14 Commits

Author SHA1 Message Date
Asif Bacchus 6206ed49ff build(GIT): only include helper scripts in export archives 2021-01-15 06:28:43 -07:00
Asif Bacchus 478af79158 fix(README): fix incorrect link 2021-01-15 06:28:11 -07:00
Asif Bacchus 6f9d0ae7df style(README): force line breaks on contents items 2021-01-15 06:21:34 -07:00
Asif Bacchus db4be32b54 style(HELPERSCRIPTS): reformat code 2021-01-15 06:11:24 -07:00
Asif Bacchus 9d5c7960c9 fix(HELPERSCRIPTS): do not display file results in container-only mode 2021-01-15 06:10:04 -07:00
Asif Bacchus f53e673c3f feature(HELPERSCRIPTS): add inline help 2021-01-15 06:06:07 -07:00
Asif Bacchus 16df6570bc feature(HELPERSCRIPTS): tabular parameter help output 2021-01-15 06:05:01 -07:00
Asif Bacchus 38d6967f68 feature(HELPERSCRIPTS): add newline function, bold formatting preset 2021-01-15 05:50:01 -07:00
Asif Bacchus 0a99c75a91 feature(HELPERSCRIPTS): add text formatting functions 2021-01-15 05:47:00 -07:00
Asif Bacchus cb794e755f refactor(HELPERSCRIPTS): remove restart option
- cannot account for all possible custom configurations
- restart should be manual
2021-01-15 05:40:42 -07:00
Asif Bacchus d29bff3324 style(HELPERSCRIPTS): change results banner format to match others 2021-01-15 05:19:52 -07:00
Asif Bacchus cbaadc40c4 feature(HELPERSCRIPTS): add conditionality to script update 2021-01-15 05:18:55 -07:00
Asif Bacchus 7e96583455 feature(HELPERSCRIPTS): conditionally update docker container
- move previous prerequisite checks related to docker
2021-01-15 05:15:38 -07:00
Asif Bacchus 19a8f3a082 feature(HELPERSCRIPTS): add parameter processing skeleton 2021-01-15 05:08:03 -07:00
4 changed files with 192 additions and 119 deletions
+5 -1
View File
@@ -73,8 +73,12 @@
#
# Exclude files from exporting
# only export helper scripts
#
.gitattributes export-ignore
.gitignore export-ignore
.vscode/* export-ignore
.vscode export-ignore
.idea export-ignore
build export-ignore
README.md export-ignore
+23 -20
View File
@@ -4,23 +4,23 @@ Containerized fully-functional implementation of NGINX running on Alpine **as a
## Contents
[Alternate repository](#alternate-repository)
[Documentation and scripts](#documentation-and-scripts)
[Permissions](#permissions)
[Container layout](#container-layout)
[Content directory](#content-directory)
[Configuration directory](#configuration-directory)
[Quick-start](#quick-start)
[Mounting content](#mounting-content)
[Mounting configurations](#mounting-configurations)
[Mounting server-blocks](#mounting-server-blocks)
[TLS](#tls)
[Environment variables](#environment-variables)
[Shell mode](#shell-mode)
[Drop to shell before NGINX loads](#drop-to-shell-before-nginx-loads)
[Enter a running container](#enter-a-running-container)
[Logs](#logs)
[Final thoughts](#final-thoughts)#final-thoughts)
[Alternate repository](#alternate-repository)<br>
[Documentation and scripts](#documentation-and-scripts)<br>
[Permissions](#permissions)<br>
[Container layout](#container-layout)<br>
[Content directory](#content-directory)<br>
[Configuration directory](#configuration-directory)<br>
[Quick-start](#quick-start)<br>
[Mounting content](#mounting-content)<br>
[Mounting configurations](#mounting-configurations)<br>
[Mounting server-blocks](#mounting-server-blocks)<br>
[TLS](#tls)<br>
[Environment variables](#environment-variables)<br>
[Shell mode](#shell-mode)<br>
[Drop to shell before NGINX loads](#drop-to-shell-before-nginx-loads)<br>
[Enter a running container](#enter-a-running-container)<br>
[Logs](#logs)<br>
[Final thoughts](#final-thoughts)
## Alternate repository
@@ -34,9 +34,13 @@ Check out the [repo wiki](https://git.asifbacchus.app/ab-docker/ab-nginx/wiki) f
The container does **NOT** run under the root account. It runs under a user named *www-docker* with a UID of 8080. **This means any files you mount into the container need to be readable (and/or writable depending on your use-case) by UID 8080**. This does not mean just content files, it also includes configurations, server-blocks and *certificates*! Before mounting your files, ensure this is the case. There are more detailed instructions in the [wiki](https://git.asifbacchus.app/ab-docker/ab-nginx/wiki) if you need help setting file permissions.
