struct(entrypoint): skeleton entrypoint script

- basic operation flow with placeholder functions
- implement server and shell launch
- allow commands to pass to shell
- update Dockerfile to load entrypoint only
- update Dockerfile to set permissions for certs directory
This commit is contained in:
Asif Bacchus 2021-07-22 17:15:31 -06:00
parent e82fad68ac
commit 0fbd3303e4
2 changed files with 97 additions and 8 deletions

View File

@ -11,13 +11,17 @@ RUN deluser --remove-home node \
&& addgroup -g ${NODE_UID} -S node \ && addgroup -g ${NODE_UID} -S node \
&& adduser -G node -S -u ${NODE_UID} node && adduser -G node -S -u ${NODE_UID} node
# create default volumes in-case user forgets, expose default port
VOLUME [ "/var/watch", "/var/certs" ]
EXPOSE 35729
# add tini, timezone support and create certificate directories # add tini, timezone support and create certificate directories
RUN apk --update --no-cache add \ RUN apk --update --no-cache add \
tini \ tini \
tzdata \ tzdata \
&& mkdir /certs \
&& chown node:node /certs \ && chown node:node /certs \
&& chmod 700 certs && chmod 700 certs \
&& chmod +r /var/watch
# labels # labels
LABEL org.opencontainers.image.authors="Asif Bacchus <asif@asifbacchus.dev>" LABEL org.opencontainers.image.authors="Asif Bacchus <asif@asifbacchus.dev>"
@ -27,10 +31,6 @@ LABEL org.opencontainers.image.url="https://git.asifbacchus.dev/ab-docker/livere
LABEL org.opencontainers.image.documentation="https://git.asifbacchus.dev/ab-docker/livereload/raw/branch/master/README.md" LABEL org.opencontainers.image.documentation="https://git.asifbacchus.dev/ab-docker/livereload/raw/branch/master/README.md"
LABEL org.opencontainers.image.source="https://git.asifbacchus.dev/ab-docker/livereload.git" LABEL org.opencontainers.image.source="https://git.asifbacchus.dev/ab-docker/livereload.git"
# create default volume in-case user forgets, expose default port
VOLUME [ "/var/watch" ]
EXPOSE 35729
# default environment variables # default environment variables
ENV NODE_ENV=production ENV NODE_ENV=production
ENV NPM_CONFIG_PREFIX=/home/node/.npm-global ENV NPM_CONFIG_PREFIX=/home/node/.npm-global
@ -49,10 +49,10 @@ RUN mkdir -p .npm-global/bin .npm-global/lib \
&& npm config set update-notifier false \ && npm config set update-notifier false \
&& npm install livereload --save && npm install livereload --save
COPY [ "livereload.js", "livereload.js" ] COPY [ "livereload.js", "livereload.js" ]
COPY [ "entrypoint.sh", "/usr/local/bin/entrypoint.sh" ]
# run server via tini by default # run server via tini by default
ENTRYPOINT [ "/sbin/tini", "--" ] ENTRYPOINT [ "/sbin/tini", "--", "/usr/local/bin/entrypoint.sh" ]
CMD [ "node", "livereload.js" ]
# set build timestamp and version labels # set build timestamp and version labels
ARG BUILD_DATE ARG BUILD_DATE

89
build/entrypoint.sh Normal file
View File

@ -0,0 +1,89 @@
#!/bin/sh
#
# entrypoint script for livereload-tls-npm container
#
# functions
certificateGenerateNew() {
printf "\nGenerating new self-signed certificate:\n"
printf "Exporting new certificate:\n"
exit 0
}
certificateShow() {
printf "\nCurrently loaded certificate:\n"
exit 0
}
certificateExport() {
printf "\nExporting currently loaded certificate:\n"
exit 0
}
# default variable values
doCertExport=0
doCertNew=0
doCertShow=0
doServer=0
doShell=0
# process action parameter
case "$1" in
listen | server | run | start)
doServer=1
;;
shell) ;;
new-cert)
doCertNew=1
;;
show-cert)
doCertShow=1
;;
export-cert)
doCertExport=1
;;
*)
# invalid or unknown option
printf "\nUnknown action requested: %s\n" "$1"
printf "Valid actions: [listen | server | run | start] | shell | new-cert | show-cert | export-cert"
exit 1
;;
esac
# action: run server
if [ "$doServer" -eq 1 ]; then
exec "node livereload.js"
exit "$?"
fi
# action: drop to shell
if [ "$doShell" -eq 1 ]; then
exec /bin/sh "$@"
exit "$?"
fi
# action: generate new self-signed certificate
if [ "$doCertNew" -eq 1 ]; then certificateGenerateNew; fi
# action: show loaded certificate
if [ "$doCertShow" -eq 1 ]; then certificateShow; fi
# action: export loaded certificate
if [ "$doCertExport" -eq 1 ]; then certificateExport; fi
# failsafe exit - terminate with code 99: this code should never be executed!
exit 99
# exit codes:
# 0: normal exit, no errors
# 1: invalid or invalid parameter passed to script
# 50: certificate errors
# 51: unable to read certificate/chain
# 52: unable to read private key
# 55: unable to generate new certificate
# 56: unable to export certificate, likely write error
# 99: code error
#EOF