Compare commits
	
		
			No commits in common. "f7a6d924d9b8375b37685795217837df14a6e022" and "4d5f3fa80917f6be771d1cb837bf029d548eecf1" have entirely different histories.
		
	
	
		
			f7a6d924d9
			...
			4d5f3fa809
		
	
		
| @ -1,28 +0,0 @@ | ||||
| #!/bin/sh | ||||
| 
 | ||||
| # | ||||
| # generate checksums from provided path suitable for use by 'update.sh' | ||||
| # | ||||
| 
 | ||||
| # check for missing path to helper files, otherwise strip trailing slash | ||||
| if [ -z "$1" ]; then | ||||
|     printf "\nPlease supply path to helper files. Exiting.\n\n" | ||||
|     exit 1 | ||||
| fi | ||||
| srcDir="${1%/}" | ||||
| 
 | ||||
| # verify path exists and is accessible | ||||
| if ! [ -d "$srcDir" ]; then | ||||
|     printf "\nUnable to find or read supplied path to helper files. Exiting.\n\n" | ||||
|     exit 1 | ||||
| fi | ||||
| 
 | ||||
| # generate checksum file | ||||
| \rm -f "${srcDir}/checksums.sha256" | ||||
| find "${srcDir}/" -type f -exec sha256sum {} + >>"${srcDir}/checksums.sha256" | ||||
| sed -i "s+$srcDir/++g" "${srcDir}/checksums.sha256" | ||||
| 
 | ||||
| # exit gracefully | ||||
| exit 0 | ||||
| 
 | ||||
| #EOF | ||||
| @ -1,175 +0,0 @@ | ||||
| ### | ||||
| ### Parameters for use by ab-nginx helper script | ||||
| ### | ||||
| ### If you are NOT using the 'ab-nginx.sh' script file to start the container, | ||||
| ### then you don't have to do anything with this file. | ||||
| ### | ||||
| 
 | ||||
| 
 | ||||
| # | ||||
| # Container options | ||||
| # | ||||
| 
 | ||||
| # Specify a particular tag to 'version pin' the ab-nginx container. | ||||
| TAG=latest | ||||
| 
 | ||||
| # Specify a runtime UID and GID for the container user. This is useful to | ||||
| # ensure the container can read and/or write to locations on the host or | ||||
| # has access to files shared between members of a container stack. | ||||
| # REQUIRED: NO | ||||
| # DEFAULT: NGINX_UID=8080, NGINX_GID=8080 | ||||
| # VALID OPTIONS: any permissible and available UID/GID value | ||||
| NGINX_UID=8080 | ||||
| NGINX_GID=8080 | ||||
| 
 | ||||
| 
 | ||||
| # | ||||
| # Network options | ||||
| # | ||||
| 
 | ||||
| # If you want to specify a network to which this container should bind or one | ||||
| # that should be created, then use this variable. If you don't know what this | ||||
| # means or if you just want to use the default, leave this variable commented. | ||||
| # REQUIRED: NO | ||||
| # DEFAULT: nginx_network | ||||
| # VALID OPTIONS: network names acceptable to the docker engine | ||||
| NETWORK=nginx_network | ||||
| 
 | ||||
| # If you want to specify a particular IP subnet for the network to be created | ||||
| # as per the above variable, specify it here.  Again, if you don't know what | ||||
| # this means, just leave this variable commented. | ||||
| # REQUIRED: NO | ||||
| # DEFAULT: '172.31.254.0/24' | ||||
| # VALID OPTIONS: subnet in CIDR format | ||||
| SUBNET='172.31.254.0/24' | ||||
| 
 | ||||
| 
 | ||||
| # | ||||
| # Timezone | ||||
| # | ||||
| 
 | ||||
| # This doesn't impact any functionality of the container, but it does make your | ||||
| # logs easier to understand if they report the correct local time, right? Valid | ||||
| # options can be found at | ||||
| #   https://en.wikipedia.org/wiki/List_of_tz_database_time_zones | ||||
| # REQUIRED: NO | ||||
| # DEFAULT: Etc/UTC | ||||
| # VALID OPTIONS: IANA time zones in TZ format | ||||
| TZ=Etc/UTC | ||||
| 
 | ||||
| 
 | ||||
| # | ||||
| # NGINX options | ||||
| # | ||||
| 
 | ||||
