14 Commits

Author SHA1 Message Date
Asif Bacchus 6206ed49ff build(GIT): only include helper scripts in export archives 2021-01-15 06:28:43 -07:00
Asif Bacchus 478af79158 fix(README): fix incorrect link 2021-01-15 06:28:11 -07:00
Asif Bacchus 6f9d0ae7df style(README): force line breaks on contents items 2021-01-15 06:21:34 -07:00
Asif Bacchus db4be32b54 style(HELPERSCRIPTS): reformat code 2021-01-15 06:11:24 -07:00
Asif Bacchus 9d5c7960c9 fix(HELPERSCRIPTS): do not display file results in container-only mode 2021-01-15 06:10:04 -07:00
Asif Bacchus f53e673c3f feature(HELPERSCRIPTS): add inline help 2021-01-15 06:06:07 -07:00
Asif Bacchus 16df6570bc feature(HELPERSCRIPTS): tabular parameter help output 2021-01-15 06:05:01 -07:00
Asif Bacchus 38d6967f68 feature(HELPERSCRIPTS): add newline function, bold formatting preset 2021-01-15 05:50:01 -07:00
Asif Bacchus 0a99c75a91 feature(HELPERSCRIPTS): add text formatting functions 2021-01-15 05:47:00 -07:00
Asif Bacchus cb794e755f refactor(HELPERSCRIPTS): remove restart option
- cannot account for all possible custom configurations
- restart should be manual
2021-01-15 05:40:42 -07:00
Asif Bacchus d29bff3324 style(HELPERSCRIPTS): change results banner format to match others 2021-01-15 05:19:52 -07:00
Asif Bacchus cbaadc40c4 feature(HELPERSCRIPTS): add conditionality to script update 2021-01-15 05:18:55 -07:00
Asif Bacchus 7e96583455 feature(HELPERSCRIPTS): conditionally update docker container
- move previous prerequisite checks related to docker
2021-01-15 05:15:38 -07:00
Asif Bacchus 19a8f3a082 feature(HELPERSCRIPTS): add parameter processing skeleton 2021-01-15 05:08:03 -07:00
4 changed files with 192 additions and 119 deletions
+5 -1
View File
@@ -73,8 +73,12 @@
# #
# Exclude files from exporting # Exclude files from exporting
# only export helper scripts
# #
.gitattributes export-ignore .gitattributes export-ignore
.gitignore export-ignore .gitignore export-ignore
.vscode/* export-ignore .vscode export-ignore
.idea export-ignore
build export-ignore
README.md export-ignore
+23 -20
View File
@@ -4,23 +4,23 @@ Containerized fully-functional implementation of NGINX running on Alpine **as a
## Contents ## Contents
[Alternate repository](#alternate-repository) [Alternate repository](#alternate-repository)<br>
[Documentation and scripts](#documentation-and-scripts) [Documentation and scripts](#documentation-and-scripts)<br>
[Permissions](#permissions) [Permissions](#permissions)<br>
[Container layout](#container-layout) [Container layout](#container-layout)<br>
[Content directory](#content-directory) [Content directory](#content-directory)<br>
[Configuration directory](#configuration-directory) [Configuration directory](#configuration-directory)<br>
[Quick-start](#quick-start) [Quick-start](#quick-start)<br>
[Mounting content](#mounting-content) [Mounting content](#mounting-content)<br>
[Mounting configurations](#mounting-configurations) [Mounting configurations](#mounting-configurations)<br>
[Mounting server-blocks](#mounting-server-blocks) [Mounting server-blocks](#mounting-server-blocks)<br>
[TLS](#tls) [TLS](#tls)<br>
[Environment variables](#environment-variables) [Environment variables](#environment-variables)<br>
[Shell mode](#shell-mode) [Shell mode](#shell-mode)<br>
[Drop to shell before NGINX loads](#drop-to-shell-before-nginx-loads) [Drop to shell before NGINX loads](#drop-to-shell-before-nginx-loads)<br>
[Enter a running container](#enter-a-running-container) [Enter a running container](#enter-a-running-container)<br>
[Logs](#logs) [Logs](#logs)<br>
[Final thoughts](#final-thoughts)#final-thoughts) [Final thoughts](#final-thoughts)
## Alternate repository ## Alternate repository
@@ -34,9 +34,13 @@ Check out the [repo wiki](https://git.asifbacchus.app/ab-docker/ab-nginx/wiki) f
