dockersrc/scripts
1
0
Fork 0
mirror of https://github.com/dockersrc/scripts synced 2024-11-21 05:23:05 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

🦈🏠🐜 Initial Commit 🐜🦈🏠

Browse Source
This commit is contained in:
casjay 2023-04-06 19:28:01 -04:00
commit 9b376b0fd6
No known key found for this signature in database
GPG Key ID: 4F765975C1F0EE5F
166 changed files with 79846 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

93
.gitignore vendored Normal file
View File

@ -0,0 +1,93 @@
# gitignore created on 04/06/23 at 18:41
# Disable reminder in prompt
ignoredirmessage
# OS generated files
### Linux ###
*~
# temporary files which can be created if a process still has a handle open of a deleted file
.fuse_hidden*
# KDE directory preferences
.directory
# Linux trash folder which might appear on any partition or disk
.Trash-*
# .nfs files are created when an open file is removed but is still being accessed
.nfs*
### macOS ###
# General
.DS_Store
.AppleDouble
.LSOverride
# Thumbnails
._*
# Files that might appear in the root of a volume
.DocumentRevisions-V100
.fseventsd
.Spotlight-V100
.TemporaryItems
.Trashes
.VolumeIcon.icns
.com.apple.timemachine.donotpresent
# Directories potentially created on remote AFP share
.AppleDB
.AppleDesktop
Network Trash Folder
Temporary Items
.apdisk
### macOS Patch ###
# iCloud generated files
*.icloud
### Windows ###
# Windows thumbnail cache files
Thumbs.db
Thumbs.db:encryptable
ehthumbs.db
ehthumbs_vista.db
# Dump file
*.stackdump
# Folder config file
[Dd]esktop.ini
# Recycle Bin used on file shares
$RECYCLE.BIN/
# Windows Installer files
*.cab
*.msi
*.msix
*.msm
*.msp
# Windows shortcuts
*.lnk
# ignore commit message
**/.gitcommit
#ignore .failed
**/.build_failed
# ignore .bak files
**/*.bak
# ignore .no_push files
**/.no_push
# ignore .no_git files
**/.no_git
# ignore .installed files
**/.installed

13
LICENSE.md Normal file
View File

@ -0,0 +1,13 @@
DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
Version 2, December 2004
Copyright (C) 2023 casjay <git-admin@casjaysdev.com>
Everyone is permitted to copy and distribute verbatim or modified
copies of this license document, and changing it is allowed as long
as the name is changed.
DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
1. You just DO WHAT THE FUCK YOU WANT TO.

8
README.md Normal file
View File

@ -0,0 +1,8 @@
## 👋 Welcome to docker-scripts 🚀
docker-scripts README
## Author
🤖 casjay: [Github](https://github.com/casjay) 🤖

355
configs/ampache/ampache.cfg.php Normal file
View File

@ -0,0 +1,355 @@
;#<?php exit(); ?>##
;#########################################################
; General Config #
;#########################################################
config_version = 63
;#########################################################
; Auto Update #
;#########################################################
github_force_branch = "master"
composer_binary_path = "composer"
hide_ampache_messages = "false"
;#########################################################
; Path Vars #
;#########################################################
;http_host = "localhost"
;http_port = 80
;web_path = ""
;local_web_path = "http://localhost/ampache"
;#########################################################
; Database #
;#########################################################
database_name = ampache
database_hostname = localhost
database_port = 3306
database_username = root
;database_password = password
database_charset = "utf8mb4"
database_collation = "utf8mb4_unicode_ci"
;#########################################################
; Session and Security #
;#########################################################
secret_key = "abcdefghijklmnoprqstuvwyz0123456"
session_length = 3600
stream_length = 7200
remember_length = 604800
session_name = ampache
session_cookielife = 0
session_cookiesecure = 0
auth_methods = "mysql"
;external_authenticator = "/usr/sbin/pwauth"
;auth_password_save = "true"
;logout_redirect = "http://sso.example.com/logout"
access_control = "true"
require_session = "true"
require_localnet_session = "true"
;prevent_multiple_logins = "true"
;disable_xframe_sameorigin = "true"
;#########################################################
; Metadata #
;#########################################################
getid3_tag_order = "vorbiscomment,id3v2,id3v1,quicktime,matroska,ape,asf,avi,mpeg,riff"
;getid3_detect_id3v2_encoding = "true"
;write_id3 = "true"
;write_id3_art = "true"
metadata_order = "getID3,MusicBrainz,TheAudioDb,filename"
metadata_order_video = "filename,getID3"
deferred_ext_metadata = "true"
additional_genre_delimiters = "[/]{2}|[/\\\\|,;]"
;enable_custom_metadata = "true"
;#########################################################
; File Tags #
;write_tags = "true"
;#########################################################
; Catalog #
;#########################################################
catalog_file_pattern = "mp3|mpc|m4p|m4a|aac|ogg|oga|wav|aif|aiff|rm|wma|asf|flac|opus|spx|ra|ape|shn|wv"
catalog_video_pattern = "avi|mpg|mpeg|flv|m4v|mp4|webm|mkv|wmv|ogv|mov|divx|m2ts"
catalog_playlist_pattern = "m3u|m3u8|pls|asx|xspf"
catalog_prefix_pattern = "The|An|A|Die|Das|Ein|Eine|Les|Le|La"
;catalog_disable = "true"
;catalog_filter = "true"
;delete_from_disk = "true"
;catalog_verify_by_time = "true"
;#########################################################
; Program Settings #
;#########################################################
;downsample_remote = "true"
;track_user_ip = "true"
;user_ip_cardinality = "42"
;allow_zip_download = "true"
;allow_zip_types = "album"
;art_zip_add = "true"
;file_zip_comment = "Ampache - Zip Batch Download"
;webplayer_debug = "true"
;waveform = "true"
;waveform_color = "#FF0000"
;waveform_height = 32
;waveform_width = 400
;tmp_dir_path = "/tmp"
;throttle_download = 10
;generate_video_preview = "true"
;no_symlinks = "true"
use_auth = "true"
default_auth_level = "guest"
;skip_timer = 20
ratings = "true"
;rating_browse_filter = "true"
;rating_browse_minimum_stars = 1
;rating_file_tag_user = 1
directplay = "true"
sociable = "true"
;licensing = "true"
;demo_mode = "true"
;simple_user_mode = "true"
;memory_cache = "true"
;memory_limit = 32
;album_art_preferred_filename = "folder.jpg"
;artist_art_preferred_filename = "folder.jpg"
;artist_art_folder = "/data/htdocs/www/art"
;album_art_store_disk = "true"
;local_metadata_dir = "/metadata"
;max_upload_size = 1048576
;album_art_min_width = 100
;album_art_max_width = 1024
;album_art_min_height = 100
;album_art_max_height = 1024
;resize_images = "true"
playlist_art = "true"
;statistical_graphs = "true"
art_order = "db,tags,folder,spotify,musicbrainz"
;gather_song_art = "true"
;show_song_art = "true"
;spotify_art_filter = "artist"
;art_search_limit = 15
;show_similar = "true"
;hide_search = "true"
;allow_upload_scripts = "true"
;#########################################################
; API keys #
;#########################################################
lastfm_api_key = "d5df942424c71b754e54ce1832505ae2"
lastfm_api_secret = ""
;spotify_client_id = ""
;spotify_client_secret = ""
;wanted = "true"
wanted_types = "album,official"
;wanted_auto_accept = "true"
;label = "true"
;broadcast = "true"
live_stream = "true"
podcast = "true"
;websocket_address = "ws://localhost:8100"
refresh_limit = "60"
;use_now_playing_embedded = "true"
;now_playing_refresh_limit = "-1"
;now_playing_css_file = "templates/now-playing.css"
show_footer_statistics = "true"
;use_rss = "true"
;allow_php_themes = "true"
;#########################################################
; Debugging #
;#########################################################
debug = "false"
debug_level = 2
log_path = "/data/logs/httpd"
log_filename = "ampache.log"
;#########################################################
; Encoding Settings #
;#########################################################
site_charset = UTF-8
;lc_charset = "ISO8859-1"
;mb_detect_order = "ASCII,UTF-8,EUC-JP,ISO-2022-JP,SJIS,JIS"
;#########################################################
; Custom actions (optional) #
;#########################################################
;custom_play_action_title_0 = ""
;custom_play_action_icon_0 = ""
;custom_play_action_run_0 = ""
; Example for Karaoke playing
;custom_play_action_title_0 = "Karaoke"
;custom_play_action_icon_0 = "microphone"
;custom_play_action_run_0 = "sox \"%f\" -p oops | ffmpeg -i pipe:0 -f %c pipe:1"
;#########################################################
; LDAP login info (optional) #
;#########################################################
;ldap_url = "ldap://localhost/"
;ldap_url = "ldaps://localhost/"
;ldap_username = ""
;ldap_password = ""
;ldap_search_dn = "ou=People,dc=yoursubdomain,dc=yourdomain,dc=yourtld"
;ldap_objectclass = "posixAccount" ; OpenLDAP
;ldap_objectclass = "organizationalPerson" ; Microsoft Active Directory
;ldap_filter = "(uid=%v)" ; OpenLDAP
;ldap_filter = "(sAMAccountName=%v)" ; Microsoft Active Directory
;ldap_require_group = "cn=yourgroup,ou=yourorg,dc=yoursubdomain,dc=yourdomain,dc=yourtld"
;ldap_name_field = "cn"
;ldap_name_field = "displayName"
;ldap_email_field = "mail"
;ldap_avatar_field = "jpegPhoto"
;ldap_avatar_mime = "image/jpeg"
;ldap_protocol_version = 3
;ldap_start_tls = "true"
;ldap_member_attribute = "member"
;ldap_member_attribute = "memberuid"
;#########################################################
; OpenID login info (optional) #
;#########################################################
;openid_required_pape = ""
;#########################################################
; Public Registration settings, defaults to disabled #
;#########################################################
;auto_create = "true"
;external_auto_update = "true"
;allow_public_registration = "true"
;captcha_public_reg = "true"
;admin_notify_reg = "true"
;admin_enable_required = "true"
;auto_user = "guest"
;user_agreement = "true"
;user_no_email_confirm = "true"
;cookie_disclaimer = "true"
registration_display_fields = "fullname,website"
registration_mandatory_fields = "fullname"
;#########################################################
; These options control the dynamic downsampling based #
; on current usage #
; *Note* Transcoding must be enabled and working #
;#########################################################
;max_bit_rate = 576
;min_bit_rate = 48
;#########################################################
; Transcode Settings #
;#########################################################
;transcode_m4a = "allowed"
;transcode_flac = "required"
;transcode_mpc = "required"
;transcode_ogg = "required"
;transcode_oga = "required"
;transcode_opus = "required"
;transcode_wav = "required"
;transcode_wma = "required"
;transcode_aif = "required"
;transcode_aiff = "required"
;transcode_ape = "required"
;transcode_shn = "required"
transcode_mp3 = "allowed"
;transcode_avi = "allowed"
;transcode_flv = "allowed"
;transcode_mkv = "allowed"
;transcode_mpg = "allowed"
;transcode_mpeg = "allowed"
;transcode_m4v = "allowed"
;transcode_mp4 = "allowed"
;transcode_mov = "allowed"
;transcode_wmv = "allowed"
;transcode_ogv = "allowed"
;transcode_divx = "allowed"
;transcode_m2ts = "allowed"
;transcode_webm = "allowed"
;encode_target = mp3
;encode_video_target = webm
;encode_target_flac = opus
;transcode_player_webplayer_m4a = "required"
;transcode_player_webplayer_flac = "required"
;transcode_player_webplayer_mpc = "required"
;encode_player_webplayer_target = mp3
;encode_player_api_target = mp3
transcode_player_customize = "true"
;transcode_cmd = "ffmpeg"
;transcode_cmd = "avconv"
;transcode_cmd = "/usr/bin/neatokeen"
transcode_input = "-i %FILE%"
;transcode_cmd_mid = "timidity -Or -o %FILE% | ffmpeg -f s16le -i pipe:0"
encode_args_mp3 = "-vn -b:a %BITRATE%K -c:a libmp3lame -f mp3 pipe:1"
encode_args_ogg = "-vn -b:a %BITRATE%K -c:a libvorbis -f ogg pipe:1"
encode_args_opus = "-vn -b:a %BITRATE%K -c:a libopus -compression_level 10 -vsync 2 -f ogg pipe:1"
encode_args_m4a = "-vn -b:a %BITRATE%K -c:a libfdk_aac -f adts pipe:1"
encode_args_wav = "-vn -b:a %BITRATE%K -c:a pcm_s16le -f wav pipe:1"
encode_args_flv = "-b:a %BITRATE%K -ar 44100 -ac 2 -v 0 -f flv -c:v libx264 -preset superfast -threads 0 pipe:1"
encode_args_webm = "-b:a %BITRATE%K -f webm -c:v libvpx -preset superfast -threads 0 pipe:1"
encode_args_ts = "-q %QUALITY% -s %RESOLUTION% -f mpegts -c:v libx264 -c:a libmp3lame -maxrate %MAXBITRATE%k -preset superfast -threads 0 pipe:1"
encode_args_ogv = "-codec:v libtheora -qscale:v 7 -codec:a libvorbis -qscale:a 5 -f ogg pipe:1"
encode_get_image = "-ss %TIME% -f image2 -vframes 1 pipe:1"
encode_srt = "-vf \"subtitles='%SRTFILE%'\""
encode_ss_frame = "-ss %TIME%"
encode_ss_duration = "-t %DURATION%"
send_full_stream = "webplayer"
;#########################################################
; Transcode Caching #
;#########################################################
;cache_path = "/tmp"
;cache_target = "mp3"
;cache_m4a = "true"
;cache_flac = "true"
;cache_mpc = "true"
;cache_ogg = "true"
;cache_oga = "true"
;cache_opus = "true"
;cache_wav = "true"
;cache_wma = "true"
;cache_aif = "true"
;cache_aiff = "true"
;cache_ape = "true"
;cache_shn = "true"
;cache_mp3 = "true"
;cache_remote = "true"
;#########################################################
; Proxy Settings (optional) #
;#########################################################
;proxy_host = "192.168.0.1"
;proxy_port = "8080"
;proxy_user = ""
;proxy_pass = ""
;force_ssl = "true"
;#########################################################
; Mail Settings #
;#########################################################
;mail_enable = "true"
;mail_type = "php"
;mail_domain = "example.com"
;mail_user = "info"
;mail_name = "Ampache"
;mail_check = "strict"
;#########################################################
; sendmail Settings #
;#########################################################
;sendmail_path = "/usr/sbin/sendmail"
;#########################################################
; SMTP Settings #
;#########################################################
;mail_host = "localhost"
;mail_port = 25
;mail_secure_smtp = tls
;mail_auth = "true"
;mail_auth_user = ""
;mail_auth_pass = ""
;#########################################################
; Abbreviation Filter #
;#########################################################
common_abbr = "divx,xvid,dvdrip,hdtv,lol,axxo,repack,xor,pdtv,real,vtv,caph,2hd,proper,fqm,uncut,topaz,tvt,notv,fpn,fov,orenji,0tv,omicron,dsr,ws,sys,crimson,wat,hiqt,internal,brrip,boheme,vost,vostfr,fastsub,addiction,x264,LOL,720p,1080p,YIFY,evolve,fihtv,first,bokutox,bluray,tvboom,info"

7
configs/apache2/conf.d/php-fpm.conf Normal file
View File

@ -0,0 +1,7 @@
#<FilesMatch \.php$>
# SetHandler application/x-httpd-php
#</FilesMatch>
<FilesMatch \.php$>
SetHandler "proxy:fcgi://127.0.0.1:9000"
</FilesMatch>

219
configs/apache2/httpd.conf Normal file
View File

@ -0,0 +1,219 @@
# This is the main Apache HTTP server configuration file.
# Set to one of: Full | OS | Minor | Minimal | Major | Prod
ServerTokens PROD
ServerRoot /var/www
Listen REPLACE_SERVER_PORT
LoadModule mpm_event_module modules/mod_mpm_event.so
#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_anon_module modules/mod_authn_anon.so
LoadModule authn_dbd_module modules/mod_authn_dbd.so
LoadModule authn_socache_module modules/mod_authn_socache.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_dbd_module modules/mod_authz_dbd.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_form_module modules/mod_auth_form.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule allowmethods_module modules/mod_allowmethods.so
LoadModule file_cache_module modules/mod_file_cache.so
LoadModule cache_module modules/mod_cache.so
LoadModule cache_disk_module modules/mod_cache_disk.so
LoadModule cache_socache_module modules/mod_cache_socache.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule socache_dbm_module modules/mod_socache_dbm.so
LoadModule socache_memcache_module modules/mod_socache_memcache.so
LoadModule socache_redis_module modules/mod_socache_redis.so
LoadModule watchdog_module modules/mod_watchdog.so
LoadModule macro_module modules/mod_macro.so
LoadModule dbd_module modules/mod_dbd.so
LoadModule dumpio_module modules/mod_dumpio.so
LoadModule echo_module modules/mod_echo.so
LoadModule buffer_module modules/mod_buffer.so
LoadModule data_module modules/mod_data.so
LoadModule ratelimit_module modules/mod_ratelimit.so
LoadModule reqtimeout_module modules/mod_reqtimeout.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule request_module modules/mod_request.so
LoadModule include_module modules/mod_include.so
LoadModule filter_module modules/mod_filter.so
LoadModule reflector_module modules/mod_reflector.so
LoadModule substitute_module modules/mod_substitute.so
LoadModule sed_module modules/mod_sed.so
LoadModule charset_lite_module modules/mod_charset_lite.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule brotli_module modules/mod_brotli.so
LoadModule mime_module modules/mod_mime.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule log_debug_module modules/mod_log_debug.so
LoadModule log_forensic_module modules/mod_log_forensic.so
LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule unique_id_module modules/mod_unique_id.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
LoadModule remoteip_module modules/mod_remoteip.so
LoadModule session_module modules/mod_session.so
LoadModule session_cookie_module modules/mod_session_cookie.so
LoadModule session_crypto_module modules/mod_session_crypto.so
LoadModule session_dbd_module modules/mod_session_dbd.so
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
LoadModule slotmem_plain_module modules/mod_slotmem_plain.so
LoadModule dialup_module modules/mod_dialup.so
LoadModule http2_module modules/mod_http2.so
LoadModule unixd_module modules/mod_unixd.so
LoadModule heartbeat_module modules/mod_heartbeat.so
LoadModule heartmonitor_module modules/mod_heartmonitor.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule asis_module modules/mod_asis.so
LoadModule info_module modules/mod_info.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule dir_module modules/mod_dir.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule fcgid_module modules/mod_fcgid.so
LoadModule dav_module modules/mod_dav.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule wsgi_module modules/mod_wsgi.so
LoadModule lua_module modules/mod_lua.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_express_module modules/mod_proxy_express.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
#LoadModule suexec_module modules/mod_suexec.so
#LoadModule php_module modules/mod_php8.so
<IfModule unixd_module>
User apache
Group apache
</IfModule>
# 'Main' server configuration
ServerName REPLACE_SERVER_NAME
ServerAdmin REPLACE_SERVER_ADMIN
ServerSignature On
DocumentRoot "REPLACE_SERVER_DIR"
<Directory />
AllowOverride none
Require all denied
</Directory>
<Directory "/data/htdocs">
Options Indexes FollowSymLinks MultiViews ExecCGI Includes
AllowOverride All
Require all granted
</Directory>
<Directory "REPLACE_SERVER_DIR">
Options Indexes FollowSymLinks MultiViews ExecCGI Includes
AllowOverride All
Require all granted
</Directory>
<Directory "/usr/local/share/template-files/data/htdocs/www">
Options Indexes FollowSymLinks MultiViews ExecCGI Includes
AllowOverride All
Require all granted
</Directory>
<Directorymatch "^/.*/\.git/">
Order deny,allow
Deny from all
</Directorymatch>
<IfModule dir_module>
DirectoryIndex index.php index.cgi index.asp index.aspx index.pl index.aspx index.shtml awstats.pl index.txt index.json index.html index.html.var Default.aspx default.aspx index.unknown.php index.default.php
</IfModule>
<Files ".ht*">
Require all denied
</Files>
ErrorLog /data/logs/apache2/error.log
LogLevel warn
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog /data/logs/apache2/access.default.log combined
</IfModule>
<IfModule alias_module>
Alias /health /data/htdocs/www/health/index.txt
Alias /health/json /data/htdocs/www/health/index.json
ScriptAlias /cgi-bin/ "/data/htdocs/cgi-bin/"
</IfModule>
<Directory "/data/htdocs/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule cgid_module>
#Scriptsock cgisock
</IfModule>
<IfModule headers_module>
RequestHeader unset Proxy early
</IfModule>
<IfModule mime_module>
TypesConfig /etc/apache2/mime.types
AddType application/x-gzip .tgz
AddEncoding x-compress .Z
AddEncoding x-gzip .gz .tgz
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddHandler cgi-script .cgi
AddHandler type-map var
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</IfModule>
<IfModule mime_magic_module>
MIMEMagicFile /etc/apache2/magic
</IfModule>
<IfModule mod_status.c>
<Location /server-status>
SetHandler server-status
</Location>
</IfModule>
ProxyErrorOverride on
IncludeOptional /etc/apache2/conf.d/*.conf
IncludeOptional /etc/apache2/vhosts.d/*.conf

252
configs/apache2/httpd.ssl.conf Normal file
View File

@ -0,0 +1,252 @@
# This is the main Apache HTTP server configuration file.
# Set to one of: Full | OS | Minor | Minimal | Major | Prod
ServerTokens PROD
ServerRoot /var/www
Listen REPLACE_SERVER_PORT
LoadModule mpm_event_module modules/mod_mpm_event.so
#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_anon_module modules/mod_authn_anon.so
LoadModule authn_dbd_module modules/mod_authn_dbd.so
LoadModule authn_socache_module modules/mod_authn_socache.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_dbd_module modules/mod_authz_dbd.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_form_module modules/mod_auth_form.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule allowmethods_module modules/mod_allowmethods.so
LoadModule file_cache_module modules/mod_file_cache.so
LoadModule cache_module modules/mod_cache.so
LoadModule cache_disk_module modules/mod_cache_disk.so
LoadModule cache_socache_module modules/mod_cache_socache.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule socache_dbm_module modules/mod_socache_dbm.so
LoadModule socache_memcache_module modules/mod_socache_memcache.so
LoadModule socache_redis_module modules/mod_socache_redis.so
LoadModule watchdog_module modules/mod_watchdog.so
LoadModule macro_module modules/mod_macro.so
LoadModule dbd_module modules/mod_dbd.so
LoadModule dumpio_module modules/mod_dumpio.so
LoadModule echo_module modules/mod_echo.so
LoadModule buffer_module modules/mod_buffer.so
LoadModule data_module modules/mod_data.so
LoadModule ratelimit_module modules/mod_ratelimit.so
LoadModule reqtimeout_module modules/mod_reqtimeout.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule request_module modules/mod_request.so
LoadModule include_module modules/mod_include.so
LoadModule filter_module modules/mod_filter.so
LoadModule reflector_module modules/mod_reflector.so
LoadModule substitute_module modules/mod_substitute.so
LoadModule sed_module modules/mod_sed.so
LoadModule charset_lite_module modules/mod_charset_lite.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule brotli_module modules/mod_brotli.so
LoadModule mime_module modules/mod_mime.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule log_debug_module modules/mod_log_debug.so
LoadModule log_forensic_module modules/mod_log_forensic.so
LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule unique_id_module modules/mod_unique_id.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
LoadModule remoteip_module modules/mod_remoteip.so
LoadModule session_module modules/mod_session.so
LoadModule session_cookie_module modules/mod_session_cookie.so
LoadModule session_crypto_module modules/mod_session_crypto.so
LoadModule session_dbd_module modules/mod_session_dbd.so
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
LoadModule slotmem_plain_module modules/mod_slotmem_plain.so
LoadModule dialup_module modules/mod_dialup.so
LoadModule http2_module modules/mod_http2.so
LoadModule unixd_module modules/mod_unixd.so
LoadModule heartbeat_module modules/mod_heartbeat.so
LoadModule heartmonitor_module modules/mod_heartmonitor.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule asis_module modules/mod_asis.so
LoadModule info_module modules/mod_info.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule fcgid_module modules/mod_fcgid.so
LoadModule dav_module modules/mod_dav.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule wsgi_module modules/mod_wsgi.so
LoadModule lua_module modules/mod_lua.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_express_module modules/mod_proxy_express.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
#LoadModule suexec_module modules/mod_suexec.so
#LoadModule php_module modules/mod_php8.so
<IfModule unixd_module>
User apache
Group apache
</IfModule>
# 'Main' server configuration
ServerName REPLACE_SERVER_NAME
ServerAdmin REPLACE_SERVER_ADMIN
ServerSignature On
DocumentRoot "REPLACE_SERVER_DIR"
<Directory />
AllowOverride none
Require all denied
</Directory>
<Directory "/var/www">
Options Indexes FollowSymLinks MultiViews ExecCGI Includes
AllowOverride All
Require all granted
</Directory>
<Directory "/data/htdocs">
Options Indexes FollowSymLinks MultiViews ExecCGI Includes
AllowOverride All
Require all granted
</Directory>
<Directory "REPLACE_SERVER_DIR">
Options Indexes FollowSymLinks MultiViews ExecCGI Includes
AllowOverride All
Require all granted
</Directory>
<Directory "/usr/local/share/apache2">
Options Indexes FollowSymLinks MultiViews ExecCGI Includes
AllowOverride All
Require all granted
</Directory>
<Directory "/usr/local/share/template-files/data/htdocs/www">
Options Indexes FollowSymLinks MultiViews ExecCGI Includes
AllowOverride All
Require all granted
</Directory>
<IfModule dir_module>
DirectoryIndex index.php index.cgi index.asp index.aspx index.pl index.aspx index.shtml awstats.pl index.txt index.json index.html index.html.var Default.aspx default.aspx index.unknown.php index.default.php
</IfModule>
<Files ".ht*">
Require all denied
</Files>
ErrorLog /data/logs/httpd/httpd.log
LogLevel warn
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog /data/logs/httpd/access.default.log combined
</IfModule>
<IfModule alias_module>
Alias /health /data/htdocs/www/health/index.txt
Alias /health/json /data/htdocs/www/health/index.json
ScriptAlias /cgi-bin/ "/data/htdocs/cgi-bin/"
</IfModule>
<Directory "/data/htdocs/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule cgid_module>
#Scriptsock cgisock
</IfModule>
<IfModule headers_module>
RequestHeader unset Proxy early
</IfModule>
<IfModule mime_module>
TypesConfig /etc/apache2/mime.types
AddType application/x-gzip .tgz
AddEncoding x-compress .Z
AddEncoding x-gzip .gz .tgz
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddHandler cgi-script .cgi
AddHandler type-map var
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</IfModule>
<IfModule mime_magic_module>
MIMEMagicFile /etc/apache2/magic
</IfModule>
#SSLUseStapling On
#SSLOCSPEnable on
#SSLStaplingCache shmcb:/run/httpd/ssl_stapling(32768)
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
SSLProxyCheckPeerCN off
SSLSessionCache shmcb:/run/httpd/sslcache(512000)
SSLSessionCacheTimeout 300
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
SSLOpenSSLConfCmd DHParameters "/etc/ssl/dhparam/httpd.pem"
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder on
SSLOptions +StrictRequire
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
Protocols h2 http/1.1
Header set Strict-Transport-Security "max-age=31536000; preload" env=HTTPS
Header always set Access-Control-Allow-Origin "*"
Header always set Content-Security-Policy "*"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always add Header "It took %D microseconds for request"
<IfModule mod_status.c>
<Location /server-status>
SetHandler server-status
</Location>
</IfModule>
ProxyErrorOverride on
IncludeOptional /etc/apache2/conf.d/*.conf
IncludeOptional /etc/apache2/vhosts.d/*.conf

4
configs/apache2/vhosts.d/default.conf Normal file
View File

@ -0,0 +1,4 @@
# Default host
<VirtualHost _default_:REPLACE_SERVER_PORT>
DocumentRoot "REPLACE_SERVER_DIR"
</VirtualHost>

8
configs/apache2/vhosts.d/default.ssl.conf Normal file
View File

@ -0,0 +1,8 @@
# Default host for SSL
<VirtualHost _default_:REPLACE_SERVER_PORT>
SSLEngine on
DocumentRoot "REPLACE_SERVER_DIR"
SSLCertificateFile /config/ssl/server.crt
SSLCertificateKeyFile /config/ssl/server.key
Header always set Strict-Transport-Security "max-age=31536000; preload"
</VirtualHost>

7
configs/caddy/Caddyfile Normal file
View File

@ -0,0 +1,7 @@
:REPLACE_SERVER_PORT {
root * /data/htdocs/www
file_server
#reverse_proxy localhost:8080
php_fastcgi localhost:9000
}

3
configs/caddy/reverse.Caddyfile Normal file
View File

@ -0,0 +1,3 @@
:REPLACE_SERVER_PORT {
reverse_proxy localhost:8080
}

321
configs/cherokee/cherokee.conf Normal file
View File

@ -0,0 +1,321 @@
config!version = 001002104
server!bind!1!port = REPLACE_SERVER_PORT
server!collector = rrd
server!keepalive = 1
server!keepalive_max_requests = 500
server!panic_action = /usr/local/share/cherokee/bin/cherokee-panic
server!pid_file = /tmp/cherokee.pid
server!post_track = post_track
server!server_tokens = product
server!timeout = 15
vserver!1!collector!enabled = 1
vserver!1!directory_index = index.php,index.cgi,index.asp,index.aspx,index.pl,index.aspx,index.shtml,index.txt,index.json,awstats.pl,Default.aspx,default.aspx,index.html,index.html.var,index.unknown.php,index.default.php
vserver!1!document_root = REPLACE_WWW_DIR
vserver!1!error_writer!filename = /data/logs/cherokee/cherokee.log
vserver!1!error_writer!type = file
vserver!1!evhost = evhost
vserver!1!evhost!tpl_document_root = REPLACE_WWW_DIR/${domain}
vserver!1!logger = combined
vserver!1!logger!access!buffsize = 16384
vserver!1!logger!access!filename = /data/logs/cherokee/access.log
vserver!1!logger!access!type = file
vserver!1!logger!x_real_ip_access = 0.0.0.0
vserver!1!logger!x_real_ip_access_all = 0
vserver!1!logger!x_real_ip_enabled = 1
vserver!1!nick = default
vserver!1!rule!60!encoder!gzip = allow
vserver!1!rule!60!flcache = forbid
vserver!1!rule!60!flcache!policy = explicitly_allowed
vserver!1!rule!60!handler = fcgi
vserver!1!rule!60!handler!balancer = round_robin
vserver!1!rule!60!handler!balancer!source!10 = 1
vserver!1!rule!60!handler!error_handler = 1
vserver!1!rule!60!handler!x_real_ip_enabled = 1
vserver!1!rule!60!match = extensions
vserver!1!rule!60!match!check_local_file = 1
vserver!1!rule!60!match!extensions = php
vserver!1!rule!60!match!final = 0
vserver!1!rule!60!timeout = 30
vserver!1!rule!50!encoder!gzip = allow
vserver!1!rule!50!handler = server_info
vserver!1!rule!50!handler!type = just_about
vserver!1!rule!50!match = directory
vserver!1!rule!50!match!directory = /about
vserver!1!rule!40!document_root = /data/htdocs/cgi-bin
vserver!1!rule!40!handler = cgi
vserver!1!rule!40!match = directory
vserver!1!rule!40!match!directory = /cgi-bin
vserver!1!rule!30!document_root = /usr/local/share/cherokee/share/cherokee/themes
vserver!1!rule!30!handler = file
vserver!1!rule!30!match = directory
vserver!1!rule!30!match!directory = /cherokee_themes
vserver!1!rule!20!document_root = /usr/local/share/cherokee/share/cherokee/icons
vserver!1!rule!20!handler = file
vserver!1!rule!20!match = directory
vserver!1!rule!20!match!directory = /cherokee_icons
vserver!1!rule!10!handler = common
vserver!1!rule!10!handler!iocache = 1
vserver!1!rule!10!match = default
source!1!env!PHP_FCGI_CHILDREN = 5
source!1!env!PHP_FCGI_MAX_REQUESTS = 490
source!1!env_inherited = 0
source!1!host = 127.0.0.1:9000
source!1!interpreter = /usr/bin/php-cgi -b 127.0.0.1:9000
source!1!nick = PHP Interpreter
source!1!type = host
icons!default = page_white.png
icons!directory = folder.png
icons!file!bomb.png = core
icons!file!page_white_go.png = *README*
icons!parent_directory = arrow_turn_left.png
icons!suffix!camera.png = jpg,jpeg,jpe
icons!suffix!cd.png = iso,ngr,cue
icons!suffix!color_wheel.png = png,gif,xcf,bmp,pcx,tiff,tif,cdr,psd,xpm,xbm
icons!suffix!control_play.png = bin,exe,com,msi,out
icons!suffix!css.png = css
icons!suffix!cup.png = java,class,jar
icons!suffix!email.png = eml,mbox,box,email,mbx
icons!suffix!film.png = avi,mpeg,mpe,mpg,mpeg3,dl,fli,qt,mov,movie,flv,webm
icons!suffix!font.png = ttf
icons!suffix!html.png = html,htm
icons!suffix!music.png = au,snd,mid,midi,kar,mpga,mpega,mp2,mp3,sid,wav,aif,aiff,aifc,gsm,m3u,wma,wax,ra,rm,ram,pls,sd2,ogg
icons!suffix!package.png = tar,gz,bz2,zip,rar,ace,lha,7z,dmg,cpk
icons!suffix!page_white_acrobat.png = pdf
icons!suffix!page_white_c.png = c,h,cpp
icons!suffix!page_white_office.png = doc,ppt,xls
icons!suffix!page_white_php.png = php
icons!suffix!page_white_text.png = txt,text,rtf,sdw
icons!suffix!printer.png = ps,eps
icons!suffix!ruby.png = rb
icons!suffix!script.png = sh,csh,ksh,tcl,tk,py,pl
mime!application/bzip2!extensions = bz2
mime!application/gzip!extensions = gz
mime!application/hta!extensions = hta
mime!application/java-archive!extensions = jar
mime!application/java-serialized-object!extensions = ser
mime!application/java-vm!extensions = class
mime!application/json!extensions = json
mime!application/mac-binhex40!extensions = hqx
mime!application/msaccess!extensions = mdb
mime!application/msword!extensions = doc,dot
mime!application/octet-stream!extensions = bin
mime!application/octetstream!extensions = ace
mime!application/oda!extensions = oda
mime!application/ogg!extensions = ogx
mime!application/pdf!extensions = pdf
mime!application/pgp-keys!extensions = key
mime!application/pgp-signature!extensions = pgp
mime!application/pics-rules!extensions = prf
mime!application/postscript!extensions = ps,ai,eps
mime!application/rar!extensions = rar
mime!application/rdf+xml!extensions = rdf
mime!application/rss+xml!extensions = rss
mime!application/smil!extensions = smi,smil
mime!application/vnd.mozilla.xul+xml!extensions = xul
mime!application/vnd.ms-excel!extensions = xls,xlb,xlt
mime!application/vnd.ms-pki.seccat!extensions = cat
mime!application/vnd.ms-pki.stl!extensions = stl
mime!application/vnd.ms-powerpoint!extensions = ppt,pps
mime!application/vnd.oasis.opendocument.chart!extensions = odc
mime!application/vnd.oasis.opendocument.database!extensions = odb
mime!application/vnd.oasis.opendocument.formula!extensions = odf
mime!application/vnd.oasis.opendocument.graphics!extensions = odg
mime!application/vnd.oasis.opendocument.image!extensions = odi
mime!application/vnd.oasis.opendocument.presentation!extensions = odp
mime!application/vnd.oasis.opendocument.spreadsheet!extensions = ods
mime!application/vnd.oasis.opendocument.text!extensions = odt
mime!application/vnd.oasis.opendocument.text-master!extensions = odm
mime!application/vnd.oasis.opendocument.text-web!extensions = oth
mime!application/vnd.pkg5.info!extensions = p5i
mime!application/vnd.visio!extensions = vsd
mime!application/vnd.wap.wbxml!extensions = wbxml
mime!application/vnd.wap.wmlc!extensions = wmlc
mime!application/vnd.wap.wmlscriptc!extensions = wmlsc
mime!application/x-7z-compressed!extensions = 7z
mime!application/x-abiword!extensions = abw
mime!application/x-apple-diskimage!extensions = dmg
mime!application/x-bcpio!extensions = bcpio
mime!application/x-bittorrent!extensions = torrent
mime!application/x-cdf!extensions = cdf
mime!application/x-cpio!extensions = cpio
mime!application/x-csh!extensions = csh
mime!application/x-debian-package!extensions = deb,udeb
mime!application/x-director!extensions = dcr,dir,dxr
mime!application/x-dvi!extensions = dvi
mime!application/x-flac!extensions = flac
mime!application/x-font!extensions = pfa,pfb,gsf,pcf,pcf.Z
mime!application/x-freemind!extensions = mm
mime!application/x-gnumeric!extensions = gnumeric
mime!application/x-gtar!extensions = gtar,tgz,taz
mime!application/x-gzip!extensions = gz,tgz
mime!application/x-httpd-php!extensions = phtml,pht,php
mime!application/x-httpd-php-source!extensions = phps
mime!application/x-httpd-php3!extensions = php3
mime!application/x-httpd-php3-preprocessed!extensions = php3p
mime!application/x-httpd-php4!extensions = php4
mime!application/x-internet-signup!extensions = ins,isp
mime!application/x-iphone!extensions = iii
mime!application/x-iso9660-image!extensions = iso
mime!application/x-java-jnlp-file!extensions = jnlp
mime!application/x-javascript!extensions = js
mime!application/x-kchart!extensions = chrt
mime!application/x-killustrator!extensions = kil
mime!application/x-koan!extensions = skp,skd,skt,skm
mime!application/x-kpresenter!extensions = kpr,kpt
mime!application/x-kspread!extensions = ksp
mime!application/x-kword!extensions = kwd,kwt
mime!application/x-latex!extensions = latex
mime!application/x-lha!extensions = lha
mime!application/x-lzh!extensions = lzh
mime!application/x-lzx!extensions = lzx
mime!application/x-ms-wmd!extensions = wmd
mime!application/x-ms-wmz!extensions = wmz
mime!application/x-msdos-program!extensions = com,exe,bat,dll
mime!application/x-msi!extensions = msi
mime!application/x-netcdf!extensions = nc
mime!application/x-ns-proxy-autoconfig!extensions = pac
mime!application/x-nwc!extensions = nwc
mime!application/x-object!extensions = o
mime!application/x-oz-application!extensions = oza
mime!application/x-pkcs7-certreqresp!extensions = p7r
mime!application/x-pkcs7-crl!extensions = crl
mime!application/x-python-code!extensions = pyc,pyo
mime!application/x-quicktimeplayer!extensions = qtl
mime!application/x-redhat-package-manager!extensions = rpm
mime!application/x-sh!extensions = sh
mime!application/x-shar!extensions = shar
mime!application/x-shockwave-flash!extensions = swf,swfl
mime!application/x-stuffit!extensions = sit,sea
mime!application/x-sv4cpio!extensions = sv4cpio
mime!application/x-sv4crc!extensions = sv4crc
mime!application/x-tar!extensions = tar
mime!application/x-tcl!extensions = tcl
mime!application/x-tex-pk!extensions = pk
mime!application/x-texinfo!extensions = texinfo,texi
mime!application/x-trash!extensions = ~,bak,old,sik
mime!application/x-troff!extensions = t,tr,roff
mime!application/x-troff-man!extensions = man
mime!application/x-troff-me!extensions = me
mime!application/x-troff-ms!extensions = ms
mime!application/x-ustar!extensions = ustar
mime!application/x-x509-ca-cert!extensions = crt
mime!application/x-xcf!extensions = xcf
mime!application/x-xfig!extensions = fig
mime!application/x-xpinstall!extensions = xpi
mime!application/xhtml+xml!extensions = xhtml,xht
mime!application/xml!extensions = xml,xsl
mime!application/zip!extensions = zip
mime!audio/basic!extensions = au,snd
mime!audio/midi!extensions = mid,midi,kar
mime!audio/mpeg!extensions = mpga,mpega,mp2,mp3,m4a
mime!audio/ogg!extensions = ogg,oga
mime!audio/prs.sid!extensions = sid
mime!audio/x-aiff!extensions = aif,aiff,aifc
mime!audio/x-gsm!extensions = gsm
mime!audio/x-mpegurl!extensions = m3u
mime!audio/x-ms-wax!extensions = wax
mime!audio/x-ms-wma!extensions = wma
mime!audio/x-pn-realaudio!extensions = ra,rm,ram
mime!audio/x-realaudio!extensions = ra
mime!audio/x-scpls!extensions = pls
mime!audio/x-sd2!extensions = sd2
mime!audio/x-wav!extensions = wav
mime!chemical/x-cache!extensions = cac,cache
mime!chemical/x-cache-csf!extensions = csf
mime!chemical/x-cdx!extensions = cdx
mime!chemical/x-cif!extensions = cif
mime!chemical/x-cmdf!extensions = cmdf
mime!chemical/x-cml!extensions = cml
mime!chemical/x-compass!extensions = cpa
mime!chemical/x-crossfire!extensions = bsd
mime!chemical/x-csml!extensions = csml,csm
mime!chemical/x-ctx!extensions = ctx
mime!chemical/x-cxf!extensions = cxf,cef
mime!chemical/x-isostar!extensions = istr,ist
mime!chemical/x-jcamp-dx!extensions = jdx,dx
mime!chemical/x-kinemage!extensions = kin
mime!chemical/x-pdb!extensions = pdb,ent
mime!chemical/x-swissprot!extensions = sw
mime!chemical/x-vamas-iso14976!extensions = vms
mime!chemical/x-vmd!extensions = vmd
mime!chemical/x-xtel!extensions = xtel
mime!chemical/x-xyz!extensions = xyz
mime!image/gif!extensions = gif
mime!image/jpeg!extensions = jpeg,jpg,jpe
mime!image/pcx!extensions = pcx
mime!image/png!extensions = png
mime!image/svg+xml!extensions = svg,svgz
mime!image/tiff!extensions = tiff,tif
mime!image/vnd.djvu!extensions = djvu,djv
mime!image/vnd.wap.wbmp!extensions = wbmp
mime!image/x-icon!extensions = ico
mime!image/x-ms-bmp!extensions = bmp
mime!image/x-photoshop!extensions = psd
mime!image/x-portable-anymap!extensions = pnm
mime!image/x-portable-bitmap!extensions = pbm
mime!image/x-portable-graymap!extensions = pgm
mime!image/x-portable-pixmap!extensions = ppm
mime!image/x-xbitmap!extensions = xbm
mime!image/x-xpixmap!extensions = xpm
mime!image/x-xwindowdump!extensions = xwd
mime!model/iges!extensions = igs,iges
mime!model/mesh!extensions = msh,mesh,silo
mime!model/vrml!extensions = wrl,vrml
mime!text/calendar!extensions = ics,icz
mime!text/comma-separated-values!extensions = csv
mime!text/css!extensions = css
mime!text/h323!extensions = 323
mime!text/html!extensions = html,htm,shtml
mime!text/iuls!extensions = uls
mime!text/mathml!extensions = mml
mime!text/plain!extensions = asc,txt,text,diff,pot
mime!text/richtext!extensions = rtx
mime!text/rtf!extensions = rtf
mime!text/scriptlet!extensions = sct,wsc
mime!text/tab-separated-values!extensions = tsv
mime!text/vnd.sun.j2me.app-descriptor!extensions = jad
mime!text/vnd.wap.wml!extensions = wml
mime!text/vnd.wap.wmlscript!extensions = wmls
mime!text/x-boo!extensions = boo
mime!text/x-c++hdr!extensions = h++,hpp,hxx,hh
mime!text/x-c++src!extensions = c++,cpp,cxx,cc
mime!text/x-chdr!extensions = h
mime!text/x-csh!extensions = csh
mime!text/x-csrc!extensions = c
mime!text/x-dsrc!extensions = d
mime!text/x-haskell!extensions = hs
mime!text/x-java!extensions = java
mime!text/x-literate-haskell!extensions = lhs
mime!text/x-moc!extensions = moc
mime!text/x-pascal!extensions = p,pas
mime!text/x-pcs-gcd!extensions = gcd
mime!text/x-perl!extensions = pl,pm
mime!text/x-python!extensions = py
mime!text/x-setext!extensions = etx
mime!text/x-sh!extensions = sh
mime!text/x-tcl!extensions = tcl,tk
mime!text/x-tex!extensions = tex,ltx,sty,cls
mime!text/x-vcalendar!extensions = vcs
mime!text/x-vcard!extensions = vcf
mime!video/dl!extensions = dl
mime!video/dv!extensions = dif,dv
mime!video/fli!extensions = fli
mime!video/gl!extensions = gl
mime!video/mp4!extensions = mp4
mime!video/mpeg!extensions = mpeg,mpg,mpe
mime!video/ogg!extensions = ogv
mime!video/quicktime!extensions = qt,mov
mime!video/vnd.mpegurl!extensions = mxu
mime!video/webm!extensions = webm
mime!video/x-flv!extensions = flv
mime!video/x-la-asf!extensions = lsf,lsx
mime!video/x-mng!extensions = mng
mime!video/x-ms-asf!extensions = asf,asx
mime!video/x-ms-wm!extensions = wm
mime!video/x-ms-wmv!extensions = wmv
mime!video/x-ms-wmx!extensions = wmx
mime!video/x-ms-wvx!extensions = wvx
mime!video/x-msvideo!extensions = avi
mime!video/x-sgi-movie!extensions = movie
mime!x-conference/x-cooltalk!extensions = ice
mime!x-world/x-vrml!extensions = vrm,vrml,wrl

