.encode_jis =
|
||||||
|
;exif.decode_jis_motorola = JIS
|
||||||
|
;exif.decode_jis_intel = JIS
|
||||||
|
|
||||||
|
[Tidy]
|
||||||
|
;tidy.default_config = /usr/local/lib/php/default.tcfg
|
||||||
|
tidy.clean_output = Off
|
||||||
|
|
||||||
|
[soap]
|
||||||
|
soap.wsdl_cache_enabled=1
|
||||||
|
soap.wsdl_cache_dir="/tmp"
|
||||||
|
soap.wsdl_cache_ttl=86400
|
||||||
|
soap.wsdl_cache_limit = 5
|
||||||
|
|
||||||
|
[sysvshm]
|
||||||
|
;sysvshm.init_mem = 10000
|
||||||
|
|
||||||
|
[ldap]
|
||||||
|
ldap.max_links = -1
|
||||||
|
|
||||||
|
[mcrypt]
|
||||||
|
;mcrypt.algorithms_dir=
|
||||||
|
;mcrypt.modes_dir=
|
||||||
|
|
||||||
|
[dba]
|
||||||
|
;dba.default_handler=
|
||||||
|
|
||||||
|
[curl]
|
||||||
|
;curl.cainfo =
|
||||||
|
|
||||||
|
[openssl]
|
||||||
|
;openssl.cafile=
|
||||||
|
;openssl.capath=
|
||||||
|
|
||||||
|
; Local Variables:
|
||||||
|
; tab-width: 4
|
||||||
|
; End:
|
7
configs/redis/redis.conf
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
# Redis conf file
|
||||||
|
port 6379
|
||||||
|
unixsocket /run/redis.sock
|
||||||
|
unixsocketperm 770
|
||||||
|
daemonize no
|
||||||
|
pidfile /tmp/redis.pid
|
||||||
|
dir /data/redis
|
2
configs/ssmtp/revaliases
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
# sSMTP aliases
|
||||||
|
#root:your_login@your.domain:mailhub.your.domain[:port]
|
5
configs/ssmtp/ssmtp.conf
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
# sSMTP sendmail
|
||||||
|
root=postmaster
|
||||||
|
mailhub=172.17.0.1
|
||||||
|
rewriteDomain=localhost
|
||||||
|
hostname="localhost"
|
162
db/couchdb.sh
Normal file
@ -0,0 +1,162 @@
|
|||||||
|
#!/usr/bin/env sh
|
||||||
|
export PATH="/opt/couchdb/bin:$PATH"
|
||||||
|
RUN_AS="${SERVICE_USER:-couchdb}"
|
||||||
|
COUCHDB_USER="${DATABASE_USER_ROOT:-root}"
|
||||||
|
COUCHDB_PASSWORD=${DATABASE_PASS_ROOT:-couchdb_password}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__exec_command() {
|
||||||
|
exitCode=0
|
||||||
|
cmd="${*:-bash -l}"
|
||||||
|
echo "${exec_message:-Executing command: $cmd}"
|
||||||
|
$cmd || exitCode=1
|
||||||
|
[ "$exitCode" = 0 ] || exitCode=10
|
||||||
|
return ${exitCode:-$?}
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__curl() { curl -q -LSsf --user $COUCHDB_USER:$COUCHDB_PASSWORD "$@" || return 1; }
|
||||||
|
__curl_database() { curl -q -LSsf -X PUT "http://$COUCHDB_USER:$COUCHDB_PASSWORD@127.0.0.1:5984/$1" || return 1; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__curl_users() {
|
||||||
|
__curl -X PUT "http://localhost:5984/_users/org.couchdb.user:$1" \
|
||||||
|
-H "Accept: application/json" \
|
||||||
|
-H "Content-Type: application/json" \
|
||||||
|
-d '{"name": "'$1'", "password": "'$2'", "roles": ['$4'], "type": "'${3:-user}'"}'
|
||||||
|
return $?
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
[ -z "$DATA_DIR_INITIALIZED" ] && [ -f "/data/.docker_has_run" ] && DATA_DIR_INITIALIZED="true" || DATA_DIR_INITIALIZED="false"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Create user if needed
|
||||||
|
if ! grep -q "$RUN_AS" /etc/passwd; then
|
||||||
|
groupadd -g 5984 -r $RUN_AS && useradd -u 5984 -d /opt/$RUN_AS -g $RUN_AS $RUN_AS
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
[ -d "/data/couchdb" ] || mv -f "/opt/couchdb/data" "/data/couchdb"
|
||||||
|
[ -d "/opt/couchdb/data" ] && rm -Rf "/opt/couchdb/data"
|
||||||
|
ln -sf "/data/couchdb" "/opt/couchdb/data" 2>/dev/null
|
||||||
|
touch "/opt/couchdb/etc/local.d/docker.ini" 2>/dev/null
|
||||||
|
chown -Rf $RUN_AS:$RUN_AS "/data/couchdb" "/opt/couchdb" 2>/dev/null
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
case "$1" in
|
||||||
|
db)
|
||||||
|
shift 1
|
||||||
|
case "$1" in
|
||||||
|
create)
|
||||||
|
shift 1
|
||||||
|
__curl_database "$1"
|
||||||
|
exit $?
|
||||||
|
;;
|
||||||
|
update)
|
||||||
|
shift 1
|
||||||
|
__curl_database "$1"
|
||||||
|
exit $?
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "Usage: db [create,update] name"
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
;;
|
||||||
|
|
||||||
|
user)
|
||||||
|
shift 1
|
||||||
|
case "$1" in
|
||||||
|
create)
|
||||||
|
shift 1
|
||||||
|
__curl_users "$1" "${2:-password}"
|
||||||
|
exit $?
|
||||||
|
;;
|
||||||
|
update)
|
||||||
|
shift 1
|
||||||
|
__curl_users "$1" "${2:-password}"
|
||||||
|
exit $?
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "Usage: user [create,update] username password type roles"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
;;
|
||||||
|
|
||||||
|
init)
|
||||||
|
shift 1
|
||||||
|
if [ "$DATA_DIR_INITIALIZED" = "false" ]; then
|
||||||
|
{
|
||||||
|
sleep 60
|
||||||
|
echo "Creating the default databases"
|
||||||
|
__curl -X PUT "http://127.0.0.1:5984/_users" 2>/dev/null >/dev/null &&
|
||||||
|
echo "Created database _users"
|
||||||
|
__curl -X PUT "http://127.0.0.1:5984/_replicator" 2>/dev/null >/dev/null &&
|
||||||
|
echo "Created database _replicator"
|
||||||
|
__curl -X PUT "http://127.0.0.1:5984/_global_changes" 2>/dev/null >/dev/null &&
|
||||||
|
echo "Created database _global_changes"
|
||||||
|
echo ""
|
||||||
|
} >"/dev/stdout" &
|
||||||
|
fi
|
||||||
|
exit $?
|
||||||
|
;;
|
||||||
|
|
||||||
|
*)
|
||||||
|
if [ "$(id -u)" = '0' ]; then
|
||||||
|
find /opt/couchdb \! \( -user $RUN_AS -group $RUN_AS \) -exec chown -f $RUN_AS:$RUN_AS '{}' +
|
||||||
|
find /opt/couchdb/data -type d ! -perm 0755 -exec chmod -f 0755 '{}' +
|
||||||
|
find /opt/couchdb/data -type f ! -perm 0644 -exec chmod -f 0644 '{}' +
|
||||||
|
find /opt/couchdb/etc -type d ! -perm 0755 -exec chmod -f 0755 '{}' +
|
||||||
|
find /opt/couchdb/etc -type f ! -perm 0644 -exec chmod -f 0644 '{}' +
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -n "$NODENAME" ] && ! grep "couchdb@" /opt/couchdb/etc/vm.args; then
|
||||||
|
echo "-name couchdb@$NODENAME" >>/opt/couchdb/etc/vm.args
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -n "$RUN_AS" ]; then
|
||||||
|
if ! grep -sPzoqr "\[admins\]\n$RUN_AS =" /opt/couchdb/etc/local.d/*.ini /opt/couchdb/etc/local.ini; then
|
||||||
|
printf "\n[admins]\n%s = %s\n" "$RUN_AS" "$RUN_AS" >>/opt/couchdb/etc/local.d/docker.ini
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -n "$COUCHDB_SECRET" ]; then
|
||||||
|
if ! grep -sPzoqr "\[chttpd_auth\]\nsecret =" /opt/couchdb/etc/local.d/*.ini /opt/couchdb/etc/local.ini; then
|
||||||
|
printf "\n[chttpd_auth]\nsecret = %s\n" "$COUCHDB_SECRET" >>/opt/couchdb/etc/local.d/docker.ini
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -n "$COUCHDB_ERLANG_COOKIE" ]; then
|
||||||
|
cookieFile='/opt/couchdb/.erlang.cookie'
|
||||||
|
if [ -e "$cookieFile" ]; then
|
||||||
|
if [ "$(cat "$cookieFile" 2>/dev/null)" != "$COUCHDB_ERLANG_COOKIE" ]; then
|
||||||
|
echo >&2
|
||||||
|
echo >&2 "warning: $cookieFile contents do not match COUCHDB_ERLANG_COOKIE"
|
||||||
|
echo >&2
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo "$COUCHDB_ERLANG_COOKIE" >"$cookieFile"
|
||||||
|
fi
|
||||||
|
chown $RUN_AS:$RUN_AS "$cookieFile"
|
||||||
|
chmod 600 "$cookieFile"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$(id -u)" = '0' ]; then
|
||||||
|
chown -f $RUN_AS:$RUN_AS /opt/couchdb/etc/local.d/docker.ini || true
|
||||||
|
fi
|
||||||
|
|
||||||
|
if ! grep -Pzoqr '\[admins\]\n[^;]\w+' /opt/couchdb/etc/default.d/*.ini /opt/couchdb/etc/local.d/*.ini /opt/couchdb/etc/local.ini; then
|
||||||
|
cat >&2 <<-'EOWARN'
|
||||||
|
*************************************************************
|
||||||
|
ERROR: CouchDB 3.0+ will no longer run in "Admin Party"
|
||||||
|
mode. You *MUST* specify an admin user and
|
||||||
|
password, either via your own .ini file mapped
|
||||||
|
into the container at /opt/couchdb/etc/local.ini
|
||||||
|
or inside /opt/couchdb/etc/local.d, or with
|
||||||
|
"-e COUCHDB_USER=admin -e COUCHDB_PASSWORD=password"
|
||||||
|
to set it via "docker run".
|
||||||
|
*************************************************************
|
||||||
|
EOWARN
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
if [ "$(id -u)" = '0' ]; then
|
||||||
|
__exec_command gosu $RUN_AS /opt/couchdb/bin/couchdb
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "This script should be called by root user"
|
||||||
|
;;
|
||||||
|
esac
|
570
db/mariadb.sh
Normal file
@ -0,0 +1,570 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
set -eo pipefail
|
||||||
|
shopt -s nullglob
|
||||||
|
MARIADB_ROOT_HOST="%"
|
||||||
|
MARIADB_AUTO_UPGRADE="yes"
|
||||||
|
MARIADB_DATABASE="$DATABASE_CREATE"
|
||||||
|
MARIADB_USER="$DATABASE_USER_NORMAL"
|
||||||
|
MARIADB_PASSWORD="$DATABASE_PASS_NORMAL"
|
||||||
|
MARIADB_ROOT_PASSWORD="$DATABASE_PASS_ROOT"
|
||||||
|
MARIADB_ALLOW_EMPTY_ROOT_PASSWORD=""
|
||||||
|
MARIADB_INITDB_SKIP_TZINFO=""
|
||||||
|
MARIADB_RANDOM_ROOT_PASSWORD=""
|
||||||
|
# logging functions
|
||||||
|
mysql_log() {
|
||||||
|
local type="$1"
|
||||||
|
shift
|
||||||
|
printf '%s [%s] [Entrypoint]: %s\n' "$(date --rfc-3339=seconds)" "$type" "$*"
|
||||||
|
}
|
||||||
|
mysql_note() {
|
||||||
|
mysql_log Note "$@"
|
||||||
|
}
|
||||||
|
mysql_warn() {
|
||||||
|
mysql_log Warn "$@" >&2
|
||||||
|
}
|
||||||
|
mysql_error() {
|
||||||
|
mysql_log ERROR "$@" >&2
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
|
||||||
|
# usage: file_env VAR [DEFAULT]
|
||||||
|
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
|
||||||
|
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
|
||||||
|
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
|
||||||
|
file_env() {
|
||||||
|
local var="$1"
|
||||||
|
local fileVar="${var}_FILE"
|
||||||
|
local def="${2:-}"
|
||||||
|
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
|
||||||
|
mysql_error "Both $var and $fileVar are set (but are exclusive)"
|
||||||
|
fi
|
||||||
|
local val="$def"
|
||||||
|
if [ "${!var:-}" ]; then
|
||||||
|
val="${!var}"
|
||||||
|
elif [ "${!fileVar:-}" ]; then
|
||||||
|
val="$(<"${!fileVar}")"
|
||||||
|
fi
|
||||||
|
export "$var"="$val"
|
||||||
|
unset "$fileVar"
|
||||||
|
}
|
||||||
|
|
||||||
|
# set MARIADB_xyz from MYSQL_xyz when MARIADB_xyz is unset
|
||||||
|
# and make them the same value (so user scripts can use either)
|
||||||
|
_mariadb_file_env() {
|
||||||
|
local var="$1"
|
||||||
|
shift
|
||||||
|
local maria="MARIADB_${var#MYSQL_}"
|
||||||
|
file_env "$var" "$@"
|
||||||
|
file_env "$maria" "${!var}"
|
||||||
|
if [ "${!maria:-}" ]; then
|
||||||
|
export "$var"="${!maria}"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# check to see if this file is being run or sourced from another script
|
||||||
|
_is_sourced() {
|
||||||
|
# https://unix.stackexchange.com/a/215279
|
||||||
|
[ "${#FUNCNAME[@]}" -ge 2 ] &&
|
||||||
|
[ "${FUNCNAME[0]}" = '_is_sourced' ] &&
|
||||||
|
[ "${FUNCNAME[1]}" = 'source' ]
|
||||||
|
}
|
||||||
|
|
||||||
|
# usage: docker_process_init_files [file [file [...]]]
|
||||||
|
# ie: docker_process_init_files /always-initdb.d/*
|
||||||
|
# process initializer files, based on file extensions
|
||||||
|
docker_process_init_files() {
|
||||||
|
# mysql here for backwards compatibility "${mysql[@]}"
|
||||||
|
# ShellCheck: mysql appears unused. Verify use (or export if used externally)
|
||||||
|
# shellcheck disable=SC2034
|
||||||
|
mysql=(docker_process_sql)
|
||||||
|
|
||||||
|
echo
|
||||||
|
local f
|
||||||
|
for f; do
|
||||||
|
case "$f" in
|
||||||
|
*.sh)
|
||||||
|
# https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
|
||||||
|
# https://github.com/docker-library/postgres/pull/452
|
||||||
|
if [ -x "$f" ]; then
|
||||||
|
mysql_note "$0: running $f"
|
||||||
|
"$f"
|
||||||
|
else
|
||||||
|
mysql_note "$0: sourcing $f"
|
||||||
|
# ShellCheck can't follow non-constant source. Use a directive to specify location.
|
||||||
|
# shellcheck disable=SC1090
|
||||||
|
. "$f"
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
*.sql)
|
||||||
|
mysql_note "$0: running $f"
|
||||||
|
docker_process_sql <"$f"
|
||||||
|
echo
|
||||||
|
;;
|
||||||
|
*.sql.gz)
|
||||||
|
mysql_note "$0: running $f"
|
||||||
|
gunzip -c "$f" | docker_process_sql
|
||||||
|
echo
|
||||||
|
;;
|
||||||
|
*.sql.xz)
|
||||||
|
mysql_note "$0: running $f"
|
||||||
|
xzcat "$f" | docker_process_sql
|
||||||
|
echo
|
||||||
|
;;
|
||||||
|
*.sql.zst)
|
||||||
|
mysql_note "$0: running $f"
|
||||||
|
zstd -dc "$f" | docker_process_sql
|
||||||
|
echo
|
||||||
|
;;
|
||||||
|
*) mysql_warn "$0: ignoring $f" ;;
|
||||||
|
esac
|
||||||
|
echo
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
|
# arguments necessary to run "mariadbd --verbose --help" successfully (used for testing configuration validity and for extracting default/configured values)
|
||||||
|
_verboseHelpArgs=(
|
||||||
|
--verbose --help
|
||||||
|
)
|
||||||
|
|
||||||
|
mysql_check_config() {
|
||||||
|
local toRun=("$@" "${_verboseHelpArgs[@]}") errors
|
||||||
|
if ! errors="$("${toRun[@]}" 2>&1 >/dev/null)"; then
|
||||||
|
mysql_error $'mariadbd failed while attempting to check config\n\tcommand was: '"${toRun[*]}"$'\n\t'"$errors"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# Fetch value from server config
|
||||||
|
# We use mariadbd --verbose --help instead of my_print_defaults because the
|
||||||
|
# latter only show values present in config files, and not server defaults
|
||||||
|
mysql_get_config() {
|
||||||
|
local conf="$1"
|
||||||
|
shift
|
||||||
|
"$@" "${_verboseHelpArgs[@]}" 2>/dev/null |
|
||||||
|
awk -v conf="$conf" '$1 == conf && /^[^ \t]/ { sub(/^[^ \t]+[ \t]+/, ""); print; exit }'
|
||||||
|
# match "datadir /some/path with/spaces in/it here" but not "--xyz=abc\n datadir (xyz)"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Do a temporary startup of the MariaDB server, for init purposes
|
||||||
|
docker_temp_server_start() {
|
||||||
|
"$@" --skip-networking --default-time-zone=SYSTEM --socket="${SOCKET}" --wsrep_on=OFF \
|
||||||
|
--expire-logs-days=0 \
|
||||||
|
--loose-innodb_buffer_pool_load_at_startup=0 &
|
||||||
|
declare -g MARIADB_PID
|
||||||
|
MARIADB_PID=$!
|
||||||
|
mysql_note "Waiting for server startup"
|
||||||
|
# only use the root password if the database has already been initialized
|
||||||
|
# so that it won't try to fill in a password file when it hasn't been set yet
|
||||||
|
extraArgs=()
|
||||||
|
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
|
||||||
|
extraArgs+=('--dont-use-mysql-root-password')
|
||||||
|
fi
|
||||||
|
local i
|
||||||
|
for i in {30..0}; do
|
||||||
|
if docker_process_sql "${extraArgs[@]}" --database=mysql <<<'SELECT 1' &>/dev/null; then
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
sleep 1
|
||||||
|
done
|
||||||
|
if [ "$i" = 0 ]; then
|
||||||
|
mysql_error "Unable to start server."
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# Stop the server. When using a local socket file mariadb-admin will block until
|
||||||
|
# the shutdown is complete.
|
||||||
|
docker_temp_server_stop() {
|
||||||
|
kill "$MARIADB_PID"
|
||||||
|
wait "$MARIADB_PID"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Verify that the minimally required password settings are set for new databases.
|
||||||
|
docker_verify_minimum_env() {
|
||||||
|
if [ -z "$MARIADB_ROOT_PASSWORD" ] && [ -z "$MARIADB_ROOT_PASSWORD_HASH" ] && [ -z "$MARIADB_ALLOW_EMPTY_ROOT_PASSWORD" ] && [ -z "$MARIADB_RANDOM_ROOT_PASSWORD" ]; then
|
||||||
|
mysql_error $'Database is uninitialized and password option is not specified\n\tYou need to specify one of MARIADB_ROOT_PASSWORD, MARIADB_ROOT_PASSWORD_HASH, MARIADB_ALLOW_EMPTY_ROOT_PASSWORD and MARIADB_RANDOM_ROOT_PASSWORD'
|
||||||
|
fi
|
||||||
|
# More preemptive exclusions of combinations should have been made before *PASSWORD_HASH was added, but for now we don't enforce due to compatibility.
|
||||||
|
if [ -n "$MARIADB_ROOT_PASSWORD" ] || [ -n "$MARIADB_ALLOW_EMPTY_ROOT_PASSWORD" ] || [ -n "$MARIADB_RANDOM_ROOT_PASSWORD" ] && [ -n "$MARIADB_ROOT_PASSWORD_HASH" ]; then
|
||||||
|
mysql_error "Cannot specify MARIADB_ROOT_PASSWORD_HASH and another MARIADB_ROOT_PASSWORD* option."
|
||||||
|
fi
|
||||||
|
if [ -n "$MARIADB_PASSWORD" ] && [ -n "$MARIADB_PASSWORD_HASH" ]; then
|
||||||
|
mysql_error "Cannot specify MARIADB_PASSWORD_HASH and MARIADB_PASSWORD option."
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# creates folders for the database
|
||||||
|
# also ensures permission for user mysql of run as root
|
||||||
|
docker_create_db_directories() {
|
||||||
|
local user
|
||||||
|
user="$(id -u)"
|
||||||
|
|
||||||
|
# TODO other directories that are used by default? like /var/lib/mysql-files
|
||||||
|
# see https://github.com/docker-library/mysql/issues/562
|
||||||
|
mkdir -p "$DATADIR"
|
||||||
|
|
||||||
|
if [ "$user" = "0" ]; then
|
||||||
|
# this will cause less disk access than `chown -R`
|
||||||
|
find "$DATADIR" \! -user mysql -exec chown mysql: '{}' +
|
||||||
|
# See https://github.com/MariaDB/mariadb-docker/issues/363
|
||||||
|
find "${SOCKET%/*}" -maxdepth 0 \! -user mysql -exec chown mysql: '{}' \;
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
_mariadb_version() {
|
||||||
|
local mariaVersion="${MARIADB_VERSION##*:}"
|
||||||
|
mariaVersion="${mariaVersion%%[-+~]*}"
|
||||||
|
echo -n "${mariaVersion}-MariaDB"
|
||||||
|
}
|
||||||
|
|
||||||
|
# initializes the database directory
|
||||||
|
docker_init_database_dir() {
|
||||||
|
mysql_note "Initializing database files"
|
||||||
|
installArgs=(--datadir="$DATADIR" --rpm --auth-root-authentication-method=normal)
|
||||||
|
# "Other options are passed to mariadbd." (so we pass all "mysqld" arguments directly here)
|
||||||
|
mariadb-install-db "${installArgs[@]}" "${@:2}" \
|
||||||
|
--skip-test-db \
|
||||||
|
--old-mode='UTF8_IS_UTF8MB3' \
|
||||||
|
--default-time-zone=SYSTEM --enforce-storage-engine= \
|
||||||
|
--skip-log-bin \
|
||||||
|
--expire-logs-days=0 \
|
||||||
|
--loose-innodb_buffer_pool_load_at_startup=0 \
|
||||||
|
--loose-innodb_buffer_pool_dump_at_shutdown=0
|
||||||
|
mysql_note "Database files initialized"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Loads various settings that are used elsewhere in the script
|
||||||
|
# This should be called after mysql_check_config, but before any other functions
|
||||||
|
docker_setup_env() {
|
||||||
|
# Get config
|
||||||
|
declare -g DATADIR SOCKET
|
||||||
|
DATADIR="$(mysql_get_config 'datadir' "$@")"
|
||||||
|
SOCKET="$(mysql_get_config 'socket' "$@")"
|
||||||
|
|
||||||
|
# Initialize values that might be stored in a file
|
||||||
|
_mariadb_file_env 'MYSQL_ROOT_HOST' '%'
|
||||||
|
_mariadb_file_env 'MYSQL_DATABASE'
|
||||||
|
_mariadb_file_env 'MYSQL_USER'
|
||||||
|
_mariadb_file_env 'MYSQL_PASSWORD'
|
||||||
|
_mariadb_file_env 'MYSQL_ROOT_PASSWORD'
|
||||||
|
# No MYSQL_ compatibility needed for new variables
|
||||||
|
file_env 'MARIADB_PASSWORD_HASH'
|
||||||
|
file_env 'MARIADB_ROOT_PASSWORD_HASH'
|
||||||
|
|
||||||
|
# set MARIADB_ from MYSQL_ when it is unset and then make them the same value
|
||||||
|
: "${MARIADB_ALLOW_EMPTY_ROOT_PASSWORD:=${MYSQL_ALLOW_EMPTY_PASSWORD:-}}"
|
||||||
|
export MYSQL_ALLOW_EMPTY_PASSWORD="$MARIADB_ALLOW_EMPTY_ROOT_PASSWORD" MARIADB_ALLOW_EMPTY_ROOT_PASSWORD
|
||||||
|
: "${MARIADB_RANDOM_ROOT_PASSWORD:=${MYSQL_RANDOM_ROOT_PASSWORD:-}}"
|
||||||
|
export MYSQL_RANDOM_ROOT_PASSWORD="$MARIADB_RANDOM_ROOT_PASSWORD" MARIADB_RANDOM_ROOT_PASSWORD
|
||||||
|
: "${MARIADB_INITDB_SKIP_TZINFO:=${MYSQL_INITDB_SKIP_TZINFO:-}}"
|
||||||
|
export MYSQL_INITDB_SKIP_TZINFO="$MARIADB_INITDB_SKIP_TZINFO" MARIADB_INITDB_SKIP_TZINFO
|
||||||
|
|
||||||
|
declare -g DATABASE_ALREADY_EXISTS
|
||||||
|
if [ -d "$DATADIR/mysql" ]; then
|
||||||
|
DATABASE_ALREADY_EXISTS='true'
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# Execute the client, use via docker_process_sql to handle root password
|
||||||
|
docker_exec_client() {
|
||||||
|
# args sent in can override this db, since they will be later in the command
|
||||||
|
if [ -n "$MYSQL_DATABASE" ]; then
|
||||||
|
set -- --database="$MYSQL_DATABASE" "$@"
|
||||||
|
fi
|
||||||
|
mariadb --protocol=socket -uroot -hlocalhost --socket="${SOCKET}" "$@"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Execute sql script, passed via stdin
|
||||||
|
# usage: docker_process_sql [--dont-use-mysql-root-password] [mysql-cli-args]
|
||||||
|
# ie: docker_process_sql --database=mydb <<<'INSERT ...'
|
||||||
|
# ie: docker_process_sql --dont-use-mysql-root-password --database=mydb <my-file.sql
|
||||||
|
docker_process_sql() {
|
||||||
|
if [ '--dont-use-mysql-root-password' = "$1" ]; then
|
||||||
|
shift
|
||||||
|
MYSQL_PWD='' docker_exec_client "$@"
|
||||||
|
else
|
||||||
|
MYSQL_PWD=$MARIADB_ROOT_PASSWORD docker_exec_client "$@"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# SQL escape the string $1 to be placed in a string literal.
|
||||||
|
# escape, \ followed by '
|
||||||
|
docker_sql_escape_string_literal() {
|
||||||
|
local newline=$'\n'
|
||||||
|
local escaped=${1//\\/\\\\}
|
||||||
|
escaped="${escaped//$newline/\\n}"
|
||||||
|
echo "${escaped//\'/\\\'}"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Initializes database with timezone info and root password, plus optional extra db/user
|
||||||
|
docker_setup_db() {
|
||||||
|
# Load timezone info into database
|
||||||
|
if [ -z "$MARIADB_INITDB_SKIP_TZINFO" ]; then
|
||||||
|
# --skip-write-binlog usefully disables binary logging
|
||||||
|
# but also outputs LOCK TABLES to improve the IO of
|
||||||
|
# Aria (MDEV-23326) for 10.4+.
|
||||||
|
mariadb-tzinfo-to-sql --skip-write-binlog /usr/share/zoneinfo |
|
||||||
|
docker_process_sql --dont-use-mysql-root-password --database=mysql
|
||||||
|
# tell docker_process_sql to not use MYSQL_ROOT_PASSWORD since it is not set yet
|
||||||
|
fi
|
||||||
|
# Generate random root password
|
||||||
|
if [ -n "$MARIADB_RANDOM_ROOT_PASSWORD" ]; then
|
||||||
|
MARIADB_ROOT_PASSWORD="$(pwgen --numerals --capitalize --symbols --remove-chars="'\\" -1 32)"
|
||||||
|
export MARIADB_ROOT_PASSWORD MYSQL_ROOT_PASSWORD=$MARIADB_ROOT_PASSWORD
|
||||||
|
mysql_note "GENERATED ROOT PASSWORD: $MARIADB_ROOT_PASSWORD"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Creates root users for non-localhost hosts
|
||||||
|
local rootCreate=
|
||||||
|
local rootPasswordEscaped=
|
||||||
|
if [ -n "$MARIADB_ROOT_PASSWORD" ]; then
|
||||||
|
# Sets root password and creates root users for non-localhost hosts
|
||||||
|
rootPasswordEscaped=$(docker_sql_escape_string_literal "${MARIADB_ROOT_PASSWORD}")
|
||||||
|
fi
|
||||||
|
|
||||||
|
# default root to listen for connections from anywhere
|
||||||
|
if [ -n "$MARIADB_ROOT_HOST" ] && [ "$MARIADB_ROOT_HOST" != 'localhost' ]; then
|
||||||
|
# ref "read -d ''", no, we don't care if read finds a terminating character in this heredoc
|
||||||
|
# https://unix.stackexchange.com/questions/265149/why-is-set-o-errexit-breaking-this-read-heredoc-expression/265151#265151
|
||||||
|
if [ -n "$MARIADB_ROOT_PASSWORD_HASH" ]; then
|
||||||
|
read -r -d '' rootCreate <<-EOSQL || true
|
||||||
|
CREATE USER 'root'@'${MARIADB_ROOT_HOST}' IDENTIFIED BY PASSWORD '${MARIADB_ROOT_PASSWORD_HASH}' ;
|
||||||
|
GRANT ALL ON *.* TO 'root'@'${MARIADB_ROOT_HOST}' WITH GRANT OPTION ;
|
||||||
|
EOSQL
|
||||||
|
else
|
||||||
|
read -r -d '' rootCreate <<-EOSQL || true
|
||||||
|
CREATE USER 'root'@'${MARIADB_ROOT_HOST}' IDENTIFIED BY '${rootPasswordEscaped}' ;
|
||||||
|
GRANT ALL ON *.* TO 'root'@'${MARIADB_ROOT_HOST}' WITH GRANT OPTION ;
|
||||||
|
EOSQL
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
local mysqlAtLocalhost=
|
||||||
|
local mysqlAtLocalhostGrants=
|
||||||
|
# Install mysql@localhost user
|
||||||
|
if [ -n "$MARIADB_MYSQL_LOCALHOST_USER" ]; then
|
||||||
|
local pw=
|
||||||
|
pw="$(pwgen --numerals --capitalize --symbols --remove-chars="'\\" -1 32)"
|
||||||
|
# MDEV-24111 before MariaDB-10.4 cannot create unix_socket user directly auth with simple_password_check
|
||||||
|
# It wasn't until 10.4 that the unix_socket auth was built in to the server.
|
||||||
|
read -r -d '' mysqlAtLocalhost <<-EOSQL || true
|
||||||
|
EXECUTE IMMEDIATE IF(VERSION() RLIKE '^10\.3\.',
|
||||||
|
"INSTALL PLUGIN /*M10401 IF NOT EXISTS */ unix_socket SONAME 'auth_socket'",
|
||||||
|
"SELECT 'already there'");
|
||||||
|
CREATE USER mysql@localhost IDENTIFIED BY '$pw';
|
||||||
|
ALTER USER mysql@localhost IDENTIFIED VIA unix_socket;
|
||||||
|
EOSQL
|
||||||
|
if [ -n "$MARIADB_MYSQL_LOCALHOST_GRANTS" ]; then
|
||||||
|
if [ "$MARIADB_MYSQL_LOCALHOST_GRANTS" != USAGE ]; then
|
||||||
|
mysql_warn "Excessive privileges ON *.* TO mysql@localhost facilitates risks to the confidentiality, integrity and availability of data stored"
|
||||||
|
fi
|
||||||
|
mysqlAtLocalhostGrants="GRANT ${MARIADB_MYSQL_LOCALHOST_GRANTS} ON *.* TO mysql@localhost;"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
local rootLocalhostPass=
|
||||||
|
if [ -z "$MARIADB_ROOT_PASSWORD_HASH" ]; then
|
||||||
|
# handle MARIADB_ROOT_PASSWORD_HASH for root@localhost after /docker-entrypoint-initdb.d
|
||||||
|
rootLocalhostPass="SET PASSWORD FOR 'root'@'localhost'= PASSWORD('${rootPasswordEscaped}');"
|
||||||
|
fi
|
||||||
|
|
||||||
|
local createDatabase=
|
||||||
|
# Creates a custom database and user if specified
|
||||||
|
if [ -n "$MARIADB_DATABASE" ]; then
|
||||||
|
mysql_note "Creating database ${MARIADB_DATABASE}"
|
||||||
|
createDatabase="CREATE DATABASE IF NOT EXISTS \`$MARIADB_DATABASE\`;"
|
||||||
|
fi
|
||||||
|
|
||||||
|
local createUser=
|
||||||
|
local userGrants=
|
||||||
|
if [ -n "$MARIADB_PASSWORD" ] || [ -n "$MARIADB_PASSWORD_HASH" ] && [ -n "$MARIADB_USER" ]; then
|
||||||
|
mysql_note "Creating user ${MARIADB_USER}"
|
||||||
|
if [ -n "$MARIADB_PASSWORD_HASH" ]; then
|
||||||
|
createUser="CREATE USER '$MARIADB_USER'@'%' IDENTIFIED BY PASSWORD '$MARIADB_PASSWORD_HASH';"
|
||||||
|
else
|
||||||
|
# SQL escape the user password, \ followed by '
|
||||||
|
local userPasswordEscaped
|
||||||
|
userPasswordEscaped=$(docker_sql_escape_string_literal "${MARIADB_PASSWORD}")
|
||||||
|
createUser="CREATE USER '$MARIADB_USER'@'%' IDENTIFIED BY '$userPasswordEscaped';"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -n "$MARIADB_DATABASE" ]; then
|
||||||
|
mysql_note "Giving user ${MARIADB_USER} access to schema ${MARIADB_DATABASE}"
|
||||||
|
userGrants="GRANT ALL ON \`${MARIADB_DATABASE//_/\\_}\`.* TO '$MARIADB_USER'@'%';"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
mysql_note "Securing system users (equivalent to running mysql_secure_installation)"
|
||||||
|
# tell docker_process_sql to not use MARIADB_ROOT_PASSWORD since it is just now being set
|
||||||
|
# --binary-mode to save us from the semi-mad users go out of their way to confuse the encoding.
|
||||||
|
docker_process_sql --dont-use-mysql-root-password --database=mysql --binary-mode <<-EOSQL
|
||||||
|
-- Securing system users shouldn't be replicated
|
||||||
|
SET @orig_sql_log_bin= @@SESSION.SQL_LOG_BIN;
|
||||||
|
SET @@SESSION.SQL_LOG_BIN=0;
|
||||||
|
-- we need the SQL_MODE NO_BACKSLASH_ESCAPES mode to be clear for the password to be set
|
||||||
|
SET @@SESSION.SQL_MODE=REPLACE(@@SESSION.SQL_MODE, 'NO_BACKSLASH_ESCAPES', '');
|
||||||
|
|
||||||
|
DROP USER IF EXISTS root@'127.0.0.1', root@'::1';
|
||||||
|
EXECUTE IMMEDIATE CONCAT('DROP USER IF EXISTS root@\'', @@hostname,'\'');
|
||||||
|
|
||||||
|
${rootLocalhostPass}
|
||||||
|
${rootCreate}
|
||||||
|
${mysqlAtLocalhost}
|
||||||
|
${mysqlAtLocalhostGrants}
|
||||||
|
-- pre-10.3 only
|
||||||
|
DROP DATABASE IF EXISTS test ;
|
||||||
|
-- end of securing system users, rest of init now...
|
||||||
|
SET @@SESSION.SQL_LOG_BIN=@orig_sql_log_bin;
|
||||||
|
-- create users/databases
|
||||||
|
${createDatabase}
|
||||||
|
${createUser}
|
||||||
|
${userGrants}
|
||||||
|
EOSQL
|
||||||
|
}
|
||||||
|
|
||||||
|
# backup the mysql database
|
||||||
|
docker_mariadb_backup_system() {
|
||||||
|
if [ -n "$MARIADB_DISABLE_UPGRADE_BACKUP" ] &&
|
||||||
|
[ "$MARIADB_DISABLE_UPGRADE_BACKUP" = 1 ]; then
|
||||||
|
mysql_note "MariaDB upgrade backup disabled due to \$MARIADB_DISABLE_UPGRADE_BACKUP=1 setting"
|
||||||
|
return
|
||||||
|
fi
|
||||||
|
local backup_db="system_mysql_backup_unknown_version.sql.zst"
|
||||||
|
local oldfullversion="unknown_version"
|
||||||
|
if [ -r "$DATADIR"/mariadb_upgrade_info ]; then
|
||||||
|
read -r -d '' oldfullversion <"$DATADIR"/mariadb_upgrade_info || true
|
||||||
|
if [ -n "$oldfullversion" ]; then
|
||||||
|
backup_db="system_mysql_backup_${oldfullversion}.sql.zst"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
mysql_note "Backing up system database to $backup_db"
|
||||||
|
if ! mariadb-dump --skip-lock-tables --replace --databases mysql --socket="${SOCKET}" | zstd >"${DATADIR}/${backup_db}"; then
|
||||||
|
mysql_error "Unable backup system database for upgrade from $oldfullversion."
|
||||||
|
fi
|
||||||
|
mysql_note "Backing up complete"
|
||||||
|
}
|
||||||
|
|
||||||
|
# perform mariadb-upgrade
|
||||||
|
# backup the mysql database if this is a major upgrade
|
||||||
|
docker_mariadb_upgrade() {
|
||||||
|
if [ -z "$MARIADB_AUTO_UPGRADE" ] ||
|
||||||
|
[ "$MARIADB_AUTO_UPGRADE" = 0 ]; then
|
||||||
|
mysql_note "MariaDB upgrade (mariadb-upgrade) required, but skipped due to \$MARIADB_AUTO_UPGRADE setting"
|
||||||
|
return
|
||||||
|
fi
|
||||||
|
mysql_note "Starting temporary server"
|
||||||
|
docker_temp_server_start "$@" --skip-grant-tables \
|
||||||
|
--loose-innodb_buffer_pool_dump_at_shutdown=0 \
|
||||||
|
--skip-slave-start
|
||||||
|
mysql_note "Temporary server started."
|
||||||
|
|
||||||
|
docker_mariadb_backup_system
|
||||||
|
|
||||||
|
mysql_note "Starting mariadb-upgrade"
|
||||||
|
mariadb-upgrade --upgrade-system-tables
|
||||||
|
mysql_note "Finished mariadb-upgrade"
|
||||||
|
|
||||||
|
mysql_note "Stopping temporary server"
|
||||||
|
docker_temp_server_stop
|
||||||
|
mysql_note "Temporary server stopped"
|
||||||
|
}
|
||||||
|
|
||||||
|
_check_if_upgrade_is_needed() {
|
||||||
|
if [ ! -f "$DATADIR"/mariadb_upgrade_info ]; then
|
||||||
|
mysql_note "MariaDB upgrade information missing, assuming required"
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
local mariadbVersion
|
||||||
|
mariadbVersion="$(_mariadb_version)"
|
||||||
|
IFS='.-' read -ra newversion <<<"$mariadbVersion"
|
||||||
|
IFS='.-' read -ra oldversion <"$DATADIR"/mariadb_upgrade_info || true
|
||||||
|
|
||||||
|
if [[ ${#newversion[@]} -lt 2 ]] || [[ ${#oldversion[@]} -lt 2 ]] ||
|
||||||
|
[[ ${oldversion[0]} -lt ${newversion[0]} ]] ||
|
||||||
|
[[ ${oldversion[0]} -eq ${newversion[0]} && ${oldversion[1]} -lt ${newversion[1]} ]]; then
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
mysql_note "MariaDB upgrade not required"
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
|
# check arguments for an option that would cause mariadbd to stop
|
||||||
|
# return true if there is one
|
||||||
|
_mysql_want_help() {
|
||||||
|
local arg
|
||||||
|
for arg; do
|
||||||
|
case "$arg" in
|
||||||
|
-'?' | --help | --print-defaults | -V | --version)
|
||||||
|
return 0
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
|
_main() {
|
||||||
|
# if command starts with an option, prepend mariadbd
|
||||||
|
if [ "${1:0:1}" = '-' ]; then
|
||||||
|
set -- mariadbd "$@"
|
||||||
|
fi
|
||||||
|
|
||||||
|
#ENDOFSUBSTITUTIONS
|
||||||
|
# skip setup if they aren't running mysqld or want an option that stops mysqld
|
||||||
|
if [ "$1" = 'mariadbd' ] || [ "$1" = 'mysqld' ] && ! _mysql_want_help "$@"; then
|
||||||
|
mysql_note "Entrypoint script for MariaDB Server ${MARIADB_VERSION} started."
|
||||||
|
|
||||||
|
mysql_check_config "$@"
|
||||||
|
# Load various environment variables
|
||||||
|
docker_setup_env "$@"
|
||||||
|
docker_create_db_directories
|
||||||
|
|
||||||
|
# If container is started as root user, restart as dedicated mysql user
|
||||||
|
if [ "$(id -u)" = "0" ]; then
|
||||||
|
mysql_note "Switching to dedicated user 'mysql'"
|
||||||
|
exec gosu mysql "${BASH_SOURCE[0]}" "$@"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# there's no database, so it needs to be initialized
|
||||||
|
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
|
||||||
|
docker_verify_minimum_env
|
||||||
|
|
||||||
|
# check dir permissions to reduce likelihood of half-initialized database
|
||||||
|
ls /docker-entrypoint-initdb.d/ >/dev/null
|
||||||
|
|
||||||
|
docker_init_database_dir "$@"
|
||||||
|
|
||||||
|
mysql_note "Starting temporary server"
|
||||||
|
docker_temp_server_start "$@"
|
||||||
|
mysql_note "Temporary server started."
|
||||||
|
|
||||||
|
docker_setup_db
|
||||||
|
docker_process_init_files /docker-entrypoint-initdb.d/*
|
||||||
|
# Wait until after /docker-entrypoint-initdb.d is performed before setting
|
||||||
|
# root@localhost password to a hash we don't know the password for.
|
||||||
|
if [ -n "${MARIADB_ROOT_PASSWORD_HASH}" ]; then
|
||||||
|
mysql_note "Setting root@localhost password hash"
|
||||||
|
docker_process_sql --dont-use-mysql-root-password --binary-mode <<-EOSQL
|
||||||
|
SET @@SESSION.SQL_LOG_BIN=0;
|
||||||
|
SET PASSWORD FOR 'root'@'localhost'= '${MARIADB_ROOT_PASSWORD_HASH}';
|
||||||
|
EOSQL
|
||||||
|
fi
|
||||||
|
|
||||||
|
mysql_note "Stopping temporary server"
|
||||||
|
docker_temp_server_stop
|
||||||
|
mysql_note "Temporary server stopped"
|
||||||
|
|
||||||
|
echo
|
||||||
|
mysql_note "MariaDB init process done. Ready for start up."
|
||||||
|
echo
|
||||||
|
# MDEV-27636 mariadb_upgrade --check-if-upgrade-is-needed cannot be run offline
|
||||||
|
#elif mariadb-upgrade --check-if-upgrade-is-needed; then
|
||||||
|
elif _check_if_upgrade_is_needed; then
|
||||||
|
docker_mariadb_upgrade "$@"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
exec "$@"
|
||||||
|
}
|
||||||
|
|
||||||
|
# If we are sourced from elsewhere, don't perform any further actions
|
||||||
|
if ! _is_sourced; then
|
||||||
|
_main "$@"
|
||||||
|
fi
|
434
db/mongodb.sh
Normal file
@ -0,0 +1,434 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
set -Eeuo pipefail
|
||||||
|
|
||||||
|
if [ "${1:0:1}" = '-' ]; then
|
||||||
|
set -- mongod "$@"
|
||||||
|
fi
|
||||||
|
|
||||||
|
originalArgOne="$1"
|
||||||
|
|
||||||
|
# allow the container to be started with `--user`
|
||||||
|
# all mongo* commands should be dropped to the correct user
|
||||||
|
if [[ "$originalArgOne" == mongo* ]] && [ "$(id -u)" = '0' ]; then
|
||||||
|
if [ "$originalArgOne" = 'mongod' ]; then
|
||||||
|
find /data/configdb /data/db \! -user mongodb -exec chown mongodb '{}' +
|
||||||
|
fi
|
||||||
|
|
||||||
|
# make sure we can write to stdout and stderr as "mongodb"
|
||||||
|
# (for our "initdb" code later; see "--logpath" below)
|
||||||
|
chown --dereference mongodb "/proc/$$/fd/1" "/proc/$$/fd/2" || :
|
||||||
|
# ignore errors thanks to https://github.com/docker-library/mongo/issues/149
|
||||||
|
|
||||||
|
exec gosu mongodb "$BASH_SOURCE" "$@"
|
||||||
|
fi
|
||||||
|
|
||||||
|
dpkgArch="$(dpkg --print-architecture)"
|
||||||
|
case "$dpkgArch" in
|
||||||
|
amd64) # https://github.com/docker-library/mongo/issues/485#issuecomment-891991814
|
||||||
|
if ! grep -qE '^flags.* avx( .*|$)' /proc/cpuinfo; then
|
||||||
|
{
|
||||||
|
echo
|
||||||
|
echo 'WARNING: MongoDB 5.0+ requires a CPU with AVX support, and your current system does not appear to have that!'