The container does **NOT** run under the root account. It runs under a user named *www-docker* with a UID of 8080. **This means any files you mount into the container need to be readable (and/or writable depending on your use-case) by UID 8080**. This does not mean just content files, it also includes configurations, server-blocks and *certificates*! Before mounting your files, ensure this is the case. There are more detailed instructions in the [wiki](https://git.asifbacchus.app/ab-docker/ab-nginx/wiki) if you need help setting file permissions. The container does **NOT** run under the root account. It runs under a user named *www-docker* with a UID of 8080. **This means any files you mount into the container need to be readable (and/or writable depending on your use-case) by UID 8080**. This does not mean just content files, it also includes configurations, server-blocks and *certificates*! Before mounting your files, ensure this is the case. There are more detailed instructions in the [wiki](https://git.asifbacchus.app/ab-docker/ab-nginx/wiki) if you need help setting file permissions.
This is a significant change versus most other NGINX implementations/containers where the main process is run as root and the *worker processes* run as a limited user. In those cases, permissions dont matter since NGINX can always use the root account to read any files (and especially certificates!) it needs. Please understand this difference. This is a significant change versus most other NGINX implementations/containers where the main process is run as root
and the *worker processes* run as a limited user. In those cases, permissions dont matter since NGINX can always use
the root account to read any files (and especially certificates!) it needs. Please understand this difference.
If you need to change the UID, then youll need to rebuild the container using the [Dockerfile in the git repo](#https://git.asifbacchus.app/ab-docker/ab-nginx). The process would be something like this: If you need to change the UID, then youll need to rebuild the container using
the [Dockerfile in the git repo](https://git.asifbacchus.app/ab-docker/ab-nginx). The process would be something like
this:
```bash ```bash
# clone the repo # clone the repo
@@ -249,4 +253,3 @@ I think that's everything to get you going if you are already familiar with dock
If I've forgotten anything, you find any bugs or you have suggestions, please file an issue either on my private [git server ](https://git.asifbachus.app/ab-docker/ab-nginx) or on [github](https://github.com/asifbacchus/ab-nginx). Also, I am *not* affiliated with NGINX in any way, so please **do not** bother them with any issues you find with this container. Bother me instead, I actually enjoy it! If I've forgotten anything, you find any bugs or you have suggestions, please file an issue either on my private [git server ](https://git.asifbachus.app/ab-docker/ab-nginx) or on [github](https://github.com/asifbacchus/ab-nginx). Also, I am *not* affiliated with NGINX in any way, so please **do not** bother them with any issues you find with this container. Bother me instead, I actually enjoy it!
**All the best and have fun!** **All the best and have fun!**
+106 -40
View File
@@ -1,7 +1,7 @@
#!/bin/sh #!/bin/sh
### update script for ab-nginx container and utility scripts ### update script for ab-nginx container and utility scripts
# version 1.0.0 # version 2.0.0
# script by Asif Bacchus # script by Asif Bacchus
### ###
@@ -23,40 +23,63 @@ okNotify() {
printf "%s[OK]%s\n" "$ok" "$norm" printf "%s[OK]%s\n" "$ok" "$norm"
} }
scriptHelp() {
textNewline
textblock "Update ${containerName} container and helper script files"
textblock "${bold}Usage: ${localScriptName} [parameters]${norm}"
textNewline
textblock "If run with no parameters, the script will update both the container and the helper script files, including this update script."
textblockHeader " parameters "
textblockParam "-h|-?|--help" "Display this help screen."