158
configs/couchdb/default.ini Normal file
View File

@ -0,0 +1,158 @@
; Upgrading CouchDB will overwrite this file.
[vendor]
name = CasjaysDev
[couchdb]
;uuid =
database_dir = REPLACE_DATABASE_DIR
view_index_dir = REPLACE_DATABASE_DIR
[couchdb_engines]
couch = couch_bt_engine
[chttpd]
port = 5984
bind_address = any
require_valid_user = false
prefer_minimal = Cache-Control, Content-Length, Content-Range, Content-Type, ETag, Server, Transfer-Encoding, Vary
admin_only_all_dbs = true
allow_jsonp = true
enable_cors = true
enable_xframe_options = false
max_uri_length = 8000
x_forwarded_host = X-Forwarded-Host
x_forwarded_proto = X-Forwarded-Proto
x_forwarded_ssl = X-Forwarded-Ssl
max_http_request_size = 4294967296
decode_plus_to_space = true
[couch_peruser]
enable = true
delete_dbs = true
database_prefix = userdb_
[httpd]
port = 5986
bind_address = any
enable_cors = true
[chttpd_auth]
authentication_db = _users
authentication_redirect = /_utils/session.html
require_valid_user = false
timeout = 600
auth_cache_size = 50
allow_persistent_cookies = true
iterations = 10
[couch_httpd_auth]
authentication_db = _users
[ssl]
enable = false
verify_ssl_certificates = false
cert_file = /config/ssl/localhost.crt
key_file = /config/ssl/localhost.key
[csp]
utils_enable = true
utils_header_value = default-src 'self'; img-src 'self'; font-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
attachments_enable = true
attachments_header_value = sandbox
showlist_enable = true
showlist_header_value = sandbox
[cors]
origins = *
credentials = true
methods = GET, PUT, POST, HEAD, DELETE, PATCH
headers = accept, authorization, content-type, origin, referer
[x_frame_options]
hosts = *
same_origin = true
[native_query_servers]
enable_erlang_query_server = false
[query_server_config]
reduce_limit = true
os_process_limit = 100
group_info_timeout = 5000
query_limit = 268435456
partition_query_limit = 268435456
[mango]
default_limit = 25
index_all_disabled = false
index_scan_warning_threshold = 10
[indexers]
couch_mrview = true
[feature_flags]
partitioned||* = true
[uuids]
algorithm = sequential
utc_id_suffix =
max_count = 1000
[attachments]
compression_level = 8
compressible_types = text/*, application/javascript, application/json, application/xml
[replicator]
startup_jitter = 5000
[replicator.shares]
_replicator = 100
[log]
writer = stderr
level = error
[stats]
interval = 10
[smoosh]
db_channels = upgrade_dbs,ratio_dbs,slack_dbs
view_channels = upgrade_views,ratio_views,slack_views
[ioq]
concurrency = 10
ratio = 0.01
[ioq.bypass]
os_process = true
read = true
write = true
view_update = true
shard_sync = false
compaction = false
[dreyfus]
name = clouseau@127.0.0.1
retry_limit = 5
limit = 25
limit_partitions = 2000
max_limit = 200
max_limit_partitions = 2000
[reshard]
max_jobs = 48
max_history = 20
max_retries = 1
retry_interval_sec = 10
delete_source = true
update_shard_map_timeout_sec = 60
source_close_timeout_sec = 600
require_node_param = false
require_range_param = false
[prometheus]
bind_address = any
port = 17986
[cluster]
n = 1

6
configs/couchdb/local.ini Normal file
View File

@ -0,0 +1,6 @@
[couchdb]
single_node=true
[log]
writer = file
file = /data/logs/couchdb/couch.log

7
configs/docker/daemon.json Normal file
View File

@ -0,0 +1,7 @@
{
"ip": "127.0.0.1",
"iptables": true,
"log-level": "error" ,
"pidfile": "/tmp/docker.pid",
"insecure-registries": ["localhost:5000"]
}

144
configs/docker/registry.yaml Normal file
View File

@ -0,0 +1,144 @@
#https://docs.docker.com/registry/configuration/
version: 0.1
log:
formatter: text
fields:
service: registry
################
storage:
delete:
enabled: true
cache:
blobdescriptor: inmemory
filesystem:
rootdirectory: /data/registry
################
http:
addr: :5000
#prefix: /my/nested/registry/
#host: https://myregistryaddress.org:5000
#secret: asecretforlocaldevelopment
#relativeurls: false
#draintimeout: 60s
# tls:
# certificate: /certs/certs/localhost.crt
# key: /certs/private/localhost.key
# letsencrypt:
# cachefile: /config/certs/cache
# email: emailused@letsencrypt.com
# hosts: [myregistryaddress.org]
headers:
X-Content-Type-Options: [nosniff]
Access-Control-Max-Age: [1728000]
Access-Control-Allow-Origin: ['*']
#Access-Control-Allow-Credentials: [true]
#Access-Control-Allow-Headers: ['Authorization', 'Accept']
#Access-Control-Expose-Headers: ['Docker-Content-Digest']
#Access-Control-Allow-Methods: ['HEAD', 'GET', 'OPTIONS', 'DELETE']
debug:
addr: :5001
prometheus:
enabled: true
path: /metrics
http2:
disabled: false
################
auth:
none:
# silly:
# realm: silly-realm
# service: silly-service
# token:
# autoredirect: true
# realm: token-realm
# service: token-service
# issuer: registry-token-issuer
# rootcertbundle: /root/certs/bundle
# htpasswd:
# realm: basic-realm
# path: /config/auth/htpasswd
################
# middleware:
# registry:
################
# reporting:
# bugsnag:
# apikey: bugsnagapikey
# releasestage: bugsnagreleasestage
# endpoint: bugsnagendpoint
# newrelic:
# licensekey: newreliclicensekey
# name: newrelicname
# verbose: true
# notifications:
# events:
# includereferences: true
# endpoints:
# - name: alistener
# disabled: false
# url: https://my.listener.com/event
# headers: <http.Header>
# timeout: 1s
# threshold: 10
# backoff: 1s
# ignoredmediatypes:
# - application/octet-stream
# ignore:
# mediatypes:
# - application/octet-stream
# actions:
# - pull
################
redis:
addr: localhost:6379
# password: asecret
# db: 0
# dialtimeout: 10ms
# readtimeout: 10ms
# writetimeout: 10ms
# pool:
# maxidle: 16
# maxactive: 64
# idletimeout: 300s
################
health:
storagedriver:
enabled: true
interval: 10s
threshold: 3
file:
- file: /config/docker/registry.yaml
interval: 10s
# http:
# - uri: http://server.to.check/must/return/200
# headers:
# Authorization: [Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==]
# statuscode: 200
# timeout: 3s
# interval: 10s
# threshold: 3
# tcp:
# - addr: redis-server.domain.com:6379
# timeout: 3s
# interval: 10s
# threshold: 3
################
# proxy:
# remoteurl: https://registry-1.docker.io
# username: [username]
# password: [password]
################
compatibility:
schema1:
# signingkeyfile: /etc/registry/key.json
enabled: true
################
# validation:
# manifests:
# urls:
# allow:
# - ^https?://([^/]+\.)*example\.com/
# deny:
# - ^https?://www\.example\.com/

308
configs/headphones/headphones.ini Normal file
View File

@ -0,0 +1,308 @@
[General]
add_album_art = 1
advancedencoder = ""
album_art_format = folder
api_enabled = 1
api_key = ""
auto_add_artists = 1
autowant_all = 0
autowant_manually_added = 1
autowant_upcoming = 1
bitrate = 192
blackhole = 0
blackhole_dir = ""
cache_dir = /data/cache
check_github = 1
check_github_interval = 360
check_github_on_startup = 1
cleanup_files = 0
config_version = 5
correct_metadata = 0
cue_split = 1
cue_split_flac_path = ""
cue_split_shntool_path = "/usr/bin"
customauth = 0
customhost = localhost
custompass = ""
customport = REPLACE_SERVER_PORT
customsleep = 1
customuser = ""
delete_lossless_files = 1
destination_dir = ""
detect_bitrate = 0
do_not_override_git_branch = 0
download_dir = "/data/downloads"
download_scan_interval = 5
download_torrent_dir = ""
embed_album_art = 1
embed_lyrics = 1
enable_https = 0
encoder = ffmpeg
encoder_multicore = 0
encoder_multicore_count = 0
encoder_path = ""
encoderfolder = ""
encoderlossless = 1
encoderoutputformat = mp3
encoderquality = 2
encodervbrcbr = cbr
extras = ""
file_format = $Track $Artist - $Title
file_permissions = 0644
file_underscores = 0
folder_format = $Artist
folder_permissions = 0755
freeze_db = 0
git_branch = master
git_path = ""
git_user = rembo10
headphones_indexer = 0
hppass = ""
hpuser = ""
http_host = 0.0.0.0
http_port = 80
http_proxy = 0
http_root = /
http_username = ""
http_password = ""
https_cert = /config/ssl/server.crt
https_key = /config/ssl/server.key
ignore_clean_releases = 0
ignored_words = ""
include_extras = 0
interface = default
keep_nfo = 0
keep_original_folder = 0
keep_torrent_files = 0
lastfm_username = ""
launch_browser = 0
libraryscan = 1
libraryscan_interval = 300
log_dir = /data/logs/headphones
lossless_bitrate_from = 0
lossless_bitrate_to = 0
lossless_destination_dir = ""
magnet_links = 0
mb_ignore_age = 365
mirror = musicbrainz.org
move_files = 1
music_dir = "/data/music"
music_encoder = 0
numberofseeders = 10
nzb_downloader = 0
official_releases_only = 0
open_magnet_links = 0
prefer_torrents = 0
preferred_bitrate = ""
preferred_bitrate_allow_lossless = 0
preferred_bitrate_high_buffer = 0
preferred_bitrate_low_buffer = 0
preferred_quality = 320
preferred_words = ""
rename_files = 0
replace_existing_folders = 0
required_words = ""
samplingfrequency = 44100
search_interval = 1440
torrent_downloader = 0
torrent_removal_interval = 720
torrentblackhole_dir = ""
update_db_interval = 24
usenet_retention = 1500
wait_until_release_date = 0
xldprofile = ""
[Growl]
growl_enabled = 0
growl_onsnatch = 0
growl_host = ""
growl_password = ""
[Subsonic]
subsonic_host = ""
subsonic_password = ""
subsonic_enabled = 0
subsonic_username = ""
[Waffles]
waffles_passkey = ""
waffles = 0
waffles_uid = ""
waffles_ratio = ""
[Email]
email_onsnatch = 0
email_smtp_password = ""
email_tls = 0
email_smtp_port = 25
email_smtp_server = ""
email_enabled = 0
email_smtp_user = ""
email_ssl = 0
email_to = ""
email_from = ""
[Plex]
plex_token = ""
plex_client_host = ""
plex_notify = 0
plex_update = 0
plex_username = ""
plex_password = ""
plex_server_host = ""
plex_enabled = 0
[Old Piratebay]
oldpiratebay = 0
oldpiratebay_ratio = ""
oldpiratebay_url = ""
[Pushover]
pushover_apitoken = ""
pushover_onsnatch = 0
pushover_enabled = 0
pushover_keys = ""
pushover_priority = 0
[NZBget]
nzbget_priority = 0
nzbget_password = ""
nzbget_host = ""
nzbget_category = ""
nzbget_username = nzbget
[NZBsorg]
nzbsorg_hash = ""
nzbsorg = 0
nzbsorg_uid = ""
[NMA]
nma_priority = 0
nma_onsnatch = 0
nma_apikey = ""
nma_enabled = 0
[Advanced]
verify_ssl_cert = 1
ignored_files = ,
journal_mode = wal
album_completion_pct = 80
ignored_folders = ,
cache_sizemb = 32
[Newznab]
newznab = 0
newznab_apikey = ""
newznab_enabled = 1
extra_newznabs = ,
newznab_host = ""
[Prowl]
prowl_onsnatch = 0
prowl_enabled = 0
prowl_priority = 0
prowl_keys = ""
[Twitter]
twitter_prefix = Headphones
twitter_enabled = 0
twitter_username = ""
twitter_password = ""
twitter_onsnatch = 0
[SABnzbd]
sab_category = ""
sab_password = ""
sab_host = ""
sab_username = ""
sab_apikey = ""
[Songkick]
songkick_apikey = nd1We7dFW2RqxPw8
songkick_location = ""
songkick_enabled = 1
songkick_filter_enabled = 0
[uTorrent]
utorrent_password = ""
utorrent_host = ""
utorrent_username = ""
utorrent_label = ""
[LMS]
lms_enabled = 0
lms_host = ""
[PushBullet]
pushbullet_deviceid = ""
pushbullet_apikey = ""
pushbullet_enabled = 0
pushbullet_onsnatch = 0
[Pushalot]
pushalot_enabled = 0
pushalot_onsnatch = 0
pushalot_apikey = ""
[Kat]
kat_ratio = ""
kat = 0
kat_proxy_url = ""
[Piratebay]
piratebay_ratio = ""
piratebay = 0
piratebay_proxy_url = ""
[MPC]
mpc_enabled = 0
[XBMC]
xbmc_username = ""
xbmc_host = ""
xbmc_enabled = 0
xbmc_update = 0
xbmc_password = ""
xbmc_notify = 0
[Beets]
idtag = 1
[Rutracker]
rutracker_user = ""
rutracker_ratio = ""
rutracker = 0
rutracker_password = ""
[Boxcar]
boxcar_onsnatch = 0
boxcar_enabled = 0
boxcar_token = ""
[Transmission]
transmission_password = ""
transmission_username = ""
transmission_host = ""
[Mininova]
mininova = 0
mininova_ratio = ""
[OSX_Notify]
osx_notify_enabled = 0
osx_notify_app = /Applications/Headphones
osx_notify_onsnatch = 0
[What.cd]
whatcd_password = ""
whatcd_username = ""
whatcd = 0
whatcd_ratio = ""
[Synoindex]
synoindex_enabled = 0
[omgwtfnzbs]
omgwtfnzbs = 0
omgwtfnzbs_uid = ""
omgwtfnzbs_apikey = ""

17
configs/homepage/bookmarks.yaml Normal file
View File

@ -0,0 +1,17 @@
# For configuration options and examples, please see:
# https://gethomepage.dev/en/configs/bookmarks/
---
- Developer:
- Github:
- abbr: GH
href: https://github.com/
- Social:
- Reddit:
- abbr: RE
href: https://reddit.com/
- Entertainment:
- YouTube:
- abbr: YT
href: https://youtube.com/

5
configs/homepage/docker.yaml Normal file
View File

@ -0,0 +1,5 @@
# For configuration options and examples, please see:
# https://gethomepage.dev/en/configs/docker/
---
local:
socket: /var/run/docker.sock

3
configs/homepage/services.yaml Normal file
View File

@ -0,0 +1,3 @@
# For configuration options and examples, please see:
# https://gethomepage.dev/en/configs/services/
---

18
configs/homepage/settings.yaml Normal file
View File

@ -0,0 +1,18 @@
# For configuration options and examples, please see:
# https://gethomepage.dev/en/configs/settings
---
title: StartPage
theme: dark
color: purple
target: _blank
language: en
headerStyle: boxed
layout:
Media:
style: row
columns: 4
providers:
openweathermap: openweathermapapikey
weatherapi: weatherapiapikey

19
configs/homepage/widgets.yaml Normal file
View File

@ -0,0 +1,19 @@
# For configuration options and examples, please see:
# https://gethomepage.dev/en/configs/widgets/
---
- resources:
cpu: true
memory: true
disk: /
- search:
focus: true
target: _blank
provider: duckduckgo
url: https://search.casjay.net/?q=
- datetime:
format:
dateStyle: short
timeStyle: short
hour12: false

40
configs/homey/homey.yml Normal file
View File

@ -0,0 +1,40 @@
# Refer to README.md for configuration instructions
title: homey # dashboard title
minimal_mode: false # disable functionality; conserve resources
show_house: true # disable 3D house in header
compact_services: false # reduce service padding
enable_service_status: true # toggle up/down indicators for services
enable_notifications: true # toggle in-page notifications for selected events
audio_notifications: false # toggle notification audio
bookmarks_in_header: false # fill empty space in header with bookmarks
docker_api_backend: docker # valid options: docker, portainer
services:
- name: Portainer
icon: portainer.png
subtitle: Docker container management
url: https://192.168.1.XXX:9443
- name: Flood
icon: flood.png
subtitle: Web UI for rTorrent
url: http://192.168.1.XXX:<port>
- name: Router
icon: router.png
url: http://192.168.1.1
cards:
- name: Torrents
enable: false
- name: Weather
enable: true
- name: System
enable: false
- name: Bookmarks
enable: true
bookmarks:
- name: GitHub
url: https://github.com
- name: YTMND
url: https://ytmnd.com/
hover: lol internet

60
configs/lighttpd/lighttpd.conf Normal file
View File

@ -0,0 +1,60 @@
###############################################################################
# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/files/conf/lighttpd.conf,v 1.3 2005/09/01 14:22:35 ka0ttic Exp $
###############################################################################
var.basedir = "/var/www/localhost"
var.statedir = "/var/lib/lighttpd"
var.logdir = "/data/logs/lighttpd"
server.modules = (
"mod_auth",
"mod_rewrite",
"mod_redirect",
"mod_alias",
"mod_access",
"mod_status",
"mod_setenv",
"mod_proxy",
"mod_simple_vhost",
"mod_evhost",
"mod_userdir",
"mod_deflate",
"mod_ssi",
"mod_usertrack",
"mod_expire",
"mod_secdownload",
"mod_rrdtool",
"mod_webdav",
"mod_accesslog",
"mod_cgi",
"mod_fastcgi"
)
server.username = "lighttpd"
server.groupname = "lighttpd"
server.port = REPLACE_SERVER_PORT
server.document-root = "/data/htdocs/www"
server.tag = "lighttpd"
server.follow-symlink = "enable"
server.errorfile-prefix = var.basedir + "/error/status-"
server.indexfiles = ("index.php", "index.html","index.htm", "default.htm", "index.lighttpd.html","index.txt","index.json")
server.pid-file = "/tmp/lighttpd.pid"
server.errorlog = "/data/logs/lighttpd/lighttpd.log"
accesslog.filename = "/data/logs/lighttpd/access_log"
static-file.exclude-extensions = (".php", ".pl", ".cgi", ".fcgi")
include "mime-types.conf"
include "mod_cgi.conf"
include "mod_fastcgi_fpm.conf"
url.access-deny = ("~", ".inc")
ssi.extension = (".shtml")
status.status-url = "/server-status"
status.config-url = "/server-config"
# vim: set ft=conf foldmethod=marker et :

23
configs/lighttpd/mod_cgi.conf Normal file
View File

@ -0,0 +1,23 @@
###############################################################################
# mod_cgi.conf
# include'd by lighttpd.conf.
# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/files/conf/mod_cgi.conf,v 1.1 2005/08/27 12:36:13 ka0ttic Exp $
###############################################################################
# NOTE: this requires mod_alias
alias.url = (
"/cgi-bin/" => "/data/htdocs/cgi-bin"
)
cgi.assign = (
".pl" => "/usr/bin/perl",
".cgi" => "/usr/bin/perl",
".rb" => "/usr/bin/ruby",
".py" => "/usr/bin/python",
".php" => "/usr/bin/php-cgi"
)
$HTTP["url"] =~ "^/cgi-bin/" {
dir-listing.activate = "disable"
}
# vim: set ft=conf foldmethod=marker et :

23
configs/lighttpd/mod_fastcgi_fpm.conf Normal file
View File

@ -0,0 +1,23 @@
###############################################################################
# mod_fastcgi_fpm.conf
# include'd by lighttpd.conf.
###############################################################################
fastcgi.server = (
".php" =>
(( "host" => "127.0.0.1",
"port" => 9000,
"bin-path" => "/usr/bin/php"
))
)
fastcgi.map-extensions = (
".php3" => ".php",
".php4" => ".php",
".php5" => ".php",
".php7" => ".php",
".php8" => ".php",
".phps" => ".php",
".phtml" => ".php"
)
# vim: set ft=conf foldmethod=marker et :

24
configs/mongodb/mongod.conf Normal file
View File

@ -0,0 +1,24 @@
# mongod.conf
# where to write logging data.
systemLog:
destination: file
logAppend: true
path: /dev/stdout
# Where and how to store data.
storage:
dbPath: /data/db/mongo
journal:
enabled: true
# engine:
# wiredTiger:
# how the process runs
processManagement:
timeZoneInfo: /usr/share/zoneinfo
# network interfaces
net:
port: 27017
bindIp: 0.0.0.0

38
configs/mysql/my.cnf Normal file
View File

@ -0,0 +1,38 @@
# Default mariadb config file
[client]
port = 3306
socket = /tmp/mysql.sock
default_character_set = utf8
[mysqld_safe]
datadir = REPLACE_DATABASE_DIR
port = 3306
socket = /tmp/mysql.sock
open_files_limit = 16384
log-error = /data/logs/mysql/mysql.err.log
[mysqld]
datadir = REPLACE_DATABASE_DIR
port = 3306
bind-address = 0.0.0.0
socket = /tmp/mysql.sock
open_files_limit = 16384
max_allowed_packet = 1024M
max_connections = 200
max_user_connections = 50
log_warnings = 2
slow_query_log = 1
general_log = 1
key_buffer_size = 8M
general_log_file = /data/logs/mysql/mysql.log
slow_query_log_file = /data/logs/mysql/mysql.err.log
log_error = /data/logs/mysql/mysql.err.log
[mysql]
no_auto_rehash
max_allowed_packet = 1024M
prompt = '\u@\h [\d]> '
[mysqldump]
max_allowed_packet = 1024M

8
configs/named/certbot-update.conf Normal file
View File

@ -0,0 +1,8 @@
#Certbot DNS
dns_rfc2136_server = 127.0.0.1
# TSIG key name
dns_rfc2136_name = certbot.
# TSIG key secret
dns_rfc2136_secret = REPLACE_KEY_CERTBOT
# TSIG key algorithm
dns_rfc2136_algorithm = HMAC-SHA256

77
configs/named/named.conf Normal file
View File

@ -0,0 +1,77 @@
# default options - https://bind9.readthedocs.io/en/latest/chapter3.html
options {
version "9";
listen-on { any; };
listen-on-v6 { any; };
zone-statistics yes;
max-cache-size 60m;
interface-interval 60;
max-ncache-ttl 10800;
max-udp-size 4096;
forwarders { 1.1.1.1; 8.8.8.8; 8.8.4.4; };
notify yes;
allow-transfer { trusted; };
transfer-format many-answers;
allow-query { any; };
allow-recursion { any; };
allow-query-cache { any; };
auth-nxdomain no;
dnssec-validation auto;
directory "/var/bind";
managed-keys-directory "/etc/bind/keys";
pid-file "/run/named/named.pid";
dump-file "/data/logs/named/dump.db";
statistics-file "/data/logs/named/named.stats";
memstatistics-file "/data/logs/named/mem.stats";
};
#####################################################################
# access settings
acl "all" { 0.0.0.0/0; ::/0; };
acl "trusted" { 10.0.0.0/8; 127.0.0.0/8; 172.16.0.0/12; 192.168.0.0/16; };
#####################################################################
# named logging options
logging {
channel xfer-in { stderr; severity info; print-category yes; print-severity yes; print-time yes; };
channel xfer-out { stderr; severity info; print-category yes; print-severity yes; print-time yes; };
channel update { stderr; severity info; print-category yes; print-severity yes; print-time yes; };
channel notify { stderr; severity info; print-category yes; print-severity yes; print-time yes; };
channel querylog { stderr; severity info; print-time yes; };
channel security { file "/data/logs/named/security.log"; severity dynamic; print-severity yes; print-time yes; };
channel default { file "/data/logs/named/default.log"; severity debug; print-category yes; print-severity yes; print-time yes; };
channel debug { file "/data/logs/named/debug.log"; severity debug; };
category lame-servers { default; debug; };
category dispatch { default; debug; };
category queries { querylog; debug; };
category update { default; update; debug; };
category network { default; debug; };
category unmatched { default; debug; };
category client { default; debug; };
category notify { notify; debug; };
category xfer-out { xfer-out; debug; };
category xfer-in { xfer-in; debug; };
category resolver { default; debug; };
category config { default; debug; };
category security { security; debug; };
category database { default; debug; };
category general { default; debug; };
category default { default; };
category dnssec { security; debug; };
};
#####################################################################
# rndc keys
key "certbot." { algorithm hmac-sha256; secret "REPLACE_KEY_CERTBOT"; };
key "rndc-key" { algorithm hmac-sha256; secret "REPLACE_KEY_RNDC"; };
key "dhcp-key" { algorithm hmac-sha256; secret "REPLACE_KEY_DHCP"; };
key "backup-key" { algorithm hmac-sha256; secret "REPLACE_KEY_BACKUP"; };
#####################################################################
# rndc settings
controls { inet 127.0.0.1 allow { trusted; } keys { "rndc-key"; }; };
#####################################################################
# ********** begin root info **********
zone "." {
type hint;
file "/var/bind/root.cache";
};
# ********** end root info **********
# end
#####################################################################

5
configs/named/rndc.key Normal file
View File

@ -0,0 +1,5 @@
# rndc keys
key "certbot." { algorithm hmac-sha256; secret "REPLACE_KEY_CERTBOT"; };
key "rndc-key" { algorithm hmac-sha256; secret "REPLACE_KEY_RNDC"; };
key "dhcp-key" { algorithm hmac-sha256; secret "REPLACE_KEY_DHCP"; };
key "backup-key" { algorithm hmac-sha256; secret "REPLACE_KEY_BACKUP"; };

99
configs/nginx/mime.types Normal file
View File

@ -0,0 +1,99 @@
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/avif avif;
image/png png;
image/svg+xml svg svgz;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/webp webp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
font/woff woff;
font/woff2 woff2;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.oasis.opendocument.graphics odg;
application/vnd.oasis.opendocument.presentation odp;
application/vnd.oasis.opendocument.spreadsheet ods;
application/vnd.oasis.opendocument.text odt;
application/vnd.openxmlformats-officedocument.presentationml.presentation
pptx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
xlsx;
application/vnd.openxmlformats-officedocument.wordprocessingml.document
docx;
application/vnd.wap.wmlc wmlc;
application/wasm wasm;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}

68
configs/nginx/nginx.conf Normal file
View File

@ -0,0 +1,68 @@
# Default nginx configuration
user root;
worker_processes auto;
daemon off;
error_log /data/logs/nginx/nginx.log warn;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type "text/html";
access_log /data/logs/nginx/access.default.log;
sendfile on;
keepalive_timeout 65;
gzip on;
map $http_upgrade $connection_upgrade { default upgrade; '' close; }
disable_symlinks off;
server {
listen REPLACE_SERVER_PORT default_server;
server_name REPLACE_SERVER_NAME;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location /health {
default_type text/html;
allow all;
access_log off;
return 200 'OK';
}
location /health/json {
default_type application/json;
allow all;
access_log off;
return 200 '{"status":"OK"}';
}
location /health/status {
stub_status;
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_param HTTP_PROXY "";
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
include /etc/nginx/vhosts.d/*.conf;
}

13
configs/nginx/vhosts.d/default.conf Normal file
View File

@ -0,0 +1,13 @@
server {
listen REPLACE_SERVER_PORT;
server_name REPLACE_SERVER_NAME;
root REPLACE_SERVER_DIR;
index index.php index.cgi index.pl index.aspx awstats.pl index.txt index.json index.html index.unknown.php index.default.php;
proxy_intercept_errors off;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-src 'self' *; object-src 'self'" always;
}

18
configs/nginx/vhosts.d/default.ssl.conf Normal file
View File

@ -0,0 +1,18 @@
server {
listen REPLACE_SERVER_PORT ssl http2 default_server;
server_name REPLACE_SERVER_NAME;
root REPLACE_SERVER_DIR;
index index.php index.cgi index.pl index.aspx awstats.pl index.txt index.json index.html index.unknown.php index.default.php;
proxy_intercept_errors off;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-src 'self' *; object-src 'self'" always;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
ssl_certificate /etc/ssl/localhost.crt;
ssl_certificate_key /etc/ssl/localhost.key;
}

7
configs/php/php-fpm.conf Normal file
View File

@ -0,0 +1,7 @@
;;;;;;;;;;;;;;;;;;;;;
pid = /run/php-fpm.pid
error_log = /data/logs/php/error_log
daemonize = no
include=/etc/php/php-fpm.d/*.conf

27
configs/php/php-fpm.d/www.conf Normal file
View File

@ -0,0 +1,27 @@
[www]
user = root
group = root
listen = 9000
listen.backlog = 65535
listen.allowed_clients = 127.0.0.1
pm = ondemand
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.status_path = /status
ping.path = /ping
ping.response = pong
access.log = /data/logs/php/access_log
access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
slowlog = /data/logs/php/error_log
clear_env = no
env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
php_flag[display_errors] = on
php_admin_value[error_log] = /data/logs/php/error_log
php_admin_flag[log_errors] = on
php_admin_value[memory_limit] = 512M

347
configs/php/php.ini Normal file
View File

@ -0,0 +1,347 @@
[PHP]
user_ini.filename = "php.ini"
user_ini.filename = ".user.ini"
user_ini.cache_ttl = 300
engine = On
short_open_tag = Off
asp_tags = Off
precision = 14
output_buffering = 4096
;output_handler =
zlib.output_compression = Off
;zlib.output_compression_level = -1
;zlib.output_handler =
implicit_flush = Off
unserialize_callback_func =
serialize_precision = 17
;open_basedir =
disable_functions =
disable_classes =
ignore_user_abort = On
realpath_cache_size = 16k
realpath_cache_ttl = 120
zend.enable_gc = On
zend.multibyte = Off
zend.script_encoding =
expose_php = Off
max_execution_time = 3600
max_input_time = 3600
;max_input_nesting_level = 64
; max_input_vars = 1000
memory_limit = 512M
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
display_errors = On
display_startup_errors = Off
log_errors = On
log_errors_max_len = 1024
ignore_repeated_errors = Off
ignore_repeated_source = Off
report_memleaks = On
;report_zend_debug = 0
track_errors = Off
;xmlrpc_errors = 0
;xmlrpc_error_number = 0
html_errors = On
;docref_root = "/phpmanual/"
;docref_ext = .html
error_prepend_string = "<span style='color: #ff0000'>"
error_append_string = "</span>"
error_log = /data/logs/php/php.log
;arg_separator.input = ";&"
variables_order = "GPCS"
request_order = "GP"
register_argc_argv = Off
auto_globals_jit = On
;enable_post_data_reading = Off
post_max_size = 1G
auto_prepend_file =
auto_append_file =
default_mimetype = "text/html"
default_charset = "UTF-8"
;internal_encoding =
;input_encoding =
;output_encoding =
always_populate_raw_post_data = -1
doc_root =
user_dir =
enable_dl = Off
cgi.force_redirect = 1
;cgi.nph = 1
cgi.redirect_status_env =
cgi.fix_pathinfo = 1
fastcgi.impersonate = 1
fastcgi.logging = 1
;cgi.rfc2616_headers = 0
file_uploads = On
upload_tmp_dir = /var/tmp
upload_max_filesize =1G
max_file_uploads = 20
allow_url_fopen = On
allow_url_include = On
;from="john@doe.com"
;user_agent="PHP"
default_socket_timeout = 60
;auto_detect_line_endings = Off
[CLI Server]
cli_server.color = On
[Date]
date.timezone = America/New_York
;date.default_latitude = 31.7667
;date.default_longitude = 35.2333
[filter]
;filter.default = unsafe_raw
;filter.default_flags =
[iconv]
;iconv.input_encoding =
;iconv.internal_encoding =
;iconv.output_encoding =
[intl]
;intl.default_locale =
;intl.error_level = E_WARNING
[sqlite]
;sqlite.assoc_case = 0
[sqlite3]
;sqlite3.extension_dir =
[Pcre]
;pcre.backtrack_limit=100000
;pcre.recursion_limit=100000
[Pdo]
;pdo_odbc.connection_pooling=strict
;pdo_odbc.db2_instance_name
[Pdo_mysql]
pdo_mysql.cache_size = 2000
pdo_mysql.default_socket=
[Phar]
;phar.readonly = On
;phar.require_hash = On
;phar.cache_list =
[mail function]
sendmail_path = -S localhost -t -i
;sendmail_path = /usr/sbin/sendmail -t -i
;mail.force_extra_parameters =
mail.add_x_header = On
;mail.log = syslog
[SQL]
sql.safe_mode = Off
[ODBC]
;odbc.default_db = Not yet implemented
;odbc.default_user = Not yet implemented
;odbc.default_pw = Not yet implemented
;odbc.default_cursortype
odbc.allow_persistent = On
odbc.check_persistent = On
odbc.max_persistent = -1
odbc.max_links = -1
odbc.defaultlrl = 4096
odbc.defaultbinmode = 1
;birdstep.max_links = -1
[Interbase]
ibase.allow_persistent = 1
ibase.max_persistent = -1
ibase.max_links = -1
;ibase.default_db =
;ibase.default_user =
;ibase.default_password =
;ibase.default_charset =
ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
ibase.dateformat = "%Y-%m-%d"
ibase.timeformat = "%H:%M:%S"
[MySQL]
mysql.allow_local_infile = On
mysql.allow_persistent = On
mysql.cache_size = 2000
mysql.max_persistent = -1
mysql.max_links = -1
mysql.default_port =
mysql.default_socket =
mysql.default_host =
mysql.default_user =
mysql.default_password =
mysql.connect_timeout = 60
mysql.trace_mode = Off
[MySQLi]
mysqli.max_persistent = -1
mysqli.allow_local_infile = On
mysqli.allow_persistent = On
mysqli.max_links = -1
mysqli.cache_size = 2000
mysqli.default_port = 3306
mysqli.default_socket =
mysqli.default_host =
mysqli.default_user =
mysqli.default_pw =
mysqli.reconnect = Off
[mysqlnd]
mysqlnd.collect_statistics = On
mysqlnd.collect_memory_statistics = Off
;mysqlnd.net_cmd_buffer_size = 2048
;mysqlnd.net_read_buffer_size = 32768
[OCI8]
;oci8.privileged_connect = Off
;oci8.max_persistent = -1
;oci8.persistent_timeout = -1
;oci8.ping_interval = 60
;oci8.connection_class =
;oci8.events = Off
;oci8.statement_cache_size = 20
;oci8.default_prefetch = 100
;oci8.old_oci_close_semantics = Off
[PostgreSQL]
pgsql.allow_persistent = On
pgsql.auto_reset_persistent = Off
pgsql.max_persistent = -1
pgsql.max_links = -1
pgsql.ignore_notice = 0
pgsql.log_notice = 0
[Sybase-CT]
sybct.allow_persistent = On
sybct.max_persistent = -1
sybct.max_links = -1
sybct.min_server_severity = 10
sybct.min_client_severity = 10
;sybct.timeout=
;sybct.packet_size
;sybct.login_timeout=
;sybct.hostname=
;sybct.deadlock_retry_count=
[bcmath]
bcmath.scale = 0
[browscap]
;browscap = extra/browscap.ini
[Session]
session.save_handler = files
session.save_path = "/tmp"
session.use_strict_mode = 0
session.use_cookies = 1
;session.cookie_secure =
session.use_only_cookies = 1
session.name = PHPSESSID
session.auto_start = 0
session.cookie_lifetime = 525600
session.cookie_path = /
session.cookie_domain =
session.cookie_httponly =
session.serialize_handler = php
session.gc_probability = 1
session.gc_divisor = 1000
session.gc_maxlifetime = 525600
session.referer_check =
;session.entropy_length = 32
;session.entropy_file = /dev/urandom
session.cache_limiter = nocache
session.cache_expire = 180
session.use_trans_sid = 0
session.hash_function = 0
session.hash_bits_per_character = 5
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
session.upload_progress.enabled = On
session.upload_progress.cleanup = On
session.upload_progress.prefix = "upload_progress_"
session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS"
session.upload_progress.freq = "1%"
session.upload_progress.min_freq = "1"
[MSSQL]
mssql.allow_persistent = On
mssql.max_persistent = -1
mssql.max_links = -1
mssql.min_error_severity = 10
mssql.min_message_severity = 10
mssql.compatibility_mode = Off
;mssql.connect_timeout = 5
;mssql.timeout = 60
;mssql.textlimit = 4096
;mssql.textsize = 4096
;mssql.batchsize = 0
;mssql.datetimeconvert = On
mssql.secure_connection = Off
;mssql.max_procs = -1
;mssql.charset = "ISO-8859-1"
[Assertion]
;assert.active = On
;assert.warning = On
;assert.bail = Off
;assert.callback = 0
;assert.quiet_eval = 0
[mbstring]
;mbstring.language = Japanese
;mbstring.internal_encoding =
;mbstring.http_input =
;mbstring.http_output =
;mbstring.encoding_translation = Off
;mbstring.detect_order = auto
;mbstring.substitute_character = none
;mbstring.func_overload = 0
;mbstring.strict_detection = On
;mbstring.http_output_conv_mimetype=
[gd]
;gd.jpeg_ignore_warning = 0
[exif]
;exif.encode_unicode = ISO-8859-15
;exif.decode_unicode_motorola = UCS-2BE
;exif.decode_unicode_intel = UCS-2LE
;exif.encode_jis =
;exif.decode_jis_motorola = JIS
;exif.decode_jis_intel = JIS
[Tidy]
;tidy.default_config = /usr/local/lib/php/default.tcfg
tidy.clean_output = Off
[soap]
soap.wsdl_cache_enabled=1
soap.wsdl_cache_dir="/tmp"
soap.wsdl_cache_ttl=86400
soap.wsdl_cache_limit = 5
[sysvshm]
;sysvshm.init_mem = 10000
[ldap]
ldap.max_links = -1
[mcrypt]
;mcrypt.algorithms_dir=
;mcrypt.modes_dir=
[dba]
;dba.default_handler=
[curl]
;curl.cainfo =
[openssl]
;openssl.cafile=
;openssl.capath=
; Local Variables:
; tab-width: 4
; End:

7
configs/redis/redis.conf Normal file
View File

@ -0,0 +1,7 @@
# Redis conf file
port 6379
unixsocket /run/redis.sock
unixsocketperm 770
daemonize no
pidfile /tmp/redis.pid
dir /data/redis

2
configs/ssmtp/revaliases Normal file
View File

@ -0,0 +1,2 @@
# sSMTP aliases
#root:your_login@your.domain:mailhub.your.domain[:port]

5
configs/ssmtp/ssmtp.conf Normal file
View File

@ -0,0 +1,5 @@
# sSMTP sendmail
root=postmaster
mailhub=172.17.0.1
rewriteDomain=localhost
hostname="localhost"