| # Hostnames to which this instance of NGINX should answer: | ||||
| # By default, this is set to '_' meaning 'match anything'.  However, that won't | ||||
| # work if you're using SSL certificates! Multiple hostnames must be space | ||||
| # delimited and "enclosed in quotes". | ||||
| # | ||||
| # This is NOT required if you are supplying your own server blocks via | ||||
| # 'SERVERS_DIR' | ||||
| # | ||||
| # REQUIRED: YES, if using SSL and default server-blocks | ||||
| # DEFAULT: "_" | ||||
| # EXAMPLE: HOSTNAMES="domain.tld www.domain.tld server.domain.tld alt.domain.tld" | ||||
| HOSTNAMES="_" | ||||
| 
 | ||||
| # Ports to listen on: | ||||
| # If you need to use ports other than HTTP=80 and HTTPS=443, remember to set up | ||||
| # your server blocks accordingly! | ||||
| # | ||||
| # If you're using the default server-blocks, they will auto-adjust to whatever | ||||
| # you use here. | ||||
| # REQUIRED: NO | ||||
| # DEFAULTS: 80 and 443, respectively | ||||
| HTTP_PORT=80 | ||||
| HTTPS_PORT=443 | ||||
| 
 | ||||
| # Access logging (global preference): | ||||
| # Unless overridden in a server/location block, access logging will be handled | ||||
| # according to this setting. Logs are printed to the container console. | ||||
| # REQUIRED: NO | ||||
| # DEFAULT: OFF | ||||
| # VALID OPTIONS: 'ON' or 'OFF' | ||||
| ACCESS_LOG=OFF | ||||
| 
 | ||||
| 
 | ||||
| # | ||||
| # Content locations | ||||
| # Whatever you specify here will replace the default files in the container with | ||||
| # your content/configurations. You may comment any/all of the following lines to | ||||
| # disable them use the container defaults. | ||||
| # | ||||
| 
 | ||||
| # Specify a directory containing your NGINX configurations (if any) | ||||
| # Remember that these will be all be applied in the HTTP configuration context. | ||||
| # Only files with a ".conf" extension will be loaded!  If you want to disable a | ||||
| # file, simply change its extension (i.e. '.conf.disabled'). | ||||
| # | ||||
| # REMEMBER: Your configuration files must be readable by the container UID/GID! | ||||
| CONFIG_DIR=$(pwd)/config | ||||
| 
 | ||||
| # Specify a directory containing your NGINX server-block configurations (if any) | ||||
| # If you are just serving static content from the 'webroot', you can use the | ||||
| # container default server-blocks and comment this variable. | ||||
| # | ||||
| # More likely, you will have your own server blocks.  Remember, files are | ||||
| # processed in order so consider starting file names with numbers | ||||
| #   (i.e. 00-first_server.conf, 05-second_server.conf) | ||||
| # | ||||
| # Only files with a ".conf" extension will be loaded!  If you want to disable a | ||||
| #   file, simply change its extension (i.e. '.conf.disabled'). | ||||
| # | ||||
| # REMEMBER: Your server-block files must be readable by the container UID/GID! | ||||
| SERVERS_DIR=$(pwd)/sites | ||||
| 
 | ||||
| # Specify a directory containing 'snippets' of NGINX code you want/need to | ||||
| # reference in other configuration files. Pointers to other SSL certificates for | ||||
| # hosted domains or commonly used headers are good examples. | ||||
| # | ||||
| # You can then "include /etc/nginx/snippets/yourSnippet.conf;" in your configs | ||||
| # instead of having to type the same thing many times. | ||||
| 
 | ||||
| # This is totally optional! Comment this variable to disable it. | ||||
| # REMEMBER: Your snippets must be readable by the container UID/GID! | ||||
| SNIPPETS_DIR=$(pwd)/snippets | ||||
| 
 | ||||