|
||||||
|
echo ' see https://jira.mongodb.org/browse/SERVER-54407'
|
||||||
|
echo ' see also https://www.mongodb.com/community/forums/t/mongodb-5-0-cpu-intel-g4650-compatibility/116610/2'
|
||||||
|
echo ' see also https://github.com/docker-library/mongo/issues/485#issuecomment-891991814'
|
||||||
|
echo
|
||||||
|
} >&2
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
|
||||||
|
arm64) # https://github.com/docker-library/mongo/issues/485#issuecomment-970864306
|
||||||
|
# https://en.wikichip.org/wiki/arm/armv8#ARMv8_Extensions_and_Processor_Features
|
||||||
|
# http://javathunderx.blogspot.com/2018/11/cheat-sheet-for-cpuinfo-features-on.html
|
||||||
|
if ! grep -qE '^Features.* (fphp|dcpop|sha3|sm3|sm4|asimddp|sha512|sve)( .*|$)' /proc/cpuinfo; then
|
||||||
|
{
|
||||||
|
echo
|
||||||
|
echo 'WARNING: MongoDB 5.0+ requires ARMv8.2-A or higher, and your current system does not appear to implement any of the common features for that!'
|
||||||
|
echo ' see https://jira.mongodb.org/browse/SERVER-55178'
|
||||||
|
echo ' see also https://en.wikichip.org/wiki/arm/armv8#ARMv8_Extensions_and_Processor_Features'
|
||||||
|
echo ' see also https://github.com/docker-library/mongo/issues/485#issuecomment-970864306'
|
||||||
|
echo
|
||||||
|
} >&2
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
# you should use numactl to start your mongod instances, including the config servers, mongos instances, and any clients.
|
||||||
|
# https://docs.mongodb.com/manual/administration/production-notes/#configuring-numa-on-linux
|
||||||
|
if [[ "$originalArgOne" == mongo* ]]; then
|
||||||
|
numa='numactl --interleave=all'
|
||||||
|
if $numa true &>/dev/null; then
|
||||||
|
set -- $numa "$@"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# usage: file_env VAR [DEFAULT]
|
||||||
|
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
|
||||||
|
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
|
||||||
|
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
|
||||||
|
file_env() {
|
||||||
|
local var="$1"
|
||||||
|
local fileVar="${var}_FILE"
|
||||||
|
local def="${2:-}"
|
||||||
|
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
|
||||||
|
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
local val="$def"
|
||||||
|
if [ "${!var:-}" ]; then
|
||||||
|
val="${!var}"
|
||||||
|
elif [ "${!fileVar:-}" ]; then
|
||||||
|
val="$(<"${!fileVar}")"
|
||||||
|
fi
|
||||||
|
export "$var"="$val"
|
||||||
|
unset "$fileVar"
|
||||||
|
}
|
||||||
|
|
||||||
|
# see https://github.com/docker-library/mongo/issues/147 (mongod is picky about duplicated arguments)
|
||||||
|
_mongod_hack_have_arg() {
|
||||||
|
local checkArg="$1"
|
||||||
|
shift
|
||||||
|
local arg
|
||||||
|
for arg; do
|
||||||
|
case "$arg" in
|
||||||
|
"$checkArg" | "$checkArg"=*)
|
||||||
|
return 0
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
# _mongod_hack_get_arg_val '--some-arg' "$@"
|
||||||
|
_mongod_hack_get_arg_val() {
|
||||||
|
local checkArg="$1"
|
||||||
|
shift
|
||||||
|
while [ "$#" -gt 0 ]; do
|
||||||
|
local arg="$1"
|
||||||
|
shift
|
||||||
|
case "$arg" in
|
||||||
|
"$checkArg")
|
||||||
|
echo "$1"
|
||||||
|
return 0
|
||||||
|
;;
|
||||||
|
"$checkArg"=*)
|
||||||
|
echo "${arg#$checkArg=}"
|
||||||
|
return 0
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
declare -a mongodHackedArgs
|
||||||
|
# _mongod_hack_ensure_arg '--some-arg' "$@"
|
||||||
|
# set -- "${mongodHackedArgs[@]}"
|
||||||
|
_mongod_hack_ensure_arg() {
|
||||||
|
local ensureArg="$1"
|
||||||
|
shift
|
||||||
|
mongodHackedArgs=("$@")
|
||||||
|
if ! _mongod_hack_have_arg "$ensureArg" "$@"; then
|
||||||
|
mongodHackedArgs+=("$ensureArg")
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# _mongod_hack_ensure_no_arg '--some-unwanted-arg' "$@"
|
||||||
|
# set -- "${mongodHackedArgs[@]}"
|
||||||
|
_mongod_hack_ensure_no_arg() {
|
||||||
|
local ensureNoArg="$1"
|
||||||
|
shift
|
||||||
|
mongodHackedArgs=()
|
||||||
|
while [ "$#" -gt 0 ]; do
|
||||||
|
local arg="$1"
|
||||||
|
shift
|
||||||
|
if [ "$arg" = "$ensureNoArg" ]; then
|
||||||
|
continue
|
||||||
|
fi
|
||||||
|
mongodHackedArgs+=("$arg")
|
||||||
|
done
|
||||||
|
}
|
||||||
|
# _mongod_hack_ensure_no_arg '--some-unwanted-arg' "$@"
|
||||||
|
# set -- "${mongodHackedArgs[@]}"
|
||||||
|
_mongod_hack_ensure_no_arg_val() {
|
||||||
|
local ensureNoArg="$1"
|
||||||
|
shift
|
||||||
|
mongodHackedArgs=()
|
||||||
|
while [ "$#" -gt 0 ]; do
|
||||||
|
local arg="$1"
|
||||||
|
shift
|
||||||
|
case "$arg" in
|
||||||
|
"$ensureNoArg")
|
||||||
|
shift # also skip the value
|
||||||
|
continue
|
||||||
|
;;
|
||||||
|
"$ensureNoArg"=*)
|
||||||
|
# value is already included
|
||||||
|
continue
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
mongodHackedArgs+=("$arg")
|
||||||
|
done
|
||||||
|
}
|
||||||
|
# _mongod_hack_ensure_arg_val '--some-arg' 'some-val' "$@"
|
||||||
|
# set -- "${mongodHackedArgs[@]}"
|
||||||
|
_mongod_hack_ensure_arg_val() {
|
||||||
|
local ensureArg="$1"
|
||||||
|
shift
|
||||||
|
local ensureVal="$1"
|
||||||
|
shift
|
||||||
|
_mongod_hack_ensure_no_arg_val "$ensureArg" "$@"
|
||||||
|
mongodHackedArgs+=("$ensureArg" "$ensureVal")
|
||||||
|
}
|
||||||
|
|
||||||
|
# _js_escape 'some "string" value'
|
||||||
|
_js_escape() {
|
||||||
|
jq --null-input --arg 'str' "$1" '$str'
|
||||||
|
}
|
||||||
|
|
||||||
|
: "${TMPDIR:=/tmp}"
|
||||||
|
jsonConfigFile="$TMPDIR/docker-entrypoint-config.json"
|
||||||
|
tempConfigFile="$TMPDIR/docker-entrypoint-temp-config.json"
|
||||||
|
_parse_config() {
|
||||||
|
if [ -s "$tempConfigFile" ]; then
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
local configPath
|
||||||
|
if configPath="$(_mongod_hack_get_arg_val --config "$@")" && [ -s "$configPath" ]; then
|
||||||
|
# if --config is specified, parse it into a JSON file so we can remove a few problematic keys (especially SSL-related keys)
|
||||||
|
# see https://docs.mongodb.com/manual/reference/configuration-options/
|
||||||
|
if grep -vEm1 '^[[:space:]]*(#|$)' "$configPath" | grep -qE '^[[:space:]]*[^=:]+[[:space:]]*='; then
|
||||||
|
# if the first non-comment/non-blank line of the config file looks like "foo = ...", this is probably the 2.4 and older "ini-style config format"
|
||||||
|
# mongod tries to parse config as yaml and then falls back to ini-style parsing
|
||||||
|
# https://github.com/mongodb/mongo/blob/r6.0.3/src/mongo/util/options_parser/options_parser.cpp#L1883-L1894
|
||||||
|
echo >&2
|
||||||
|
echo >&2 "WARNING: it appears that '$configPath' is in the older INI-style format (replaced by YAML in MongoDB 2.6)"
|
||||||
|
echo >&2 ' This script does not parse the older INI-style format, and thus will ignore it.'
|
||||||
|
echo >&2
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
if [ "$mongoShell" = 'mongo' ]; then
|
||||||
|
"$mongoShell" --norc --nodb --quiet --eval "load('/js-yaml.js'); printjson(jsyaml.load(cat($(_js_escape "$configPath"))))" >"$jsonConfigFile"
|
||||||
|
else
|
||||||
|
# https://www.mongodb.com/docs/manual/reference/method/js-native/#std-label-native-in-mongosh
|
||||||
|
"$mongoShell" --norc --nodb --quiet --eval "load('/js-yaml.js'); JSON.stringify(jsyaml.load(fs.readFileSync($(_js_escape "$configPath"), 'utf8')))" >"$jsonConfigFile"
|
||||||
|
fi
|
||||||
|
if [ "$(head -c1 "$jsonConfigFile")" != '{' ] || [ "$(tail -c2 "$jsonConfigFile")" != '}' ]; then
|
||||||
|
# if the file doesn't start with "{" and end with "}", it's *probably* an error ("uncaught exception: YAMLException: foo" for example), so we should print it out
|
||||||
|
echo >&2 'error: unexpected "js-yaml.js" output while parsing config:'
|
||||||
|
cat >&2 "$jsonConfigFile"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
jq 'del(.systemLog, .processManagement, .net, .security, .replication)' "$jsonConfigFile" >"$tempConfigFile"
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
dbPath=
|
||||||
|
_dbPath() {
|
||||||
|
if [ -n "$dbPath" ]; then
|
||||||
|
echo "$dbPath"
|
||||||
|
return
|
||||||
|
fi
|
||||||
|
|
||||||
|
if ! dbPath="$(_mongod_hack_get_arg_val --dbpath "$@")"; then
|
||||||
|
if _parse_config "$@"; then
|
||||||
|
dbPath="$(jq -r '.storage.dbPath // empty' "$jsonConfigFile")"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -z "$dbPath" ]; then
|
||||||
|
if _mongod_hack_have_arg --configsvr "$@" || {
|
||||||
|
_parse_config "$@" &&
|
||||||
|
clusterRole="$(jq -r '.sharding.clusterRole // empty' "$jsonConfigFile")" &&
|
||||||
|
[ "$clusterRole" = 'configsvr' ]
|
||||||
|
}; then
|
||||||
|
# if running as config server, then the default dbpath is /data/configdb
|
||||||
|
# https://docs.mongodb.com/manual/reference/program/mongod/#cmdoption-mongod-configsvr
|
||||||
|
dbPath=/data/configdb
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
: "${dbPath:=/data/db}"
|
||||||
|
|
||||||
|
echo "$dbPath"
|
||||||
|
}
|
||||||
|
|
||||||
|
if [ "$originalArgOne" = 'mongod' ]; then
|
||||||
|
file_env 'MONGO_INITDB_ROOT_USERNAME'
|
||||||
|
file_env 'MONGO_INITDB_ROOT_PASSWORD'
|
||||||
|
|
||||||
|
mongoShell='mongo'
|
||||||
|
if ! command -v "$mongoShell" >/dev/null; then
|
||||||
|
mongoShell='mongosh'
|
||||||
|
fi
|
||||||
|
|
||||||
|
# pre-check a few factors to see if it's even worth bothering with initdb
|
||||||
|
shouldPerformInitdb=
|
||||||
|
if [ "$MONGO_INITDB_ROOT_USERNAME" ] && [ "$MONGO_INITDB_ROOT_PASSWORD" ]; then
|
||||||
|
# if we have a username/password, let's set "--auth"
|
||||||
|
_mongod_hack_ensure_arg '--auth' "$@"
|
||||||
|
set -- "${mongodHackedArgs[@]}"
|
||||||
|
shouldPerformInitdb='true'
|
||||||
|
elif [ "$MONGO_INITDB_ROOT_USERNAME" ] || [ "$MONGO_INITDB_ROOT_PASSWORD" ]; then
|
||||||
|
cat >&2 <<-'EOF'
|
||||||
|
|
||||||
|
error: missing 'MONGO_INITDB_ROOT_USERNAME' or 'MONGO_INITDB_ROOT_PASSWORD'
|
||||||
|
both must be specified for a user to be created
|
||||||
|
|
||||||
|
EOF
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -z "$shouldPerformInitdb" ]; then
|
||||||
|
# if we've got any /docker-entrypoint-initdb.d/* files to parse later, we should initdb
|
||||||
|
for f in /docker-entrypoint-initdb.d/*; do
|
||||||
|
case "$f" in
|
||||||
|
*.sh | *.js) # this should match the set of files we check for below
|
||||||
|
shouldPerformInitdb="$f"
|
||||||
|
break
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
|
||||||
|
# check for a few known paths (to determine whether we've already initialized and should thus skip our initdb scripts)
|
||||||
|
if [ -n "$shouldPerformInitdb" ]; then
|
||||||
|
dbPath="$(_dbPath "$@")"
|
||||||
|
for path in \
|
||||||
|
"$dbPath/WiredTiger" \
|
||||||
|
"$dbPath/journal" \
|
||||||
|
"$dbPath/local.0" \
|
||||||
|
"$dbPath/storage.bson"; do
|
||||||
|
if [ -e "$path" ]; then
|
||||||
|
shouldPerformInitdb=
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -n "$shouldPerformInitdb" ]; then
|
||||||
|
mongodHackedArgs=("$@")
|
||||||
|
if _parse_config "$@"; then
|
||||||
|
_mongod_hack_ensure_arg_val --config "$tempConfigFile" "${mongodHackedArgs[@]}"
|
||||||
|
fi
|
||||||
|
_mongod_hack_ensure_arg_val --bind_ip 127.0.0.1 "${mongodHackedArgs[@]}"
|
||||||
|
_mongod_hack_ensure_arg_val --port 27017 "${mongodHackedArgs[@]}"
|
||||||
|
_mongod_hack_ensure_no_arg --bind_ip_all "${mongodHackedArgs[@]}"
|
||||||
|
|
||||||
|
# remove "--auth" and "--replSet" for our initial startup (see https://docs.mongodb.com/manual/tutorial/enable-authentication/#start-mongodb-without-access-control)
|
||||||
|
# https://github.com/docker-library/mongo/issues/211
|
||||||
|
_mongod_hack_ensure_no_arg --auth "${mongodHackedArgs[@]}"
|
||||||
|
# "keyFile implies security.authorization"
|
||||||
|
# https://docs.mongodb.com/manual/reference/configuration-options/#mongodb-setting-security.keyFile
|
||||||
|
_mongod_hack_ensure_no_arg_val --keyFile "${mongodHackedArgs[@]}"
|
||||||
|
if [ "$MONGO_INITDB_ROOT_USERNAME" ] && [ "$MONGO_INITDB_ROOT_PASSWORD" ]; then
|
||||||
|
_mongod_hack_ensure_no_arg_val --replSet "${mongodHackedArgs[@]}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# "BadValue: need sslPEMKeyFile when SSL is enabled" vs "BadValue: need to enable SSL via the sslMode flag when using SSL configuration parameters"
|
||||||
|
tlsMode='disabled'
|
||||||
|
if _mongod_hack_have_arg '--tlsCertificateKeyFile' "$@"; then
|
||||||
|
tlsMode='allowTLS'
|
||||||
|
fi
|
||||||
|
_mongod_hack_ensure_arg_val --tlsMode "$tlsMode" "${mongodHackedArgs[@]}"
|
||||||
|
|
||||||
|
if stat "/proc/$$/fd/1" >/dev/null && [ -w "/proc/$$/fd/1" ]; then
|
||||||
|
# https://github.com/mongodb/mongo/blob/38c0eb538d0fd390c6cb9ce9ae9894153f6e8ef5/src/mongo/db/initialize_server_global_state.cpp#L237-L251
|
||||||
|
# https://github.com/docker-library/mongo/issues/164#issuecomment-293965668
|
||||||
|
_mongod_hack_ensure_arg_val --logpath "/proc/$$/fd/1" "${mongodHackedArgs[@]}"
|
||||||
|
else
|
||||||
|
initdbLogPath="$(_dbPath "$@")/docker-initdb.log"
|
||||||
|
echo >&2 "warning: initdb logs cannot write to '/proc/$$/fd/1', so they are in '$initdbLogPath' instead"
|
||||||
|
_mongod_hack_ensure_arg_val --logpath "$initdbLogPath" "${mongodHackedArgs[@]}"
|
||||||
|
fi
|
||||||
|
_mongod_hack_ensure_arg --logappend "${mongodHackedArgs[@]}"
|
||||||
|
|
||||||
|
pidfile="$TMPDIR/docker-entrypoint-temp-mongod.pid"
|
||||||
|
rm -f "$pidfile"
|
||||||
|
_mongod_hack_ensure_arg_val --pidfilepath "$pidfile" "${mongodHackedArgs[@]}"
|
||||||
|
|
||||||
|
"${mongodHackedArgs[@]}" --fork
|
||||||
|
|
||||||
|
mongo=("$mongoShell" --host 127.0.0.1 --port 27017 --quiet)
|
||||||
|
|
||||||
|
# check to see that our "mongod" actually did start up (catches "--help", "--version", MongoDB 3.2 being silly, slow prealloc, etc)
|
||||||
|
# https://jira.mongodb.org/browse/SERVER-16292
|
||||||
|
tries=30
|
||||||
|
while true; do
|
||||||
|
if ! { [ -s "$pidfile" ] && ps "$(<"$pidfile")" &>/dev/null; }; then
|
||||||
|
# bail ASAP if "mongod" isn't even running
|
||||||
|
echo >&2
|
||||||
|
echo >&2 "error: $originalArgOne does not appear to have stayed running -- perhaps it had an error?"
|
||||||
|
echo >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
if "${mongo[@]}" 'admin' --eval 'quit(0)' &>/dev/null; then
|
||||||
|
# success!
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
((tries--))
|
||||||
|
if [ "$tries" -le 0 ]; then
|
||||||
|
echo >&2
|
||||||
|
echo >&2 "error: $originalArgOne does not appear to have accepted connections quickly enough -- perhaps it had an error?"
|
||||||
|
echo >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
sleep 1
|
||||||
|
done
|
||||||
|
|
||||||
|
if [ "$MONGO_INITDB_ROOT_USERNAME" ] && [ "$MONGO_INITDB_ROOT_PASSWORD" ]; then
|
||||||
|
rootAuthDatabase='admin'
|
||||||
|
|
||||||
|
"${mongo[@]}" "$rootAuthDatabase" <<-EOJS
|
||||||
|
db.createUser({
|
||||||
|
user: $(_js_escape "$MONGO_INITDB_ROOT_USERNAME"),
|
||||||
|
pwd: $(_js_escape "$MONGO_INITDB_ROOT_PASSWORD"),
|
||||||
|
roles: [ { role: 'root', db: $(_js_escape "$rootAuthDatabase") } ]
|
||||||
|
})
|
||||||
|
EOJS
|
||||||
|
fi
|
||||||
|
|
||||||
|
export MONGO_INITDB_DATABASE="${MONGO_INITDB_DATABASE:-test}"
|
||||||
|
|
||||||
|
echo
|
||||||
|
for f in /docker-entrypoint-initdb.d/*; do
|
||||||
|
case "$f" in
|
||||||
|
*.sh)
|
||||||
|
echo "$0: running $f"
|
||||||
|
. "$f"
|
||||||
|
;;
|
||||||
|
*.js)
|
||||||
|
echo "$0: running $f"
|
||||||
|
"${mongo[@]}" "$MONGO_INITDB_DATABASE" "$f"
|
||||||
|
echo
|
||||||
|
;;
|
||||||
|
*) echo "$0: ignoring $f" ;;
|
||||||
|
esac
|
||||||
|
echo
|
||||||
|
done
|
||||||
|
|
||||||
|
"${mongodHackedArgs[@]}" --shutdown
|
||||||
|
rm -f "$pidfile"
|
||||||
|
|
||||||
|
echo
|
||||||
|
echo 'MongoDB init process complete; ready for start up.'
|
||||||
|
echo
|
||||||
|
fi
|
||||||
|
|
||||||
|
# MongoDB 3.6+ defaults to localhost-only binding
|
||||||
|
haveBindIp=
|
||||||
|
if _mongod_hack_have_arg --bind_ip "$@" || _mongod_hack_have_arg --bind_ip_all "$@"; then
|
||||||
|
haveBindIp=1
|
||||||
|
elif _parse_config "$@" && jq --exit-status '.net.bindIp // .net.bindIpAll' "$jsonConfigFile" >/dev/null; then
|
||||||
|
haveBindIp=1
|
||||||
|
fi
|
||||||
|
if [ -z "$haveBindIp" ]; then
|
||||||
|
# so if no "--bind_ip" is specified, let's add "--bind_ip_all"
|
||||||
|
set -- "$@" --bind_ip_all
|
||||||
|
fi
|
||||||
|
|
||||||
|
unset "${!MONGO_INITDB_@}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
rm -f "$jsonConfigFile" "$tempConfigFile"
|
||||||
|
|
||||||
|
exec "$@"
|
372
db/postgresql.sh
Normal file
@ -0,0 +1,372 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
set -Eeo pipefail
|
||||||
|
# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
|
||||||
|
PGDATA="$DATABASE_DIR_PGSQL"
|
||||||
|
POSTGRES_USER="$DATABASE_USER_ROOT"
|
||||||
|
POSTGRES_PASSWORD="$DATABASE_PASS_ROOT"
|
||||||
|
# usage: file_env VAR [DEFAULT]
|
||||||
|
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
|
||||||
|
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
|
||||||
|
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
|
||||||
|
file_env() {
|
||||||
|
local var="$1"
|
||||||
|
local fileVar="${var}_FILE"
|
||||||
|
local def="${2:-}"
|
||||||
|
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
|
||||||
|
printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
local val="$def"
|
||||||
|
if [ "${!var:-}" ]; then
|
||||||
|
val="${!var}"
|
||||||
|
elif [ "${!fileVar:-}" ]; then
|
||||||
|
val="$(<"${!fileVar}")"
|
||||||
|
fi
|
||||||
|
export "$var"="$val"
|
||||||
|
unset "$fileVar"
|
||||||
|
}
|
||||||
|
|
||||||
|
# check to see if this file is being run or sourced from another script
|
||||||
|
_is_sourced() {
|
||||||
|
# https://unix.stackexchange.com/a/215279
|
||||||
|
[ "${#FUNCNAME[@]}" -ge 2 ] &&
|
||||||
|
[ "${FUNCNAME[0]}" = '_is_sourced' ] &&
|
||||||
|
[ "${FUNCNAME[1]}" = 'source' ]
|
||||||
|
}
|
||||||
|
|
||||||
|
# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
|
||||||
|
docker_create_db_directories() {
|
||||||
|
local user
|
||||||
|
user="$(id -u)"
|
||||||
|
|
||||||
|
mkdir -p "$PGDATA"
|
||||||
|
# ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
|
||||||
|
chmod 700 "$PGDATA" || :
|
||||||
|
|
||||||
|
# ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
|
||||||
|
mkdir -p /var/run/postgresql || :
|
||||||
|
chmod 775 /var/run/postgresql || :
|
||||||
|
|
||||||
|
# Create the transaction log directory before initdb is run so the directory is owned by the correct user
|
||||||
|
if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
|
||||||
|
mkdir -p "$POSTGRES_INITDB_WALDIR"
|
||||||
|
if [ "$user" = '0' ]; then
|
||||||
|
find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
|
||||||
|
fi
|
||||||
|
chmod 700 "$POSTGRES_INITDB_WALDIR"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# allow the container to be started with `--user`
|
||||||
|
if [ "$user" = '0' ]; then
|
||||||
|
find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
|
||||||
|
find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# initialize empty PGDATA directory with new database via 'initdb'
|
||||||
|
# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
|
||||||
|
# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
|
||||||
|
# this is also where the database user is created, specified by `POSTGRES_USER` env
|
||||||
|
docker_init_database_dir() {
|
||||||
|
# "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
|
||||||
|
# see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
|
||||||
|
local uid
|
||||||
|
uid="$(id -u)"
|
||||||
|
if ! getent passwd "$uid" &>/dev/null; then
|
||||||
|
# see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
|
||||||
|
local wrapper
|
||||||
|
for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
|
||||||
|
if [ -s "$wrapper" ]; then
|
||||||
|
NSS_WRAPPER_PASSWD="$(mktemp)"
|
||||||
|
NSS_WRAPPER_GROUP="$(mktemp)"
|
||||||
|
export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
|
||||||
|
local gid
|
||||||
|
gid="$(id -g)"
|
||||||
|
printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" >"$NSS_WRAPPER_PASSWD"
|
||||||
|
printf 'postgres:x:%s:\n' "$gid" >"$NSS_WRAPPER_GROUP"
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
|
||||||
|
set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
|
||||||
|
eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
|
||||||
|
|
||||||
|
# unset/cleanup "nss_wrapper" bits
|
||||||
|
if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
|
||||||
|
rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
|
||||||
|
unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# print large warning if POSTGRES_PASSWORD is long
|
||||||
|
# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
|
||||||
|
# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
|
||||||
|
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
|
||||||
|
docker_verify_minimum_env() {
|
||||||
|
# check password first so we can output the warning before postgres
|
||||||
|
# messes it up
|
||||||
|
if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
|
||||||
|
cat >&2 <<-'EOWARN'
|
||||||
|
|
||||||
|
WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
|
||||||
|
|
||||||
|
This will not work if used via PGPASSWORD with "psql".
|
||||||
|
|
||||||
|
https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
|
||||||
|
https://github.com/docker-library/postgres/issues/507
|
||||||
|
|
||||||
|
EOWARN
|
||||||
|
fi
|
||||||
|
if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
|
||||||
|
# The - option suppresses leading tabs but *not* spaces. :)
|
||||||
|
cat >&2 <<-'EOE'
|
||||||
|
Error: Database is uninitialized and superuser password is not specified.
|
||||||
|
You must specify POSTGRES_PASSWORD to a non-empty value for the
|
||||||
|
superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
|
||||||
|
|
||||||
|
You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
|
||||||
|
connections without a password. This is *not* recommended.
|
||||||
|
|
||||||
|
See PostgreSQL documentation about "trust":
|
||||||
|
https://www.postgresql.org/docs/current/auth-trust.html
|
||||||
|
EOE
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
|
||||||
|
cat >&2 <<-'EOWARN'
|
||||||
|
********************************************************************************
|
||||||
|
WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
|
||||||
|
anyone with access to the Postgres port to access your database without
|
||||||
|
a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
|
||||||
|
documentation about "trust":
|
||||||
|
https://www.postgresql.org/docs/current/auth-trust.html
|
||||||
|
In Docker's default configuration, this is effectively any other
|
||||||
|
container on the same system.
|
||||||
|
|
||||||
|
It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
|
||||||
|
it with "-e POSTGRES_PASSWORD=password" instead to set a password in
|
||||||
|
"docker run".
|
||||||
|
********************************************************************************
|
||||||
|
EOWARN
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# usage: docker_process_init_files [file [file [...]]]
|
||||||
|
# ie: docker_process_init_files /always-initdb.d/*
|
||||||
|
# process initializer files, based on file extensions and permissions
|
||||||
|
docker_process_init_files() {
|
||||||
|
# psql here for backwards compatibility "${psql[@]}"
|
||||||
|
psql=(docker_process_sql)
|
||||||
|
|
||||||
|
printf '\n'
|
||||||
|
local f
|
||||||
|
for f; do
|
||||||
|
case "$f" in
|
||||||
|
*.sh)
|
||||||
|
# https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
|
||||||
|
# https://github.com/docker-library/postgres/pull/452
|
||||||
|
if [ -x "$f" ]; then
|
||||||
|
printf '%s: running %s\n' "$0" "$f"
|
||||||
|
"$f"
|
||||||
|
else
|
||||||
|
printf '%s: sourcing %s\n' "$0" "$f"
|
||||||
|
. "$f"
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
*.sql)
|
||||||
|
printf '%s: running %s\n' "$0" "$f"
|
||||||
|
docker_process_sql -f "$f"
|
||||||
|
printf '\n'
|
||||||
|
;;
|
||||||
|
*.sql.gz)
|
||||||
|
printf '%s: running %s\n' "$0" "$f"
|
||||||
|
gunzip -c "$f" | docker_process_sql
|
||||||
|
printf '\n'
|
||||||
|
;;
|
||||||
|
*.sql.xz)
|
||||||
|
printf '%s: running %s\n' "$0" "$f"
|
||||||
|
xzcat "$f" | docker_process_sql
|
||||||
|
printf '\n'
|
||||||
|
;;
|
||||||
|
*.sql.zst)
|
||||||
|
printf '%s: running %s\n' "$0" "$f"
|
||||||
|
zstd -dc "$f" | docker_process_sql
|
||||||
|
printf '\n'
|
||||||
|
;;
|
||||||
|
*) printf '%s: ignoring %s\n' "$0" "$f" ;;
|
||||||
|
esac
|
||||||
|
printf '\n'
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
|
# Execute sql script, passed via stdin (or -f flag of pqsl)
|
||||||
|
# usage: docker_process_sql [psql-cli-args]
|
||||||
|
# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
|
||||||
|
# ie: docker_process_sql -f my-file.sql
|
||||||
|
# ie: docker_process_sql <my-file.sql
|
||||||
|
docker_process_sql() {
|
||||||
|
local query_runner=(psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc)
|
||||||
|
if [ -n "$POSTGRES_DB" ]; then
|
||||||
|
query_runner+=(--dbname "$POSTGRES_DB")
|
||||||
|
fi
|
||||||
|
|
||||||
|
PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
|
||||||
|
}
|
||||||
|
|
||||||
|
# create initial database
|
||||||
|
# uses environment variables for input: POSTGRES_DB
|
||||||
|
docker_setup_db() {
|
||||||
|
local dbAlreadyExists
|
||||||
|
dbAlreadyExists="$(
|
||||||
|
POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
|
||||||
|
SELECT 1 FROM pg_database WHERE datname = :'db' ;
|
||||||
|
EOSQL
|
||||||
|
)"
|
||||||
|
if [ -z "$dbAlreadyExists" ]; then
|
||||||
|
POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
|
||||||
|
CREATE DATABASE :"db" ;
|
||||||
|
EOSQL
|
||||||
|
printf '\n'
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# Loads various settings that are used elsewhere in the script
|
||||||
|
# This should be called before any other functions
|
||||||
|
docker_setup_env() {
|
||||||
|
file_env 'POSTGRES_PASSWORD'
|
||||||
|
|
||||||
|
file_env 'POSTGRES_USER' 'postgres'
|
||||||
|
file_env 'POSTGRES_DB' "$POSTGRES_USER"
|
||||||
|
file_env 'POSTGRES_INITDB_ARGS'
|
||||||
|
: "${POSTGRES_HOST_AUTH_METHOD:=}"
|
||||||
|
|
||||||
|
declare -g DATABASE_ALREADY_EXISTS
|
||||||
|
# look specifically for PG_VERSION, as it is expected in the DB dir
|
||||||
|
if [ -s "$PGDATA/PG_VERSION" ]; then
|
||||||
|
DATABASE_ALREADY_EXISTS='true'
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
|
||||||
|
# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
|
||||||
|
pg_setup_hba_conf() {
|
||||||
|
# default authentication method is md5 on versions before 14
|
||||||
|
# https://www.postgresql.org/about/news/postgresql-14-released-2318/
|
||||||
|
if [ "$1" = 'postgres' ]; then
|
||||||
|
shift
|
||||||
|
fi
|
||||||
|
local auth
|
||||||
|
# check the default/configured encryption and use that as the auth method
|
||||||
|
auth="$(postgres -C password_encryption "$@")"
|
||||||
|
: "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
|
||||||
|
{
|
||||||
|
printf '\n'
|
||||||
|
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
|
||||||
|
printf '# warning trust is enabled for all connections\n'
|
||||||
|
printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
|
||||||
|
fi
|
||||||
|
printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
|
||||||
|
} >>"$PGDATA/pg_hba.conf"
|
||||||
|
}
|
||||||
|
|
||||||
|
# start socket-only postgresql server for setting up or running scripts
|
||||||
|
# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
|
||||||
|
docker_temp_server_start() {
|
||||||
|
if [ "$1" = 'postgres' ]; then
|
||||||
|
shift
|
||||||
|
fi
|
||||||
|
|
||||||
|
# internal start of server in order to allow setup using psql client
|
||||||
|
# does not listen on external TCP/IP and waits until start finishes
|
||||||
|
set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
|
||||||
|
|
||||||
|
PGUSER="${PGUSER:-$POSTGRES_USER}" \
|
||||||
|
pg_ctl -D "$PGDATA" \
|
||||||
|
-o "$(printf '%q ' "$@")" \
|
||||||
|
-w start
|
||||||
|
}
|
||||||
|
|
||||||
|
# stop postgresql server after done setting up user and running scripts
|
||||||
|
docker_temp_server_stop() {
|
||||||
|
PGUSER="${PGUSER:-postgres}" \
|
||||||
|
pg_ctl -D "$PGDATA" -m fast -w stop
|
||||||
|
}
|
||||||
|
|
||||||
|
# check arguments for an option that would cause postgres to stop
|
||||||
|
# return true if there is one
|
||||||
|
_pg_want_help() {
|
||||||
|
local arg
|
||||||
|
for arg; do
|
||||||
|
case "$arg" in
|
||||||
|
# postgres --help | grep 'then exit'
|
||||||
|
# leaving out -C on purpose since it always fails and is unhelpful:
|
||||||
|
# postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
|
||||||
|
-'?' | --help | --describe-config | -V | --version)
|
||||||
|
return 0
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
|
_main() {
|
||||||
|
# if first arg looks like a flag, assume we want to run postgres server
|
||||||
|
if [ "${1:0:1}" = '-' ]; then
|
||||||
|
set -- postgres "$@"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
|
||||||
|
docker_setup_env
|
||||||
|
# setup data directories and permissions (when run as root)
|
||||||
|
docker_create_db_directories
|
||||||
|
if [ "$(id -u)" = '0' ]; then
|
||||||
|
# then restart script as postgres user
|
||||||
|
exec su-exec postgres "$BASH_SOURCE" "$@"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# only run initialization on an empty data directory
|
||||||
|
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
|
||||||
|
docker_verify_minimum_env
|
||||||
|
|
||||||
|
# check dir permissions to reduce likelihood of half-initialized database
|
||||||
|
ls /docker-entrypoint-initdb.d/ >/dev/null
|
||||||
|
|
||||||
|
docker_init_database_dir
|
||||||
|
pg_setup_hba_conf "$@"
|
||||||
|
|
||||||
|
# PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
|
||||||
|
# e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
|
||||||
|
export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
|
||||||
|
docker_temp_server_start "$@"
|
||||||
|
|
||||||
|
docker_setup_db
|
||||||
|
docker_process_init_files /docker-entrypoint-initdb.d/*
|
||||||
|
|
||||||
|
docker_temp_server_stop
|
||||||
|
unset PGPASSWORD
|
||||||
|
|
||||||
|
cat <<-'EOM'
|
||||||
|
|
||||||
|
PostgreSQL init process complete; ready for start up.
|
||||||
|
|
||||||
|
EOM
|
||||||
|
else
|
||||||
|
cat <<-'EOM'
|
||||||
|
|
||||||
|
PostgreSQL Database directory appears to contain a database; Skipping initialization
|
||||||
|
|
||||||
|
EOM
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
exec "$@"
|
||||||
|
}
|
||||||
|
|
||||||
|
if ! _is_sourced; then
|
||||||
|
_main "$@"
|
||||||
|
fi
|
180
dockerfile/nginx
Normal file
@ -0,0 +1,180 @@
|
|||||||
|
# Docker image for dockerfile using the alpine template
|
||||||
|
ARG LICENSE="MIT"
|
||||||
|
ARG IMAGE_NAME="dockerfile"
|
||||||
|
ARG PHP_SERVER="dockerfile"
|
||||||
|
ARG BUILD_DATE="Fri Mar 10 03:23:26 PM EST 2023"
|
||||||
|
ARG LANGUAGE="en_US.UTF-8"
|
||||||
|
ARG TIMEZONE="America/New_York"
|
||||||
|
ARG WWW_ROOT_DIR="/data/htdocs"
|
||||||
|
ARG DEFAULT_FILE_DIR="/usr/local/share/template-files"
|
||||||
|
ARG DEFAULT_DATA_DIR="/usr/local/share/template-files/data"
|
||||||
|
ARG DEFAULT_CONF_DIR="/usr/local/share/template-files/config"
|
||||||
|
ARG DEFAULT_TEMPLATE_DIR="/usr/local/share/template-files/defaults"
|
||||||
|
|
||||||
|
ARG IMAGE_REPO="alpine"
|
||||||
|
ARG IMAGE_VERSION="latest"
|
||||||
|
ARG CONTAINER_VERSION="${IMAGE_VERSION}"
|
||||||
|
|
||||||
|
ARG SERVICE_PORT=""
|
||||||
|
ARG EXPOSE_PORTS=""
|
||||||
|
ARG PHP_VERSION="system"
|
||||||
|
ARG NODE_VERSION="system"
|
||||||
|
ARG NODE_MANAGER="system"
|
||||||
|
|
||||||
|
ARG USER="root"
|
||||||
|
ARG DISTRO_VERSION="${IMAGE_VERSION}"
|
||||||
|
ARG BUILD_VERSION="${DISTRO_VERSION}"
|
||||||
|
|
||||||
|
FROM tianon/gosu:latest AS gosu
|
||||||
|
FROM ${IMAGE_REPO}:${IMAGE_VERSION} AS build
|
||||||
|
ARG USER
|
||||||
|
ARG LICENSE
|
||||||
|
ARG TIMEZONE
|
||||||
|
ARG LANGUAGE
|
||||||
|
ARG IMAGE_NAME
|
||||||
|
ARG PHP_SERVER
|
||||||
|
ARG BUILD_DATE
|
||||||
|
ARG SERVICE_PORT
|
||||||
|
ARG EXPOSE_PORTS
|
||||||
|
ARG NODE_VERSION
|
||||||
|
ARG NODE_MANAGER
|
||||||
|
ARG BUILD_VERSION
|
||||||
|
ARG WWW_ROOT_DIR
|
||||||
|
ARG DEFAULT_FILE_DIR
|
||||||
|
ARG DEFAULT_DATA_DIR
|
||||||
|
ARG DEFAULT_CONF_DIR
|
||||||
|
ARG DEFAULT_TEMPLATE_DIR
|
||||||
|
ARG DISTRO_VERSION
|
||||||
|
ARG PHP_VERSION
|
||||||
|
|
||||||
|
ARG PACK_LIST="bash bash-completion git curl wget sudo iproute2 ssmtp openssl jq ca-certificates tzdata mailcap ncurses util-linux pciutils usbutils coreutils binutils findutils grep rsync zip certbot tini \
|
||||||
|
nginx nginx-mod-http-brotli nginx-mod-http-cache-purge nginx-mod-http-dav-ext nginx-mod-http-echo \
|
||||||
|
nginx-mod-http-encrypted-session nginx-mod-http-fancyindex nginx-mod-http-geoip nginx-mod-http-geoip2 \
|
||||||
|
nginx-mod-http-headers-more nginx-mod-http-image-filter nginx-mod-http-js nginx-mod-http-lua nginx-mod-http-perl \
|
||||||
|
nginx-mod-http-redis2 nginx-mod-http-set-misc nginx-mod-http-shibboleth nginx-mod-http-untar nginx-mod-http-upload \
|
||||||
|
nginx-mod-http-upload-progress nginx-mod-http-upstream-fair nginx-mod-http-xslt-filter nginx-mod-http-zip "
|
||||||
|
|
||||||
|
ENV ENV=~/.bashrc
|
||||||
|
ENV SHELL="/bin/sh"
|
||||||
|
ENV TZ="${TIMEZONE}"
|
||||||
|
ENV TIMEZONE="${TZ}"
|
||||||
|
ENV container="docker"
|
||||||
|
ENV LANG="${LANGUAGE}"
|
||||||
|
ENV TERM="xterm-256color"
|
||||||
|
ENV HOSTNAME="casjaysdev-dockerfile"
|
||||||
|
|
||||||
|
USER ${USER}
|
||||||
|
WORKDIR /root
|
||||||
|
|
||||||
|
COPY --from=gosu /usr/local/bin/gosu /usr/local/bin/gosu
|
||||||
|
COPY ./rootfs/. /
|
||||||
|
|
||||||
|
RUN set -ex; \
|
||||||
|
rm -Rf "/etc/apk/repositories"; \
|
||||||
|
[ "$DISTRO_VERSION" = "latest" ] && DISTRO_VERSION="edge"; \
|
||||||
|
[ "$DISTRO_VERSION" = "edge" ] || DISTRO_VERSION="v${DISTRO_VERSION}" ; \
|
||||||
|
mkdir -p "${DEFAULT_DATA_DIR}" "${DEFAULT_CONF_DIR}" "${DEFAULT_TEMPLATE_DIR}"; \
|
||||||
|
echo "http://dl-cdn.alpinelinux.org/alpine/${DISTRO_VERSION}/main" >>"/etc/apk/repositories"; \
|
||||||
|
echo "http://dl-cdn.alpinelinux.org/alpine/${DISTRO_VERSION}/community" >>"/etc/apk/repositories"; \
|
||||||
|
if [ "${DISTRO_VERSION}" = "edge" ]; then echo "http://dl-cdn.alpinelinux.org/alpine/${DISTRO_VERSION}/testing" >>"/etc/apk/repositories" ; fi ; \
|
||||||
|
apk update --update-cache && apk add --no-cache ${PACK_LIST}
|
||||||
|
|
||||||
|
RUN echo "$TIMEZONE" >"/etc/timezone" ; \
|
||||||
|
echo 'hosts: files dns' >"/etc/nsswitch.conf" ; \
|
||||||
|
[ -f "/usr/share/zoneinfo/${TZ}" ] && ln -sf "/usr/share/zoneinfo/${TZ}" "/etc/localtime" ; \
|
||||||
|
PHP_FPM="$(ls /usr/*bin/php*fpm* 2>/dev/null)" ; \
|
||||||
|
[ -n "$PHP_FPM" ] && [ -z "$(type -P php-fpm)" ] && ln -sf "$PHP_FPM" "/usr/bin/php-fpm" ; \
|
||||||
|
if [ -f "/etc/profile.d/color_prompt.sh.disabled" ]; then mv -f "/etc/profile.d/color_prompt.sh.disabled" "/etc/profile.d/color_prompt.sh"; fi
|
||||||
|
|
||||||
|
RUN touch "/etc/profile" "/root/.profile" ; \
|
||||||
|
[ -f "/etc/bash/bashrc" ] && cp -Rf "/etc/bash/bashrc" "/root/.bashrc" || [ -f "/etc/bashrc" ] && cp -Rf "/etc/bashrc" "/root/.bashrc" ; \
|
||||||
|
sed -i 's|root:x:.*|root:x:0:0:root:/root:/bin/bash|g' "/etc/passwd" ; \
|
||||||
|
grep -s -q 'alias quit' "/root/.bashrc" || printf '# Profile\n\n%s\n%s\n%s\n' '. /etc/profile' '. /root/.profile' "alias quit='exit 0 2>/dev/null'" >>"/root/.bashrc" ; \
|
||||||
|
[ -f "/usr/local/etc/docker/env/default.sample" ] && [ -d "/etc/profile.d" ] && \
|
||||||
|
cp -Rf "/usr/local/etc/docker/env/default.sample" "/etc/profile.d/container.env.sh" && chmod 755 "/etc/profile.d/container.env.sh" ; \
|
||||||
|
BASH_CMD="$(type -P bash)" ; [ -f "$BASH_CMD" ] && rm -rf "/bin/sh" && ln -sf "$BASH_CMD" "/bin/sh"
|
||||||
|
|
||||||
|
RUN set -ex ; \
|
||||||
|
echo
|
||||||
|
|
||||||
|
RUN echo 'Running cleanup' ; \
|
||||||
|
[ -d "/etc/nginx/http.d" ] && mv -f "/etc/nginx/http.d" "/etc/nginx/vhosts.d" ;
|
||||||
|
|
||||||
|
|
||||||
|
RUN rm -Rf "/config" "/data" ; \
|
||||||
|
rm -rf /etc/systemd/system/*.wants/* ; \
|
||||||
|
rm -rf /lib/systemd/system/systemd-update-utmp* ; \
|
||||||
|
rm -rf /lib/systemd/system/anaconda.target.wants/*; \
|
||||||
|
rm -rf /lib/systemd/system/local-fs.target.wants/* ; \
|
||||||
|
rm -rf /lib/systemd/system/multi-user.target.wants/* ; \
|
||||||
|
rm -rf /lib/systemd/system/sockets.target.wants/*udev* ; \
|
||||||
|
rm -rf /lib/systemd/system/sockets.target.wants/*initctl* ; \
|
||||||
|
rm -Rf /usr/share/doc/* /usr/share/info/* /tmp/* /var/tmp/* /var/cache/*/* ; \
|
||||||
|
if [ -d "/lib/systemd/system/sysinit.target.wants" ]; then cd "/lib/systemd/system/sysinit.target.wants" && rm -f $(ls | grep -v systemd-tmpfiles-setup) ; fi
|
||||||
|
|
||||||
|
RUN echo "Init done"
|
||||||
|
|
||||||
|
FROM scratch
|
||||||
|
ARG USER
|
||||||
|
ARG LICENSE
|
||||||
|
ARG LANGUAGE
|
||||||
|
ARG TIMEZONE
|
||||||
|
ARG IMAGE_NAME
|
||||||
|
ARG PHP_SERVER
|
||||||
|
ARG BUILD_DATE
|
||||||
|
ARG SERVICE_PORT
|
||||||
|
ARG EXPOSE_PORTS
|
||||||
|
ARG NODE_VERSION
|
||||||
|
ARG NODE_MANAGER
|
||||||
|
ARG BUILD_VERSION
|
||||||
|
ARG DEFAULT_DATA_DIR
|
||||||
|
ARG DEFAULT_CONF_DIR
|
||||||
|
ARG DEFAULT_TEMPLATE_DIR
|
||||||
|
ARG DISTRO_VERSION
|
||||||
|
ARG PHP_VERSION
|
||||||
|
|
||||||
|
USER ${USER}
|
||||||
|
WORKDIR /root
|
||||||
|
|
||||||
|
LABEL maintainer="CasjaysDev <docker-admin@casjaysdev.com>"
|
||||||
|
LABEL org.opencontainers.image.vendor="CasjaysDev"
|
||||||
|
LABEL org.opencontainers.image.authors="CasjaysDev"
|
||||||
|
LABEL org.opencontainers.image.vcs-type="Git"
|
||||||
|
LABEL org.opencontainers.image.name="${IMAGE_NAME}"
|
||||||
|
LABEL org.opencontainers.image.base.name="${IMAGE_NAME}"
|
||||||
|
LABEL org.opencontainers.image.license="${LICENSE}"
|
||||||
|
LABEL org.opencontainers.image.vcs-ref="${BUILD_VERSION}"
|
||||||
|
LABEL org.opencontainers.image.build-date="${BUILD_DATE}"
|
||||||
|
LABEL org.opencontainers.image.version="${BUILD_VERSION}"
|
||||||
|
LABEL org.opencontainers.image.schema-version="${BUILD_VERSION}"
|
||||||
|
LABEL org.opencontainers.image.url="https://hub.docker.com/r/casjaysdevdocker/${IMAGE_NAME}"
|
||||||
|
LABEL org.opencontainers.image.vcs-url="https://github.com/casjaysdevdocker/${IMAGE_NAME}"
|
||||||
|
LABEL org.opencontainers.image.url.source="https://github.com/casjaysdevdocker/${IMAGE_NAME}"
|
||||||
|
LABEL org.opencontainers.image.documentation="https://hub.docker.com/r/casjaysdevdocker/${IMAGE_NAME}"
|
||||||
|
LABEL org.opencontainers.image.description="Containerized version of ${IMAGE_NAME}"
|
||||||
|
LABEL com.github.containers.toolbox="false"
|
||||||
|
|
||||||
|
ENV ENV=~/.bashrc
|
||||||
|
ENV SHELL="/bin/bash"
|
||||||
|
ENV TZ="${TIMEZONE}"
|
||||||
|
ENV TIMEZONE="${TZ}"
|
||||||
|
ENV container="docker"
|
||||||
|
ENV LANG="${LANGUAGE}"
|
||||||
|
ENV TERM="xterm-256color"
|
||||||
|
ENV PORT="${SERVICE_PORT}"
|
||||||
|
ENV ENV_PORTS="${EXPOSE_PORTS}"
|
||||||
|
ENV PHP_SERVER="${PHP_SERVER}"
|
||||||
|
ENV PHP_VERSION="${PHP_VERSION}"
|
||||||
|
ENV CONTAINER_NAME="${IMAGE_NAME}"
|
||||||
|
ENV HOSTNAME="casjaysdev-${IMAGE_NAME}"
|
||||||
|
ENV USER="${USER}"
|
||||||
|
|
||||||
|
COPY --from=build /. /
|
||||||
|
|
||||||
|
VOLUME [ "/config","/data" ]
|
||||||
|
|
||||||
|
EXPOSE ${EXPOSE_PORTS}
|
||||||
|
|
||||||
|
#CMD [ "" ]
|
||||||
|
ENTRYPOINT [ "tini", "-p", "SIGTERM", "--", "/usr/local/bin/entrypoint.sh" ]
|
||||||
|
HEALTHCHECK --start-period=1m --interval=2m --timeout=3s CMD [ "/usr/local/bin/entrypoint.sh", "healthcheck" ]