textblockParam "-c|--container|--container-only" "Update the docker container only."
textblockParam "-s|--scripts|--scripts-only" "Update the helper scripts (including this update script) only."
textNewline
exit 0
}
textblock() {
printf "%s\n" "$1" | fold -w "$width" -s
}
textblockHeader() {
printf "\n%s***%s***%s\n" "$header" "$1" "$norm"
}
textblockParam() {
printf "%s%-35s%s%s\n" "$info" "$1" "$2" "$norm"
}
textNewline() {
printf "\n"
}
### text formatting presets ### text formatting presets
if command -v tput >/dev/null 2>&1; then if command -v tput >/dev/null 2>&1; then
bold=$(tput bold)
err=$(tput bold)$(tput setaf 1) err=$(tput bold)$(tput setaf 1)
info=$(tput bold)$(tput setaf 6) info=$(tput bold)$(tput setaf 6)
header=$(tput bold)$(tput setaf 5)
norm=$(tput sgr0) norm=$(tput sgr0)
ok=$(tput sgr0)$(tput setaf 2) ok=$(tput sgr0)$(tput setaf 2)
warn=$(tput bold)$(tput setaf 3) warn=$(tput bold)$(tput setaf 3)
width=$(tput cols)
else else
bold=''
err='' err=''
info='' info=''
header=''
norm='' norm=''
ok='' ok=''
warn='' warn=''
width=80
fi fi
### pre-requisites ### pre-requisites
# check if wget is installed # check if wget is installed
if ! command -v wget >/dev/null 2>&1; then if ! command -v wget >/dev/null 2>&1; then
errMsg "Sorry, this script requires that 'wget' is installed in order to download updates. Exiting." errMsg "Sorry, this script requires that 'wget' is installed in order to download updates. Exiting."
fi fi
# check if docker is installed
if ! command -v docker >/dev/null 2>&1; then
errMsg "Sorry, it appears that docker is not installed on this machine! Exiting."
fi
# is user root or in the docker group?
if [ ! "$(id -u)" -eq 0 ]; then
if ! id -Gn | grep docker >/dev/null; then
errMsg "You must either be root or in the 'docker' group to pull container updates."
fi
fi
# zero counters # zero counters
updatesAvailable=0 updatesAvailable=0
downloadFailed=0 downloadFailed=0
@@ -71,39 +94,80 @@ containerUpdatePath="docker.asifbacchus.app/$dockerNamespace/$containerName:late
server="https://asifbacchus.app/updates/docker/$dockerNamespace/$containerName/" server="https://asifbacchus.app/updates/docker/$dockerNamespace/$containerName/"
checksumFilename='checksums.sha256' checksumFilename='checksums.sha256'
# operation triggers
doDockerUpdate=1
doScriptUpdate=1
# files to update # files to update
localScriptName="$(basename "$0")" localScriptName="$(basename "$0")"
repoScriptName='update.sh' repoScriptName='update.sh'
### update container ### process startup parameters
printf "%s\n*** Updating %s container and service scripts ***\n\n%s" "$info" "$containerName" "$norm" while [ $# -gt 0 ]; do
case "$1" in
-h | -\? | --help)
# display inline help
scriptHelp
;;
-s | --scripts | --scripts-only)
# update scripts only, skip docker container update
doDockerUpdate=0
;;
-c | --container | --container-only)
# update docker container only, skip script update
doScriptUpdate=0
;;
*)
printf "%s\nUnknown option: %s\n" "$err" "$1"
printf "%sUse '--help' for valid options%s\n\n" "$info" "$norm"
exit 1
;;
esac
shift
done
printf "Updating container:\n" ### update container
if ! docker pull "$containerUpdatePath"; then if [ "$doDockerUpdate" -eq 1 ]; then
# check if docker is installed
if ! command -v docker >/dev/null 2>&1; then
errMsg "Sorry, it appears that docker is not installed on this machine! Exiting."