| # Specify a directory with the content you want to serve. | ||||
| # REMEMBER: This directory must be readable by the container UID/GID! | ||||
| WEBROOT_DIR=/var/www | ||||
| 
 | ||||
| 
 | ||||
| # | ||||
| # SSL options: | ||||
| # | ||||
| 
 | ||||
| # Enable HSTS only AFTER you've tested SSL implementation!  Container sets the | ||||
| # header to require SSL for 6 months! Subdomains are NOT included. | ||||
| # REQUIRED: NO | ||||
| # DEFAULT: FALSE | ||||
| # VALID OPTIONS: 'TRUE', 'FALSE' | ||||
| HSTS=FALSE | ||||
| 
 | ||||
| # TLS 1.3 mode: | ||||
| #   If 'FALSE' (default), NGINX will accept both TLS 1.2 and 1.3 connections. | ||||
| #   If 'TRUE', only TLS 1.3 connections will be accepted. | ||||
| TLS13_ONLY=FALSE | ||||
| 
 | ||||
| 
 | ||||
| # | ||||
| # Certificate files | ||||
| # | ||||
| # If you are mounting symlinks you MUST specify the full path of the symlink so | ||||
| # the target is resolved! | ||||
| # | ||||
| # REMEMBER: ALL files must be readable by container UID/GID! | ||||
| # EXAMPLES: | ||||
| #    SSL_CERT=/path/to/your/ssl-certificate/fullchain.pem | ||||
| #    SSL_KEY=/path/to/your/ssl-private-key/privkey.pem | ||||
| #    SSL_CHAIN=/path/to/your/ssl-certificate-chain/chain.pem | ||||
| SSL_CERT="" | ||||
| SSL_KEY="" | ||||
| SSL_CHAIN="" | ||||
| 
 | ||||
| #EOF | ||||
| @ -231,7 +231,6 @@ fi | ||||
| checkExist 'file' './ab-nginx.params' | ||||
| 
 | ||||
| # read .params file | ||||
| # shellcheck source=ab-nginx.params.template | ||||
| . "./ab-nginx.params" | ||||
| 
 | ||||
| # fix case of TLS13_ONLY var | ||||
|  | ||||
| @ -1,16 +1,14 @@ | ||||
| #!/bin/sh | ||||
| 
 | ||||
| # | ||||
| # update script for ab-nginx container and utility scripts | ||||
| #   version 2.1.0 | ||||
| ### update script for ab-nginx container and utility scripts | ||||
| # version 2.0.0 | ||||
| # script by Asif Bacchus | ||||
| # | ||||
| ### | ||||
| 
 | ||||
| # | ||||
| # functions | ||||
| ### functions | ||||
| errMsg() { | ||||
|   printf "\n%s%s%s\n\n" "$err" "$1" "$norm" | ||||
|     [ -n "$2" ] && exit "$2" || exit 1 | ||||
|   exit 1 | ||||
| } | ||||
| 
 | ||||
| errNotify() { | ||||
| @ -27,27 +25,27 @@ okNotify() { | ||||
| 
 | ||||
| scriptHelp() { | ||||
|   textNewline | ||||
|     textBlock "Update ${containerName} container and helper script files" | ||||
|     textBlock "${bold}Usage: ${localScriptName} [parameters]${norm}" | ||||
|   textblock "Update ${containerName} container and helper script files" | ||||
|   textblock "${bold}Usage: ${localScriptName} [parameters]${norm}" | ||||
|   textNewline | ||||
|     textBlock "If run with no parameters, the script will update both the container and the helper script files, including this update script." | ||||
|     textBlockHeader " parameters " | ||||
|     textBlockParam "-h|-?|--help" "Display this help screen." | ||||
|     textBlockParam "-c|--container|--container-only" "Update the docker container only." | ||||
|     textBlockParam "-s|--scripts|--scripts-only" "Update the helper scripts (including this update script) only." | ||||
|   textblock "If run with no parameters, the script will update both the container and the helper script files, including this update script." | ||||
|   textblockHeader " parameters " | ||||
|   textblockParam "-h|-?|--help" "Display this help screen." | ||||
|   textblockParam "-c|--container|--container-only" "Update the docker container only." | ||||
|   textblockParam "-s|--scripts|--scripts-only" "Update the helper scripts (including this update script) only." | ||||