|
404
htdocs/cgi-bin/env.cgi
Executable file
@ -0,0 +1,404 @@
|
|||||||
|
#!/usr/bin/env perl
|
||||||
|
##
|
||||||
|
###########################
|
||||||
|
## Server Info CGI v1.08 ##
|
||||||
|
###########################
|
||||||
|
##
|
||||||
|
## ######################################
|
||||||
|
## ## Server Info CGI v1.08 <20> 2000 ##
|
||||||
|
## ## http://www.widexl.com ##
|
||||||
|
## ## Made by Henk Boonstra ##
|
||||||
|
## ######################################
|
||||||
|
##
|
||||||
|
## This script gives information about your (web)server.
|
||||||
|
## Software, Modules, libraries, env, network...
|
||||||
|
##
|
||||||
|
## Install:
|
||||||
|
## Change the path to perl (The first line in this script).
|
||||||
|
## Upload the script in ASCII mode to your cgi-bin directory.
|
||||||
|
## chmod script to 755.
|
||||||
|
## Open the script in a browser.
|
||||||
|
##
|
||||||
|
##############################
|
||||||
|
##############################
|
||||||
|
|
||||||
|
use strict;
|
||||||
|
use warnings FATAL => 'all';
|
||||||
|
no warnings 'redefine'; # to be remove in production
|
||||||
|
use Carp;
|
||||||
|
|
||||||
|
our %info = ();
|
||||||
|
my $output = undef;
|
||||||
|
my $ver = 'v1.8';
|
||||||
|
|
||||||
|
find_prog();
|
||||||
|
|
||||||
|
print "Content-type: text/html\n\n";
|
||||||
|
|
||||||
|
my $header = qq|
|
||||||
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
|
||||||
|
|
||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
<title>Server Info script</title>
|
||||||
|
<meta name="robots" content="noindex,nofollow">
|
||||||
|
|
||||||
|
<style type="text/css"><!--
|
||||||
|
BODY {
|
||||||
|
background-color : #FFFFFF;
|
||||||
|
font-family: verdana, arial, helvetica, sans-serif;
|
||||||
|
color : #484848;
|
||||||
|
font-size : 12px;
|
||||||
|
|
||||||
|
scrollbar-face-color: #FFFFFF;
|
||||||
|
scrollbar-shadow-color: #000000;
|
||||||
|
scrollbar-highlight-color: #484848;
|
||||||
|
scrollbar-3dlight-color: #FFFFFF;
|
||||||
|
scrollbar-darkshadow-color: #000000;
|
||||||
|
scrollbar-track-color: #8E929D;
|
||||||
|
scrollbar-arrow-color: #484848;
|
||||||
|
}
|
||||||
|
|
||||||
|
TD {
|
||||||
|
font-family: verdana, arial, helvetica, sans-serif;
|
||||||
|
color : #484848;
|
||||||
|
font-size : 12px;
|
||||||
|
}
|
||||||
|
|
||||||
|
PRE {
|
||||||
|
color : #484848;
|
||||||
|
margin-bottom: 0px;
|
||||||
|
margin-top: 0px;
|
||||||
|
}
|
||||||
|
|
||||||
|
I {
|
||||||
|
font-family: verdana, arial, helvetica, sans-serif;
|
||||||
|
color : Red;
|
||||||
|
font-size : 12px;
|
||||||
|
}
|
||||||
|
|
||||||
|
STRONG {
|
||||||
|
background-color : transparent;
|
||||||
|
font-family: verdana, arial, helvetica, sans-serif;
|
||||||
|
color : #484848;
|
||||||
|
font-size : 12px;
|
||||||
|
font-weight : bold;
|
||||||
|
}
|
||||||
|
|
||||||
|
--></style>
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
|;
|
||||||
|
|
||||||
|
$output .= "$header\n";
|
||||||
|
$output .= "<table border=\"0\" cellspacing=\"0\" cellpadding=\"32\" align=\"left\" width=\"760\"><tr><td align=\"left\">\n\n";
|
||||||
|
|
||||||
|
if ($^O eq 'MSWin32') {
|
||||||
|
$info{'OS_VERSION'} = `ver`;
|
||||||
|
$info{'HOST_NAME'} = `hostname`;
|
||||||
|
if ($info{'OS_VERSION'}) {$info{'EXEC'} = 'Enabled'}
|
||||||
|
}
|
||||||
|
|
||||||
|
else {
|
||||||
|
$info{'PROC_RELEASE'} = `uname -r`;
|
||||||
|
$info{'MACHINE'} = `uname -m`;
|
||||||
|
$info{'PROCESSOR'} = `uname -p`;
|
||||||
|
$info{'NODE_NAME'} = `uname -n`;
|
||||||
|
$info{'SYS_NAME'} = `uname -s`;
|
||||||
|
$info{'WHOAMI'} = `whoami`;
|
||||||
|
|
||||||
|
my $ex = `which perl`;
|
||||||
|
$info{'TAR'} = `which tar` || $info{'TAR'};
|
||||||
|
$info{'GZIP'} = `which gzip` || $info{'GZIP'};
|
||||||
|
$info{'COMPRESS'} = `which compress` || $info{'COMPRESS'};
|
||||||
|
$info{'WHOIS'} = `which whois` || $info{'WHOIS'};
|
||||||
|
$info{'CONVERT'} = `which convert` || $info{'CONVERT'};
|
||||||
|
$info{'MAIL_PROGRAM'} = `which sendmail` || $info{'MAIL_PROGRAM'};
|
||||||
|
$info{'MAIL_PROGRAM'} = "Found no mail program" if (!$info{'MAIL_PROGRAM'});
|
||||||
|
|
||||||
|
$info{'UPTIME'} = `uptime`;
|
||||||
|
$info{'QUOTA'} = `quota`;
|
||||||
|
$info{'QUOTA'} =~ s/\n/<br>/isg if ($info{'QUOTA'});
|
||||||
|
|
||||||
|
if ($ex) {$info{'EXEC'} = 'Enabled'}
|
||||||
|
}
|
||||||
|
|
||||||
|
$info{'OS'} = $^O;
|
||||||
|
$info{'SERVER_NAME'} = $ENV{'SERVER_NAME'};
|
||||||
|
$info{'SERVER_ADDR'} = $ENV{'SERVER_ADDR'};
|
||||||
|
|
||||||
|
$info{'PERL_EXE'} = $^X;
|
||||||
|
$info{'PERL_VER'} = $];
|
||||||
|
$info{'PERL_LIB'} = "@INC";
|
||||||
|
|
||||||
|
$info{'HTTP_HOST'} = $ENV{'HTTP_HOST'};
|
||||||
|
$info{'APACHE_LIB'} = $info{'APACHE_LIB'};
|
||||||
|
$info{'DOCU_ROOT'} = $ENV{'DOCUMENT_ROOT'};
|
||||||
|
$info{'SERVER_ADMIN'} = $ENV{'SERVER_ADMIN'};
|
||||||
|
$info{'SERVER_SOFT'} = $ENV{'SERVER_SOFTWARE'};
|
||||||
|
$info{'HTTP_ACCEPT'} = $ENV{'HTTP_ACCEPT'};
|
||||||
|
|
||||||
|
$info{'REMOTE_ADDR'} = $ENV{'REMOTE_ADDR'};
|
||||||
|
$info{'REMOTE_HOST'} = $ENV{'REMOTE_HOST'};
|
||||||
|
$info{'ACCEPT_LANG'} = $ENV{'HTTP_ACCEPT_LANGUAGE'};
|
||||||
|
$info{'USER_AGENT'} = $ENV{'HTTP_USER_AGENT'};
|
||||||
|
|
||||||
|
$info{'SERVER_VER'} = server('version');
|
||||||
|
$info{'SERVER_CPU'} = server('cpuinfo');
|
||||||
|
$info{'SERVER_MEM'} = server('meminfo');
|
||||||
|
|
||||||
|
# The Output.
|
||||||
|
$output .= "<strong>Server info</strong><br>\n";
|
||||||
|
$output .= "Operating system = <%OS%><br>\n";
|
||||||
|
|
||||||
|
if (("$^O" eq "MSWin32") and ($info{'EXEC'})) {
|
||||||
|
$output .= "Version = <%OS_VERSION%><br>\n";
|
||||||
|
$output .= "Host name = <%HOST_NAME%><br>\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
if (("$^O" ne "MSWin32") and ($info{'EXEC'})) {
|
||||||
|
$output .= "Kernel = <%PROC_RELEASE%><br>\n";
|
||||||
|
$output .= "Machine = <%MACHINE%><br>\n";
|
||||||
|
$output .= "Processor type = <%PROCESSOR%><br>\n";
|
||||||
|
$output .= "Whoami = <%WHOAMI%><br>\n";
|
||||||
|
$output .= "Host name = <%NODE_NAME%><br>\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
$output .= "Server name = <%SERVER_NAME%><br>\n";
|
||||||
|
$output .= "Server IP = <%SERVER_ADDR%><br>\n";
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
|
||||||
|
$output .= "<strong>Web server info</strong><br>\n";
|
||||||
|
$output .= "HTTP address = <%HTTP_HOST%><br>\n";
|
||||||
|
$output .= "Document root = <%DOCU_ROOT%><br>\n";
|
||||||
|
$output .= "Apache lib = <%APACHE_LIB%><br>\n";
|
||||||
|
$output .= "Administrator = <%SERVER_ADMIN%><br>\n";
|
||||||
|
$output .= "Server software = <%SERVER_SOFT%><br>\n";
|
||||||
|
$output .= "HTTP accept = <%HTTP_ACCEPT%><br>\n";
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
|
||||||
|
$output .= "<strong>Server programs</strong><br>\n";
|
||||||
|
$output .= "Mail program = <%MAIL_PROGRAM%><br>\n";
|
||||||
|
$output .= "Tar program = <%TAR%><br>\n";
|
||||||
|
$output .= "Gzip program = <%GZIP%><br>\n";
|
||||||
|
$output .= "Compress program = <%COMPRESS%><br>\n";
|
||||||
|
$output .= "Whois program = <%WHOIS%><br>\n";
|
||||||
|
$output .= "ImageMagick convert = <%CONVERT%><br>\n";
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
|
||||||
|
$output .= "<strong>Perl info</strong><br>\n";
|
||||||
|
$output .= "Perl location = <%PERL_EXE%><br>\n";
|
||||||
|
$output .= "Perl version = <%PERL_VER%><br>\n";
|
||||||
|
$output .= "Locations of Perl libraries = <%PERL_LIB%><br>\n";
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
|
||||||
|
$output .= "<strong>Remote user info</strong><br>\n";
|
||||||
|
$output .= "Remote IP = <%REMOTE_ADDR%><br>\n";
|
||||||
|
$output .= "Remote hostname = <%REMOTE_HOST%><br>\n";
|
||||||
|
$output .= "Language = <%ACCEPT_LANG%><br>\n";
|
||||||
|
$output .= "User agent = <%USER_AGENT%><br>\n";
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
|
||||||
|
$output .= "<strong>Extra info</strong><br>\n";
|
||||||
|
$output .= "Executing of system commands = Enabled<br>\n" if ($info{'EXEC'});
|
||||||
|
$output .= "Executing of system commands = Not enabled<br>\n" if (!$info{'EXEC'});
|
||||||
|
$output .= "Server uptime = <%UPTIME%><br>\n";
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
|
||||||
|
if ("$^O" ne "MSWin32") {
|
||||||
|
|
||||||
|
$output .= "<strong>Server version</strong><br>\n";
|
||||||
|
$output .= "<%SERVER_VER%><br>\n";
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
|
||||||
|
if ($info{'QUOTA'}) {
|
||||||
|
$output .= "<strong>Disk Quota</strong><br>\n";
|
||||||
|
$output .= "<%QUOTA%>\n";
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
$output .= "<strong>CPU info</strong><br>\n";
|
||||||
|
$output .= "<%SERVER_CPU%><br>\n";
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
|
||||||
|
$output .= "<strong>Memory info</strong><br>\n";
|
||||||
|
$output .= "<%SERVER_MEM%><br>\n";
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
$output .= "<strong>Perl libraries installed</strong><br>\n";
|
||||||
|
eval {require CGI};
|
||||||
|
if ($@) {$output .= "<i>The library CGI is not installed</i><br>\n"}
|
||||||
|
else {$output .= "Library CGI v$CGI::VERSION installed<br>\n"}
|
||||||
|
|
||||||
|
eval {require mod_perl};
|
||||||
|
if ($@) {$output .= "<i>The library mod_perl is not installed</i><br>\n"}
|
||||||
|
else {$output .= "Library mod_perl v$mod_perl::VERSION installed<br>\n"}
|
||||||
|
|
||||||
|
eval {require LWP};
|
||||||
|
if ($@) {$output .= "<i>The library www-perl is not installed</i><br>\n"}
|
||||||
|
else {$output .= "Library www-perl v$LWP::VERSION installed<br>\n"}
|
||||||
|
|
||||||
|
eval {require LWP::Parallel};
|
||||||
|
if ($@) {$output .= "<i>The library LWP::Parallel is not installed</i><br>\n"}
|
||||||
|
else {$output .= "Library LWP::Parallel v$LWP::Parallel::VERSION installed<br>\n"}
|
||||||
|
|
||||||
|
eval {require SOAP::Lite};
|
||||||
|
if ($@) {$output .= "<i>The library SOAP::Lite is not installed</i><br>\n"}
|
||||||
|
else {$output .= "Library SOAP::Lite v$SOAP::Lite::VERSION installed<br>\n"}
|
||||||
|
|
||||||
|
eval {require DBI};
|
||||||
|
if ($@) {$output .= "<i>The library DBI is not installed</i><br>\n"}
|
||||||
|
else {$output .= "Library DBI v$DBI::VERSION installed<br>\n"}
|
||||||
|
|
||||||
|
eval {require DBD::mysql};
|
||||||
|
if ($@) {$output .= "<i>The library DBD::mysql is not installed</i><br>\n"}
|
||||||
|
else {$output .= "Library DBD::mysql v$DBD::mysql::VERSION installed<br>\n"}
|
||||||
|
|
||||||
|
eval {require URI};
|
||||||
|
if ($@) {$output .= "<i>The library URI is not installed</i><br>\n"}
|
||||||
|
else {$output .= "Library URI v$URI::VERSION installed<br>\n"}
|
||||||
|
|
||||||
|
eval {require Digest::MD5};
|
||||||
|
if ($@) {$output .= "<i>The library Digest::MD5 is not installed</i><br>\n"}
|
||||||
|
else {$output .= "Library Digest::MD5 v$Digest::MD5::VERSION installed<br>\n"}
|
||||||
|
|
||||||
|
eval {require Crypt::SSLeay};
|
||||||
|
if ($@) {$output .= "<i>The library Crypt::SSLeay is not installed</i><br>\n"}
|
||||||
|
else {$output .= "Library Crypt::SSLeay v$Crypt::SSLeay::VERSION installed<br>\n"}
|
||||||
|
|
||||||
|
eval {require Net::SSLeay};
|
||||||
|
if ($@) {$output .= "<i>The library Net::SSLeay is not installed</i><br><br>\n\n"}
|
||||||
|
else {$output .= "Library Net::SSLeay.pm v$Net::SSLeay::VERSION installed<br><br>\n\n"}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
if ($info{'APACHE_LIB'}) {
|
||||||
|
my @standard_mod = ('mod_rewrite.so', 'mod_cgi.so', 'mod_perl.so', 'mod_env.so', 'mod_include.so', 'mod_alias.so', 'mod_python.so');
|
||||||
|
my @auth_mod = ('mod_auth_digest.so', 'mod_auth_mysql.so');
|
||||||
|
my @ext_mod = ('mod_expires.so', 'mod_headers.so', 'libphp5.so', 'mod_proxy.so', 'mod_speling.so', 'mod_status.so', 'mod_usertrack.so', 'mod_vhost_alias.so');
|
||||||
|
|
||||||
|
$output .= "<strong>Apache modules installed</strong><br>\n";
|
||||||
|
|
||||||
|
foreach my $item(@standard_mod) {
|
||||||
|
if (-e "$info{'APACHE_LIB'}/$item") {$output .= "Module '$item' installed<br>\n"}
|
||||||
|
else {$output .= "<i>Module '$item' is not installed</i><br>\n"}
|
||||||
|
}
|
||||||
|
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
|
||||||
|
foreach my $item (@auth_mod) {
|
||||||
|
if (-e "$info{'APACHE_LIB'}/$item") {$output .= "Module '$item' installed<br>\n"}
|
||||||
|
else {$output .= "<i>Module '$item' is not installed</i><br>\n"}
|
||||||
|
}
|
||||||
|
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
|
||||||
|
foreach my $item(@ext_mod) {
|
||||||
|
if (-e "$info{'APACHE_LIB'}/$item") {$output .= "Module '$item' installed<br>\n"}
|
||||||
|
else {$output .= "<i>Module '$item' is not installed</i><br>\n"}
|
||||||
|
}
|
||||||
|
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
eval {
|
||||||
|
$info{'GET_USER'} = getpwent();
|
||||||
|
$info{'GET_GROUP'} = getgrent();
|
||||||
|
$info{'GET_HOST'} = gethostent();
|
||||||
|
$info{'GET_NET'} = getnetent();
|
||||||
|
$info{'GET_PROTO'} = getprotoent();
|
||||||
|
$info{'GET_SERV'} = getservent();
|
||||||
|
|
||||||
|
$output .= "<strong>Special info</strong><br>\n";
|
||||||
|
$output .= "user = <%GET_USER%><br>\n";
|
||||||
|
$output .= "group = <%GET_GROUP%><br>\n";
|
||||||
|
$output .= "host = <%GET_HOST%><br>\n";
|
||||||
|
$output .= "network = <%GET_NET%><br>\n";
|
||||||
|
$output .= "protocol = <%GET_PROTO%><br>\n";
|
||||||
|
$output .= "service = <%GET_SERV%><br>\n";
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
};
|
||||||
|
|
||||||
|
$output .= "<strong>Web server Env</strong><br>\n";
|
||||||
|
|
||||||
|
my @keys = keys %ENV;
|
||||||
|
my @values = values %ENV;
|
||||||
|
foreach my $key (sort(@keys)) {
|
||||||
|
$output .= "$key = $ENV{$key}<br>\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
$output .= "</td></tr></table>\n";
|
||||||
|
$output .= "</body></html>\n";
|
||||||
|
|
||||||
|
$output =~ s/<%\s*(.*?)\s*%>/if ($info{$1}) {$info{$1}} else {"<i>undefined<\/i>"}/oesg;
|
||||||
|
|
||||||
|
print $output;
|
||||||
|
|
||||||
|
return 'OK';
|
||||||
|
|
||||||
|
########################
|
||||||
|
## Find Programs
|
||||||
|
########################
|
||||||
|
sub find_prog {
|
||||||
|
|
||||||
|
if (-e "/usr/local/bin/tar") {$info{'TAR'} = "/usr/local/bin/tar"}
|
||||||
|
elsif (-e "/usr/bin/tar") {$info{'TAR'} = "/usr/bin/tar"}
|
||||||
|
elsif (-e "/usr/local/tar") {$info{'TAR'} = "/usr/local/tar"}
|
||||||
|
|
||||||
|
if (-e "/usr/local/bin/gzip") {$info{'GZIP'} = "/usr/local/bin/gzip"}
|
||||||
|
elsif (-e "/usr/bin/gzip") {$info{'GZIP'} = "/usr/bin/gzip"}
|
||||||
|
elsif (-e "/usr/local/gzip") {$info{'GZIP'} = "/usr/local/gzip"}
|
||||||
|
|
||||||
|
if (-e "/usr/local/bin/compress") {$info{'COMPRESS'} = "/usr/local/bin/compress"}
|
||||||
|
elsif (-e "/usr/bin/compress") {$info{'COMPRESS'} = "/usr/bin/compress"}
|
||||||
|
elsif (-e "/usr/local/compress") {$info{'COMPRESS'} = "/usr/local/compress"}
|
||||||
|
|
||||||
|
if (-e "/usr/local/bin/whois") {$info{'WHOIS'} = "/usr/local/bin/whois"}
|
||||||
|
elsif (-e "/usr/bin/whois") {$info{'WHOIS'} = "/usr/bin/whois"}
|
||||||
|
elsif (-e "/usr/local/whois") {$info{'WHOIS'} = "/usr/local/whois"}
|
||||||
|
|
||||||
|
if (-e "/usr/local/bin/convert") {$info{'CONVERT'} = "/usr/local/bin/convert"}
|
||||||
|
elsif (-e "/usr/bin/convert") {$info{'CONVERT'} = "/usr/bin/convert"}
|
||||||
|
elsif (-e "/usr/local/convert") {$info{'CONVERT'} = "/usr/local/convert"}
|
||||||
|
|
||||||
|
########################
|
||||||
|
## Find Mail
|
||||||
|
########################
|
||||||
|
if (-e "/var/qmail/bin/qmail-inject") {$info{'MAIL_PROGRAM'} = "/var/qmail/bin/qmail-inject"}
|
||||||
|
elsif (-e "/usr/sbin/sendmail") {$info{'MAIL_PROGRAM'} = "/usr/sbin/sendmail"}
|
||||||
|
elsif (-e "/usr/lib/sendmail") {$info{'MAIL_PROGRAM'} = "/usr/lib/sendmail"}
|
||||||
|
elsif (-e "/usr/bin/sendmail") {$info{'MAIL_PROGRAM'} = "/usr/bin/sendmail"}
|
||||||
|
|
||||||
|
########################
|
||||||
|
## Find Apache
|
||||||
|
########################
|
||||||
|
if (-e "/usr/lib/httpd/modules/mod_env.so") {$info{'APACHE_LIB'} = "/usr/lib/httpd/modules"}
|
||||||
|
elsif (-e "/opt/lib/apache2/mod_env.so") {$info{'APACHE_LIB'} = "/opt/lib/apache2"}
|
||||||
|
if (-e "/usr/lib64/httpd/modules/mod_env.so") {$info{'APACHE_LIB'} = "/usr/lib64/httpd/modules"}
|
||||||
|
#elsif (-e "/System/Library/Apache/Modules/mod_env.so") {$info{'APACHE_LIB'} = "/System/Library/Apache/Modules"}# Mac
|
||||||
|
#elsif (-e "/System/Library/Apache2/Modules/mod_env.so") {$info{'APACHE_LIB'} = "/System/Library/Apache2/Modules"}# Mac
|
||||||
|
#elsif (-e "/usr/local/apache/modules/mod_env.so") {$info{'APACHE_LIB'} = "/usr/local/apache/modules"}# MachTen/WebTen
|
||||||
|
#elsif (-e "/usr/local/apache2/modules/mod_env.so") {$info{'APACHE_LIB'} = "/usr/local/apache2/modules"}# MachTen/WebTen
|
||||||
|
#elsif (-e "/usr/lib/apache/modules/mod_env.so") {$info{'APACHE_LIB'} = "/usr/lib/apache/modules"}# OpenBSD
|
||||||
|
#elsif (-e "/usr/lib/apache2/modules/mod_env.so") {$info{'APACHE_LIB'} = "/usr/lib/apache2/modules"}# OpenBSD
|
||||||
|
#elsif (-e "/usr/lib/apache/mod_env.so") {$info{'APACHE_LIB'} = "/usr/lib/apache"}
|
||||||
|
#elsif (-e "/usr/lib/httpd/mod_env.so") {$info{'APACHE_LIB'} = "/usr/lib/httpd"}
|
||||||
|
#elsif (-e "C:/Apache/modules") {$info{'APACHE_LIB'} = "C:/Apache/modules"}# windows
|
||||||
|
#elsif (-e "C:/Apache2/modules") {$info{'APACHE_LIB'} = "C:/Apache2/modules"}# windows
|
||||||
|
}
|
||||||
|
|
||||||
|
##############
|
||||||
|
## Server Info
|
||||||
|
##############
|
||||||
|
sub server {
|
||||||
|
my $serv_info = shift;
|
||||||
|
my $server_info = undef;
|
||||||
|
|
||||||
|
if (-e "/proc/$serv_info") {
|
||||||
|
open SERVER, "</proc/$serv_info";
|
||||||
|
$server_info .= join("<br>", <SERVER>);
|
||||||
|
close SERVER;
|
||||||
|
}
|
||||||
|
return $server_info;
|
||||||
|
}
|
41
htdocs/cgi-bin/env.php
Executable file
@ -0,0 +1,41 @@
|
|||||||
|
<!DOCTYPE html>
|
||||||
|
<html lang="en-US">
|
||||||
|
|
||||||
|
<head>
|
||||||
|
<!--
|
||||||
|
##@Version : 202303091846-git
|
||||||
|
# @@Author : Jason Hempstead
|
||||||
|
# @@Contact : git-admin@casjaysdev.com
|
||||||
|
# @@License : WTFPL
|
||||||
|
# @@ReadME :
|
||||||
|
# @@Copyright : Copyright: (c) 2023 Jason Hempstead, Casjays Developments
|
||||||
|
# @@Created : Thursday, Mar 09, 2023 18:46 EST
|
||||||
|
# @@File : env.php
|
||||||
|
# @@Description : html document
|
||||||
|
# @@Changelog : Updated header
|
||||||
|
# @@TODO : Refactor code
|
||||||
|
# @@Other :
|
||||||
|
# @@Resource :
|
||||||
|
# @@Terminal App : no
|
||||||
|
# @@sudo/root : no
|
||||||
|
# @@Template : html
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
-->
|
||||||
|
<meta charset='utf-8'>
|
||||||
|
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
||||||
|
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||||
|
<meta name="Keywords" content="Casjay, CasjaysDev">
|
||||||
|
<meta name="Description" content="Created By Casjays Developments">
|
||||||
|
<meta name="generator" content="CasjaysDev">
|
||||||
|
<link rel="icon" sizes="any" href="/images/favicon.ico" />
|
||||||
|
<title>PHP Info</title>
|
||||||
|
</head>
|
||||||
|
|
||||||
|
<!-- Begin Body -->
|
||||||
|
|
||||||
|
<body>
|
||||||
|
<?php phpinfo() ?>
|
||||||
|
</body>
|
||||||
|
<!-- End Main End Body -->
|
||||||
|
|
||||||
|
</html>
|
404
htdocs/cgi-bin/env.pl
Executable file
@ -0,0 +1,404 @@
|
|||||||
|
#!/usr/bin/env perl
|
||||||
|
##
|
||||||
|
###########################
|
||||||
|
## Server Info CGI v1.08 ##
|
||||||
|
###########################
|
||||||
|
##
|
||||||
|
## ######################################
|
||||||
|
## ## Server Info CGI v1.08 <20> 2000 ##
|
||||||
|
## ## http://www.widexl.com ##
|
||||||
|
## ## Made by Henk Boonstra ##
|
||||||
|
## ######################################
|
||||||
|
##
|
||||||
|
## This script gives information about your (web)server.
|
||||||
|
## Software, Modules, libraries, env, network...
|
||||||
|
##
|
||||||
|
## Install:
|
||||||
|
## Change the path to perl (The first line in this script).
|
||||||
|
## Upload the script in ASCII mode to your cgi-bin directory.
|
||||||
|
## chmod script to 755.
|
||||||
|
## Open the script in a browser.
|
||||||
|
##
|
||||||
|
##############################
|
||||||
|
##############################
|
||||||
|
|
||||||
|
use strict;
|
||||||
|
use warnings FATAL => 'all';
|
||||||
|
no warnings 'redefine'; # to be remove in production
|
||||||
|
use Carp;
|
||||||
|
|
||||||
|
our %info = ();
|
||||||
|
my $output = undef;
|
||||||
|
my $ver = 'v1.8';
|
||||||
|
|
||||||
|
find_prog();
|
||||||
|
|
||||||
|
print "Content-type: text/html\n\n";
|
||||||
|
|
||||||
|
my $header = qq|
|
||||||
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
|
||||||
|
|
||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
<title>Server Info script</title>
|
||||||
|
<meta name="robots" content="noindex,nofollow">
|
||||||
|
|
||||||
|
<style type="text/css"><!--
|
||||||
|
BODY {
|
||||||
|
background-color : #FFFFFF;
|
||||||
|
font-family: verdana, arial, helvetica, sans-serif;
|
||||||
|
color : #484848;
|
||||||
|
font-size : 12px;
|
||||||
|
|
||||||
|
scrollbar-face-color: #FFFFFF;
|
||||||
|
scrollbar-shadow-color: #000000;
|
||||||
|
scrollbar-highlight-color: #484848;
|
||||||
|
scrollbar-3dlight-color: #FFFFFF;
|
||||||
|
scrollbar-darkshadow-color: #000000;
|
||||||
|
scrollbar-track-color: #8E929D;
|
||||||
|
scrollbar-arrow-color: #484848;
|
||||||
|
}
|
||||||
|
|
||||||
|
TD {
|
||||||
|
font-family: verdana, arial, helvetica, sans-serif;
|
||||||
|
color : #484848;
|
||||||
|
font-size : 12px;
|
||||||
|
}
|
||||||
|
|
||||||
|
PRE {
|
||||||
|
color : #484848;
|
||||||
|
margin-bottom: 0px;
|
||||||
|
margin-top: 0px;
|
||||||
|
}
|
||||||
|
|
||||||
|
I {
|
||||||
|
font-family: verdana, arial, helvetica, sans-serif;
|
||||||
|
color : Red;
|
||||||
|
font-size : 12px;
|
||||||
|
}
|
||||||
|
|
||||||
|
STRONG {
|
||||||
|
background-color : transparent;
|
||||||
|
font-family: verdana, arial, helvetica, sans-serif;
|
||||||
|
color : #484848;
|
||||||
|
font-size : 12px;
|
||||||
|
font-weight : bold;
|
||||||
|
}
|
||||||
|
|
||||||
|
--></style>
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
|;
|
||||||
|
|
||||||
|
$output .= "$header\n";
|
||||||
|
$output .= "<table border=\"0\" cellspacing=\"0\" cellpadding=\"32\" align=\"left\" width=\"760\"><tr><td align=\"left\">\n\n";
|
||||||
|
|
||||||
|
if ($^O eq 'MSWin32') {
|
||||||
|
$info{'OS_VERSION'} = `ver`;
|
||||||
|
$info{'HOST_NAME'} = `hostname`;
|
||||||
|
if ($info{'OS_VERSION'}) {$info{'EXEC'} = 'Enabled'}
|
||||||
|
}
|
||||||
|
|
||||||
|
else {
|
||||||
|
$info{'PROC_RELEASE'} = `uname -r`;
|
||||||
|
$info{'MACHINE'} = `uname -m`;
|
||||||
|
$info{'PROCESSOR'} = `uname -p`;
|
||||||
|
$info{'NODE_NAME'} = `uname -n`;
|
||||||
|
$info{'SYS_NAME'} = `uname -s`;
|
||||||
|
$info{'WHOAMI'} = `whoami`;
|
||||||
|
|
||||||
|
my $ex = `which perl`;
|
||||||
|
$info{'TAR'} = `which tar` || $info{'TAR'};
|
||||||
|
$info{'GZIP'} = `which gzip` || $info{'GZIP'};
|
||||||
|
$info{'COMPRESS'} = `which compress` || $info{'COMPRESS'};
|
||||||
|
$info{'WHOIS'} = `which whois` || $info{'WHOIS'};
|
||||||
|
$info{'CONVERT'} = `which convert` || $info{'CONVERT'};
|
||||||
|
$info{'MAIL_PROGRAM'} = `which sendmail` || $info{'MAIL_PROGRAM'};
|
||||||
|
$info{'MAIL_PROGRAM'} = "Found no mail program" if (!$info{'MAIL_PROGRAM'});
|
||||||
|
|
||||||
|
$info{'UPTIME'} = `uptime`;
|
||||||
|
$info{'QUOTA'} = `quota`;
|
||||||
|
$info{'QUOTA'} =~ s/\n/<br>/isg if ($info{'QUOTA'});
|
||||||
|
|
||||||
|
if ($ex) {$info{'EXEC'} = 'Enabled'}
|
||||||
|
}
|
||||||
|
|
||||||
|
$info{'OS'} = $^O;
|
||||||
|
$info{'SERVER_NAME'} = $ENV{'SERVER_NAME'};
|
||||||
|
$info{'SERVER_ADDR'} = $ENV{'SERVER_ADDR'};
|
||||||
|
|
||||||
|
$info{'PERL_EXE'} = $^X;
|
||||||
|
$info{'PERL_VER'} = $];
|
||||||
|
$info{'PERL_LIB'} = "@INC";
|
||||||
|
|
||||||
|
$info{'HTTP_HOST'} = $ENV{'HTTP_HOST'};
|
||||||
|
$info{'APACHE_LIB'} = $info{'APACHE_LIB'};
|
||||||
|
$info{'DOCU_ROOT'} = $ENV{'DOCUMENT_ROOT'};
|
||||||
|
$info{'SERVER_ADMIN'} = $ENV{'SERVER_ADMIN'};
|
||||||
|
$info{'SERVER_SOFT'} = $ENV{'SERVER_SOFTWARE'};
|
||||||
|
$info{'HTTP_ACCEPT'} = $ENV{'HTTP_ACCEPT'};
|
||||||
|
|
||||||
|
$info{'REMOTE_ADDR'} = $ENV{'REMOTE_ADDR'};
|
||||||
|
$info{'REMOTE_HOST'} = $ENV{'REMOTE_HOST'};
|
||||||
|
$info{'ACCEPT_LANG'} = $ENV{'HTTP_ACCEPT_LANGUAGE'};
|
||||||
|
$info{'USER_AGENT'} = $ENV{'HTTP_USER_AGENT'};
|
||||||
|
|
||||||
|
$info{'SERVER_VER'} = server('version');
|
||||||
|
$info{'SERVER_CPU'} = server('cpuinfo');
|
||||||
|
$info{'SERVER_MEM'} = server('meminfo');