fi
# is user root or in the docker group?
if [ ! "$(id -u)" -eq 0 ]; then
if ! id -Gn | grep docker >/dev/null; then
errMsg "You must either be root or in the 'docker' group to pull container updates."
fi
fi
printf "%s\n*** Updating %s container ***\n\n%s" "$info" "$containerName" "$norm"
if ! docker pull "$containerUpdatePath"; then
errMsg "There was an error updating the container. Try again later." errMsg "There was an error updating the container. Try again later."
else else
okMsg "Container updated!" okMsg "Container updated!"
fi
fi fi
### update scripts ### update scripts
printf "%sUpdating %s service scripts%s\n" "$info" "$containerName" "$norm" if [ "$doScriptUpdate" -eq 1 ]; then
printf "%s*** Updating %s service scripts ***%s\n" "$info" "$containerName" "$norm"
## download latest checksums ## download latest checksums
printf "Getting latest checksums... " printf "Getting latest checksums... "
if ! wget --quiet --tries=3 --timeout=10 -N "${server}${checksumFilename}"; then if ! wget --quiet --tries=3 --timeout=10 -N "${server}${checksumFilename}"; then
errNotify errNotify
errMsg "Unable to download checksums. Try again later." errMsg "Unable to download checksums. Try again later."
else else
okNotify okNotify
fi fi
## check for updates to this script ## check for updates to this script
printf "Checking for updates to this script... " printf "Checking for updates to this script... "
repoScriptChecksum=$(grep "$repoScriptName" "$checksumFilename" | grep -o '^\S*') repoScriptChecksum=$(grep "$repoScriptName" "$checksumFilename" | grep -o '^\S*')
localScriptChecksum=$(sha256sum "$localScriptName" | grep -o '^\S*') localScriptChecksum=$(sha256sum "$localScriptName" | grep -o '^\S*')
if [ "$localScriptChecksum" = "$repoScriptChecksum" ]; then if [ "$localScriptChecksum" = "$repoScriptChecksum" ]; then
printf "[NONE]\n" printf "[NONE]\n"
else else
printf "[AVAILABLE]\n" printf "[AVAILABLE]\n"
printf "Getting updated script... " printf "Getting updated script... "
# download updated script # download updated script
@@ -127,10 +191,10 @@ else
mv -f ./update.sh.tmp "$localScriptName" mv -f ./update.sh.tmp "$localScriptName"
fi fi
fi fi
fi fi
## update files ## update files
while IFS=' ' read -r field1 field2; do while IFS=' ' read -r field1 field2; do
printf "\nChecking '%s' for updates... " "$field2" printf "\nChecking '%s' for updates... " "$field2"
updateFilename="$field2" updateFilename="$field2"
repoFileChecksum="$field1" repoFileChecksum="$field1"
@@ -172,13 +236,15 @@ while IFS=' ' read -r field1 field2; do
else else
printf "[NONE]\n" printf "[NONE]\n"
fi fi
done <"$checksumFilename" done <"$checksumFilename"
fi
### display results ### display results
printf "\n%sResults:%s\n" "$info" "$norm" if [ "$doScriptUpdate" -eq 1 ]; then
printf "\tUpdates: %s available\n" "$updatesAvailable" printf "\n%s*** Results ***%s\n" "$info" "$norm"
printf "\tDownloads: %s%s successful%s, %s%s failed%s\n" "$ok" "$downloadSuccess" "$norm" "$err" "$downloadFailed" "$norm" printf "\tUpdates: %s available\n" "$updatesAvailable"
printf "\tUpdates: %s%s applied%s, %s%s failed%s\n" "$ok" "$updateSuccess" "$norm" "$err" "$updateFailed" "$norm" printf "\tDownloads: %s%s successful%s, %s%s failed%s\n" "$ok" "$downloadSuccess" "$norm" "$err" "$downloadFailed" "$norm"
printf "\tUpdates: %s%s applied%s, %s%s failed%s\n" "$ok" "$updateSuccess" "$norm" "$err" "$updateFailed" "$norm"
fi
exit 0 exit 0