162
db/couchdb.sh Normal file
View File

@ -0,0 +1,162 @@
#!/usr/bin/env sh
export PATH="/opt/couchdb/bin:$PATH"
RUN_AS="${SERVICE_USER:-couchdb}"
COUCHDB_USER="${DATABASE_USER_ROOT:-root}"
COUCHDB_PASSWORD=${DATABASE_PASS_ROOT:-couchdb_password}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__exec_command() {
exitCode=0
cmd="${*:-bash -l}"
echo "${exec_message:-Executing command: $cmd}"
$cmd || exitCode=1
[ "$exitCode" = 0 ] || exitCode=10
return ${exitCode:-$?}
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__curl() { curl -q -LSsf --user $COUCHDB_USER:$COUCHDB_PASSWORD "$@" || return 1; }
__curl_database() { curl -q -LSsf -X PUT "http://$COUCHDB_USER:$COUCHDB_PASSWORD@127.0.0.1:5984/$1" || return 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__curl_users() {
__curl -X PUT "http://localhost:5984/_users/org.couchdb.user:$1" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-d '{"name": "'$1'", "password": "'$2'", "roles": ['$4'], "type": "'${3:-user}'"}'
return $?
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[ -z "$DATA_DIR_INITIALIZED" ] && [ -f "/data/.docker_has_run" ] && DATA_DIR_INITIALIZED="true" || DATA_DIR_INITIALIZED="false"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Create user if needed
if ! grep -q "$RUN_AS" /etc/passwd; then
groupadd -g 5984 -r $RUN_AS && useradd -u 5984 -d /opt/$RUN_AS -g $RUN_AS $RUN_AS
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[ -d "/data/couchdb" ] || mv -f "/opt/couchdb/data" "/data/couchdb"
[ -d "/opt/couchdb/data" ] && rm -Rf "/opt/couchdb/data"
ln -sf "/data/couchdb" "/opt/couchdb/data" 2>/dev/null
touch "/opt/couchdb/etc/local.d/docker.ini" 2>/dev/null
chown -Rf $RUN_AS:$RUN_AS "/data/couchdb" "/opt/couchdb" 2>/dev/null
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
case "$1" in
db)
shift 1
case "$1" in
create)
shift 1
__curl_database "$1"
exit $?
;;
update)
shift 1
__curl_database "$1"
exit $?
;;
*)
echo "Usage: db [create,update] name"
exit 1
;;
esac
;;
user)
shift 1
case "$1" in
create)
shift 1
__curl_users "$1" "${2:-password}"
exit $?
;;
update)
shift 1
__curl_users "$1" "${2:-password}"
exit $?
;;
*)
echo "Usage: user [create,update] username password type roles"
;;
esac
;;
init)
shift 1
if [ "$DATA_DIR_INITIALIZED" = "false" ]; then
{
sleep 60
echo "Creating the default databases"
__curl -X PUT "http://127.0.0.1:5984/_users" 2>/dev/null >/dev/null &&
echo "Created database _users"
__curl -X PUT "http://127.0.0.1:5984/_replicator" 2>/dev/null >/dev/null &&
echo "Created database _replicator"
__curl -X PUT "http://127.0.0.1:5984/_global_changes" 2>/dev/null >/dev/null &&
echo "Created database _global_changes"
echo ""
} >"/dev/stdout" &
fi
exit $?
;;
*)
if [ "$(id -u)" = '0' ]; then
find /opt/couchdb \! \( -user $RUN_AS -group $RUN_AS \) -exec chown -f $RUN_AS:$RUN_AS '{}' +
find /opt/couchdb/data -type d ! -perm 0755 -exec chmod -f 0755 '{}' +
find /opt/couchdb/data -type f ! -perm 0644 -exec chmod -f 0644 '{}' +
find /opt/couchdb/etc -type d ! -perm 0755 -exec chmod -f 0755 '{}' +
find /opt/couchdb/etc -type f ! -perm 0644 -exec chmod -f 0644 '{}' +
fi
if [ -n "$NODENAME" ] && ! grep "couchdb@" /opt/couchdb/etc/vm.args; then
echo "-name couchdb@$NODENAME" >>/opt/couchdb/etc/vm.args
fi
if [ -n "$RUN_AS" ]; then
if ! grep -sPzoqr "\[admins\]\n$RUN_AS =" /opt/couchdb/etc/local.d/*.ini /opt/couchdb/etc/local.ini; then
printf "\n[admins]\n%s = %s\n" "$RUN_AS" "$RUN_AS" >>/opt/couchdb/etc/local.d/docker.ini
fi
fi
if [ -n "$COUCHDB_SECRET" ]; then
if ! grep -sPzoqr "\[chttpd_auth\]\nsecret =" /opt/couchdb/etc/local.d/*.ini /opt/couchdb/etc/local.ini; then
printf "\n[chttpd_auth]\nsecret = %s\n" "$COUCHDB_SECRET" >>/opt/couchdb/etc/local.d/docker.ini
fi
fi
if [ -n "$COUCHDB_ERLANG_COOKIE" ]; then
cookieFile='/opt/couchdb/.erlang.cookie'
if [ -e "$cookieFile" ]; then
if [ "$(cat "$cookieFile" 2>/dev/null)" != "$COUCHDB_ERLANG_COOKIE" ]; then
echo >&2
echo >&2 "warning: $cookieFile contents do not match COUCHDB_ERLANG_COOKIE"
echo >&2
fi
else
echo "$COUCHDB_ERLANG_COOKIE" >"$cookieFile"
fi
chown $RUN_AS:$RUN_AS "$cookieFile"
chmod 600 "$cookieFile"
fi
if [ "$(id -u)" = '0' ]; then
chown -f $RUN_AS:$RUN_AS /opt/couchdb/etc/local.d/docker.ini || true
fi
if ! grep -Pzoqr '\[admins\]\n[^;]\w+' /opt/couchdb/etc/default.d/*.ini /opt/couchdb/etc/local.d/*.ini /opt/couchdb/etc/local.ini; then
cat >&2 <<-'EOWARN'
*************************************************************
ERROR: CouchDB 3.0+ will no longer run in "Admin Party"
mode. You *MUST* specify an admin user and
password, either via your own .ini file mapped
into the container at /opt/couchdb/etc/local.ini
or inside /opt/couchdb/etc/local.d, or with
"-e COUCHDB_USER=admin -e COUCHDB_PASSWORD=password"
to set it via "docker run".
*************************************************************
EOWARN
exit 1
fi
if [ "$(id -u)" = '0' ]; then
__exec_command gosu $RUN_AS /opt/couchdb/bin/couchdb
fi
echo "This script should be called by root user"
;;
esac

570
db/mariadb.sh Normal file
View File

@ -0,0 +1,570 @@
#!/usr/bin/env bash
set -eo pipefail
shopt -s nullglob
MARIADB_ROOT_HOST="%"
MARIADB_AUTO_UPGRADE="yes"
MARIADB_DATABASE="$DATABASE_CREATE"
MARIADB_USER="$DATABASE_USER_NORMAL"
MARIADB_PASSWORD="$DATABASE_PASS_NORMAL"
MARIADB_ROOT_PASSWORD="$DATABASE_PASS_ROOT"
MARIADB_ALLOW_EMPTY_ROOT_PASSWORD=""
MARIADB_INITDB_SKIP_TZINFO=""
MARIADB_RANDOM_ROOT_PASSWORD=""
# logging functions
mysql_log() {
local type="$1"
shift
printf '%s [%s] [Entrypoint]: %s\n' "$(date --rfc-3339=seconds)" "$type" "$*"
}
mysql_note() {
mysql_log Note "$@"
}
mysql_warn() {
mysql_log Warn "$@" >&2
}
mysql_error() {
mysql_log ERROR "$@" >&2
exit 1
}
# usage: file_env VAR [DEFAULT]
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
file_env() {
local var="$1"
local fileVar="${var}_FILE"
local def="${2:-}"
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
mysql_error "Both $var and $fileVar are set (but are exclusive)"
fi
local val="$def"
if [ "${!var:-}" ]; then
val="${!var}"
elif [ "${!fileVar:-}" ]; then
val="$(<"${!fileVar}")"
fi
export "$var"="$val"
unset "$fileVar"
}
# set MARIADB_xyz from MYSQL_xyz when MARIADB_xyz is unset
# and make them the same value (so user scripts can use either)
_mariadb_file_env() {
local var="$1"
shift
local maria="MARIADB_${var#MYSQL_}"
file_env "$var" "$@"
file_env "$maria" "${!var}"
if [ "${!maria:-}" ]; then
export "$var"="${!maria}"
fi
}
# check to see if this file is being run or sourced from another script
_is_sourced() {
# https://unix.stackexchange.com/a/215279
[ "${#FUNCNAME[@]}" -ge 2 ] &&
[ "${FUNCNAME[0]}" = '_is_sourced' ] &&
[ "${FUNCNAME[1]}" = 'source' ]
}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
# process initializer files, based on file extensions
docker_process_init_files() {
# mysql here for backwards compatibility "${mysql[@]}"
# ShellCheck: mysql appears unused. Verify use (or export if used externally)
# shellcheck disable=SC2034
mysql=(docker_process_sql)
echo
local f
for f; do
case "$f" in
*.sh)
# https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
# https://github.com/docker-library/postgres/pull/452
if [ -x "$f" ]; then
mysql_note "$0: running $f"
"$f"
else
mysql_note "$0: sourcing $f"
# ShellCheck can't follow non-constant source. Use a directive to specify location.
# shellcheck disable=SC1090
. "$f"
fi
;;
*.sql)
mysql_note "$0: running $f"
docker_process_sql <"$f"
echo
;;
*.sql.gz)
mysql_note "$0: running $f"
gunzip -c "$f" | docker_process_sql
echo
;;
*.sql.xz)
mysql_note "$0: running $f"
xzcat "$f" | docker_process_sql
echo
;;
*.sql.zst)
mysql_note "$0: running $f"
zstd -dc "$f" | docker_process_sql
echo
;;
*) mysql_warn "$0: ignoring $f" ;;
esac
echo
done
}
# arguments necessary to run "mariadbd --verbose --help" successfully (used for testing configuration validity and for extracting default/configured values)
_verboseHelpArgs=(
--verbose --help
)
mysql_check_config() {
local toRun=("$@" "${_verboseHelpArgs[@]}") errors
if ! errors="$("${toRun[@]}" 2>&1 >/dev/null)"; then
mysql_error $'mariadbd failed while attempting to check config\n\tcommand was: '"${toRun[*]}"$'\n\t'"$errors"
fi
}
# Fetch value from server config
# We use mariadbd --verbose --help instead of my_print_defaults because the
# latter only show values present in config files, and not server defaults
mysql_get_config() {
local conf="$1"
shift
"$@" "${_verboseHelpArgs[@]}" 2>/dev/null |
awk -v conf="$conf" '$1 == conf && /^[^ \t]/ { sub(/^[^ \t]+[ \t]+/, ""); print; exit }'
# match "datadir /some/path with/spaces in/it here" but not "--xyz=abc\n datadir (xyz)"
}
# Do a temporary startup of the MariaDB server, for init purposes
docker_temp_server_start() {
"$@" --skip-networking --default-time-zone=SYSTEM --socket="${SOCKET}" --wsrep_on=OFF \
--expire-logs-days=0 \
--loose-innodb_buffer_pool_load_at_startup=0 &
declare -g MARIADB_PID
MARIADB_PID=$!
mysql_note "Waiting for server startup"
# only use the root password if the database has already been initialized
# so that it won't try to fill in a password file when it hasn't been set yet
extraArgs=()
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
extraArgs+=('--dont-use-mysql-root-password')
fi
local i
for i in {30..0}; do
if docker_process_sql "${extraArgs[@]}" --database=mysql <<<'SELECT 1' &>/dev/null; then
break
fi
sleep 1
done
if [ "$i" = 0 ]; then
mysql_error "Unable to start server."
fi
}
# Stop the server. When using a local socket file mariadb-admin will block until
# the shutdown is complete.
docker_temp_server_stop() {
kill "$MARIADB_PID"
wait "$MARIADB_PID"
}
# Verify that the minimally required password settings are set for new databases.
docker_verify_minimum_env() {
if [ -z "$MARIADB_ROOT_PASSWORD" ] && [ -z "$MARIADB_ROOT_PASSWORD_HASH" ] && [ -z "$MARIADB_ALLOW_EMPTY_ROOT_PASSWORD" ] && [ -z "$MARIADB_RANDOM_ROOT_PASSWORD" ]; then
mysql_error $'Database is uninitialized and password option is not specified\n\tYou need to specify one of MARIADB_ROOT_PASSWORD, MARIADB_ROOT_PASSWORD_HASH, MARIADB_ALLOW_EMPTY_ROOT_PASSWORD and MARIADB_RANDOM_ROOT_PASSWORD'
fi
# More preemptive exclusions of combinations should have been made before *PASSWORD_HASH was added, but for now we don't enforce due to compatibility.
if [ -n "$MARIADB_ROOT_PASSWORD" ] || [ -n "$MARIADB_ALLOW_EMPTY_ROOT_PASSWORD" ] || [ -n "$MARIADB_RANDOM_ROOT_PASSWORD" ] && [ -n "$MARIADB_ROOT_PASSWORD_HASH" ]; then
mysql_error "Cannot specify MARIADB_ROOT_PASSWORD_HASH and another MARIADB_ROOT_PASSWORD* option."
fi
if [ -n "$MARIADB_PASSWORD" ] && [ -n "$MARIADB_PASSWORD_HASH" ]; then
mysql_error "Cannot specify MARIADB_PASSWORD_HASH and MARIADB_PASSWORD option."
fi
}
# creates folders for the database
# also ensures permission for user mysql of run as root
docker_create_db_directories() {
local user
user="$(id -u)"
# TODO other directories that are used by default? like /var/lib/mysql-files
# see https://github.com/docker-library/mysql/issues/562
mkdir -p "$DATADIR"
if [ "$user" = "0" ]; then
# this will cause less disk access than `chown -R`
find "$DATADIR" \! -user mysql -exec chown mysql: '{}' +
# See https://github.com/MariaDB/mariadb-docker/issues/363
find "${SOCKET%/*}" -maxdepth 0 \! -user mysql -exec chown mysql: '{}' \;
fi
}
_mariadb_version() {
local mariaVersion="${MARIADB_VERSION##*:}"
mariaVersion="${mariaVersion%%[-+~]*}"
echo -n "${mariaVersion}-MariaDB"
}
# initializes the database directory
docker_init_database_dir() {
mysql_note "Initializing database files"
installArgs=(--datadir="$DATADIR" --rpm --auth-root-authentication-method=normal)
# "Other options are passed to mariadbd." (so we pass all "mysqld" arguments directly here)
mariadb-install-db "${installArgs[@]}" "${@:2}" \
--skip-test-db \
--old-mode='UTF8_IS_UTF8MB3' \
--default-time-zone=SYSTEM --enforce-storage-engine= \
--skip-log-bin \
--expire-logs-days=0 \
--loose-innodb_buffer_pool_load_at_startup=0 \
--loose-innodb_buffer_pool_dump_at_shutdown=0
mysql_note "Database files initialized"
}
# Loads various settings that are used elsewhere in the script
# This should be called after mysql_check_config, but before any other functions
docker_setup_env() {
# Get config
declare -g DATADIR SOCKET
DATADIR="$(mysql_get_config 'datadir' "$@")"
SOCKET="$(mysql_get_config 'socket' "$@")"
# Initialize values that might be stored in a file
_mariadb_file_env 'MYSQL_ROOT_HOST' '%'
_mariadb_file_env 'MYSQL_DATABASE'
_mariadb_file_env 'MYSQL_USER'
_mariadb_file_env 'MYSQL_PASSWORD'
_mariadb_file_env 'MYSQL_ROOT_PASSWORD'
# No MYSQL_ compatibility needed for new variables
file_env 'MARIADB_PASSWORD_HASH'
file_env 'MARIADB_ROOT_PASSWORD_HASH'
# set MARIADB_ from MYSQL_ when it is unset and then make them the same value
: "${MARIADB_ALLOW_EMPTY_ROOT_PASSWORD:=${MYSQL_ALLOW_EMPTY_PASSWORD:-}}"
export MYSQL_ALLOW_EMPTY_PASSWORD="$MARIADB_ALLOW_EMPTY_ROOT_PASSWORD" MARIADB_ALLOW_EMPTY_ROOT_PASSWORD
: "${MARIADB_RANDOM_ROOT_PASSWORD:=${MYSQL_RANDOM_ROOT_PASSWORD:-}}"
export MYSQL_RANDOM_ROOT_PASSWORD="$MARIADB_RANDOM_ROOT_PASSWORD" MARIADB_RANDOM_ROOT_PASSWORD
: "${MARIADB_INITDB_SKIP_TZINFO:=${MYSQL_INITDB_SKIP_TZINFO:-}}"
export MYSQL_INITDB_SKIP_TZINFO="$MARIADB_INITDB_SKIP_TZINFO" MARIADB_INITDB_SKIP_TZINFO
declare -g DATABASE_ALREADY_EXISTS
if [ -d "$DATADIR/mysql" ]; then
DATABASE_ALREADY_EXISTS='true'
fi
}
# Execute the client, use via docker_process_sql to handle root password
docker_exec_client() {
# args sent in can override this db, since they will be later in the command
if [ -n "$MYSQL_DATABASE" ]; then
set -- --database="$MYSQL_DATABASE" "$@"
fi
mariadb --protocol=socket -uroot -hlocalhost --socket="${SOCKET}" "$@"
}
# Execute sql script, passed via stdin
# usage: docker_process_sql [--dont-use-mysql-root-password] [mysql-cli-args]
# ie: docker_process_sql --database=mydb <<<'INSERT ...'
# ie: docker_process_sql --dont-use-mysql-root-password --database=mydb <my-file.sql
docker_process_sql() {
if [ '--dont-use-mysql-root-password' = "$1" ]; then
shift
MYSQL_PWD='' docker_exec_client "$@"
else
MYSQL_PWD=$MARIADB_ROOT_PASSWORD docker_exec_client "$@"
fi
}
# SQL escape the string $1 to be placed in a string literal.
# escape, \ followed by '
docker_sql_escape_string_literal() {
local newline=$'\n'
local escaped=${1//\\/\\\\}
escaped="${escaped//$newline/\\n}"
echo "${escaped//\'/\\\'}"
}
# Initializes database with timezone info and root password, plus optional extra db/user
docker_setup_db() {
# Load timezone info into database
if [ -z "$MARIADB_INITDB_SKIP_TZINFO" ]; then
# --skip-write-binlog usefully disables binary logging
# but also outputs LOCK TABLES to improve the IO of
# Aria (MDEV-23326) for 10.4+.
mariadb-tzinfo-to-sql --skip-write-binlog /usr/share/zoneinfo |
docker_process_sql --dont-use-mysql-root-password --database=mysql
# tell docker_process_sql to not use MYSQL_ROOT_PASSWORD since it is not set yet
fi
# Generate random root password
if [ -n "$MARIADB_RANDOM_ROOT_PASSWORD" ]; then
MARIADB_ROOT_PASSWORD="$(pwgen --numerals --capitalize --symbols --remove-chars="'\\" -1 32)"
export MARIADB_ROOT_PASSWORD MYSQL_ROOT_PASSWORD=$MARIADB_ROOT_PASSWORD
mysql_note "GENERATED ROOT PASSWORD: $MARIADB_ROOT_PASSWORD"
fi
# Creates root users for non-localhost hosts
local rootCreate=
local rootPasswordEscaped=
if [ -n "$MARIADB_ROOT_PASSWORD" ]; then
# Sets root password and creates root users for non-localhost hosts
rootPasswordEscaped=$(docker_sql_escape_string_literal "${MARIADB_ROOT_PASSWORD}")
fi
# default root to listen for connections from anywhere
if [ -n "$MARIADB_ROOT_HOST" ] && [ "$MARIADB_ROOT_HOST" != 'localhost' ]; then
# ref "read -d ''", no, we don't care if read finds a terminating character in this heredoc
# https://unix.stackexchange.com/questions/265149/why-is-set-o-errexit-breaking-this-read-heredoc-expression/265151#265151
if [ -n "$MARIADB_ROOT_PASSWORD_HASH" ]; then
read -r -d '' rootCreate <<-EOSQL || true
CREATE USER 'root'@'${MARIADB_ROOT_HOST}' IDENTIFIED BY PASSWORD '${MARIADB_ROOT_PASSWORD_HASH}' ;
GRANT ALL ON *.* TO 'root'@'${MARIADB_ROOT_HOST}' WITH GRANT OPTION ;
EOSQL
else
read -r -d '' rootCreate <<-EOSQL || true
CREATE USER 'root'@'${MARIADB_ROOT_HOST}' IDENTIFIED BY '${rootPasswordEscaped}' ;
GRANT ALL ON *.* TO 'root'@'${MARIADB_ROOT_HOST}' WITH GRANT OPTION ;
EOSQL
fi
fi
local mysqlAtLocalhost=
local mysqlAtLocalhostGrants=
# Install mysql@localhost user
if [ -n "$MARIADB_MYSQL_LOCALHOST_USER" ]; then
local pw=
pw="$(pwgen --numerals --capitalize --symbols --remove-chars="'\\" -1 32)"
# MDEV-24111 before MariaDB-10.4 cannot create unix_socket user directly auth with simple_password_check
# It wasn't until 10.4 that the unix_socket auth was built in to the server.
read -r -d '' mysqlAtLocalhost <<-EOSQL || true
EXECUTE IMMEDIATE IF(VERSION() RLIKE '^10\.3\.',
"INSTALL PLUGIN /*M10401 IF NOT EXISTS */ unix_socket SONAME 'auth_socket'",
"SELECT 'already there'");
CREATE USER mysql@localhost IDENTIFIED BY '$pw';
ALTER USER mysql@localhost IDENTIFIED VIA unix_socket;
EOSQL
if [ -n "$MARIADB_MYSQL_LOCALHOST_GRANTS" ]; then
if [ "$MARIADB_MYSQL_LOCALHOST_GRANTS" != USAGE ]; then
mysql_warn "Excessive privileges ON *.* TO mysql@localhost facilitates risks to the confidentiality, integrity and availability of data stored"
fi
mysqlAtLocalhostGrants="GRANT ${MARIADB_MYSQL_LOCALHOST_GRANTS} ON *.* TO mysql@localhost;"
fi
fi
local rootLocalhostPass=
if [ -z "$MARIADB_ROOT_PASSWORD_HASH" ]; then
# handle MARIADB_ROOT_PASSWORD_HASH for root@localhost after /docker-entrypoint-initdb.d
rootLocalhostPass="SET PASSWORD FOR 'root'@'localhost'= PASSWORD('${rootPasswordEscaped}');"
fi
local createDatabase=
# Creates a custom database and user if specified
if [ -n "$MARIADB_DATABASE" ]; then
mysql_note "Creating database ${MARIADB_DATABASE}"
createDatabase="CREATE DATABASE IF NOT EXISTS \`$MARIADB_DATABASE\`;"
fi
local createUser=
local userGrants=
if [ -n "$MARIADB_PASSWORD" ] || [ -n "$MARIADB_PASSWORD_HASH" ] && [ -n "$MARIADB_USER" ]; then
mysql_note "Creating user ${MARIADB_USER}"
if [ -n "$MARIADB_PASSWORD_HASH" ]; then
createUser="CREATE USER '$MARIADB_USER'@'%' IDENTIFIED BY PASSWORD '$MARIADB_PASSWORD_HASH';"
else
# SQL escape the user password, \ followed by '
local userPasswordEscaped
userPasswordEscaped=$(docker_sql_escape_string_literal "${MARIADB_PASSWORD}")
createUser="CREATE USER '$MARIADB_USER'@'%' IDENTIFIED BY '$userPasswordEscaped';"
fi
if [ -n "$MARIADB_DATABASE" ]; then
mysql_note "Giving user ${MARIADB_USER} access to schema ${MARIADB_DATABASE}"
userGrants="GRANT ALL ON \`${MARIADB_DATABASE//_/\\_}\`.* TO '$MARIADB_USER'@'%';"
fi
fi
mysql_note "Securing system users (equivalent to running mysql_secure_installation)"
# tell docker_process_sql to not use MARIADB_ROOT_PASSWORD since it is just now being set
# --binary-mode to save us from the semi-mad users go out of their way to confuse the encoding.
docker_process_sql --dont-use-mysql-root-password --database=mysql --binary-mode <<-EOSQL
-- Securing system users shouldn't be replicated
SET @orig_sql_log_bin= @@SESSION.SQL_LOG_BIN;
SET @@SESSION.SQL_LOG_BIN=0;
-- we need the SQL_MODE NO_BACKSLASH_ESCAPES mode to be clear for the password to be set
SET @@SESSION.SQL_MODE=REPLACE(@@SESSION.SQL_MODE, 'NO_BACKSLASH_ESCAPES', '');
DROP USER IF EXISTS root@'127.0.0.1', root@'::1';
EXECUTE IMMEDIATE CONCAT('DROP USER IF EXISTS root@\'', @@hostname,'\'');
${rootLocalhostPass}
${rootCreate}
${mysqlAtLocalhost}
${mysqlAtLocalhostGrants}
-- pre-10.3 only
DROP DATABASE IF EXISTS test ;
-- end of securing system users, rest of init now...
SET @@SESSION.SQL_LOG_BIN=@orig_sql_log_bin;
-- create users/databases
${createDatabase}
${createUser}
${userGrants}
EOSQL
}
# backup the mysql database
docker_mariadb_backup_system() {
if [ -n "$MARIADB_DISABLE_UPGRADE_BACKUP" ] &&
[ "$MARIADB_DISABLE_UPGRADE_BACKUP" = 1 ]; then
mysql_note "MariaDB upgrade backup disabled due to \$MARIADB_DISABLE_UPGRADE_BACKUP=1 setting"
return
fi
local backup_db="system_mysql_backup_unknown_version.sql.zst"
local oldfullversion="unknown_version"
if [ -r "$DATADIR"/mariadb_upgrade_info ]; then
read -r -d '' oldfullversion <"$DATADIR"/mariadb_upgrade_info || true
if [ -n "$oldfullversion" ]; then
backup_db="system_mysql_backup_${oldfullversion}.sql.zst"
fi
fi
mysql_note "Backing up system database to $backup_db"
if ! mariadb-dump --skip-lock-tables --replace --databases mysql --socket="${SOCKET}" | zstd >"${DATADIR}/${backup_db}"; then
mysql_error "Unable backup system database for upgrade from $oldfullversion."
fi
mysql_note "Backing up complete"
}
# perform mariadb-upgrade
# backup the mysql database if this is a major upgrade
docker_mariadb_upgrade() {
if [ -z "$MARIADB_AUTO_UPGRADE" ] ||
[ "$MARIADB_AUTO_UPGRADE" = 0 ]; then
mysql_note "MariaDB upgrade (mariadb-upgrade) required, but skipped due to \$MARIADB_AUTO_UPGRADE setting"
return
fi
mysql_note "Starting temporary server"
docker_temp_server_start "$@" --skip-grant-tables \
--loose-innodb_buffer_pool_dump_at_shutdown=0 \
--skip-slave-start
mysql_note "Temporary server started."
docker_mariadb_backup_system
mysql_note "Starting mariadb-upgrade"
mariadb-upgrade --upgrade-system-tables
mysql_note "Finished mariadb-upgrade"
mysql_note "Stopping temporary server"
docker_temp_server_stop
mysql_note "Temporary server stopped"
}
_check_if_upgrade_is_needed() {
if [ ! -f "$DATADIR"/mariadb_upgrade_info ]; then
mysql_note "MariaDB upgrade information missing, assuming required"
return 0
fi
local mariadbVersion
mariadbVersion="$(_mariadb_version)"
IFS='.-' read -ra newversion <<<"$mariadbVersion"
IFS='.-' read -ra oldversion <"$DATADIR"/mariadb_upgrade_info || true
if [[ ${#newversion[@]} -lt 2 ]] || [[ ${#oldversion[@]} -lt 2 ]] ||
[[ ${oldversion[0]} -lt ${newversion[0]} ]] ||
[[ ${oldversion[0]} -eq ${newversion[0]} && ${oldversion[1]} -lt ${newversion[1]} ]]; then
return 0
fi
mysql_note "MariaDB upgrade not required"
return 1
}
# check arguments for an option that would cause mariadbd to stop
# return true if there is one
_mysql_want_help() {
local arg
for arg; do
case "$arg" in
-'?' | --help | --print-defaults | -V | --version)
return 0
;;
esac
done
return 1
}
_main() {
# if command starts with an option, prepend mariadbd
if [ "${1:0:1}" = '-' ]; then
set -- mariadbd "$@"
fi
#ENDOFSUBSTITUTIONS
# skip setup if they aren't running mysqld or want an option that stops mysqld
if [ "$1" = 'mariadbd' ] || [ "$1" = 'mysqld' ] && ! _mysql_want_help "$@"; then
mysql_note "Entrypoint script for MariaDB Server ${MARIADB_VERSION} started."
mysql_check_config "$@"
# Load various environment variables
docker_setup_env "$@"
docker_create_db_directories
# If container is started as root user, restart as dedicated mysql user
if [ "$(id -u)" = "0" ]; then
mysql_note "Switching to dedicated user 'mysql'"
exec gosu mysql "${BASH_SOURCE[0]}" "$@"
fi
# there's no database, so it needs to be initialized
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ >/dev/null
docker_init_database_dir "$@"
mysql_note "Starting temporary server"
docker_temp_server_start "$@"
mysql_note "Temporary server started."
docker_setup_db
docker_process_init_files /docker-entrypoint-initdb.d/*
# Wait until after /docker-entrypoint-initdb.d is performed before setting
# root@localhost password to a hash we don't know the password for.
if [ -n "${MARIADB_ROOT_PASSWORD_HASH}" ]; then
mysql_note "Setting root@localhost password hash"
docker_process_sql --dont-use-mysql-root-password --binary-mode <<-EOSQL
SET @@SESSION.SQL_LOG_BIN=0;
SET PASSWORD FOR 'root'@'localhost'= '${MARIADB_ROOT_PASSWORD_HASH}';
EOSQL
fi
mysql_note "Stopping temporary server"
docker_temp_server_stop
mysql_note "Temporary server stopped"
echo
mysql_note "MariaDB init process done. Ready for start up."
echo
# MDEV-27636 mariadb_upgrade --check-if-upgrade-is-needed cannot be run offline
#elif mariadb-upgrade --check-if-upgrade-is-needed; then
elif _check_if_upgrade_is_needed; then
docker_mariadb_upgrade "$@"
fi
fi
exec "$@"
}
# If we are sourced from elsewhere, don't perform any further actions
if ! _is_sourced; then
_main "$@"
fi

434
db/mongodb.sh Normal file
View File

@ -0,0 +1,434 @@
#!/bin/bash
set -Eeuo pipefail
if [ "${1:0:1}" = '-' ]; then
set -- mongod "$@"
fi
originalArgOne="$1"
# allow the container to be started with `--user`
# all mongo* commands should be dropped to the correct user
if [[ "$originalArgOne" == mongo* ]] && [ "$(id -u)" = '0' ]; then
if [ "$originalArgOne" = 'mongod' ]; then
find /data/configdb /data/db \! -user mongodb -exec chown mongodb '{}' +
fi
# make sure we can write to stdout and stderr as "mongodb"
# (for our "initdb" code later; see "--logpath" below)
chown --dereference mongodb "/proc/$$/fd/1" "/proc/$$/fd/2" || :
# ignore errors thanks to https://github.com/docker-library/mongo/issues/149
exec gosu mongodb "$BASH_SOURCE" "$@"
fi
dpkgArch="$(dpkg --print-architecture)"
case "$dpkgArch" in
amd64) # https://github.com/docker-library/mongo/issues/485#issuecomment-891991814
if ! grep -qE '^flags.* avx( .*|$)' /proc/cpuinfo; then
{
echo
echo 'WARNING: MongoDB 5.0+ requires a CPU with AVX support, and your current system does not appear to have that!'
echo ' see https://jira.mongodb.org/browse/SERVER-54407'
echo ' see also https://www.mongodb.com/community/forums/t/mongodb-5-0-cpu-intel-g4650-compatibility/116610/2'
echo ' see also https://github.com/docker-library/mongo/issues/485#issuecomment-891991814'
echo
} >&2
fi
;;
arm64) # https://github.com/docker-library/mongo/issues/485#issuecomment-970864306
# https://en.wikichip.org/wiki/arm/armv8#ARMv8_Extensions_and_Processor_Features
# http://javathunderx.blogspot.com/2018/11/cheat-sheet-for-cpuinfo-features-on.html
if ! grep -qE '^Features.* (fphp|dcpop|sha3|sm3|sm4|asimddp|sha512|sve)( .*|$)' /proc/cpuinfo; then
{
echo
echo 'WARNING: MongoDB 5.0+ requires ARMv8.2-A or higher, and your current system does not appear to implement any of the common features for that!'
echo ' see https://jira.mongodb.org/browse/SERVER-55178'
echo ' see also https://en.wikichip.org/wiki/arm/armv8#ARMv8_Extensions_and_Processor_Features'
echo ' see also https://github.com/docker-library/mongo/issues/485#issuecomment-970864306'
echo
} >&2
fi
;;
esac
# you should use numactl to start your mongod instances, including the config servers, mongos instances, and any clients.
# https://docs.mongodb.com/manual/administration/production-notes/#configuring-numa-on-linux
if [[ "$originalArgOne" == mongo* ]]; then
numa='numactl --interleave=all'
if $numa true &>/dev/null; then
set -- $numa "$@"
fi
fi
# usage: file_env VAR [DEFAULT]
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
file_env() {
local var="$1"
local fileVar="${var}_FILE"
local def="${2:-}"
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
exit 1
fi
local val="$def"
if [ "${!var:-}" ]; then
val="${!var}"
elif [ "${!fileVar:-}" ]; then
val="$(<"${!fileVar}")"
fi
export "$var"="$val"
unset "$fileVar"
}
# see https://github.com/docker-library/mongo/issues/147 (mongod is picky about duplicated arguments)
_mongod_hack_have_arg() {
local checkArg="$1"
shift
local arg
for arg; do
case "$arg" in
"$checkArg" | "$checkArg"=*)
return 0
;;
esac
done
return 1
}
# _mongod_hack_get_arg_val '--some-arg' "$@"
_mongod_hack_get_arg_val() {
local checkArg="$1"
shift
while [ "$#" -gt 0 ]; do
local arg="$1"
shift
case "$arg" in
"$checkArg")
echo "$1"
return 0
;;
"$checkArg"=*)
echo "${arg#$checkArg=}"
return 0
;;
esac
done
return 1
}
declare -a mongodHackedArgs
# _mongod_hack_ensure_arg '--some-arg' "$@"
# set -- "${mongodHackedArgs[@]}"
_mongod_hack_ensure_arg() {
local ensureArg="$1"
shift
mongodHackedArgs=("$@")
if ! _mongod_hack_have_arg "$ensureArg" "$@"; then
mongodHackedArgs+=("$ensureArg")
fi
}
# _mongod_hack_ensure_no_arg '--some-unwanted-arg' "$@"
# set -- "${mongodHackedArgs[@]}"
_mongod_hack_ensure_no_arg() {
local ensureNoArg="$1"
shift
mongodHackedArgs=()
while [ "$#" -gt 0 ]; do
local arg="$1"
shift
if [ "$arg" = "$ensureNoArg" ]; then
continue
fi
mongodHackedArgs+=("$arg")
done
}
# _mongod_hack_ensure_no_arg '--some-unwanted-arg' "$@"
# set -- "${mongodHackedArgs[@]}"
_mongod_hack_ensure_no_arg_val() {
local ensureNoArg="$1"
shift
mongodHackedArgs=()
while [ "$#" -gt 0 ]; do
local arg="$1"
shift
case "$arg" in
"$ensureNoArg")
shift # also skip the value
continue
;;
"$ensureNoArg"=*)
# value is already included
continue
;;
esac
mongodHackedArgs+=("$arg")
done
}
# _mongod_hack_ensure_arg_val '--some-arg' 'some-val' "$@"
# set -- "${mongodHackedArgs[@]}"
_mongod_hack_ensure_arg_val() {
local ensureArg="$1"
shift
local ensureVal="$1"
shift
_mongod_hack_ensure_no_arg_val "$ensureArg" "$@"
mongodHackedArgs+=("$ensureArg" "$ensureVal")
}
# _js_escape 'some "string" value'
_js_escape() {
jq --null-input --arg 'str' "$1" '$str'
}
: "${TMPDIR:=/tmp}"
jsonConfigFile="$TMPDIR/docker-entrypoint-config.json"
tempConfigFile="$TMPDIR/docker-entrypoint-temp-config.json"
_parse_config() {
if [ -s "$tempConfigFile" ]; then
return 0
fi
local configPath
if configPath="$(_mongod_hack_get_arg_val --config "$@")" && [ -s "$configPath" ]; then
# if --config is specified, parse it into a JSON file so we can remove a few problematic keys (especially SSL-related keys)
# see https://docs.mongodb.com/manual/reference/configuration-options/
if grep -vEm1 '^[[:space:]]*(#|$)' "$configPath" | grep -qE '^[[:space:]]*[^=:]+[[:space:]]*='; then
# if the first non-comment/non-blank line of the config file looks like "foo = ...", this is probably the 2.4 and older "ini-style config format"
# mongod tries to parse config as yaml and then falls back to ini-style parsing
# https://github.com/mongodb/mongo/blob/r6.0.3/src/mongo/util/options_parser/options_parser.cpp#L1883-L1894
echo >&2
echo >&2 "WARNING: it appears that '$configPath' is in the older INI-style format (replaced by YAML in MongoDB 2.6)"
echo >&2 ' This script does not parse the older INI-style format, and thus will ignore it.'
echo >&2
return 1
fi
if [ "$mongoShell" = 'mongo' ]; then
"$mongoShell" --norc --nodb --quiet --eval "load('/js-yaml.js'); printjson(jsyaml.load(cat($(_js_escape "$configPath"))))" >"$jsonConfigFile"
else
# https://www.mongodb.com/docs/manual/reference/method/js-native/#std-label-native-in-mongosh
"$mongoShell" --norc --nodb --quiet --eval "load('/js-yaml.js'); JSON.stringify(jsyaml.load(fs.readFileSync($(_js_escape "$configPath"), 'utf8')))" >"$jsonConfigFile"
fi
if [ "$(head -c1 "$jsonConfigFile")" != '{' ] || [ "$(tail -c2 "$jsonConfigFile")" != '}' ]; then
# if the file doesn't start with "{" and end with "}", it's *probably* an error ("uncaught exception: YAMLException: foo" for example), so we should print it out
echo >&2 'error: unexpected "js-yaml.js" output while parsing config:'
cat >&2 "$jsonConfigFile"
exit 1
fi
jq 'del(.systemLog, .processManagement, .net, .security, .replication)' "$jsonConfigFile" >"$tempConfigFile"
return 0
fi
return 1
}
dbPath=
_dbPath() {
if [ -n "$dbPath" ]; then
echo "$dbPath"
return
fi
if ! dbPath="$(_mongod_hack_get_arg_val --dbpath "$@")"; then
if _parse_config "$@"; then
dbPath="$(jq -r '.storage.dbPath // empty' "$jsonConfigFile")"
fi
fi
if [ -z "$dbPath" ]; then
if _mongod_hack_have_arg --configsvr "$@" || {
_parse_config "$@" &&
clusterRole="$(jq -r '.sharding.clusterRole // empty' "$jsonConfigFile")" &&
[ "$clusterRole" = 'configsvr' ]
}; then
# if running as config server, then the default dbpath is /data/configdb
# https://docs.mongodb.com/manual/reference/program/mongod/#cmdoption-mongod-configsvr
dbPath=/data/configdb
fi
fi
: "${dbPath:=/data/db}"
echo "$dbPath"
}
if [ "$originalArgOne" = 'mongod' ]; then
file_env 'MONGO_INITDB_ROOT_USERNAME'
file_env 'MONGO_INITDB_ROOT_PASSWORD'
mongoShell='mongo'
if ! command -v "$mongoShell" >/dev/null; then
mongoShell='mongosh'
fi
# pre-check a few factors to see if it's even worth bothering with initdb
shouldPerformInitdb=
if [ "$MONGO_INITDB_ROOT_USERNAME" ] && [ "$MONGO_INITDB_ROOT_PASSWORD" ]; then
# if we have a username/password, let's set "--auth"
_mongod_hack_ensure_arg '--auth' "$@"
set -- "${mongodHackedArgs[@]}"
shouldPerformInitdb='true'
elif [ "$MONGO_INITDB_ROOT_USERNAME" ] || [ "$MONGO_INITDB_ROOT_PASSWORD" ]; then
cat >&2 <<-'EOF'
error: missing 'MONGO_INITDB_ROOT_USERNAME' or 'MONGO_INITDB_ROOT_PASSWORD'
both must be specified for a user to be created
EOF
exit 1
fi
if [ -z "$shouldPerformInitdb" ]; then
# if we've got any /docker-entrypoint-initdb.d/* files to parse later, we should initdb
for f in /docker-entrypoint-initdb.d/*; do
case "$f" in
*.sh | *.js) # this should match the set of files we check for below
shouldPerformInitdb="$f"
break
;;
esac
done
fi
# check for a few known paths (to determine whether we've already initialized and should thus skip our initdb scripts)
if [ -n "$shouldPerformInitdb" ]; then
dbPath="$(_dbPath "$@")"
for path in \
"$dbPath/WiredTiger" \
"$dbPath/journal" \
"$dbPath/local.0" \
"$dbPath/storage.bson"; do
if [ -e "$path" ]; then
shouldPerformInitdb=
break
fi
done
fi
if [ -n "$shouldPerformInitdb" ]; then
mongodHackedArgs=("$@")
if _parse_config "$@"; then
_mongod_hack_ensure_arg_val --config "$tempConfigFile" "${mongodHackedArgs[@]}"
fi
_mongod_hack_ensure_arg_val --bind_ip 127.0.0.1 "${mongodHackedArgs[@]}"
_mongod_hack_ensure_arg_val --port 27017 "${mongodHackedArgs[@]}"
_mongod_hack_ensure_no_arg --bind_ip_all "${mongodHackedArgs[@]}"
# remove "--auth" and "--replSet" for our initial startup (see https://docs.mongodb.com/manual/tutorial/enable-authentication/#start-mongodb-without-access-control)
# https://github.com/docker-library/mongo/issues/211
_mongod_hack_ensure_no_arg --auth "${mongodHackedArgs[@]}"
# "keyFile implies security.authorization"
# https://docs.mongodb.com/manual/reference/configuration-options/#mongodb-setting-security.keyFile
_mongod_hack_ensure_no_arg_val --keyFile "${mongodHackedArgs[@]}"
if [ "$MONGO_INITDB_ROOT_USERNAME" ] && [ "$MONGO_INITDB_ROOT_PASSWORD" ]; then
_mongod_hack_ensure_no_arg_val --replSet "${mongodHackedArgs[@]}"
fi
# "BadValue: need sslPEMKeyFile when SSL is enabled" vs "BadValue: need to enable SSL via the sslMode flag when using SSL configuration parameters"
tlsMode='disabled'
if _mongod_hack_have_arg '--tlsCertificateKeyFile' "$@"; then
tlsMode='allowTLS'
fi
_mongod_hack_ensure_arg_val --tlsMode "$tlsMode" "${mongodHackedArgs[@]}"
if stat "/proc/$$/fd/1" >/dev/null && [ -w "/proc/$$/fd/1" ]; then
# https://github.com/mongodb/mongo/blob/38c0eb538d0fd390c6cb9ce9ae9894153f6e8ef5/src/mongo/db/initialize_server_global_state.cpp#L237-L251
# https://github.com/docker-library/mongo/issues/164#issuecomment-293965668
_mongod_hack_ensure_arg_val --logpath "/proc/$$/fd/1" "${mongodHackedArgs[@]}"
else
initdbLogPath="$(_dbPath "$@")/docker-initdb.log"
echo >&2 "warning: initdb logs cannot write to '/proc/$$/fd/1', so they are in '$initdbLogPath' instead"
_mongod_hack_ensure_arg_val --logpath "$initdbLogPath" "${mongodHackedArgs[@]}"
fi
_mongod_hack_ensure_arg --logappend "${mongodHackedArgs[@]}"
pidfile="$TMPDIR/docker-entrypoint-temp-mongod.pid"
rm -f "$pidfile"
_mongod_hack_ensure_arg_val --pidfilepath "$pidfile" "${mongodHackedArgs[@]}"
"${mongodHackedArgs[@]}" --fork
mongo=("$mongoShell" --host 127.0.0.1 --port 27017 --quiet)
# check to see that our "mongod" actually did start up (catches "--help", "--version", MongoDB 3.2 being silly, slow prealloc, etc)
# https://jira.mongodb.org/browse/SERVER-16292
tries=30
while true; do
if ! { [ -s "$pidfile" ] && ps "$(<"$pidfile")" &>/dev/null; }; then
# bail ASAP if "mongod" isn't even running
echo >&2
echo >&2 "error: $originalArgOne does not appear to have stayed running -- perhaps it had an error?"
echo >&2
exit 1
fi
if "${mongo[@]}" 'admin' --eval 'quit(0)' &>/dev/null; then
# success!
break
fi
((tries--))
if [ "$tries" -le 0 ]; then
echo >&2
echo >&2 "error: $originalArgOne does not appear to have accepted connections quickly enough -- perhaps it had an error?"
echo >&2
exit 1
fi
sleep 1
done
if [ "$MONGO_INITDB_ROOT_USERNAME" ] && [ "$MONGO_INITDB_ROOT_PASSWORD" ]; then
rootAuthDatabase='admin'
"${mongo[@]}" "$rootAuthDatabase" <<-EOJS
db.createUser({
user: $(_js_escape "$MONGO_INITDB_ROOT_USERNAME"),
pwd: $(_js_escape "$MONGO_INITDB_ROOT_PASSWORD"),
roles: [ { role: 'root', db: $(_js_escape "$rootAuthDatabase") } ]
})
EOJS
fi
export MONGO_INITDB_DATABASE="${MONGO_INITDB_DATABASE:-test}"
echo
for f in /docker-entrypoint-initdb.d/*; do
case "$f" in
*.sh)
echo "$0: running $f"
. "$f"
;;
*.js)
echo "$0: running $f"
"${mongo[@]}" "$MONGO_INITDB_DATABASE" "$f"
echo
;;
*) echo "$0: ignoring $f" ;;
esac
echo
done
"${mongodHackedArgs[@]}" --shutdown
rm -f "$pidfile"
echo
echo 'MongoDB init process complete; ready for start up.'
echo
fi
# MongoDB 3.6+ defaults to localhost-only binding
haveBindIp=
if _mongod_hack_have_arg --bind_ip "$@" || _mongod_hack_have_arg --bind_ip_all "$@"; then
haveBindIp=1
elif _parse_config "$@" && jq --exit-status '.net.bindIp // .net.bindIpAll' "$jsonConfigFile" >/dev/null; then
haveBindIp=1
fi
if [ -z "$haveBindIp" ]; then
# so if no "--bind_ip" is specified, let's add "--bind_ip_all"
set -- "$@" --bind_ip_all
fi
unset "${!MONGO_INITDB_@}"
fi
rm -f "$jsonConfigFile" "$tempConfigFile"
exec "$@"