|
||||||
|
|
||||||
|
# The Output.
|
||||||
|
$output .= "<strong>Server info</strong><br>\n";
|
||||||
|
$output .= "Operating system = <%OS%><br>\n";
|
||||||
|
|
||||||
|
if (("$^O" eq "MSWin32") and ($info{'EXEC'})) {
|
||||||
|
$output .= "Version = <%OS_VERSION%><br>\n";
|
||||||
|
$output .= "Host name = <%HOST_NAME%><br>\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
if (("$^O" ne "MSWin32") and ($info{'EXEC'})) {
|
||||||
|
$output .= "Kernel = <%PROC_RELEASE%><br>\n";
|
||||||
|
$output .= "Machine = <%MACHINE%><br>\n";
|
||||||
|
$output .= "Processor type = <%PROCESSOR%><br>\n";
|
||||||
|
$output .= "Whoami = <%WHOAMI%><br>\n";
|
||||||
|
$output .= "Host name = <%NODE_NAME%><br>\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
$output .= "Server name = <%SERVER_NAME%><br>\n";
|
||||||
|
$output .= "Server IP = <%SERVER_ADDR%><br>\n";
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
|
||||||
|
$output .= "<strong>Web server info</strong><br>\n";
|
||||||
|
$output .= "HTTP address = <%HTTP_HOST%><br>\n";
|
||||||
|
$output .= "Document root = <%DOCU_ROOT%><br>\n";
|
||||||
|
$output .= "Apache lib = <%APACHE_LIB%><br>\n";
|
||||||
|
$output .= "Administrator = <%SERVER_ADMIN%><br>\n";
|
||||||
|
$output .= "Server software = <%SERVER_SOFT%><br>\n";
|
||||||
|
$output .= "HTTP accept = <%HTTP_ACCEPT%><br>\n";
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
|
||||||
|
$output .= "<strong>Server programs</strong><br>\n";
|
||||||
|
$output .= "Mail program = <%MAIL_PROGRAM%><br>\n";
|
||||||
|
$output .= "Tar program = <%TAR%><br>\n";
|
||||||
|
$output .= "Gzip program = <%GZIP%><br>\n";
|
||||||
|
$output .= "Compress program = <%COMPRESS%><br>\n";
|
||||||
|
$output .= "Whois program = <%WHOIS%><br>\n";
|
||||||
|
$output .= "ImageMagick convert = <%CONVERT%><br>\n";
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
|
||||||
|
$output .= "<strong>Perl info</strong><br>\n";
|
||||||
|
$output .= "Perl location = <%PERL_EXE%><br>\n";
|
||||||
|
$output .= "Perl version = <%PERL_VER%><br>\n";
|
||||||
|
$output .= "Locations of Perl libraries = <%PERL_LIB%><br>\n";
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
|
||||||
|
$output .= "<strong>Remote user info</strong><br>\n";
|
||||||
|
$output .= "Remote IP = <%REMOTE_ADDR%><br>\n";
|
||||||
|
$output .= "Remote hostname = <%REMOTE_HOST%><br>\n";
|
||||||
|
$output .= "Language = <%ACCEPT_LANG%><br>\n";
|
||||||
|
$output .= "User agent = <%USER_AGENT%><br>\n";
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
|
||||||
|
$output .= "<strong>Extra info</strong><br>\n";
|
||||||
|
$output .= "Executing of system commands = Enabled<br>\n" if ($info{'EXEC'});
|
||||||
|
$output .= "Executing of system commands = Not enabled<br>\n" if (!$info{'EXEC'});
|
||||||
|
$output .= "Server uptime = <%UPTIME%><br>\n";
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
|
||||||
|
if ("$^O" ne "MSWin32") {
|
||||||
|
|
||||||
|
$output .= "<strong>Server version</strong><br>\n";
|
||||||
|
$output .= "<%SERVER_VER%><br>\n";
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
|
||||||
|
if ($info{'QUOTA'}) {
|
||||||
|
$output .= "<strong>Disk Quota</strong><br>\n";
|
||||||
|
$output .= "<%QUOTA%>\n";
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
$output .= "<strong>CPU info</strong><br>\n";
|
||||||
|
$output .= "<%SERVER_CPU%><br>\n";
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
|
||||||
|
$output .= "<strong>Memory info</strong><br>\n";
|
||||||
|
$output .= "<%SERVER_MEM%><br>\n";
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
$output .= "<strong>Perl libraries installed</strong><br>\n";
|
||||||
|
eval {require CGI};
|
||||||
|
if ($@) {$output .= "<i>The library CGI is not installed</i><br>\n"}
|
||||||
|
else {$output .= "Library CGI v$CGI::VERSION installed<br>\n"}
|
||||||
|
|
||||||
|
eval {require mod_perl};
|
||||||
|
if ($@) {$output .= "<i>The library mod_perl is not installed</i><br>\n"}
|
||||||
|
else {$output .= "Library mod_perl v$mod_perl::VERSION installed<br>\n"}
|
||||||
|
|
||||||
|
eval {require LWP};
|
||||||
|
if ($@) {$output .= "<i>The library www-perl is not installed</i><br>\n"}
|
||||||
|
else {$output .= "Library www-perl v$LWP::VERSION installed<br>\n"}
|
||||||
|
|
||||||
|
eval {require LWP::Parallel};
|
||||||
|
if ($@) {$output .= "<i>The library LWP::Parallel is not installed</i><br>\n"}
|
||||||
|
else {$output .= "Library LWP::Parallel v$LWP::Parallel::VERSION installed<br>\n"}
|
||||||
|
|
||||||
|
eval {require SOAP::Lite};
|
||||||
|
if ($@) {$output .= "<i>The library SOAP::Lite is not installed</i><br>\n"}
|
||||||
|
else {$output .= "Library SOAP::Lite v$SOAP::Lite::VERSION installed<br>\n"}
|
||||||
|
|
||||||
|
eval {require DBI};
|
||||||
|
if ($@) {$output .= "<i>The library DBI is not installed</i><br>\n"}
|
||||||
|
else {$output .= "Library DBI v$DBI::VERSION installed<br>\n"}
|
||||||
|
|
||||||
|
eval {require DBD::mysql};
|
||||||
|
if ($@) {$output .= "<i>The library DBD::mysql is not installed</i><br>\n"}
|
||||||
|
else {$output .= "Library DBD::mysql v$DBD::mysql::VERSION installed<br>\n"}
|
||||||
|
|
||||||
|
eval {require URI};
|
||||||
|
if ($@) {$output .= "<i>The library URI is not installed</i><br>\n"}
|
||||||
|
else {$output .= "Library URI v$URI::VERSION installed<br>\n"}
|
||||||
|
|
||||||
|
eval {require Digest::MD5};
|
||||||
|
if ($@) {$output .= "<i>The library Digest::MD5 is not installed</i><br>\n"}
|
||||||
|
else {$output .= "Library Digest::MD5 v$Digest::MD5::VERSION installed<br>\n"}
|
||||||
|
|
||||||
|
eval {require Crypt::SSLeay};
|
||||||
|
if ($@) {$output .= "<i>The library Crypt::SSLeay is not installed</i><br>\n"}
|
||||||
|
else {$output .= "Library Crypt::SSLeay v$Crypt::SSLeay::VERSION installed<br>\n"}
|
||||||
|
|
||||||
|
eval {require Net::SSLeay};
|
||||||
|
if ($@) {$output .= "<i>The library Net::SSLeay is not installed</i><br><br>\n\n"}
|
||||||
|
else {$output .= "Library Net::SSLeay.pm v$Net::SSLeay::VERSION installed<br><br>\n\n"}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
if ($info{'APACHE_LIB'}) {
|
||||||
|
my @standard_mod = ('mod_rewrite.so', 'mod_cgi.so', 'mod_perl.so', 'mod_env.so', 'mod_include.so', 'mod_alias.so', 'mod_python.so');
|
||||||
|
my @auth_mod = ('mod_auth_digest.so', 'mod_auth_mysql.so');
|
||||||
|
my @ext_mod = ('mod_expires.so', 'mod_headers.so', 'libphp5.so', 'mod_proxy.so', 'mod_speling.so', 'mod_status.so', 'mod_usertrack.so', 'mod_vhost_alias.so');
|
||||||
|
|
||||||
|
$output .= "<strong>Apache modules installed</strong><br>\n";
|
||||||
|
|
||||||
|
foreach my $item(@standard_mod) {
|
||||||
|
if (-e "$info{'APACHE_LIB'}/$item") {$output .= "Module '$item' installed<br>\n"}
|
||||||
|
else {$output .= "<i>Module '$item' is not installed</i><br>\n"}
|
||||||
|
}
|
||||||
|
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
|
||||||
|
foreach my $item (@auth_mod) {
|
||||||
|
if (-e "$info{'APACHE_LIB'}/$item") {$output .= "Module '$item' installed<br>\n"}
|
||||||
|
else {$output .= "<i>Module '$item' is not installed</i><br>\n"}
|
||||||
|
}
|
||||||
|
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
|
||||||
|
foreach my $item(@ext_mod) {
|
||||||
|
if (-e "$info{'APACHE_LIB'}/$item") {$output .= "Module '$item' installed<br>\n"}
|
||||||
|
else {$output .= "<i>Module '$item' is not installed</i><br>\n"}
|
||||||
|
}
|
||||||
|
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
eval {
|
||||||
|
$info{'GET_USER'} = getpwent();
|
||||||
|
$info{'GET_GROUP'} = getgrent();
|
||||||
|
$info{'GET_HOST'} = gethostent();
|
||||||
|
$info{'GET_NET'} = getnetent();
|
||||||
|
$info{'GET_PROTO'} = getprotoent();
|
||||||
|
$info{'GET_SERV'} = getservent();
|
||||||
|
|
||||||
|
$output .= "<strong>Special info</strong><br>\n";
|
||||||
|
$output .= "user = <%GET_USER%><br>\n";
|
||||||
|
$output .= "group = <%GET_GROUP%><br>\n";
|
||||||
|
$output .= "host = <%GET_HOST%><br>\n";
|
||||||
|
$output .= "network = <%GET_NET%><br>\n";
|
||||||
|
$output .= "protocol = <%GET_PROTO%><br>\n";
|
||||||
|
$output .= "service = <%GET_SERV%><br>\n";
|
||||||
|
$output .= "<br>\n\n";
|
||||||
|
};
|
||||||
|
|
||||||
|
$output .= "<strong>Web server Env</strong><br>\n";
|
||||||
|
|
||||||
|
my @keys = keys %ENV;
|
||||||
|
my @values = values %ENV;
|
||||||
|
foreach my $key (sort(@keys)) {
|
||||||
|
$output .= "$key = $ENV{$key}<br>\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
$output .= "</td></tr></table>\n";
|
||||||
|
$output .= "</body></html>\n";
|
||||||
|
|
||||||
|
$output =~ s/<%\s*(.*?)\s*%>/if ($info{$1}) {$info{$1}} else {"<i>undefined<\/i>"}/oesg;
|
||||||
|
|
||||||
|
print $output;
|
||||||
|
|
||||||
|
return 'OK';
|
||||||
|
|
||||||
|
########################
|
||||||
|
## Find Programs
|
||||||
|
########################
|
||||||
|
sub find_prog {
|
||||||
|
|
||||||
|
if (-e "/usr/local/bin/tar") {$info{'TAR'} = "/usr/local/bin/tar"}
|
||||||
|
elsif (-e "/usr/bin/tar") {$info{'TAR'} = "/usr/bin/tar"}
|
||||||
|
elsif (-e "/usr/local/tar") {$info{'TAR'} = "/usr/local/tar"}
|
||||||
|
|
||||||
|
if (-e "/usr/local/bin/gzip") {$info{'GZIP'} = "/usr/local/bin/gzip"}
|
||||||
|
elsif (-e "/usr/bin/gzip") {$info{'GZIP'} = "/usr/bin/gzip"}
|
||||||
|
elsif (-e "/usr/local/gzip") {$info{'GZIP'} = "/usr/local/gzip"}
|
||||||
|
|
||||||
|
if (-e "/usr/local/bin/compress") {$info{'COMPRESS'} = "/usr/local/bin/compress"}
|
||||||
|
elsif (-e "/usr/bin/compress") {$info{'COMPRESS'} = "/usr/bin/compress"}
|
||||||
|
elsif (-e "/usr/local/compress") {$info{'COMPRESS'} = "/usr/local/compress"}
|
||||||
|
|
||||||
|
if (-e "/usr/local/bin/whois") {$info{'WHOIS'} = "/usr/local/bin/whois"}
|
||||||
|
elsif (-e "/usr/bin/whois") {$info{'WHOIS'} = "/usr/bin/whois"}
|
||||||
|
elsif (-e "/usr/local/whois") {$info{'WHOIS'} = "/usr/local/whois"}
|
||||||
|
|
||||||
|
if (-e "/usr/local/bin/convert") {$info{'CONVERT'} = "/usr/local/bin/convert"}
|
||||||
|
elsif (-e "/usr/bin/convert") {$info{'CONVERT'} = "/usr/bin/convert"}
|
||||||
|
elsif (-e "/usr/local/convert") {$info{'CONVERT'} = "/usr/local/convert"}
|
||||||
|
|
||||||
|
########################
|
||||||
|
## Find Mail
|
||||||
|
########################
|
||||||
|
if (-e "/var/qmail/bin/qmail-inject") {$info{'MAIL_PROGRAM'} = "/var/qmail/bin/qmail-inject"}
|
||||||
|
elsif (-e "/usr/sbin/sendmail") {$info{'MAIL_PROGRAM'} = "/usr/sbin/sendmail"}
|
||||||
|
elsif (-e "/usr/lib/sendmail") {$info{'MAIL_PROGRAM'} = "/usr/lib/sendmail"}
|
||||||
|
elsif (-e "/usr/bin/sendmail") {$info{'MAIL_PROGRAM'} = "/usr/bin/sendmail"}
|
||||||
|
|
||||||
|
########################
|
||||||
|
## Find Apache
|
||||||
|
########################
|
||||||
|
if (-e "/usr/lib/httpd/modules/mod_env.so") {$info{'APACHE_LIB'} = "/usr/lib/httpd/modules"}
|
||||||
|
elsif (-e "/opt/lib/apache2/mod_env.so") {$info{'APACHE_LIB'} = "/opt/lib/apache2"}
|
||||||
|
if (-e "/usr/lib64/httpd/modules/mod_env.so") {$info{'APACHE_LIB'} = "/usr/lib64/httpd/modules"}
|
||||||
|
#elsif (-e "/System/Library/Apache/Modules/mod_env.so") {$info{'APACHE_LIB'} = "/System/Library/Apache/Modules"}# Mac
|
||||||
|
#elsif (-e "/System/Library/Apache2/Modules/mod_env.so") {$info{'APACHE_LIB'} = "/System/Library/Apache2/Modules"}# Mac
|
||||||
|
#elsif (-e "/usr/local/apache/modules/mod_env.so") {$info{'APACHE_LIB'} = "/usr/local/apache/modules"}# MachTen/WebTen
|
||||||
|
#elsif (-e "/usr/local/apache2/modules/mod_env.so") {$info{'APACHE_LIB'} = "/usr/local/apache2/modules"}# MachTen/WebTen
|
||||||
|
#elsif (-e "/usr/lib/apache/modules/mod_env.so") {$info{'APACHE_LIB'} = "/usr/lib/apache/modules"}# OpenBSD
|
||||||
|
#elsif (-e "/usr/lib/apache2/modules/mod_env.so") {$info{'APACHE_LIB'} = "/usr/lib/apache2/modules"}# OpenBSD
|
||||||
|
#elsif (-e "/usr/lib/apache/mod_env.so") {$info{'APACHE_LIB'} = "/usr/lib/apache"}
|
||||||
|
#elsif (-e "/usr/lib/httpd/mod_env.so") {$info{'APACHE_LIB'} = "/usr/lib/httpd"}
|
||||||
|
#elsif (-e "C:/Apache/modules") {$info{'APACHE_LIB'} = "C:/Apache/modules"}# windows
|
||||||
|
#elsif (-e "C:/Apache2/modules") {$info{'APACHE_LIB'} = "C:/Apache2/modules"}# windows
|
||||||
|
}
|
||||||
|
|
||||||
|
##############
|
||||||
|
## Server Info
|
||||||
|
##############
|
||||||
|
sub server {
|
||||||
|
my $serv_info = shift;
|
||||||
|
my $server_info = undef;
|
||||||
|
|
||||||
|
if (-e "/proc/$serv_info") {
|
||||||
|
open SERVER, "</proc/$serv_info";
|
||||||
|
$server_info .= join("<br>", <SERVER>);
|
||||||
|
close SERVER;
|
||||||
|
}
|
||||||
|
return $server_info;
|
||||||
|
}
|
8
htdocs/cgi-bin/env.py
Executable file
@ -0,0 +1,8 @@
|
|||||||
|
#!/usr/bin/env python
|
||||||
|
import sys
|
||||||
|
import os
|
||||||
|
|
||||||
|
print "Content-Type: text/html\n\n"
|
||||||
|
|
||||||
|
for name, value in os.environ.items():
|
||||||
|
print "%s\t= %s <br/>" % (name, value)
|
7
htdocs/cgi-bin/env.rb
Executable file
@ -0,0 +1,7 @@
|
|||||||
|
#!/usr/bin/env ruby
|
||||||
|
# -*- coding: None -*-
|
||||||
|
|
||||||
|
require 'cgi' //cgi file to create a simple cgi object.
|
||||||
|
cgi = CGI.new //instantiating a cgi object.
|
||||||
|
puts cgi.header //thats telling the server about the type(html).
|
||||||
|
puts "hello" // thats the output on the browser.
|
12
htdocs/cgi-bin/printenv
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
#!/usr/bin/env perl
|
||||||
|
|
||||||
|
use strict;
|
||||||
|
use warnings;
|
||||||
|
|
||||||
|
print "Content-type: text/plain; charset=iso-8859-1\n\n";
|
||||||
|
foreach my $var (sort(keys(%ENV))) {
|
||||||
|
my $val = $ENV{$var};
|
||||||
|
$val =~ s|\n|\\n|g;
|
||||||
|
$val =~ s|"|\\"|g;
|
||||||
|
print "${var}=\"${val}\"\n";
|
||||||
|
}
|
17
htdocs/cgi-bin/printenv.vbs
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
'!c:/windows/system32/cscript -nologo
|
||||||
|
Option Explicit
|
||||||
|
|
||||||
|
Dim objShell, objArray, str, envvar, envval
|
||||||
|
Set objShell = CreateObject("WScript.Shell")
|
||||||
|
Set objArray = CreateObject("System.Collections.ArrayList")
|
||||||
|
|
||||||
|
WScript.StdOut.WriteLine "Content-type: text/plain; charset=iso-8859-1" & vbLF
|
||||||
|
For Each str In objShell.Environment("PROCESS")
|
||||||
|
objArray.Add str
|
||||||
|
Next
|
||||||
|
objArray.Sort()
|
||||||
|
For Each str In objArray
|
||||||
|
envvar = Left(str, InStr(str, "="))
|
||||||
|
envval = Replace(Mid(str, InStr(str, "=") + 1), vbLF, "\n")
|
||||||
|
WScript.StdOut.WriteLine envvar & Chr(34) & envval & Chr(34)
|
||||||
|
Next
|
19
htdocs/cgi-bin/printenv.wsf
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
'!c:/windows/system32/cscript -nologo
|
||||||
|
|
||||||
|
<job>
|
||||||
|
<script language="JScript">
|
||||||
|
WScript.Echo("Content-type: text/plain; charset=iso-8859-1\n");
|
||||||
|
var objShell = new ActiveXObject("WScript.Shell");
|
||||||
|
var objArray = new Array();
|
||||||
|
var e = new Enumerator(objShell.Environment("PROCESS"));
|
||||||
|
for (;!e.atEnd();e.moveNext()) {
|
||||||
|
var i = e.item().indexOf("=");
|
||||||
|
var envvar = e.item().substring(0, i);
|
||||||
|
var envval = e.item().substring(i + 1, e.item().length);
|
||||||
|
envval = envval.replace("\n", "\\n");
|
||||||
|
objArray.push(envvar + "=\"" + envval + "\"");
|
||||||
|
}
|
||||||
|
objArray.sort();
|
||||||
|
WScript.Echo(objArray.join("\n"));
|
||||||
|
</script>
|
||||||
|
</job>
|
26
htdocs/cgi-bin/test-cgi
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
#!/usr/bin/env sh
|
||||||
|
# disable filename globbing
|
||||||
|
set -f
|
||||||
|
echo "Content-type: text/plain; charset=iso-8859-1"
|
||||||
|
echo
|
||||||
|
echo CGI/1.0 test script report:
|
||||||
|
echo
|
||||||
|
echo argc is $#. argv is "$*".
|
||||||
|
echo
|
||||||
|
echo SERVER_SOFTWARE = $SERVER_SOFTWARE
|
||||||
|
echo SERVER_NAME = $SERVER_NAME
|
||||||
|
echo GATEWAY_INTERFACE = $GATEWAY_INTERFACE
|
||||||
|
echo SERVER_PROTOCOL = $SERVER_PROTOCOL
|
||||||
|
echo SERVER_PORT = $SERVER_PORT
|
||||||
|
echo REQUEST_METHOD = $REQUEST_METHOD
|
||||||
|
echo HTTP_ACCEPT = "$HTTP_ACCEPT"
|
||||||
|
echo PATH_INFO = "$PATH_INFO"
|
||||||
|
echo PATH_TRANSLATED = "$PATH_TRANSLATED"
|
||||||
|
echo SCRIPT_NAME = "$SCRIPT_NAME"
|
||||||
|
echo QUERY_STRING = "$QUERY_STRING"
|
||||||
|
echo REMOTE_HOST = $REMOTE_HOST
|
||||||
|
echo REMOTE_ADDR = $REMOTE_ADDR
|
||||||
|
echo REMOTE_USER = $REMOTE_USER
|
||||||
|
echo AUTH_TYPE = $AUTH_TYPE
|
||||||
|
echo CONTENT_TYPE = $CONTENT_TYPE
|
||||||
|
echo CONTENT_LENGTH = $CONTENT_LENGTH
|
71
htdocs/www/404.html
Normal file
@ -0,0 +1,71 @@
|
|||||||
|
<!DOCTYPE html>
|
||||||
|
<html lang="">
|
||||||
|
<head>
|
||||||
|
<meta charset="utf-8" />
|
||||||
|
<meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
|
||||||
|
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
|
||||||
|
<meta name="generator" content="CasjaysDev" />
|
||||||
|
<meta name="robots" content="index, follow" />
|
||||||
|
<meta name="description" content="" />
|
||||||
|
<meta
|
||||||
|
name="viewport"
|
||||||
|
content="width=device-width, initial-scale=1.0, maximum-scale=1.0"
|
||||||
|
/>
|
||||||
|
|
||||||
|
<meta property="og:title" content="" />
|
||||||
|
<meta property="og:type" content="" />
|
||||||
|
<meta property="og:url" content="" />
|
||||||
|
<meta property="og:image" content="" />
|
||||||
|
|
||||||
|
<meta name="theme-color" content="#fafafa" />
|
||||||
|
<link rel="manifest" href="./site.webmanifest" />
|
||||||
|
|
||||||
|
<link rel="icon" type="image/icon png" href="./images/favicon.png" />
|
||||||
|
<link rel="apple-touch-icon" href="./images/icon.png" />
|
||||||
|
|
||||||
|
<link rel="stylesheet" href="./css/errorpages.css" />
|
||||||
|
<link rel="stylesheet" href="./css/bootstrap.css" />
|
||||||
|
<link rel="stylesheet" href="./css/index.css" />
|
||||||
|
|
||||||
|
<script src="./js/errorpages/isup.js" defer></script>
|
||||||
|
<script src="./js/errorpages/homepage.js" defer></script>
|
||||||
|
<script src="./js/errorpages/loaddomain.js" defer></script>
|
||||||
|
<script src="./js/jquery/default.js"></script>
|
||||||
|
<script src="./js/passprotect.min.js" defer></script>
|
||||||
|
<script src="./js/bootstrap.min.js" defer></script>
|
||||||
|
<script src="./js/app.js" defer></script>
|
||||||
|
|
||||||
|
<title>404 Not Found</title>
|
||||||
|
</head>
|
||||||
|
|
||||||
|
<body onload="javascript:loadDomain();">
|
||||||
|
<!-- Error Page Content -->
|
||||||
|
<div class="container vh-100 h1">
|
||||||
|
<div class="jumbotron">
|
||||||
|
<i class="fa fa-frown-o"></i>
|
||||||
|
<a
|
||||||
|
href="https://www.google.com/search?q=server+error+404"
|
||||||
|
target="_blank"
|
||||||
|
>404 Not Found</a
|
||||||
|
>
|
||||||
|
<p class="lead fs-3">
|
||||||
|
We apologize but we can't seem to be able to find what you're looking
|
||||||
|
for!
|
||||||
|
</p>
|
||||||
|
|
||||||
|
<img
|
||||||
|
alt="error"
|
||||||
|
src="./images/404.gif"
|
||||||
|
height="800"
|
||||||
|
width="800"
|
||||||
|
/><br />
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<a
|
||||||
|
onclick="javascript:homepage();"
|
||||||
|
class="btn btn-secondary btn-outline-danger btn-lg btn-block"
|
||||||
|
><span id="display-domain"></span
|
||||||
|
></a>
|
||||||
|
</div>
|
||||||
|
</body>
|
||||||
|
</html>
|
10522
htdocs/www/css/bootstrap.css
vendored
Normal file
10531
htdocs/www/css/bootstrap.min.css
vendored
Normal file
9872
htdocs/www/css/bs.plain.css
Normal file
275
htdocs/www/css/cookieconsent.css
Normal file
@ -0,0 +1,275 @@
|
|||||||
|
.cc-window {
|
||||||
|
opacity: 1;
|
||||||
|
transition: opacity 1s ease;
|
||||||
|
}
|
||||||
|
.cc-window.cc-invisible {
|
||||||
|
opacity: 0;
|
||||||
|
}
|
||||||
|
.cc-animate.cc-revoke {
|
||||||
|
transition: transform 1s ease;
|
||||||
|
}
|
||||||
|
.cc-animate.cc-revoke.cc-top {
|
||||||
|
transform: translateY(-2em);
|
||||||
|
}
|
||||||
|
.cc-animate.cc-revoke.cc-bottom {
|
||||||
|
transform: translateY(2em);
|
||||||
|
}
|
||||||
|
.cc-animate.cc-revoke.cc-active.cc-bottom,
|
||||||
|
.cc-animate.cc-revoke.cc-active.cc-top,
|
||||||
|
.cc-revoke:hover {
|
||||||
|
transform: translateY(0);
|
||||||
|
}
|
||||||
|
.cc-grower {
|
||||||
|
max-height: 0;
|
||||||
|
overflow: hidden;
|
||||||
|
transition: max-height 1s;
|
||||||
|
}
|
||||||
|
.cc-link,
|
||||||
|
.cc-revoke:hover {
|
||||||
|
text-decoration: underline;
|
||||||
|
}
|
||||||
|
.cc-revoke,
|
||||||
|
.cc-window {
|
||||||
|
position: fixed;
|
||||||
|
overflow: hidden;
|
||||||
|
box-sizing: border-box;
|
||||||
|
font-family: Helvetica, Calibri, Arial, sans-serif;
|
||||||
|
font-size: 16px;
|
||||||
|
line-height: 1.5em;
|
||||||
|
display: -ms-flexbox;
|
||||||
|
display: flex;
|
||||||
|
-ms-flex-wrap: nowrap;
|
||||||
|
flex-wrap: nowrap;
|
||||||
|
z-index: 9999;
|
||||||
|
}
|
||||||
|
.cc-window.cc-static {
|
||||||
|
position: static;
|
||||||
|
}
|
||||||
|
.cc-window.cc-floating {
|
||||||
|
padding: 2em;
|
||||||
|
max-width: 24em;
|
||||||
|
-ms-flex-direction: column;
|
||||||
|
flex-direction: column;
|
||||||
|
}
|
||||||
|
.cc-window.cc-banner {
|
||||||
|
padding: 1em 1.8em;
|
||||||
|
width: 100%;
|
||||||
|
-ms-flex-direction: row;
|
||||||
|
flex-direction: row;
|
||||||
|
}
|
||||||
|
.cc-revoke {
|
||||||
|
padding: 0.5em;
|
||||||
|
}
|
||||||
|
.cc-header {
|
||||||
|
font-size: 18px;
|
||||||
|
font-weight: 700;
|
||||||
|
}
|
||||||
|
.cc-btn,
|
||||||
|
.cc-close,
|
||||||
|
.cc-link,
|
||||||
|
.cc-revoke {
|
||||||
|
cursor: pointer;
|
||||||
|
}
|
||||||
|
.cc-link {
|
||||||
|
opacity: 0.8;
|
||||||
|
display: inline-block;
|
||||||
|
padding: 0.2em;
|
||||||
|
}
|
||||||
|
.cc-link:hover {
|
||||||
|
opacity: 1;
|
||||||
|
}
|
||||||
|
.cc-link:active,
|
||||||
|
.cc-link:visited {
|
||||||
|
color: initial;
|
||||||
|
}
|
||||||
|
.cc-btn {
|
||||||
|
display: block;
|
||||||
|
padding: 0.4em 0.8em;
|
||||||
|
font-size: 0.9em;
|
||||||
|
font-weight: 700;
|
||||||
|
border-width: 2px;
|
||||||
|
border-style: solid;
|
||||||
|
text-align: center;
|
||||||
|
white-space: nowrap;
|
||||||
|
}
|
||||||
|
.cc-banner .cc-btn:last-child {
|
||||||
|
min-width: 140px;
|
||||||
|
}
|
||||||
|
.cc-highlight .cc-btn:first-child {
|
||||||
|
background-color: transparent;
|
||||||
|
border-color: transparent;
|
||||||
|
}
|
||||||
|
.cc-highlight .cc-btn:first-child:focus,
|
||||||
|
.cc-highlight .cc-btn:first-child:hover {
|
||||||
|
background-color: transparent;
|
||||||
|
text-decoration: underline;
|
||||||
|
}
|
||||||
|
.cc-close {
|
||||||
|
display: block;
|
||||||
|
position: absolute;
|
||||||
|
top: 0.5em;
|
||||||
|
right: 0.5em;
|
||||||
|
font-size: 1.6em;
|
||||||
|
opacity: 0.9;
|
||||||
|
line-height: 0.75;
|
||||||
|
}
|
||||||
|
.cc-close:focus,
|
||||||
|
.cc-close:hover {
|
||||||
|
opacity: 1;
|
||||||
|
}
|
||||||
|
.cc-revoke.cc-top {
|
||||||
|
top: 0;
|
||||||
|
left: 3em;
|
||||||
|
border-bottom-left-radius: 0.5em;
|
||||||
|
border-bottom-right-radius: 0.5em;
|
||||||
|
}
|
||||||
|
.cc-revoke.cc-bottom {
|
||||||
|
bottom: 0;
|
||||||
|
left: 3em;
|
||||||
|
border-top-left-radius: 0.5em;
|
||||||
|
border-top-right-radius: 0.5em;
|
||||||
|
}
|
||||||
|
.cc-revoke.cc-left {
|
||||||
|
left: 3em;
|
||||||
|
right: unset;
|
||||||
|
}
|
||||||
|
.cc-revoke.cc-right {
|
||||||
|
right: 3em;
|
||||||
|
left: unset;
|
||||||
|
}
|
||||||
|
.cc-top {
|
||||||
|
top: 1em;
|
||||||
|
}
|
||||||
|
.cc-left {
|
||||||
|
left: 1em;
|
||||||
|
}
|
||||||
|
.cc-right {
|
||||||
|
right: 1em;
|
||||||
|
}
|
||||||
|
.cc-bottom {
|
||||||
|
bottom: 1em;
|
||||||
|
}
|
||||||
|
.cc-floating > .cc-link {
|
||||||
|
margin-bottom: 1em;
|
||||||
|
}
|
||||||
|
.cc-floating .cc-message {
|
||||||
|
display: block;
|
||||||
|
margin-bottom: 1em;
|
||||||
|
}
|
||||||
|
.cc-window.cc-floating .cc-compliance {
|
||||||
|
-ms-flex: 1;
|
||||||
|
flex: 1;
|
||||||
|
}
|
||||||
|
.cc-window.cc-banner {
|
||||||
|
-ms-flex-align: center;
|
||||||
|
align-items: center;
|
||||||
|
}
|
||||||
|
.cc-banner.cc-top {
|
||||||
|
left: 0;
|
||||||
|
right: 0;
|
||||||
|
top: 0;
|
||||||
|
}
|
||||||
|
.cc-banner.cc-bottom {
|
||||||
|
left: 0;
|
||||||
|
right: 0;
|
||||||
|
bottom: 0;
|
||||||
|
}
|
||||||
|
.cc-banner .cc-message {
|
||||||
|
-ms-flex: 1;
|
||||||
|
flex: 1;
|
||||||
|
}
|
||||||
|
.cc-compliance {
|
||||||
|
display: -ms-flexbox;
|
||||||
|
display: flex;
|
||||||
|
-ms-flex-align: center;
|
||||||
|
align-items: center;
|
||||||
|
-ms-flex-line-pack: justify;
|
||||||
|
align-content: space-between;
|
||||||
|
}
|
||||||
|
.cc-compliance > .cc-btn {
|
||||||
|
-ms-flex: 1;
|
||||||
|
flex: 1;
|
||||||
|
}
|
||||||
|
.cc-btn + .cc-btn {
|
||||||
|
margin-left: 0.5em;
|
||||||
|
}
|
||||||
|
@media print {
|
||||||
|
.cc-revoke,
|
||||||
|
.cc-window {
|
||||||
|
display: none;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@media screen and (max-width: 900px) {
|
||||||
|
.cc-btn {
|
||||||
|
white-space: normal;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@media screen and (max-width: 414px) and (orientation: portrait),
|
||||||
|
screen and (max-width: 736px) and (orientation: landscape) {
|
||||||
|
.cc-window.cc-top {
|
||||||
|
top: 0;
|
||||||
|
}
|
||||||
|
.cc-window.cc-bottom {
|
||||||
|
bottom: 0;
|
||||||
|
}
|
||||||
|
.cc-window.cc-banner,
|
||||||
|
.cc-window.cc-left,
|
||||||
|
.cc-window.cc-right {
|
||||||
|
left: 0;
|
||||||
|
right: 0;
|
||||||
|
}
|
||||||
|
.cc-window.cc-banner {
|
||||||
|
-ms-flex-direction: column;
|
||||||
|
flex-direction: column;
|
||||||
|
}
|
||||||
|
.cc-window.cc-banner .cc-compliance {
|
||||||
|
-ms-flex: 1;
|
||||||
|
flex: 1;
|
||||||
|
}
|
||||||
|
.cc-window.cc-floating {
|
||||||
|
max-width: none;
|
||||||
|
}
|
||||||
|
.cc-window .cc-message {
|
||||||
|
margin-bottom: 1em;
|
||||||
|
}
|
||||||
|
.cc-window.cc-banner {
|
||||||
|
-ms-flex-align: unset;
|
||||||
|
align-items: unset;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
.cc-floating.cc-theme-classic {
|
||||||
|
padding: 1.2em;
|
||||||
|
border-radius: 5px;
|
||||||
|
}
|
||||||
|
.cc-floating.cc-type-info.cc-theme-classic .cc-compliance {
|
||||||
|
text-align: center;
|
||||||
|
display: inline;
|
||||||
|
-ms-flex: none;
|
||||||
|
flex: none;
|
||||||
|
}
|
||||||
|
.cc-theme-classic .cc-btn {
|
||||||
|
border-radius: 5px;
|
||||||
|
}
|
||||||
|
.cc-theme-classic .cc-btn:last-child {
|
||||||
|
min-width: 140px;
|
||||||
|
}
|
||||||
|
.cc-floating.cc-type-info.cc-theme-classic .cc-btn {
|
||||||
|
display: inline-block;
|
||||||
|
}
|
||||||
|
.cc-theme-edgeless.cc-window {
|
||||||
|
padding: 0;
|
||||||
|
}
|
||||||
|
.cc-floating.cc-theme-edgeless .cc-message {
|
||||||
|
margin: 2em 2em 1.5em;
|
||||||
|
}
|
||||||
|
.cc-banner.cc-theme-edgeless .cc-btn {
|
||||||
|
margin: 0;
|
||||||
|
padding: 0.8em 1.8em;
|
||||||
|
height: 100%;
|
||||||
|
}
|
||||||
|
.cc-banner.cc-theme-edgeless .cc-message {
|
||||||
|
margin-left: 1em;
|
||||||
|
}
|
||||||
|
.cc-floating.cc-theme-edgeless .cc-btn + .cc-btn {
|
||||||
|
margin-left: 0;
|
||||||
|
}
|
337
htdocs/www/css/errorpages.css
Normal file
@ -0,0 +1,337 @@
|
|||||||
|
@import url('https://fonts.googleapis.com/css?family=Fira+Sans&display=swap');
|
||||||
|
|
||||||
|
body {
|
||||||
|
padding: 50px;
|
||||||
|
font: 14px/1.5 Lato, 'Helvetica Neue', Helvetica, Arial, sans-serif;
|
||||||
|
color: #777;
|
||||||
|
font-weight: 300;
|
||||||
|
padding: 1.5em 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Layout */
|
||||||
|
.jumbotron {
|
||||||
|
line-height: 2.1428571435;
|
||||||
|
color: inherit;
|
||||||
|
padding: 10px 0px;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Main marketing message and sign up button */
|
||||||
|
.jumbotron {
|
||||||
|
text-align: center;
|
||||||
|
background-color: transparent;
|
||||||
|
}
|
||||||
|
|
||||||
|
.jumbotron .btn {
|
||||||
|
font-size: 21px;
|
||||||
|
padding: 1.5em 2em;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Everything but the jumbotron gets side spacing for mobile-first views */
|
||||||
|
.masthead,
|
||||||
|
.body-content {
|
||||||
|
padding: 0 15px;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Colors */
|
||||||
|
.green {
|
||||||
|
color: green;
|
||||||
|
}
|
||||||
|
|
||||||
|
.orange {
|
||||||
|
color: orange;
|
||||||
|
}
|
||||||
|
|
||||||
|
.red {
|
||||||
|
color: red;
|
||||||
|
}
|
||||||
|
|
||||||
|
.blue {
|
||||||
|
color: blue;
|
||||||
|
}
|
||||||
|
|
||||||
|
.yellow {
|
||||||
|
color: yellow;
|
||||||
|
}
|
||||||
|
|
||||||
|
h2,
|
||||||
|
h3,
|
||||||
|
h4,
|
||||||
|
h5,
|
||||||
|
h6 {
|
||||||
|
color: #222;
|
||||||
|
margin: 0 0 40px;
|
||||||
|
}
|
||||||
|
|
||||||
|
p,
|
||||||
|
ul,
|
||||||
|
ol,
|
||||||
|
table,
|
||||||
|
pre,
|
||||||
|
dl {
|
||||||
|
margin: 0 0 20px;
|
||||||
|
}
|
||||||
|
|
||||||
|
h2,
|
||||||
|
h3 {
|
||||||
|
line-height: 1.1;
|
||||||
|
}
|
||||||
|
|
||||||
|
h1 {
|
||||||
|
line-height: 1.1;
|
||||||
|
text-align: center;
|
||||||
|
font: Lato;
|
||||||
|
font-size: 80px;
|
||||||
|
color: #222;
|
||||||
|
margin: 0 0 40px;
|
||||||
|
}
|
||||||
|
|
||||||
|
h2 {
|
||||||
|
color: #393939;
|
||||||
|
}
|
||||||
|
|
||||||
|
h3,
|
||||||
|
h4,
|
||||||
|
h5,
|
||||||
|
h6 {
|
||||||
|
color: #494949;
|
||||||
|
}
|
||||||
|
|
||||||
|
a {
|
||||||
|
color: #39c;
|
||||||
|
font-weight: 400;
|
||||||
|
text-decoration: none;
|
||||||
|
}
|
||||||
|
|
||||||
|
a small {
|
||||||
|
font-size: 11px;
|
||||||
|
color: #777;
|
||||||
|
margin-top: -0.6em;
|
||||||
|
display: block;
|
||||||
|
}
|
||||||
|
|
||||||
|
.wrapper {
|
||||||
|
width: 860px;
|
||||||
|
margin: 0 auto;
|
||||||
|
}
|
||||||
|
|
||||||
|
blockquote {
|
||||||
|
border-left: 1px solid #e5e5e5;
|
||||||
|
margin: 0;
|
||||||
|
padding: 0 0 0 20px;
|
||||||
|
font-style: italic;
|
||||||
|
}
|
||||||
|
|
||||||
|
.btn-block {
|
||||||
|
width: 40%;
|
||||||
|
text-align: center;
|
||||||
|
display: block;
|
||||||
|
margin: 0 auto;
|
||||||
|
}
|
||||||
|
|
||||||
|
code,
|
||||||
|
pre {
|
||||||
|
font-family: Monaco, Bitstream Vera Sans Mono, Lucida Console, Terminal;
|
||||||
|
color: #333;
|
||||||
|
font-size: 12px;
|
||||||
|
}
|
||||||
|
|
||||||
|
pre {
|
||||||
|
padding: 8px 15px;
|
||||||
|
background: #f8f8f8;
|
||||||
|
border-radius: 5px;
|
||||||
|
border: 1px solid #e5e5e5;
|
||||||
|
overflow-x: auto;
|
||||||
|
}
|
||||||
|
|
||||||
|
table {
|
||||||
|
width: 100%;
|
||||||
|
border-collapse: collapse;
|
||||||
|
}
|
||||||
|
|
||||||
|
th,
|
||||||
|
td {
|
||||||
|
text-align: left;
|
||||||
|
padding: 5px 10px;
|
||||||
|
border-bottom: 1px solid #e5e5e5;
|
||||||
|
}
|
||||||
|
|
||||||
|
dt {
|
||||||
|
color: #444;
|
||||||
|
font-weight: 700;
|
||||||
|
}
|
||||||
|
|
||||||
|
th {
|
||||||
|
color: #444;
|
||||||
|
}
|
||||||
|
|
||||||
|
img {
|
||||||
|
max-width: 100%;
|
||||||
|
}
|
||||||
|
|
||||||
|
header {
|
||||||
|
width: 270px;
|
||||||
|
float: left;
|
||||||
|
position: fixed;
|
||||||
|
}
|
||||||
|
|
||||||
|
header ul {
|
||||||
|
list-style: none;
|
||||||
|
height: 40px;
|
||||||
|
|
||||||
|
padding: 0;
|
||||||
|
|
||||||
|
background: #eee;
|
||||||
|
background: -moz-linear-gradient(top, #f8f8f8 0%, #dddddd 100%);
|
||||||
|
background: -webkit-gradient(
|
||||||
|
linear,
|
||||||
|
left top,
|
||||||
|
left bottom,
|
||||||
|
color-stop(0%, #f8f8f8),
|
||||||
|
color-stop(100%, #dddddd)
|
||||||
|
);
|
||||||
|
background: -webkit-linear-gradient(top, #f8f8f8 0%, #dddddd 100%);
|
||||||
|
background: -o-linear-gradient(top, #f8f8f8 0%, #dddddd 100%);
|
||||||
|
background: -ms-linear-gradient(top, #f8f8f8 0%, #dddddd 100%);
|
||||||
|
background: linear-gradient(top, #f8f8f8 0%, #dddddd 100%);
|
||||||
|
|
||||||
|
border-radius: 5px;
|
||||||
|
border: 1px solid #d2d2d2;
|
||||||
|
box-shadow: inset #fff 0 1px 0, inset rgba(0, 0, 0, 0.03) 0 -1px 0;
|
||||||
|
width: 270px;
|
||||||
|
}
|
||||||
|
|
||||||
|
header li {
|
||||||
|
width: 89px;
|
||||||
|
float: left;
|
||||||
|
border-right: 1px solid #d2d2d2;
|
||||||
|
height: 40px;
|
||||||
|
}
|
||||||
|
|
||||||
|
header ul a {
|
||||||
|
line-height: 1;
|
||||||
|
font-size: 11px;
|
||||||
|
color: #999;
|
||||||
|
display: block;
|
||||||
|
text-align: center;
|
||||||
|
padding-top: 6px;
|
||||||
|
height: 40px;
|
||||||
|
}
|
||||||
|
|
||||||
|
strong {
|
||||||
|
color: #222;
|
||||||
|
font-weight: 700;
|
||||||
|
}
|
||||||
|
|
||||||
|
header ul li + li {
|
||||||
|
width: 88px;
|
||||||
|
border-left: 1px solid #fff;
|
||||||
|
}
|
||||||
|
|
||||||
|
header ul li + li + li {
|
||||||
|
border-right: none;
|
||||||
|
width: 89px;
|
||||||
|
}
|
||||||
|
|
||||||
|
header ul a strong {
|
||||||
|
font-size: 14px;
|
||||||
|
display: block;
|
||||||
|
color: #222;
|
||||||
|
}
|
||||||
|
|
||||||
|
section {
|
||||||
|
width: 500px;
|
||||||
|
float: right;
|
||||||
|
padding-bottom: 50px;
|
||||||
|
}
|
||||||
|
|
||||||
|
small {
|
||||||
|
font-size: 11px;
|
||||||
|
}
|
||||||
|
|
||||||
|
hr {
|
||||||
|
border: 0;
|
||||||
|
background: #e5e5e5;
|
||||||
|
height: 1px;
|
||||||
|
margin: 0 0 20px;
|
||||||
|
}
|
||||||
|
|
||||||
|
footer {
|
||||||
|
width: 270px;
|
||||||
|
float: left;
|
||||||
|
position: fixed;
|
||||||
|
bottom: 50px;
|
||||||
|
}
|
||||||
|
|
||||||
|
@media print, screen and (max-width: 960px) {
|
||||||
|
div.wrapper {
|
||||||
|
width: auto;
|
||||||
|
margin: 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
header,
|
||||||
|
section,
|
||||||
|
footer {
|
||||||
|
float: none;
|
||||||
|
position: static;
|
||||||
|
width: auto;
|
||||||
|
}
|
||||||
|
|
||||||
|
header {
|
||||||
|
padding-right: 320px;
|
||||||
|
}
|
||||||
|
|
||||||
|
section {
|
||||||
|
border: 1px solid #e5e5e5;
|
||||||
|
border-width: 1px 0;
|
||||||
|
padding: 20px 0;
|
||||||
|
margin: 0 0 20px;
|
||||||
|
}
|
||||||
|
|
||||||
|
header a small {
|
||||||
|
display: inline;
|
||||||
|
}
|
||||||
|
|
||||||
|
header ul {
|
||||||
|
position: absolute;
|
||||||
|
right: 50px;
|
||||||
|
top: 52px;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@media print, screen and (max-width: 720px) {
|
||||||
|
body {
|
||||||
|
word-wrap: break-word;
|
||||||
|
}
|
||||||
|
|
||||||
|
header {
|
||||||
|
padding: 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
header ul,
|
||||||
|
header p.view {
|
||||||
|
position: static;
|
||||||
|
}
|
||||||
|
|
||||||
|
pre,
|
||||||
|
code {
|
||||||
|
word-wrap: normal;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@media print, screen and (max-width: 480px) {
|
||||||
|
body {
|
||||||
|
padding: 15px;
|
||||||
|
}
|
||||||
|
|
||||||
|
header ul {
|
||||||
|
display: none;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@media print {
|
||||||
|
body {
|
||||||
|
padding: 0.4in;
|
||||||
|
font-size: 12pt;
|
||||||
|
color: #444;
|
||||||
|
}
|
||||||
|
}
|
123
htdocs/www/css/index.css
Normal file
@ -0,0 +1,123 @@
|
|||||||
|
@import url('https://fonts.googleapis.com/css?family=Fira+Sans&display=swap');
|
||||||
|
|
||||||
|
td,
|
||||||
|
th,
|
||||||
|
body {
|
||||||
|
font-family: 'Fira Sans', Verdana, Helvetica, sans-serif;
|
||||||
|
font-size: 14px;
|
||||||
|
font-weight: normal;
|
||||||
|
font-variant: normal;
|
||||||
|
text-transform: none;
|
||||||
|
text-decoration: none;
|
||||||
|
text-align: center;
|
||||||
|
align-items: center;
|
||||||
|
background-color: #333;
|
||||||
|
color: #fff;
|
||||||
|
background-image: url('../images/bg.png');
|
||||||
|
}
|
||||||
|
|
||||||
|
th {
|
||||||
|
background-color: #333;
|
||||||
|
color: #ffffff;
|
||||||
|
border-top: 1px solid #678ca0;
|
||||||
|
vertical-align: middle;
|
||||||
|
height: 50px;
|
||||||
|
}
|
||||||
|
|
||||||
|
td {
|
||||||
|
background-color: 333;
|
||||||
|
border-top: 1px solid #678ca0;
|
||||||
|
}
|
||||||
|
|
||||||
|
.box {
|
||||||
|
border: 1px solid #678ca0;
|
||||||
|
padding: 0px;
|
||||||
|
width: 100%;
|
||||||
|
background-color: #333;
|
||||||
|
margin-bottom: 10px;
|
||||||
|
width: 600px;
|
||||||
|
}
|
||||||
|
|
||||||
|
h5,
|
||||||
|
h3 {
|
||||||
|
padding: 3px;
|
||||||
|
margin-top: 0px;
|
||||||
|
margin-bottom: 0px;
|
||||||
|
background-color: #333;
|
||||||
|
color: white;
|
||||||
|
font-family: Verdana, Helvetica, sans-serif;
|
||||||
|
}
|
||||||
|
|
||||||
|
p {
|
||||||
|
text-align: center;
|
||||||
|
}
|
||||||
|
|
||||||
|
div {
|
||||||
|
text-align: center;
|
||||||
|
}
|
||||||
|
|
||||||
|
h3 {
|
||||||
|
font-size: 13px;
|
||||||
|
}
|
||||||
|
|
||||||
|
h5 {
|
||||||
|
font-size: 10px;
|
||||||
|
text-align: right;
|
||||||
|
background-color: #333;
|
||||||
|
color: #678ca0;
|
||||||
|
}
|
||||||
|
|
||||||
|
.spacer {
|
||||||
|
margin: 0px;
|
||||||
|
width: 100%;
|
||||||
|
background-color: #333;
|
||||||
|
}
|
||||||
|
|
||||||
|
.leftspacer {
|
||||||
|
margin: 0px;
|
||||||
|
padding: 5px;
|
||||||
|
width: 100%;
|
||||||
|
text-align: left;
|
||||||
|
background-color: #333;
|
||||||
|
}
|
||||||
|
|
||||||
|
.serviceup {
|
||||||
|
color: green;
|
||||||
|
}
|
||||||
|
|
||||||
|
.servicedown {
|
||||||
|
color: red;
|
||||||
|
}
|
||||||
|
|
||||||
|
p.main {
|
||||||
|
margin-top: 5px;
|
||||||
|
margin-bottom: 5px;
|
||||||
|
text-align: center;
|
||||||
|
font-size: 10px;
|
||||||
|
}
|
||||||
|
|
||||||
|
a {
|
||||||
|
text-decoration: none;
|
||||||
|
color: #5d83a9;
|
||||||
|
}
|
||||||
|
|
||||||
|
a:visited {
|
||||||
|
color: rgb(238, 130, 202);
|
||||||
|
}
|
||||||
|
|
||||||
|
a:hover {
|
||||||
|
font-style: italic;
|
||||||
|
color: #a296db !important;
|
||||||
|
}
|
||||||
|
|
||||||
|
a:active {
|
||||||
|
color: #c0f;
|
||||||
|
}
|
||||||
|
|
||||||
|
tr:hover {
|
||||||
|
background-color: #f5f5f5;
|
||||||
|
}
|
||||||
|
|
||||||
|
table {
|
||||||
|
width: 100%;
|
||||||
|
}
|
BIN
htdocs/www/favicon.ico
Normal file
After Width: | Height: | Size: 766 B |
1
htdocs/www/health/index.json
Normal file
@ -0,0 +1 @@
|
|||||||
|
{ "status": "ok" }
|
1
htdocs/www/health/index.txt
Normal file
@ -0,0 +1 @@
|
|||||||
|
ok
|
BIN
htdocs/www/images/403.png
Normal file
After Width: | Height: | Size: 35 KiB |
BIN
htdocs/www/images/404.gif
Normal file
After Width: | Height: | Size: 93 KiB |
BIN
htdocs/www/images/bg.png
Normal file
After Width: | Height: | Size: 1.2 KiB |
BIN
htdocs/www/images/favicon.ico
Normal file
After Width: | Height: | Size: 766 B |
BIN
htdocs/www/images/icon.png
Normal file
After Width: | Height: | Size: 3.9 KiB |
1
htdocs/www/images/icon.svg
Normal file
@ -0,0 +1 @@
|
|||||||
|
<svg xmlns="http://www.w3.org/2000/svg" xml:space="preserve" viewBox="0 0 192 192"><path fill="#e08524" d="M75.3 73.4H18.4l45.3 34.3L48.3 163l46.1-32.3 48.2 34.6-16.9-58.3 44.9-33.6H115l-20.5-55-19.2 55z"/><path d="m96.7 18.8 18.2 8.2 16.5 44.3h-15.1L96.7 18.8zm-47 146 18.7 9.9 42.6-29.9-16.5-11.4-44.8 31.4zm79.1-56.8 17.4 9.4 18.6 60.1-19.7-11.3-16.3-58.2z"/><path d="m173.1 74.3 17.8 9.2-44.7 34-17.4-9.4 44.3-33.8z"/></svg>
|
After Width: | Height: | Size: 429 B |
104
htdocs/www/index.php
Normal file
@ -0,0 +1,104 @@
|
|||||||
|
<!DOCTYPE html>
|
||||||
|
<html lang="en">
|
||||||
|
|
||||||
|
<head>
|
||||||
|
<!--
|
||||||
|
##@Version : 202303091846-git
|
||||||
|
# @@Author : Jason Hempstead
|
||||||
|
# @@Contact : git-admin@casjaysdev.com
|
||||||
|
# @@License : WTFPL
|
||||||
|
# @@ReadME :
|
||||||
|
# @@Copyright : Copyright: (c) 2023 Jason Hempstead, Casjays Developments
|
||||||
|
# @@Created : Thursday, Mar 09, 2023 18:46 EST
|
||||||
|
# @@File : index.php
|
||||||
|
# @@Description : php document
|
||||||
|
# @@Changelog : Updated header
|
||||||
|
# @@TODO :
|
||||||
|
# @@Other :
|
||||||
|
# @@Resource :
|
||||||
|
# @@Terminal App : no
|
||||||
|
# @@sudo/root : no
|
||||||
|
# @@Template : html
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
-->
|
||||||
|
|
||||||
|
<meta charset="utf-8" />
|
||||||
|
<meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
|
||||||
|
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
|
||||||
|
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0" />
|
||||||
|
<meta name="robots" content="index, follow" />
|
||||||
|
<meta name="generator" content="CasjaysDev" />
|
||||||
|
|
||||||
|
<meta name="description" content="REPLACE_SERVER_SOFTWARE container" />
|
||||||
|
<meta property="og:title" content="REPLACE_SERVER_SOFTWARE container" />
|
||||||
|
<meta property="og:locale" content="en_US" />
|
||||||
|
<meta property="og:type" content="website" />
|
||||||
|
<meta property="og:image" content="./images/favicon.ico" />
|
||||||
|
<meta property="og:url" content="" />
|
||||||
|
|
||||||
|
<meta name="theme-color" content="#000000" />
|
||||||
|
<link rel="manifest" href="./site.webmanifest" />
|
||||||
|
|
||||||
|
<link rel="icon" type="image/icon png" href="./images/icon.png" />
|
||||||
|
<link rel="apple-touch-icon" href="./images/icon.png" />
|
||||||
|
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css" />
|
||||||
|
<link rel="stylesheet" type="text/css" href="./css/cookieconsent.css" />
|
||||||
|
<link rel="stylesheet" href="./css/bootstrap.css" />
|
||||||
|
<link rel="stylesheet" href="./css/index.css" />
|
||||||
|
<script src="./js/errorpages/isup.js"></script>
|
||||||
|
<script src="./js/errorpages/homepage.js"></script>
|
||||||
|
<script src="./js/errorpages/loaddomain.js"></script>
|
||||||
|
<script src="./js/jquery/default.js"></script>
|
||||||
|
<script src="./js/passprotect.min.js" defer></script>
|
||||||
|
<script src="./js/bootstrap.min.js" defer></script>
|
||||||
|
<script src="./js/app.js" defer></script>
|
||||||
|
</head>
|
||||||
|
|
||||||
|
<body class="container text-center" style="align-items: center; justify-content: center">
|
||||||
|
<h1 class="m-5">Congratulations</h1>
|
||||||
|
<h2>
|
||||||
|
Your REPLACE_SERVER_SOFTWARE container has been setup.<br />
|
||||||
|
This file is located in:
|
||||||
|
<?php echo $_SERVER['DOCUMENT_ROOT']; ?>
|
||||||
|
<br /><br />
|
||||||
|
|
||||||
|
SERVER:
|
||||||
|
<?php echo $_SERVER['SERVER_SOFTWARE']; ?> <br />
|
||||||
|
SERVER Address:
|
||||||
|
<?php echo $_SERVER['SERVER_ADDR']; ?> <br />
|
||||||
|
|
||||||
|
</h2>
|
||||||
|
<br /><br />
|
||||||
|
<br /><br />
|
||||||
|
|
||||||
|
<br /><br />
|
||||||
|
<!-- Begin EU compliant -->
|
||||||
|
<div class="text-center align-items-center fs-3">
|
||||||
|
<script src="https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js" data-cfasync="false"></script>
|
||||||
|
<script>
|
||||||
|
window.cookieconsent.initialise({
|
||||||
|
palette: {
|
||||||
|
popup: {
|
||||||
|
background: '#64386b',
|
||||||
|
text: '#ffcdfd',
|
||||||
|
},
|
||||||
|
button: {
|
||||||
|
background: '#f8a8ff',
|
||||||
|
text: '#3f0045',
|
||||||
|
},
|
||||||
|
},
|