This is a significant change versus most other NGINX implementations/containers where the main process is run as root and the *worker processes* run as a limited user. In those cases, permissions dont matter since NGINX can always use the root account to read any files (and especially certificates!) it needs. Please understand this difference.
This is a significant change versus most other NGINX implementations/containers where the main process is run as root
and the *worker processes* run as a limited user. In those cases, permissions dont matter since NGINX can always use
the root account to read any files (and especially certificates!) it needs. Please understand this difference.
If you need to change the UID, then youll need to rebuild the container using the [Dockerfile in the git repo](#https://git.asifbacchus.app/ab-docker/ab-nginx). The process would be something like this:
If you need to change the UID, then youll need to rebuild the container using
the [Dockerfile in the git repo](https://git.asifbacchus.app/ab-docker/ab-nginx). The process would be something like
this:
```bash
# clone the repo
@@ -249,4 +253,3 @@ I think that's everything to get you going if you are already familiar with dock
If I've forgotten anything, you find any bugs or you have suggestions, please file an issue either on my private [git server ](https://git.asifbachus.app/ab-docker/ab-nginx) or on [github](https://github.com/asifbacchus/ab-nginx). Also, I am *not* affiliated with NGINX in any way, so please **do not** bother them with any issues you find with this container. Bother me instead, I actually enjoy it!
**All the best and have fun!**
+106 -40
View File
@@ -1,7 +1,7 @@
#!/bin/sh
### update script for ab-nginx container and utility scripts
# version 1.0.0
# version 2.0.0
# script by Asif Bacchus
###
@@ -23,40 +23,63 @@ okNotify() {
printf "%s[OK]%s\n" "$ok" "$norm"
}
scriptHelp() {
textNewline
textblock "Update ${containerName} container and helper script files"
textblock "${bold}Usage: ${localScriptName} [parameters]${norm}"
textNewline
textblock "If run with no parameters, the script will update both the container and the helper script files, including this update script."
textblockHeader " parameters "
textblockParam "-h|-?|--help" "Display this help screen."
textblockParam "-c|--container|--container-only" "Update the docker container only."
textblockParam "-s|--scripts|--scripts-only" "Update the helper scripts (including this update script) only."
textNewline
exit 0
}
textblock() {
printf "%s\n" "$1" | fold -w "$width" -s
}
textblockHeader() {
printf "\n%s***%s***%s\n" "$header" "$1" "$norm"
}
textblockParam() {
printf "%s%-35s%s%s\n" "$info" "$1" "$2" "$norm"
}
textNewline() {
printf "\n"
}
### text formatting presets
if command -v tput >/dev/null 2>&1; then
bold=$(tput bold)
err=$(tput bold)$(tput setaf 1)
info=$(tput bold)$(tput setaf 6)
header=$(tput bold)$(tput setaf 5)
norm=$(tput sgr0)
ok=$(tput sgr0)$(tput setaf 2)
warn=$(tput bold)$(tput setaf 3)
width=$(tput cols)
else
bold=''
err=''
info=''
header=''
norm=''
ok=''
warn=''
width=80
fi
### pre-requisites
# check if wget is installed
if ! command -v wget >/dev/null 2>&1; then
errMsg "Sorry, this script requires that 'wget' is installed in order to download updates. Exiting."
fi
# check if docker is installed
if ! command -v docker >/dev/null 2>&1; then
errMsg "Sorry, it appears that docker is not installed on this machine! Exiting."
fi
# is user root or in the docker group?
if [ ! "$(id -u)" -eq 0 ]; then
if ! id -Gn | grep docker >/dev/null; then
errMsg "You must either be root or in the 'docker' group to pull container updates."