372
db/postgresql.sh Normal file
View File

@ -0,0 +1,372 @@
#!/usr/bin/env bash
set -Eeo pipefail
# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
PGDATA="$DATABASE_DIR_PGSQL"
POSTGRES_USER="$DATABASE_USER_ROOT"
POSTGRES_PASSWORD="$DATABASE_PASS_ROOT"
# usage: file_env VAR [DEFAULT]
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
file_env() {
local var="$1"
local fileVar="${var}_FILE"
local def="${2:-}"
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
exit 1
fi
local val="$def"
if [ "${!var:-}" ]; then
val="${!var}"
elif [ "${!fileVar:-}" ]; then
val="$(<"${!fileVar}")"
fi
export "$var"="$val"
unset "$fileVar"
}
# check to see if this file is being run or sourced from another script
_is_sourced() {
# https://unix.stackexchange.com/a/215279
[ "${#FUNCNAME[@]}" -ge 2 ] &&
[ "${FUNCNAME[0]}" = '_is_sourced' ] &&
[ "${FUNCNAME[1]}" = 'source' ]
}
# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user
docker_create_db_directories() {
local user
user="$(id -u)"
mkdir -p "$PGDATA"
# ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory)
chmod 700 "$PGDATA" || :
# ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289
mkdir -p /var/run/postgresql || :
chmod 775 /var/run/postgresql || :
# Create the transaction log directory before initdb is run so the directory is owned by the correct user
if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
mkdir -p "$POSTGRES_INITDB_WALDIR"
if [ "$user" = '0' ]; then
find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' +
fi
chmod 700 "$POSTGRES_INITDB_WALDIR"
fi
# allow the container to be started with `--user`
if [ "$user" = '0' ]; then
find "$PGDATA" \! -user postgres -exec chown postgres '{}' +
find /var/run/postgresql \! -user postgres -exec chown postgres '{}' +
fi
}
# initialize empty PGDATA directory with new database via 'initdb'
# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function
# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames
# this is also where the database user is created, specified by `POSTGRES_USER` env
docker_init_database_dir() {
# "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary
# see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html
local uid
uid="$(id -u)"
if ! getent passwd "$uid" &>/dev/null; then
# see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15)
local wrapper
for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do
if [ -s "$wrapper" ]; then
NSS_WRAPPER_PASSWD="$(mktemp)"
NSS_WRAPPER_GROUP="$(mktemp)"
export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
local gid
gid="$(id -g)"
printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" >"$NSS_WRAPPER_PASSWD"
printf 'postgres:x:%s:\n' "$gid" >"$NSS_WRAPPER_GROUP"
break
fi
done
fi
if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then
set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@"
fi
# --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025
eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"'
# unset/cleanup "nss_wrapper" bits
if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then
rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP"
unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
fi
}
# print large warning if POSTGRES_PASSWORD is long
# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
docker_verify_minimum_env() {
# check password first so we can output the warning before postgres
# messes it up
if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
cat >&2 <<-'EOWARN'
WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
This will not work if used via PGPASSWORD with "psql".
https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
https://github.com/docker-library/postgres/issues/507
EOWARN
fi
if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
# The - option suppresses leading tabs but *not* spaces. :)
cat >&2 <<-'EOE'
Error: Database is uninitialized and superuser password is not specified.
You must specify POSTGRES_PASSWORD to a non-empty value for the
superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
connections without a password. This is *not* recommended.
See PostgreSQL documentation about "trust":
https://www.postgresql.org/docs/current/auth-trust.html
EOE
exit 1
fi
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
cat >&2 <<-'EOWARN'
********************************************************************************
WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
anyone with access to the Postgres port to access your database without
a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
documentation about "trust":
https://www.postgresql.org/docs/current/auth-trust.html
In Docker's default configuration, this is effectively any other
container on the same system.
It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
it with "-e POSTGRES_PASSWORD=password" instead to set a password in
"docker run".
********************************************************************************
EOWARN
fi
}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
# process initializer files, based on file extensions and permissions
docker_process_init_files() {
# psql here for backwards compatibility "${psql[@]}"
psql=(docker_process_sql)
printf '\n'
local f
for f; do
case "$f" in
*.sh)
# https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
# https://github.com/docker-library/postgres/pull/452
if [ -x "$f" ]; then
printf '%s: running %s\n' "$0" "$f"
"$f"
else
printf '%s: sourcing %s\n' "$0" "$f"
. "$f"
fi
;;
*.sql)
printf '%s: running %s\n' "$0" "$f"
docker_process_sql -f "$f"
printf '\n'
;;
*.sql.gz)
printf '%s: running %s\n' "$0" "$f"
gunzip -c "$f" | docker_process_sql
printf '\n'
;;
*.sql.xz)
printf '%s: running %s\n' "$0" "$f"
xzcat "$f" | docker_process_sql
printf '\n'
;;
*.sql.zst)
printf '%s: running %s\n' "$0" "$f"
zstd -dc "$f" | docker_process_sql
printf '\n'
;;
*) printf '%s: ignoring %s\n' "$0" "$f" ;;
esac
printf '\n'
done
}
# Execute sql script, passed via stdin (or -f flag of pqsl)
# usage: docker_process_sql [psql-cli-args]
# ie: docker_process_sql --dbname=mydb <<<'INSERT ...'
# ie: docker_process_sql -f my-file.sql
# ie: docker_process_sql <my-file.sql
docker_process_sql() {
local query_runner=(psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --no-password --no-psqlrc)
if [ -n "$POSTGRES_DB" ]; then
query_runner+=(--dbname "$POSTGRES_DB")
fi
PGHOST= PGHOSTADDR= "${query_runner[@]}" "$@"
}
# create initial database
# uses environment variables for input: POSTGRES_DB
docker_setup_db() {
local dbAlreadyExists
dbAlreadyExists="$(
POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" --tuples-only <<-'EOSQL'
SELECT 1 FROM pg_database WHERE datname = :'db' ;
EOSQL
)"
if [ -z "$dbAlreadyExists" ]; then
POSTGRES_DB= docker_process_sql --dbname postgres --set db="$POSTGRES_DB" <<-'EOSQL'
CREATE DATABASE :"db" ;
EOSQL
printf '\n'
fi
}
# Loads various settings that are used elsewhere in the script
# This should be called before any other functions
docker_setup_env() {
file_env 'POSTGRES_PASSWORD'
file_env 'POSTGRES_USER' 'postgres'
file_env 'POSTGRES_DB' "$POSTGRES_USER"
file_env 'POSTGRES_INITDB_ARGS'
: "${POSTGRES_HOST_AUTH_METHOD:=}"
declare -g DATABASE_ALREADY_EXISTS
# look specifically for PG_VERSION, as it is expected in the DB dir
if [ -s "$PGDATA/PG_VERSION" ]; then
DATABASE_ALREADY_EXISTS='true'
fi
}
# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
pg_setup_hba_conf() {
# default authentication method is md5 on versions before 14
# https://www.postgresql.org/about/news/postgresql-14-released-2318/
if [ "$1" = 'postgres' ]; then
shift
fi
local auth
# check the default/configured encryption and use that as the auth method
auth="$(postgres -C password_encryption "$@")"
: "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
{
printf '\n'
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
printf '# warning trust is enabled for all connections\n'
printf '# see https://www.postgresql.org/docs/12/auth-trust.html\n'
fi
printf 'host all all all %s\n' "$POSTGRES_HOST_AUTH_METHOD"
} >>"$PGDATA/pg_hba.conf"
}
# start socket-only postgresql server for setting up or running scripts
# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
docker_temp_server_start() {
if [ "$1" = 'postgres' ]; then
shift
fi
# internal start of server in order to allow setup using psql client
# does not listen on external TCP/IP and waits until start finishes
set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}"
PGUSER="${PGUSER:-$POSTGRES_USER}" \
pg_ctl -D "$PGDATA" \
-o "$(printf '%q ' "$@")" \
-w start
}
# stop postgresql server after done setting up user and running scripts
docker_temp_server_stop() {
PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" -m fast -w stop
}
# check arguments for an option that would cause postgres to stop
# return true if there is one
_pg_want_help() {
local arg
for arg; do
case "$arg" in
# postgres --help | grep 'then exit'
# leaving out -C on purpose since it always fails and is unhelpful:
# postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory
-'?' | --help | --describe-config | -V | --version)
return 0
;;
esac
done
return 1
}
_main() {
# if first arg looks like a flag, assume we want to run postgres server
if [ "${1:0:1}" = '-' ]; then
set -- postgres "$@"
fi
if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then
docker_setup_env
# setup data directories and permissions (when run as root)
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
exec su-exec postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
docker_verify_minimum_env
# check dir permissions to reduce likelihood of half-initialized database
ls /docker-entrypoint-initdb.d/ >/dev/null
docker_init_database_dir
pg_setup_hba_conf "$@"
# PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
# e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
docker_temp_server_start "$@"
docker_setup_db
docker_process_init_files /docker-entrypoint-initdb.d/*
docker_temp_server_stop
unset PGPASSWORD
cat <<-'EOM'
PostgreSQL init process complete; ready for start up.
EOM
else
cat <<-'EOM'
PostgreSQL Database directory appears to contain a database; Skipping initialization
EOM
fi
fi
exec "$@"
}
if ! _is_sourced; then
_main "$@"
fi

180
dockerfile/nginx Normal file
View File

@ -0,0 +1,180 @@
# Docker image for dockerfile using the alpine template
ARG LICENSE="MIT"
ARG IMAGE_NAME="dockerfile"
ARG PHP_SERVER="dockerfile"
ARG BUILD_DATE="Fri Mar 10 03:23:26 PM EST 2023"
ARG LANGUAGE="en_US.UTF-8"
ARG TIMEZONE="America/New_York"
ARG WWW_ROOT_DIR="/data/htdocs"
ARG DEFAULT_FILE_DIR="/usr/local/share/template-files"
ARG DEFAULT_DATA_DIR="/usr/local/share/template-files/data"
ARG DEFAULT_CONF_DIR="/usr/local/share/template-files/config"
ARG DEFAULT_TEMPLATE_DIR="/usr/local/share/template-files/defaults"
ARG IMAGE_REPO="alpine"
ARG IMAGE_VERSION="latest"
ARG CONTAINER_VERSION="${IMAGE_VERSION}"
ARG SERVICE_PORT=""
ARG EXPOSE_PORTS=""
ARG PHP_VERSION="system"
ARG NODE_VERSION="system"
ARG NODE_MANAGER="system"
ARG USER="root"
ARG DISTRO_VERSION="${IMAGE_VERSION}"
ARG BUILD_VERSION="${DISTRO_VERSION}"
FROM tianon/gosu:latest AS gosu
FROM ${IMAGE_REPO}:${IMAGE_VERSION} AS build
ARG USER
ARG LICENSE
ARG TIMEZONE
ARG LANGUAGE
ARG IMAGE_NAME
ARG PHP_SERVER
ARG BUILD_DATE
ARG SERVICE_PORT
ARG EXPOSE_PORTS
ARG NODE_VERSION
ARG NODE_MANAGER
ARG BUILD_VERSION
ARG WWW_ROOT_DIR
ARG DEFAULT_FILE_DIR
ARG DEFAULT_DATA_DIR
ARG DEFAULT_CONF_DIR
ARG DEFAULT_TEMPLATE_DIR
ARG DISTRO_VERSION
ARG PHP_VERSION
ARG PACK_LIST="bash bash-completion git curl wget sudo iproute2 ssmtp openssl jq ca-certificates tzdata mailcap ncurses util-linux pciutils usbutils coreutils binutils findutils grep rsync zip certbot tini \
nginx nginx-mod-http-brotli nginx-mod-http-cache-purge nginx-mod-http-dav-ext nginx-mod-http-echo \
nginx-mod-http-encrypted-session nginx-mod-http-fancyindex nginx-mod-http-geoip nginx-mod-http-geoip2 \
nginx-mod-http-headers-more nginx-mod-http-image-filter nginx-mod-http-js nginx-mod-http-lua nginx-mod-http-perl \
nginx-mod-http-redis2 nginx-mod-http-set-misc nginx-mod-http-shibboleth nginx-mod-http-untar nginx-mod-http-upload \
nginx-mod-http-upload-progress nginx-mod-http-upstream-fair nginx-mod-http-xslt-filter nginx-mod-http-zip "
ENV ENV=~/.bashrc
ENV SHELL="/bin/sh"
ENV TZ="${TIMEZONE}"
ENV TIMEZONE="${TZ}"
ENV container="docker"
ENV LANG="${LANGUAGE}"
ENV TERM="xterm-256color"
ENV HOSTNAME="casjaysdev-dockerfile"
USER ${USER}
WORKDIR /root
COPY --from=gosu /usr/local/bin/gosu /usr/local/bin/gosu
COPY ./rootfs/. /
RUN set -ex; \
rm -Rf "/etc/apk/repositories"; \
[ "$DISTRO_VERSION" = "latest" ] && DISTRO_VERSION="edge"; \
[ "$DISTRO_VERSION" = "edge" ] || DISTRO_VERSION="v${DISTRO_VERSION}" ; \
mkdir -p "${DEFAULT_DATA_DIR}" "${DEFAULT_CONF_DIR}" "${DEFAULT_TEMPLATE_DIR}"; \
echo "http://dl-cdn.alpinelinux.org/alpine/${DISTRO_VERSION}/main" >>"/etc/apk/repositories"; \
echo "http://dl-cdn.alpinelinux.org/alpine/${DISTRO_VERSION}/community" >>"/etc/apk/repositories"; \
if [ "${DISTRO_VERSION}" = "edge" ]; then echo "http://dl-cdn.alpinelinux.org/alpine/${DISTRO_VERSION}/testing" >>"/etc/apk/repositories" ; fi ; \
apk update --update-cache && apk add --no-cache ${PACK_LIST}
RUN echo "$TIMEZONE" >"/etc/timezone" ; \
echo 'hosts: files dns' >"/etc/nsswitch.conf" ; \
[ -f "/usr/share/zoneinfo/${TZ}" ] && ln -sf "/usr/share/zoneinfo/${TZ}" "/etc/localtime" ; \
PHP_FPM="$(ls /usr/*bin/php*fpm* 2>/dev/null)" ; \
[ -n "$PHP_FPM" ] && [ -z "$(type -P php-fpm)" ] && ln -sf "$PHP_FPM" "/usr/bin/php-fpm" ; \
if [ -f "/etc/profile.d/color_prompt.sh.disabled" ]; then mv -f "/etc/profile.d/color_prompt.sh.disabled" "/etc/profile.d/color_prompt.sh"; fi
RUN touch "/etc/profile" "/root/.profile" ; \
[ -f "/etc/bash/bashrc" ] && cp -Rf "/etc/bash/bashrc" "/root/.bashrc" || [ -f "/etc/bashrc" ] && cp -Rf "/etc/bashrc" "/root/.bashrc" ; \
sed -i 's|root:x:.*|root:x:0:0:root:/root:/bin/bash|g' "/etc/passwd" ; \
grep -s -q 'alias quit' "/root/.bashrc" || printf '# Profile\n\n%s\n%s\n%s\n' '. /etc/profile' '. /root/.profile' "alias quit='exit 0 2>/dev/null'" >>"/root/.bashrc" ; \
[ -f "/usr/local/etc/docker/env/default.sample" ] && [ -d "/etc/profile.d" ] && \
cp -Rf "/usr/local/etc/docker/env/default.sample" "/etc/profile.d/container.env.sh" && chmod 755 "/etc/profile.d/container.env.sh" ; \
BASH_CMD="$(type -P bash)" ; [ -f "$BASH_CMD" ] && rm -rf "/bin/sh" && ln -sf "$BASH_CMD" "/bin/sh"
RUN set -ex ; \
echo
RUN echo 'Running cleanup' ; \
[ -d "/etc/nginx/http.d" ] && mv -f "/etc/nginx/http.d" "/etc/nginx/vhosts.d" ;
RUN rm -Rf "/config" "/data" ; \
rm -rf /etc/systemd/system/*.wants/* ; \
rm -rf /lib/systemd/system/systemd-update-utmp* ; \
rm -rf /lib/systemd/system/anaconda.target.wants/*; \
rm -rf /lib/systemd/system/local-fs.target.wants/* ; \
rm -rf /lib/systemd/system/multi-user.target.wants/* ; \
rm -rf /lib/systemd/system/sockets.target.wants/*udev* ; \
rm -rf /lib/systemd/system/sockets.target.wants/*initctl* ; \
rm -Rf /usr/share/doc/* /usr/share/info/* /tmp/* /var/tmp/* /var/cache/*/* ; \
if [ -d "/lib/systemd/system/sysinit.target.wants" ]; then cd "/lib/systemd/system/sysinit.target.wants" && rm -f $(ls | grep -v systemd-tmpfiles-setup) ; fi
RUN echo "Init done"
FROM scratch
ARG USER
ARG LICENSE
ARG LANGUAGE
ARG TIMEZONE
ARG IMAGE_NAME
ARG PHP_SERVER
ARG BUILD_DATE
ARG SERVICE_PORT
ARG EXPOSE_PORTS
ARG NODE_VERSION
ARG NODE_MANAGER
ARG BUILD_VERSION
ARG DEFAULT_DATA_DIR
ARG DEFAULT_CONF_DIR
ARG DEFAULT_TEMPLATE_DIR
ARG DISTRO_VERSION
ARG PHP_VERSION
USER ${USER}
WORKDIR /root
LABEL maintainer="CasjaysDev <docker-admin@casjaysdev.com>"
LABEL org.opencontainers.image.vendor="CasjaysDev"
LABEL org.opencontainers.image.authors="CasjaysDev"
LABEL org.opencontainers.image.vcs-type="Git"
LABEL org.opencontainers.image.name="${IMAGE_NAME}"
LABEL org.opencontainers.image.base.name="${IMAGE_NAME}"
LABEL org.opencontainers.image.license="${LICENSE}"
LABEL org.opencontainers.image.vcs-ref="${BUILD_VERSION}"
LABEL org.opencontainers.image.build-date="${BUILD_DATE}"
LABEL org.opencontainers.image.version="${BUILD_VERSION}"
LABEL org.opencontainers.image.schema-version="${BUILD_VERSION}"
LABEL org.opencontainers.image.url="https://hub.docker.com/r/casjaysdevdocker/${IMAGE_NAME}"
LABEL org.opencontainers.image.vcs-url="https://github.com/casjaysdevdocker/${IMAGE_NAME}"
LABEL org.opencontainers.image.url.source="https://github.com/casjaysdevdocker/${IMAGE_NAME}"
LABEL org.opencontainers.image.documentation="https://hub.docker.com/r/casjaysdevdocker/${IMAGE_NAME}"
LABEL org.opencontainers.image.description="Containerized version of ${IMAGE_NAME}"
LABEL com.github.containers.toolbox="false"
ENV ENV=~/.bashrc
ENV SHELL="/bin/bash"
ENV TZ="${TIMEZONE}"
ENV TIMEZONE="${TZ}"
ENV container="docker"
ENV LANG="${LANGUAGE}"
ENV TERM="xterm-256color"
ENV PORT="${SERVICE_PORT}"
ENV ENV_PORTS="${EXPOSE_PORTS}"
ENV PHP_SERVER="${PHP_SERVER}"
ENV PHP_VERSION="${PHP_VERSION}"
ENV CONTAINER_NAME="${IMAGE_NAME}"
ENV HOSTNAME="casjaysdev-${IMAGE_NAME}"
ENV USER="${USER}"
COPY --from=build /. /
VOLUME [ "/config","/data" ]
EXPOSE ${EXPOSE_PORTS}
#CMD [ "" ]
ENTRYPOINT [ "tini", "-p", "SIGTERM", "--", "/usr/local/bin/entrypoint.sh" ]
HEALTHCHECK --start-period=1m --interval=2m --timeout=3s CMD [ "/usr/local/bin/entrypoint.sh", "healthcheck" ]

404
htdocs/cgi-bin/env.cgi Executable file
View File

@ -0,0 +1,404 @@
#!/usr/bin/env perl
##
###########################
## Server Info CGI v1.08 ##
###########################
##
## ######################################
## ## Server Info CGI v1.08 <20> 2000 ##
## ## http://www.widexl.com ##
## ## Made by Henk Boonstra ##
## ######################################
##
## This script gives information about your (web)server.
## Software, Modules, libraries, env, network...
##
## Install:
## Change the path to perl (The first line in this script).
## Upload the script in ASCII mode to your cgi-bin directory.
## chmod script to 755.
## Open the script in a browser.
##
##############################
##############################
use strict;
use warnings FATAL => 'all';
no warnings 'redefine'; # to be remove in production
use Carp;
our %info = ();
my $output = undef;
my $ver = 'v1.8';
find_prog();
print "Content-type: text/html\n\n";
my $header = qq|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title>Server Info script</title>
<meta name="robots" content="noindex,nofollow">
<style type="text/css"><!--
BODY {
background-color : #FFFFFF;
font-family: verdana, arial, helvetica, sans-serif;
color : #484848;
font-size : 12px;
scrollbar-face-color: #FFFFFF;
scrollbar-shadow-color: #000000;
scrollbar-highlight-color: #484848;
scrollbar-3dlight-color: #FFFFFF;
scrollbar-darkshadow-color: #000000;
scrollbar-track-color: #8E929D;
scrollbar-arrow-color: #484848;
}
TD {
font-family: verdana, arial, helvetica, sans-serif;
color : #484848;
font-size : 12px;
}
PRE {
color : #484848;
margin-bottom: 0px;
margin-top: 0px;
}
I {
font-family: verdana, arial, helvetica, sans-serif;
color : Red;
font-size : 12px;
}
STRONG {
background-color : transparent;
font-family: verdana, arial, helvetica, sans-serif;
color : #484848;
font-size : 12px;
font-weight : bold;
}
--></style>
</head>
<body>
|;
$output .= "$header\n";
$output .= "<table border=\"0\" cellspacing=\"0\" cellpadding=\"32\" align=\"left\" width=\"760\"><tr><td align=\"left\">\n\n";
if ($^O eq 'MSWin32') {
$info{'OS_VERSION'} = `ver`;
$info{'HOST_NAME'} = `hostname`;
if ($info{'OS_VERSION'}) {$info{'EXEC'} = 'Enabled'}
}
else {
$info{'PROC_RELEASE'} = `uname -r`;
$info{'MACHINE'} = `uname -m`;
$info{'PROCESSOR'} = `uname -p`;
$info{'NODE_NAME'} = `uname -n`;
$info{'SYS_NAME'} = `uname -s`;
$info{'WHOAMI'} = `whoami`;
my $ex = `which perl`;
$info{'TAR'} = `which tar` || $info{'TAR'};
$info{'GZIP'} = `which gzip` || $info{'GZIP'};
$info{'COMPRESS'} = `which compress` || $info{'COMPRESS'};
$info{'WHOIS'} = `which whois` || $info{'WHOIS'};
$info{'CONVERT'} = `which convert` || $info{'CONVERT'};
$info{'MAIL_PROGRAM'} = `which sendmail` || $info{'MAIL_PROGRAM'};
$info{'MAIL_PROGRAM'} = "Found no mail program" if (!$info{'MAIL_PROGRAM'});
$info{'UPTIME'} = `uptime`;
$info{'QUOTA'} = `quota`;
$info{'QUOTA'} =~ s/\n/<br>/isg if ($info{'QUOTA'});
if ($ex) {$info{'EXEC'} = 'Enabled'}
}
$info{'OS'} = $^O;
$info{'SERVER_NAME'} = $ENV{'SERVER_NAME'};
$info{'SERVER_ADDR'} = $ENV{'SERVER_ADDR'};
$info{'PERL_EXE'} = $^X;
$info{'PERL_VER'} = $];
$info{'PERL_LIB'} = "@INC";
$info{'HTTP_HOST'} = $ENV{'HTTP_HOST'};
$info{'APACHE_LIB'} = $info{'APACHE_LIB'};
$info{'DOCU_ROOT'} = $ENV{'DOCUMENT_ROOT'};
$info{'SERVER_ADMIN'} = $ENV{'SERVER_ADMIN'};
$info{'SERVER_SOFT'} = $ENV{'SERVER_SOFTWARE'};
$info{'HTTP_ACCEPT'} = $ENV{'HTTP_ACCEPT'};
$info{'REMOTE_ADDR'} = $ENV{'REMOTE_ADDR'};
$info{'REMOTE_HOST'} = $ENV{'REMOTE_HOST'};
$info{'ACCEPT_LANG'} = $ENV{'HTTP_ACCEPT_LANGUAGE'};
$info{'USER_AGENT'} = $ENV{'HTTP_USER_AGENT'};
$info{'SERVER_VER'} = server('version');
$info{'SERVER_CPU'} = server('cpuinfo');
$info{'SERVER_MEM'} = server('meminfo');
# The Output.
$output .= "<strong>Server info</strong><br>\n";
$output .= "Operating system = <%OS%><br>\n";
if (("$^O" eq "MSWin32") and ($info{'EXEC'})) {
$output .= "Version = <%OS_VERSION%><br>\n";
$output .= "Host name = <%HOST_NAME%><br>\n";
}
if (("$^O" ne "MSWin32") and ($info{'EXEC'})) {
$output .= "Kernel = <%PROC_RELEASE%><br>\n";
$output .= "Machine = <%MACHINE%><br>\n";
$output .= "Processor type = <%PROCESSOR%><br>\n";
$output .= "Whoami = <%WHOAMI%><br>\n";
$output .= "Host name = <%NODE_NAME%><br>\n";
}
$output .= "Server name = <%SERVER_NAME%><br>\n";
$output .= "Server IP = <%SERVER_ADDR%><br>\n";
$output .= "<br>\n\n";
$output .= "<strong>Web server info</strong><br>\n";
$output .= "HTTP address = <%HTTP_HOST%><br>\n";
$output .= "Document root = <%DOCU_ROOT%><br>\n";
$output .= "Apache lib = <%APACHE_LIB%><br>\n";
$output .= "Administrator = <%SERVER_ADMIN%><br>\n";
$output .= "Server software = <%SERVER_SOFT%><br>\n";
$output .= "HTTP accept = <%HTTP_ACCEPT%><br>\n";
$output .= "<br>\n\n";
$output .= "<strong>Server programs</strong><br>\n";
$output .= "Mail program = <%MAIL_PROGRAM%><br>\n";
$output .= "Tar program = <%TAR%><br>\n";
$output .= "Gzip program = <%GZIP%><br>\n";
$output .= "Compress program = <%COMPRESS%><br>\n";
$output .= "Whois program = <%WHOIS%><br>\n";
$output .= "ImageMagick convert = <%CONVERT%><br>\n";
$output .= "<br>\n\n";
$output .= "<strong>Perl info</strong><br>\n";
$output .= "Perl location = <%PERL_EXE%><br>\n";
$output .= "Perl version = <%PERL_VER%><br>\n";
$output .= "Locations of Perl libraries = <%PERL_LIB%><br>\n";
$output .= "<br>\n\n";
$output .= "<strong>Remote user info</strong><br>\n";
$output .= "Remote IP = <%REMOTE_ADDR%><br>\n";
$output .= "Remote hostname = <%REMOTE_HOST%><br>\n";
$output .= "Language = <%ACCEPT_LANG%><br>\n";
$output .= "User agent = <%USER_AGENT%><br>\n";
$output .= "<br>\n\n";
$output .= "<strong>Extra info</strong><br>\n";
$output .= "Executing of system commands = Enabled<br>\n" if ($info{'EXEC'});
$output .= "Executing of system commands = Not enabled<br>\n" if (!$info{'EXEC'});
$output .= "Server uptime = <%UPTIME%><br>\n";
$output .= "<br>\n\n";
if ("$^O" ne "MSWin32") {
$output .= "<strong>Server version</strong><br>\n";
$output .= "<%SERVER_VER%><br>\n";
$output .= "<br>\n\n";
if ($info{'QUOTA'}) {
$output .= "<strong>Disk Quota</strong><br>\n";
$output .= "<%QUOTA%>\n";
$output .= "<br>\n\n";
}
$output .= "<strong>CPU info</strong><br>\n";
$output .= "<%SERVER_CPU%><br>\n";
$output .= "<br>\n\n";
$output .= "<strong>Memory info</strong><br>\n";
$output .= "<%SERVER_MEM%><br>\n";
$output .= "<br>\n\n";
}
$output .= "<strong>Perl libraries installed</strong><br>\n";
eval {require CGI};
if ($@) {$output .= "<i>The library CGI is not installed</i><br>\n"}
else {$output .= "Library CGI v$CGI::VERSION installed<br>\n"}
eval {require mod_perl};
if ($@) {$output .= "<i>The library mod_perl is not installed</i><br>\n"}
else {$output .= "Library mod_perl v$mod_perl::VERSION installed<br>\n"}
eval {require LWP};
if ($@) {$output .= "<i>The library www-perl is not installed</i><br>\n"}
else {$output .= "Library www-perl v$LWP::VERSION installed<br>\n"}
eval {require LWP::Parallel};
if ($@) {$output .= "<i>The library LWP::Parallel is not installed</i><br>\n"}
else {$output .= "Library LWP::Parallel v$LWP::Parallel::VERSION installed<br>\n"}
eval {require SOAP::Lite};
if ($@) {$output .= "<i>The library SOAP::Lite is not installed</i><br>\n"}
else {$output .= "Library SOAP::Lite v$SOAP::Lite::VERSION installed<br>\n"}
eval {require DBI};
if ($@) {$output .= "<i>The library DBI is not installed</i><br>\n"}
else {$output .= "Library DBI v$DBI::VERSION installed<br>\n"}
eval {require DBD::mysql};
if ($@) {$output .= "<i>The library DBD::mysql is not installed</i><br>\n"}
else {$output .= "Library DBD::mysql v$DBD::mysql::VERSION installed<br>\n"}
eval {require URI};
if ($@) {$output .= "<i>The library URI is not installed</i><br>\n"}
else {$output .= "Library URI v$URI::VERSION installed<br>\n"}
eval {require Digest::MD5};
if ($@) {$output .= "<i>The library Digest::MD5 is not installed</i><br>\n"}
else {$output .= "Library Digest::MD5 v$Digest::MD5::VERSION installed<br>\n"}
eval {require Crypt::SSLeay};
if ($@) {$output .= "<i>The library Crypt::SSLeay is not installed</i><br>\n"}
else {$output .= "Library Crypt::SSLeay v$Crypt::SSLeay::VERSION installed<br>\n"}
eval {require Net::SSLeay};
if ($@) {$output .= "<i>The library Net::SSLeay is not installed</i><br><br>\n\n"}
else {$output .= "Library Net::SSLeay.pm v$Net::SSLeay::VERSION installed<br><br>\n\n"}
if ($info{'APACHE_LIB'}) {
my @standard_mod = ('mod_rewrite.so', 'mod_cgi.so', 'mod_perl.so', 'mod_env.so', 'mod_include.so', 'mod_alias.so', 'mod_python.so');
my @auth_mod = ('mod_auth_digest.so', 'mod_auth_mysql.so');
my @ext_mod = ('mod_expires.so', 'mod_headers.so', 'libphp5.so', 'mod_proxy.so', 'mod_speling.so', 'mod_status.so', 'mod_usertrack.so', 'mod_vhost_alias.so');
$output .= "<strong>Apache modules installed</strong><br>\n";
foreach my $item(@standard_mod) {
if (-e "$info{'APACHE_LIB'}/$item") {$output .= "Module '$item' installed<br>\n"}
else {$output .= "<i>Module '$item' is not installed</i><br>\n"}
}
$output .= "<br>\n\n";
foreach my $item (@auth_mod) {
if (-e "$info{'APACHE_LIB'}/$item") {$output .= "Module '$item' installed<br>\n"}
else {$output .= "<i>Module '$item' is not installed</i><br>\n"}
}
$output .= "<br>\n\n";
foreach my $item(@ext_mod) {
if (-e "$info{'APACHE_LIB'}/$item") {$output .= "Module '$item' installed<br>\n"}
else {$output .= "<i>Module '$item' is not installed</i><br>\n"}
}
$output .= "<br>\n\n";
}
eval {
$info{'GET_USER'} = getpwent();
$info{'GET_GROUP'} = getgrent();
$info{'GET_HOST'} = gethostent();
$info{'GET_NET'} = getnetent();
$info{'GET_PROTO'} = getprotoent();
$info{'GET_SERV'} = getservent();
$output .= "<strong>Special info</strong><br>\n";
$output .= "user = <%GET_USER%><br>\n";
$output .= "group = <%GET_GROUP%><br>\n";
$output .= "host = <%GET_HOST%><br>\n";
$output .= "network = <%GET_NET%><br>\n";
$output .= "protocol = <%GET_PROTO%><br>\n";
$output .= "service = <%GET_SERV%><br>\n";
$output .= "<br>\n\n";
};
$output .= "<strong>Web server Env</strong><br>\n";
my @keys = keys %ENV;
my @values = values %ENV;
foreach my $key (sort(@keys)) {
$output .= "$key = $ENV{$key}<br>\n";
}
$output .= "</td></tr></table>\n";
$output .= "</body></html>\n";
$output =~ s/<%\s*(.*?)\s*%>/if ($info{$1}) {$info{$1}} else {"<i>undefined<\/i>"}/oesg;
print $output;
return 'OK';
########################
## Find Programs
########################
sub find_prog {
if (-e "/usr/local/bin/tar") {$info{'TAR'} = "/usr/local/bin/tar"}
elsif (-e "/usr/bin/tar") {$info{'TAR'} = "/usr/bin/tar"}
elsif (-e "/usr/local/tar") {$info{'TAR'} = "/usr/local/tar"}
if (-e "/usr/local/bin/gzip") {$info{'GZIP'} = "/usr/local/bin/gzip"}
elsif (-e "/usr/bin/gzip") {$info{'GZIP'} = "/usr/bin/gzip"}
elsif (-e "/usr/local/gzip") {$info{'GZIP'} = "/usr/local/gzip"}
if (-e "/usr/local/bin/compress") {$info{'COMPRESS'} = "/usr/local/bin/compress"}
elsif (-e "/usr/bin/compress") {$info{'COMPRESS'} = "/usr/bin/compress"}
elsif (-e "/usr/local/compress") {$info{'COMPRESS'} = "/usr/local/compress"}
if (-e "/usr/local/bin/whois") {$info{'WHOIS'} = "/usr/local/bin/whois"}
elsif (-e "/usr/bin/whois") {$info{'WHOIS'} = "/usr/bin/whois"}
elsif (-e "/usr/local/whois") {$info{'WHOIS'} = "/usr/local/whois"}
if (-e "/usr/local/bin/convert") {$info{'CONVERT'} = "/usr/local/bin/convert"}
elsif (-e "/usr/bin/convert") {$info{'CONVERT'} = "/usr/bin/convert"}
elsif (-e "/usr/local/convert") {$info{'CONVERT'} = "/usr/local/convert"}
########################
## Find Mail
########################
if (-e "/var/qmail/bin/qmail-inject") {$info{'MAIL_PROGRAM'} = "/var/qmail/bin/qmail-inject"}
elsif (-e "/usr/sbin/sendmail") {$info{'MAIL_PROGRAM'} = "/usr/sbin/sendmail"}
elsif (-e "/usr/lib/sendmail") {$info{'MAIL_PROGRAM'} = "/usr/lib/sendmail"}
elsif (-e "/usr/bin/sendmail") {$info{'MAIL_PROGRAM'} = "/usr/bin/sendmail"}
########################
## Find Apache
########################
if (-e "/usr/lib/httpd/modules/mod_env.so") {$info{'APACHE_LIB'} = "/usr/lib/httpd/modules"}
elsif (-e "/opt/lib/apache2/mod_env.so") {$info{'APACHE_LIB'} = "/opt/lib/apache2"}
if (-e "/usr/lib64/httpd/modules/mod_env.so") {$info{'APACHE_LIB'} = "/usr/lib64/httpd/modules"}
#elsif (-e "/System/Library/Apache/Modules/mod_env.so") {$info{'APACHE_LIB'} = "/System/Library/Apache/Modules"}# Mac
#elsif (-e "/System/Library/Apache2/Modules/mod_env.so") {$info{'APACHE_LIB'} = "/System/Library/Apache2/Modules"}# Mac
#elsif (-e "/usr/local/apache/modules/mod_env.so") {$info{'APACHE_LIB'} = "/usr/local/apache/modules"}# MachTen/WebTen
#elsif (-e "/usr/local/apache2/modules/mod_env.so") {$info{'APACHE_LIB'} = "/usr/local/apache2/modules"}# MachTen/WebTen
#elsif (-e "/usr/lib/apache/modules/mod_env.so") {$info{'APACHE_LIB'} = "/usr/lib/apache/modules"}# OpenBSD
#elsif (-e "/usr/lib/apache2/modules/mod_env.so") {$info{'APACHE_LIB'} = "/usr/lib/apache2/modules"}# OpenBSD
#elsif (-e "/usr/lib/apache/mod_env.so") {$info{'APACHE_LIB'} = "/usr/lib/apache"}
#elsif (-e "/usr/lib/httpd/mod_env.so") {$info{'APACHE_LIB'} = "/usr/lib/httpd"}
#elsif (-e "C:/Apache/modules") {$info{'APACHE_LIB'} = "C:/Apache/modules"}# windows
#elsif (-e "C:/Apache2/modules") {$info{'APACHE_LIB'} = "C:/Apache2/modules"}# windows
}
##############
## Server Info
##############
sub server {
my $serv_info = shift;
my $server_info = undef;
if (-e "/proc/$serv_info") {
open SERVER, "</proc/$serv_info";
$server_info .= join("<br>", <SERVER>);
close SERVER;
}
return $server_info;
}

41
htdocs/cgi-bin/env.php Executable file
View File

@ -0,0 +1,41 @@
<!DOCTYPE html>
<html lang="en-US">
<head>
<!--
##@Version : 202303091846-git
# @@Author : Jason Hempstead
# @@Contact : git-admin@casjaysdev.com
# @@License : WTFPL
# @@ReadME :
# @@Copyright : Copyright: (c) 2023 Jason Hempstead, Casjays Developments
# @@Created : Thursday, Mar 09, 2023 18:46 EST
# @@File : env.php
# @@Description : html document
# @@Changelog : Updated header
# @@TODO : Refactor code
# @@Other :
# @@Resource :
# @@Terminal App : no
# @@sudo/root : no
# @@Template : html
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-->
<meta charset='utf-8'>
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="Keywords" content="Casjay, CasjaysDev">
<meta name="Description" content="Created By Casjays Developments">
<meta name="generator" content="CasjaysDev">
<link rel="icon" sizes="any" href="/images/favicon.ico" />
<title>PHP Info</title>
</head>
<!-- Begin Body -->
<body>
<?php phpinfo() ?>
</body>
<!-- End Main End Body -->
</html>