||||||
|
theme: 'edgeless',
|
||||||
|
content: {
|
||||||
|
message:
|
||||||
|
'This site uses cookie and in accordance with the EU GDPR<br />law this message is being displayed.<br />',
|
||||||
|
dismiss: 'Dismiss',
|
||||||
|
link: 'CasjaysDev Privacy Policy',
|
||||||
|
href: 'https://casjaysdev.com/policy',
|
||||||
|
},
|
||||||
|
});
|
||||||
|
</script>
|
||||||
|
</div>
|
||||||
|
<!-- End EU compliant -->
|
||||||
|
</body>
|
||||||
|
|
||||||
|
</html>
|
63
htdocs/www/info.php
Normal file
@ -0,0 +1,63 @@
|
|||||||
|
<!DOCTYPE html>
|
||||||
|
<html lang="en">
|
||||||
|
|
||||||
|
<head>
|
||||||
|
<!--
|
||||||
|
##@Version : 202303091846-git
|
||||||
|
# @@Author : Jason Hempstead
|
||||||
|
# @@Contact : git-admin@casjaysdev.com
|
||||||
|
# @@License : WTFPL
|
||||||
|
# @@ReadME :
|
||||||
|
# @@Copyright : Copyright: (c) 2023 Jason Hempstead, Casjays Developments
|
||||||
|
# @@Created : Thursday, Mar 09, 2023 18:46 EST
|
||||||
|
# @@File : info.php
|
||||||
|
# @@Description : html document
|
||||||
|
# @@Changelog : Updated header
|
||||||
|
# @@TODO :
|
||||||
|
# @@Other :
|
||||||
|
# @@Resource :
|
||||||
|
# @@Terminal App : no
|
||||||
|
# @@sudo/root : no
|
||||||
|
# @@Template : html
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
-->
|
||||||
|
|
||||||
|
<meta charset="utf-8" />
|
||||||
|
<meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
|
||||||
|
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
|
||||||
|
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0" />
|
||||||
|
<meta name="robots" content="index, follow" />
|
||||||
|
<meta name="generator" content="CasjaysDev" />
|
||||||
|
|
||||||
|
<meta name="description" content="REPLACE_SERVER_SOFTWARE container" />
|
||||||
|
<meta property="og:title" content="REPLACE_SERVER_SOFTWARE container" />
|
||||||
|
<meta property="og:locale" content="en_US" />
|
||||||
|
<meta property="og:type" content="website" />
|
||||||
|
<meta property="og:image" content="./images/favicon.ico" />
|
||||||
|
<meta property="og:url" content="" />
|
||||||
|
|
||||||
|
<meta name="theme-color" content="#000000" />
|
||||||
|
<link rel="manifest" href="./site.webmanifest" />
|
||||||
|
|
||||||
|
<link rel="icon" type="image/icon png" href="./images/icon.png" />
|
||||||
|
<link rel="apple-touch-icon" href="./images/icon.png" />
|
||||||
|
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css" />
|
||||||
|
<script src="./js/errorpages/isup.js"></script>
|
||||||
|
<script src="./js/errorpages/homepage.js"></script>
|
||||||
|
<script src="./js/errorpages/loaddomain.js"></script>
|
||||||
|
<script src="./js/jquery/default.js"></script>
|
||||||
|
<script src="./js/passprotect.min.js" defer></script>
|
||||||
|
<script src="./js/app.js" defer></script>
|
||||||
|
</head>
|
||||||
|
|
||||||
|
<body>
|
||||||
|
<div class="container" style="text-align: center; align-items: center">
|
||||||
|
<br /><br />
|
||||||
|
<h1 class="m-5">Congratulations PHP has been successfully configured</h1>
|
||||||
|
<br /><br />
|
||||||
|
<?php phpinfo(); ?>
|
||||||
|
<br /><br />
|
||||||
|
</div>
|
||||||
|
</body>
|
||||||
|
|
||||||
|
</html>
|
0
htdocs/www/js/app.js
Normal file
4075
htdocs/www/js/bootstrap.min.js
vendored
Normal file
6
htdocs/www/js/errorpages/homepage.js
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
function homepage() {
|
||||||
|
let proto = location.protocol;
|
||||||
|
let port = location.port;
|
||||||
|
let currentSite = window.location.hostname;
|
||||||
|
window.location = proto + '//' + currentSite + ':' + port;
|
||||||
|
}
|
7
htdocs/www/js/errorpages/isup.js
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
function isupme() {
|
||||||
|
let proto = location.protocol;
|
||||||
|
let port = location.port;
|
||||||
|
let currentSite = window.location.hostname;
|
||||||
|
fullurllocation = proto + '//' + currentSite + ':' + port;
|
||||||
|
window.location = 'http://isup.me/' + fullurllocation;
|
||||||
|
}
|
7
htdocs/www/js/errorpages/loaddomain.js
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
function loadDomain() {
|
||||||
|
let proto = location.protocol;
|
||||||
|
let port = location.port;
|
||||||
|
let url = location.hostname;
|
||||||
|
var display = document.getElementById('display-domain');
|
||||||
|
display.innerHTML = proto + '//' + url + ':' + port;
|
||||||
|
}
|
20
htdocs/www/js/errorpages/scale.fix.js
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
var metas = document.getElementsByTagName('meta');
|
||||||
|
var i;
|
||||||
|
if (navigator.userAgent.match(/iPhone/i)) {
|
||||||
|
for (i = 0; i < metas.length; i++) {
|
||||||
|
if (metas[i].name == 'viewport') {
|
||||||
|
metas[i].content =
|
||||||
|
'width=device-width, minimum-scale=1.0, maximum-scale=1.0';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
document.addEventListener('gesturestart', gestureStart, false);
|
||||||
|
}
|
||||||
|
|
||||||
|
function gestureStart() {
|
||||||
|
for (i = 0; i < metas.length; i++) {
|
||||||
|
if (metas[i].name == 'viewport') {
|
||||||
|
metas[i].content =
|
||||||
|
'width=device-width, minimum-scale=0.25, maximum-scale=1.6';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
5540
htdocs/www/js/jquery/default.js
vendored
Normal file
2294
htdocs/www/js/passprotect.min.js
vendored
Normal file
14
htdocs/www/site.webmanifest
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
{
|
||||||
|
"short_name": "",
|
||||||
|
"name": "",
|
||||||
|
"icons": [
|
||||||
|
{
|
||||||
|
"src": "./images/icon.png",
|
||||||
|
"type": "image/png",
|
||||||
|
"sizes": "192x192"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"start_url": "/",
|
||||||
|
"background_color": "#000000",
|
||||||
|
"theme_color": "#ffffff"
|
||||||
|
}
|
115
init/bin/act-runner
Normal file
@ -0,0 +1,115 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
|
||||||
|
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
printf '%s\n' "# - - - Initializing act_runner - - - #"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_NAME="act_runner"
|
||||||
|
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run trap command on exit
|
||||||
|
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Default predefined variables
|
||||||
|
exitCode=0 # default exit code
|
||||||
|
WORKDIR="" # set working directory
|
||||||
|
DATA_DIR="/data" # set data directory
|
||||||
|
RUN_DIR="/run/init.d" # set scripts pid dir
|
||||||
|
ETC_DIR="/etc/act_runner" # set etc directory
|
||||||
|
CONF_DIR="/config/act_runner" # set config directory
|
||||||
|
LOG_DIR="/data/logs/act_runner" # set log directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# execute command variables
|
||||||
|
SERVICE_UID="0" # set the user id
|
||||||
|
SERVICE_USER="root" # execute command as another user
|
||||||
|
EXEC_CMD_BIN="act_runner" # command to execute
|
||||||
|
EXEC_CMD_ARGS="daemon " # command arguments
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional variables
|
||||||
|
GITEA_PORT="${GITEA_PORT:-$SERVICE_PORT}"
|
||||||
|
RUNNER_AUTH_TOKEN="${RUNNER_AUTH_TOKEN:-}"
|
||||||
|
GITEA_HOSTNAME="${GITEA_SERVER:-${DOMAINNAME:-$HOSTNAME}}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# simple cd function
|
||||||
|
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# process check functions
|
||||||
|
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
|
||||||
|
__pgrep() { __pcheck "${1:-EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# check if process is already running
|
||||||
|
__proc_check() {
|
||||||
|
local cmd_bin="" cmd_name=""
|
||||||
|
cmd_bin="${1:-$EXEC_CMD_BIN}"
|
||||||
|
cmd_name="$(basename "$cmd_bin")"
|
||||||
|
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
|
||||||
|
SERVICE_IS_RUNNING="true"
|
||||||
|
touch "$SERVICE_PID_FILE"
|
||||||
|
echo "$cmd_name is already running"
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# create directories
|
||||||
|
[ -d "$RUN_DIR" ] || mkdir -p "$RUN_DIR"
|
||||||
|
[ -d "$LOG_DIR" ] || mkdir -p "$LOG_DIR"
|
||||||
|
[ -d "$CONF_DIR" ] || mkdir -p "$CONF_DIR"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# create directories if variable is yes
|
||||||
|
[ "$IS_WEB_SERVER" = "yes" ] && { [ -d "$WWW_DIR" ] || mkdir -p "$WWW_DIR"; }
|
||||||
|
[ "$IS_DATABASE_SERVICE" = "yes" ] && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# copy config files
|
||||||
|
[ -d "$CONF_DIR" ] && cp -Rf "$CONF_DIR/." "$ETC_DIR/"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# custom commands
|
||||||
|
if [ ! -f "$CONF_DIR/default.conf" ]; then
|
||||||
|
echo "# Settings for the default gitea runner" >"$CONF_DIR/default.conf"
|
||||||
|
echo "RUNNER_NAME=\"local\"" >>"$CONF_DIR/default.conf"
|
||||||
|
echo "RUNNER_LABELS=\"ubuntu-latest\"" >>"$CONF_DIR/default.conf"
|
||||||
|
echo "RUNNER_AUTH_TOKEN=\"${RUNNER_AUTH_TOKEN:-}\"" >>"$CONF_DIR/default.conf"
|
||||||
|
echo "GITEA_HOSTNAME=\"${GITEA_HOSTNAME:-}\"" >>"$CONF_DIR/default.conf"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# fix permissions
|
||||||
|
chmod -f 777 "$LOG_DIR" "$RUN_DIR"
|
||||||
|
[ -d "$DATABASE_DIR" ] && chmod -f 777 "$DATABASE_DIR"
|
||||||
|
if [ -n "$SERVICE_USER" ] && [ "$SERVICE_USER" != "root" ]; then
|
||||||
|
if grep -s -q "$SERVICE_USER:" "/etc/passwd"; then
|
||||||
|
chown -Rf $SERVICE_USER:$SERVICE_USER "$ETC_DIR" "$WWW_DIR" "$LOG_DIR" && echo "changed ownership to $SERVICE_USER"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Initialize runners
|
||||||
|
for runner in "$CONF_DIR"/*.conf; do
|
||||||
|
runner_name="$(basename "$runner")"
|
||||||
|
runner_name="${runner_name//.conf/}"
|
||||||
|
RUNNER_LABELS="linux"
|
||||||
|
RUNNER_NAME="$runner_name"
|
||||||
|
GITEA_HOSTNAME="${GITEA_HOSTNAME:-$HOSTNAME}"
|
||||||
|
while :; do
|
||||||
|
[ -f "$RUN_DIR/act_runner.$RUNNER_NAME.pid" ] && break
|
||||||
|
if [ -z "$RUNNER_AUTH_TOKEN" ]; then
|
||||||
|
echo "Error: Can not start runner: RUNNER_AUTH_TOKEN is not set" >&2
|
||||||
|
echo "visit $GITEA_HOSTNAME:$GITEA_PORT/admin/runners" >&2
|
||||||
|
echo "And edit $runner" >&2
|
||||||
|
fi
|
||||||
|
[ -f "$runner" ] && . "$runner"
|
||||||
|
if [ -n "$RUNNER_AUTH_TOKEN" ]; then
|
||||||
|
echo "RUNNER_AUTH_TOKEN has been set"
|
||||||
|
(act_runner register --labels "$RUNNER_LABELS" --name "$RUNNER_NAME" --instance "http://$GITEA_HOSTNAME" --token "$RUNNER_AUTH_TOKEN" --no-interactive || return 1) &
|
||||||
|
[ $? -eq 0 ] && echo "$!" >"$RUN_DIR/act_runner.$RUNNER_NAME.pid"
|
||||||
|
break
|
||||||
|
else
|
||||||
|
sleep 120
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
done
|
||||||
|
echo "$$" >"$RUN_DIR/act_runner.pid"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
exit $exitCode
|
42
init/bin/buildah-build
Executable file
@ -0,0 +1,42 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
# shellcheck shell=bash
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
##@Version : 202303142021-git
|
||||||
|
# @@Author : Jason Hempstead
|
||||||
|
# @@Contact : jason@casjaysdev.com
|
||||||
|
# @@License : LICENSE.md
|
||||||
|
# @@ReadME : build-project --help
|
||||||
|
# @@Copyright : Copyright: (c) 2023 Jason Hempstead, Casjays Developments
|
||||||
|
# @@Created : Tuesday, Mar 14, 2023 20:21 EDT
|
||||||
|
# @@File : build-project
|
||||||
|
# @@Description :
|
||||||
|
# @@Changelog : New script
|
||||||
|
# @@TODO : Better documentation
|
||||||
|
# @@Other :
|
||||||
|
# @@Resource :
|
||||||
|
# @@Terminal App : no
|
||||||
|
# @@sudo/root : no
|
||||||
|
# @@Template : shell/sh
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
HOME="${USER_HOME:-$HOME}"
|
||||||
|
USER="${SUDO_USER:-$USER}"
|
||||||
|
RUN_USER="${SUDO_USER:-$USER}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Export variables
|
||||||
|
WORKDIR="${WORKDIR:-/data/build}"
|
||||||
|
BUILDAH_ISOLATION="${BUILDAH_ISOLATION:-chroot}"
|
||||||
|
PLATFORMS="${PLATFORMS:---platform=linux/amd64,linux/arm64}"
|
||||||
|
DOCKER_FILE="${*:-$(find "$WORKDIR" -maxdepth 10 -name 'Dockerfile*' 2>/dev/null | grep '^' || false)}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Main application
|
||||||
|
if [ -n "$DOCKER_FILE" ]; then
|
||||||
|
for file in $DOCKER_FILE; do
|
||||||
|
buildah build $PLATFORMS "$file"
|
||||||
|
done
|
||||||
|
else
|
||||||
|
echo "Can not find any dockerfiles in /data/build"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# End application
|
||||||
|
# ex: ts=2 sw=2 et filetype=sh
|
147
init/bin/ddns
Executable file
@ -0,0 +1,147 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
##@Version : 202303291250-git
|
||||||
|
# @@Author : Jason Hempstead
|
||||||
|
# @@Contact : git-admin@casjaysdev.com
|
||||||
|
# @@License : WTFPL
|
||||||
|
# @@ReadME : ddns --help
|
||||||
|
# @@Copyright : Copyright: (c) 2023 Jason Hempstead, Casjays Developments
|
||||||
|
# @@Created : Wednesday, Mar 29, 2023 12:50 EDT
|
||||||
|
# @@File : ddns
|
||||||
|
# @@Description : newScript
|
||||||
|
# @@Changelog : newScript
|
||||||
|
# @@TODO : Refactor code
|
||||||
|
# @@Other :
|
||||||
|
# @@Resource :
|
||||||
|
# @@Terminal App : no
|
||||||
|
# @@sudo/root : no
|
||||||
|
# @@Template : bash/system
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
APPNAME="$(basename "$0")"
|
||||||
|
VERSION="202303291250-git"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Set bash options
|
||||||
|
set -o pipefail
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__run_dns() { named-checkconf -z "/etc/named.conf" && named -c "/etc/named.conf" || return 1; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SHORT_HOST="$(hostname -s)"
|
||||||
|
DOMAIN_HOST="${DOMAIN_NAME:-$(hostname -f || echo 'test')}"
|
||||||
|
NETDEV="$(ip route 2>/dev/null | grep default | sed -e "s/^.*dev.//" -e "s/.proto.*//" | awk '{print $1}')"
|
||||||
|
IPV4_ADDR="$(ifconfig $NETDEV 2>/dev/null | grep -E "venet|inet" | grep -v "127.0.0." | grep 'inet' | grep -v inet6 | awk '{print $2}' | sed s/addr://g | head -n1 | grep '^' || echo '')"
|
||||||
|
IPV6_ADDR="$(ifconfig "$NETDEV" 2>/dev/null | grep -E "venet|inet" | grep 'inet6' | grep -i global | awk '{print $2}' | head -n1 | grep '^' || echo '')"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
DATE="$(date +'%Y%m%d%M')"
|
||||||
|
OLD_DATE="${OLD_DATE:-2018020901}"
|
||||||
|
DOMAIN_NAME="${DOMAIN_NAME:-$FULL_HOST}"
|
||||||
|
IPV4_ADDR_GATEWAY="$(ip route show default | awk '/default/ {print $3}' | head -n1 | grep '^' || echo '')"
|
||||||
|
IPV4_ADDR="${IPV4_ADDR:-10.0.0.2}"
|
||||||
|
IPV4_ADDR_SUBNET="${IPV4_ADDR_SUBNET:-10.0.0.0}"
|
||||||
|
IPV4_ADDR_START="${IPV4_ADDR_START:-10.0.100.1}"
|
||||||
|
IPV4_ADDR_END="${IPV4_ADDR_END:-10.0.100.254}"
|
||||||
|
IPV4_ADDR_NETMASK="${IPV4_ADDR_NETMASK:-255.255.0.0}"
|
||||||
|
IPV4_ADDR_GATEWAY="${IPV4_ADDR_GATEWAY:-10.0.0.1}"
|
||||||
|
IPV6_ADDR="${IP6_ADDR:-2001:0db8:edfa:1234::2}"
|
||||||
|
IPV6_ADDR_SUBNET="${IPV6_ADDR_SUBNET:-2001:0db8:edfa:1234::}"
|
||||||
|
IPV6_ADDR_START="${IPV6_ADDR_START:-2001:0db8:edfa:1234:5678::1}"
|
||||||
|
IPV6_ADDR_END="${IPV6_ADDR_END:-2001:0db8:edfa:1234:5678::ffff}"
|
||||||
|
IPV6_ADDR_NETMASK="${IPV6_ADDR_NETMASK:-64}"
|
||||||
|
IPV6_ADDR_GATEWAY="${IPV6_ADDR_GATEWAY:-2001:0db8:edfa:1234::1}"
|
||||||
|
[ "$DOMAIN_NAME" == "local" ] && DOMAIN_NAME="test"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
[ -f "/config/rndc.key" ] || rndc-confgen -a -c /etc/rndc.key &>>/data/logs/named.log
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
RNDC_KEY="$(cat "/etc/rndc.key" | grep 'secret' | awk '{print $2}' | sed 's|;||g;s|"||g')"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
[ -f "/config/rndc.key" ] || cp -Rf "/etc/rndc.key" "/config/rndc.key" &>>/data/logs/entrypoint.log
|
||||||
|
[ -f "/config/rndc.conf" ] || { [ -f "/etc/rndc.conf" ] && cp -Rf "/etc/rndc.conf" "/config/rndc.conf" &>>/data/logs/entrypoint.log; }
|
||||||
|
[ -d "/run/tor" ] || mkdir -p "/run/tor" &>>/data/logs/entrypoint.log
|
||||||
|
[ -d "/etc/dhcp" ] || mkdir -p "/etc/dhcp" &>>/data/logs/entrypoint.log
|
||||||
|
[ -d "/run/dhcp" ] || mkdir -p "/run/dhcp" &>>/data/logs/entrypoint.log
|
||||||
|
[ -d "/var/tftpboot" ] && [ ! -d "/data/tftp" ] && mv -f "/var/tftpboot" "/data/tftp" &>>/data/logs/entrypoint.log
|
||||||
|
[ -d "/var/lib/dhcp" ] || mkdir -p "/var/lib/dhcp" &>>/data/logs/entrypoint.log
|
||||||
|
[ -d "/data/tor" ] || cp -Rf "/var/lib/tor" "/data/tor" &>>/data/logs/entrypoint.log
|
||||||
|
[ -d "/data/htdocs/www" ] || cp -Rf "/var/lib/ddns/data/htdocs/www" "/data/htdocs/www" &>>/data/logs/entrypoint.log
|
||||||
|
[ -d "/data/named" ] || cp -Rf "/var/lib/ddns/data/named" "/data/named" &>>/data/logs/entrypoint.log
|
||||||
|
[ -d "/config/tor" ] || cp -Rf "/var/lib/ddns/config/tor" "/config/tor" &>>/data/logs/entrypoint.log
|
||||||
|
[ -d "/config/dhcp" ] || cp -Rf "/var/lib/ddns/config/dhcp" "/config/dhcp" &>>/data/logs/entrypoint.log
|
||||||
|
[ -d "/config/named" ] || cp -Rf "/var/lib/ddns/config/named" "/config/named" &>>/data/logs/entrypoint.log
|
||||||
|
[ -f "/config/radvd.conf" ] || cp -Rf "/var/lib/ddns/config/radvd.conf" "/config/radvd.conf" &>>/data/logs/entrypoint.log
|
||||||
|
[ -f "/config/named.conf" ] || cp -Rf "/var/lib/ddns/config/named.conf" "/config/named.conf" &>>/data/logs/entrypoint.log
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
find "/config" "/data" -type f -exec sed -i 's|'${OLD_DATE:-2018020901}'|'$DATE'|g' {} \;
|
||||||
|
find "/config" "/data" -type f -exec sed -i 's|REPLACE_DOMAIN|'$DOMAIN_NAME'|g' {} \;
|
||||||
|
find "/config" "/data" -type f -exec sed -i 's|REPLACE_WITH_RNDC_KEY|'$RNDC_KEY'|g' {} \;
|
||||||
|
find "/config" "/data" -type f -exec sed -i 's|REPLACE_IPV4_ADDRESS|'$IPV4_ADDR'|g' {} \;
|
||||||
|
find "/config" "/data" -type f -exec sed -i 's|REPLACE_IPV4_ADDR_START|'$IPV4_ADDR_START'|g' {} \;
|
||||||
|
find "/config" "/data" -type f -exec sed -i 's|REPLACE_IPV4_ADDR_END|'$IPV4_ADDR_END'|g' {} \;
|
||||||
|
find "/config" "/data" -type f -exec sed -i 's|REPLACE_IPV4_SUBNET|'$IPV4_ADDR_SUBNET'|g' {} \;
|
||||||
|
find "/config" "/data" -type f -exec sed -i 's|REPLACE_IPV4_NETMASK|'$IPV4_ADDR_NETMASK'|g' {} \;
|
||||||
|
find "/config" "/data" -type f -exec sed -i 's|REPLACE_IPV4_GATEWAY|'$IPV4_ADDR_GATEWAY'|g' {} \;
|
||||||
|
find "/config" "/data" -type f -exec sed -i 's|REPLACE_IPV6_ADDRESS|'$IPV6_ADDR'|g' {} \;
|
||||||
|
find "/config" "/data" -type f -exec sed -i 's|REPLACE_IPV6_ADDR_START|'$IPV6_ADDR_START'|g' {} \;
|
||||||
|
find "/config" "/data" -type f -exec sed -i 's|REPLACE_IPV6_ADDR_END|'$IPV6_ADDR_END'|g' {} \;
|
||||||
|
find "/config" "/data" -type f -exec sed -i 's|REPLACE_IPV6_SUBNET|'$IPV6_ADDR_SUBNET'|g' {} \;
|
||||||
|
find "/config" "/data" -type f -exec sed -i 's|REPLACE_IPV6_NETMASK|'$IPV6_ADDR_NETMASK'|g' {} \;
|
||||||
|
find "/config" "/data" -type f -exec sed -i 's|REPLACE_IPV6_GATEWAY|'$IPV6_ADDR_GATEWAY'|g' {} \;
|
||||||
|
|
||||||
|
if [ -f "/config/named.conf" ]; then
|
||||||
|
echo "Initializing named" &>>/data/logs/entrypoint.log
|
||||||
|
rm -R /data/logs/dns/* &>>/data/logs/entrypoint.log
|
||||||
|
cp -Rf "/config/named.conf" "/etc/named.conf"
|
||||||
|
[ -d "/data/logs/dns" ] || mkdir -p "/data/logs/dns"
|
||||||
|
[ -d "/data/named" ] && cp -Rf "/data/named" "/var/named"
|
||||||
|
[ -d "/config/named" ] && cp -Rf "/config/named" "/etc/named"
|
||||||
|
[ -f "/config/rndc.key" ] && cp -Rf "/config/rndc.key" "/etc/rndc.key"
|
||||||
|
[ -f "/config/rndc.conf" ] && cp -Rf "/config/rndc.conf" "/etc/rndc.conf"
|
||||||
|
chmod -f 777 "/data/logs/dns"
|
||||||
|
__run_dns &>>/data/logs/named.log &
|
||||||
|
sleep .5
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -n "$IP6_ADDR" ]; then
|
||||||
|
if [ -f "/config/dhcp/dhcpd6.conf" ]; then
|
||||||
|
echo "Initializing dhcpd6" &>>/data/logs/entrypoint.log
|
||||||
|
cp -Rf "/config/dhcp/dhcpd6.conf" "/etc/dhcp/dhcpd6.conf"
|
||||||
|
touch /var/lib/dhcp/dhcpd6.leases
|
||||||
|
dhcpd -6 -cf /etc/dhcp/dhcpd6.conf &>>/data/logs/dhcpd6.log &
|
||||||
|
sleep .5
|
||||||
|
fi
|
||||||
|
if [ -f "/config/radvd.conf" ]; then
|
||||||
|
echo "Initializing radvd" &>>/data/logs/entrypoint.log
|
||||||
|
cp -Rf "/config/radvd.conf" "/etc/radvd.conf"
|
||||||
|
radvd -C /etc/radvd.conf &>>/data/logs/radvd.log &
|
||||||
|
sleep .5
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -f "/config/dhcp/dhcpd4.conf" ]; then
|
||||||
|
echo "Initializing dhcpd4" &>>/data/logs/entrypoint.log
|
||||||
|
cp -Rf "/config/dhcp/dhcpd4.conf" "/etc/dhcp/dhcpd4.conf"
|
||||||
|
touch /var/lib/dhcp/dhcpd.leases
|
||||||
|
dhcpd -4 -cf /etc/dhcp/dhcpd4.conf &>>/data/logs/dhcpd4.log &
|
||||||
|
sleep .5
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -d "/config/tor" ]; then
|
||||||
|
echo "Initializing tor" &>>/data/logs/entrypoint.log
|
||||||
|
[ -d "/config/tor" ] && cp -Rf "/config/tor" "/etc/tor"
|
||||||
|
chown -Rf root:root "/var/lib/tor"
|
||||||
|
chmod 700 "/run/tor"
|
||||||
|
tor -f "/etc/tor/torrc" &>>/data/logs/tor.log &
|
||||||
|
fi
|
||||||
|
if [ -d "/data/tftp" ]; then
|
||||||
|
echo "Initializing tftp" &>>/data/logs/entrypoint.log
|
||||||
|
rm -Rf "/var/tftpboot"
|
||||||
|
ln -sf "/data/tftp" "/var/tftpboot"
|
||||||
|
in.tftpd -vv -L "/var/tftpboot" &>/data/logs/tftpd.log &
|
||||||
|
fi
|
||||||
|
if [ -f "/data/htdocs/www/index.php" ]; then
|
||||||
|
echo "Initializing web on $IPV4_ADDR" &>>/data/logs/entrypoint.log
|
||||||
|
nginx -c "/etc/nginx/nginx.conf" &>>/data/logs/nginx.log &
|
||||||
|
sleep .5
|
||||||
|
fi
|
||||||
|
sleep 5
|
||||||
|
date +'%Y-%m-%d %H:%M' >/data/logs/entrypoint.log
|
||||||
|
echo "Initializing completed" &>>/data/logs/entrypoint.log
|
||||||
|
tail -n 80 -f /data/logs/*.log
|
105
init/bin/docker-buildx
Normal file
@ -0,0 +1,105 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
##@Version : 202210141608-git
|
||||||
|
# @@Author : Jason Hempstead
|
||||||
|
# @@Contact : git-admin@casjaysdev.com
|
||||||
|
# @@License : LICENSE.md
|
||||||
|
# @@ReadME : buildx --help
|
||||||
|
# @@Copyright : Copyright: (c) 2022 Jason Hempstead, Casjays Developments
|
||||||
|
# @@Created : Friday, Oct 14, 2022 16:08 EDT
|
||||||
|
# @@File : buildx
|
||||||
|
# @@Description : Docker buildx wrapper
|
||||||
|
# @@Changelog : New script
|
||||||
|
# @@TODO : Refactor code
|
||||||
|
# @@Other :
|
||||||
|
# @@Resource :
|
||||||
|
# @@Terminal App : no
|
||||||
|
# @@sudo/root : no
|
||||||
|
# @@Template : bash/system
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Set bash options
|
||||||
|
[ -n "$DEBUG" ] && set -x
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Set functions
|
||||||
|
__image_exists() { docker ps -a 2>&1 | grep -q "$1" || return 1; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__buildx() {
|
||||||
|
local exitStatus=0 reg_tag="${1:-$TAG_NAME}" dir="${directory:-.}"
|
||||||
|
[ -n "$platforms" ] && build_platforms="--platform ${platforms/ /,}"
|
||||||
|
#[ -d "$PWD/.git" ] && git pull -q && echo "Updating git repo"
|
||||||
|
# Initialize
|
||||||
|
echo "Setting target platform to $platforms"
|
||||||
|
__image_exists "$qemu_imagename" || { echo "Initializing $qemu_imagename" && docker run -d --name "$qemu_imagename" --privileged multiarch/qemu-user-static --reset -p yes &>/dev/null; } #|| { echo "Failed to Initialize" && exit 1; }
|
||||||
|
__image_exists "$binfmt_imagename" || { echo "Initializing $binfmt_imagename" && docker run -d --name "$binfmt_imagename" --privileged tonistiigi/binfmt --install all &>/dev/null; } #|| { echo "Failed to Initialize" && exit 1; }
|
||||||
|
__image_exists "$buildername" || { echo "Setting the buildername to $buildername" && docker buildx create --driver docker-container --driver-opt network=host --driver-opt image=moby/buildkit:master --name "$buildername" --use &>/dev/null; } #|| { echo "Failed to Initialize" && exit 1; }
|
||||||
|
docker buildx use "$buildername" &>/dev/null #|| { echo "Failed to Initialize" && exit 1; }
|
||||||
|
docker buildx inspect --bootstrap &>/dev/null #|| { echo "Failed to Initialize" && exit 1; }
|
||||||
|
|
||||||
|
# Build
|
||||||
|
echo "Building $reg_tag"
|
||||||
|
eval docker buildx build --rm --pull \
|
||||||
|
--push --no-cache $build_platforms \
|
||||||
|
--progress auto --output=type=registry \
|
||||||
|
$reg_tag "$dir" || exitStatus=1
|
||||||
|
[ "$exitStatus" -eq 0 ] || echo "Failed to build $reg_tag"
|
||||||
|
|
||||||
|
# Cleanup
|
||||||
|
__image_exists "$buildername" && docker rm -f "$buildername" &>/dev/null
|
||||||
|
__image_exists "$qemu_imagename" && docker rm -f "$qemu_imagename" &>/dev/null
|
||||||
|
__image_exists "$binfmt_imagename" && docker rm -f "$binfmt_imagename" &>/dev/null
|
||||||
|
return $exitStatus
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
[ -f "/root/.docker/config.json" ] || { echo "/root/.docker/config.json Does not exist did you mount it?" && exit 1; }
|
||||||
|
[ -d "/tmp/build" ] && cd "/tmp/build" || { echo "/tmp/build Does not exist did you mount your project?" && exit 1; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Set additional variables
|
||||||
|
[ -f "$PWD/.env.sh" ] && . "$PWD/.env.sh"
|
||||||
|
[ -f "$1" ] && docker_file="$1" && shift 1 || docker_file="${FILE:-}"
|
||||||
|
[ -d "$1" ] && [ -f "$1/Dockerfile" ] && docker_file="$1/Dockerfile" && shift 1 || docker_file="${FILE:-}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
TAG_NAME="${1:-$TAGS}"
|
||||||
|
REGISTRY="${REGISTRY:-}"
|
||||||
|
ORG="${ORG:-casjaysdevdocker}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
exitCode=0
|
||||||
|
buildername="mybuilder"
|
||||||
|
qemu_imagename="buildx-qemu"
|
||||||
|
binfmt_imagename="buildx-binfmt"
|
||||||
|
platforms="${PLATFORMS:-linux/amd64,linux/arm64}"
|
||||||
|
docker_files="$(find "/tmp/build" -name 'Dockerfile*' 2>/dev/null | sort -u | grep '^' || false)"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
export DOCKER_CLI_EXPERIMENTAL="enabled"
|
||||||
|
echo "$TAG_NAME" | grep -q ':' || TAG_NAME="$TAG_NAME:latest"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
[ -n "$docker_file" ] || [ -n "$docker_files" ] || { echo "USAGE: buildx [dir] [tagname]" && exit 1; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
clear
|
||||||
|
if [ -z "$(pgrep -x dockerd)" ]; then
|
||||||
|
echo "Starting dockerd"
|
||||||
|
start-docker.sh &>/dev/null &
|
||||||
|
sleep 10
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Main application
|
||||||
|
if [ -n "$docker_file" ]; then
|
||||||
|
[ -n "$TAG_NAME" ] || { echo "USAGE: buildx [dir] [tagname]" && exit 1; }
|
||||||
|
directory="$(dirname "$docker_file")"
|
||||||
|
[ -n "$REGISTRY" ] && tag_name="$REGISTRY/$TAG_NAME" || tag_name="$TAG_NAME"
|
||||||
|
tag_name="$(echo "$REGISTRY/$TAG_NAME" | tr '[:upper:]' '[:lower:]')"
|
||||||
|
cd "$directory" && __buildx "$tag_name" || exitCode+="$((exitCode + 1))"
|
||||||
|
elif [ -n "$docker_files" ]; then
|
||||||
|
for file in $docker_files; do
|
||||||
|
directory="$(dirname "$file")"
|
||||||
|
image_name="$(echo $ORG/$(basename "$directory") | tr '[:upper:]' '[:lower:]')"
|
||||||
|
[ -n "$REGISTRY" ] && tag_name="$REGISTRY/$image_name:latest" || tag_name="$image_name:latest"
|
||||||
|
cd "$directory" && __buildx "$tag_name" || exitCode+="$((exitCode + 1))"
|
||||||
|
done
|
||||||
|
else
|
||||||
|
echo "Can not find a Dockerfile in /tmp/build"
|
||||||
|
exitCode=10
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
exit $exitCode
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# end
|
487
init/done/00-couchdb.sh
Executable file
@ -0,0 +1,487 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
|
||||||
|
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
printf '%s\n' "# - - - Initializing couchdb - - - #"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_NAME="couchdb"
|
||||||
|
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run trap command on exit
|
||||||
|
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import the functions file
|
||||||
|
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
|
||||||
|
. "/usr/local/etc/docker/functions/entrypoint.sh"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import variables
|
||||||
|
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
|
||||||
|
[ -f "$set_env" ] && . "$set_env"
|
||||||
|
done
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Custom functions
|
||||||
|
__curl() { curl -q -LSsf --user "$root_user_name:$root_user_pass" "$@"; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__curl_users() { __curl -X PUT -H 'Accept: application/json' -H 'Content-Type: application/json' 'http://'$COUCHDB_SERVER':'$SERVICE_PORT'/_users/org.couchdb.user:'$1'' -d "{\"name\": \"$1\", \"password\": \"$2\", \"roles\": [], \"type\": \"user\"}" || return 2; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__curl_database() { curl -q -LSsf -X PUT 'http://'$root_user_name:$root_user_pass'@'$COUCHDB_SERVER':'$SERVICE_PORT'/'$1'' || return 2; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Show message before execute
|
||||||
|
PRE_EXEC_MESSAGE=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Default predefined variables
|
||||||
|
WORKDIR="" # set working directory
|
||||||
|
DATA_DIR="/data" # set data directory
|
||||||
|
WWW_DIR="/data/htdocs/www" # set the web root
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ETC_DIR="/opt/couchdb/etc" # set etc directory
|
||||||
|
CONF_DIR="/config/couchdb" # set config directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
RUN_DIR="/run/init.d" # set scripts pid dir
|
||||||
|
LOG_DIR="/data/logs/couchdb" # set log directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
|
||||||
|
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set the database directory
|
||||||
|
DATABASE_DIR="${DATABASE_DIR_COUCHDB:-/data/db/couchdb}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional predefined variables
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# port which service is listening on
|
||||||
|
SERVICE_PORT="5984"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# execute command variables
|
||||||
|
SERVICE_UID="0" # set the user id
|
||||||
|
SERVICE_USER="root" # execute command as another user
|
||||||
|
EXEC_CMD_BIN="couchdb" # command to execute
|
||||||
|
EXEC_CMD_ARGS="-vvvvv" # command arguments
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a web server
|
||||||
|
IS_WEB_SERVER="no"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a database server
|
||||||
|
IS_DATABASE_SERVICE="yes"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional variables
|
||||||
|
NODENAME="${NODENAME:-}"
|
||||||
|
CREATE_DATABASE="${CREATE_DATABASE:-}"
|
||||||
|
COUCHDB_SERVER="${COUCHDB_SERVER:-localhost}"
|
||||||
|
COUCHDB_ROOT_USER_NAME="${COUCHDB_USER:-root}"
|
||||||
|
COUCHDB_ROOT_PASS_WORD="${COUCHDB_PASSWORD:-$(__random_password)}"
|
||||||
|
COUCHDB_ERLANG_COOKIE="${COUCHDB_ERLANG_COOKIE:-}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# usernames
|
||||||
|
user_name="${COUCHDB_USER_NAME:-}" # normal user name
|
||||||
|
root_user_name="${COUCHDB_ROOT_USER_NAME:-}" # root user name
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# passwords [password/random]
|
||||||
|
user_pass="${COUCHDB_USER_PASS_WORD:-}" # normal user password
|
||||||
|
root_user_pass="${COUCHDB_ROOT_PASS_WORD:-}" # root user password
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Overwrite variables from files
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Specifiy custom directories to be created
|
||||||
|
ADD_APPLICATION_FILES=""
|
||||||
|
ADD_APPLICATION_DIRS=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
APPLICATION_FILES="$LOG_DIR/couchdb.log"
|
||||||
|
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__update_conf_files() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
|
||||||
|
# delete files
|
||||||
|
[ -e "/opt/couchdb/data" ] && rm -rf "/opt/couchdb/data"
|
||||||
|
|
||||||
|
# define actions
|
||||||
|
|
||||||
|
# create default directories
|
||||||
|
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating directory $filedirs with permissions 777"
|
||||||
|
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create default files
|
||||||
|
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
|
||||||
|
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating file $application_files with permissions 777"
|
||||||
|
touch "$application_files" && chmod -Rf 777 "$application_files"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create directories if variable is yes"
|
||||||
|
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
# copy config files to system
|
||||||
|
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
# replace variables
|
||||||
|
__replace "REPLACE_DATABASE_DIR" "$DATABASE_DIR" "$ETC_DIR/default.ini"
|
||||||
|
# custom commands
|
||||||
|
touch "$ETC_DIR/local.d/docker.ini" 2>/dev/null
|
||||||
|
ln -sf "$DATABASE_DIR" "/opt/couchdb/data" 2>/dev/null
|
||||||
|
|
||||||
|
# other
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset application_files filedirs
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run before executing
|
||||||
|
__pre_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
# define commands
|
||||||
|
|
||||||
|
# execute if directories is empty
|
||||||
|
#__is_dir_empty "" &&
|
||||||
|
|
||||||
|
# create user if needed
|
||||||
|
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
|
||||||
|
# set user on files/folders
|
||||||
|
if [ -n "$user" ] && [ "$user" != "root" ]; then
|
||||||
|
if grep -s -q "$user:" "/etc/passwd"; then
|
||||||
|
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
|
||||||
|
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset filesperms filename
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run after executing
|
||||||
|
__post_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
local user_name="${user_name:-$root_user_name}" # set user name
|
||||||
|
local user_pass="${user_pass:-$root_user_pass}" # set user pass
|
||||||
|
sleep 60 # how long to wait before executing
|
||||||
|
echo "Running post commands" # message
|
||||||
|
# execute commands
|
||||||
|
if ! __curl "http://$COUCHDB_SERVER:$SERVICE_PORT/_users" | grep -q 'db_name":"_users'; then
|
||||||
|
echo "Creating the _users databases"
|
||||||
|
if __curl_database "_users" | grep -qE '200|"ok":true'; then
|
||||||
|
echo "Created database _users"
|
||||||
|
else
|
||||||
|
echo "Failed to create database _users" >&2
|
||||||
|
fi
|
||||||
|
sleep 1
|
||||||
|
fi
|
||||||
|
if ! __curl "http://$COUCHDB_SERVER:$SERVICE_PORT/_replicator" | grep -q 'db_name":"_replicator'; then
|
||||||
|
echo "Creating the _replicator databases"
|
||||||
|
if __curl_database "_replicator" | grep -qE '200|"ok":true'; then
|
||||||
|
echo "Created database _replicator"
|
||||||
|
else
|
||||||
|
echo "Failed to create database _replicator" >&2
|
||||||
|
fi
|
||||||
|
sleep 1
|
||||||
|
fi
|
||||||
|
if ! __curl "http://$COUCHDB_SERVER:$SERVICE_PORT/_global_changes" | grep -q 'db_name":"_global_changes'; then
|
||||||
|
echo "Creating the _global_changes databases"
|
||||||
|
if __curl_database "_global_changes" | grep -qE '200|"ok":true'; then
|
||||||
|
echo "Created database _global_changes"
|
||||||
|
else
|
||||||
|
echo "Failed to create database _global_changes" >&2
|
||||||
|
fi
|
||||||
|
sleep 1
|
||||||
|
fi
|
||||||
|
if [ -n "$user_name" ] && [ -n "$user_pass" ]; then
|
||||||
|
echo "Creating new user $username"
|
||||||
|
if __curl_users "$user_name" "$user_pass"; then
|
||||||
|
echo "Created user: $user_name"
|
||||||
|
else
|
||||||
|
echo "Failed to create user: $user_name" >&2
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
if [ -n "$CREATE_DATABASE" ]; then
|
||||||
|
echo "Creating database: $CREATE_DATABASE"
|
||||||
|
__curl_database "$CREATE_DATABASE" || echo "Failed to create database: $CREATE_DATABASE" >&2
|
||||||
|
fi
|
||||||
|
echo ""
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__pre_message() {
|
||||||
|
local exitCode=0
|
||||||
|
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to setup ssl support
|
||||||
|
__update_ssl_conf() {
|
||||||
|
local exitCode=0
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__create_env() {
|
||||||
|
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
|
||||||
|
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
|
||||||
|
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
|
||||||
|
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
|
||||||
|
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
|
||||||
|
|
||||||
|
EOF
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# script to start server
|
||||||
|
__run_start_script() {
|
||||||
|
local user="${SERVICE_USER:-root}"
|
||||||
|
local workdir="${WORKDIR:-$WORK_DIR}"
|
||||||
|
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
|
||||||
|
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
|
||||||
|
local home="${workdir//\/root/\/tmp\/docker}"
|
||||||
|
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
if [ -z "$EXEC_CMD_BIN" ]; then
|
||||||
|
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
echo "Initializing $SCRIPT_NAME has completed"
|
||||||
|
else
|
||||||
|
# ensure the command exists
|
||||||
|
if [ ! -x "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "$EXEC_CMD_NAME is not a valid executable"
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
# set working directories
|
||||||
|
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
|
||||||
|
[ "$home" = "/root" ] && home="/tmp/docker"
|
||||||
|
[ "$home" = "$workdir" ] && workdir=""
|
||||||
|
# create needed directories
|
||||||
|
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
|
||||||
|
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
|
||||||
|
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
|
||||||
|
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
|
||||||
|
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
|
||||||
|
# check and exit if already running
|
||||||
|
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
|
||||||
|
echo "$EXEC_CMD_NAME is already running" >&2
|
||||||
|
exit 0
|
||||||
|
else
|
||||||
|
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
|
||||||
|
su_cmd touch "$SERVICE_PID_FILE"
|
||||||
|
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
|
||||||
|
if [ -n "$NODENAME" ] && ! grep "couchdb@" /opt/couchdb/etc/vm.args; then
|
||||||
|
echo "-name couchdb@$NODENAME" >>/opt/couchdb/etc/vm.args
|
||||||
|
fi
|
||||||
|
if [ -n "$root_user_name" ] && [ -n "$root_user_pass" ]; then
|
||||||
|
if ! grep -Pzoqr "\[admins\]\n$root_user_name =" /opt/couchdb/etc/local.d/*.ini /opt/couchdb/etc/local.ini; then
|
||||||
|
printf "\n[admins]\n%s = %s\n" "$root_user_name" "$root_user_pass" >>/opt/couchdb/etc/local.d/docker.ini
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
if [ -n "$COUCHDB_SECRET" ]; then
|
||||||
|
if ! grep -Pzoqr "\[chttpd_auth\]\nsecret =" /opt/couchdb/etc/local.d/*.ini /opt/couchdb/etc/local.ini; then
|
||||||
|
printf "\n[chttpd_auth]\nsecret = %s\n" "$COUCHDB_SECRET" >>/opt/couchdb/etc/local.d/docker.ini
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
if [ -n "$COUCHDB_ERLANG_COOKIE" ]; then
|
||||||
|
cookieFile='/opt/couchdb/.erlang.cookie'
|
||||||
|
if [ -e "$cookieFile" ]; then
|
||||||
|
if [ "$(cat "$cookieFile" 2>/dev/null)" != "$COUCHDB_ERLANG_COOKIE" ]; then
|
||||||
|
echo >&2
|
||||||
|
echo >&2 "warning: $cookieFile contents do not match COUCHDB_ERLANG_COOKIE"
|
||||||
|
echo >&2
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo "$COUCHDB_ERLANG_COOKIE" >"$cookieFile"
|
||||||
|
fi
|
||||||
|
chmod 600 "$cookieFile"
|
||||||
|
fi
|
||||||
|
if [ "$(id -u)" = '0' ]; then
|
||||||
|
find /opt/couchdb \! \( -user couchdb -group couchdb \) -exec chown -f $SERVICE_USER:$SERVICE_USER '{}' +
|
||||||
|
find /opt/couchdb/data -type d ! -perm 0755 -exec chmod -f 0755 '{}' +
|
||||||
|
find /opt/couchdb/data -type f ! -perm 0644 -exec chmod -f 0644 '{}' +
|
||||||
|
find /opt/couchdb/etc -type d ! -perm 0755 -exec chmod -f 0755 '{}' +
|
||||||
|
find /opt/couchdb/etc -type f ! -perm 0644 -exec chmod -f 0644 '{}' +
|
||||||
|
fi
|
||||||
|
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# username and password actions
|
||||||
|
__run_secure_function() {
|
||||||
|
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
|
||||||
|
for filesperms in "${USER_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
|
||||||
|
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# simple cd function
|
||||||
|
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# process check functions
|
||||||
|
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
|
||||||
|
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# check if process is already running
|
||||||
|
__proc_check() {
|
||||||
|
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
|
||||||
|
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
|
||||||
|
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
|
||||||
|
SERVICE_IS_RUNNING="true"
|
||||||
|
touch "$SERVICE_PID_FILE"
|
||||||
|
echo "$cmd_name is already running"
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow ENV_ variable - Import env file
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_EXIT_CODE=0 # default exit code
|
||||||
|
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# application specific
|
||||||
|
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
|
||||||
|
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
|
||||||
|
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# create auth directories
|
||||||
|
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
|
||||||
|
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow per init script usernames and passwords
|
||||||
|
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow setting initial users and passwords via environment
|
||||||
|
user_name="${user_name:-$ENV_USER_NAME}"
|
||||||
|
user_pass="${user_pass:-$ENV_USER_PASS}"
|
||||||
|
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
|
||||||
|
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set password to random if variable is random
|
||||||
|
if [ "$user_pass" = "random" ]; then
|
||||||
|
user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
if [ "$root_user_pass" = "random" ]; then
|
||||||
|
root_user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow variables via imports - Overwrite existing
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Only run check
|
||||||
|
if [ "$1" = "check" ]; then
|
||||||
|
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
|
||||||
|
exit $?