fi
fi
# zero counters
updatesAvailable=0
downloadFailed=0
@@ -71,39 +94,80 @@ containerUpdatePath="docker.asifbacchus.app/$dockerNamespace/$containerName:late
server="https://asifbacchus.app/updates/docker/$dockerNamespace/$containerName/"
checksumFilename='checksums.sha256'
# operation triggers
doDockerUpdate=1
doScriptUpdate=1
# files to update
localScriptName="$(basename "$0")"
repoScriptName='update.sh'
### update container
printf "%s\n*** Updating %s container and service scripts ***\n\n%s" "$info" "$containerName" "$norm"
### process startup parameters
while [ $# -gt 0 ]; do
case "$1" in
-h | -\? | --help)
# display inline help
scriptHelp
;;
-s | --scripts | --scripts-only)
# update scripts only, skip docker container update
doDockerUpdate=0
;;
-c | --container | --container-only)
# update docker container only, skip script update
doScriptUpdate=0
;;
*)
printf "%s\nUnknown option: %s\n" "$err" "$1"
printf "%sUse '--help' for valid options%s\n\n" "$info" "$norm"
exit 1
;;
esac
shift
done
printf "Updating container:\n"
if ! docker pull "$containerUpdatePath"; then
### update container
if [ "$doDockerUpdate" -eq 1 ]; then
# check if docker is installed
if ! command -v docker >/dev/null 2>&1; then
errMsg "Sorry, it appears that docker is not installed on this machine! Exiting."
fi
# is user root or in the docker group?
if [ ! "$(id -u)" -eq 0 ]; then
if ! id -Gn | grep docker >/dev/null; then
errMsg "You must either be root or in the 'docker' group to pull container updates."
fi
fi
printf "%s\n*** Updating %s container ***\n\n%s" "$info" "$containerName" "$norm"
if ! docker pull "$containerUpdatePath"; then
errMsg "There was an error updating the container. Try again later."
else
else
okMsg "Container updated!"
fi
fi
### update scripts
printf "%sUpdating %s service scripts%s\n" "$info" "$containerName" "$norm"
if [ "$doScriptUpdate" -eq 1 ]; then
printf "%s*** Updating %s service scripts ***%s\n" "$info" "$containerName" "$norm"
## download latest checksums
printf "Getting latest checksums... "
if ! wget --quiet --tries=3 --timeout=10 -N "${server}${checksumFilename}"; then
## download latest checksums
printf "Getting latest checksums... "
if ! wget --quiet --tries=3 --timeout=10 -N "${server}${checksumFilename}"; then
errNotify
errMsg "Unable to download checksums. Try again later."
else
else
okNotify
fi
fi
## check for updates to this script
printf "Checking for updates to this script... "
repoScriptChecksum=$(grep "$repoScriptName" "$checksumFilename" | grep -o '^\S*')
localScriptChecksum=$(sha256sum "$localScriptName" | grep -o '^\S*')
if [ "$localScriptChecksum" = "$repoScriptChecksum" ]; then
## check for updates to this script
printf "Checking for updates to this script... "
repoScriptChecksum=$(grep "$repoScriptName" "$checksumFilename" | grep -o '^\S*')
localScriptChecksum=$(sha256sum "$localScriptName" | grep -o '^\S*')
if [ "$localScriptChecksum" = "$repoScriptChecksum" ]; then
printf "[NONE]\n"
else
else
printf "[AVAILABLE]\n"
printf "Getting updated script... "
# download updated script
@@ -127,10 +191,10 @@ else
mv -f ./update.sh.tmp "$localScriptName"
fi
fi
fi
fi
## update files
while IFS=' ' read -r field1 field2; do
## update files
while IFS=' ' read -r field1 field2; do
printf "\nChecking '%s' for updates... " "$field2"
updateFilename="$field2"
repoFileChecksum="$field1"
@@ -172,13 +236,15 @@ while IFS=' ' read -r field1 field2; do
else
printf "[NONE]\n"
fi
done <"$checksumFilename"
done <"$checksumFilename"
fi
### display results
printf "\n%sResults:%s\n" "$info" "$norm"
printf "\tUpdates: %s available\n" "$updatesAvailable"
printf "\tDownloads: %s%s successful%s, %s%s failed%s\n" "$ok" "$downloadSuccess" "$norm" "$err" "$downloadFailed" "$norm"
printf "\tUpdates: %s%s applied%s, %s%s failed%s\n" "$ok" "$updateSuccess" "$norm" "$err" "$updateFailed" "$norm"
if [ "$doScriptUpdate" -eq 1 ]; then
printf "\n%s*** Results ***%s\n" "$info" "$norm"
printf "\tUpdates: %s available\n" "$updatesAvailable"
printf "\tDownloads: %s%s successful%s, %s%s failed%s\n" "$ok" "$downloadSuccess" "$norm" "$err" "$downloadFailed" "$norm"
printf "\tUpdates: %s%s applied%s, %s%s failed%s\n" "$ok" "$updateSuccess" "$norm" "$err" "$updateFailed" "$norm"
fi
exit 0