404
htdocs/cgi-bin/env.pl Executable file
View File

@ -0,0 +1,404 @@
#!/usr/bin/env perl
##
###########################
## Server Info CGI v1.08 ##
###########################
##
## ######################################
## ## Server Info CGI v1.08 <20> 2000 ##
## ## http://www.widexl.com ##
## ## Made by Henk Boonstra ##
## ######################################
##
## This script gives information about your (web)server.
## Software, Modules, libraries, env, network...
##
## Install:
## Change the path to perl (The first line in this script).
## Upload the script in ASCII mode to your cgi-bin directory.
## chmod script to 755.
## Open the script in a browser.
##
##############################
##############################
use strict;
use warnings FATAL => 'all';
no warnings 'redefine'; # to be remove in production
use Carp;
our %info = ();
my $output = undef;
my $ver = 'v1.8';
find_prog();
print "Content-type: text/html\n\n";
my $header = qq|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title>Server Info script</title>
<meta name="robots" content="noindex,nofollow">
<style type="text/css"><!--
BODY {
background-color : #FFFFFF;
font-family: verdana, arial, helvetica, sans-serif;
color : #484848;
font-size : 12px;
scrollbar-face-color: #FFFFFF;
scrollbar-shadow-color: #000000;
scrollbar-highlight-color: #484848;
scrollbar-3dlight-color: #FFFFFF;
scrollbar-darkshadow-color: #000000;
scrollbar-track-color: #8E929D;
scrollbar-arrow-color: #484848;
}
TD {
font-family: verdana, arial, helvetica, sans-serif;
color : #484848;
font-size : 12px;
}
PRE {
color : #484848;
margin-bottom: 0px;
margin-top: 0px;
}
I {
font-family: verdana, arial, helvetica, sans-serif;
color : Red;
font-size : 12px;
}
STRONG {
background-color : transparent;
font-family: verdana, arial, helvetica, sans-serif;
color : #484848;
font-size : 12px;
font-weight : bold;
}
--></style>
</head>
<body>
|;
$output .= "$header\n";
$output .= "<table border=\"0\" cellspacing=\"0\" cellpadding=\"32\" align=\"left\" width=\"760\"><tr><td align=\"left\">\n\n";
if ($^O eq 'MSWin32') {
$info{'OS_VERSION'} = `ver`;
$info{'HOST_NAME'} = `hostname`;
if ($info{'OS_VERSION'}) {$info{'EXEC'} = 'Enabled'}
}
else {
$info{'PROC_RELEASE'} = `uname -r`;
$info{'MACHINE'} = `uname -m`;
$info{'PROCESSOR'} = `uname -p`;
$info{'NODE_NAME'} = `uname -n`;
$info{'SYS_NAME'} = `uname -s`;
$info{'WHOAMI'} = `whoami`;
my $ex = `which perl`;
$info{'TAR'} = `which tar` || $info{'TAR'};
$info{'GZIP'} = `which gzip` || $info{'GZIP'};
$info{'COMPRESS'} = `which compress` || $info{'COMPRESS'};
$info{'WHOIS'} = `which whois` || $info{'WHOIS'};
$info{'CONVERT'} = `which convert` || $info{'CONVERT'};
$info{'MAIL_PROGRAM'} = `which sendmail` || $info{'MAIL_PROGRAM'};
$info{'MAIL_PROGRAM'} = "Found no mail program" if (!$info{'MAIL_PROGRAM'});
$info{'UPTIME'} = `uptime`;
$info{'QUOTA'} = `quota`;
$info{'QUOTA'} =~ s/\n/<br>/isg if ($info{'QUOTA'});
if ($ex) {$info{'EXEC'} = 'Enabled'}
}
$info{'OS'} = $^O;
$info{'SERVER_NAME'} = $ENV{'SERVER_NAME'};
$info{'SERVER_ADDR'} = $ENV{'SERVER_ADDR'};
$info{'PERL_EXE'} = $^X;
$info{'PERL_VER'} = $];
$info{'PERL_LIB'} = "@INC";
$info{'HTTP_HOST'} = $ENV{'HTTP_HOST'};
$info{'APACHE_LIB'} = $info{'APACHE_LIB'};
$info{'DOCU_ROOT'} = $ENV{'DOCUMENT_ROOT'};
$info{'SERVER_ADMIN'} = $ENV{'SERVER_ADMIN'};
$info{'SERVER_SOFT'} = $ENV{'SERVER_SOFTWARE'};
$info{'HTTP_ACCEPT'} = $ENV{'HTTP_ACCEPT'};
$info{'REMOTE_ADDR'} = $ENV{'REMOTE_ADDR'};
$info{'REMOTE_HOST'} = $ENV{'REMOTE_HOST'};
$info{'ACCEPT_LANG'} = $ENV{'HTTP_ACCEPT_LANGUAGE'};
$info{'USER_AGENT'} = $ENV{'HTTP_USER_AGENT'};
$info{'SERVER_VER'} = server('version');
$info{'SERVER_CPU'} = server('cpuinfo');
$info{'SERVER_MEM'} = server('meminfo');
# The Output.
$output .= "<strong>Server info</strong><br>\n";
$output .= "Operating system = <%OS%><br>\n";
if (("$^O" eq "MSWin32") and ($info{'EXEC'})) {
$output .= "Version = <%OS_VERSION%><br>\n";
$output .= "Host name = <%HOST_NAME%><br>\n";
}
if (("$^O" ne "MSWin32") and ($info{'EXEC'})) {
$output .= "Kernel = <%PROC_RELEASE%><br>\n";
$output .= "Machine = <%MACHINE%><br>\n";
$output .= "Processor type = <%PROCESSOR%><br>\n";
$output .= "Whoami = <%WHOAMI%><br>\n";
$output .= "Host name = <%NODE_NAME%><br>\n";
}
$output .= "Server name = <%SERVER_NAME%><br>\n";
$output .= "Server IP = <%SERVER_ADDR%><br>\n";
$output .= "<br>\n\n";
$output .= "<strong>Web server info</strong><br>\n";
$output .= "HTTP address = <%HTTP_HOST%><br>\n";
$output .= "Document root = <%DOCU_ROOT%><br>\n";
$output .= "Apache lib = <%APACHE_LIB%><br>\n";
$output .= "Administrator = <%SERVER_ADMIN%><br>\n";
$output .= "Server software = <%SERVER_SOFT%><br>\n";
$output .= "HTTP accept = <%HTTP_ACCEPT%><br>\n";
$output .= "<br>\n\n";
$output .= "<strong>Server programs</strong><br>\n";
$output .= "Mail program = <%MAIL_PROGRAM%><br>\n";
$output .= "Tar program = <%TAR%><br>\n";
$output .= "Gzip program = <%GZIP%><br>\n";
$output .= "Compress program = <%COMPRESS%><br>\n";
$output .= "Whois program = <%WHOIS%><br>\n";
$output .= "ImageMagick convert = <%CONVERT%><br>\n";
$output .= "<br>\n\n";
$output .= "<strong>Perl info</strong><br>\n";
$output .= "Perl location = <%PERL_EXE%><br>\n";
$output .= "Perl version = <%PERL_VER%><br>\n";
$output .= "Locations of Perl libraries = <%PERL_LIB%><br>\n";
$output .= "<br>\n\n";
$output .= "<strong>Remote user info</strong><br>\n";
$output .= "Remote IP = <%REMOTE_ADDR%><br>\n";
$output .= "Remote hostname = <%REMOTE_HOST%><br>\n";
$output .= "Language = <%ACCEPT_LANG%><br>\n";
$output .= "User agent = <%USER_AGENT%><br>\n";
$output .= "<br>\n\n";
$output .= "<strong>Extra info</strong><br>\n";
$output .= "Executing of system commands = Enabled<br>\n" if ($info{'EXEC'});
$output .= "Executing of system commands = Not enabled<br>\n" if (!$info{'EXEC'});
$output .= "Server uptime = <%UPTIME%><br>\n";
$output .= "<br>\n\n";
if ("$^O" ne "MSWin32") {
$output .= "<strong>Server version</strong><br>\n";
$output .= "<%SERVER_VER%><br>\n";
$output .= "<br>\n\n";
if ($info{'QUOTA'}) {
$output .= "<strong>Disk Quota</strong><br>\n";
$output .= "<%QUOTA%>\n";
$output .= "<br>\n\n";
}
$output .= "<strong>CPU info</strong><br>\n";
$output .= "<%SERVER_CPU%><br>\n";
$output .= "<br>\n\n";
$output .= "<strong>Memory info</strong><br>\n";
$output .= "<%SERVER_MEM%><br>\n";
$output .= "<br>\n\n";
}
$output .= "<strong>Perl libraries installed</strong><br>\n";
eval {require CGI};
if ($@) {$output .= "<i>The library CGI is not installed</i><br>\n"}
else {$output .= "Library CGI v$CGI::VERSION installed<br>\n"}
eval {require mod_perl};
if ($@) {$output .= "<i>The library mod_perl is not installed</i><br>\n"}
else {$output .= "Library mod_perl v$mod_perl::VERSION installed<br>\n"}
eval {require LWP};
if ($@) {$output .= "<i>The library www-perl is not installed</i><br>\n"}
else {$output .= "Library www-perl v$LWP::VERSION installed<br>\n"}
eval {require LWP::Parallel};
if ($@) {$output .= "<i>The library LWP::Parallel is not installed</i><br>\n"}
else {$output .= "Library LWP::Parallel v$LWP::Parallel::VERSION installed<br>\n"}
eval {require SOAP::Lite};
if ($@) {$output .= "<i>The library SOAP::Lite is not installed</i><br>\n"}
else {$output .= "Library SOAP::Lite v$SOAP::Lite::VERSION installed<br>\n"}
eval {require DBI};
if ($@) {$output .= "<i>The library DBI is not installed</i><br>\n"}
else {$output .= "Library DBI v$DBI::VERSION installed<br>\n"}
eval {require DBD::mysql};
if ($@) {$output .= "<i>The library DBD::mysql is not installed</i><br>\n"}
else {$output .= "Library DBD::mysql v$DBD::mysql::VERSION installed<br>\n"}
eval {require URI};
if ($@) {$output .= "<i>The library URI is not installed</i><br>\n"}
else {$output .= "Library URI v$URI::VERSION installed<br>\n"}
eval {require Digest::MD5};
if ($@) {$output .= "<i>The library Digest::MD5 is not installed</i><br>\n"}
else {$output .= "Library Digest::MD5 v$Digest::MD5::VERSION installed<br>\n"}
eval {require Crypt::SSLeay};
if ($@) {$output .= "<i>The library Crypt::SSLeay is not installed</i><br>\n"}
else {$output .= "Library Crypt::SSLeay v$Crypt::SSLeay::VERSION installed<br>\n"}
eval {require Net::SSLeay};
if ($@) {$output .= "<i>The library Net::SSLeay is not installed</i><br><br>\n\n"}
else {$output .= "Library Net::SSLeay.pm v$Net::SSLeay::VERSION installed<br><br>\n\n"}
if ($info{'APACHE_LIB'}) {
my @standard_mod = ('mod_rewrite.so', 'mod_cgi.so', 'mod_perl.so', 'mod_env.so', 'mod_include.so', 'mod_alias.so', 'mod_python.so');
my @auth_mod = ('mod_auth_digest.so', 'mod_auth_mysql.so');
my @ext_mod = ('mod_expires.so', 'mod_headers.so', 'libphp5.so', 'mod_proxy.so', 'mod_speling.so', 'mod_status.so', 'mod_usertrack.so', 'mod_vhost_alias.so');
$output .= "<strong>Apache modules installed</strong><br>\n";
foreach my $item(@standard_mod) {
if (-e "$info{'APACHE_LIB'}/$item") {$output .= "Module '$item' installed<br>\n"}
else {$output .= "<i>Module '$item' is not installed</i><br>\n"}
}
$output .= "<br>\n\n";
foreach my $item (@auth_mod) {
if (-e "$info{'APACHE_LIB'}/$item") {$output .= "Module '$item' installed<br>\n"}
else {$output .= "<i>Module '$item' is not installed</i><br>\n"}
}
$output .= "<br>\n\n";
foreach my $item(@ext_mod) {
if (-e "$info{'APACHE_LIB'}/$item") {$output .= "Module '$item' installed<br>\n"}
else {$output .= "<i>Module '$item' is not installed</i><br>\n"}
}
$output .= "<br>\n\n";
}
eval {
$info{'GET_USER'} = getpwent();
$info{'GET_GROUP'} = getgrent();
$info{'GET_HOST'} = gethostent();
$info{'GET_NET'} = getnetent();
$info{'GET_PROTO'} = getprotoent();
$info{'GET_SERV'} = getservent();
$output .= "<strong>Special info</strong><br>\n";
$output .= "user = <%GET_USER%><br>\n";
$output .= "group = <%GET_GROUP%><br>\n";
$output .= "host = <%GET_HOST%><br>\n";
$output .= "network = <%GET_NET%><br>\n";
$output .= "protocol = <%GET_PROTO%><br>\n";
$output .= "service = <%GET_SERV%><br>\n";
$output .= "<br>\n\n";
};
$output .= "<strong>Web server Env</strong><br>\n";
my @keys = keys %ENV;
my @values = values %ENV;
foreach my $key (sort(@keys)) {
$output .= "$key = $ENV{$key}<br>\n";
}
$output .= "</td></tr></table>\n";
$output .= "</body></html>\n";
$output =~ s/<%\s*(.*?)\s*%>/if ($info{$1}) {$info{$1}} else {"<i>undefined<\/i>"}/oesg;
print $output;
return 'OK';
########################
## Find Programs
########################
sub find_prog {
if (-e "/usr/local/bin/tar") {$info{'TAR'} = "/usr/local/bin/tar"}
elsif (-e "/usr/bin/tar") {$info{'TAR'} = "/usr/bin/tar"}
elsif (-e "/usr/local/tar") {$info{'TAR'} = "/usr/local/tar"}
if (-e "/usr/local/bin/gzip") {$info{'GZIP'} = "/usr/local/bin/gzip"}
elsif (-e "/usr/bin/gzip") {$info{'GZIP'} = "/usr/bin/gzip"}
elsif (-e "/usr/local/gzip") {$info{'GZIP'} = "/usr/local/gzip"}
if (-e "/usr/local/bin/compress") {$info{'COMPRESS'} = "/usr/local/bin/compress"}
elsif (-e "/usr/bin/compress") {$info{'COMPRESS'} = "/usr/bin/compress"}
elsif (-e "/usr/local/compress") {$info{'COMPRESS'} = "/usr/local/compress"}
if (-e "/usr/local/bin/whois") {$info{'WHOIS'} = "/usr/local/bin/whois"}
elsif (-e "/usr/bin/whois") {$info{'WHOIS'} = "/usr/bin/whois"}
elsif (-e "/usr/local/whois") {$info{'WHOIS'} = "/usr/local/whois"}
if (-e "/usr/local/bin/convert") {$info{'CONVERT'} = "/usr/local/bin/convert"}
elsif (-e "/usr/bin/convert") {$info{'CONVERT'} = "/usr/bin/convert"}
elsif (-e "/usr/local/convert") {$info{'CONVERT'} = "/usr/local/convert"}
########################
## Find Mail
########################
if (-e "/var/qmail/bin/qmail-inject") {$info{'MAIL_PROGRAM'} = "/var/qmail/bin/qmail-inject"}
elsif (-e "/usr/sbin/sendmail") {$info{'MAIL_PROGRAM'} = "/usr/sbin/sendmail"}
elsif (-e "/usr/lib/sendmail") {$info{'MAIL_PROGRAM'} = "/usr/lib/sendmail"}
elsif (-e "/usr/bin/sendmail") {$info{'MAIL_PROGRAM'} = "/usr/bin/sendmail"}
########################
## Find Apache
########################
if (-e "/usr/lib/httpd/modules/mod_env.so") {$info{'APACHE_LIB'} = "/usr/lib/httpd/modules"}
elsif (-e "/opt/lib/apache2/mod_env.so") {$info{'APACHE_LIB'} = "/opt/lib/apache2"}
if (-e "/usr/lib64/httpd/modules/mod_env.so") {$info{'APACHE_LIB'} = "/usr/lib64/httpd/modules"}
#elsif (-e "/System/Library/Apache/Modules/mod_env.so") {$info{'APACHE_LIB'} = "/System/Library/Apache/Modules"}# Mac
#elsif (-e "/System/Library/Apache2/Modules/mod_env.so") {$info{'APACHE_LIB'} = "/System/Library/Apache2/Modules"}# Mac
#elsif (-e "/usr/local/apache/modules/mod_env.so") {$info{'APACHE_LIB'} = "/usr/local/apache/modules"}# MachTen/WebTen
#elsif (-e "/usr/local/apache2/modules/mod_env.so") {$info{'APACHE_LIB'} = "/usr/local/apache2/modules"}# MachTen/WebTen
#elsif (-e "/usr/lib/apache/modules/mod_env.so") {$info{'APACHE_LIB'} = "/usr/lib/apache/modules"}# OpenBSD
#elsif (-e "/usr/lib/apache2/modules/mod_env.so") {$info{'APACHE_LIB'} = "/usr/lib/apache2/modules"}# OpenBSD
#elsif (-e "/usr/lib/apache/mod_env.so") {$info{'APACHE_LIB'} = "/usr/lib/apache"}
#elsif (-e "/usr/lib/httpd/mod_env.so") {$info{'APACHE_LIB'} = "/usr/lib/httpd"}
#elsif (-e "C:/Apache/modules") {$info{'APACHE_LIB'} = "C:/Apache/modules"}# windows
#elsif (-e "C:/Apache2/modules") {$info{'APACHE_LIB'} = "C:/Apache2/modules"}# windows
}
##############
## Server Info
##############
sub server {
my $serv_info = shift;
my $server_info = undef;
if (-e "/proc/$serv_info") {
open SERVER, "</proc/$serv_info";
$server_info .= join("<br>", <SERVER>);
close SERVER;
}
return $server_info;
}

8
htdocs/cgi-bin/env.py Executable file
View File

@ -0,0 +1,8 @@
#!/usr/bin/env python
import sys
import os
print "Content-Type: text/html\n\n"
for name, value in os.environ.items():
print "%s\t= %s <br/>" % (name, value)

7
htdocs/cgi-bin/env.rb Executable file
View File

@ -0,0 +1,7 @@
#!/usr/bin/env ruby
# -*- coding: None -*-
require 'cgi' //cgi file to create a simple cgi object.
cgi = CGI.new //instantiating a cgi object.
puts cgi.header //thats telling the server about the type(html).
puts "hello" // thats the output on the browser.

12
htdocs/cgi-bin/printenv Normal file
View File

@ -0,0 +1,12 @@
#!/usr/bin/env perl
use strict;
use warnings;
print "Content-type: text/plain; charset=iso-8859-1\n\n";
foreach my $var (sort(keys(%ENV))) {
my $val = $ENV{$var};
$val =~ s|\n|\\n|g;
$val =~ s|"|\\"|g;
print "${var}=\"${val}\"\n";
}

17
htdocs/cgi-bin/printenv.vbs Normal file
View File

@ -0,0 +1,17 @@
'!c:/windows/system32/cscript -nologo
Option Explicit
Dim objShell, objArray, str, envvar, envval
Set objShell = CreateObject("WScript.Shell")
Set objArray = CreateObject("System.Collections.ArrayList")
WScript.StdOut.WriteLine "Content-type: text/plain; charset=iso-8859-1" & vbLF
For Each str In objShell.Environment("PROCESS")
objArray.Add str
Next
objArray.Sort()
For Each str In objArray
envvar = Left(str, InStr(str, "="))
envval = Replace(Mid(str, InStr(str, "=") + 1), vbLF, "\n")
WScript.StdOut.WriteLine envvar & Chr(34) & envval & Chr(34)
Next

19
htdocs/cgi-bin/printenv.wsf Normal file
View File

@ -0,0 +1,19 @@
'!c:/windows/system32/cscript -nologo
<job>
<script language="JScript">
WScript.Echo("Content-type: text/plain; charset=iso-8859-1\n");
var objShell = new ActiveXObject("WScript.Shell");
var objArray = new Array();
var e = new Enumerator(objShell.Environment("PROCESS"));
for (;!e.atEnd();e.moveNext()) {
var i = e.item().indexOf("=");
var envvar = e.item().substring(0, i);
var envval = e.item().substring(i + 1, e.item().length);
envval = envval.replace("\n", "\\n");
objArray.push(envvar + "=\"" + envval + "\"");
}
objArray.sort();
WScript.Echo(objArray.join("\n"));
</script>
</job>

26
htdocs/cgi-bin/test-cgi Normal file
View File

@ -0,0 +1,26 @@
#!/usr/bin/env sh
# disable filename globbing
set -f
echo "Content-type: text/plain; charset=iso-8859-1"
echo
echo CGI/1.0 test script report:
echo
echo argc is $#. argv is "$*".
echo
echo SERVER_SOFTWARE = $SERVER_SOFTWARE
echo SERVER_NAME = $SERVER_NAME
echo GATEWAY_INTERFACE = $GATEWAY_INTERFACE
echo SERVER_PROTOCOL = $SERVER_PROTOCOL
echo SERVER_PORT = $SERVER_PORT
echo REQUEST_METHOD = $REQUEST_METHOD
echo HTTP_ACCEPT = "$HTTP_ACCEPT"
echo PATH_INFO = "$PATH_INFO"
echo PATH_TRANSLATED = "$PATH_TRANSLATED"
echo SCRIPT_NAME = "$SCRIPT_NAME"
echo QUERY_STRING = "$QUERY_STRING"
echo REMOTE_HOST = $REMOTE_HOST
echo REMOTE_ADDR = $REMOTE_ADDR
echo REMOTE_USER = $REMOTE_USER
echo AUTH_TYPE = $AUTH_TYPE
echo CONTENT_TYPE = $CONTENT_TYPE
echo CONTENT_LENGTH = $CONTENT_LENGTH

71
htdocs/www/404.html Normal file
View File

@ -0,0 +1,71 @@
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8" />
<meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="generator" content="CasjaysDev" />
<meta name="robots" content="index, follow" />
<meta name="description" content="" />
<meta
name="viewport"
content="width=device-width, initial-scale=1.0, maximum-scale=1.0"
/>
<meta property="og:title" content="" />
<meta property="og:type" content="" />
<meta property="og:url" content="" />
<meta property="og:image" content="" />
<meta name="theme-color" content="#fafafa" />
<link rel="manifest" href="./site.webmanifest" />
<link rel="icon" type="image/icon png" href="./images/favicon.png" />
<link rel="apple-touch-icon" href="./images/icon.png" />
<link rel="stylesheet" href="./css/errorpages.css" />
<link rel="stylesheet" href="./css/bootstrap.css" />
<link rel="stylesheet" href="./css/index.css" />
<script src="./js/errorpages/isup.js" defer></script>
<script src="./js/errorpages/homepage.js" defer></script>
<script src="./js/errorpages/loaddomain.js" defer></script>
<script src="./js/jquery/default.js"></script>
<script src="./js/passprotect.min.js" defer></script>
<script src="./js/bootstrap.min.js" defer></script>
<script src="./js/app.js" defer></script>
<title>404 Not Found</title>
</head>
<body onload="javascript:loadDomain();">
<!-- Error Page Content -->
<div class="container vh-100 h1">
<div class="jumbotron">
<i class="fa fa-frown-o"></i>
<a
href="https://www.google.com/search?q=server+error+404"
target="_blank"
>404 Not Found</a
>
<p class="lead fs-3">
We apologize but we can't seem to be able to find what you're looking
for!
</p>
<img
alt="error"
src="./images/404.gif"
height="800"
width="800"
/><br />
</div>
<a
onclick="javascript:homepage();"
class="btn btn-secondary btn-outline-danger btn-lg btn-block"
><span id="display-domain"></span
></a>
</div>
</body>
</html>

10522
htdocs/www/css/bootstrap.css vendored Normal file
View File

File diff suppressed because it is too large Load Diff

10531
htdocs/www/css/bootstrap.min.css vendored Normal file
View File

File diff suppressed because it is too large Load Diff

9872
htdocs/www/css/bs.plain.css Normal file
View File

File diff suppressed because it is too large Load Diff

275
htdocs/www/css/cookieconsent.css Normal file
View File

@ -0,0 +1,275 @@
.cc-window {
opacity: 1;
transition: opacity 1s ease;
}
.cc-window.cc-invisible {
opacity: 0;
}
.cc-animate.cc-revoke {
transition: transform 1s ease;
}
.cc-animate.cc-revoke.cc-top {
transform: translateY(-2em);
}
.cc-animate.cc-revoke.cc-bottom {
transform: translateY(2em);
}
.cc-animate.cc-revoke.cc-active.cc-bottom,
.cc-animate.cc-revoke.cc-active.cc-top,
.cc-revoke:hover {
transform: translateY(0);
}
.cc-grower {
max-height: 0;
overflow: hidden;
transition: max-height 1s;
}
.cc-link,
.cc-revoke:hover {
text-decoration: underline;
}
.cc-revoke,
.cc-window {
position: fixed;
overflow: hidden;
box-sizing: border-box;
font-family: Helvetica, Calibri, Arial, sans-serif;
font-size: 16px;
line-height: 1.5em;
display: -ms-flexbox;
display: flex;
-ms-flex-wrap: nowrap;
flex-wrap: nowrap;
z-index: 9999;
}
.cc-window.cc-static {
position: static;
}
.cc-window.cc-floating {
padding: 2em;
max-width: 24em;
-ms-flex-direction: column;
flex-direction: column;
}
.cc-window.cc-banner {
padding: 1em 1.8em;
width: 100%;
-ms-flex-direction: row;
flex-direction: row;
}
.cc-revoke {
padding: 0.5em;
}
.cc-header {
font-size: 18px;
font-weight: 700;
}
.cc-btn,
.cc-close,
.cc-link,
.cc-revoke {
cursor: pointer;
}
.cc-link {
opacity: 0.8;
display: inline-block;
padding: 0.2em;
}
.cc-link:hover {
opacity: 1;
}
.cc-link:active,
.cc-link:visited {
color: initial;
}
.cc-btn {
display: block;
padding: 0.4em 0.8em;
font-size: 0.9em;
font-weight: 700;
border-width: 2px;
border-style: solid;
text-align: center;
white-space: nowrap;
}
.cc-banner .cc-btn:last-child {
min-width: 140px;
}
.cc-highlight .cc-btn:first-child {
background-color: transparent;
border-color: transparent;
}
.cc-highlight .cc-btn:first-child:focus,
.cc-highlight .cc-btn:first-child:hover {
background-color: transparent;
text-decoration: underline;
}
.cc-close {
display: block;
position: absolute;
top: 0.5em;
right: 0.5em;
font-size: 1.6em;
opacity: 0.9;
line-height: 0.75;
}
.cc-close:focus,
.cc-close:hover {
opacity: 1;
}
.cc-revoke.cc-top {
top: 0;
left: 3em;
border-bottom-left-radius: 0.5em;
border-bottom-right-radius: 0.5em;
}
.cc-revoke.cc-bottom {
bottom: 0;
left: 3em;
border-top-left-radius: 0.5em;
border-top-right-radius: 0.5em;
}
.cc-revoke.cc-left {
left: 3em;
right: unset;
}
.cc-revoke.cc-right {
right: 3em;
left: unset;
}
.cc-top {
top: 1em;
}
.cc-left {
left: 1em;
}
.cc-right {
right: 1em;
}
.cc-bottom {
bottom: 1em;
}
.cc-floating > .cc-link {
margin-bottom: 1em;
}
.cc-floating .cc-message {
display: block;
margin-bottom: 1em;
}
.cc-window.cc-floating .cc-compliance {
-ms-flex: 1;
flex: 1;
}
.cc-window.cc-banner {
-ms-flex-align: center;
align-items: center;
}
.cc-banner.cc-top {
left: 0;
right: 0;
top: 0;
}
.cc-banner.cc-bottom {
left: 0;
right: 0;
bottom: 0;
}
.cc-banner .cc-message {
-ms-flex: 1;
flex: 1;
}
.cc-compliance {
display: -ms-flexbox;
display: flex;
-ms-flex-align: center;
align-items: center;
-ms-flex-line-pack: justify;
align-content: space-between;
}
.cc-compliance > .cc-btn {
-ms-flex: 1;
flex: 1;
}
.cc-btn + .cc-btn {
margin-left: 0.5em;
}
@media print {
.cc-revoke,
.cc-window {
display: none;
}
}
@media screen and (max-width: 900px) {
.cc-btn {
white-space: normal;
}
}
@media screen and (max-width: 414px) and (orientation: portrait),
screen and (max-width: 736px) and (orientation: landscape) {
.cc-window.cc-top {
top: 0;
}
.cc-window.cc-bottom {
bottom: 0;
}
.cc-window.cc-banner,
.cc-window.cc-left,
.cc-window.cc-right {
left: 0;
right: 0;
}
.cc-window.cc-banner {
-ms-flex-direction: column;
flex-direction: column;
}
.cc-window.cc-banner .cc-compliance {
-ms-flex: 1;
flex: 1;
}
.cc-window.cc-floating {
max-width: none;
}
.cc-window .cc-message {
margin-bottom: 1em;
}
.cc-window.cc-banner {
-ms-flex-align: unset;
align-items: unset;
}
}
.cc-floating.cc-theme-classic {
padding: 1.2em;
border-radius: 5px;
}
.cc-floating.cc-type-info.cc-theme-classic .cc-compliance {
text-align: center;
display: inline;
-ms-flex: none;
flex: none;
}
.cc-theme-classic .cc-btn {
border-radius: 5px;
}
.cc-theme-classic .cc-btn:last-child {
min-width: 140px;
}
.cc-floating.cc-type-info.cc-theme-classic .cc-btn {
display: inline-block;
}
.cc-theme-edgeless.cc-window {
padding: 0;
}
.cc-floating.cc-theme-edgeless .cc-message {
margin: 2em 2em 1.5em;
}
.cc-banner.cc-theme-edgeless .cc-btn {
margin: 0;
padding: 0.8em 1.8em;
height: 100%;
}
.cc-banner.cc-theme-edgeless .cc-message {
margin-left: 1em;
}
.cc-floating.cc-theme-edgeless .cc-btn + .cc-btn {
margin-left: 0;
}

337
htdocs/www/css/errorpages.css Normal file
View File

@ -0,0 +1,337 @@
@import url('https://fonts.googleapis.com/css?family=Fira+Sans&display=swap');
body {
padding: 50px;
font: 14px/1.5 Lato, 'Helvetica Neue', Helvetica, Arial, sans-serif;
color: #777;
font-weight: 300;
padding: 1.5em 0;
}
/* Layout */
.jumbotron {
line-height: 2.1428571435;
color: inherit;
padding: 10px 0px;
}
/* Main marketing message and sign up button */
.jumbotron {
text-align: center;
background-color: transparent;
}
.jumbotron .btn {
font-size: 21px;
padding: 1.5em 2em;
}
/* Everything but the jumbotron gets side spacing for mobile-first views */
.masthead,
.body-content {
padding: 0 15px;
}
/* Colors */
.green {
color: green;
}
.orange {
color: orange;
}
.red {
color: red;
}
.blue {
color: blue;
}
.yellow {
color: yellow;
}
h2,
h3,
h4,
h5,
h6 {
color: #222;
margin: 0 0 40px;
}
p,
ul,
ol,
table,
pre,
dl {
margin: 0 0 20px;
}
h2,
h3 {
line-height: 1.1;
}
h1 {
line-height: 1.1;
text-align: center;
font: Lato;
font-size: 80px;
color: #222;
margin: 0 0 40px;
}
h2 {
color: #393939;
}
h3,
h4,
h5,
h6 {
color: #494949;
}
a {
color: #39c;
font-weight: 400;
text-decoration: none;
}
a small {
font-size: 11px;
color: #777;
margin-top: -0.6em;
display: block;
}
.wrapper {
width: 860px;
margin: 0 auto;
}
blockquote {
border-left: 1px solid #e5e5e5;
margin: 0;
padding: 0 0 0 20px;
font-style: italic;
}
.btn-block {
width: 40%;
text-align: center;
display: block;
margin: 0 auto;
}
code,
pre {
font-family: Monaco, Bitstream Vera Sans Mono, Lucida Console, Terminal;
color: #333;
font-size: 12px;
}
pre {
padding: 8px 15px;
background: #f8f8f8;
border-radius: 5px;
border: 1px solid #e5e5e5;
overflow-x: auto;
}
table {
width: 100%;
border-collapse: collapse;
}
th,
td {
text-align: left;
padding: 5px 10px;
border-bottom: 1px solid #e5e5e5;
}
dt {
color: #444;
font-weight: 700;
}
th {
color: #444;
}
img {
max-width: 100%;
}
header {
width: 270px;
float: left;
position: fixed;
}
header ul {
list-style: none;
height: 40px;
padding: 0;
background: #eee;
background: -moz-linear-gradient(top, #f8f8f8 0%, #dddddd 100%);
background: -webkit-gradient(
linear,
left top,
left bottom,
color-stop(0%, #f8f8f8),
color-stop(100%, #dddddd)
);
background: -webkit-linear-gradient(top, #f8f8f8 0%, #dddddd 100%);
background: -o-linear-gradient(top, #f8f8f8 0%, #dddddd 100%);
background: -ms-linear-gradient(top, #f8f8f8 0%, #dddddd 100%);
background: linear-gradient(top, #f8f8f8 0%, #dddddd 100%);
border-radius: 5px;
border: 1px solid #d2d2d2;
box-shadow: inset #fff 0 1px 0, inset rgba(0, 0, 0, 0.03) 0 -1px 0;
width: 270px;
}
header li {
width: 89px;
float: left;
border-right: 1px solid #d2d2d2;
height: 40px;
}
header ul a {
line-height: 1;
font-size: 11px;
color: #999;
display: block;
text-align: center;
padding-top: 6px;
height: 40px;
}
strong {
color: #222;
font-weight: 700;
}
header ul li + li {
width: 88px;
border-left: 1px solid #fff;
}
header ul li + li + li {
border-right: none;
width: 89px;
}
header ul a strong {
font-size: 14px;
display: block;
color: #222;
}
section {
width: 500px;
float: right;
padding-bottom: 50px;
}
small {
font-size: 11px;
}
hr {
border: 0;
background: #e5e5e5;
height: 1px;
margin: 0 0 20px;
}
footer {
width: 270px;
float: left;
position: fixed;
bottom: 50px;
}
@media print, screen and (max-width: 960px) {
div.wrapper {
width: auto;
margin: 0;
}
header,
section,
footer {
float: none;
position: static;
width: auto;
}
header {
padding-right: 320px;
}
section {
border: 1px solid #e5e5e5;
border-width: 1px 0;
padding: 20px 0;
margin: 0 0 20px;
}
header a small {
display: inline;
}
header ul {
position: absolute;
right: 50px;
top: 52px;
}
}
@media print, screen and (max-width: 720px) {
body {
word-wrap: break-word;
}
header {
padding: 0;
}
header ul,
header p.view {
position: static;
}
pre,
code {
word-wrap: normal;
}
}
@media print, screen and (max-width: 480px) {
body {
padding: 15px;
}
header ul {
display: none;
}
}
@media print {
body {
padding: 0.4in;
font-size: 12pt;
color: #444;
}
}

123
htdocs/www/css/index.css Normal file
View File

@ -0,0 +1,123 @@
@import url('https://fonts.googleapis.com/css?family=Fira+Sans&display=swap');
td,
th,
body {
font-family: 'Fira Sans', Verdana, Helvetica, sans-serif;
font-size: 14px;
font-weight: normal;
font-variant: normal;
text-transform: none;
text-decoration: none;
text-align: center;
align-items: center;
background-color: #333;
color: #fff;
background-image: url('../images/bg.png');
}
th {
background-color: #333;
color: #ffffff;
border-top: 1px solid #678ca0;
vertical-align: middle;
height: 50px;
}
td {
background-color: 333;
border-top: 1px solid #678ca0;
}
.box {
border: 1px solid #678ca0;
padding: 0px;
width: 100%;
background-color: #333;
margin-bottom: 10px;
width: 600px;
}
h5,
h3 {
padding: 3px;
margin-top: 0px;
margin-bottom: 0px;
background-color: #333;
color: white;
font-family: Verdana, Helvetica, sans-serif;
}
p {
text-align: center;
}
div {
text-align: center;
}
h3 {
font-size: 13px;
}
h5 {
font-size: 10px;
text-align: right;
background-color: #333;
color: #678ca0;
}
.spacer {
margin: 0px;
width: 100%;
background-color: #333;
}
.leftspacer {
margin: 0px;
padding: 5px;
width: 100%;
text-align: left;
background-color: #333;
}
.serviceup {
color: green;
}
.servicedown {
color: red;
}
p.main {
margin-top: 5px;
margin-bottom: 5px;
text-align: center;
font-size: 10px;
}
a {
text-decoration: none;
color: #5d83a9;
}
a:visited {
color: rgb(238, 130, 202);
}
a:hover {
font-style: italic;
color: #a296db !important;
}
a:active {
color: #c0f;
}
tr:hover {
background-color: #f5f5f5;
}
table {
width: 100%;
}

BIN
htdocs/www/favicon.ico Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 766 B

1
htdocs/www/health/index.json Normal file
View File

@ -0,0 +1 @@
{ "status": "ok" }

1
htdocs/www/health/index.txt Normal file
View File

@ -0,0 +1 @@
ok

BIN
htdocs/www/images/403.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 35 KiB

BIN
htdocs/www/images/404.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 93 KiB

BIN
htdocs/www/images/bg.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.2 KiB

BIN
htdocs/www/images/favicon.ico Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 766 B

BIN
htdocs/www/images/icon.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.9 KiB

1
htdocs/www/images/icon.svg Normal file
View File

@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" xml:space="preserve" viewBox="0 0 192 192"><path fill="#e08524" d="M75.3 73.4H18.4l45.3 34.3L48.3 163l46.1-32.3 48.2 34.6-16.9-58.3 44.9-33.6H115l-20.5-55-19.2 55z"/><path d="m96.7 18.8 18.2 8.2 16.5 44.3h-15.1L96.7 18.8zm-47 146 18.7 9.9 42.6-29.9-16.5-11.4-44.8 31.4zm79.1-56.8 17.4 9.4 18.6 60.1-19.7-11.3-16.3-58.2z"/><path d="m173.1 74.3 17.8 9.2-44.7 34-17.4-9.4 44.3-33.8z"/></svg>
Side by Side

After

Width:  |  Height:  |  Size: 429 B

104
htdocs/www/index.php Normal file
View File

@ -0,0 +1,104 @@
<!DOCTYPE html>
<html lang="en">
<head>
<!--
##@Version : 202303091846-git
# @@Author : Jason Hempstead
# @@Contact : git-admin@casjaysdev.com
# @@License : WTFPL
# @@ReadME :
# @@Copyright : Copyright: (c) 2023 Jason Hempstead, Casjays Developments
# @@Created : Thursday, Mar 09, 2023 18:46 EST
# @@File : index.php
# @@Description : php document
# @@Changelog : Updated header
# @@TODO :
# @@Other :
# @@Resource :
# @@Terminal App : no
# @@sudo/root : no
# @@Template : html
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-->
<meta charset="utf-8" />
<meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0" />
<meta name="robots" content="index, follow" />
<meta name="generator" content="CasjaysDev" />
<meta name="description" content="REPLACE_SERVER_SOFTWARE container" />
<meta property="og:title" content="REPLACE_SERVER_SOFTWARE container" />
<meta property="og:locale" content="en_US" />
<meta property="og:type" content="website" />
<meta property="og:image" content="./images/favicon.ico" />
<meta property="og:url" content="" />
<meta name="theme-color" content="#000000" />
<link rel="manifest" href="./site.webmanifest" />
<link rel="icon" type="image/icon png" href="./images/icon.png" />
<link rel="apple-touch-icon" href="./images/icon.png" />
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css" />
<link rel="stylesheet" type="text/css" href="./css/cookieconsent.css" />
<link rel="stylesheet" href="./css/bootstrap.css" />
<link rel="stylesheet" href="./css/index.css" />
<script src="./js/errorpages/isup.js"></script>
<script src="./js/errorpages/homepage.js"></script>
<script src="./js/errorpages/loaddomain.js"></script>
<script src="./js/jquery/default.js"></script>
<script src="./js/passprotect.min.js" defer></script>
<script src="./js/bootstrap.min.js" defer></script>
<script src="./js/app.js" defer></script>
</head>
<body class="container text-center" style="align-items: center; justify-content: center">
<h1 class="m-5">Congratulations</h1>
<h2>
Your REPLACE_SERVER_SOFTWARE container has been setup.<br />
This file is located in:
<?php echo $_SERVER['DOCUMENT_ROOT']; ?>
<br /><br />
SERVER:
<?php echo $_SERVER['SERVER_SOFTWARE']; ?> <br />
SERVER Address:
<?php echo $_SERVER['SERVER_ADDR']; ?> <br />
</h2>
<br /><br />
<br /><br />
<br /><br />
<!-- Begin EU compliant -->
<div class="text-center align-items-center fs-3">
<script src="https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js" data-cfasync="false"></script>
<script>
window.cookieconsent.initialise({
palette: {
popup: {
background: '#64386b',
text: '#ffcdfd',
},
button: {
background: '#f8a8ff',
text: '#3f0045',
},
},
theme: 'edgeless',
content: {
message:
'This site uses cookie and in accordance with the EU GDPR<br />law this message is being displayed.<br />',
dismiss: 'Dismiss',
link: 'CasjaysDev Privacy Policy',
href: 'https://casjaysdev.com/policy',
},
});
</script>
</div>
<!-- End EU compliant -->
</body>
</html>

63
htdocs/www/info.php Normal file
View File

@ -0,0 +1,63 @@
<!DOCTYPE html>
<html lang="en">
<head>
<!--
##@Version : 202303091846-git
# @@Author : Jason Hempstead
# @@Contact : git-admin@casjaysdev.com
# @@License : WTFPL
# @@ReadME :
# @@Copyright : Copyright: (c) 2023 Jason Hempstead, Casjays Developments
# @@Created : Thursday, Mar 09, 2023 18:46 EST
# @@File : info.php
# @@Description : html document
# @@Changelog : Updated header
# @@TODO :
# @@Other :
# @@Resource :
# @@Terminal App : no
# @@sudo/root : no
# @@Template : html
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-->
<meta charset="utf-8" />
<meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0" />
<meta name="robots" content="index, follow" />
<meta name="generator" content="CasjaysDev" />
<meta name="description" content="REPLACE_SERVER_SOFTWARE container" />
<meta property="og:title" content="REPLACE_SERVER_SOFTWARE container" />
<meta property="og:locale" content="en_US" />
<meta property="og:type" content="website" />
<meta property="og:image" content="./images/favicon.ico" />
<meta property="og:url" content="" />
<meta name="theme-color" content="#000000" />
<link rel="manifest" href="./site.webmanifest" />
<link rel="icon" type="image/icon png" href="./images/icon.png" />
<link rel="apple-touch-icon" href="./images/icon.png" />
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css" />
<script src="./js/errorpages/isup.js"></script>
<script src="./js/errorpages/homepage.js"></script>
<script src="./js/errorpages/loaddomain.js"></script>
<script src="./js/jquery/default.js"></script>
<script src="./js/passprotect.min.js" defer></script>
<script src="./js/app.js" defer></script>
</head>
<body>
<div class="container" style="text-align: center; align-items: center">
<br /><br />
<h1 class="m-5">Congratulations PHP has been successfully configured</h1>
<br /><br />
<?php phpinfo(); ?>
<br /><br />
</div>
</body>
</html>

0
htdocs/www/js/app.js Normal file
View File

4075
htdocs/www/js/bootstrap.min.js vendored Normal file
View File

File diff suppressed because it is too large Load Diff

6
htdocs/www/js/errorpages/homepage.js Normal file
View File

@ -0,0 +1,6 @@
function homepage() {
let proto = location.protocol;
let port = location.port;
let currentSite = window.location.hostname;
window.location = proto + '//' + currentSite + ':' + port;
}

7
htdocs/www/js/errorpages/isup.js Normal file
View File

@ -0,0 +1,7 @@
function isupme() {
let proto = location.protocol;
let port = location.port;
let currentSite = window.location.hostname;
fullurllocation = proto + '//' + currentSite + ':' + port;
window.location = 'http://isup.me/' + fullurllocation;
}

7
htdocs/www/js/errorpages/loaddomain.js Normal file
View File

@ -0,0 +1,7 @@
function loadDomain() {
let proto = location.protocol;
let port = location.port;
let url = location.hostname;
var display = document.getElementById('display-domain');
display.innerHTML = proto + '//' + url + ':' + port;
}

20
htdocs/www/js/errorpages/scale.fix.js Normal file
View File

@ -0,0 +1,20 @@
var metas = document.getElementsByTagName('meta');
var i;
if (navigator.userAgent.match(/iPhone/i)) {
for (i = 0; i < metas.length; i++) {
if (metas[i].name == 'viewport') {
metas[i].content =
'width=device-width, minimum-scale=1.0, maximum-scale=1.0';
}
}
document.addEventListener('gesturestart', gestureStart, false);
}
function gestureStart() {
for (i = 0; i < metas.length; i++) {
if (metas[i].name == 'viewport') {
metas[i].content =
'width=device-width, minimum-scale=0.25, maximum-scale=1.6';
}
}
}