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show message if env exists
|
||||||
|
if [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
|
||||||
|
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set switch user command
|
||||||
|
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
elif [ "$(builtin type -P gosu)" ]; then
|
||||||
|
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P runuser)" ]; then
|
||||||
|
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P sudo)" ]; then
|
||||||
|
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P su)" ]; then
|
||||||
|
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
|
||||||
|
else
|
||||||
|
echo "Can not switch to $SERVICE_USER: attempting to run as root"
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Change to working directory
|
||||||
|
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show init message
|
||||||
|
__pre_message
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Initialize ssl
|
||||||
|
__update_ssl_conf
|
||||||
|
__update_ssl_certs
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Updating config files
|
||||||
|
__create_env
|
||||||
|
__update_conf_files
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run the pre execute commands
|
||||||
|
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
|
||||||
|
__pre_execute
|
||||||
|
__run_secure_function
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
|
||||||
|
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
|
||||||
|
SERVICE_EXIT_CODE=10
|
||||||
|
SERVICE_IS_RUNNING="false"
|
||||||
|
rm -Rf "$SERVICE_PID_FILE"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
exit $SERVICE_EXIT_CODE
|
445
init/done/00-mariadb.sh
Executable file
@ -0,0 +1,445 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
|
||||||
|
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
printf '%s\n' "# - - - Initializing mariadb - - - #"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_NAME="mariadb"
|
||||||
|
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run trap command on exit
|
||||||
|
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import the functions file
|
||||||
|
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
|
||||||
|
. "/usr/local/etc/docker/functions/entrypoint.sh"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import variables
|
||||||
|
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
|
||||||
|
[ -f "$set_env" ] && . "$set_env"
|
||||||
|
done
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Custom functions
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Show message before execute
|
||||||
|
PRE_EXEC_MESSAGE=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Default predefined variables
|
||||||
|
WORKDIR="" # set working directory
|
||||||
|
DATA_DIR="/data" # set data directory
|
||||||
|
WWW_DIR="/data/htdocs/www" # set the web root
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ETC_DIR="/etc/mariadb" # set etc directory
|
||||||
|
CONF_DIR="/config/mariadb" # set config directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
RUN_DIR="/run/init.d" # set scripts pid dir
|
||||||
|
LOG_DIR="/data/logs/mariadb" # set log directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
|
||||||
|
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set the database directory
|
||||||
|
DATABASE_DIR="${DATABASE_DIR_MARIADB:-/data/db/mariadb}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional predefined variables
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# port which service is listening on
|
||||||
|
SERVICE_PORT="3306"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# execute command variables
|
||||||
|
SERVICE_UID="0" # set the user id
|
||||||
|
SERVICE_USER="mysql" # execute command as another user
|
||||||
|
EXEC_CMD_BIN="mysqld" # command to execute
|
||||||
|
EXEC_CMD_ARGS="--user=$SERVICE_USER --datadir=$DATABASE_DIR" # command arguments
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a web server
|
||||||
|
IS_WEB_SERVER="no"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a database server
|
||||||
|
IS_DATABASE_SERVICE="yes"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional variables
|
||||||
|
DATABASE_CREATE="${MARIADB_DATABASE:-}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# usernames
|
||||||
|
user_name="${MARIADB_USER_NAME:-}" # normal user name
|
||||||
|
root_user_name="${MARIADB_ROOT_USER_NAME:-}" # root user name
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# passwords [password/random]
|
||||||
|
user_pass="${MARIADB_USER_PASS_WORD:-}" # normal user password
|
||||||
|
root_user_pass="${MARIADB_ROOT_PASS_WORD:-random}" # root user password
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Overwrite variables from files
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Specifiy custom directories to be created
|
||||||
|
ADD_APPLICATION_FILES=""
|
||||||
|
ADD_APPLICATION_DIRS=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
APPLICATION_FILES="$LOG_DIR/mariadb.log $LOG_DIR/mariadb.err.log"
|
||||||
|
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__update_conf_files() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-mysql}" # specifiy different user
|
||||||
|
|
||||||
|
# create default directories
|
||||||
|
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating directory $filedirs with permissions 777"
|
||||||
|
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create default files
|
||||||
|
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
|
||||||
|
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating file $application_files with permissions 777"
|
||||||
|
touch "$application_files" && chmod -Rf 777 "$application_files"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create directories if variable is yes"
|
||||||
|
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
# copy config files to system
|
||||||
|
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
# replace variables
|
||||||
|
__replace "REPLACE_ROOT_USER" "$root_user_name" "$ETC_DIR/my.cnf"
|
||||||
|
__replace "REPLACE_ROOT_PASS" "$root_user_pass" "$ETC_DIR/my.cnf"
|
||||||
|
# custom commands
|
||||||
|
if [ -f "$ETC_DIR/my.cnf" ] && [ ! -f "$CONF_DIR/my.cnf" ]; then
|
||||||
|
__file_copy "$ETC_DIR/my.cnf" "$CONF_DIR/my.cnf" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
# other
|
||||||
|
[ -f "$ETC_DIR/my.cnf" ] && ln -sf "$ETC_DIR/my.cnf" "/etc/my.cnf"
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset application_files filedirs
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run before executing
|
||||||
|
__pre_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-mysql}" # specifiy different user
|
||||||
|
# define commands
|
||||||
|
|
||||||
|
# Initialize the database
|
||||||
|
if __is_dir_empty "$DATABASE_DIR"; then
|
||||||
|
mkdir -p "$DATABASE_DIR" && chown -Rf $user:$user "$DATABASE_DIR"
|
||||||
|
mysql_install_db --datadir=$DATABASE_DIR --user=$user --skip-test-db --old-mode='UTF8_IS_UTF8MB3' --default-time-zone=SYSTEM --enforce-storage-engine= --skip-log-bin --expire-logs-days=0 --loose-innodb_buffer_pool_load_at_startup=0 --loose-innodb_buffer_pool_dump_at_shutdown=0
|
||||||
|
fi
|
||||||
|
|
||||||
|
# create user if needed
|
||||||
|
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
|
||||||
|
# set user on files/folders
|
||||||
|
if [ -n "$user" ] && [ "$user" != "root" ]; then
|
||||||
|
if grep -s -q "$user:" "/etc/passwd"; then
|
||||||
|
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
|
||||||
|
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset filesperms filename
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run after executing
|
||||||
|
__post_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
sleep 60 # how long to wait before executing
|
||||||
|
echo "Running post commands" # message
|
||||||
|
# execute commands
|
||||||
|
if [ -f "$CONF_DIR/init.sh" ]; then
|
||||||
|
bash -c "$CONF_DIR/init.sh"
|
||||||
|
else
|
||||||
|
# create database
|
||||||
|
if [ -n "$DATABASE_CREATE" ]; then
|
||||||
|
mysql -v -u root --database=mysql --binary-mode <<MYSQL_SCRIPT
|
||||||
|
CREATE DATABASE IF NOT EXISTS $DATABASE_CREATE;
|
||||||
|
MYSQL_SCRIPT
|
||||||
|
fi
|
||||||
|
# create user
|
||||||
|
if [ -n "$user_name" ] && [ "$user_name" != "root" ]; then
|
||||||
|
mysql -v -u root --database=mysql --binary-mode <<MYSQL_SCRIPT
|
||||||
|
CREATE USER IF NOT EXISTS $user_name@'%' IDENTIFIED BY '$user_pass';
|
||||||
|
MYSQL_SCRIPT
|
||||||
|
fi
|
||||||
|
# give user privileges to database
|
||||||
|
if [ -n "$user_name" ] && [ "$user_name" != "root" ] && [ -n "$DATABASE_CREATE" ]; then
|
||||||
|
mysql -v -u root --database=mysql --binary-mode <<MYSQL_SCRIPT
|
||||||
|
GRANT ALL PRIVILEGES ON $DATABASE_CREATE.* TO $user_name@'%';
|
||||||
|
MYSQL_SCRIPT
|
||||||
|
fi
|
||||||
|
# update root password
|
||||||
|
mysql -v -u root --database=mysql --binary-mode <<MYSQL_SCRIPT
|
||||||
|
DROP USER IF EXISTS root@'127.0.0.1', root@'::1';
|
||||||
|
ALTER USER root@localhost IDENTIFIED BY '$root_user_pass';
|
||||||
|
GRANT ALL ON *.* TO root@localhost WITH GRANT OPTION
|
||||||
|
MYSQL_SCRIPT
|
||||||
|
fi
|
||||||
|
# drop the test database
|
||||||
|
mysql -v -u root <<MYSQL_SCRIPT
|
||||||
|
DROP DATABASE IF EXISTS test;
|
||||||
|
MYSQL_SCRIPT
|
||||||
|
# flush the database
|
||||||
|
mysql -v -u root --database=mysql --binary-mode <<MYSQL_SCRIPT
|
||||||
|
FLUSH PRIVILEGES;
|
||||||
|
MYSQL_SCRIPT
|
||||||
|
# change the root password in my.cnf file
|
||||||
|
if
|
||||||
|
grep -qs "#password " "$ETC_DIR/my.cnf"
|
||||||
|
then
|
||||||
|
__replace "#password " "password " "$ETC_DIR/my.cnf"
|
||||||
|
fi
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__pre_message() {
|
||||||
|
local exitCode=0
|
||||||
|
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to setup ssl support
|
||||||
|
__update_ssl_conf() {
|
||||||
|
local exitCode=0
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__create_env() {
|
||||||
|
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
|
||||||
|
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
|
||||||
|
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
|
||||||
|
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
|
||||||
|
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
|
||||||
|
|
||||||
|
EOF
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# script to start server
|
||||||
|
__run_start_script() {
|
||||||
|
local user="${SERVICE_USER:-root}"
|
||||||
|
local workdir="${WORKDIR:-$WORK_DIR}"
|
||||||
|
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
|
||||||
|
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
|
||||||
|
local home="${workdir//\/root/\/tmp\/docker}"
|
||||||
|
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
if [ -z "$EXEC_CMD_BIN" ]; then
|
||||||
|
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
echo "Initializing $SCRIPT_NAME has completed"
|
||||||
|
else
|
||||||
|
# ensure the command exists
|
||||||
|
if [ ! -x "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "$EXEC_CMD_NAME is not a valid executable"
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
# set working directories
|
||||||
|
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
|
||||||
|
[ "$home" = "/root" ] && home="/tmp/docker"
|
||||||
|
[ "$home" = "$workdir" ] && workdir=""
|
||||||
|
# create needed directories
|
||||||
|
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
|
||||||
|
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
|
||||||
|
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
|
||||||
|
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
|
||||||
|
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
|
||||||
|
# check and exit if already running
|
||||||
|
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
|
||||||
|
echo "$EXEC_CMD_NAME is already running" >&2
|
||||||
|
exit 0
|
||||||
|
else
|
||||||
|
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
|
||||||
|
su_cmd touch "$SERVICE_PID_FILE"
|
||||||
|
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
|
||||||
|
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# username and password actions
|
||||||
|
__run_secure_function() {
|
||||||
|
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
|
||||||
|
for filesperms in "${USER_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
|
||||||
|
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# simple cd function
|
||||||
|
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# process check functions
|
||||||
|
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
|
||||||
|
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# check if process is already running
|
||||||
|
__proc_check() {
|
||||||
|
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
|
||||||
|
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
|
||||||
|
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
|
||||||
|
SERVICE_IS_RUNNING="true"
|
||||||
|
touch "$SERVICE_PID_FILE"
|
||||||
|
echo "$cmd_name is already running"
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow ENV_ variable - Import env file
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_EXIT_CODE=0 # default exit code
|
||||||
|
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# application specific
|
||||||
|
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
|
||||||
|
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
|
||||||
|
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# create auth directories
|
||||||
|
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
|
||||||
|
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow per init script usernames and passwords
|
||||||
|
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow setting initial users and passwords via environment
|
||||||
|
user_name="${user_name:-$ENV_USER_NAME}"
|
||||||
|
user_pass="${user_pass:-$ENV_USER_PASS}"
|
||||||
|
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
|
||||||
|
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set password to random if variable is random
|
||||||
|
if [ "$user_pass" = "random" ]; then
|
||||||
|
user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
if [ "$root_user_pass" = "random" ]; then
|
||||||
|
root_user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow variables via imports - Overwrite existing
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Only run check
|
||||||
|
if [ "$1" = "check" ]; then
|
||||||
|
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
|
||||||
|
exit $?
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show message if env exists
|
||||||
|
if [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
|
||||||
|
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set switch user command
|
||||||
|
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
elif [ "$(builtin type -P gosu)" ]; then
|
||||||
|
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P runuser)" ]; then
|
||||||
|
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P sudo)" ]; then
|
||||||
|
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P su)" ]; then
|
||||||
|
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
|
||||||
|
else
|
||||||
|
echo "Can not switch to $SERVICE_USER: attempting to run as root"
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Change to working directory
|
||||||
|
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show init message
|
||||||
|
__pre_message
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Initialize ssl
|
||||||
|
__update_ssl_conf
|
||||||
|
__update_ssl_certs
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Updating config files
|
||||||
|
__create_env
|
||||||
|
__update_conf_files
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run the pre execute commands
|
||||||
|
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
|
||||||
|
__pre_execute
|
||||||
|
__run_secure_function
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
|
||||||
|
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
|
||||||
|
SERVICE_EXIT_CODE=10
|
||||||
|
SERVICE_IS_RUNNING="false"
|
||||||
|
rm -Rf "$SERVICE_PID_FILE"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
exit $SERVICE_EXIT_CODE
|
404
init/done/00-mongodb.sh
Executable file
@ -0,0 +1,404 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
|
||||||
|
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
printf '%s\n' "# - - - Initializing mongodb - - - #"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_NAME="mongodb"
|
||||||
|
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run trap command on exit
|
||||||
|
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import the functions file
|
||||||
|
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
|
||||||
|
. "/usr/local/etc/docker/functions/entrypoint.sh"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import variables
|
||||||
|
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
|
||||||
|
[ -f "$set_env" ] && . "$set_env"
|
||||||
|
done
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Custom functions
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Show message before execute
|
||||||
|
PRE_EXEC_MESSAGE=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Default predefined variables
|
||||||
|
WORKDIR="" # set working directory
|
||||||
|
DATA_DIR="/data" # set data directory
|
||||||
|
WWW_DIR="/data/htdocs/www" # set the web root
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ETC_DIR="/etc/mongodb" # set etc directory
|
||||||
|
CONF_DIR="/config/mongodb" # set config directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
RUN_DIR="/run/init.d" # set scripts pid dir
|
||||||
|
LOG_DIR="/data/logs/mongodb" # set log directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
|
||||||
|
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set the database directory
|
||||||
|
DATABASE_DIR="${DATABASE_DIR_MONGODB:-/data/db/mongodb}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional predefined variables
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# port which service is listening on
|
||||||
|
SERVICE_PORT="27017"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# execute command variables
|
||||||
|
SERVICE_UID="0" # set the user id
|
||||||
|
SERVICE_USER="root" # execute command as another user
|
||||||
|
EXEC_CMD_BIN="mongod" # command to execute
|
||||||
|
EXEC_CMD_ARGS="-vvvv" # command arguments
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a web server
|
||||||
|
IS_WEB_SERVER="no"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a database server
|
||||||
|
IS_DATABASE_SERVICE="yes"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional variables
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# usernames
|
||||||
|
user_name="${MONGODB_USER_NAME:-}" # normal user name
|
||||||
|
root_user_name="${MONGODB_ROOT_USER_NAME:-}" # root user name
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# passwords [password/random]
|
||||||
|
user_pass="${MONGODB_USER_PASS_WORD:-}" # normal user password
|
||||||
|
root_user_pass="${MONGODB_ROOT_PASS_WORD:-}" # root user password
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Overwrite variables from files
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Specifiy custom directories to be created
|
||||||
|
ADD_APPLICATION_FILES=""
|
||||||
|
ADD_APPLICATION_DIRS=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
APPLICATION_FILES="$LOG_DIR/mongodb.log"
|
||||||
|
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__update_conf_files() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
|
||||||
|
# delete files
|
||||||
|
#__rm ""
|
||||||
|
|
||||||
|
# define actions
|
||||||
|
|
||||||
|
# create default directories
|
||||||
|
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating directory $filedirs with permissions 777"
|
||||||
|
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create default files
|
||||||
|
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
|
||||||
|
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating file $application_files with permissions 777"
|
||||||
|
touch "$application_files" && chmod -Rf 777 "$application_files"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create directories if variable is yes"
|
||||||
|
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
# copy config files to system
|
||||||
|
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
# replace variables
|
||||||
|
# __replace "" "" "$CONF_DIR/mongodb.conf"
|
||||||
|
# replace variables recursively
|
||||||
|
# __find_replace "" "" "$CONF_DIR/"
|
||||||
|
# custom commands
|
||||||
|
|
||||||
|
# other
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset application_files filedirs
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run before executing
|
||||||
|
__pre_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
# define commands
|
||||||
|
|
||||||
|
# execute if directories is empty
|
||||||
|
#__is_dir_empty "" &&
|
||||||
|
|
||||||
|
# create user if needed
|
||||||
|
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
|
||||||
|
# set user on files/folders
|
||||||
|
if [ -n "$user" ] && [ "$user" != "root" ]; then
|
||||||
|
if grep -s -q "$user:" "/etc/passwd"; then
|
||||||
|
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
|
||||||
|
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset filesperms filename
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run after executing
|
||||||
|
__post_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
sleep 60 # how long to wait before executing
|
||||||
|
echo "Running post commands" # message
|
||||||
|
# execute commands
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__pre_message() {
|
||||||
|
local exitCode=0
|
||||||
|
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to setup ssl support
|
||||||
|
__update_ssl_conf() {
|
||||||
|
local exitCode=0
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__create_env() {
|
||||||
|
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
|
||||||
|
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
|
||||||
|
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
|
||||||
|
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
|
||||||
|
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
|
||||||
|
|
||||||
|
EOF
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# script to start server
|
||||||
|
__run_start_script() {
|
||||||
|
local user="${SERVICE_USER:-root}"
|
||||||
|
local workdir="${WORKDIR:-$WORK_DIR}"
|
||||||
|
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
|
||||||
|
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
|
||||||
|
local home="${workdir//\/root/\/tmp\/docker}"
|
||||||
|
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
if [ -z "$EXEC_CMD_BIN" ]; then
|
||||||
|
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
echo "Initializing $SCRIPT_NAME has completed"
|
||||||
|
else
|
||||||
|
# ensure the command exists
|
||||||
|
if [ ! -x "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "$EXEC_CMD_NAME is not a valid executable"
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
# set working directories
|
||||||
|
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
|
||||||
|
[ "$home" = "/root" ] && home="/tmp/docker"
|
||||||
|
[ "$home" = "$workdir" ] && workdir=""
|
||||||
|
# create needed directories
|
||||||
|
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
|
||||||
|
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
|
||||||
|
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
|
||||||
|
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
|
||||||
|
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
|
||||||
|
# check and exit if already running
|
||||||
|
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
|
||||||
|
echo "$EXEC_CMD_NAME is already running" >&2
|
||||||
|
exit 0
|
||||||
|
else
|
||||||
|
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
|
||||||
|
su_cmd touch "$SERVICE_PID_FILE"
|
||||||
|
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
|
||||||
|
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# username and password actions
|
||||||
|
__run_secure_function() {
|
||||||
|
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
|
||||||
|
for filesperms in "${USER_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
|
||||||
|
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# simple cd function
|
||||||
|
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# process check functions
|
||||||
|
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
|
||||||
|
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# check if process is already running
|
||||||
|
__proc_check() {
|
||||||
|
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
|
||||||
|
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
|
||||||
|
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
|
||||||
|
SERVICE_IS_RUNNING="true"
|
||||||
|
touch "$SERVICE_PID_FILE"
|
||||||
|
echo "$cmd_name is already running"
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow ENV_ variable - Import env file
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_EXIT_CODE=0 # default exit code
|
||||||
|
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# application specific
|
||||||
|
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
|
||||||
|
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
|
||||||
|
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# create auth directories
|
||||||
|
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
|
||||||
|
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow per init script usernames and passwords
|
||||||
|
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow setting initial users and passwords via environment
|
||||||
|
user_name="${user_name:-$ENV_USER_NAME}"
|
||||||
|
user_pass="${user_pass:-$ENV_USER_PASS}"
|
||||||
|
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
|
||||||
|
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set password to random if variable is random
|
||||||
|
if [ "$user_pass" = "random" ]; then
|
||||||
|
user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
if [ "$root_user_pass" = "random" ]; then
|
||||||
|
root_user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow variables via imports - Overwrite existing
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Only run check
|
||||||
|
if [ "$1" = "check" ]; then
|
||||||
|
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
|
||||||
|
exit $?
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show message if env exists
|
||||||
|
if [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
|
||||||
|
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set switch user command
|
||||||
|
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
elif [ "$(builtin type -P gosu)" ]; then
|
||||||
|
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P runuser)" ]; then
|
||||||
|
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P sudo)" ]; then
|
||||||
|
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P su)" ]; then
|
||||||
|
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
|
||||||
|
else
|
||||||
|
echo "Can not switch to $SERVICE_USER: attempting to run as root"
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Change to working directory
|
||||||
|
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show init message
|
||||||
|
__pre_message
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Initialize ssl
|
||||||
|
__update_ssl_conf
|
||||||
|
__update_ssl_certs
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Updating config files
|
||||||
|
__create_env
|
||||||
|
__update_conf_files
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run the pre execute commands
|
||||||
|
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
|
||||||
|
__pre_execute
|
||||||
|
__run_secure_function
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
|
||||||
|
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
|
||||||
|
SERVICE_EXIT_CODE=10
|
||||||
|
SERVICE_IS_RUNNING="false"
|
||||||
|
rm -Rf "$SERVICE_PID_FILE"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
exit $SERVICE_EXIT_CODE
|
420
init/done/03-aria2.sh
Executable file
@ -0,0 +1,420 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
|
||||||
|
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
printf '%s\n' "# - - - Initializing aria2 - - - #"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_NAME="aria2"
|
||||||
|
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run trap command on exit
|
||||||
|
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import the functions file
|
||||||
|
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
|
||||||
|
. "/usr/local/etc/docker/functions/entrypoint.sh"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import variables
|
||||||
|
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
|
||||||
|
[ -f "$set_env" ] && . "$set_env"
|
||||||
|
done
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Custom functions
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Show message before execute
|
||||||
|
PRE_EXEC_MESSAGE=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Default predefined variables
|
||||||
|
WORKDIR="" # set working directory
|
||||||
|
DATA_DIR="/data/downloads/aria2" # set data directory
|
||||||
|
WWW_DIR="/var/www/aria2ng" # set the web root
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ETC_DIR="/etc/aria2" # set etc directory
|
||||||
|
CONF_DIR="/config/aria2" # set config directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
RUN_DIR="/run/init.d" # set scripts pid dir
|
||||||
|
LOG_DIR="/data/logs/aria2" # set log directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
|
||||||
|
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set the database directory
|
||||||
|
DATABASE_DIR="${DATABASE_DIR_ARIA2:-/data/db/aria2}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional predefined variables
|
||||||
|
DATA_DIR="$(grep -Rs '^dir=' "$ETC_DIR/aria2.conf" | awk -F'=' '{print $2}' | grep '^' || echo "$DATA_DIR")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# port which service is listening on
|
||||||
|
SERVICE_PORT="8000"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# execute command variables
|
||||||
|
SERVICE_UID="0" # set the user id
|
||||||
|
SERVICE_USER="root" # execute command as another user
|
||||||
|
EXEC_CMD_BIN="aria2c" # command to execute
|
||||||
|
EXEC_CMD_ARGS="--conf-path=$ETC_DIR/aria2.conf" # command arguments
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a web server
|
||||||
|
IS_WEB_SERVER="no"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a database server
|
||||||
|
IS_DATABASE_SERVICE="no"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional variables
|
||||||
|
RPC_SECRET="${RPC_SECRET:-}"
|
||||||
|
GET_WEB_CONFIG="$(find "$WWW_DIR/js" -name 'aria-ng*.js' | grep -v '^$')"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# usernames
|
||||||
|
user_name="${ARIA2_USER_NAME:-}" # normal user name
|
||||||
|
root_user_name="${ARIA2_ROOT_USER_NAME:-}" # root user name
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# passwords [password/random]
|
||||||
|
user_pass="${ARIA2_USER_PASS_WORD:-}" # normal user password
|
||||||
|
root_user_pass="${ARIA2_ROOT_PASS_WORD:-}" # root user password
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Overwrite variables from files
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Specifiy custom directories to be created
|
||||||
|
ADD_APPLICATION_FILES=""
|
||||||
|
ADD_APPLICATION_DIRS=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
APPLICATION_FILES="$LOG_DIR/aria2.log"
|
||||||
|
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__update_conf_files() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
if [ -n "$RPC_SECRET" ]; then
|
||||||
|
RPC_SECRET_BASE64=$(echo -n "${RPC_SECRET}" | base64 -w 0)
|
||||||
|
fi
|
||||||
|
|
||||||
|
# create default directories
|
||||||
|
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating directory $filedirs with permissions 777"
|
||||||
|
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create default files
|
||||||
|
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
|
||||||
|
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating file $application_files with permissions 777"
|
||||||
|
touch "$application_files" && chmod -Rf 777 "$application_files"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create directories if variable is yes"
|
||||||
|
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
# copy config files to system
|
||||||
|
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
# replace variables
|
||||||
|
__replace "REPLACE_RPC_PORT" "$SERVICE_PORT" "$ETC_DIR/aria2.conf"
|
||||||
|
__replace "6800" "$SERVICE_PORT" $GET_WEB_CONFIG
|
||||||
|
if grep -qs "REPLACE_RPC_SECRET" "$GET_WEB_CONFIG"; then
|
||||||
|
__find_replace "REPLACE_RPC_SECRET" "$RPC_SECRET_BASE64" "$GET_WEB_CONFIG"
|
||||||
|
else
|
||||||
|
sed -i 's,secret:"[^"]*",secret:"'"${RPC_SECRET_BASE64}"'",g' "$GET_WEB_CONFIG"
|
||||||
|
fi
|
||||||
|
if [ -n "$RPC_SECRET" ]; then
|
||||||
|
echo "Changing rpc secret to $RPC_SECRET"
|
||||||
|
if grep -sq "rpc-secret=" "$ETC_DIR/aria2.conf"; then
|
||||||
|
__replace "REPLACE_RPC_SECRET" "$RPC_SECRET" "$ETC_DIR/aria2.conf"
|
||||||
|
else
|
||||||
|
echo "rpc-secret=$RPC_SECRET" >>"$ETC_DIR/aria2.conf"
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
__replace "rpc-secret=" "#rpc-secret=" "$ETC_DIR/aria2.conf"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# custom commands
|
||||||
|
touch "$CONF_DIR/aria2.session"
|
||||||
|
ln -sf "$CONF_DIR/aria2.session" "$ETC_DIR/aria2.session"
|
||||||
|
|
||||||
|
# other
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset application_files filedirs
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run before executing
|
||||||
|
__pre_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
# define commands
|
||||||
|
|
||||||
|
# execute if directories is empty
|
||||||
|
#__is_dir_empty "" &&
|
||||||
|
|
||||||
|
# create user if needed
|
||||||
|
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
|
||||||
|
# set user on files/folders
|
||||||
|
if [ -n "$user" ] && [ "$user" != "root" ]; then
|
||||||
|
if grep -s -q "$user:" "/etc/passwd"; then
|
||||||
|
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
|
||||||
|
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset filesperms filename
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run after executing
|
||||||
|
__post_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
sleep 60 # how long to wait before executing
|
||||||
|
echo "Running post commands" # message
|
||||||
|
# execute commands
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__pre_message() {
|
||||||
|
local exitCode=0
|
||||||
|
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to setup ssl support
|
||||||
|
__update_ssl_conf() {
|
||||||
|
local exitCode=0
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__create_env() {
|
||||||
|
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
|
||||||
|
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
|
||||||
|
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
|
||||||
|
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
|
||||||
|
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
|
||||||
|
|
||||||
|
EOF
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# script to start server
|
||||||
|
__run_start_script() {
|
||||||
|
local user="${SERVICE_USER:-root}"
|
||||||
|
local workdir="${WORKDIR:-$WORK_DIR}"
|
||||||
|
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
|
||||||
|
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
|
||||||
|
local home="${workdir//\/root/\/tmp\/docker}"
|
||||||
|
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
if [ -z "$EXEC_CMD_BIN" ]; then
|
||||||
|
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
echo "Initializing $SCRIPT_NAME has completed"
|
||||||
|
else
|
||||||
|
# ensure the command exists
|
||||||
|
if [ ! -x "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "$EXEC_CMD_NAME is not a valid executable"
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
# set working directories
|
||||||
|
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
|
||||||
|
[ "$home" = "/root" ] && home="/tmp/docker"
|
||||||
|
[ "$home" = "$workdir" ] && workdir=""
|
||||||
|
# create needed directories
|
||||||
|
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
|
||||||
|
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
|
||||||
|
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
|
||||||
|
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
|
||||||
|
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
|
||||||
|
# check and exit if already running
|
||||||
|
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
|
||||||
|
echo "$EXEC_CMD_NAME is already running" >&2
|
||||||
|
exit 0
|
||||||
|
else
|
||||||
|
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
|
||||||
|
su_cmd touch "$SERVICE_PID_FILE"
|
||||||
|
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
|
||||||
|
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# username and password actions
|
||||||
|
__run_secure_function() {
|
||||||
|
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
|
||||||
|
for filesperms in "${USER_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
|
||||||
|
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# simple cd function
|
||||||
|
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# process check functions
|
||||||
|
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
|
||||||
|
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# check if process is already running
|
||||||
|
__proc_check() {
|
||||||
|
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
|
||||||
|
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
|
||||||
|
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
|
||||||
|
SERVICE_IS_RUNNING="true"
|
||||||
|
touch "$SERVICE_PID_FILE"
|
||||||
|
echo "$cmd_name is already running"
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow ENV_ variable - Import env file
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_EXIT_CODE=0 # default exit code
|
||||||
|
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# application specific
|
||||||
|
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
|
||||||
|
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
|
||||||
|
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# create auth directories
|
||||||
|
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
|
||||||
|
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow per init script usernames and passwords
|
||||||
|
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow setting initial users and passwords via environment
|
||||||
|
user_name="${user_name:-$ENV_USER_NAME}"
|
||||||
|
user_pass="${user_pass:-$ENV_USER_PASS}"
|
||||||
|
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
|
||||||
|
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set password to random if variable is random
|
||||||
|
if [ "$user_pass" = "random" ]; then
|
||||||
|
user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
if [ "$root_user_pass" = "random" ]; then
|
||||||
|
root_user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow variables via imports - Overwrite existing
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Only run check
|
||||||
|
if [ "$1" = "check" ]; then
|
||||||
|
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
|
||||||
|
exit $?
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show message if env exists
|
||||||
|
if [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
|
||||||
|
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set switch user command
|
||||||
|
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
elif [ "$(builtin type -P gosu)" ]; then
|
||||||
|
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P runuser)" ]; then
|
||||||
|
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P sudo)" ]; then
|
||||||
|
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P su)" ]; then
|
||||||
|
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
|
||||||
|
else
|
||||||
|
echo "Can not switch to $SERVICE_USER: attempting to run as root"
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Change to working directory
|
||||||
|
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show init message
|
||||||
|
__pre_message
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Initialize ssl
|
||||||
|
__update_ssl_conf
|
||||||
|
__update_ssl_certs
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Updating config files
|
||||||
|
__create_env
|
||||||
|
__update_conf_files
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run the pre execute commands
|
||||||
|
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
|
||||||
|
__pre_execute
|
||||||
|
__run_secure_function
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
|
||||||
|
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
|
||||||
|
SERVICE_EXIT_CODE=10
|
||||||
|
SERVICE_IS_RUNNING="false"
|
||||||
|
rm -Rf "$SERVICE_PID_FILE"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
exit $SERVICE_EXIT_CODE
|
398
init/done/03-headphones.sh
Executable file
@ -0,0 +1,398 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
|
||||||
|
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
printf '%s\n' "# - - - Initializing headphones - - - #"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_NAME="headphones"
|
||||||
|
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run trap command on exit
|
||||||
|
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import the functions file
|
||||||
|
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
|
||||||
|
. "/usr/local/etc/docker/functions/entrypoint.sh"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import variables
|
||||||
|
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
|
||||||
|
[ -f "$set_env" ] && . "$set_env"
|
||||||
|
done
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Custom functions
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Show message before execute
|
||||||
|
PRE_EXEC_MESSAGE=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Default predefined variables
|
||||||
|
WORKDIR="" # set working directory
|
||||||
|
DATA_DIR="/data/headphones" # set data directory
|
||||||
|
WWW_DIR="/data/htdocs/www" # set the web root
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ETC_DIR="/etc/headphones" # set etc directory
|
||||||
|
CONF_DIR="/config/headphones" # set config directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
RUN_DIR="/run/init.d" # set scripts pid dir
|
||||||
|
LOG_DIR="/data/logs/headphones" # set log directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
|
||||||
|
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set the database directory
|
||||||
|
DATABASE_DIR="${DATABASE_DIR_HEADPHONES:-/data/db/headphones}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional predefined variables
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# port which service is listening on
|
||||||
|
SERVICE_PORT="80"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# execute command variables
|
||||||
|
SERVICE_UID="0" # set the user id
|
||||||
|
SERVICE_USER="root" # execute command as another user
|
||||||
|
EXEC_CMD_BIN="python3" # command to execute
|
||||||
|
EXEC_CMD_ARGS="/var/lib/headphones/Headphones.py --nolaunch " # command arguments
|
||||||
|
EXEC_CMD_ARGS+="--config $CONF_DIR/headphones.ini --datadir $DATA_DIR "
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a web server
|
||||||
|
IS_WEB_SERVER="no"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a database server
|
||||||
|
IS_DATABASE_SERVICE="no"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional variables
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# usernames
|
||||||
|
user_name="${HEADPHONES_USER_NAME:-}" # normal user name
|
||||||
|
root_user_name="${HEADPHONES_ROOT_USER_NAME:-}" # root user name
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# passwords [password/random]
|
||||||
|
user_pass="${HEADPHONES_USER_PASS_WORD:-}" # normal user password
|
||||||
|
root_user_pass="${HEADPHONES_ROOT_PASS_WORD:-}" # root user password
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Overwrite variables from files
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Specifiy custom directories to be created
|
||||||
|
ADD_APPLICATION_FILES=""
|
||||||
|
ADD_APPLICATION_DIRS=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
APPLICATION_FILES="$LOG_DIR/headphones.log"
|
||||||
|
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR /data/cache /data/downloads"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__update_conf_files() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
|
||||||
|
# create default directories
|
||||||
|
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating directory $filedirs with permissions 777"
|
||||||
|
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create default files
|
||||||
|
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
|
||||||
|
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating file $application_files with permissions 777"
|
||||||
|
touch "$application_files" && chmod -Rf 777 "$application_files"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create directories if variable is yes"
|
||||||
|
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
# copy config files to system
|
||||||
|
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
# replace variables
|
||||||
|
__replace "REPLACE_USER_NAME" "$user_name" "$ETC_DIR/headphones.ini"
|
||||||
|
__replace "REPLACE_USER_PASS" "$user_pass" "$ETC_DIR/headphones.ini"
|
||||||
|
__replace "REPLACE_SERVER_PORT" "$SERVICE_PORT" "$ETC_DIR/headphones.ini"
|
||||||
|
# other
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset application_files filedirs
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run before executing
|
||||||
|
__pre_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
# define commands
|
||||||
|
|
||||||
|
# execute if directories is empty
|
||||||
|
#__is_dir_empty "" &&
|
||||||
|
|
||||||
|
# create user if needed
|
||||||
|
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
|
||||||
|
# set user on files/folders
|
||||||
|
if [ -n "$user" ] && [ "$user" != "root" ]; then
|
||||||
|
if grep -s -q "$user:" "/etc/passwd"; then
|
||||||
|
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
|
||||||
|
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset filesperms filename
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run after executing
|
||||||
|
__post_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
sleep 60 # how long to wait before executing
|
||||||
|
echo "Running post commands" # message
|
||||||
|
# execute commands
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__pre_message() {
|
||||||
|
local exitCode=0
|
||||||
|
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to setup ssl support
|
||||||
|
__update_ssl_conf() {
|
||||||
|
local exitCode=0
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__create_env() {
|
||||||
|
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
|
||||||
|
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
|
||||||
|
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
|
||||||
|
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
|
||||||
|
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
|
||||||
|
|
||||||
|
EOF
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# script to start server
|
||||||
|
__run_start_script() {
|
||||||
|
local user="${SERVICE_USER:-root}"
|
||||||
|
local workdir="${WORKDIR:-$WORK_DIR}"
|
||||||
|
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
|
||||||
|
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
|
||||||
|
local home="${workdir//\/root/\/tmp\/docker}"
|
||||||
|
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
if [ -z "$EXEC_CMD_BIN" ]; then
|
||||||
|
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
echo "Initializing $SCRIPT_NAME has completed"
|
||||||
|
else
|
||||||
|
# ensure the command exists
|
||||||
|
if [ ! -x "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "$EXEC_CMD_NAME is not a valid executable"
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
# set working directories
|
||||||
|
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
|
||||||
|
[ "$home" = "/root" ] && home="/tmp/docker"
|
||||||
|
[ "$home" = "$workdir" ] && workdir=""
|
||||||
|
# create needed directories
|
||||||
|
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
|
||||||
|
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
|
||||||
|
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
|
||||||
|
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
|
||||||
|
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
|
||||||
|
# check and exit if already running
|
||||||
|
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
|
||||||
|
echo "$EXEC_CMD_NAME is already running" >&2
|
||||||
|
exit 0
|
||||||
|
else
|
||||||
|
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
|
||||||
|
su_cmd touch "$SERVICE_PID_FILE"
|
||||||
|
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
|
||||||
|
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# username and password actions
|
||||||
|
__run_secure_function() {
|
||||||
|
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
|
||||||
|
for filesperms in "${USER_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
|
||||||
|
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# simple cd function
|
||||||
|
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# process check functions
|
||||||
|
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
|
||||||
|
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# check if process is already running
|
||||||
|
__proc_check() {
|
||||||
|
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
|
||||||
|
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
|
||||||
|
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
|
||||||
|
SERVICE_IS_RUNNING="true"
|
||||||
|
touch "$SERVICE_PID_FILE"
|
||||||
|
echo "$cmd_name is already running"
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow ENV_ variable - Import env file
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_EXIT_CODE=0 # default exit code
|
||||||
|
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# application specific
|
||||||
|
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
|
||||||
|
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
|
||||||
|
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# create auth directories
|
||||||
|
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
|
||||||
|
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow per init script usernames and passwords
|
||||||
|
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow setting initial users and passwords via environment
|
||||||
|
user_name="${user_name:-$ENV_USER_NAME}"
|
||||||
|
user_pass="${user_pass:-$ENV_USER_PASS}"
|
||||||
|
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
|
||||||
|
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set password to random if variable is random
|
||||||
|
if [ "$user_pass" = "random" ]; then
|
||||||
|
user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
if [ "$root_user_pass" = "random" ]; then
|
||||||
|
root_user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow variables via imports - Overwrite existing
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Only run check
|
||||||
|
if [ "$1" = "check" ]; then
|
||||||
|
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
|
||||||
|
exit $?
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show message if env exists
|
||||||
|
if [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
|
||||||
|
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set switch user command
|
||||||
|
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
elif [ "$(builtin type -P gosu)" ]; then
|
||||||
|
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P runuser)" ]; then
|
||||||
|
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P sudo)" ]; then
|
||||||
|
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P su)" ]; then
|
||||||
|
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
|
||||||
|
else
|
||||||
|
echo "Can not switch to $SERVICE_USER: attempting to run as root"
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Change to working directory
|
||||||
|
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show init message
|
||||||
|
__pre_message
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Initialize ssl
|
||||||
|
__update_ssl_conf
|
||||||
|
__update_ssl_certs
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Updating config files
|
||||||
|
__create_env
|
||||||
|
__update_conf_files
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run the pre execute commands
|
||||||
|
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
|
||||||
|
__pre_execute
|
||||||
|
__run_secure_function
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
|
||||||
|
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
|
||||||
|
SERVICE_EXIT_CODE=10
|
||||||
|
SERVICE_IS_RUNNING="false"
|
||||||
|
rm -Rf "$SERVICE_PID_FILE"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
exit $SERVICE_EXIT_CODE
|
404
init/done/03-homepage.sh
Executable file
@ -0,0 +1,404 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
|
||||||
|
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
printf '%s\n' "# - - - Initializing homepage - - - #"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_NAME="homepage"
|
||||||
|
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run trap command on exit
|
||||||
|
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import the functions file
|
||||||
|
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
|
||||||
|
. "/usr/local/etc/docker/functions/entrypoint.sh"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import variables
|
||||||
|
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
|
||||||
|
[ -f "$set_env" ] && . "$set_env"
|
||||||
|
done
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Custom functions
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Show message before execute
|
||||||
|
PRE_EXEC_MESSAGE=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Default predefined variables
|
||||||
|
WORKDIR="" # set working directory
|
||||||
|
DATA_DIR="/data" # set data directory
|
||||||
|
WWW_DIR="/data/htdocs/www" # set the web root
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ETC_DIR="/etc/homepage" # set etc directory
|
||||||
|
CONF_DIR="/config/homepage" # set config directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
RUN_DIR="/run/init.d" # set scripts pid dir
|
||||||
|
LOG_DIR="/data/logs/homepage" # set log directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
|
||||||
|
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set the database directory
|
||||||
|
DATABASE_DIR="${DATABASE_DIR_HOMEPAGE:-/data/db/homepage}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional predefined variables
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# port which service is listening on
|
||||||
|
SERVICE_PORT="3000"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# execute command variables
|
||||||
|
SERVICE_UID="0" # set the user id
|
||||||
|
SERVICE_USER="root" # execute command as another user
|
||||||
|
EXEC_CMD_BIN="homepage" # command to execute
|
||||||
|
EXEC_CMD_ARGS="server.js" # command arguments
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a web server
|
||||||
|
IS_WEB_SERVER="no"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a database server
|
||||||
|
IS_DATABASE_SERVICE="no"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional variables
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# usernames
|
||||||
|
user_name="${HOMEPAGE_USER_NAME:-}" # normal user name
|
||||||
|
root_user_name="${HOMEPAGE_ROOT_USER_NAME:-}" # root user name
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# passwords [password/random]
|
||||||
|
user_pass="${HOMEPAGE_USER_PASS_WORD:-}" # normal user password
|
||||||
|
root_user_pass="${HOMEPAGE_ROOT_PASS_WORD:-}" # root user password
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Overwrite variables from files
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Specifiy custom directories to be created
|
||||||
|
ADD_APPLICATION_FILES=""
|
||||||
|
ADD_APPLICATION_DIRS=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
APPLICATION_FILES="$LOG_DIR/homepage.log"
|
||||||
|
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__update_conf_files() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
|
||||||
|
# delete files
|
||||||
|
#__rm ""
|
||||||
|
|
||||||
|
# define actions
|
||||||
|
|
||||||
|
# create default directories
|
||||||
|
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating directory $filedirs with permissions 777"
|
||||||
|
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create default files
|
||||||
|
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
|
||||||
|
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating file $application_files with permissions 777"
|
||||||
|
touch "$application_files" && chmod -Rf 777 "$application_files"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create directories if variable is yes"
|
||||||
|
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
# copy config files to system
|
||||||
|
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
# replace variables
|
||||||
|
# __replace "" "" "$CONF_DIR/homepage.conf"
|
||||||
|
# replace variables recursively
|
||||||
|
# __find_replace "" "" "$CONF_DIR/"
|
||||||
|
# custom commands
|
||||||
|
|
||||||
|
# other
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset application_files filedirs
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run before executing
|
||||||
|
__pre_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
# define commands
|
||||||
|
|
||||||
|
# execute if directories is empty
|
||||||
|
#__is_dir_empty "" &&
|
||||||
|
|
||||||
|
# create user if needed
|
||||||
|
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
|
||||||
|
# set user on files/folders
|
||||||
|
if [ -n "$user" ] && [ "$user" != "root" ]; then
|
||||||
|
if grep -s -q "$user:" "/etc/passwd"; then
|
||||||
|
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
|
||||||
|
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset filesperms filename
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run after executing
|
||||||
|
__post_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
sleep 60 # how long to wait before executing
|
||||||
|
echo "Running post commands" # message
|
||||||
|
# execute commands
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__pre_message() {
|
||||||
|
local exitCode=0
|
||||||
|
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to setup ssl support
|
||||||
|
__update_ssl_conf() {
|
||||||
|
local exitCode=0
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__create_env() {
|
||||||
|
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
|
||||||
|
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
|
||||||
|
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
|
||||||
|
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
|
||||||
|
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
|
||||||
|
|
||||||
|
EOF
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# script to start server
|
||||||
|
__run_start_script() {
|
||||||
|
local user="${SERVICE_USER:-root}"
|
||||||
|
local workdir="${WORKDIR:-$WORK_DIR}"
|
||||||
|
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
|
||||||
|
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
|
||||||
|
local home="${workdir//\/root/\/tmp\/docker}"
|
||||||
|
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
if [ -z "$EXEC_CMD_BIN" ]; then
|
||||||
|
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
echo "Initializing $SCRIPT_NAME has completed"
|
||||||
|
else
|
||||||
|
# ensure the command exists
|
||||||
|
if [ ! -x "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "$EXEC_CMD_NAME is not a valid executable"
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
# set working directories
|
||||||
|
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
|
||||||
|
[ "$home" = "/root" ] && home="/tmp/docker"
|
||||||
|
[ "$home" = "$workdir" ] && workdir=""
|
||||||
|
# create needed directories
|
||||||
|
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
|
||||||
|
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
|
||||||
|
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
|
||||||
|
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
|
||||||
|
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
|
||||||
|
# check and exit if already running
|
||||||
|
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
|
||||||
|
echo "$EXEC_CMD_NAME is already running" >&2
|
||||||
|
exit 0
|
||||||
|
else
|
||||||
|
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
|
||||||
|
su_cmd touch "$SERVICE_PID_FILE"
|
||||||
|
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
|
||||||
|
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# username and password actions
|
||||||
|
__run_secure_function() {
|
||||||
|
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
|
||||||
|
for filesperms in "${USER_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
|
||||||
|
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# simple cd function
|
||||||
|
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# process check functions
|
||||||
|
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
|
||||||
|
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# check if process is already running
|
||||||
|
__proc_check() {
|
||||||
|
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
|
||||||
|
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
|
||||||
|
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
|
||||||
|
SERVICE_IS_RUNNING="true"
|
||||||
|
touch "$SERVICE_PID_FILE"
|
||||||
|
echo "$cmd_name is already running"
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow ENV_ variable - Import env file
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_EXIT_CODE=0 # default exit code
|
||||||
|
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# application specific
|
||||||
|
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
|
||||||
|
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
|
||||||
|
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# create auth directories
|
||||||
|
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
|
||||||
|
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow per init script usernames and passwords
|
||||||
|
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow setting initial users and passwords via environment
|
||||||
|
user_name="${user_name:-$ENV_USER_NAME}"
|
||||||
|
user_pass="${user_pass:-$ENV_USER_PASS}"
|
||||||
|
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
|
||||||
|
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set password to random if variable is random
|
||||||
|
if [ "$user_pass" = "random" ]; then
|
||||||
|
user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
if [ "$root_user_pass" = "random" ]; then
|
||||||
|
root_user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow variables via imports - Overwrite existing
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Only run check
|
||||||
|
if [ "$1" = "check" ]; then
|
||||||
|
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
|
||||||
|
exit $?
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show message if env exists
|
||||||
|
if [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
|
||||||
|
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set switch user command
|
||||||
|
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
elif [ "$(builtin type -P gosu)" ]; then
|
||||||
|
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P runuser)" ]; then
|
||||||
|
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P sudo)" ]; then
|
||||||
|
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P su)" ]; then
|
||||||
|
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
|
||||||
|
else
|
||||||
|
echo "Can not switch to $SERVICE_USER: attempting to run as root"
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Change to working directory
|
||||||
|
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show init message
|
||||||
|
__pre_message
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Initialize ssl
|
||||||
|
__update_ssl_conf
|
||||||
|
__update_ssl_certs
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Updating config files
|
||||||
|
__create_env
|
||||||
|
__update_conf_files
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run the pre execute commands
|
||||||
|
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
|
||||||
|
__pre_execute
|
||||||
|
__run_secure_function
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
|
||||||
|
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
|
||||||
|
SERVICE_EXIT_CODE=10
|
||||||
|
SERVICE_IS_RUNNING="false"
|
||||||
|
rm -Rf "$SERVICE_PID_FILE"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
exit $SERVICE_EXIT_CODE
|
405
init/done/03-homey.sh
Executable file
@ -0,0 +1,405 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
|
||||||
|
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
printf '%s\n' "# - - - Initializing homey - - - #"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_NAME="homey"
|
||||||
|
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run trap command on exit
|
||||||
|
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import the functions file
|
||||||
|
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
|
||||||
|
. "/usr/local/etc/docker/functions/entrypoint.sh"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import variables
|
||||||
|
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
|
||||||
|
[ -f "$set_env" ] && . "$set_env"
|
||||||
|
done
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Custom functions
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Show message before execute
|
||||||
|
PRE_EXEC_MESSAGE=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Default predefined variables
|
||||||
|
WORKDIR="" # set working directory
|
||||||
|
DATA_DIR="/data" # set data directory
|
||||||
|
WWW_DIR="/data/htdocs/www" # set the web root
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ETC_DIR="/etc/homey" # set etc directory
|
||||||
|
CONF_DIR="/config/homey" # set config directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
RUN_DIR="/run/init.d" # set scripts pid dir
|
||||||
|
LOG_DIR="/data/logs/homey" # set log directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
|
||||||
|
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set the database directory
|
||||||
|
DATABASE_DIR="${DATABASE_DIR_HOMEY:-/data/db/homey}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional predefined variables
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# port which service is listening on
|
||||||
|
SERVICE_PORT="9101"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# execute command variables
|
||||||
|
SERVICE_UID="0" # set the user id
|
||||||
|
SERVICE_USER="root" # execute command as another user
|
||||||
|
EXEC_CMD_BIN="gunicorn" # command to execute
|
||||||
|
EXEC_CMD_ARGS="-b 0.0.0.0:$SERVICE_PORT --worker-tmp-dir /dev/shm " # command arguments
|
||||||
|
EXEC_CMD_ARGS+="--workers 2 --threads 50 --log-file - app:app"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a web server
|
||||||
|
IS_WEB_SERVER="no"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a database server
|
||||||
|
IS_DATABASE_SERVICE="no"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional variables
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# usernames
|
||||||
|
user_name="${HOMEY_USER_NAME:-}" # normal user name
|
||||||
|
root_user_name="${HOMEY_ROOT_USER_NAME:-}" # root user name
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# passwords [password/random]
|
||||||
|
user_pass="${HOMEY_USER_PASS_WORD:-}" # normal user password
|
||||||
|
root_user_pass="${HOMEY_ROOT_PASS_WORD:-}" # root user password
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Overwrite variables from files
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Specifiy custom directories to be created
|
||||||
|
ADD_APPLICATION_FILES=""
|
||||||
|
ADD_APPLICATION_DIRS=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
APPLICATION_FILES="$LOG_DIR/homey.log"
|
||||||
|
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__update_conf_files() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
|
||||||
|
# delete files
|
||||||
|
#__rm ""
|
||||||
|
|
||||||
|
# define actions
|
||||||
|
|
||||||
|
# create default directories
|
||||||
|
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating directory $filedirs with permissions 777"
|
||||||
|
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create default files
|
||||||
|
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
|
||||||
|
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating file $application_files with permissions 777"
|
||||||
|
touch "$application_files" && chmod -Rf 777 "$application_files"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create directories if variable is yes"
|
||||||
|
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
# copy config files to system
|
||||||
|
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
# replace variables
|
||||||
|
# __replace "" "" "$CONF_DIR/homey.conf"
|
||||||
|
# replace variables recursively
|
||||||
|
# __find_replace "" "" "$CONF_DIR/"
|
||||||
|
# custom commands
|
||||||
|
|
||||||
|
# other
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset application_files filedirs
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run before executing
|
||||||
|
__pre_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
# define commands
|
||||||
|
|
||||||
|
# execute if directories is empty
|
||||||
|
#__is_dir_empty "" &&
|
||||||
|
|
||||||
|
# create user if needed
|
||||||
|
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
|
||||||
|
# set user on files/folders
|
||||||
|
if [ -n "$user" ] && [ "$user" != "root" ]; then
|
||||||
|
if grep -s -q "$user:" "/etc/passwd"; then
|
||||||
|
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
|
||||||
|
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset filesperms filename
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run after executing
|
||||||
|
__post_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
sleep 60 # how long to wait before executing
|
||||||
|
echo "Running post commands" # message
|
||||||
|
# execute commands
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__pre_message() {
|
||||||
|
local exitCode=0
|
||||||
|
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to setup ssl support
|
||||||
|
__update_ssl_conf() {
|
||||||
|
local exitCode=0
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__create_env() {
|
||||||
|
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
|
||||||
|
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
|
||||||
|
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
|
||||||
|
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
|
||||||
|
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
|
||||||
|
|
||||||
|
EOF
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# script to start server
|
||||||
|
__run_start_script() {
|
||||||
|
local user="${SERVICE_USER:-root}"
|
||||||
|
local workdir="${WORKDIR:-$WORK_DIR}"
|
||||||
|
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
|
||||||
|
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
|
||||||
|
local home="${workdir//\/root/\/tmp\/docker}"
|
||||||
|
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
if [ -z "$EXEC_CMD_BIN" ]; then
|
||||||
|
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
echo "Initializing $SCRIPT_NAME has completed"
|
||||||
|
else
|
||||||
|
# ensure the command exists
|
||||||
|
if [ ! -x "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "$EXEC_CMD_NAME is not a valid executable"
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
# set working directories
|
||||||
|
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
|
||||||
|
[ "$home" = "/root" ] && home="/tmp/docker"
|
||||||
|
[ "$home" = "$workdir" ] && workdir=""
|
||||||
|
# create needed directories
|
||||||
|
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
|
||||||
|
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
|
||||||
|
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
|
||||||
|
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
|
||||||
|
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
|
||||||
|
# check and exit if already running
|
||||||
|
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
|
||||||
|
echo "$EXEC_CMD_NAME is already running" >&2
|
||||||
|
exit 0
|
||||||
|
else
|
||||||
|
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
|
||||||
|
su_cmd touch "$SERVICE_PID_FILE"
|
||||||
|
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
|
||||||
|
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# username and password actions
|
||||||
|
__run_secure_function() {
|
||||||
|
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
|
||||||
|
for filesperms in "${USER_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
|
||||||
|
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# simple cd function
|
||||||
|
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# process check functions
|
||||||
|
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
|
||||||
|
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# check if process is already running
|
||||||
|
__proc_check() {
|
||||||
|
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
|
||||||
|
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
|
||||||
|
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
|
||||||
|
SERVICE_IS_RUNNING="true"
|
||||||
|
touch "$SERVICE_PID_FILE"
|
||||||
|
echo "$cmd_name is already running"
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow ENV_ variable - Import env file
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_EXIT_CODE=0 # default exit code
|
||||||
|
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# application specific
|
||||||
|
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
|
||||||
|
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
|
||||||
|
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# create auth directories
|
||||||
|
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
|
||||||
|
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow per init script usernames and passwords
|
||||||
|
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow setting initial users and passwords via environment
|
||||||
|
user_name="${user_name:-$ENV_USER_NAME}"
|
||||||
|
user_pass="${user_pass:-$ENV_USER_PASS}"
|
||||||
|
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
|
||||||
|
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set password to random if variable is random
|
||||||
|
if [ "$user_pass" = "random" ]; then
|
||||||
|
user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
if [ "$root_user_pass" = "random" ]; then
|
||||||
|
root_user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow variables via imports - Overwrite existing
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Only run check
|
||||||
|
if [ "$1" = "check" ]; then
|
||||||
|
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
|
||||||
|
exit $?
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show message if env exists
|
||||||
|
if [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
|
||||||
|
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set switch user command
|
||||||
|
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
elif [ "$(builtin type -P gosu)" ]; then
|
||||||
|
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P runuser)" ]; then
|
||||||
|
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P sudo)" ]; then
|
||||||
|
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P su)" ]; then
|
||||||
|
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
|
||||||
|
else
|
||||||
|
echo "Can not switch to $SERVICE_USER: attempting to run as root"
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Change to working directory
|
||||||
|
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show init message
|
||||||
|
__pre_message
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Initialize ssl
|
||||||
|
__update_ssl_conf
|
||||||
|
__update_ssl_certs
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Updating config files
|
||||||
|
__create_env
|
||||||
|
__update_conf_files
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run the pre execute commands
|
||||||
|
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
|
||||||
|
__pre_execute
|
||||||
|
__run_secure_function
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
|
||||||
|
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
|
||||||
|
SERVICE_EXIT_CODE=10
|
||||||
|
SERVICE_IS_RUNNING="false"
|
||||||
|
rm -Rf "$SERVICE_PID_FILE"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
exit $SERVICE_EXIT_CODE
|
456
init/done/04-bind.sh
Executable file
@ -0,0 +1,456 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
|
||||||
|
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
printf '%s\n' "# - - - Initializing bind - - - #"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_NAME="bind"
|
||||||
|
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run trap command on exit
|
||||||
|
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import the functions file
|
||||||
|
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
|
||||||
|
. "/usr/local/etc/docker/functions/entrypoint.sh"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import variables
|
||||||
|
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
|
||||||
|
[ -f "$set_env" ] && . "$set_env"
|
||||||
|
done
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Custom functions
|
||||||
|
__rndc_key() { grep -s 'key "rndc-key" ' "$ETC_DIR/rndc.key" | grep -v 'KEY_RNDC' | sed 's|.*secret ||g;s|"||g;s|;.*||g' | grep '^' || return 1; }
|
||||||
|
__tsig_key() { tsig-keygen -a hmac-sha256 | grep 'secret' | sed 's|.*secret "||g;s|"||g;s|;||g' | grep '^' || echo 'wp/HApbthaVPjwqgp6ziLlmnkyLSNbRTehkdARBDcpI='; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Show message before execute
|
||||||
|
PRE_EXEC_MESSAGE=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Default predefined variables
|
||||||
|
WORKDIR="" # set working directory
|
||||||
|
DATA_DIR="/data/named" # set data directory
|
||||||
|
WWW_DIR="/data/htdocs/www" # set the web root
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ETC_DIR="/etc/bind" # set etc directory
|
||||||
|
CONF_DIR="/config/named" # set config directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
RUN_DIR="/run/init.d" # set scripts pid dir
|
||||||
|
LOG_DIR="/data/logs/bind" # set log directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
|
||||||
|
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set the database directory
|
||||||
|
DATABASE_DIR="${DATABASE_DIR_BIND:-/data/db/bind}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional predefined variables
|
||||||
|
KEY_RNDC="${KEY_RNDC:-$(__tsig_key)}"
|
||||||
|
KEY_DHCP="${KEY_DHCP:-$(__tsig_key)}"
|
||||||
|
KEY_BACKUP="${KEY_BACKUP:-$(__tsig_key)}"
|
||||||
|
KEY_CERTBOT="${KEY_CERTBOT:-$(__tsig_key)}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# port which service is listening on
|
||||||
|
SERVICE_PORT="53"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# execute command variables
|
||||||
|
SERVICE_UID="0" # set the user id
|
||||||
|
SERVICE_USER="root" # execute command as another user
|
||||||
|
EXEC_CMD_BIN="named" # command to execute
|
||||||
|
EXEC_CMD_ARGS="-f -c $ETC_DIR/named.conf" # command arguments
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a web server
|
||||||
|
IS_WEB_SERVER="no"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a database server
|
||||||
|
IS_DATABASE_SERVICE="no"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional variables
|
||||||
|
VAR_DIR="/var/bind"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# usernames
|
||||||
|
user_name="${BIND_USER_NAME:-}" # normal user name
|
||||||
|
root_user_name="${BIND_ROOT_USER_NAME:-}" # root user name
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# passwords [password/random]
|
||||||
|
user_pass="${BIND_USER_PASS_WORD:-}" # normal user password
|
||||||
|
root_user_pass="${BIND_ROOT_PASS_WORD:-}" # root user password
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Overwrite variables from files
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Specifiy custom directories to be created
|
||||||
|
ADD_APPLICATION_FILES=""
|
||||||
|
ADD_APPLICATION_DIRS=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
APPLICATION_FILES="$LOG_DIR/xfer.log $LOG_DIR/update.log $LOG_DIR/notify.log $LOG_DIR/querylog.log "
|
||||||
|
APPLICATION_FILES+="$LOG_DIR/default.log $LOG_DIR/debug.log $LOG_DIR/security.log "
|
||||||
|
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR $CONF_DIR/keys $DATA_DIR/zones $VAR_DIR/zones"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__update_conf_files() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
local zone_files=""
|
||||||
|
serial="$(date +'%Y%m%d%S')"
|
||||||
|
local HOSTNAME="${SERVER_NAME:-$HOSTNAME}"
|
||||||
|
local ip_address="${CONTAINER_IP4_ADDRESS:-127.0.0.1}"
|
||||||
|
if [ -f "$CONF_DIR/set_rndc.key" ]; then
|
||||||
|
GET_RNDC_KEY="$(<"$CONF_DIR/set_rndc.key")"
|
||||||
|
fi
|
||||||
|
# create default directories
|
||||||
|
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating directory $filedirs with permissions 777"
|
||||||
|
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create default files
|
||||||
|
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
|
||||||
|
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating file $application_files with permissions 777"
|
||||||
|
touch "$application_files" && chmod -Rf 777 "$application_files"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create directories if variable is yes"
|
||||||
|
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
# copy config files to system
|
||||||
|
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
[ -f "$ETC_DIR/custom.conf" ] && mv -f "$ETC_DIR/custom.conf" "$ETC_DIR/named.conf"
|
||||||
|
|
||||||
|
# replace variables
|
||||||
|
__replace "REPLACE_KEY_DHCP" "$KEY_DHCP" "$ETC_DIR/named.conf" #&>/dev/null
|
||||||
|
__replace "REPLACE_KEY_BACKUP" "$KEY_BACKUP" "$ETC_DIR/named.conf" #&>/dev/null
|
||||||
|
__replace "REPLACE_KEY_CERTBOT" "$KEY_CERTBOT" "$ETC_DIR/named.conf" #&>/dev/null
|
||||||
|
__replace "REPLACE_KEY_RNDC" "${GET_RNDC_KEY:-$KEY_RNDC}" "$ETC_DIR/rndc.key" #&>/dev/null
|
||||||
|
__replace "REPLACE_KEY_RNDC" "${GET_RNDC_KEY:-$KEY_RNDC}" "$ETC_DIR/named.conf" #&>/dev/null
|
||||||
|
|
||||||
|
GET_RNDC_KEY="${GET_RNDC_KEY:-$(__rndc_key || echo '')}"
|
||||||
|
if [ -n "$GET_RNDC_KEY" ]; then
|
||||||
|
echo "$GET_RNDC_KEY" >"$CONF_DIR/set_rndc.key"
|
||||||
|
fi
|
||||||
|
|
||||||
|
zone_files="$(find "$DATA_DIR/zones/" -type f | wc -l)"
|
||||||
|
if [ $zone_files = 0 ] && [ ! -f "$DATA_DIR/zones/$HOSTNAME.zone" ]; then
|
||||||
|
cat <<EOF | tee "$DATA_DIR/zones/$HOSTNAME.zone" &>/dev/null
|
||||||
|
; config for $HOSTNAME
|
||||||
|
@ IN SOA $HOSTNAME. root.$HOSTNAME. ( $serial 10800 3600 1209600 38400)
|
||||||
|
IN NS $HOSTNAME.
|
||||||
|
$HOSTNAME. IN A $ip_address
|
||||||
|
|
||||||
|
EOF
|
||||||
|
fi
|
||||||
|
#
|
||||||
|
for dns_file in "$DATA_DIR/zones"/*; do
|
||||||
|
file_name="$(basename "$dns_file")"
|
||||||
|
domain_name="$(grep -Rs '\$ORIGIN' "$dns_file" | awk '{print $NF}' | sed 's|.$||g')"
|
||||||
|
if [ -f "$dns_file" ]; then
|
||||||
|
cp -Rf "$dns_file" "$VAR_DIR/zones/$file_name"
|
||||||
|
if [ -n "$domain_name" ] && ! grep -qs "$domain_name" "$ETC_DIR/named.conf"; then
|
||||||
|
cat <<EOF >>"$ETC_DIR/named.conf"
|
||||||
|
# ********** begin $domain_name **********
|
||||||
|
zone "$domain_name" {
|
||||||
|
type master;
|
||||||
|
file "$VAR_DIR/zones/$file_name";
|
||||||
|
notify yes;
|
||||||
|
allow-update {key "certbot."; key "dhcp-key"; trusted;};
|
||||||
|
allow-transfer { any; key "backup-key"; };
|
||||||
|
};
|
||||||
|
# ********** end $domain_name **********
|
||||||
|
|
||||||
|
EOF
|
||||||
|
grep -qs "$domain_name" "$ETC_DIR/named.conf" && echo "Added $domain_name to $ETC_DIR/named.conf"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
if named-checkconf -z "$ETC_DIR/named.conf" &>/dev/null; then
|
||||||
|
echo "named-checkconf has succeeded"
|
||||||
|
else
|
||||||
|
echo "named-checkconf has failed:"
|
||||||
|
named-checkconf -z "$ETC_DIR/named.conf"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset application_files filedirs
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run before executing
|
||||||
|
__pre_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="named" # specifiy different user
|
||||||
|
# define commands
|
||||||
|
|
||||||
|
# execute if directories is empty
|
||||||
|
#__is_dir_empty "" &&
|
||||||
|
|
||||||
|
# create user if needed
|
||||||
|
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
|
||||||
|
# set user on files/folders
|
||||||
|
if [ -n "$user" ] && [ "$user" != "root" ]; then
|
||||||
|
if grep -s -q "$user:" "/etc/passwd"; then
|
||||||
|
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
|
||||||
|
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset filesperms filename
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run after executing
|
||||||
|
__post_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
sleep 60 # how long to wait before executing
|
||||||
|
echo "Running post commands" # message
|
||||||
|
# execute commands
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__pre_message() {
|
||||||
|
local exitCode=0
|
||||||
|
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to setup ssl support
|
||||||
|
__update_ssl_conf() {
|
||||||
|
local exitCode=0
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__create_env() {
|
||||||
|
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
|
||||||
|
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
|
||||||
|
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
|
||||||
|
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
|
||||||
|
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
|
||||||
|
|
||||||
|
EOF
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# script to start server
|
||||||
|
__run_start_script() {
|
||||||
|
local user="${SERVICE_USER:-root}"
|
||||||
|
local workdir="${WORKDIR:-$WORK_DIR}"
|
||||||
|
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
|
||||||
|
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
|
||||||
|
local home="${workdir//\/root/\/tmp\/docker}"
|
||||||
|
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
if [ -z "$EXEC_CMD_BIN" ]; then
|
||||||
|
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
echo "Initializing $SCRIPT_NAME has completed"
|
||||||
|
else
|
||||||
|
# ensure the command exists
|
||||||
|
if [ ! -x "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "$EXEC_CMD_NAME is not a valid executable"
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
# set working directories
|
||||||
|
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
|
||||||
|
[ "$home" = "/root" ] && home="/tmp/docker"
|
||||||
|
[ "$home" = "$workdir" ] && workdir=""
|
||||||
|
# create needed directories
|
||||||
|
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
|
||||||
|
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
|
||||||
|
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
|
||||||
|
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
|
||||||
|
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
|
||||||
|
# check and exit if already running
|
||||||
|
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
|
||||||
|
echo "$EXEC_CMD_NAME is already running" >&2
|
||||||
|
exit 0
|
||||||
|
else
|
||||||
|
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
|
||||||
|
su_cmd touch "$SERVICE_PID_FILE"
|
||||||
|
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
|
||||||
|
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# username and password actions
|
||||||
|
__run_secure_function() {
|
||||||
|
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
|
||||||
|
for filesperms in "${USER_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
|
||||||
|
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# simple cd function
|
||||||
|
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# process check functions
|
||||||
|
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
|
||||||
|
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# check if process is already running
|
||||||
|
__proc_check() {
|
||||||
|
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
|
||||||
|
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
|
||||||
|
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
|
||||||
|
SERVICE_IS_RUNNING="true"
|
||||||
|
touch "$SERVICE_PID_FILE"
|
||||||
|
echo "$cmd_name is already running"
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow ENV_ variable - Import env file
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_EXIT_CODE=0 # default exit code
|
||||||
|
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# application specific
|
||||||
|
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
|
||||||
|
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
|
||||||
|
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# create auth directories
|
||||||
|
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
|
||||||
|
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow per init script usernames and passwords
|
||||||
|
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow setting initial users and passwords via environment
|
||||||
|
user_name="${user_name:-$ENV_USER_NAME}"
|
||||||
|
user_pass="${user_pass:-$ENV_USER_PASS}"
|
||||||
|
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
|
||||||
|
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set password to random if variable is random
|
||||||
|
if [ "$user_pass" = "random" ]; then
|
||||||
|
user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
if [ "$root_user_pass" = "random" ]; then
|
||||||
|
root_user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow variables via imports - Overwrite existing
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Only run check
|
||||||
|
if [ "$1" = "check" ]; then
|
||||||
|
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
|
||||||
|
exit $?
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show message if env exists
|
||||||
|
if [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
|
||||||
|
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set switch user command
|
||||||
|
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
elif [ "$(builtin type -P gosu)" ]; then
|
||||||
|
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P runuser)" ]; then
|
||||||
|
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P sudo)" ]; then
|
||||||
|
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P su)" ]; then
|
||||||
|
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
|
||||||
|
else
|
||||||
|
echo "Can not switch to $SERVICE_USER: attempting to run as root"
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Change to working directory
|
||||||
|
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show init message
|
||||||
|
__pre_message
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Initialize ssl
|
||||||
|
__update_ssl_conf
|
||||||
|
__update_ssl_certs
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Updating config files
|
||||||
|
__create_env
|
||||||
|
__update_conf_files
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run the pre execute commands
|
||||||
|
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
|
||||||
|
__pre_execute
|
||||||
|
__run_secure_function
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
|
||||||
|
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
|
||||||
|
SERVICE_EXIT_CODE=10
|
||||||
|
SERVICE_IS_RUNNING="false"
|
||||||
|
rm -Rf "$SERVICE_PID_FILE"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
exit $SERVICE_EXIT_CODE
|
407
init/done/05-ifconfig.sh
Executable file
@ -0,0 +1,407 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
|
||||||
|
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
printf '%s\n' "# - - - Initializing ifconfig - - - #"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_NAME="ifconfig"
|
||||||
|
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run trap command on exit
|
||||||
|
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import the functions file
|
||||||
|
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
|
||||||
|
. "/usr/local/etc/docker/functions/entrypoint.sh"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import variables
|
||||||
|
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
|
||||||
|
[ -f "$set_env" ] && . "$set_env"
|
||||||
|
done
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Custom functions
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Show message before execute
|
||||||
|
PRE_EXEC_MESSAGE=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Default predefined variables
|
||||||
|
WORKDIR="" # set working directory
|
||||||
|
DATA_DIR="/data" # set data directory
|
||||||
|
WWW_DIR="/data/htdocs/www" # set the web root
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ETC_DIR="/etc/ifconfig" # set etc directory
|
||||||
|
CONF_DIR="/config/ifconfig" # set config directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
RUN_DIR="/run/init.d" # set scripts pid dir
|
||||||
|
LOG_DIR="/data/logs/ifconfig" # set log directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
|
||||||
|
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set the database directory
|
||||||
|
DATABASE_DIR="${DATABASE_DIR_IFCONFIG:-/data/db/ifconfig}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional predefined variables
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# port which service is listening on
|
||||||
|
SERVICE_PORT=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# execute command variables
|
||||||
|
SERVICE_UID="0" # set the user id
|
||||||
|
SERVICE_USER="root" # execute command as another user
|
||||||
|
EXEC_CMD_BIN="echoip" # command to execute
|
||||||
|
EXEC_CMD_ARGS="-t /opt/echoip/html -H x-forwarded-for -r -s -p " # command arguments
|
||||||
|
EXEC_CMD_ARGS+="-a /opt/echoip/geoip/GeoLite2-ASN.mmdb " #
|
||||||
|
EXEC_CMD_ARGS+="-c /opt/echoip/geoip/GeoLite2-City.mmdb " #
|
||||||
|
EXEC_CMD_ARGS+=" -f /opt/echoip/geoip/GeoLite2-Country.mmdb " #
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a web server
|
||||||
|
IS_WEB_SERVER="no"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a database server
|
||||||
|
IS_DATABASE_SERVICE="no"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional variables
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# usernames
|
||||||
|
user_name="${IFCONFIG_USER_NAME:-}" # normal user name
|
||||||
|
root_user_name="${IFCONFIG_ROOT_USER_NAME:-}" # root user name
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# passwords [password/random]
|
||||||
|
user_pass="${IFCONFIG_USER_PASS_WORD:-}" # normal user password
|
||||||
|
root_user_pass="${IFCONFIG_ROOT_PASS_WORD:-}" # root user password
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Overwrite variables from files
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Specifiy custom directories to be created
|
||||||
|
ADD_APPLICATION_FILES=""
|
||||||
|
ADD_APPLICATION_DIRS=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
APPLICATION_FILES="$LOG_DIR/ifconfig.log"
|
||||||
|
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__update_conf_files() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
|
||||||
|
# delete files
|
||||||
|
#__rm ""
|
||||||
|
|
||||||
|
# define actions
|
||||||
|
|
||||||
|
# create default directories
|
||||||
|
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating directory $filedirs with permissions 777"
|
||||||
|
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create default files
|
||||||
|
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
|
||||||
|
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating file $application_files with permissions 777"
|
||||||
|
touch "$application_files" && chmod -Rf 777 "$application_files"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create directories if variable is yes"
|
||||||
|
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
# copy config files to system
|
||||||
|
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
# replace variables
|
||||||
|
# __replace "" "" "$CONF_DIR/ifconfig.conf"
|
||||||
|
# replace variables recursively
|
||||||
|
# __find_replace "" "" "$CONF_DIR/"
|
||||||
|
# custom commands
|
||||||
|
|
||||||
|
# other
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset application_files filedirs
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run before executing
|
||||||
|
__pre_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
# define commands
|
||||||
|
|
||||||
|
# execute if directories is empty
|
||||||
|
#__is_dir_empty "" &&
|
||||||
|
|
||||||
|
# create user if needed
|
||||||
|
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
|
||||||
|
# set user on files/folders
|
||||||
|
if [ -n "$user" ] && [ "$user" != "root" ]; then
|
||||||
|
if grep -s -q "$user:" "/etc/passwd"; then
|
||||||
|
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
|
||||||
|
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset filesperms filename
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run after executing
|
||||||
|
__post_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
sleep 60 # how long to wait before executing
|
||||||
|
echo "Running post commands" # message
|
||||||
|
# execute commands
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__pre_message() {
|
||||||
|
local exitCode=0
|
||||||
|
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to setup ssl support
|
||||||
|
__update_ssl_conf() {
|
||||||
|
local exitCode=0
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__create_env() {
|
||||||
|
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
|
||||||
|
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
|
||||||
|
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
|
||||||
|
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
|
||||||
|
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
|
||||||
|
|
||||||
|
EOF
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# script to start server
|
||||||
|
__run_start_script() {
|
||||||
|
local user="${SERVICE_USER:-root}"
|
||||||
|
local workdir="${WORKDIR:-$WORK_DIR}"
|
||||||
|
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
|
||||||
|
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
|
||||||
|
local home="${workdir//\/root/\/tmp\/docker}"
|
||||||
|
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
if [ -z "$EXEC_CMD_BIN" ]; then
|
||||||
|
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
echo "Initializing $SCRIPT_NAME has completed"
|
||||||
|
else
|
||||||
|
# ensure the command exists
|
||||||
|
if [ ! -x "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "$EXEC_CMD_NAME is not a valid executable"
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
# set working directories
|
||||||
|
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
|
||||||
|
[ "$home" = "/root" ] && home="/tmp/docker"
|
||||||
|
[ "$home" = "$workdir" ] && workdir=""
|
||||||
|
# create needed directories
|
||||||
|
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
|
||||||
|
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
|
||||||
|
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
|
||||||
|
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
|
||||||
|
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
|
||||||
|
# check and exit if already running
|
||||||
|
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
|
||||||
|
echo "$EXEC_CMD_NAME is already running" >&2
|
||||||
|
exit 0
|
||||||
|
else
|
||||||
|
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
|
||||||
|
su_cmd touch "$SERVICE_PID_FILE"
|
||||||
|
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
|
||||||
|
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# username and password actions
|
||||||
|
__run_secure_function() {
|
||||||
|
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
|
||||||
|
for filesperms in "${USER_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
|
||||||
|
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# simple cd function
|
||||||
|
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# process check functions
|
||||||
|
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
|
||||||
|
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# check if process is already running
|
||||||
|
__proc_check() {
|
||||||
|
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
|
||||||
|
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
|
||||||
|
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
|
||||||
|
SERVICE_IS_RUNNING="true"
|
||||||
|
touch "$SERVICE_PID_FILE"
|
||||||
|
echo "$cmd_name is already running"
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow ENV_ variable - Import env file
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_EXIT_CODE=0 # default exit code
|
||||||
|
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# application specific
|
||||||
|
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
|
||||||
|
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
|
||||||
|
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# create auth directories
|
||||||
|
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
|
||||||
|
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow per init script usernames and passwords
|
||||||
|
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow setting initial users and passwords via environment
|
||||||
|
user_name="${user_name:-$ENV_USER_NAME}"
|
||||||
|
user_pass="${user_pass:-$ENV_USER_PASS}"
|
||||||
|
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
|
||||||
|
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set password to random if variable is random
|
||||||
|
if [ "$user_pass" = "random" ]; then
|
||||||
|
user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
if [ "$root_user_pass" = "random" ]; then
|
||||||
|
root_user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow variables via imports - Overwrite existing
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Only run check
|
||||||
|
if [ "$1" = "check" ]; then
|
||||||
|
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
|
||||||
|
exit $?