5540
htdocs/www/js/jquery/default.js vendored Normal file
View File

File diff suppressed because it is too large Load Diff

2294
htdocs/www/js/passprotect.min.js vendored Normal file
View File

File diff suppressed because one or more lines are too long

14
htdocs/www/site.webmanifest Normal file
View File

@ -0,0 +1,14 @@
{
"short_name": "",
"name": "",
"icons": [
{
"src": "./images/icon.png",
"type": "image/png",
"sizes": "192x192"
}
],
"start_url": "/",
"background_color": "#000000",
"theme_color": "#ffffff"
}

115
init/bin/act-runner Normal file
View File

@ -0,0 +1,115 @@
#!/usr/bin/env bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
printf '%s\n' "# - - - Initializing act_runner - - - #"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_NAME="act_runner"
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run trap command on exit
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Default predefined variables
exitCode=0 # default exit code
WORKDIR="" # set working directory
DATA_DIR="/data" # set data directory
RUN_DIR="/run/init.d" # set scripts pid dir
ETC_DIR="/etc/act_runner" # set etc directory
CONF_DIR="/config/act_runner" # set config directory
LOG_DIR="/data/logs/act_runner" # set log directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# execute command variables
SERVICE_UID="0" # set the user id
SERVICE_USER="root" # execute command as another user
EXEC_CMD_BIN="act_runner" # command to execute
EXEC_CMD_ARGS="daemon " # command arguments
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional variables
GITEA_PORT="${GITEA_PORT:-$SERVICE_PORT}"
RUNNER_AUTH_TOKEN="${RUNNER_AUTH_TOKEN:-}"
GITEA_HOSTNAME="${GITEA_SERVER:-${DOMAINNAME:-$HOSTNAME}}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# simple cd function
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# process check functions
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
__pgrep() { __pcheck "${1:-EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# check if process is already running
__proc_check() {
local cmd_bin="" cmd_name=""
cmd_bin="${1:-$EXEC_CMD_BIN}"
cmd_name="$(basename "$cmd_bin")"
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
SERVICE_IS_RUNNING="true"
touch "$SERVICE_PID_FILE"
echo "$cmd_name is already running"
return 0
else
return 1
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# create directories
[ -d "$RUN_DIR" ] || mkdir -p "$RUN_DIR"
[ -d "$LOG_DIR" ] || mkdir -p "$LOG_DIR"
[ -d "$CONF_DIR" ] || mkdir -p "$CONF_DIR"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# create directories if variable is yes
[ "$IS_WEB_SERVER" = "yes" ] && { [ -d "$WWW_DIR" ] || mkdir -p "$WWW_DIR"; }
[ "$IS_DATABASE_SERVICE" = "yes" ] && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# copy config files
[ -d "$CONF_DIR" ] && cp -Rf "$CONF_DIR/." "$ETC_DIR/"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# custom commands
if [ ! -f "$CONF_DIR/default.conf" ]; then
echo "# Settings for the default gitea runner" >"$CONF_DIR/default.conf"
echo "RUNNER_NAME=\"local\"" >>"$CONF_DIR/default.conf"
echo "RUNNER_LABELS=\"ubuntu-latest\"" >>"$CONF_DIR/default.conf"
echo "RUNNER_AUTH_TOKEN=\"${RUNNER_AUTH_TOKEN:-}\"" >>"$CONF_DIR/default.conf"
echo "GITEA_HOSTNAME=\"${GITEA_HOSTNAME:-}\"" >>"$CONF_DIR/default.conf"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# fix permissions
chmod -f 777 "$LOG_DIR" "$RUN_DIR"
[ -d "$DATABASE_DIR" ] && chmod -f 777 "$DATABASE_DIR"
if [ -n "$SERVICE_USER" ] && [ "$SERVICE_USER" != "root" ]; then
if grep -s -q "$SERVICE_USER:" "/etc/passwd"; then
chown -Rf $SERVICE_USER:$SERVICE_USER "$ETC_DIR" "$WWW_DIR" "$LOG_DIR" && echo "changed ownership to $SERVICE_USER"
fi
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Initialize runners
for runner in "$CONF_DIR"/*.conf; do
runner_name="$(basename "$runner")"
runner_name="${runner_name//.conf/}"
RUNNER_LABELS="linux"
RUNNER_NAME="$runner_name"
GITEA_HOSTNAME="${GITEA_HOSTNAME:-$HOSTNAME}"
while :; do
[ -f "$RUN_DIR/act_runner.$RUNNER_NAME.pid" ] && break
if [ -z "$RUNNER_AUTH_TOKEN" ]; then
echo "Error: Can not start runner: RUNNER_AUTH_TOKEN is not set" >&2
echo "visit $GITEA_HOSTNAME:$GITEA_PORT/admin/runners" >&2
echo "And edit $runner" >&2
fi
[ -f "$runner" ] && . "$runner"
if [ -n "$RUNNER_AUTH_TOKEN" ]; then
echo "RUNNER_AUTH_TOKEN has been set"
(act_runner register --labels "$RUNNER_LABELS" --name "$RUNNER_NAME" --instance "http://$GITEA_HOSTNAME" --token "$RUNNER_AUTH_TOKEN" --no-interactive || return 1) &
[ $? -eq 0 ] && echo "$!" >"$RUN_DIR/act_runner.$RUNNER_NAME.pid"
break
else
sleep 120
fi
done
done
echo "$$" >"$RUN_DIR/act_runner.pid"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
exit $exitCode

42
init/bin/buildah-build Executable file
View File

@ -0,0 +1,42 @@
#!/usr/bin/env bash
# shellcheck shell=bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
##@Version : 202303142021-git
# @@Author : Jason Hempstead
# @@Contact : jason@casjaysdev.com
# @@License : LICENSE.md
# @@ReadME : build-project --help
# @@Copyright : Copyright: (c) 2023 Jason Hempstead, Casjays Developments
# @@Created : Tuesday, Mar 14, 2023 20:21 EDT
# @@File : build-project
# @@Description :
# @@Changelog : New script
# @@TODO : Better documentation
# @@Other :
# @@Resource :
# @@Terminal App : no
# @@sudo/root : no
# @@Template : shell/sh
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
HOME="${USER_HOME:-$HOME}"
USER="${SUDO_USER:-$USER}"
RUN_USER="${SUDO_USER:-$USER}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Export variables
WORKDIR="${WORKDIR:-/data/build}"
BUILDAH_ISOLATION="${BUILDAH_ISOLATION:-chroot}"
PLATFORMS="${PLATFORMS:---platform=linux/amd64,linux/arm64}"
DOCKER_FILE="${*:-$(find "$WORKDIR" -maxdepth 10 -name 'Dockerfile*' 2>/dev/null | grep '^' || false)}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Main application
if [ -n "$DOCKER_FILE" ]; then
for file in $DOCKER_FILE; do
buildah build $PLATFORMS "$file"
done
else
echo "Can not find any dockerfiles in /data/build"
exit 1
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# End application
# ex: ts=2 sw=2 et filetype=sh

147
init/bin/ddns Executable file
View File

@ -0,0 +1,147 @@
#!/usr/bin/env bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
##@Version : 202303291250-git
# @@Author : Jason Hempstead
# @@Contact : git-admin@casjaysdev.com
# @@License : WTFPL
# @@ReadME : ddns --help
# @@Copyright : Copyright: (c) 2023 Jason Hempstead, Casjays Developments
# @@Created : Wednesday, Mar 29, 2023 12:50 EDT
# @@File : ddns
# @@Description : newScript
# @@Changelog : newScript
# @@TODO : Refactor code
# @@Other :
# @@Resource :
# @@Terminal App : no
# @@sudo/root : no
# @@Template : bash/system
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
APPNAME="$(basename "$0")"
VERSION="202303291250-git"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Set bash options
set -o pipefail
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__run_dns() { named-checkconf -z "/etc/named.conf" && named -c "/etc/named.conf" || return 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SHORT_HOST="$(hostname -s)"
DOMAIN_HOST="${DOMAIN_NAME:-$(hostname -f || echo 'test')}"
NETDEV="$(ip route 2>/dev/null | grep default | sed -e "s/^.*dev.//" -e "s/.proto.*//" | awk '{print $1}')"
IPV4_ADDR="$(ifconfig $NETDEV 2>/dev/null | grep -E "venet|inet" | grep -v "127.0.0." | grep 'inet' | grep -v inet6 | awk '{print $2}' | sed s/addr://g | head -n1 | grep '^' || echo '')"
IPV6_ADDR="$(ifconfig "$NETDEV" 2>/dev/null | grep -E "venet|inet" | grep 'inet6' | grep -i global | awk '{print $2}' | head -n1 | grep '^' || echo '')"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
DATE="$(date +'%Y%m%d%M')"
OLD_DATE="${OLD_DATE:-2018020901}"
DOMAIN_NAME="${DOMAIN_NAME:-$FULL_HOST}"
IPV4_ADDR_GATEWAY="$(ip route show default | awk '/default/ {print $3}' | head -n1 | grep '^' || echo '')"
IPV4_ADDR="${IPV4_ADDR:-10.0.0.2}"
IPV4_ADDR_SUBNET="${IPV4_ADDR_SUBNET:-10.0.0.0}"
IPV4_ADDR_START="${IPV4_ADDR_START:-10.0.100.1}"
IPV4_ADDR_END="${IPV4_ADDR_END:-10.0.100.254}"
IPV4_ADDR_NETMASK="${IPV4_ADDR_NETMASK:-255.255.0.0}"
IPV4_ADDR_GATEWAY="${IPV4_ADDR_GATEWAY:-10.0.0.1}"
IPV6_ADDR="${IP6_ADDR:-2001:0db8:edfa:1234::2}"
IPV6_ADDR_SUBNET="${IPV6_ADDR_SUBNET:-2001:0db8:edfa:1234::}"
IPV6_ADDR_START="${IPV6_ADDR_START:-2001:0db8:edfa:1234:5678::1}"
IPV6_ADDR_END="${IPV6_ADDR_END:-2001:0db8:edfa:1234:5678::ffff}"
IPV6_ADDR_NETMASK="${IPV6_ADDR_NETMASK:-64}"
IPV6_ADDR_GATEWAY="${IPV6_ADDR_GATEWAY:-2001:0db8:edfa:1234::1}"
[ "$DOMAIN_NAME" == "local" ] && DOMAIN_NAME="test"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[ -f "/config/rndc.key" ] || rndc-confgen -a -c /etc/rndc.key &>>/data/logs/named.log
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
RNDC_KEY="$(cat "/etc/rndc.key" | grep 'secret' | awk '{print $2}' | sed 's|;||g;s|"||g')"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[ -f "/config/rndc.key" ] || cp -Rf "/etc/rndc.key" "/config/rndc.key" &>>/data/logs/entrypoint.log
[ -f "/config/rndc.conf" ] || { [ -f "/etc/rndc.conf" ] && cp -Rf "/etc/rndc.conf" "/config/rndc.conf" &>>/data/logs/entrypoint.log; }
[ -d "/run/tor" ] || mkdir -p "/run/tor" &>>/data/logs/entrypoint.log
[ -d "/etc/dhcp" ] || mkdir -p "/etc/dhcp" &>>/data/logs/entrypoint.log
[ -d "/run/dhcp" ] || mkdir -p "/run/dhcp" &>>/data/logs/entrypoint.log
[ -d "/var/tftpboot" ] && [ ! -d "/data/tftp" ] && mv -f "/var/tftpboot" "/data/tftp" &>>/data/logs/entrypoint.log
[ -d "/var/lib/dhcp" ] || mkdir -p "/var/lib/dhcp" &>>/data/logs/entrypoint.log
[ -d "/data/tor" ] || cp -Rf "/var/lib/tor" "/data/tor" &>>/data/logs/entrypoint.log
[ -d "/data/htdocs/www" ] || cp -Rf "/var/lib/ddns/data/htdocs/www" "/data/htdocs/www" &>>/data/logs/entrypoint.log
[ -d "/data/named" ] || cp -Rf "/var/lib/ddns/data/named" "/data/named" &>>/data/logs/entrypoint.log
[ -d "/config/tor" ] || cp -Rf "/var/lib/ddns/config/tor" "/config/tor" &>>/data/logs/entrypoint.log
[ -d "/config/dhcp" ] || cp -Rf "/var/lib/ddns/config/dhcp" "/config/dhcp" &>>/data/logs/entrypoint.log
[ -d "/config/named" ] || cp -Rf "/var/lib/ddns/config/named" "/config/named" &>>/data/logs/entrypoint.log
[ -f "/config/radvd.conf" ] || cp -Rf "/var/lib/ddns/config/radvd.conf" "/config/radvd.conf" &>>/data/logs/entrypoint.log
[ -f "/config/named.conf" ] || cp -Rf "/var/lib/ddns/config/named.conf" "/config/named.conf" &>>/data/logs/entrypoint.log
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
find "/config" "/data" -type f -exec sed -i 's|'${OLD_DATE:-2018020901}'|'$DATE'|g' {} \;
find "/config" "/data" -type f -exec sed -i 's|REPLACE_DOMAIN|'$DOMAIN_NAME'|g' {} \;
find "/config" "/data" -type f -exec sed -i 's|REPLACE_WITH_RNDC_KEY|'$RNDC_KEY'|g' {} \;
find "/config" "/data" -type f -exec sed -i 's|REPLACE_IPV4_ADDRESS|'$IPV4_ADDR'|g' {} \;
find "/config" "/data" -type f -exec sed -i 's|REPLACE_IPV4_ADDR_START|'$IPV4_ADDR_START'|g' {} \;
find "/config" "/data" -type f -exec sed -i 's|REPLACE_IPV4_ADDR_END|'$IPV4_ADDR_END'|g' {} \;
find "/config" "/data" -type f -exec sed -i 's|REPLACE_IPV4_SUBNET|'$IPV4_ADDR_SUBNET'|g' {} \;
find "/config" "/data" -type f -exec sed -i 's|REPLACE_IPV4_NETMASK|'$IPV4_ADDR_NETMASK'|g' {} \;
find "/config" "/data" -type f -exec sed -i 's|REPLACE_IPV4_GATEWAY|'$IPV4_ADDR_GATEWAY'|g' {} \;
find "/config" "/data" -type f -exec sed -i 's|REPLACE_IPV6_ADDRESS|'$IPV6_ADDR'|g' {} \;
find "/config" "/data" -type f -exec sed -i 's|REPLACE_IPV6_ADDR_START|'$IPV6_ADDR_START'|g' {} \;
find "/config" "/data" -type f -exec sed -i 's|REPLACE_IPV6_ADDR_END|'$IPV6_ADDR_END'|g' {} \;
find "/config" "/data" -type f -exec sed -i 's|REPLACE_IPV6_SUBNET|'$IPV6_ADDR_SUBNET'|g' {} \;
find "/config" "/data" -type f -exec sed -i 's|REPLACE_IPV6_NETMASK|'$IPV6_ADDR_NETMASK'|g' {} \;
find "/config" "/data" -type f -exec sed -i 's|REPLACE_IPV6_GATEWAY|'$IPV6_ADDR_GATEWAY'|g' {} \;
if [ -f "/config/named.conf" ]; then
echo "Initializing named" &>>/data/logs/entrypoint.log
rm -R /data/logs/dns/* &>>/data/logs/entrypoint.log
cp -Rf "/config/named.conf" "/etc/named.conf"
[ -d "/data/logs/dns" ] || mkdir -p "/data/logs/dns"
[ -d "/data/named" ] && cp -Rf "/data/named" "/var/named"
[ -d "/config/named" ] && cp -Rf "/config/named" "/etc/named"
[ -f "/config/rndc.key" ] && cp -Rf "/config/rndc.key" "/etc/rndc.key"
[ -f "/config/rndc.conf" ] && cp -Rf "/config/rndc.conf" "/etc/rndc.conf"
chmod -f 777 "/data/logs/dns"
__run_dns &>>/data/logs/named.log &
sleep .5
fi
if [ -n "$IP6_ADDR" ]; then
if [ -f "/config/dhcp/dhcpd6.conf" ]; then
echo "Initializing dhcpd6" &>>/data/logs/entrypoint.log
cp -Rf "/config/dhcp/dhcpd6.conf" "/etc/dhcp/dhcpd6.conf"
touch /var/lib/dhcp/dhcpd6.leases
dhcpd -6 -cf /etc/dhcp/dhcpd6.conf &>>/data/logs/dhcpd6.log &
sleep .5
fi
if [ -f "/config/radvd.conf" ]; then
echo "Initializing radvd" &>>/data/logs/entrypoint.log
cp -Rf "/config/radvd.conf" "/etc/radvd.conf"
radvd -C /etc/radvd.conf &>>/data/logs/radvd.log &
sleep .5
fi
fi
if [ -f "/config/dhcp/dhcpd4.conf" ]; then
echo "Initializing dhcpd4" &>>/data/logs/entrypoint.log
cp -Rf "/config/dhcp/dhcpd4.conf" "/etc/dhcp/dhcpd4.conf"
touch /var/lib/dhcp/dhcpd.leases
dhcpd -4 -cf /etc/dhcp/dhcpd4.conf &>>/data/logs/dhcpd4.log &
sleep .5
fi
if [ -d "/config/tor" ]; then
echo "Initializing tor" &>>/data/logs/entrypoint.log
[ -d "/config/tor" ] && cp -Rf "/config/tor" "/etc/tor"
chown -Rf root:root "/var/lib/tor"
chmod 700 "/run/tor"
tor -f "/etc/tor/torrc" &>>/data/logs/tor.log &
fi
if [ -d "/data/tftp" ]; then
echo "Initializing tftp" &>>/data/logs/entrypoint.log
rm -Rf "/var/tftpboot"
ln -sf "/data/tftp" "/var/tftpboot"
in.tftpd -vv -L "/var/tftpboot" &>/data/logs/tftpd.log &
fi
if [ -f "/data/htdocs/www/index.php" ]; then
echo "Initializing web on $IPV4_ADDR" &>>/data/logs/entrypoint.log
nginx -c "/etc/nginx/nginx.conf" &>>/data/logs/nginx.log &
sleep .5
fi
sleep 5
date +'%Y-%m-%d %H:%M' >/data/logs/entrypoint.log
echo "Initializing completed" &>>/data/logs/entrypoint.log
tail -n 80 -f /data/logs/*.log

105
init/bin/docker-buildx Normal file
View File

@ -0,0 +1,105 @@
#!/usr/bin/env bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
##@Version : 202210141608-git
# @@Author : Jason Hempstead
# @@Contact : git-admin@casjaysdev.com
# @@License : LICENSE.md
# @@ReadME : buildx --help
# @@Copyright : Copyright: (c) 2022 Jason Hempstead, Casjays Developments
# @@Created : Friday, Oct 14, 2022 16:08 EDT
# @@File : buildx
# @@Description : Docker buildx wrapper
# @@Changelog : New script
# @@TODO : Refactor code
# @@Other :
# @@Resource :
# @@Terminal App : no
# @@sudo/root : no
# @@Template : bash/system
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Set bash options
[ -n "$DEBUG" ] && set -x
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Set functions
__image_exists() { docker ps -a 2>&1 | grep -q "$1" || return 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__buildx() {
local exitStatus=0 reg_tag="${1:-$TAG_NAME}" dir="${directory:-.}"
[ -n "$platforms" ] && build_platforms="--platform ${platforms/ /,}"
#[ -d "$PWD/.git" ] && git pull -q && echo "Updating git repo"
# Initialize
echo "Setting target platform to $platforms"
__image_exists "$qemu_imagename" || { echo "Initializing $qemu_imagename" && docker run -d --name "$qemu_imagename" --privileged multiarch/qemu-user-static --reset -p yes &>/dev/null; } #|| { echo "Failed to Initialize" && exit 1; }
__image_exists "$binfmt_imagename" || { echo "Initializing $binfmt_imagename" && docker run -d --name "$binfmt_imagename" --privileged tonistiigi/binfmt --install all &>/dev/null; } #|| { echo "Failed to Initialize" && exit 1; }
__image_exists "$buildername" || { echo "Setting the buildername to $buildername" && docker buildx create --driver docker-container --driver-opt network=host --driver-opt image=moby/buildkit:master --name "$buildername" --use &>/dev/null; } #|| { echo "Failed to Initialize" && exit 1; }
docker buildx use "$buildername" &>/dev/null #|| { echo "Failed to Initialize" && exit 1; }
docker buildx inspect --bootstrap &>/dev/null #|| { echo "Failed to Initialize" && exit 1; }
# Build
echo "Building $reg_tag"
eval docker buildx build --rm --pull \
--push --no-cache $build_platforms \
--progress auto --output=type=registry \
$reg_tag "$dir" || exitStatus=1
[ "$exitStatus" -eq 0 ] || echo "Failed to build $reg_tag"
# Cleanup
__image_exists "$buildername" && docker rm -f "$buildername" &>/dev/null
__image_exists "$qemu_imagename" && docker rm -f "$qemu_imagename" &>/dev/null
__image_exists "$binfmt_imagename" && docker rm -f "$binfmt_imagename" &>/dev/null
return $exitStatus
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[ -f "/root/.docker/config.json" ] || { echo "/root/.docker/config.json Does not exist did you mount it?" && exit 1; }
[ -d "/tmp/build" ] && cd "/tmp/build" || { echo "/tmp/build Does not exist did you mount your project?" && exit 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Set additional variables
[ -f "$PWD/.env.sh" ] && . "$PWD/.env.sh"
[ -f "$1" ] && docker_file="$1" && shift 1 || docker_file="${FILE:-}"
[ -d "$1" ] && [ -f "$1/Dockerfile" ] && docker_file="$1/Dockerfile" && shift 1 || docker_file="${FILE:-}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
TAG_NAME="${1:-$TAGS}"
REGISTRY="${REGISTRY:-}"
ORG="${ORG:-casjaysdevdocker}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
exitCode=0
buildername="mybuilder"
qemu_imagename="buildx-qemu"
binfmt_imagename="buildx-binfmt"
platforms="${PLATFORMS:-linux/amd64,linux/arm64}"
docker_files="$(find "/tmp/build" -name 'Dockerfile*' 2>/dev/null | sort -u | grep '^' || false)"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
export DOCKER_CLI_EXPERIMENTAL="enabled"
echo "$TAG_NAME" | grep -q ':' || TAG_NAME="$TAG_NAME:latest"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[ -n "$docker_file" ] || [ -n "$docker_files" ] || { echo "USAGE: buildx [dir] [tagname]" && exit 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
clear
if [ -z "$(pgrep -x dockerd)" ]; then
echo "Starting dockerd"
start-docker.sh &>/dev/null &
sleep 10
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Main application
if [ -n "$docker_file" ]; then
[ -n "$TAG_NAME" ] || { echo "USAGE: buildx [dir] [tagname]" && exit 1; }
directory="$(dirname "$docker_file")"
[ -n "$REGISTRY" ] && tag_name="$REGISTRY/$TAG_NAME" || tag_name="$TAG_NAME"
tag_name="$(echo "$REGISTRY/$TAG_NAME" | tr '[:upper:]' '[:lower:]')"
cd "$directory" && __buildx "$tag_name" || exitCode+="$((exitCode + 1))"
elif [ -n "$docker_files" ]; then
for file in $docker_files; do
directory="$(dirname "$file")"
image_name="$(echo $ORG/$(basename "$directory") | tr '[:upper:]' '[:lower:]')"
[ -n "$REGISTRY" ] && tag_name="$REGISTRY/$image_name:latest" || tag_name="$image_name:latest"
cd "$directory" && __buildx "$tag_name" || exitCode+="$((exitCode + 1))"
done
else
echo "Can not find a Dockerfile in /tmp/build"
exitCode=10
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
exit $exitCode
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# end

487
init/done/00-couchdb.sh Executable file
View File

@ -0,0 +1,487 @@
#!/usr/bin/env bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
printf '%s\n' "# - - - Initializing couchdb - - - #"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_NAME="couchdb"
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run trap command on exit
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import the functions file
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
. "/usr/local/etc/docker/functions/entrypoint.sh"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import variables
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
[ -f "$set_env" ] && . "$set_env"
done
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Custom functions
__curl() { curl -q -LSsf --user "$root_user_name:$root_user_pass" "$@"; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__curl_users() { __curl -X PUT -H 'Accept: application/json' -H 'Content-Type: application/json' 'http://'$COUCHDB_SERVER':'$SERVICE_PORT'/_users/org.couchdb.user:'$1'' -d "{\"name\": \"$1\", \"password\": \"$2\", \"roles\": [], \"type\": \"user\"}" || return 2; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__curl_database() { curl -q -LSsf -X PUT 'http://'$root_user_name:$root_user_pass'@'$COUCHDB_SERVER':'$SERVICE_PORT'/'$1'' || return 2; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Show message before execute
PRE_EXEC_MESSAGE=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Default predefined variables
WORKDIR="" # set working directory
DATA_DIR="/data" # set data directory
WWW_DIR="/data/htdocs/www" # set the web root
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ETC_DIR="/opt/couchdb/etc" # set etc directory
CONF_DIR="/config/couchdb" # set config directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
RUN_DIR="/run/init.d" # set scripts pid dir
LOG_DIR="/data/logs/couchdb" # set log directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set the database directory
DATABASE_DIR="${DATABASE_DIR_COUCHDB:-/data/db/couchdb}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional predefined variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# port which service is listening on
SERVICE_PORT="5984"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# execute command variables
SERVICE_UID="0" # set the user id
SERVICE_USER="root" # execute command as another user
EXEC_CMD_BIN="couchdb" # command to execute
EXEC_CMD_ARGS="-vvvvv" # command arguments
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a web server
IS_WEB_SERVER="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a database server
IS_DATABASE_SERVICE="yes"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional variables
NODENAME="${NODENAME:-}"
CREATE_DATABASE="${CREATE_DATABASE:-}"
COUCHDB_SERVER="${COUCHDB_SERVER:-localhost}"
COUCHDB_ROOT_USER_NAME="${COUCHDB_USER:-root}"
COUCHDB_ROOT_PASS_WORD="${COUCHDB_PASSWORD:-$(__random_password)}"
COUCHDB_ERLANG_COOKIE="${COUCHDB_ERLANG_COOKIE:-}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# usernames
user_name="${COUCHDB_USER_NAME:-}" # normal user name
root_user_name="${COUCHDB_ROOT_USER_NAME:-}" # root user name
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# passwords [password/random]
user_pass="${COUCHDB_USER_PASS_WORD:-}" # normal user password
root_user_pass="${COUCHDB_ROOT_PASS_WORD:-}" # root user password
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Overwrite variables from files
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Specifiy custom directories to be created
ADD_APPLICATION_FILES=""
ADD_APPLICATION_DIRS=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
APPLICATION_FILES="$LOG_DIR/couchdb.log"
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__update_conf_files() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
# delete files
[ -e "/opt/couchdb/data" ] && rm -rf "/opt/couchdb/data"
# define actions
# create default directories
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
(
echo "Creating directory $filedirs with permissions 777"
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create default files
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
(
echo "Creating file $application_files with permissions 777"
touch "$application_files" && chmod -Rf 777 "$application_files"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create directories if variable is yes"
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
# copy config files to system
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
# replace variables
__replace "REPLACE_DATABASE_DIR" "$DATABASE_DIR" "$ETC_DIR/default.ini"
# custom commands
touch "$ETC_DIR/local.d/docker.ini" 2>/dev/null
ln -sf "$DATABASE_DIR" "/opt/couchdb/data" 2>/dev/null
# other
# unset unneeded variables
unset application_files filedirs
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run before executing
__pre_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
# define commands
# execute if directories is empty
#__is_dir_empty "" &&
# create user if needed
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
# set user on files/folders
if [ -n "$user" ] && [ "$user" != "root" ]; then
if grep -s -q "$user:" "/etc/passwd"; then
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
fi
fi
# unset unneeded variables
unset filesperms filename
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run after executing
__post_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
local user_name="${user_name:-$root_user_name}" # set user name
local user_pass="${user_pass:-$root_user_pass}" # set user pass
sleep 60 # how long to wait before executing
echo "Running post commands" # message
# execute commands
if ! __curl "http://$COUCHDB_SERVER:$SERVICE_PORT/_users" | grep -q 'db_name":"_users'; then
echo "Creating the _users databases"
if __curl_database "_users" | grep -qE '200|"ok":true'; then
echo "Created database _users"
else
echo "Failed to create database _users" >&2
fi
sleep 1
fi
if ! __curl "http://$COUCHDB_SERVER:$SERVICE_PORT/_replicator" | grep -q 'db_name":"_replicator'; then
echo "Creating the _replicator databases"
if __curl_database "_replicator" | grep -qE '200|"ok":true'; then
echo "Created database _replicator"
else
echo "Failed to create database _replicator" >&2
fi
sleep 1
fi
if ! __curl "http://$COUCHDB_SERVER:$SERVICE_PORT/_global_changes" | grep -q 'db_name":"_global_changes'; then
echo "Creating the _global_changes databases"
if __curl_database "_global_changes" | grep -qE '200|"ok":true'; then
echo "Created database _global_changes"
else
echo "Failed to create database _global_changes" >&2
fi
sleep 1
fi
if [ -n "$user_name" ] && [ -n "$user_pass" ]; then
echo "Creating new user $username"
if __curl_users "$user_name" "$user_pass"; then
echo "Created user: $user_name"
else
echo "Failed to create user: $user_name" >&2
fi
fi
if [ -n "$CREATE_DATABASE" ]; then
echo "Creating database: $CREATE_DATABASE"
__curl_database "$CREATE_DATABASE" || echo "Failed to create database: $CREATE_DATABASE" >&2
fi
echo ""
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__pre_message() {
local exitCode=0
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to setup ssl support
__update_ssl_conf() {
local exitCode=0
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__create_env() {
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
EOF
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# script to start server
__run_start_script() {
local user="${SERVICE_USER:-root}"
local workdir="${WORKDIR:-$WORK_DIR}"
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
local home="${workdir//\/root/\/tmp\/docker}"
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
if [ -z "$EXEC_CMD_BIN" ]; then
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
echo "Initializing $SCRIPT_NAME has completed"
else
# ensure the command exists
if [ ! -x "$EXEC_CMD_BIN" ]; then
echo "$EXEC_CMD_NAME is not a valid executable"
exit 2
fi
# set working directories
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
[ "$home" = "/root" ] && home="/tmp/docker"
[ "$home" = "$workdir" ] && workdir=""
# create needed directories
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
# check and exit if already running
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
echo "$EXEC_CMD_NAME is already running" >&2
exit 0
else
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
su_cmd touch "$SERVICE_PID_FILE"
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
if [ -n "$NODENAME" ] && ! grep "couchdb@" /opt/couchdb/etc/vm.args; then
echo "-name couchdb@$NODENAME" >>/opt/couchdb/etc/vm.args
fi
if [ -n "$root_user_name" ] && [ -n "$root_user_pass" ]; then
if ! grep -Pzoqr "\[admins\]\n$root_user_name =" /opt/couchdb/etc/local.d/*.ini /opt/couchdb/etc/local.ini; then
printf "\n[admins]\n%s = %s\n" "$root_user_name" "$root_user_pass" >>/opt/couchdb/etc/local.d/docker.ini
fi
fi
if [ -n "$COUCHDB_SECRET" ]; then
if ! grep -Pzoqr "\[chttpd_auth\]\nsecret =" /opt/couchdb/etc/local.d/*.ini /opt/couchdb/etc/local.ini; then
printf "\n[chttpd_auth]\nsecret = %s\n" "$COUCHDB_SECRET" >>/opt/couchdb/etc/local.d/docker.ini
fi
fi
if [ -n "$COUCHDB_ERLANG_COOKIE" ]; then
cookieFile='/opt/couchdb/.erlang.cookie'
if [ -e "$cookieFile" ]; then
if [ "$(cat "$cookieFile" 2>/dev/null)" != "$COUCHDB_ERLANG_COOKIE" ]; then
echo >&2
echo >&2 "warning: $cookieFile contents do not match COUCHDB_ERLANG_COOKIE"
echo >&2
fi
else
echo "$COUCHDB_ERLANG_COOKIE" >"$cookieFile"
fi
chmod 600 "$cookieFile"
fi
if [ "$(id -u)" = '0' ]; then
find /opt/couchdb \! \( -user couchdb -group couchdb \) -exec chown -f $SERVICE_USER:$SERVICE_USER '{}' +
find /opt/couchdb/data -type d ! -perm 0755 -exec chmod -f 0755 '{}' +
find /opt/couchdb/data -type f ! -perm 0644 -exec chmod -f 0644 '{}' +
find /opt/couchdb/etc -type d ! -perm 0755 -exec chmod -f 0755 '{}' +
find /opt/couchdb/etc -type f ! -perm 0644 -exec chmod -f 0644 '{}' +
fi
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
fi
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# username and password actions
__run_secure_function() {
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
for filesperms in "${USER_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# simple cd function
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# process check functions
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# check if process is already running
__proc_check() {
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
SERVICE_IS_RUNNING="true"
touch "$SERVICE_PID_FILE"
echo "$cmd_name is already running"
return 0
else
return 1
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow ENV_ variable - Import env file
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_EXIT_CODE=0 # default exit code
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# application specific
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# create auth directories
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow per init script usernames and passwords
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow setting initial users and passwords via environment
user_name="${user_name:-$ENV_USER_NAME}"
user_pass="${user_pass:-$ENV_USER_PASS}"
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set password to random if variable is random
if [ "$user_pass" = "random" ]; then
user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ "$root_user_pass" = "random" ]; then
root_user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow variables via imports - Overwrite existing
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Only run check
if [ "$1" = "check" ]; then
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
exit $?
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show message if env exists
if [ -n "$EXEC_CMD_BIN" ]; then
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set switch user command
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
su_cmd() { eval "$*" || return 1; }
elif [ "$(builtin type -P gosu)" ]; then
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P runuser)" ]; then
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P sudo)" ]; then
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P su)" ]; then
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
else
echo "Can not switch to $SERVICE_USER: attempting to run as root"
su_cmd() { eval "$*" || return 1; }
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Change to working directory
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show init message
__pre_message
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Initialize ssl
__update_ssl_conf
__update_ssl_certs
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Updating config files
__create_env
__update_conf_files
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run the pre execute commands
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
__pre_execute
__run_secure_function
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
SERVICE_EXIT_CODE=10
SERVICE_IS_RUNNING="false"
rm -Rf "$SERVICE_PID_FILE"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
exit $SERVICE_EXIT_CODE

445
init/done/00-mariadb.sh Executable file
View File

@ -0,0 +1,445 @@
#!/usr/bin/env bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
printf '%s\n' "# - - - Initializing mariadb - - - #"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_NAME="mariadb"
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run trap command on exit
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import the functions file
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
. "/usr/local/etc/docker/functions/entrypoint.sh"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import variables
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
[ -f "$set_env" ] && . "$set_env"
done
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Custom functions
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Show message before execute
PRE_EXEC_MESSAGE=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Default predefined variables
WORKDIR="" # set working directory
DATA_DIR="/data" # set data directory
WWW_DIR="/data/htdocs/www" # set the web root
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ETC_DIR="/etc/mariadb" # set etc directory
CONF_DIR="/config/mariadb" # set config directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
RUN_DIR="/run/init.d" # set scripts pid dir
LOG_DIR="/data/logs/mariadb" # set log directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set the database directory
DATABASE_DIR="${DATABASE_DIR_MARIADB:-/data/db/mariadb}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional predefined variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# port which service is listening on
SERVICE_PORT="3306"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# execute command variables
SERVICE_UID="0" # set the user id
SERVICE_USER="mysql" # execute command as another user
EXEC_CMD_BIN="mysqld" # command to execute
EXEC_CMD_ARGS="--user=$SERVICE_USER --datadir=$DATABASE_DIR" # command arguments
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a web server
IS_WEB_SERVER="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a database server
IS_DATABASE_SERVICE="yes"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional variables
DATABASE_CREATE="${MARIADB_DATABASE:-}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# usernames
user_name="${MARIADB_USER_NAME:-}" # normal user name
root_user_name="${MARIADB_ROOT_USER_NAME:-}" # root user name
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# passwords [password/random]
user_pass="${MARIADB_USER_PASS_WORD:-}" # normal user password
root_user_pass="${MARIADB_ROOT_PASS_WORD:-random}" # root user password
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Overwrite variables from files
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Specifiy custom directories to be created
ADD_APPLICATION_FILES=""
ADD_APPLICATION_DIRS=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
APPLICATION_FILES="$LOG_DIR/mariadb.log $LOG_DIR/mariadb.err.log"
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__update_conf_files() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-mysql}" # specifiy different user
# create default directories
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
(
echo "Creating directory $filedirs with permissions 777"
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create default files
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
(
echo "Creating file $application_files with permissions 777"
touch "$application_files" && chmod -Rf 777 "$application_files"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create directories if variable is yes"
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
# copy config files to system
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
# replace variables
__replace "REPLACE_ROOT_USER" "$root_user_name" "$ETC_DIR/my.cnf"
__replace "REPLACE_ROOT_PASS" "$root_user_pass" "$ETC_DIR/my.cnf"
# custom commands
if [ -f "$ETC_DIR/my.cnf" ] && [ ! -f "$CONF_DIR/my.cnf" ]; then
__file_copy "$ETC_DIR/my.cnf" "$CONF_DIR/my.cnf" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
# other
[ -f "$ETC_DIR/my.cnf" ] && ln -sf "$ETC_DIR/my.cnf" "/etc/my.cnf"
# unset unneeded variables
unset application_files filedirs
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run before executing
__pre_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-mysql}" # specifiy different user
# define commands
# Initialize the database
if __is_dir_empty "$DATABASE_DIR"; then
mkdir -p "$DATABASE_DIR" && chown -Rf $user:$user "$DATABASE_DIR"
mysql_install_db --datadir=$DATABASE_DIR --user=$user --skip-test-db --old-mode='UTF8_IS_UTF8MB3' --default-time-zone=SYSTEM --enforce-storage-engine= --skip-log-bin --expire-logs-days=0 --loose-innodb_buffer_pool_load_at_startup=0 --loose-innodb_buffer_pool_dump_at_shutdown=0
fi
# create user if needed
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
# set user on files/folders
if [ -n "$user" ] && [ "$user" != "root" ]; then
if grep -s -q "$user:" "/etc/passwd"; then
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
fi
fi
# unset unneeded variables
unset filesperms filename
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run after executing
__post_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
sleep 60 # how long to wait before executing
echo "Running post commands" # message
# execute commands
if [ -f "$CONF_DIR/init.sh" ]; then
bash -c "$CONF_DIR/init.sh"
else
# create database
if [ -n "$DATABASE_CREATE" ]; then
mysql -v -u root --database=mysql --binary-mode <<MYSQL_SCRIPT
CREATE DATABASE IF NOT EXISTS $DATABASE_CREATE;
MYSQL_SCRIPT
fi
# create user
if [ -n "$user_name" ] && [ "$user_name" != "root" ]; then
mysql -v -u root --database=mysql --binary-mode <<MYSQL_SCRIPT
CREATE USER IF NOT EXISTS $user_name@'%' IDENTIFIED BY '$user_pass';
MYSQL_SCRIPT
fi
# give user privileges to database
if [ -n "$user_name" ] && [ "$user_name" != "root" ] && [ -n "$DATABASE_CREATE" ]; then
mysql -v -u root --database=mysql --binary-mode <<MYSQL_SCRIPT
GRANT ALL PRIVILEGES ON $DATABASE_CREATE.* TO $user_name@'%';
MYSQL_SCRIPT
fi
# update root password
mysql -v -u root --database=mysql --binary-mode <<MYSQL_SCRIPT
DROP USER IF EXISTS root@'127.0.0.1', root@'::1';
ALTER USER root@localhost IDENTIFIED BY '$root_user_pass';
GRANT ALL ON *.* TO root@localhost WITH GRANT OPTION
MYSQL_SCRIPT
fi
# drop the test database
mysql -v -u root <<MYSQL_SCRIPT
DROP DATABASE IF EXISTS test;
MYSQL_SCRIPT
# flush the database
mysql -v -u root --database=mysql --binary-mode <<MYSQL_SCRIPT
FLUSH PRIVILEGES;
MYSQL_SCRIPT
# change the root password in my.cnf file
if
grep -qs "#password " "$ETC_DIR/my.cnf"
then
__replace "#password " "password " "$ETC_DIR/my.cnf"
fi
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__pre_message() {
local exitCode=0
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to setup ssl support
__update_ssl_conf() {
local exitCode=0
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__create_env() {
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
EOF
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# script to start server
__run_start_script() {
local user="${SERVICE_USER:-root}"
local workdir="${WORKDIR:-$WORK_DIR}"
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
local home="${workdir//\/root/\/tmp\/docker}"
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
if [ -z "$EXEC_CMD_BIN" ]; then
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
echo "Initializing $SCRIPT_NAME has completed"
else
# ensure the command exists
if [ ! -x "$EXEC_CMD_BIN" ]; then
echo "$EXEC_CMD_NAME is not a valid executable"
exit 2
fi
# set working directories
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
[ "$home" = "/root" ] && home="/tmp/docker"
[ "$home" = "$workdir" ] && workdir=""
# create needed directories
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
# check and exit if already running
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
echo "$EXEC_CMD_NAME is already running" >&2
exit 0
else
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
su_cmd touch "$SERVICE_PID_FILE"
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
fi
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# username and password actions
__run_secure_function() {
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
for filesperms in "${USER_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# simple cd function
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# process check functions
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# check if process is already running
__proc_check() {
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
SERVICE_IS_RUNNING="true"
touch "$SERVICE_PID_FILE"
echo "$cmd_name is already running"
return 0
else
return 1
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow ENV_ variable - Import env file
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_EXIT_CODE=0 # default exit code
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# application specific
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# create auth directories
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow per init script usernames and passwords
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow setting initial users and passwords via environment
user_name="${user_name:-$ENV_USER_NAME}"
user_pass="${user_pass:-$ENV_USER_PASS}"
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set password to random if variable is random
if [ "$user_pass" = "random" ]; then
user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ "$root_user_pass" = "random" ]; then
root_user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow variables via imports - Overwrite existing
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Only run check
if [ "$1" = "check" ]; then
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
exit $?
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show message if env exists
if [ -n "$EXEC_CMD_BIN" ]; then
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set switch user command
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
su_cmd() { eval "$*" || return 1; }
elif [ "$(builtin type -P gosu)" ]; then
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P runuser)" ]; then
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P sudo)" ]; then
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P su)" ]; then
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
else
echo "Can not switch to $SERVICE_USER: attempting to run as root"
su_cmd() { eval "$*" || return 1; }
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Change to working directory
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show init message
__pre_message
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Initialize ssl
__update_ssl_conf
__update_ssl_certs
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Updating config files
__create_env
__update_conf_files
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run the pre execute commands
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
__pre_execute
__run_secure_function
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
SERVICE_EXIT_CODE=10
SERVICE_IS_RUNNING="false"
rm -Rf "$SERVICE_PID_FILE"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
exit $SERVICE_EXIT_CODE

404
init/done/00-mongodb.sh Executable file
View File

@ -0,0 +1,404 @@
#!/usr/bin/env bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
printf '%s\n' "# - - - Initializing mongodb - - - #"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_NAME="mongodb"
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run trap command on exit
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import the functions file
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
. "/usr/local/etc/docker/functions/entrypoint.sh"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import variables
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
[ -f "$set_env" ] && . "$set_env"
done
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Custom functions
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Show message before execute
PRE_EXEC_MESSAGE=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Default predefined variables
WORKDIR="" # set working directory
DATA_DIR="/data" # set data directory
WWW_DIR="/data/htdocs/www" # set the web root
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ETC_DIR="/etc/mongodb" # set etc directory
CONF_DIR="/config/mongodb" # set config directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
RUN_DIR="/run/init.d" # set scripts pid dir
LOG_DIR="/data/logs/mongodb" # set log directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set the database directory
DATABASE_DIR="${DATABASE_DIR_MONGODB:-/data/db/mongodb}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional predefined variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# port which service is listening on
SERVICE_PORT="27017"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# execute command variables
SERVICE_UID="0" # set the user id
SERVICE_USER="root" # execute command as another user
EXEC_CMD_BIN="mongod" # command to execute
EXEC_CMD_ARGS="-vvvv" # command arguments
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a web server
IS_WEB_SERVER="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a database server
IS_DATABASE_SERVICE="yes"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# usernames
user_name="${MONGODB_USER_NAME:-}" # normal user name
root_user_name="${MONGODB_ROOT_USER_NAME:-}" # root user name
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# passwords [password/random]
user_pass="${MONGODB_USER_PASS_WORD:-}" # normal user password
root_user_pass="${MONGODB_ROOT_PASS_WORD:-}" # root user password
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Overwrite variables from files
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Specifiy custom directories to be created
ADD_APPLICATION_FILES=""
ADD_APPLICATION_DIRS=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
APPLICATION_FILES="$LOG_DIR/mongodb.log"
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__update_conf_files() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
# delete files
#__rm ""
# define actions
# create default directories
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
(
echo "Creating directory $filedirs with permissions 777"
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create default files
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
(
echo "Creating file $application_files with permissions 777"
touch "$application_files" && chmod -Rf 777 "$application_files"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create directories if variable is yes"
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
# copy config files to system
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
# replace variables
# __replace "" "" "$CONF_DIR/mongodb.conf"
# replace variables recursively
# __find_replace "" "" "$CONF_DIR/"
# custom commands
# other
# unset unneeded variables
unset application_files filedirs
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run before executing
__pre_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
# define commands
# execute if directories is empty
#__is_dir_empty "" &&
# create user if needed
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
# set user on files/folders
if [ -n "$user" ] && [ "$user" != "root" ]; then
if grep -s -q "$user:" "/etc/passwd"; then
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
fi
fi
# unset unneeded variables
unset filesperms filename
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run after executing
__post_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
sleep 60 # how long to wait before executing
echo "Running post commands" # message
# execute commands
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__pre_message() {
local exitCode=0
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to setup ssl support
__update_ssl_conf() {
local exitCode=0
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__create_env() {
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
EOF
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# script to start server
__run_start_script() {
local user="${SERVICE_USER:-root}"
local workdir="${WORKDIR:-$WORK_DIR}"
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
local home="${workdir//\/root/\/tmp\/docker}"
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
if [ -z "$EXEC_CMD_BIN" ]; then
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
echo "Initializing $SCRIPT_NAME has completed"
else
# ensure the command exists
if [ ! -x "$EXEC_CMD_BIN" ]; then
echo "$EXEC_CMD_NAME is not a valid executable"
exit 2
fi
# set working directories
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
[ "$home" = "/root" ] && home="/tmp/docker"
[ "$home" = "$workdir" ] && workdir=""
# create needed directories
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
# check and exit if already running
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
echo "$EXEC_CMD_NAME is already running" >&2
exit 0
else
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
su_cmd touch "$SERVICE_PID_FILE"
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
fi
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# username and password actions
__run_secure_function() {
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
for filesperms in "${USER_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# simple cd function
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# process check functions
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# check if process is already running
__proc_check() {
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
SERVICE_IS_RUNNING="true"
touch "$SERVICE_PID_FILE"
echo "$cmd_name is already running"
return 0
else
return 1
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow ENV_ variable - Import env file
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_EXIT_CODE=0 # default exit code
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# application specific
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# create auth directories
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow per init script usernames and passwords
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow setting initial users and passwords via environment
user_name="${user_name:-$ENV_USER_NAME}"
user_pass="${user_pass:-$ENV_USER_PASS}"
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set password to random if variable is random
if [ "$user_pass" = "random" ]; then
user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ "$root_user_pass" = "random" ]; then
root_user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow variables via imports - Overwrite existing
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Only run check
if [ "$1" = "check" ]; then
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
exit $?
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show message if env exists
if [ -n "$EXEC_CMD_BIN" ]; then
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set switch user command
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
su_cmd() { eval "$*" || return 1; }
elif [ "$(builtin type -P gosu)" ]; then
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P runuser)" ]; then
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P sudo)" ]; then
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P su)" ]; then
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
else
echo "Can not switch to $SERVICE_USER: attempting to run as root"
su_cmd() { eval "$*" || return 1; }
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Change to working directory
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show init message
__pre_message
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Initialize ssl
__update_ssl_conf
__update_ssl_certs
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Updating config files
__create_env
__update_conf_files
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run the pre execute commands
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
__pre_execute
__run_secure_function
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
SERVICE_EXIT_CODE=10
SERVICE_IS_RUNNING="false"
rm -Rf "$SERVICE_PID_FILE"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
exit $SERVICE_EXIT_CODE

420
init/done/03-aria2.sh Executable file
View File

@ -0,0 +1,420 @@
#!/usr/bin/env bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
printf '%s\n' "# - - - Initializing aria2 - - - #"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_NAME="aria2"
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run trap command on exit
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import the functions file
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
. "/usr/local/etc/docker/functions/entrypoint.sh"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import variables
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
[ -f "$set_env" ] && . "$set_env"
done
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Custom functions
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Show message before execute
PRE_EXEC_MESSAGE=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Default predefined variables
WORKDIR="" # set working directory
DATA_DIR="/data/downloads/aria2" # set data directory
WWW_DIR="/var/www/aria2ng" # set the web root
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ETC_DIR="/etc/aria2" # set etc directory
CONF_DIR="/config/aria2" # set config directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
RUN_DIR="/run/init.d" # set scripts pid dir
LOG_DIR="/data/logs/aria2" # set log directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set the database directory
DATABASE_DIR="${DATABASE_DIR_ARIA2:-/data/db/aria2}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional predefined variables
DATA_DIR="$(grep -Rs '^dir=' "$ETC_DIR/aria2.conf" | awk -F'=' '{print $2}' | grep '^' || echo "$DATA_DIR")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# port which service is listening on
SERVICE_PORT="8000"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# execute command variables
SERVICE_UID="0" # set the user id
SERVICE_USER="root" # execute command as another user
EXEC_CMD_BIN="aria2c" # command to execute
EXEC_CMD_ARGS="--conf-path=$ETC_DIR/aria2.conf" # command arguments
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a web server
IS_WEB_SERVER="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a database server
IS_DATABASE_SERVICE="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional variables
RPC_SECRET="${RPC_SECRET:-}"
GET_WEB_CONFIG="$(find "$WWW_DIR/js" -name 'aria-ng*.js' | grep -v '^$')"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# usernames
user_name="${ARIA2_USER_NAME:-}" # normal user name
root_user_name="${ARIA2_ROOT_USER_NAME:-}" # root user name
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# passwords [password/random]
user_pass="${ARIA2_USER_PASS_WORD:-}" # normal user password
root_user_pass="${ARIA2_ROOT_PASS_WORD:-}" # root user password
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Overwrite variables from files
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Specifiy custom directories to be created
ADD_APPLICATION_FILES=""
ADD_APPLICATION_DIRS=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
APPLICATION_FILES="$LOG_DIR/aria2.log"
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__update_conf_files() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
if [ -n "$RPC_SECRET" ]; then
RPC_SECRET_BASE64=$(echo -n "${RPC_SECRET}" | base64 -w 0)
fi
# create default directories
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
(
echo "Creating directory $filedirs with permissions 777"
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create default files
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
(
echo "Creating file $application_files with permissions 777"
touch "$application_files" && chmod -Rf 777 "$application_files"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create directories if variable is yes"
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
# copy config files to system
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
# replace variables
__replace "REPLACE_RPC_PORT" "$SERVICE_PORT" "$ETC_DIR/aria2.conf"
__replace "6800" "$SERVICE_PORT" $GET_WEB_CONFIG
if grep -qs "REPLACE_RPC_SECRET" "$GET_WEB_CONFIG"; then
__find_replace "REPLACE_RPC_SECRET" "$RPC_SECRET_BASE64" "$GET_WEB_CONFIG"
else
sed -i 's,secret:"[^"]*",secret:"'"${RPC_SECRET_BASE64}"'",g' "$GET_WEB_CONFIG"
fi
if [ -n "$RPC_SECRET" ]; then
echo "Changing rpc secret to $RPC_SECRET"
if grep -sq "rpc-secret=" "$ETC_DIR/aria2.conf"; then
__replace "REPLACE_RPC_SECRET" "$RPC_SECRET" "$ETC_DIR/aria2.conf"
else
echo "rpc-secret=$RPC_SECRET" >>"$ETC_DIR/aria2.conf"
fi
else
__replace "rpc-secret=" "#rpc-secret=" "$ETC_DIR/aria2.conf"
fi
# custom commands
touch "$CONF_DIR/aria2.session"
ln -sf "$CONF_DIR/aria2.session" "$ETC_DIR/aria2.session"
# other
# unset unneeded variables
unset application_files filedirs
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run before executing
__pre_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
# define commands
# execute if directories is empty
#__is_dir_empty "" &&
# create user if needed
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
# set user on files/folders
if [ -n "$user" ] && [ "$user" != "root" ]; then
if grep -s -q "$user:" "/etc/passwd"; then
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
fi
fi
# unset unneeded variables
unset filesperms filename
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run after executing
__post_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
sleep 60 # how long to wait before executing
echo "Running post commands" # message
# execute commands
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__pre_message() {
local exitCode=0
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to setup ssl support
__update_ssl_conf() {
local exitCode=0
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__create_env() {
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
EOF
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# script to start server
__run_start_script() {
local user="${SERVICE_USER:-root}"
local workdir="${WORKDIR:-$WORK_DIR}"
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
local home="${workdir//\/root/\/tmp\/docker}"
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
if [ -z "$EXEC_CMD_BIN" ]; then
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
echo "Initializing $SCRIPT_NAME has completed"
else
# ensure the command exists
if [ ! -x "$EXEC_CMD_BIN" ]; then
echo "$EXEC_CMD_NAME is not a valid executable"
exit 2
fi
# set working directories
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
[ "$home" = "/root" ] && home="/tmp/docker"
[ "$home" = "$workdir" ] && workdir=""
# create needed directories
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
# check and exit if already running
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
echo "$EXEC_CMD_NAME is already running" >&2
exit 0
else
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
su_cmd touch "$SERVICE_PID_FILE"
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
fi
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# username and password actions
__run_secure_function() {
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
for filesperms in "${USER_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# simple cd function
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# process check functions
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# check if process is already running
__proc_check() {
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
SERVICE_IS_RUNNING="true"
touch "$SERVICE_PID_FILE"
echo "$cmd_name is already running"
return 0
else
return 1
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow ENV_ variable - Import env file
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_EXIT_CODE=0 # default exit code
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# application specific
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# create auth directories
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow per init script usernames and passwords
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow setting initial users and passwords via environment
user_name="${user_name:-$ENV_USER_NAME}"
user_pass="${user_pass:-$ENV_USER_PASS}"
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set password to random if variable is random
if [ "$user_pass" = "random" ]; then
user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ "$root_user_pass" = "random" ]; then
root_user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow variables via imports - Overwrite existing
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Only run check
if [ "$1" = "check" ]; then
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
exit $?
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show message if env exists
if [ -n "$EXEC_CMD_BIN" ]; then
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set switch user command
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
su_cmd() { eval "$*" || return 1; }
elif [ "$(builtin type -P gosu)" ]; then
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P runuser)" ]; then
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P sudo)" ]; then
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P su)" ]; then
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
else
echo "Can not switch to $SERVICE_USER: attempting to run as root"
su_cmd() { eval "$*" || return 1; }
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Change to working directory
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show init message
__pre_message
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Initialize ssl
__update_ssl_conf
__update_ssl_certs
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Updating config files
__create_env
__update_conf_files
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run the pre execute commands
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
__pre_execute
__run_secure_function
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
SERVICE_EXIT_CODE=10
SERVICE_IS_RUNNING="false"
rm -Rf "$SERVICE_PID_FILE"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
exit $SERVICE_EXIT_CODE

398
init/done/03-headphones.sh Executable file
View File

@ -0,0 +1,398 @@
#!/usr/bin/env bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
printf '%s\n' "# - - - Initializing headphones - - - #"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_NAME="headphones"
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run trap command on exit
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import the functions file
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
. "/usr/local/etc/docker/functions/entrypoint.sh"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import variables
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
[ -f "$set_env" ] && . "$set_env"
done
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Custom functions
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Show message before execute
PRE_EXEC_MESSAGE=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Default predefined variables
WORKDIR="" # set working directory
DATA_DIR="/data/headphones" # set data directory
WWW_DIR="/data/htdocs/www" # set the web root
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ETC_DIR="/etc/headphones" # set etc directory
CONF_DIR="/config/headphones" # set config directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
RUN_DIR="/run/init.d" # set scripts pid dir
LOG_DIR="/data/logs/headphones" # set log directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set the database directory
DATABASE_DIR="${DATABASE_DIR_HEADPHONES:-/data/db/headphones}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional predefined variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# port which service is listening on
SERVICE_PORT="80"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# execute command variables
SERVICE_UID="0" # set the user id
SERVICE_USER="root" # execute command as another user
EXEC_CMD_BIN="python3" # command to execute
EXEC_CMD_ARGS="/var/lib/headphones/Headphones.py --nolaunch " # command arguments
EXEC_CMD_ARGS+="--config $CONF_DIR/headphones.ini --datadir $DATA_DIR "
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a web server
IS_WEB_SERVER="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a database server
IS_DATABASE_SERVICE="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# usernames
user_name="${HEADPHONES_USER_NAME:-}" # normal user name
root_user_name="${HEADPHONES_ROOT_USER_NAME:-}" # root user name
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# passwords [password/random]
user_pass="${HEADPHONES_USER_PASS_WORD:-}" # normal user password
root_user_pass="${HEADPHONES_ROOT_PASS_WORD:-}" # root user password
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Overwrite variables from files
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Specifiy custom directories to be created
ADD_APPLICATION_FILES=""
ADD_APPLICATION_DIRS=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
APPLICATION_FILES="$LOG_DIR/headphones.log"
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR /data/cache /data/downloads"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__update_conf_files() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
# create default directories
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
(
echo "Creating directory $filedirs with permissions 777"
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create default files
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
(
echo "Creating file $application_files with permissions 777"
touch "$application_files" && chmod -Rf 777 "$application_files"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create directories if variable is yes"
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
# copy config files to system
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
# replace variables
__replace "REPLACE_USER_NAME" "$user_name" "$ETC_DIR/headphones.ini"
__replace "REPLACE_USER_PASS" "$user_pass" "$ETC_DIR/headphones.ini"
__replace "REPLACE_SERVER_PORT" "$SERVICE_PORT" "$ETC_DIR/headphones.ini"
# other
# unset unneeded variables
unset application_files filedirs
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run before executing
__pre_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
# define commands
# execute if directories is empty
#__is_dir_empty "" &&
# create user if needed
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
# set user on files/folders
if [ -n "$user" ] && [ "$user" != "root" ]; then
if grep -s -q "$user:" "/etc/passwd"; then
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
fi
fi
# unset unneeded variables
unset filesperms filename
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run after executing
__post_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
sleep 60 # how long to wait before executing
echo "Running post commands" # message
# execute commands
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__pre_message() {
local exitCode=0
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to setup ssl support
__update_ssl_conf() {
local exitCode=0
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__create_env() {
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
EOF
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# script to start server
__run_start_script() {
local user="${SERVICE_USER:-root}"
local workdir="${WORKDIR:-$WORK_DIR}"
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
local home="${workdir//\/root/\/tmp\/docker}"
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
if [ -z "$EXEC_CMD_BIN" ]; then
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
echo "Initializing $SCRIPT_NAME has completed"
else
# ensure the command exists
if [ ! -x "$EXEC_CMD_BIN" ]; then
echo "$EXEC_CMD_NAME is not a valid executable"
exit 2
fi
# set working directories
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
[ "$home" = "/root" ] && home="/tmp/docker"
[ "$home" = "$workdir" ] && workdir=""
# create needed directories
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
# check and exit if already running
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
echo "$EXEC_CMD_NAME is already running" >&2
exit 0
else
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
su_cmd touch "$SERVICE_PID_FILE"
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
fi
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# username and password actions
__run_secure_function() {
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
for filesperms in "${USER_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# simple cd function
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# process check functions
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# check if process is already running
__proc_check() {
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
SERVICE_IS_RUNNING="true"
touch "$SERVICE_PID_FILE"
echo "$cmd_name is already running"
return 0
else
return 1
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow ENV_ variable - Import env file
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_EXIT_CODE=0 # default exit code
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# application specific
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# create auth directories
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow per init script usernames and passwords
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow setting initial users and passwords via environment
user_name="${user_name:-$ENV_USER_NAME}"
user_pass="${user_pass:-$ENV_USER_PASS}"
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set password to random if variable is random
if [ "$user_pass" = "random" ]; then
user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ "$root_user_pass" = "random" ]; then
root_user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow variables via imports - Overwrite existing
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Only run check
if [ "$1" = "check" ]; then
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
exit $?
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show message if env exists
if [ -n "$EXEC_CMD_BIN" ]; then
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set switch user command
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
su_cmd() { eval "$*" || return 1; }
elif [ "$(builtin type -P gosu)" ]; then
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P runuser)" ]; then
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P sudo)" ]; then
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P su)" ]; then
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
else
echo "Can not switch to $SERVICE_USER: attempting to run as root"
su_cmd() { eval "$*" || return 1; }
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Change to working directory
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show init message
__pre_message
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Initialize ssl
__update_ssl_conf
__update_ssl_certs
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Updating config files
__create_env
__update_conf_files
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run the pre execute commands
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
__pre_execute
__run_secure_function
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
SERVICE_EXIT_CODE=10
SERVICE_IS_RUNNING="false"
rm -Rf "$SERVICE_PID_FILE"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
exit $SERVICE_EXIT_CODE

404
init/done/03-homepage.sh Executable file
View File

@ -0,0 +1,404 @@
#!/usr/bin/env bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
printf '%s\n' "# - - - Initializing homepage - - - #"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_NAME="homepage"
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run trap command on exit
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import the functions file
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
. "/usr/local/etc/docker/functions/entrypoint.sh"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import variables
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
[ -f "$set_env" ] && . "$set_env"
done
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Custom functions
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Show message before execute
PRE_EXEC_MESSAGE=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Default predefined variables
WORKDIR="" # set working directory
DATA_DIR="/data" # set data directory
WWW_DIR="/data/htdocs/www" # set the web root
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ETC_DIR="/etc/homepage" # set etc directory
CONF_DIR="/config/homepage" # set config directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
RUN_DIR="/run/init.d" # set scripts pid dir
LOG_DIR="/data/logs/homepage" # set log directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set the database directory
DATABASE_DIR="${DATABASE_DIR_HOMEPAGE:-/data/db/homepage}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional predefined variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# port which service is listening on
SERVICE_PORT="3000"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# execute command variables
SERVICE_UID="0" # set the user id
SERVICE_USER="root" # execute command as another user
EXEC_CMD_BIN="homepage" # command to execute
EXEC_CMD_ARGS="server.js" # command arguments
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a web server
IS_WEB_SERVER="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a database server
IS_DATABASE_SERVICE="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# usernames
user_name="${HOMEPAGE_USER_NAME:-}" # normal user name
root_user_name="${HOMEPAGE_ROOT_USER_NAME:-}" # root user name
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# passwords [password/random]
user_pass="${HOMEPAGE_USER_PASS_WORD:-}" # normal user password
root_user_pass="${HOMEPAGE_ROOT_PASS_WORD:-}" # root user password
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Overwrite variables from files
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Specifiy custom directories to be created
ADD_APPLICATION_FILES=""
ADD_APPLICATION_DIRS=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
APPLICATION_FILES="$LOG_DIR/homepage.log"
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__update_conf_files() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
# delete files
#__rm ""
# define actions
# create default directories
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
(
echo "Creating directory $filedirs with permissions 777"
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create default files
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
(
echo "Creating file $application_files with permissions 777"
touch "$application_files" && chmod -Rf 777 "$application_files"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create directories if variable is yes"
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
# copy config files to system
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
# replace variables
# __replace "" "" "$CONF_DIR/homepage.conf"
# replace variables recursively
# __find_replace "" "" "$CONF_DIR/"
# custom commands
# other
# unset unneeded variables
unset application_files filedirs
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run before executing
__pre_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
# define commands
# execute if directories is empty
#__is_dir_empty "" &&
# create user if needed
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
# set user on files/folders
if [ -n "$user" ] && [ "$user" != "root" ]; then
if grep -s -q "$user:" "/etc/passwd"; then
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
fi
fi
# unset unneeded variables
unset filesperms filename
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run after executing
__post_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
sleep 60 # how long to wait before executing
echo "Running post commands" # message
# execute commands
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__pre_message() {
local exitCode=0
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to setup ssl support
__update_ssl_conf() {
local exitCode=0
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__create_env() {
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
EOF
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# script to start server
__run_start_script() {
local user="${SERVICE_USER:-root}"
local workdir="${WORKDIR:-$WORK_DIR}"
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
local home="${workdir//\/root/\/tmp\/docker}"
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
if [ -z "$EXEC_CMD_BIN" ]; then
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
echo "Initializing $SCRIPT_NAME has completed"
else
# ensure the command exists
if [ ! -x "$EXEC_CMD_BIN" ]; then
echo "$EXEC_CMD_NAME is not a valid executable"
exit 2
fi
# set working directories
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
[ "$home" = "/root" ] && home="/tmp/docker"
[ "$home" = "$workdir" ] && workdir=""
# create needed directories
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
# check and exit if already running
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
echo "$EXEC_CMD_NAME is already running" >&2
exit 0
else
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
su_cmd touch "$SERVICE_PID_FILE"
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
fi
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# username and password actions
__run_secure_function() {
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
for filesperms in "${USER_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# simple cd function
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# process check functions
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# check if process is already running
__proc_check() {
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
SERVICE_IS_RUNNING="true"
touch "$SERVICE_PID_FILE"
echo "$cmd_name is already running"
return 0
else
return 1
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow ENV_ variable - Import env file
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_EXIT_CODE=0 # default exit code
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# application specific
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# create auth directories
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow per init script usernames and passwords
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow setting initial users and passwords via environment
user_name="${user_name:-$ENV_USER_NAME}"
user_pass="${user_pass:-$ENV_USER_PASS}"
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set password to random if variable is random
if [ "$user_pass" = "random" ]; then
user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ "$root_user_pass" = "random" ]; then
root_user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow variables via imports - Overwrite existing
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Only run check
if [ "$1" = "check" ]; then
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
exit $?
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show message if env exists
if [ -n "$EXEC_CMD_BIN" ]; then
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set switch user command
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
su_cmd() { eval "$*" || return 1; }
elif [ "$(builtin type -P gosu)" ]; then
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P runuser)" ]; then
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P sudo)" ]; then
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P su)" ]; then
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
else
echo "Can not switch to $SERVICE_USER: attempting to run as root"
su_cmd() { eval "$*" || return 1; }
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Change to working directory
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show init message
__pre_message
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Initialize ssl
__update_ssl_conf
__update_ssl_certs
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Updating config files
__create_env
__update_conf_files
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run the pre execute commands
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
__pre_execute
__run_secure_function
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
SERVICE_EXIT_CODE=10
SERVICE_IS_RUNNING="false"
rm -Rf "$SERVICE_PID_FILE"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
exit $SERVICE_EXIT_CODE

405
init/done/03-homey.sh Executable file
View File

@ -0,0 +1,405 @@
#!/usr/bin/env bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
printf '%s\n' "# - - - Initializing homey - - - #"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_NAME="homey"
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run trap command on exit
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import the functions file
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
. "/usr/local/etc/docker/functions/entrypoint.sh"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import variables
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
[ -f "$set_env" ] && . "$set_env"
done
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Custom functions
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Show message before execute
PRE_EXEC_MESSAGE=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Default predefined variables
WORKDIR="" # set working directory
DATA_DIR="/data" # set data directory
WWW_DIR="/data/htdocs/www" # set the web root
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ETC_DIR="/etc/homey" # set etc directory
CONF_DIR="/config/homey" # set config directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
RUN_DIR="/run/init.d" # set scripts pid dir
LOG_DIR="/data/logs/homey" # set log directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set the database directory
DATABASE_DIR="${DATABASE_DIR_HOMEY:-/data/db/homey}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional predefined variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# port which service is listening on
SERVICE_PORT="9101"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# execute command variables
SERVICE_UID="0" # set the user id
SERVICE_USER="root" # execute command as another user
EXEC_CMD_BIN="gunicorn" # command to execute
EXEC_CMD_ARGS="-b 0.0.0.0:$SERVICE_PORT --worker-tmp-dir /dev/shm " # command arguments
EXEC_CMD_ARGS+="--workers 2 --threads 50 --log-file - app:app"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a web server
IS_WEB_SERVER="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a database server
IS_DATABASE_SERVICE="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# usernames
user_name="${HOMEY_USER_NAME:-}" # normal user name
root_user_name="${HOMEY_ROOT_USER_NAME:-}" # root user name
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# passwords [password/random]
user_pass="${HOMEY_USER_PASS_WORD:-}" # normal user password
root_user_pass="${HOMEY_ROOT_PASS_WORD:-}" # root user password
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Overwrite variables from files
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Specifiy custom directories to be created
ADD_APPLICATION_FILES=""
ADD_APPLICATION_DIRS=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
APPLICATION_FILES="$LOG_DIR/homey.log"
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__update_conf_files() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
# delete files
#__rm ""
# define actions
# create default directories
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
(
echo "Creating directory $filedirs with permissions 777"
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create default files
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
(
echo "Creating file $application_files with permissions 777"
touch "$application_files" && chmod -Rf 777 "$application_files"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create directories if variable is yes"
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
# copy config files to system
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
# replace variables
# __replace "" "" "$CONF_DIR/homey.conf"
# replace variables recursively
# __find_replace "" "" "$CONF_DIR/"
# custom commands
# other
# unset unneeded variables
unset application_files filedirs
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run before executing
__pre_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
# define commands
# execute if directories is empty
#__is_dir_empty "" &&
# create user if needed
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
# set user on files/folders
if [ -n "$user" ] && [ "$user" != "root" ]; then
if grep -s -q "$user:" "/etc/passwd"; then
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
fi
fi
# unset unneeded variables
unset filesperms filename
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run after executing
__post_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
sleep 60 # how long to wait before executing
echo "Running post commands" # message
# execute commands
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__pre_message() {
local exitCode=0
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to setup ssl support
__update_ssl_conf() {
local exitCode=0
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__create_env() {
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
EOF
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# script to start server
__run_start_script() {
local user="${SERVICE_USER:-root}"
local workdir="${WORKDIR:-$WORK_DIR}"
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
local home="${workdir//\/root/\/tmp\/docker}"
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
if [ -z "$EXEC_CMD_BIN" ]; then
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
echo "Initializing $SCRIPT_NAME has completed"
else
# ensure the command exists
if [ ! -x "$EXEC_CMD_BIN" ]; then
echo "$EXEC_CMD_NAME is not a valid executable"
exit 2
fi
# set working directories
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
[ "$home" = "/root" ] && home="/tmp/docker"
[ "$home" = "$workdir" ] && workdir=""
# create needed directories
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
# check and exit if already running
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
echo "$EXEC_CMD_NAME is already running" >&2
exit 0
else
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
su_cmd touch "$SERVICE_PID_FILE"
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
fi
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# username and password actions
__run_secure_function() {
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
for filesperms in "${USER_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# simple cd function
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# process check functions
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# check if process is already running
__proc_check() {
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
SERVICE_IS_RUNNING="true"
touch "$SERVICE_PID_FILE"
echo "$cmd_name is already running"
return 0
else
return 1
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow ENV_ variable - Import env file
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_EXIT_CODE=0 # default exit code
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# application specific
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# create auth directories
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow per init script usernames and passwords
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow setting initial users and passwords via environment
user_name="${user_name:-$ENV_USER_NAME}"
user_pass="${user_pass:-$ENV_USER_PASS}"
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set password to random if variable is random
if [ "$user_pass" = "random" ]; then
user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ "$root_user_pass" = "random" ]; then
root_user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow variables via imports - Overwrite existing
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Only run check
if [ "$1" = "check" ]; then
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
exit $?
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show message if env exists
if [ -n "$EXEC_CMD_BIN" ]; then
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set switch user command
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
su_cmd() { eval "$*" || return 1; }
elif [ "$(builtin type -P gosu)" ]; then
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P runuser)" ]; then
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P sudo)" ]; then
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P su)" ]; then
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
else
echo "Can not switch to $SERVICE_USER: attempting to run as root"
su_cmd() { eval "$*" || return 1; }
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Change to working directory
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show init message
__pre_message
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Initialize ssl
__update_ssl_conf
__update_ssl_certs
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Updating config files
__create_env
__update_conf_files
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run the pre execute commands
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
__pre_execute
__run_secure_function
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
SERVICE_EXIT_CODE=10
SERVICE_IS_RUNNING="false"
rm -Rf "$SERVICE_PID_FILE"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
exit $SERVICE_EXIT_CODE

456
init/done/04-bind.sh Executable file
View File

@ -0,0 +1,456 @@
#!/usr/bin/env bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
printf '%s\n' "# - - - Initializing bind - - - #"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_NAME="bind"
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run trap command on exit
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import the functions file
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
. "/usr/local/etc/docker/functions/entrypoint.sh"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import variables
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
[ -f "$set_env" ] && . "$set_env"
done
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Custom functions
__rndc_key() { grep -s 'key "rndc-key" ' "$ETC_DIR/rndc.key" | grep -v 'KEY_RNDC' | sed 's|.*secret ||g;s|"||g;s|;.*||g' | grep '^' || return 1; }
__tsig_key() { tsig-keygen -a hmac-sha256 | grep 'secret' | sed 's|.*secret "||g;s|"||g;s|;||g' | grep '^' || echo 'wp/HApbthaVPjwqgp6ziLlmnkyLSNbRTehkdARBDcpI='; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Show message before execute
PRE_EXEC_MESSAGE=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Default predefined variables
WORKDIR="" # set working directory
DATA_DIR="/data/named" # set data directory
WWW_DIR="/data/htdocs/www" # set the web root
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ETC_DIR="/etc/bind" # set etc directory
CONF_DIR="/config/named" # set config directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
RUN_DIR="/run/init.d" # set scripts pid dir
LOG_DIR="/data/logs/bind" # set log directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set the database directory
DATABASE_DIR="${DATABASE_DIR_BIND:-/data/db/bind}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional predefined variables
KEY_RNDC="${KEY_RNDC:-$(__tsig_key)}"
KEY_DHCP="${KEY_DHCP:-$(__tsig_key)}"
KEY_BACKUP="${KEY_BACKUP:-$(__tsig_key)}"
KEY_CERTBOT="${KEY_CERTBOT:-$(__tsig_key)}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# port which service is listening on
SERVICE_PORT="53"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# execute command variables
SERVICE_UID="0" # set the user id
SERVICE_USER="root" # execute command as another user
EXEC_CMD_BIN="named" # command to execute
EXEC_CMD_ARGS="-f -c $ETC_DIR/named.conf" # command arguments
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a web server
IS_WEB_SERVER="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a database server
IS_DATABASE_SERVICE="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional variables
VAR_DIR="/var/bind"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# usernames
user_name="${BIND_USER_NAME:-}" # normal user name
root_user_name="${BIND_ROOT_USER_NAME:-}" # root user name
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# passwords [password/random]
user_pass="${BIND_USER_PASS_WORD:-}" # normal user password
root_user_pass="${BIND_ROOT_PASS_WORD:-}" # root user password
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Overwrite variables from files
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Specifiy custom directories to be created
ADD_APPLICATION_FILES=""
ADD_APPLICATION_DIRS=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
APPLICATION_FILES="$LOG_DIR/xfer.log $LOG_DIR/update.log $LOG_DIR/notify.log $LOG_DIR/querylog.log "
APPLICATION_FILES+="$LOG_DIR/default.log $LOG_DIR/debug.log $LOG_DIR/security.log "
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR $CONF_DIR/keys $DATA_DIR/zones $VAR_DIR/zones"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__update_conf_files() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
local zone_files=""
serial="$(date +'%Y%m%d%S')"
local HOSTNAME="${SERVER_NAME:-$HOSTNAME}"
local ip_address="${CONTAINER_IP4_ADDRESS:-127.0.0.1}"
if [ -f "$CONF_DIR/set_rndc.key" ]; then
GET_RNDC_KEY="$(<"$CONF_DIR/set_rndc.key")"
fi
# create default directories
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
(
echo "Creating directory $filedirs with permissions 777"
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create default files
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
(
echo "Creating file $application_files with permissions 777"
touch "$application_files" && chmod -Rf 777 "$application_files"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create directories if variable is yes"
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
# copy config files to system
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
[ -f "$ETC_DIR/custom.conf" ] && mv -f "$ETC_DIR/custom.conf" "$ETC_DIR/named.conf"
# replace variables
__replace "REPLACE_KEY_DHCP" "$KEY_DHCP" "$ETC_DIR/named.conf" #&>/dev/null
__replace "REPLACE_KEY_BACKUP" "$KEY_BACKUP" "$ETC_DIR/named.conf" #&>/dev/null
__replace "REPLACE_KEY_CERTBOT" "$KEY_CERTBOT" "$ETC_DIR/named.conf" #&>/dev/null
__replace "REPLACE_KEY_RNDC" "${GET_RNDC_KEY:-$KEY_RNDC}" "$ETC_DIR/rndc.key" #&>/dev/null
__replace "REPLACE_KEY_RNDC" "${GET_RNDC_KEY:-$KEY_RNDC}" "$ETC_DIR/named.conf" #&>/dev/null
GET_RNDC_KEY="${GET_RNDC_KEY:-$(__rndc_key || echo '')}"
if [ -n "$GET_RNDC_KEY" ]; then
echo "$GET_RNDC_KEY" >"$CONF_DIR/set_rndc.key"
fi
zone_files="$(find "$DATA_DIR/zones/" -type f | wc -l)"
if [ $zone_files = 0 ] && [ ! -f "$DATA_DIR/zones/$HOSTNAME.zone" ]; then
cat <<EOF | tee "$DATA_DIR/zones/$HOSTNAME.zone" &>/dev/null
; config for $HOSTNAME
@ IN SOA $HOSTNAME. root.$HOSTNAME. ( $serial 10800 3600 1209600 38400)
IN NS $HOSTNAME.
$HOSTNAME. IN A $ip_address
EOF
fi
#
for dns_file in "$DATA_DIR/zones"/*; do
file_name="$(basename "$dns_file")"
domain_name="$(grep -Rs '\$ORIGIN' "$dns_file" | awk '{print $NF}' | sed 's|.$||g')"
if [ -f "$dns_file" ]; then
cp -Rf "$dns_file" "$VAR_DIR/zones/$file_name"
if [ -n "$domain_name" ] && ! grep -qs "$domain_name" "$ETC_DIR/named.conf"; then
cat <<EOF >>"$ETC_DIR/named.conf"
# ********** begin $domain_name **********
zone "$domain_name" {
type master;
file "$VAR_DIR/zones/$file_name";
notify yes;
allow-update {key "certbot."; key "dhcp-key"; trusted;};
allow-transfer { any; key "backup-key"; };
};
# ********** end $domain_name **********
EOF
grep -qs "$domain_name" "$ETC_DIR/named.conf" && echo "Added $domain_name to $ETC_DIR/named.conf"
fi
fi
done
if named-checkconf -z "$ETC_DIR/named.conf" &>/dev/null; then
echo "named-checkconf has succeeded"
else
echo "named-checkconf has failed:"
named-checkconf -z "$ETC_DIR/named.conf"
fi
# unset unneeded variables
unset application_files filedirs
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run before executing
__pre_execute() {
local exitCode=0 # default exit code
local user="named" # specifiy different user
# define commands
# execute if directories is empty
#__is_dir_empty "" &&
# create user if needed
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
# set user on files/folders
if [ -n "$user" ] && [ "$user" != "root" ]; then
if grep -s -q "$user:" "/etc/passwd"; then
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
fi
fi
# unset unneeded variables
unset filesperms filename
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run after executing
__post_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
sleep 60 # how long to wait before executing
echo "Running post commands" # message
# execute commands
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__pre_message() {
local exitCode=0
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to setup ssl support
__update_ssl_conf() {
local exitCode=0
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__create_env() {
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
EOF
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# script to start server
__run_start_script() {
local user="${SERVICE_USER:-root}"
local workdir="${WORKDIR:-$WORK_DIR}"
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
local home="${workdir//\/root/\/tmp\/docker}"
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
if [ -z "$EXEC_CMD_BIN" ]; then
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
echo "Initializing $SCRIPT_NAME has completed"
else
# ensure the command exists
if [ ! -x "$EXEC_CMD_BIN" ]; then
echo "$EXEC_CMD_NAME is not a valid executable"
exit 2
fi
# set working directories
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
[ "$home" = "/root" ] && home="/tmp/docker"
[ "$home" = "$workdir" ] && workdir=""
# create needed directories
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
# check and exit if already running
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
echo "$EXEC_CMD_NAME is already running" >&2
exit 0
else
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
su_cmd touch "$SERVICE_PID_FILE"
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
fi
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# username and password actions
__run_secure_function() {
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
for filesperms in "${USER_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# simple cd function
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# process check functions
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# check if process is already running
__proc_check() {
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
SERVICE_IS_RUNNING="true"
touch "$SERVICE_PID_FILE"
echo "$cmd_name is already running"
return 0
else
return 1
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow ENV_ variable - Import env file
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_EXIT_CODE=0 # default exit code
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# application specific
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# create auth directories
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow per init script usernames and passwords
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow setting initial users and passwords via environment
user_name="${user_name:-$ENV_USER_NAME}"
user_pass="${user_pass:-$ENV_USER_PASS}"
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set password to random if variable is random
if [ "$user_pass" = "random" ]; then
user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ "$root_user_pass" = "random" ]; then
root_user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow variables via imports - Overwrite existing
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Only run check
if [ "$1" = "check" ]; then
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
exit $?
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show message if env exists
if [ -n "$EXEC_CMD_BIN" ]; then
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set switch user command
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
su_cmd() { eval "$*" || return 1; }
elif [ "$(builtin type -P gosu)" ]; then
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P runuser)" ]; then
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P sudo)" ]; then
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P su)" ]; then
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
else
echo "Can not switch to $SERVICE_USER: attempting to run as root"
su_cmd() { eval "$*" || return 1; }
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Change to working directory
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show init message
__pre_message
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Initialize ssl
__update_ssl_conf
__update_ssl_certs
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Updating config files
__create_env
__update_conf_files
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run the pre execute commands
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
__pre_execute
__run_secure_function
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
SERVICE_EXIT_CODE=10
SERVICE_IS_RUNNING="false"
rm -Rf "$SERVICE_PID_FILE"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
exit $SERVICE_EXIT_CODE

407
init/done/05-ifconfig.sh Executable file
View File

@ -0,0 +1,407 @@
#!/usr/bin/env bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
printf '%s\n' "# - - - Initializing ifconfig - - - #"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_NAME="ifconfig"
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run trap command on exit
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import the functions file
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
. "/usr/local/etc/docker/functions/entrypoint.sh"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import variables
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
[ -f "$set_env" ] && . "$set_env"
done
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Custom functions
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Show message before execute
PRE_EXEC_MESSAGE=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Default predefined variables
WORKDIR="" # set working directory
DATA_DIR="/data" # set data directory
WWW_DIR="/data/htdocs/www" # set the web root
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ETC_DIR="/etc/ifconfig" # set etc directory
CONF_DIR="/config/ifconfig" # set config directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
RUN_DIR="/run/init.d" # set scripts pid dir
LOG_DIR="/data/logs/ifconfig" # set log directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set the database directory
DATABASE_DIR="${DATABASE_DIR_IFCONFIG:-/data/db/ifconfig}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional predefined variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# port which service is listening on
SERVICE_PORT=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# execute command variables
SERVICE_UID="0" # set the user id
SERVICE_USER="root" # execute command as another user
EXEC_CMD_BIN="echoip" # command to execute
EXEC_CMD_ARGS="-t /opt/echoip/html -H x-forwarded-for -r -s -p " # command arguments
EXEC_CMD_ARGS+="-a /opt/echoip/geoip/GeoLite2-ASN.mmdb " #
EXEC_CMD_ARGS+="-c /opt/echoip/geoip/GeoLite2-City.mmdb " #
EXEC_CMD_ARGS+=" -f /opt/echoip/geoip/GeoLite2-Country.mmdb " #
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a web server
IS_WEB_SERVER="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a database server
IS_DATABASE_SERVICE="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# usernames
user_name="${IFCONFIG_USER_NAME:-}" # normal user name
root_user_name="${IFCONFIG_ROOT_USER_NAME:-}" # root user name
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# passwords [password/random]
user_pass="${IFCONFIG_USER_PASS_WORD:-}" # normal user password
root_user_pass="${IFCONFIG_ROOT_PASS_WORD:-}" # root user password
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Overwrite variables from files
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Specifiy custom directories to be created
ADD_APPLICATION_FILES=""
ADD_APPLICATION_DIRS=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
APPLICATION_FILES="$LOG_DIR/ifconfig.log"
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__update_conf_files() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
# delete files
#__rm ""
# define actions
# create default directories
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
(
echo "Creating directory $filedirs with permissions 777"
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create default files
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
(
echo "Creating file $application_files with permissions 777"
touch "$application_files" && chmod -Rf 777 "$application_files"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create directories if variable is yes"
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
# copy config files to system
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
# replace variables
# __replace "" "" "$CONF_DIR/ifconfig.conf"
# replace variables recursively
# __find_replace "" "" "$CONF_DIR/"
# custom commands
# other
# unset unneeded variables
unset application_files filedirs
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run before executing
__pre_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
# define commands
# execute if directories is empty
#__is_dir_empty "" &&
# create user if needed
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
# set user on files/folders
if [ -n "$user" ] && [ "$user" != "root" ]; then
if grep -s -q "$user:" "/etc/passwd"; then
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
fi
fi
# unset unneeded variables
unset filesperms filename
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run after executing
__post_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
sleep 60 # how long to wait before executing
echo "Running post commands" # message
# execute commands
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__pre_message() {
local exitCode=0
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to setup ssl support
__update_ssl_conf() {
local exitCode=0
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__create_env() {
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
EOF
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# script to start server
__run_start_script() {
local user="${SERVICE_USER:-root}"
local workdir="${WORKDIR:-$WORK_DIR}"
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
local home="${workdir//\/root/\/tmp\/docker}"
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
if [ -z "$EXEC_CMD_BIN" ]; then
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
echo "Initializing $SCRIPT_NAME has completed"
else
# ensure the command exists
if [ ! -x "$EXEC_CMD_BIN" ]; then
echo "$EXEC_CMD_NAME is not a valid executable"
exit 2
fi
# set working directories
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
[ "$home" = "/root" ] && home="/tmp/docker"
[ "$home" = "$workdir" ] && workdir=""
# create needed directories
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
# check and exit if already running
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
echo "$EXEC_CMD_NAME is already running" >&2
exit 0
else
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
su_cmd touch "$SERVICE_PID_FILE"
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
fi
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# username and password actions
__run_secure_function() {
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
for filesperms in "${USER_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# simple cd function
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# process check functions
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# check if process is already running
__proc_check() {
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
SERVICE_IS_RUNNING="true"
touch "$SERVICE_PID_FILE"
echo "$cmd_name is already running"
return 0
else
return 1
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow ENV_ variable - Import env file
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_EXIT_CODE=0 # default exit code
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# application specific
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# create auth directories
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow per init script usernames and passwords
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow setting initial users and passwords via environment
user_name="${user_name:-$ENV_USER_NAME}"
user_pass="${user_pass:-$ENV_USER_PASS}"
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set password to random if variable is random
if [ "$user_pass" = "random" ]; then
user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ "$root_user_pass" = "random" ]; then
root_user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow variables via imports - Overwrite existing
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Only run check
if [ "$1" = "check" ]; then
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
exit $?
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show message if env exists
if [ -n "$EXEC_CMD_BIN" ]; then
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set switch user command
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
su_cmd() { eval "$*" || return 1; }
elif [ "$(builtin type -P gosu)" ]; then
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P runuser)" ]; then
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P sudo)" ]; then
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P su)" ]; then
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
else
echo "Can not switch to $SERVICE_USER: attempting to run as root"
su_cmd() { eval "$*" || return 1; }
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Change to working directory
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show init message
__pre_message
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Initialize ssl
__update_ssl_conf
__update_ssl_certs
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Updating config files
__create_env
__update_conf_files
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run the pre execute commands
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
__pre_execute
__run_secure_function
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
SERVICE_EXIT_CODE=10
SERVICE_IS_RUNNING="false"
rm -Rf "$SERVICE_PID_FILE"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
exit $SERVICE_EXIT_CODE