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show message if env exists
|
||||||
|
if [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
|
||||||
|
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set switch user command
|
||||||
|
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
elif [ "$(builtin type -P gosu)" ]; then
|
||||||
|
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P runuser)" ]; then
|
||||||
|
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P sudo)" ]; then
|
||||||
|
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P su)" ]; then
|
||||||
|
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
|
||||||
|
else
|
||||||
|
echo "Can not switch to $SERVICE_USER: attempting to run as root"
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Change to working directory
|
||||||
|
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show init message
|
||||||
|
__pre_message
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Initialize ssl
|
||||||
|
__update_ssl_conf
|
||||||
|
__update_ssl_certs
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Updating config files
|
||||||
|
__create_env
|
||||||
|
__update_conf_files
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run the pre execute commands
|
||||||
|
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
|
||||||
|
__pre_execute
|
||||||
|
__run_secure_function
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
|
||||||
|
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
|
||||||
|
SERVICE_EXIT_CODE=10
|
||||||
|
SERVICE_IS_RUNNING="false"
|
||||||
|
rm -Rf "$SERVICE_PID_FILE"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
exit $SERVICE_EXIT_CODE
|
412
init/done/07-dictd.sh
Executable file
@ -0,0 +1,412 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
|
||||||
|
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
printf '%s\n' "# - - - Initializing dictd - - - #"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_NAME="dictd"
|
||||||
|
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run trap command on exit
|
||||||
|
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import the functions file
|
||||||
|
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
|
||||||
|
. "/usr/local/etc/docker/functions/entrypoint.sh"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import variables
|
||||||
|
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
|
||||||
|
[ -f "$set_env" ] && . "$set_env"
|
||||||
|
done
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Custom functions
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Show message before execute
|
||||||
|
PRE_EXEC_MESSAGE=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Default predefined variables
|
||||||
|
WORKDIR="" # set working directory
|
||||||
|
DATA_DIR="/data" # set data directory
|
||||||
|
WWW_DIR="/data/htdocs/www" # set the web root
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ETC_DIR="/etc/dictd" # set etc directory
|
||||||
|
CONF_DIR="/config/dictd" # set config directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
RUN_DIR="/run/init.d" # set scripts pid dir
|
||||||
|
LOG_DIR="/data/logs/dictd" # set log directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
|
||||||
|
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set the database directory
|
||||||
|
DATABASE_DIR="${DATABASE_DIR_DICTD:-/data/db/dictd}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional predefined variables
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# port which service is listening on
|
||||||
|
SERVICE_PORT="2628"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# execute command variables
|
||||||
|
SERVICE_UID="0" # set the user id
|
||||||
|
SERVICE_USER="root" # execute command as another user
|
||||||
|
EXEC_CMD_BIN="dictd" # command to execute
|
||||||
|
EXEC_CMD_ARGS="-dnodetach" # command arguments
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a web server
|
||||||
|
IS_WEB_SERVER="no"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a database server
|
||||||
|
IS_DATABASE_SERVICE="no"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional variables
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# usernames
|
||||||
|
user_name="${DICTD_USER_NAME:-}" # normal user name
|
||||||
|
root_user_name="${DICTD_ROOT_USER_NAME:-}" # root user name
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# passwords [password/random]
|
||||||
|
user_pass="${DICTD_USER_PASS_WORD:-}" # normal user password
|
||||||
|
root_user_pass="${DICTD_ROOT_PASS_WORD:-}" # root user password
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Overwrite variables from files
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Specifiy custom directories to be created
|
||||||
|
ADD_APPLICATION_FILES=""
|
||||||
|
ADD_APPLICATION_DIRS=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
APPLICATION_FILES="$LOG_DIR/dictd.log"
|
||||||
|
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__update_conf_files() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
|
||||||
|
# delete files
|
||||||
|
#__rm ""
|
||||||
|
|
||||||
|
# define actions
|
||||||
|
|
||||||
|
# create default directories
|
||||||
|
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating directory $filedirs with permissions 777"
|
||||||
|
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create default files
|
||||||
|
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
|
||||||
|
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating file $application_files with permissions 777"
|
||||||
|
touch "$application_files" && chmod -Rf 777 "$application_files"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create directories if variable is yes"
|
||||||
|
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
# copy config files to system
|
||||||
|
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
# replace variables
|
||||||
|
# __replace "" "" "$CONF_DIR/dictd.conf"
|
||||||
|
# custom commands
|
||||||
|
if [ -f "/config/dict.conf" ]; then
|
||||||
|
cp -Rf "/config/dict.conf" "/etc/dictd/dict.conf"
|
||||||
|
else
|
||||||
|
cp -Rf "/etc/dictd/dict.conf" "/config/dict.conf"
|
||||||
|
fi
|
||||||
|
if [ -f "/config/dictd.conf" ]; then
|
||||||
|
cp -Rf "/config/dictd.conf" "/etc/dictd/dictd.conf"
|
||||||
|
else
|
||||||
|
cp -Rf "/etc/dictd/dictd.conf" "/config/dictd.conf"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# other
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset application_files filedirs
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run before executing
|
||||||
|
__pre_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
# define commands
|
||||||
|
|
||||||
|
# execute if directories is empty
|
||||||
|
#__is_dir_empty "" &&
|
||||||
|
|
||||||
|
# create user if needed
|
||||||
|
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
|
||||||
|
# set user on files/folders
|
||||||
|
if [ -n "$user" ] && [ "$user" != "root" ]; then
|
||||||
|
if grep -s -q "$user:" "/etc/passwd"; then
|
||||||
|
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
|
||||||
|
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset filesperms filename
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run after executing
|
||||||
|
__post_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
sleep 60 # how long to wait before executing
|
||||||
|
echo "Running post commands" # message
|
||||||
|
# execute commands
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__pre_message() {
|
||||||
|
local exitCode=0
|
||||||
|
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to setup ssl support
|
||||||
|
__update_ssl_conf() {
|
||||||
|
local exitCode=0
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__create_env() {
|
||||||
|
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
|
||||||
|
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
|
||||||
|
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
|
||||||
|
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
|
||||||
|
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
|
||||||
|
|
||||||
|
EOF
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# script to start server
|
||||||
|
__run_start_script() {
|
||||||
|
local user="${SERVICE_USER:-root}"
|
||||||
|
local workdir="${WORKDIR:-$WORK_DIR}"
|
||||||
|
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
|
||||||
|
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
|
||||||
|
local home="${workdir//\/root/\/tmp\/docker}"
|
||||||
|
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
if [ -z "$EXEC_CMD_BIN" ]; then
|
||||||
|
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
echo "Initializing $SCRIPT_NAME has completed"
|
||||||
|
else
|
||||||
|
# ensure the command exists
|
||||||
|
if [ ! -x "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "$EXEC_CMD_NAME is not a valid executable"
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
# set working directories
|
||||||
|
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
|
||||||
|
[ "$home" = "/root" ] && home="/tmp/docker"
|
||||||
|
[ "$home" = "$workdir" ] && workdir=""
|
||||||
|
# create needed directories
|
||||||
|
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
|
||||||
|
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
|
||||||
|
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
|
||||||
|
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
|
||||||
|
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
|
||||||
|
# check and exit if already running
|
||||||
|
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
|
||||||
|
echo "$EXEC_CMD_NAME is already running" >&2
|
||||||
|
exit 0
|
||||||
|
else
|
||||||
|
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
|
||||||
|
su_cmd touch "$SERVICE_PID_FILE"
|
||||||
|
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
|
||||||
|
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# username and password actions
|
||||||
|
__run_secure_function() {
|
||||||
|
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
|
||||||
|
for filesperms in "${USER_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
|
||||||
|
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# simple cd function
|
||||||
|
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# process check functions
|
||||||
|
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
|
||||||
|
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# check if process is already running
|
||||||
|
__proc_check() {
|
||||||
|
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
|
||||||
|
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
|
||||||
|
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
|
||||||
|
SERVICE_IS_RUNNING="true"
|
||||||
|
touch "$SERVICE_PID_FILE"
|
||||||
|
echo "$cmd_name is already running"
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow ENV_ variable - Import env file
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_EXIT_CODE=0 # default exit code
|
||||||
|
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# application specific
|
||||||
|
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
|
||||||
|
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
|
||||||
|
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# create auth directories
|
||||||
|
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
|
||||||
|
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow per init script usernames and passwords
|
||||||
|
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow setting initial users and passwords via environment
|
||||||
|
user_name="${user_name:-$ENV_USER_NAME}"
|
||||||
|
user_pass="${user_pass:-$ENV_USER_PASS}"
|
||||||
|
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
|
||||||
|
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set password to random if variable is random
|
||||||
|
if [ "$user_pass" = "random" ]; then
|
||||||
|
user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
if [ "$root_user_pass" = "random" ]; then
|
||||||
|
root_user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow variables via imports - Overwrite existing
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Only run check
|
||||||
|
if [ "$1" = "check" ]; then
|
||||||
|
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
|
||||||
|
exit $?
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show message if env exists
|
||||||
|
if [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
|
||||||
|
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set switch user command
|
||||||
|
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
elif [ "$(builtin type -P gosu)" ]; then
|
||||||
|
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P runuser)" ]; then
|
||||||
|
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P sudo)" ]; then
|
||||||
|
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P su)" ]; then
|
||||||
|
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
|
||||||
|
else
|
||||||
|
echo "Can not switch to $SERVICE_USER: attempting to run as root"
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Change to working directory
|
||||||
|
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show init message
|
||||||
|
__pre_message
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Initialize ssl
|
||||||
|
__update_ssl_conf
|
||||||
|
__update_ssl_certs
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Updating config files
|
||||||
|
__create_env
|
||||||
|
__update_conf_files
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run the pre execute commands
|
||||||
|
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
|
||||||
|
__pre_execute
|
||||||
|
__run_secure_function
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
|
||||||
|
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
|
||||||
|
SERVICE_EXIT_CODE=10
|
||||||
|
SERVICE_IS_RUNNING="false"
|
||||||
|
rm -Rf "$SERVICE_PID_FILE"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
exit $SERVICE_EXIT_CODE
|
411
init/done/07-docker.sh
Executable file
@ -0,0 +1,411 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
|
||||||
|
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
printf '%s\n' "# - - - Initializing docker - - - #"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_NAME="docker"
|
||||||
|
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run trap command on exit
|
||||||
|
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import the functions file
|
||||||
|
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
|
||||||
|
. "/usr/local/etc/docker/functions/entrypoint.sh"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import variables
|
||||||
|
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
|
||||||
|
[ -f "$set_env" ] && . "$set_env"
|
||||||
|
done
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Custom functions
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Show message before execute
|
||||||
|
PRE_EXEC_MESSAGE=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Default predefined variables
|
||||||
|
WORKDIR="" # set working directory
|
||||||
|
DATA_DIR="/data" # set data directory
|
||||||
|
WWW_DIR="/data/htdocs/www" # set the web root
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ETC_DIR="/etc/docker" # set etc directory
|
||||||
|
CONF_DIR="/config/docker" # set config directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
RUN_DIR="/run/init.d" # set scripts pid dir
|
||||||
|
LOG_DIR="/data/logs/docker" # set log directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
|
||||||
|
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set the database directory
|
||||||
|
DATABASE_DIR="${DATABASE_DIR_DOCKER:-/data/db/docker}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional predefined variables
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# port which service is listening on
|
||||||
|
SERVICE_PORT="2375"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# execute command variables
|
||||||
|
SERVICE_UID="0" # set the user id
|
||||||
|
SERVICE_USER="root" # execute command as another user
|
||||||
|
EXEC_CMD_BIN="dockerd" # command to execute
|
||||||
|
EXEC_CMD_ARGS="-H tcp://127.0.0.1:$SERVICE_PORT -H unix:///var/run/docker.sock " # command arguments
|
||||||
|
EXEC_CMD_ARGS+="-H unix:///tmp/docker.sock --config-file $HOME/.docker/daemon.json" #
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a web server
|
||||||
|
IS_WEB_SERVER="no"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a database server
|
||||||
|
IS_DATABASE_SERVICE="no"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional variables
|
||||||
|
REGISTERY="${REGISTERY:-REGISTERIES}"
|
||||||
|
DOCKER_HUB_TOKEN="${DOCKER_HUB_TOKEN:-DOCKER_TOKEN}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# usernames
|
||||||
|
user_name="${DOCKER_USER_NAME:-}" # normal user name
|
||||||
|
root_user_name="${DOCKER_ROOT_USER_NAME:-}" # root user name
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# passwords [password/random]
|
||||||
|
user_pass="${DOCKER_USER_PASS_WORD:-}" # normal user password
|
||||||
|
root_user_pass="${DOCKER_ROOT_PASS_WORD:-}" # root user password
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Overwrite variables from files
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Specifiy custom directories to be created
|
||||||
|
ADD_APPLICATION_FILES=""
|
||||||
|
ADD_APPLICATION_DIRS=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
APPLICATION_FILES="$LOG_DIR/docker.log"
|
||||||
|
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR $HOME/.docker"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__update_conf_files() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
local reg=""
|
||||||
|
[ -n "$REGISTERY" ] && registries="$REGISTERY,localhost:5000" || registries="localhost:5000"
|
||||||
|
registries="${registries//,/ }"
|
||||||
|
# define actions
|
||||||
|
for registry in $registries; do [ -n "$registry" ] && [ "$registry" != " " ] && reg+="\"$registry\","; done
|
||||||
|
registries="${reg%,}"
|
||||||
|
|
||||||
|
# create default directories
|
||||||
|
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating directory $filedirs with permissions 777"
|
||||||
|
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create default files
|
||||||
|
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
|
||||||
|
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating file $application_files with permissions 777"
|
||||||
|
touch "$application_files" && chmod -Rf 777 "$application_files"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create directories if variable is yes"
|
||||||
|
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
# copy config files to system
|
||||||
|
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
__file_copy "$CONF_DIR/daemon.json" "$HOME/.docker/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
# custom commands
|
||||||
|
if [ ! -f "$HOME/.docker/config.json" ]; then
|
||||||
|
cat <<EOF | tee "$HOME/.docker/config.json" &>/dev/null
|
||||||
|
{
|
||||||
|
"auths": { "https://index.docker.io/v1/": { "auth": "$DOCKER_HUB_TOKEN" } },
|
||||||
|
"HttpHeaders": { "User-Agent": "Docker-Client/23.0.1 (linux)" },
|
||||||
|
"insecure-registries" : [$registries]
|
||||||
|
}
|
||||||
|
EOF
|
||||||
|
fi
|
||||||
|
[ -f "$CONF_DIR/daemon.json" ] || cp -Rf "$HOME/.docker/config.json" "$CONF_DIR/daemon.json"
|
||||||
|
# unset unneeded variables
|
||||||
|
unset application_files filedirs
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run before executing
|
||||||
|
__pre_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
# define commands
|
||||||
|
|
||||||
|
# execute if directories is empty
|
||||||
|
#__is_dir_empty "" &&
|
||||||
|
|
||||||
|
# create user if needed
|
||||||
|
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
|
||||||
|
# set user on files/folders
|
||||||
|
if [ -n "$user" ] && [ "$user" != "root" ]; then
|
||||||
|
if grep -s -q "$user:" "/etc/passwd"; then
|
||||||
|
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
|
||||||
|
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset filesperms filename
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run after executing
|
||||||
|
__post_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
sleep 60 # how long to wait before executing
|
||||||
|
echo "Running post commands" # message
|
||||||
|
# execute commands
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__pre_message() {
|
||||||
|
local exitCode=0
|
||||||
|
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to setup ssl support
|
||||||
|
__update_ssl_conf() {
|
||||||
|
local exitCode=0
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__create_env() {
|
||||||
|
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
|
||||||
|
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
|
||||||
|
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
|
||||||
|
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
|
||||||
|
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
|
||||||
|
|
||||||
|
EOF
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# script to start server
|
||||||
|
__run_start_script() {
|
||||||
|
local user="${SERVICE_USER:-root}"
|
||||||
|
local workdir="${WORKDIR:-$WORK_DIR}"
|
||||||
|
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
|
||||||
|
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
|
||||||
|
local home="${workdir//\/root/\/tmp\/docker}"
|
||||||
|
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
if [ -z "$EXEC_CMD_BIN" ]; then
|
||||||
|
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
echo "Initializing $SCRIPT_NAME has completed"
|
||||||
|
else
|
||||||
|
# ensure the command exists
|
||||||
|
if [ ! -x "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "$EXEC_CMD_NAME is not a valid executable"
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
# set working directories
|
||||||
|
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
|
||||||
|
[ "$home" = "/root" ] && home="/tmp/docker"
|
||||||
|
[ "$home" = "$workdir" ] && workdir=""
|
||||||
|
# create needed directories
|
||||||
|
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
|
||||||
|
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
|
||||||
|
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
|
||||||
|
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
|
||||||
|
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
|
||||||
|
# check and exit if already running
|
||||||
|
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
|
||||||
|
echo "$EXEC_CMD_NAME is already running" >&2
|
||||||
|
exit 0
|
||||||
|
else
|
||||||
|
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
|
||||||
|
su_cmd touch "$SERVICE_PID_FILE"
|
||||||
|
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
|
||||||
|
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# username and password actions
|
||||||
|
__run_secure_function() {
|
||||||
|
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
|
||||||
|
for filesperms in "${USER_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
|
||||||
|
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# simple cd function
|
||||||
|
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# process check functions
|
||||||
|
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
|
||||||
|
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# check if process is already running
|
||||||
|
__proc_check() {
|
||||||
|
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
|
||||||
|
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
|
||||||
|
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
|
||||||
|
SERVICE_IS_RUNNING="true"
|
||||||
|
touch "$SERVICE_PID_FILE"
|
||||||
|
echo "$cmd_name is already running"
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow ENV_ variable - Import env file
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_EXIT_CODE=0 # default exit code
|
||||||
|
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# application specific
|
||||||
|
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
|
||||||
|
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
|
||||||
|
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# create auth directories
|
||||||
|
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
|
||||||
|
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow per init script usernames and passwords
|
||||||
|
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow setting initial users and passwords via environment
|
||||||
|
user_name="${user_name:-$ENV_USER_NAME}"
|
||||||
|
user_pass="${user_pass:-$ENV_USER_PASS}"
|
||||||
|
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
|
||||||
|
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set password to random if variable is random
|
||||||
|
if [ "$user_pass" = "random" ]; then
|
||||||
|
user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
if [ "$root_user_pass" = "random" ]; then
|
||||||
|
root_user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow variables via imports - Overwrite existing
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Only run check
|
||||||
|
if [ "$1" = "check" ]; then
|
||||||
|
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
|
||||||
|
exit $?
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show message if env exists
|
||||||
|
if [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
|
||||||
|
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set switch user command
|
||||||
|
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
elif [ "$(builtin type -P gosu)" ]; then
|
||||||
|
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P runuser)" ]; then
|
||||||
|
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P sudo)" ]; then
|
||||||
|
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P su)" ]; then
|
||||||
|
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
|
||||||
|
else
|
||||||
|
echo "Can not switch to $SERVICE_USER: attempting to run as root"
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Change to working directory
|
||||||
|
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show init message
|
||||||
|
__pre_message
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Initialize ssl
|
||||||
|
__update_ssl_conf
|
||||||
|
__update_ssl_certs
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Updating config files
|
||||||
|
__create_env
|
||||||
|
__update_conf_files
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run the pre execute commands
|
||||||
|
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
|
||||||
|
__pre_execute
|
||||||
|
__run_secure_function
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
|
||||||
|
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
|
||||||
|
SERVICE_EXIT_CODE=10
|
||||||
|
SERVICE_IS_RUNNING="false"
|
||||||
|
rm -Rf "$SERVICE_PID_FILE"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
exit $SERVICE_EXIT_CODE
|
397
init/done/08-apache.sh
Executable file
@ -0,0 +1,397 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
|
||||||
|
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
printf '%s\n' "# - - - Initializing apache2 - - - #"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_NAME="apache2"
|
||||||
|
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run trap command on exit
|
||||||
|
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import the functions file
|
||||||
|
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
|
||||||
|
. "/usr/local/etc/docker/functions/entrypoint.sh"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import variables
|
||||||
|
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
|
||||||
|
[ -f "$set_env" ] && . "$set_env"
|
||||||
|
done
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Custom functions
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Show message before execute
|
||||||
|
PRE_EXEC_MESSAGE=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Default predefined variables
|
||||||
|
WORKDIR="" # set working directory
|
||||||
|
DATA_DIR="/data" # set data directory
|
||||||
|
WWW_DIR="/data/htdocs/www" # set the web root
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ETC_DIR="/etc/apache2" # set etc directory
|
||||||
|
CONF_DIR="/config/apache2" # set config directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
RUN_DIR="/run/init.d" # set scripts pid dir
|
||||||
|
LOG_DIR="/data/logs/apache2" # set log directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
|
||||||
|
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set the database directory
|
||||||
|
DATABASE_DIR="${DATABASE_DIR_APACHE:-/data/db/apache2}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional predefined variables
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# port which service is listening on
|
||||||
|
SERVICE_PORT=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# execute command variables
|
||||||
|
SERVICE_UID="0" # set the user id
|
||||||
|
SERVICE_USER="root" # execute command as another user
|
||||||
|
EXEC_CMD_BIN="httpd" # command to execute
|
||||||
|
EXEC_CMD_ARGS="-f $ETC_DIR/httpd.conf -DFOREGROUND" # command arguments
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a web server
|
||||||
|
IS_WEB_SERVER="yes"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a database server
|
||||||
|
IS_DATABASE_SERVICE="no"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional variables
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# usernames
|
||||||
|
user_name="${APACHE_USER_NAME:-}" # normal user name
|
||||||
|
root_user_name="${APACHE_ROOT_USER_NAME:-}" # root user name
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# passwords [password/random]
|
||||||
|
user_pass="${APACHE_USER_PASS_WORD:-}" # normal user password
|
||||||
|
root_user_pass="${APACHE_ROOT_PASS_WORD:-}" # root user password
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Overwrite variables from files
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Specifiy custom directories to be created
|
||||||
|
ADD_APPLICATION_FILES=""
|
||||||
|
ADD_APPLICATION_DIRS=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
APPLICATION_FILES="$LOG_DIR/apache.log"
|
||||||
|
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__update_conf_files() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-apache}" # specifiy different user
|
||||||
|
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
|
||||||
|
|
||||||
|
# create default directories
|
||||||
|
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating directory $filedirs with permissions 777"
|
||||||
|
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create default files
|
||||||
|
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
|
||||||
|
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating file $application_files with permissions 777"
|
||||||
|
touch "$application_files" && chmod -Rf 777 "$application_files"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create directories if variable is yes"
|
||||||
|
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
# copy config files to system
|
||||||
|
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
# replace variables
|
||||||
|
__replace "REPLACE_SERVER_DIR" "$WWW_DIR" "$ETC_DIR/httpd.conf"
|
||||||
|
__replace "REPLACE_SERVER_NAME" "$sysname" "$ETC_DIR/httpd.conf"
|
||||||
|
__replace "REPLACE_SERVER_PORT" "${SERVICE_PORT:-80}" "$ETC_DIR/httpd.conf"
|
||||||
|
__replace "REPLACE_SERVER_DIR" "$WWW_DIR" "$ETC_DIR/vhosts.d/default.conf"
|
||||||
|
__replace "REPLACE_SERVER_NAME" "$sysname" "$ETC_DIR/vhosts.d/default.conf"
|
||||||
|
__replace "REPLACE_SERVER_PORT" "${SERVICE_PORT:-80}" "$ETC_DIR/vhosts.d/default.conf"
|
||||||
|
__replace "REPLACE_SERVER_ADMIN" "${SERVER_ADMIN:-root@$sysname}" "$ETC_DIR/httpd.conf"
|
||||||
|
[ -f "$WWW_DIR/index.php" ] && __replace "REPLACE_SERVER_SOFTWARE" "apache" "$WWW_DIR/index.php"
|
||||||
|
[ -f "$WWW_DIR/index.html" ] && __replace "REPLACE_SERVER_SOFTWARE" "apache" "$WWW_DIR/index.html"
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset application_files filedirs
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run before executing
|
||||||
|
__pre_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-apache}" # specifiy different user
|
||||||
|
|
||||||
|
# set user on files/folders
|
||||||
|
if [ -n "$user" ] && [ "$user" != "root" ]; then
|
||||||
|
if grep -s -q "$user:" "/etc/passwd"; then
|
||||||
|
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
|
||||||
|
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset filesperms filename
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run after executing
|
||||||
|
__post_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
sleep 60 # how long to wait before executing
|
||||||
|
echo "Running post commands" # message
|
||||||
|
# execute commands
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__pre_message() {
|
||||||
|
local exitCode=0
|
||||||
|
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to setup ssl support
|
||||||
|
__update_ssl_conf() {
|
||||||
|
local exitCode=0
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__create_env() {
|
||||||
|
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
|
||||||
|
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
|
||||||
|
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
|
||||||
|
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
|
||||||
|
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
|
||||||
|
|
||||||
|
EOF
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# script to start server
|
||||||
|
__run_start_script() {
|
||||||
|
local user="${SERVICE_USER:-root}"
|
||||||
|
local workdir="${WORKDIR:-$WORK_DIR}"
|
||||||
|
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
|
||||||
|
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
|
||||||
|
local home="${workdir//\/root/\/tmp\/docker}"
|
||||||
|
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
if [ -z "$EXEC_CMD_BIN" ]; then
|
||||||
|
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
echo "Initializing $SCRIPT_NAME has completed"
|
||||||
|
else
|
||||||
|
# ensure the command exists
|
||||||
|
if [ ! -x "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "$EXEC_CMD_NAME is not a valid executable"
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
# set working directories
|
||||||
|
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
|
||||||
|
[ "$home" = "/root" ] && home="/tmp/docker"
|
||||||
|
[ "$home" = "$workdir" ] && workdir=""
|
||||||
|
# create needed directories
|
||||||
|
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
|
||||||
|
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
|
||||||
|
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
|
||||||
|
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
|
||||||
|
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
|
||||||
|
# check and exit if already running
|
||||||
|
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
|
||||||
|
echo "$EXEC_CMD_NAME is already running" >&2
|
||||||
|
exit 0
|
||||||
|
else
|
||||||
|
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
|
||||||
|
su_cmd touch "$SERVICE_PID_FILE"
|
||||||
|
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
|
||||||
|
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# username and password actions
|
||||||
|
__run_secure_function() {
|
||||||
|
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
|
||||||
|
for filesperms in "${USER_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
|
||||||
|
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# simple cd function
|
||||||
|
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# process check functions
|
||||||
|
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
|
||||||
|
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# check if process is already running
|
||||||
|
__proc_check() {
|
||||||
|
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
|
||||||
|
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
|
||||||
|
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
|
||||||
|
SERVICE_IS_RUNNING="true"
|
||||||
|
touch "$SERVICE_PID_FILE"
|
||||||
|
echo "$cmd_name is already running"
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow ENV_ variable - Import env file
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_EXIT_CODE=0 # default exit code
|
||||||
|
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# application specific
|
||||||
|
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
|
||||||
|
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
|
||||||
|
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# create auth directories
|
||||||
|
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
|
||||||
|
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow per init script usernames and passwords
|
||||||
|
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow setting initial users and passwords via environment
|
||||||
|
user_name="${user_name:-$ENV_USER_NAME}"
|
||||||
|
user_pass="${user_pass:-$ENV_USER_PASS}"
|
||||||
|
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
|
||||||
|
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set password to random if variable is random
|
||||||
|
if [ "$user_pass" = "random" ]; then
|
||||||
|
user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
if [ "$root_user_pass" = "random" ]; then
|
||||||
|
root_user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow variables via imports - Overwrite existing
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Only run check
|
||||||
|
if [ "$1" = "check" ]; then
|
||||||
|
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
|
||||||
|
exit $?
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show message if env exists
|
||||||
|
if [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
|
||||||
|
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set switch user command
|
||||||
|
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
elif [ "$(builtin type -P gosu)" ]; then
|
||||||
|
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P runuser)" ]; then
|
||||||
|
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P sudo)" ]; then
|
||||||
|
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P su)" ]; then
|
||||||
|
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
|
||||||
|
else
|
||||||
|
echo "Can not switch to $SERVICE_USER: attempting to run as root"
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Change to working directory
|
||||||
|
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show init message
|
||||||
|
__pre_message
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Initialize ssl
|
||||||
|
__update_ssl_conf
|
||||||
|
__update_ssl_certs
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Updating config files
|
||||||
|
__create_env
|
||||||
|
__update_conf_files
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run the pre execute commands
|
||||||
|
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
|
||||||
|
__pre_execute
|
||||||
|
__run_secure_function
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
|
||||||
|
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
|
||||||
|
SERVICE_EXIT_CODE=10
|
||||||
|
SERVICE_IS_RUNNING="false"
|
||||||
|
rm -Rf "$SERVICE_PID_FILE"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
exit $SERVICE_EXIT_CODE
|
399
init/done/08-caddy.sh
Executable file
@ -0,0 +1,399 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
|
||||||
|
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
printf '%s\n' "# - - - Initializing caddy - - - #"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_NAME="caddy"
|
||||||
|
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run trap command on exit
|
||||||
|
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import the functions file
|
||||||
|
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
|
||||||
|
. "/usr/local/etc/docker/functions/entrypoint.sh"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import variables
|
||||||
|
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
|
||||||
|
[ -f "$set_env" ] && . "$set_env"
|
||||||
|
done
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Custom functions
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Show message before execute
|
||||||
|
PRE_EXEC_MESSAGE=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Default predefined variables
|
||||||
|
WORKDIR="" # set working directory
|
||||||
|
DATA_DIR="/data" # set data directory
|
||||||
|
WWW_DIR="/data/htdocs/www" # set the web root
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ETC_DIR="/etc/caddy" # set etc directory
|
||||||
|
CONF_DIR="/config/caddy" # set config directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
RUN_DIR="/run/init.d" # set scripts pid dir
|
||||||
|
LOG_DIR="/data/logs/caddy" # set log directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
|
||||||
|
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set the database directory
|
||||||
|
DATABASE_DIR="${DATABASE_DIR_CADDY:-/data/db/caddy}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional predefined variables
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# port which service is listening on
|
||||||
|
SERVICE_PORT=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# execute command variables
|
||||||
|
SERVICE_UID="0" # set the user id
|
||||||
|
SERVICE_USER="root" # execute command as another user
|
||||||
|
EXEC_CMD_BIN="caddy" # command to execute
|
||||||
|
EXEC_CMD_ARGS="run --config $ETC_DIR/Caddyfile" # command arguments
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a web server
|
||||||
|
IS_WEB_SERVER="no"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a database server
|
||||||
|
IS_DATABASE_SERVICE="no"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional variables
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# usernames
|
||||||
|
user_name="${CADDY_USER_NAME:-}" # normal user name
|
||||||
|
root_user_name="${CADDY_ROOT_USER_NAME:-}" # root user name
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# passwords [password/random]
|
||||||
|
user_pass="${CADDY_USER_PASS_WORD:-}" # normal user password
|
||||||
|
root_user_pass="${CADDY_ROOT_PASS_WORD:-}" # root user password
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Overwrite variables from files
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Specifiy custom directories to be created
|
||||||
|
ADD_APPLICATION_FILES=""
|
||||||
|
ADD_APPLICATION_DIRS=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
APPLICATION_FILES="$LOG_DIR/caddy.log"
|
||||||
|
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__update_conf_files() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
local hostname="${SERVER_NAME:-${DOMAINNAME:-$hostname}}" # set hostname
|
||||||
|
# create default directories
|
||||||
|
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating directory $filedirs with permissions 777"
|
||||||
|
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create default files
|
||||||
|
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
|
||||||
|
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating file $application_files with permissions 777"
|
||||||
|
touch "$application_files" && chmod -Rf 777 "$application_files"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create directories if variable is yes"
|
||||||
|
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
# copy config files to system
|
||||||
|
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
# replace variables
|
||||||
|
__replace "REPLACE_SERVER_PORT" "${SERVICE_PORT:-80}" "$ETC_DIR/Caddyfile"
|
||||||
|
__replace "REPLACE_SERVER_NAME" "${SERVER_NAME:-$hostname}" "$ETC_DIR/Caddyfile"
|
||||||
|
__replace "REPLACE_SERVER_ADMIN" "${SERVER_ADMIN:-root@$hostname}" "$ETC_DIR/Caddyfile"
|
||||||
|
__replace "REPLACE_SERVER_SOFTWARE" "caddy" "$WWW_DIR/index.php"
|
||||||
|
# custom commands
|
||||||
|
[ -d "$WWW_DIR/health" ] || mkdir -p "$WWW_DIR/health"
|
||||||
|
[ -f "$WWW_DIR/health/index.txt" ] || echo 'ok' >"$WWW_DIR/health/index.txt"
|
||||||
|
[ -f "$WWW_DIR/health/index.json" ] || echo '{ "status": "ok" }' >"$WWW_DIR/health/index.json"
|
||||||
|
|
||||||
|
# other
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset application_files filedirs
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run before executing
|
||||||
|
__pre_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
|
||||||
|
# create user if needed
|
||||||
|
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
|
||||||
|
# set user on files/folders
|
||||||
|
if [ -n "$user" ] && [ "$user" != "root" ]; then
|
||||||
|
if grep -s -q "$user:" "/etc/passwd"; then
|
||||||
|
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
|
||||||
|
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset filesperms filename
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run after executing
|
||||||
|
__post_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
sleep 60 # how long to wait before executing
|
||||||
|
echo "Running post commands" # message
|
||||||
|
# execute commands
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__pre_message() {
|
||||||
|
local exitCode=0
|
||||||
|
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to setup ssl support
|
||||||
|
__update_ssl_conf() {
|
||||||
|
local exitCode=0
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__create_env() {
|
||||||
|
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
|
||||||
|
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
|
||||||
|
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
|
||||||
|
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
|
||||||
|
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
|
||||||
|
|
||||||
|
EOF
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# script to start server
|
||||||
|
__run_start_script() {
|
||||||
|
local user="${SERVICE_USER:-root}"
|
||||||
|
local workdir="${WORKDIR:-$WORK_DIR}"
|
||||||
|
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
|
||||||
|
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
|
||||||
|
local home="${workdir//\/root/\/tmp\/docker}"
|
||||||
|
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
if [ -z "$EXEC_CMD_BIN" ]; then
|
||||||
|
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
echo "Initializing $SCRIPT_NAME has completed"
|
||||||
|
else
|
||||||
|
# ensure the command exists
|
||||||
|
if [ ! -x "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "$EXEC_CMD_NAME is not a valid executable"
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
# set working directories
|
||||||
|
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
|
||||||
|
[ "$home" = "/root" ] && home="/tmp/docker"
|
||||||
|
[ "$home" = "$workdir" ] && workdir=""
|
||||||
|
# create needed directories
|
||||||
|
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
|
||||||
|
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
|
||||||
|
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
|
||||||
|
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
|
||||||
|
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
|
||||||
|
# check and exit if already running
|
||||||
|
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
|
||||||
|
echo "$EXEC_CMD_NAME is already running" >&2
|
||||||
|
exit 0
|
||||||
|
else
|
||||||
|
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
|
||||||
|
su_cmd touch "$SERVICE_PID_FILE"
|
||||||
|
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
|
||||||
|
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# username and password actions
|
||||||
|
__run_secure_function() {
|
||||||
|
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
|
||||||
|
for filesperms in "${USER_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
|
||||||
|
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# simple cd function
|
||||||
|
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# process check functions
|
||||||
|
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
|
||||||
|
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# check if process is already running
|
||||||
|
__proc_check() {
|
||||||
|
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
|
||||||
|
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
|
||||||
|
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
|
||||||
|
SERVICE_IS_RUNNING="true"
|
||||||
|
touch "$SERVICE_PID_FILE"
|
||||||
|
echo "$cmd_name is already running"
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow ENV_ variable - Import env file
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_EXIT_CODE=0 # default exit code
|
||||||
|
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# application specific
|
||||||
|
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
|
||||||
|
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
|
||||||
|
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# create auth directories
|
||||||
|
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
|
||||||
|
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow per init script usernames and passwords
|
||||||
|
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow setting initial users and passwords via environment
|
||||||
|
user_name="${user_name:-$ENV_USER_NAME}"
|
||||||
|
user_pass="${user_pass:-$ENV_USER_PASS}"
|
||||||
|
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
|
||||||
|
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set password to random if variable is random
|
||||||
|
if [ "$user_pass" = "random" ]; then
|
||||||
|
user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
if [ "$root_user_pass" = "random" ]; then
|
||||||
|
root_user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow variables via imports - Overwrite existing
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Only run check
|
||||||
|
if [ "$1" = "check" ]; then
|
||||||
|
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
|
||||||
|
exit $?
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show message if env exists
|
||||||
|
if [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
|
||||||
|
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set switch user command
|
||||||
|
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
elif [ "$(builtin type -P gosu)" ]; then
|
||||||
|
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P runuser)" ]; then
|
||||||
|
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P sudo)" ]; then
|
||||||
|
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P su)" ]; then
|
||||||
|
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
|
||||||
|
else
|
||||||
|
echo "Can not switch to $SERVICE_USER: attempting to run as root"
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Change to working directory
|
||||||
|
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show init message
|
||||||
|
__pre_message
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Initialize ssl
|
||||||
|
__update_ssl_conf
|
||||||
|
__update_ssl_certs
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Updating config files
|
||||||
|
__create_env
|
||||||
|
__update_conf_files
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run the pre execute commands
|
||||||
|
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
|
||||||
|
__pre_execute
|
||||||
|
__run_secure_function
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
|
||||||
|
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
|
||||||
|
SERVICE_EXIT_CODE=10
|
||||||
|
SERVICE_IS_RUNNING="false"
|
||||||
|
rm -Rf "$SERVICE_PID_FILE"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
exit $SERVICE_EXIT_CODE
|
402
init/done/08-cherokee.sh
Executable file
@ -0,0 +1,402 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
|
||||||
|
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
printf '%s\n' "# - - - Initializing cherokee - - - #"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_NAME="cherokee"
|
||||||
|
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run trap command on exit
|
||||||
|
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import the functions file
|
||||||
|
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
|
||||||
|
. "/usr/local/etc/docker/functions/entrypoint.sh"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# import variables
|
||||||
|
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
|
||||||
|
[ -f "$set_env" ] && . "$set_env"
|
||||||
|
done
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Custom functions
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Show message before execute
|
||||||
|
PRE_EXEC_MESSAGE=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Default predefined variables
|
||||||
|
WORKDIR="" # set working directory
|
||||||
|
DATA_DIR="/data" # set data directory
|
||||||
|
WWW_DIR="/data/htdocs/www" # set the web root
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ETC_DIR="/etc/cherokee" # set etc directory
|
||||||
|
CONF_DIR="/config/cherokee" # set config directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
RUN_DIR="/run/init.d" # set scripts pid dir
|
||||||
|
LOG_DIR="/data/logs/cherokee" # set log directory
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
|
||||||
|
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set the database directory
|
||||||
|
DATABASE_DIR="${DATABASE_DIR_CHEROKEE:-/data/db/cherokee}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional predefined variables
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# port which service is listening on
|
||||||
|
SERVICE_PORT="80"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# execute command variables
|
||||||
|
SERVICE_UID="0" # set the user id
|
||||||
|
SERVICE_USER="root" # execute command as another user
|
||||||
|
EXEC_CMD_BIN="cherokee" # command to execute
|
||||||
|
EXEC_CMD_ARGS="-C $ETC_DIR/cherokee.conf" # command arguments
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a web server
|
||||||
|
IS_WEB_SERVER="no"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Is this service a database server
|
||||||
|
IS_DATABASE_SERVICE="no"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Additional variables
|
||||||
|
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# usernames
|
||||||
|
user_name="${CHEROKEE_USER_NAME:-}" # normal user name
|
||||||
|
root_user_name="${CHEROKEE_ROOT_USER_NAME:-}" # root user name
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# passwords [password/random]
|
||||||
|
user_pass="${CHEROKEE_USER_PASS_WORD:-}" # normal user password
|
||||||
|
root_user_pass="${CHEROKEE_ROOT_PASS_WORD:-}" # root user password
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Overwrite variables from files
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
|
||||||
|
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Specifiy custom directories to be created
|
||||||
|
ADD_APPLICATION_FILES=""
|
||||||
|
ADD_APPLICATION_DIRS=""
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
APPLICATION_FILES="$LOG_DIR/cherokee.log"
|
||||||
|
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__update_conf_files() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
|
||||||
|
# create default directories
|
||||||
|
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating directory $filedirs with permissions 777"
|
||||||
|
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create default files
|
||||||
|
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
|
||||||
|
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
|
||||||
|
(
|
||||||
|
echo "Creating file $application_files with permissions 777"
|
||||||
|
touch "$application_files" && chmod -Rf 777 "$application_files"
|
||||||
|
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
# create directories if variable is yes"
|
||||||
|
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
|
||||||
|
# copy config files to system
|
||||||
|
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
# replace variables
|
||||||
|
__replace "REPLACE_WWW_DIR" "$WWW_DIR" "$ETC_DIR/cherokee.conf"
|
||||||
|
__replace "REPLACE_SERVER_PORT" "$SERVICE_PORT" "$ETC_DIR/cherokee.conf"
|
||||||
|
# replace variables recursively
|
||||||
|
# __find_replace "" "" "$CONF_DIR/"
|
||||||
|
# custom commands
|
||||||
|
|
||||||
|
# other
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset application_files filedirs
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run before executing
|
||||||
|
__pre_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
# define commands
|
||||||
|
|
||||||
|
# execute if directories is empty
|
||||||
|
#__is_dir_empty "" &&
|
||||||
|
|
||||||
|
# create user if needed
|
||||||
|
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
|
||||||
|
# set user on files/folders
|
||||||
|
if [ -n "$user" ] && [ "$user" != "root" ]; then
|
||||||
|
if grep -s -q "$user:" "/etc/passwd"; then
|
||||||
|
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
|
||||||
|
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
|
||||||
|
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# unset unneeded variables
|
||||||
|
unset filesperms filename
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# function to run after executing
|
||||||
|
__post_execute() {
|
||||||
|
local exitCode=0 # default exit code
|
||||||
|
local user="${SERVICE_USER:-root}" # specifiy different user
|
||||||
|
sleep 60 # how long to wait before executing
|
||||||
|
echo "Running post commands" # message
|
||||||
|
# execute commands
|
||||||
|
|
||||||
|
(echo "Starting cherokee-admin on port 9090" && cherokee-admin -b -p 9090 -C $ETC_DIR/cherokee.conf) &
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to update config files - IE: change port
|
||||||
|
__pre_message() {
|
||||||
|
local exitCode=0
|
||||||
|
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
|
||||||
|
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# use this function to setup ssl support
|
||||||
|
__update_ssl_conf() {
|
||||||
|
local exitCode=0
|
||||||
|
|
||||||
|
return $exitCode
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__create_env() {
|
||||||
|
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
|
||||||
|
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
|
||||||
|
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
|
||||||
|
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
|
||||||
|
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
|
||||||
|
|
||||||
|
EOF
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# script to start server
|
||||||
|
__run_start_script() {
|
||||||
|
local user="${SERVICE_USER:-root}"
|
||||||
|
local workdir="${WORKDIR:-$WORK_DIR}"
|
||||||
|
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
|
||||||
|
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
|
||||||
|
local home="${workdir//\/root/\/tmp\/docker}"
|
||||||
|
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
|
||||||
|
if [ -z "$EXEC_CMD_BIN" ]; then
|
||||||
|
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
echo "Initializing $SCRIPT_NAME has completed"
|
||||||
|
else
|
||||||
|
# ensure the command exists
|
||||||
|
if [ ! -x "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "$EXEC_CMD_NAME is not a valid executable"
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
# set working directories
|
||||||
|
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
|
||||||
|
[ "$home" = "/root" ] && home="/tmp/docker"
|
||||||
|
[ "$home" = "$workdir" ] && workdir=""
|
||||||
|
# create needed directories
|
||||||
|
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
|
||||||
|
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
|
||||||
|
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
|
||||||
|
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
|
||||||
|
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
|
||||||
|
# check and exit if already running
|
||||||
|
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
|
||||||
|
echo "$EXEC_CMD_NAME is already running" >&2
|
||||||
|
exit 0
|
||||||
|
else
|
||||||
|
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
|
||||||
|
su_cmd touch "$SERVICE_PID_FILE"
|
||||||
|
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
|
||||||
|
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# username and password actions
|
||||||
|
__run_secure_function() {
|
||||||
|
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
|
||||||
|
for filesperms in "${USER_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
|
||||||
|
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
|
||||||
|
if [ -e "$filesperms" ]; then
|
||||||
|
chmod -Rf 600 "$filesperms"
|
||||||
|
chown -Rf root:root "$filesperms"
|
||||||
|
fi
|
||||||
|
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# simple cd function
|
||||||
|
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# process check functions
|
||||||
|
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
|
||||||
|
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# check if process is already running
|
||||||
|
__proc_check() {
|
||||||
|
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
|
||||||
|
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
|
||||||
|
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
|
||||||
|
SERVICE_IS_RUNNING="true"
|
||||||
|
touch "$SERVICE_PID_FILE"
|
||||||
|
echo "$cmd_name is already running"
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow ENV_ variable - Import env file
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
SERVICE_EXIT_CODE=0 # default exit code
|
||||||
|
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
|
||||||
|
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
|
||||||
|
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
|
||||||
|
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
|
||||||
|
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
|
||||||
|
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
|
||||||
|
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
|
||||||
|
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
|
||||||
|
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
|
||||||
|
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# application specific
|
||||||
|
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
|
||||||
|
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
|
||||||
|
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
|
||||||
|
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
|
||||||
|
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
|
||||||
|
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# create auth directories
|
||||||
|
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
|
||||||
|
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow per init script usernames and passwords
|
||||||
|
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
|
||||||
|
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow setting initial users and passwords via environment
|
||||||
|
user_name="${user_name:-$ENV_USER_NAME}"
|
||||||
|
user_pass="${user_pass:-$ENV_USER_PASS}"
|
||||||
|
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
|
||||||
|
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set password to random if variable is random
|
||||||
|
if [ "$user_pass" = "random" ]; then
|
||||||
|
user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
if [ "$root_user_pass" = "random" ]; then
|
||||||
|
root_user_pass="$(__random_password)"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Allow variables via imports - Overwrite existing
|
||||||
|
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Only run check
|
||||||
|
if [ "$1" = "check" ]; then
|
||||||
|
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
|
||||||
|
exit $?
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show message if env exists
|
||||||
|
if [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
|
||||||
|
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# set switch user command
|
||||||
|
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
elif [ "$(builtin type -P gosu)" ]; then
|
||||||
|
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P runuser)" ]; then
|
||||||
|
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P sudo)" ]; then
|
||||||
|
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
|
||||||
|
elif [ "$(builtin type -P su)" ]; then
|
||||||
|
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
|
||||||
|
else
|
||||||
|
echo "Can not switch to $SERVICE_USER: attempting to run as root"
|
||||||
|
su_cmd() { eval "$*" || return 1; }
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Change to working directory
|
||||||
|
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# show init message
|
||||||
|
__pre_message
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Initialize ssl
|
||||||
|
__update_ssl_conf
|
||||||
|
__update_ssl_certs
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# Updating config files
|
||||||
|
__create_env
|
||||||
|
__update_conf_files
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
# run the pre execute commands
|
||||||
|
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
|
||||||
|
__pre_execute
|
||||||
|
__run_secure_function
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
|
||||||
|
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
|
||||||
|
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
|
||||||
|
SERVICE_EXIT_CODE=10
|
||||||
|
SERVICE_IS_RUNNING="false"
|
||||||
|
rm -Rf "$SERVICE_PID_FILE"
|
||||||
|
fi
|
||||||
|
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
||||||
|
exit $SERVICE_EXIT_CODE
|