412
init/done/07-dictd.sh Executable file
View File

@ -0,0 +1,412 @@
#!/usr/bin/env bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
printf '%s\n' "# - - - Initializing dictd - - - #"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_NAME="dictd"
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run trap command on exit
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import the functions file
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
. "/usr/local/etc/docker/functions/entrypoint.sh"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import variables
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
[ -f "$set_env" ] && . "$set_env"
done
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Custom functions
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Show message before execute
PRE_EXEC_MESSAGE=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Default predefined variables
WORKDIR="" # set working directory
DATA_DIR="/data" # set data directory
WWW_DIR="/data/htdocs/www" # set the web root
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ETC_DIR="/etc/dictd" # set etc directory
CONF_DIR="/config/dictd" # set config directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
RUN_DIR="/run/init.d" # set scripts pid dir
LOG_DIR="/data/logs/dictd" # set log directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set the database directory
DATABASE_DIR="${DATABASE_DIR_DICTD:-/data/db/dictd}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional predefined variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# port which service is listening on
SERVICE_PORT="2628"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# execute command variables
SERVICE_UID="0" # set the user id
SERVICE_USER="root" # execute command as another user
EXEC_CMD_BIN="dictd" # command to execute
EXEC_CMD_ARGS="-dnodetach" # command arguments
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a web server
IS_WEB_SERVER="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a database server
IS_DATABASE_SERVICE="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# usernames
user_name="${DICTD_USER_NAME:-}" # normal user name
root_user_name="${DICTD_ROOT_USER_NAME:-}" # root user name
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# passwords [password/random]
user_pass="${DICTD_USER_PASS_WORD:-}" # normal user password
root_user_pass="${DICTD_ROOT_PASS_WORD:-}" # root user password
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Overwrite variables from files
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Specifiy custom directories to be created
ADD_APPLICATION_FILES=""
ADD_APPLICATION_DIRS=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
APPLICATION_FILES="$LOG_DIR/dictd.log"
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__update_conf_files() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
# delete files
#__rm ""
# define actions
# create default directories
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
(
echo "Creating directory $filedirs with permissions 777"
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create default files
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
(
echo "Creating file $application_files with permissions 777"
touch "$application_files" && chmod -Rf 777 "$application_files"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create directories if variable is yes"
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
# copy config files to system
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
# replace variables
# __replace "" "" "$CONF_DIR/dictd.conf"
# custom commands
if [ -f "/config/dict.conf" ]; then
cp -Rf "/config/dict.conf" "/etc/dictd/dict.conf"
else
cp -Rf "/etc/dictd/dict.conf" "/config/dict.conf"
fi
if [ -f "/config/dictd.conf" ]; then
cp -Rf "/config/dictd.conf" "/etc/dictd/dictd.conf"
else
cp -Rf "/etc/dictd/dictd.conf" "/config/dictd.conf"
fi
# other
# unset unneeded variables
unset application_files filedirs
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run before executing
__pre_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
# define commands
# execute if directories is empty
#__is_dir_empty "" &&
# create user if needed
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
# set user on files/folders
if [ -n "$user" ] && [ "$user" != "root" ]; then
if grep -s -q "$user:" "/etc/passwd"; then
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
fi
fi
# unset unneeded variables
unset filesperms filename
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run after executing
__post_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
sleep 60 # how long to wait before executing
echo "Running post commands" # message
# execute commands
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__pre_message() {
local exitCode=0
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to setup ssl support
__update_ssl_conf() {
local exitCode=0
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__create_env() {
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
EOF
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# script to start server
__run_start_script() {
local user="${SERVICE_USER:-root}"
local workdir="${WORKDIR:-$WORK_DIR}"
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
local home="${workdir//\/root/\/tmp\/docker}"
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
if [ -z "$EXEC_CMD_BIN" ]; then
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
echo "Initializing $SCRIPT_NAME has completed"
else
# ensure the command exists
if [ ! -x "$EXEC_CMD_BIN" ]; then
echo "$EXEC_CMD_NAME is not a valid executable"
exit 2
fi
# set working directories
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
[ "$home" = "/root" ] && home="/tmp/docker"
[ "$home" = "$workdir" ] && workdir=""
# create needed directories
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
# check and exit if already running
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
echo "$EXEC_CMD_NAME is already running" >&2
exit 0
else
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
su_cmd touch "$SERVICE_PID_FILE"
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
fi
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# username and password actions
__run_secure_function() {
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
for filesperms in "${USER_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# simple cd function
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# process check functions
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# check if process is already running
__proc_check() {
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
SERVICE_IS_RUNNING="true"
touch "$SERVICE_PID_FILE"
echo "$cmd_name is already running"
return 0
else
return 1
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow ENV_ variable - Import env file
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_EXIT_CODE=0 # default exit code
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# application specific
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# create auth directories
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow per init script usernames and passwords
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow setting initial users and passwords via environment
user_name="${user_name:-$ENV_USER_NAME}"
user_pass="${user_pass:-$ENV_USER_PASS}"
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set password to random if variable is random
if [ "$user_pass" = "random" ]; then
user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ "$root_user_pass" = "random" ]; then
root_user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow variables via imports - Overwrite existing
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Only run check
if [ "$1" = "check" ]; then
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
exit $?
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show message if env exists
if [ -n "$EXEC_CMD_BIN" ]; then
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set switch user command
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
su_cmd() { eval "$*" || return 1; }
elif [ "$(builtin type -P gosu)" ]; then
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P runuser)" ]; then
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P sudo)" ]; then
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P su)" ]; then
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
else
echo "Can not switch to $SERVICE_USER: attempting to run as root"
su_cmd() { eval "$*" || return 1; }
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Change to working directory
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show init message
__pre_message
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Initialize ssl
__update_ssl_conf
__update_ssl_certs
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Updating config files
__create_env
__update_conf_files
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run the pre execute commands
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
__pre_execute
__run_secure_function
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
SERVICE_EXIT_CODE=10
SERVICE_IS_RUNNING="false"
rm -Rf "$SERVICE_PID_FILE"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
exit $SERVICE_EXIT_CODE

411
init/done/07-docker.sh Executable file
View File

@ -0,0 +1,411 @@
#!/usr/bin/env bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
printf '%s\n' "# - - - Initializing docker - - - #"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_NAME="docker"
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run trap command on exit
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import the functions file
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
. "/usr/local/etc/docker/functions/entrypoint.sh"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import variables
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
[ -f "$set_env" ] && . "$set_env"
done
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Custom functions
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Show message before execute
PRE_EXEC_MESSAGE=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Default predefined variables
WORKDIR="" # set working directory
DATA_DIR="/data" # set data directory
WWW_DIR="/data/htdocs/www" # set the web root
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ETC_DIR="/etc/docker" # set etc directory
CONF_DIR="/config/docker" # set config directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
RUN_DIR="/run/init.d" # set scripts pid dir
LOG_DIR="/data/logs/docker" # set log directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set the database directory
DATABASE_DIR="${DATABASE_DIR_DOCKER:-/data/db/docker}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional predefined variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# port which service is listening on
SERVICE_PORT="2375"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# execute command variables
SERVICE_UID="0" # set the user id
SERVICE_USER="root" # execute command as another user
EXEC_CMD_BIN="dockerd" # command to execute
EXEC_CMD_ARGS="-H tcp://127.0.0.1:$SERVICE_PORT -H unix:///var/run/docker.sock " # command arguments
EXEC_CMD_ARGS+="-H unix:///tmp/docker.sock --config-file $HOME/.docker/daemon.json" #
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a web server
IS_WEB_SERVER="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a database server
IS_DATABASE_SERVICE="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional variables
REGISTERY="${REGISTERY:-REGISTERIES}"
DOCKER_HUB_TOKEN="${DOCKER_HUB_TOKEN:-DOCKER_TOKEN}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# usernames
user_name="${DOCKER_USER_NAME:-}" # normal user name
root_user_name="${DOCKER_ROOT_USER_NAME:-}" # root user name
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# passwords [password/random]
user_pass="${DOCKER_USER_PASS_WORD:-}" # normal user password
root_user_pass="${DOCKER_ROOT_PASS_WORD:-}" # root user password
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Overwrite variables from files
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Specifiy custom directories to be created
ADD_APPLICATION_FILES=""
ADD_APPLICATION_DIRS=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
APPLICATION_FILES="$LOG_DIR/docker.log"
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR $HOME/.docker"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__update_conf_files() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
local reg=""
[ -n "$REGISTERY" ] && registries="$REGISTERY,localhost:5000" || registries="localhost:5000"
registries="${registries//,/ }"
# define actions
for registry in $registries; do [ -n "$registry" ] && [ "$registry" != " " ] && reg+="\"$registry\","; done
registries="${reg%,}"
# create default directories
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
(
echo "Creating directory $filedirs with permissions 777"
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create default files
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
(
echo "Creating file $application_files with permissions 777"
touch "$application_files" && chmod -Rf 777 "$application_files"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create directories if variable is yes"
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
# copy config files to system
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
__file_copy "$CONF_DIR/daemon.json" "$HOME/.docker/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
# custom commands
if [ ! -f "$HOME/.docker/config.json" ]; then
cat <<EOF | tee "$HOME/.docker/config.json" &>/dev/null
{
"auths": { "https://index.docker.io/v1/": { "auth": "$DOCKER_HUB_TOKEN" } },
"HttpHeaders": { "User-Agent": "Docker-Client/23.0.1 (linux)" },
"insecure-registries" : [$registries]
}
EOF
fi
[ -f "$CONF_DIR/daemon.json" ] || cp -Rf "$HOME/.docker/config.json" "$CONF_DIR/daemon.json"
# unset unneeded variables
unset application_files filedirs
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run before executing
__pre_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
# define commands
# execute if directories is empty
#__is_dir_empty "" &&
# create user if needed
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
# set user on files/folders
if [ -n "$user" ] && [ "$user" != "root" ]; then
if grep -s -q "$user:" "/etc/passwd"; then
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
fi
fi
# unset unneeded variables
unset filesperms filename
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run after executing
__post_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
sleep 60 # how long to wait before executing
echo "Running post commands" # message
# execute commands
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__pre_message() {
local exitCode=0
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to setup ssl support
__update_ssl_conf() {
local exitCode=0
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__create_env() {
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
EOF
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# script to start server
__run_start_script() {
local user="${SERVICE_USER:-root}"
local workdir="${WORKDIR:-$WORK_DIR}"
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
local home="${workdir//\/root/\/tmp\/docker}"
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
if [ -z "$EXEC_CMD_BIN" ]; then
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
echo "Initializing $SCRIPT_NAME has completed"
else
# ensure the command exists
if [ ! -x "$EXEC_CMD_BIN" ]; then
echo "$EXEC_CMD_NAME is not a valid executable"
exit 2
fi
# set working directories
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
[ "$home" = "/root" ] && home="/tmp/docker"
[ "$home" = "$workdir" ] && workdir=""
# create needed directories
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
# check and exit if already running
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
echo "$EXEC_CMD_NAME is already running" >&2
exit 0
else
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
su_cmd touch "$SERVICE_PID_FILE"
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
fi
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# username and password actions
__run_secure_function() {
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
for filesperms in "${USER_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# simple cd function
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# process check functions
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# check if process is already running
__proc_check() {
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
SERVICE_IS_RUNNING="true"
touch "$SERVICE_PID_FILE"
echo "$cmd_name is already running"
return 0
else
return 1
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow ENV_ variable - Import env file
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_EXIT_CODE=0 # default exit code
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# application specific
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# create auth directories
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow per init script usernames and passwords
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow setting initial users and passwords via environment
user_name="${user_name:-$ENV_USER_NAME}"
user_pass="${user_pass:-$ENV_USER_PASS}"
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set password to random if variable is random
if [ "$user_pass" = "random" ]; then
user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ "$root_user_pass" = "random" ]; then
root_user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow variables via imports - Overwrite existing
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Only run check
if [ "$1" = "check" ]; then
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
exit $?
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show message if env exists
if [ -n "$EXEC_CMD_BIN" ]; then
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set switch user command
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
su_cmd() { eval "$*" || return 1; }
elif [ "$(builtin type -P gosu)" ]; then
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P runuser)" ]; then
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P sudo)" ]; then
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P su)" ]; then
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
else
echo "Can not switch to $SERVICE_USER: attempting to run as root"
su_cmd() { eval "$*" || return 1; }
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Change to working directory
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show init message
__pre_message
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Initialize ssl
__update_ssl_conf
__update_ssl_certs
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Updating config files
__create_env
__update_conf_files
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run the pre execute commands
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
__pre_execute
__run_secure_function
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
SERVICE_EXIT_CODE=10
SERVICE_IS_RUNNING="false"
rm -Rf "$SERVICE_PID_FILE"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
exit $SERVICE_EXIT_CODE

397
init/done/08-apache.sh Executable file
View File

@ -0,0 +1,397 @@
#!/usr/bin/env bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
printf '%s\n' "# - - - Initializing apache2 - - - #"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_NAME="apache2"
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run trap command on exit
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import the functions file
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
. "/usr/local/etc/docker/functions/entrypoint.sh"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import variables
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
[ -f "$set_env" ] && . "$set_env"
done
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Custom functions
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Show message before execute
PRE_EXEC_MESSAGE=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Default predefined variables
WORKDIR="" # set working directory
DATA_DIR="/data" # set data directory
WWW_DIR="/data/htdocs/www" # set the web root
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ETC_DIR="/etc/apache2" # set etc directory
CONF_DIR="/config/apache2" # set config directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
RUN_DIR="/run/init.d" # set scripts pid dir
LOG_DIR="/data/logs/apache2" # set log directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set the database directory
DATABASE_DIR="${DATABASE_DIR_APACHE:-/data/db/apache2}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional predefined variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# port which service is listening on
SERVICE_PORT=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# execute command variables
SERVICE_UID="0" # set the user id
SERVICE_USER="root" # execute command as another user
EXEC_CMD_BIN="httpd" # command to execute
EXEC_CMD_ARGS="-f $ETC_DIR/httpd.conf -DFOREGROUND" # command arguments
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a web server
IS_WEB_SERVER="yes"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a database server
IS_DATABASE_SERVICE="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# usernames
user_name="${APACHE_USER_NAME:-}" # normal user name
root_user_name="${APACHE_ROOT_USER_NAME:-}" # root user name
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# passwords [password/random]
user_pass="${APACHE_USER_PASS_WORD:-}" # normal user password
root_user_pass="${APACHE_ROOT_PASS_WORD:-}" # root user password
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Overwrite variables from files
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Specifiy custom directories to be created
ADD_APPLICATION_FILES=""
ADD_APPLICATION_DIRS=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
APPLICATION_FILES="$LOG_DIR/apache.log"
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__update_conf_files() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-apache}" # specifiy different user
local sysname="${SERVER_NAME:-$HOSTNAME}" # set hostname
# create default directories
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
(
echo "Creating directory $filedirs with permissions 777"
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create default files
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
(
echo "Creating file $application_files with permissions 777"
touch "$application_files" && chmod -Rf 777 "$application_files"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create directories if variable is yes"
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
# copy config files to system
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
# replace variables
__replace "REPLACE_SERVER_DIR" "$WWW_DIR" "$ETC_DIR/httpd.conf"
__replace "REPLACE_SERVER_NAME" "$sysname" "$ETC_DIR/httpd.conf"
__replace "REPLACE_SERVER_PORT" "${SERVICE_PORT:-80}" "$ETC_DIR/httpd.conf"
__replace "REPLACE_SERVER_DIR" "$WWW_DIR" "$ETC_DIR/vhosts.d/default.conf"
__replace "REPLACE_SERVER_NAME" "$sysname" "$ETC_DIR/vhosts.d/default.conf"
__replace "REPLACE_SERVER_PORT" "${SERVICE_PORT:-80}" "$ETC_DIR/vhosts.d/default.conf"
__replace "REPLACE_SERVER_ADMIN" "${SERVER_ADMIN:-root@$sysname}" "$ETC_DIR/httpd.conf"
[ -f "$WWW_DIR/index.php" ] && __replace "REPLACE_SERVER_SOFTWARE" "apache" "$WWW_DIR/index.php"
[ -f "$WWW_DIR/index.html" ] && __replace "REPLACE_SERVER_SOFTWARE" "apache" "$WWW_DIR/index.html"
# unset unneeded variables
unset application_files filedirs
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run before executing
__pre_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-apache}" # specifiy different user
# set user on files/folders
if [ -n "$user" ] && [ "$user" != "root" ]; then
if grep -s -q "$user:" "/etc/passwd"; then
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
fi
fi
# unset unneeded variables
unset filesperms filename
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run after executing
__post_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
sleep 60 # how long to wait before executing
echo "Running post commands" # message
# execute commands
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__pre_message() {
local exitCode=0
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to setup ssl support
__update_ssl_conf() {
local exitCode=0
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__create_env() {
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
EOF
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# script to start server
__run_start_script() {
local user="${SERVICE_USER:-root}"
local workdir="${WORKDIR:-$WORK_DIR}"
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
local home="${workdir//\/root/\/tmp\/docker}"
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
if [ -z "$EXEC_CMD_BIN" ]; then
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
echo "Initializing $SCRIPT_NAME has completed"
else
# ensure the command exists
if [ ! -x "$EXEC_CMD_BIN" ]; then
echo "$EXEC_CMD_NAME is not a valid executable"
exit 2
fi
# set working directories
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
[ "$home" = "/root" ] && home="/tmp/docker"
[ "$home" = "$workdir" ] && workdir=""
# create needed directories
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
# check and exit if already running
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
echo "$EXEC_CMD_NAME is already running" >&2
exit 0
else
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
su_cmd touch "$SERVICE_PID_FILE"
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
fi
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# username and password actions
__run_secure_function() {
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
for filesperms in "${USER_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# simple cd function
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# process check functions
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# check if process is already running
__proc_check() {
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
SERVICE_IS_RUNNING="true"
touch "$SERVICE_PID_FILE"
echo "$cmd_name is already running"
return 0
else
return 1
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow ENV_ variable - Import env file
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_EXIT_CODE=0 # default exit code
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# application specific
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# create auth directories
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow per init script usernames and passwords
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow setting initial users and passwords via environment
user_name="${user_name:-$ENV_USER_NAME}"
user_pass="${user_pass:-$ENV_USER_PASS}"
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set password to random if variable is random
if [ "$user_pass" = "random" ]; then
user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ "$root_user_pass" = "random" ]; then
root_user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow variables via imports - Overwrite existing
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Only run check
if [ "$1" = "check" ]; then
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
exit $?
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show message if env exists
if [ -n "$EXEC_CMD_BIN" ]; then
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set switch user command
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
su_cmd() { eval "$*" || return 1; }
elif [ "$(builtin type -P gosu)" ]; then
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P runuser)" ]; then
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P sudo)" ]; then
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P su)" ]; then
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
else
echo "Can not switch to $SERVICE_USER: attempting to run as root"
su_cmd() { eval "$*" || return 1; }
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Change to working directory
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show init message
__pre_message
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Initialize ssl
__update_ssl_conf
__update_ssl_certs
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Updating config files
__create_env
__update_conf_files
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run the pre execute commands
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
__pre_execute
__run_secure_function
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
SERVICE_EXIT_CODE=10
SERVICE_IS_RUNNING="false"
rm -Rf "$SERVICE_PID_FILE"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
exit $SERVICE_EXIT_CODE

399
init/done/08-caddy.sh Executable file
View File

@ -0,0 +1,399 @@
#!/usr/bin/env bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
printf '%s\n' "# - - - Initializing caddy - - - #"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_NAME="caddy"
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run trap command on exit
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import the functions file
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
. "/usr/local/etc/docker/functions/entrypoint.sh"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import variables
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
[ -f "$set_env" ] && . "$set_env"
done
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Custom functions
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Show message before execute
PRE_EXEC_MESSAGE=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Default predefined variables
WORKDIR="" # set working directory
DATA_DIR="/data" # set data directory
WWW_DIR="/data/htdocs/www" # set the web root
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ETC_DIR="/etc/caddy" # set etc directory
CONF_DIR="/config/caddy" # set config directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
RUN_DIR="/run/init.d" # set scripts pid dir
LOG_DIR="/data/logs/caddy" # set log directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set the database directory
DATABASE_DIR="${DATABASE_DIR_CADDY:-/data/db/caddy}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional predefined variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# port which service is listening on
SERVICE_PORT=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# execute command variables
SERVICE_UID="0" # set the user id
SERVICE_USER="root" # execute command as another user
EXEC_CMD_BIN="caddy" # command to execute
EXEC_CMD_ARGS="run --config $ETC_DIR/Caddyfile" # command arguments
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a web server
IS_WEB_SERVER="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a database server
IS_DATABASE_SERVICE="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# usernames
user_name="${CADDY_USER_NAME:-}" # normal user name
root_user_name="${CADDY_ROOT_USER_NAME:-}" # root user name
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# passwords [password/random]
user_pass="${CADDY_USER_PASS_WORD:-}" # normal user password
root_user_pass="${CADDY_ROOT_PASS_WORD:-}" # root user password
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Overwrite variables from files
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Specifiy custom directories to be created
ADD_APPLICATION_FILES=""
ADD_APPLICATION_DIRS=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
APPLICATION_FILES="$LOG_DIR/caddy.log"
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__update_conf_files() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
local hostname="${SERVER_NAME:-${DOMAINNAME:-$hostname}}" # set hostname
# create default directories
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
(
echo "Creating directory $filedirs with permissions 777"
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create default files
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
(
echo "Creating file $application_files with permissions 777"
touch "$application_files" && chmod -Rf 777 "$application_files"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create directories if variable is yes"
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
# copy config files to system
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
# replace variables
__replace "REPLACE_SERVER_PORT" "${SERVICE_PORT:-80}" "$ETC_DIR/Caddyfile"
__replace "REPLACE_SERVER_NAME" "${SERVER_NAME:-$hostname}" "$ETC_DIR/Caddyfile"
__replace "REPLACE_SERVER_ADMIN" "${SERVER_ADMIN:-root@$hostname}" "$ETC_DIR/Caddyfile"
__replace "REPLACE_SERVER_SOFTWARE" "caddy" "$WWW_DIR/index.php"
# custom commands
[ -d "$WWW_DIR/health" ] || mkdir -p "$WWW_DIR/health"
[ -f "$WWW_DIR/health/index.txt" ] || echo 'ok' >"$WWW_DIR/health/index.txt"
[ -f "$WWW_DIR/health/index.json" ] || echo '{ "status": "ok" }' >"$WWW_DIR/health/index.json"
# other
# unset unneeded variables
unset application_files filedirs
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run before executing
__pre_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
# create user if needed
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
# set user on files/folders
if [ -n "$user" ] && [ "$user" != "root" ]; then
if grep -s -q "$user:" "/etc/passwd"; then
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
fi
fi
# unset unneeded variables
unset filesperms filename
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run after executing
__post_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
sleep 60 # how long to wait before executing
echo "Running post commands" # message
# execute commands
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__pre_message() {
local exitCode=0
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to setup ssl support
__update_ssl_conf() {
local exitCode=0
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__create_env() {
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
EOF
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# script to start server
__run_start_script() {
local user="${SERVICE_USER:-root}"
local workdir="${WORKDIR:-$WORK_DIR}"
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
local home="${workdir//\/root/\/tmp\/docker}"
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
if [ -z "$EXEC_CMD_BIN" ]; then
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
echo "Initializing $SCRIPT_NAME has completed"
else
# ensure the command exists
if [ ! -x "$EXEC_CMD_BIN" ]; then
echo "$EXEC_CMD_NAME is not a valid executable"
exit 2
fi
# set working directories
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
[ "$home" = "/root" ] && home="/tmp/docker"
[ "$home" = "$workdir" ] && workdir=""
# create needed directories
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
# check and exit if already running
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
echo "$EXEC_CMD_NAME is already running" >&2
exit 0
else
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
su_cmd touch "$SERVICE_PID_FILE"
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
fi
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# username and password actions
__run_secure_function() {
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
for filesperms in "${USER_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# simple cd function
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# process check functions
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# check if process is already running
__proc_check() {
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
SERVICE_IS_RUNNING="true"
touch "$SERVICE_PID_FILE"
echo "$cmd_name is already running"
return 0
else
return 1
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow ENV_ variable - Import env file
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_EXIT_CODE=0 # default exit code
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# application specific
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# create auth directories
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow per init script usernames and passwords
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow setting initial users and passwords via environment
user_name="${user_name:-$ENV_USER_NAME}"
user_pass="${user_pass:-$ENV_USER_PASS}"
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set password to random if variable is random
if [ "$user_pass" = "random" ]; then
user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ "$root_user_pass" = "random" ]; then
root_user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow variables via imports - Overwrite existing
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Only run check
if [ "$1" = "check" ]; then
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
exit $?
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show message if env exists
if [ -n "$EXEC_CMD_BIN" ]; then
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set switch user command
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
su_cmd() { eval "$*" || return 1; }
elif [ "$(builtin type -P gosu)" ]; then
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P runuser)" ]; then
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P sudo)" ]; then
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P su)" ]; then
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
else
echo "Can not switch to $SERVICE_USER: attempting to run as root"
su_cmd() { eval "$*" || return 1; }
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Change to working directory
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show init message
__pre_message
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Initialize ssl
__update_ssl_conf
__update_ssl_certs
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Updating config files
__create_env
__update_conf_files
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run the pre execute commands
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
__pre_execute
__run_secure_function
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
SERVICE_EXIT_CODE=10
SERVICE_IS_RUNNING="false"
rm -Rf "$SERVICE_PID_FILE"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
exit $SERVICE_EXIT_CODE

402
init/done/08-cherokee.sh Executable file
View File

@ -0,0 +1,402 @@
#!/usr/bin/env bash
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
[ "$DEBUGGER" = "on" ] && echo "Enabling debugging" && set -o pipefail -x$DEBUGGER_OPTIONS || set -o pipefail
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
printf '%s\n' "# - - - Initializing cherokee - - - #"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_NAME="cherokee"
SCRIPT_NAME="$(basename "$0" 2>/dev/null)"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run trap command on exit
trap 'retVal=$?;[ "$SERVICE_IS_RUNNING" != "true" ] && [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE";exit $retVal' SIGINT SIGTERM EXIT
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import the functions file
if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then
. "/usr/local/etc/docker/functions/entrypoint.sh"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# import variables
for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do
[ -f "$set_env" ] && . "$set_env"
done
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Custom functions
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Show message before execute
PRE_EXEC_MESSAGE=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Default predefined variables
WORKDIR="" # set working directory
DATA_DIR="/data" # set data directory
WWW_DIR="/data/htdocs/www" # set the web root
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ETC_DIR="/etc/cherokee" # set etc directory
CONF_DIR="/config/cherokee" # set config directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
RUN_DIR="/run/init.d" # set scripts pid dir
LOG_DIR="/data/logs/cherokee" # set log directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set the database directory
DATABASE_DIR="${DATABASE_DIR_CHEROKEE:-/data/db/cherokee}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional predefined variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# port which service is listening on
SERVICE_PORT="80"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# execute command variables
SERVICE_UID="0" # set the user id
SERVICE_USER="root" # execute command as another user
EXEC_CMD_BIN="cherokee" # command to execute
EXEC_CMD_ARGS="-C $ETC_DIR/cherokee.conf" # command arguments
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a web server
IS_WEB_SERVER="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Is this service a database server
IS_DATABASE_SERVICE="no"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Additional variables
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# usernames
user_name="${CHEROKEE_USER_NAME:-}" # normal user name
root_user_name="${CHEROKEE_ROOT_USER_NAME:-}" # root user name
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# passwords [password/random]
user_pass="${CHEROKEE_USER_PASS_WORD:-}" # normal user password
root_user_pass="${CHEROKEE_ROOT_PASS_WORD:-}" # root user password
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Overwrite variables from files
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" ] && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" ] && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")"
[ -f "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" ] && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Specifiy custom directories to be created
ADD_APPLICATION_FILES=""
ADD_APPLICATION_DIRS=""
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
APPLICATION_FILES="$LOG_DIR/cherokee.log"
APPLICATION_DIRS="$RUN_DIR $ETC_DIR $CONF_DIR $LOG_DIR"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__update_conf_files() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
# create default directories
for filedirs in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$filedirs" ] && [ ! -d "$filedirs" ]; then
(
echo "Creating directory $filedirs with permissions 777"
mkdir -p "$filedirs" && chmod -Rf 777 "$filedirs"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create default files
for application_files in $ADD_APPLICATION_FILES $APPLICATION_FILES; do
if [ -n "$application_files" ] && [ ! -e "$application_files" ]; then
(
echo "Creating file $application_files with permissions 777"
touch "$application_files" && chmod -Rf 777 "$application_files"
) |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
# create directories if variable is yes"
[ "$IS_WEB_SERVER" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $WWW_DIR" && { [ -d "$WWW_DIR" ] || { (echo "Creating directory $WWW_DIR with permissions 777" && mkdir -p "$WWW_DIR" && chmod -f 777 "$WWW_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
[ "$IS_DATABASE_SERVICE" = "yes" ] && APPLICATION_DIRS="$APPLICATION_DIRS $DATABASE_DIR" && { [ -d "$DATABASE_DIR" ] || { (echo "Creating directory $DATABASE_DIR with permissions 777" && mkdir -p "$DATABASE_DIR" && chmod -f 777 "$DATABASE_DIR") |& tee -a "$LOG_DIR/init.txt" &>/dev/null; }; }
# copy config files to system
__file_copy "$CONF_DIR/." "$ETC_DIR/" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
# replace variables
__replace "REPLACE_WWW_DIR" "$WWW_DIR" "$ETC_DIR/cherokee.conf"
__replace "REPLACE_SERVER_PORT" "$SERVICE_PORT" "$ETC_DIR/cherokee.conf"
# replace variables recursively
# __find_replace "" "" "$CONF_DIR/"
# custom commands
# other
# unset unneeded variables
unset application_files filedirs
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run before executing
__pre_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
# define commands
# execute if directories is empty
#__is_dir_empty "" &&
# create user if needed
# __create_service_user "$user" "/home/$user" "${USER_GID:-${USER_UID:-1000}"
# set user on files/folders
if [ -n "$user" ] && [ "$user" != "root" ]; then
if grep -s -q "$user:" "/etc/passwd"; then
for permissions in $ADD_APPLICATION_DIRS $APPLICATION_DIRS; do
if [ -n "$permissions" ] && [ -e "$permissions" ]; then
(chown -Rf $user:$user "$permissions" && echo "changed ownership on $permissions to $user") |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
done
fi
fi
# unset unneeded variables
unset filesperms filename
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run after executing
__post_execute() {
local exitCode=0 # default exit code
local user="${SERVICE_USER:-root}" # specifiy different user
sleep 60 # how long to wait before executing
echo "Running post commands" # message
# execute commands
(echo "Starting cherokee-admin on port 9090" && cherokee-admin -b -p 9090 -C $ETC_DIR/cherokee.conf) &
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__pre_message() {
local exitCode=0
[ -n "$user_name" ] && echo "username: $user_name" && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$user_pass" ] && echo "password: saved to ${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass"
[ -n "$root_user_name" ] && echo "root username: $root_user_name" && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name"
[ -n "$root_user_pass" ] && echo "root password: saved to ${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass"
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to setup ssl support
__update_ssl_conf() {
local exitCode=0
return $exitCode
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__create_env() {
cat <<EOF | tee "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" &>/dev/null
# ENV_WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
# ENV_WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
# ENV_ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
# ENV_DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
# ENV_CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
# ENV_DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
# ENV_SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
# ENV_SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
# ENV_SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
# EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
# EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
# EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
# ENV_USER_NAME="${user_name:-$ENV_USER_NAME}" #
# ENV_USER_PASS="${user_pass:-$ENV_USER_PASS}" #
# ENV_ROOT_USER_NAME="${root_user_name:-$ENV_ROOT_USER_NAME}" #
# ENV_ROOT_USER_PASS="${root_user_pass:-$ENV_ROOT_USER_PASS}" #
EOF
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] || return 1
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# script to start server
__run_start_script() {
local user="${SERVICE_USER:-root}"
local workdir="${WORKDIR:-$WORK_DIR}"
local cmd="$EXEC_CMD_BIN $EXEC_CMD_ARGS"
local lc_type="${LC_ALL:-${LC_CTYPE:-$LANG}}"
local home="${workdir//\/root/\/tmp\/docker}"
local path="/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin"
if [ -z "$EXEC_CMD_BIN" ]; then
__post_execute 2>"/dev/stderr" |& tee -a "$LOG_DIR/init.txt" &>/dev/null
echo "Initializing $SCRIPT_NAME has completed"
else
# ensure the command exists
if [ ! -x "$EXEC_CMD_BIN" ]; then
echo "$EXEC_CMD_NAME is not a valid executable"
exit 2
fi
# set working directories
[ -z "$home" ] && home="${workdir:-/tmp/docker}"
[ "$home" = "/root" ] && home="/tmp/docker"
[ "$home" = "$workdir" ] && workdir=""
# create needed directories
[ -n "$home" ] && { [ -d "$home" ] || mkdir -p "$home"; }
[ -n "$workdir" ] && { [ -d "$workdir" ] || mkdir -p "$workdir" || workdir="/tmp"; }
[ -n "$workdir" ] && __cd "$workdir" || { [ -n "$home" ] && __cd "$home"; } || __cd "/tmp"
[ "$user" != "root " ] && [ -d "$home" ] && chmod -f 777 "$home"
[ "$user" != "root " ] && [ -d "$workdir" ] && chmod -f 777 "$workdir"
# check and exit if already running
if __proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"; then
echo "$EXEC_CMD_NAME is already running" >&2
exit 0
else
echo "Starting service: $EXEC_CMD_NAME $EXEC_CMD_ARGS"
su_cmd touch "$SERVICE_PID_FILE"
__post_execute 2>"/dev/stderr" 2>&1 |& tee -a "$LOG_DIR/init.txt" &>/dev/null &
su_cmd env -i HOME="$home" LC_CTYPE="$lc_type" PATH="$path" USER="$user" sh -c "$cmd" || return 10
fi
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# username and password actions
__run_secure_function() {
if [ -n "$user_name" ] || [ -n "$user_pass" ]; then
for filesperms in "${USER_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then
for filesperms in "${ROOT_FILE_PREFIX}"/*; do
if [ -e "$filesperms" ]; then
chmod -Rf 600 "$filesperms"
chown -Rf root:root "$filesperms"
fi
done |& tee -a "$LOG_DIR/init.txt" &>/dev/null
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# simple cd function
__cd() { mkdir -p "$1" && builtin cd "$1" || exit 1; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# process check functions
__pcheck() { [ -n "$(type -P pgrep 2>/dev/null)" ] && pgrep -x "$1" &>/dev/null && return 0 || return 10; }
__pgrep() { __pcheck "${1:-$EXEC_CMD_BIN}" || __ps aux 2>/dev/null | grep -Fw " ${1:-$EXEC_CMD_BIN}" | grep -qv ' grep' | grep '^' && return 0 || return 10; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# check if process is already running
__proc_check() {
cmd_bin="$(type -P "${1:-$EXEC_CMD_BIN}")"
cmd_name="$(basename "${cmd_bin:-$EXEC_CMD_NAME}")"
if __pgrep "$cmd_bin" || __pgrep "$cmd_name"; then
SERVICE_IS_RUNNING="true"
touch "$SERVICE_PID_FILE"
echo "$cmd_name is already running"
return 0
else
return 1
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow ENV_ variable - Import env file
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SERVICE_EXIT_CODE=0 # default exit code
WORKDIR="${ENV_WORKDIR:-$WORKDIR}" # change to directory
WWW_DIR="${ENV_WWW_DIR:-$WWW_DIR}" # set default web dir
ETC_DIR="${ENV_ETC_DIR:-$ETC_DIR}" # set default etc dir
DATA_DIR="${ENV_DATA_DIR:-$DATA_DIR}" # set default data dir
CONF_DIR="${ENV_CONF_DIR:-$CONF_DIR}" # set default config dir
DATABASE_DIR="${ENV_DATABASE_DIR:-$DATABASE_DIR}" # set database dir
SERVICE_USER="${ENV_SERVICE_USER:-$SERVICE_USER}" # execute command as another user
SERVICE_UID="${ENV_SERVICE_UID:-$SERVICE_UID}" # set the user id
SERVICE_PORT="${ENV_SERVICE_PORT:-$SERVICE_PORT}" # port which service is listening on
PRE_EXEC_MESSAGE="${ENV_PRE_EXEC_MESSAGE:-$PRE_EXEC_MESSAGE}" # Show message before execute
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# application specific
EXEC_CMD_BIN="${ENV_EXEC_CMD_BIN:-$EXEC_CMD_BIN}" # command to execute
EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path
EXEC_CMD_NAME="$(basename "$EXEC_CMD_BIN")" # set the binary name
SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location
EXEC_CMD_ARGS="${ENV_EXEC_CMD_ARGS:-$EXEC_CMD_ARGS}" # command arguments
SERVICE_PID_NUMBER="$(__pgrep)" # check if running
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# create auth directories
[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; }
[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; }
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow per init script usernames and passwords
[ -f "$ETC_DIR/auth/user/name" ] && user_name="$(<"$ETC_DIR/auth/user/name")"
[ -f "$ETC_DIR/auth/user/pass" ] && user_pass="$(<"$ETC_DIR/auth/user/pass")"
[ -f "$ETC_DIR/auth/root/name" ] && root_user_name="$(<"$ETC_DIR/auth/root/name")"
[ -f "$ETC_DIR/auth/root/pass" ] && root_user_pass="$(<"$ETC_DIR/auth/root/pass")"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow setting initial users and passwords via environment
user_name="${user_name:-$ENV_USER_NAME}"
user_pass="${user_pass:-$ENV_USER_PASS}"
root_user_name="${root_user_name:-$ENV_ROOT_USER_NAME}"
root_user_pass="${root_user_pass:-$ENV_ROOT_USER_PASS}"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set password to random if variable is random
if [ "$user_pass" = "random" ]; then
user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if [ "$root_user_pass" = "random" ]; then
root_user_pass="$(__random_password)"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Allow variables via imports - Overwrite existing
[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Only run check
if [ "$1" = "check" ]; then
__proc_check "$EXEC_CMD_NAME" || __proc_check "$EXEC_CMD_BIN"
exit $?
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show message if env exists
if [ -n "$EXEC_CMD_BIN" ]; then
[ -n "$SERVICE_USER" ] && echo "Setting up service to run as $SERVICE_USER" || SERVICE_USER="root"
[ -n "$SERVICE_PORT" ] && echo "${EXEC_CMD_NAME:-$EXEC_CMD_BIN} will be running on $SERVICE_PORT" || SERVICE_PORT=""
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# set switch user command
if [ "$SERVICE_USER" = "root" ] || [ -z "$SERVICE_USER" ]; then
su_cmd() { eval "$*" || return 1; }
elif [ "$(builtin type -P gosu)" ]; then
su_cmd() { gosu $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P runuser)" ]; then
su_cmd() { runuser -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P sudo)" ]; then
su_cmd() { sudo -u $SERVICE_USER "$@" || return 1; }
elif [ "$(builtin type -P su)" ]; then
su_cmd() { su -s /bin/sh - $SERVICE_USER -c "$@" || return 1; }
else
echo "Can not switch to $SERVICE_USER: attempting to run as root"
su_cmd() { eval "$*" || return 1; }
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Change to working directory
[ -n "$WORKDIR" ] && [ -n "$EXEC_CMD_BIN" ] && __cd "$WORKDIR" && echo "Changed to $PWD"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# show init message
__pre_message
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Initialize ssl
__update_ssl_conf
__update_ssl_certs
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Updating config files
__create_env
__update_conf_files
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# run the pre execute commands
[ -n "$PRE_EXEC_MESSAGE" ] && echo "$PRE_EXEC_MESSAGE"
__pre_execute
__run_secure_function
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__run_start_script "$@" |& tee -a "/data/logs/entrypoint.log" &>/dev/null
if [ "$?" -ne 0 ] && [ -n "$EXEC_CMD_BIN" ]; then
echo "Failed to execute: $EXEC_CMD_BIN $EXEC_CMD_ARGS" |& tee -a "/data/logs/entrypoint.log" "$LOG_DIR/init.txt"
SERVICE_EXIT_CODE=10
SERVICE_IS_RUNNING="false"
rm -Rf "$SERVICE_PID_FILE"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
exit $SERVICE_EXIT_CODE

Some files were not shown because too many files have changed in this diff Show More