|   textNewline | ||||
|   exit 0 | ||||
| } | ||||
| 
 | ||||
| textBlock() { | ||||
| textblock() { | ||||
|   printf "%s\n" "$1" | fold -w "$width" -s | ||||
| } | ||||
| 
 | ||||
| textBlockHeader() { | ||||
| textblockHeader() { | ||||
|   printf "\n%s***%s***%s\n" "$header" "$1" "$norm" | ||||
| } | ||||
| 
 | ||||
| textBlockParam() { | ||||
| textblockParam() { | ||||
|   printf "%s%-35s%s%s\n" "$info" "$1" "$2" "$norm" | ||||
| } | ||||
| 
 | ||||
| @ -55,8 +53,7 @@ textNewline() { | ||||
|   printf "\n" | ||||
| } | ||||
| 
 | ||||
| # | ||||
| # text formatting presets | ||||
| ### text formatting presets | ||||
| if command -v tput >/dev/null 2>&1; then | ||||
|   bold=$(tput bold) | ||||
|   err=$(tput bold)$(tput setaf 1) | ||||
| @ -77,8 +74,7 @@ else | ||||
|   width=80 | ||||
| fi | ||||
| 
 | ||||
| # | ||||
| # pre-requisites | ||||
| ### pre-requisites | ||||
| # check if wget is installed | ||||
| if ! command -v wget >/dev/null 2>&1; then | ||||
|   errMsg "Sorry, this script requires that 'wget' is installed in order to download updates. Exiting." | ||||
| @ -106,8 +102,7 @@ doScriptUpdate=1 | ||||
| localScriptName="$(basename "$0")" | ||||
| repoScriptName='update.sh' | ||||
| 
 | ||||
| # | ||||
| # process startup parameters | ||||
| ### process startup parameters | ||||
| while [ $# -gt 0 ]; do | ||||
|   case "$1" in | ||||
|   -h | -\? | --help) | ||||
| @ -131,31 +126,29 @@ while [ $# -gt 0 ]; do | ||||
|   shift | ||||
| done | ||||
| 
 | ||||
| # | ||||
| # update container | ||||
| ### update container | ||||
| if [ "$doDockerUpdate" -eq 1 ]; then | ||||
|   # check if docker is installed | ||||
|   if ! command -v docker >/dev/null 2>&1; then | ||||
|         errMsg "Sorry, it appears that docker is not installed on this machine! Exiting." 2 | ||||
|     errMsg "Sorry, it appears that docker is not installed on this machine! Exiting." | ||||
|   fi | ||||
| 
 | ||||
|   # is user root or in the docker group? | ||||
|   if [ ! "$(id -u)" -eq 0 ]; then | ||||
|     if ! id -Gn | grep docker >/dev/null; then | ||||
|             errMsg "You must either be root or in the 'docker' group to pull container updates." 2 | ||||
|       errMsg "You must either be root or in the 'docker' group to pull container updates." | ||||
|     fi | ||||
|   fi | ||||
| 
 | ||||
|   printf "%s\n*** Updating %s container ***\n\n%s" "$info" "$containerName" "$norm" | ||||
|   if ! docker pull "$containerUpdatePath"; then | ||||
|         errMsg "There was an error updating the container. Try again later." 31 | ||||
|     errMsg "There was an error updating the container. Try again later." | ||||
|   else | ||||
|     okMsg "Container updated!" | ||||
|   fi | ||||
| fi | ||||
| 
 | ||||
| # | ||||
| # update scripts | ||||
| ### update scripts | ||||
| if [ "$doScriptUpdate" -eq 1 ]; then | ||||
|   printf "%s*** Updating %s service scripts ***%s\n" "$info" "$containerName" "$norm" | ||||
| 
 | ||||
| @ -163,7 +156,7 @@ if [ "$doScriptUpdate" -eq 1 ]; then | ||||
|   printf "Getting latest checksums... " | ||||
|   if ! wget --quiet --tries=3 --timeout=10 -N "${server}${checksumFilename}"; then | ||||
|     errNotify | ||||
|         errMsg "Unable to download checksums. Try again later." 41 | ||||
|     errMsg "Unable to download checksums. Try again later." | ||||
|   else | ||||
|     okNotify | ||||
|   fi | ||||
| @ -182,7 +175,7 @@ if [ "$doScriptUpdate" -eq 1 ]; then | ||||
|       errNotify | ||||
|       # delete failed download as necessary | ||||
|       rm -f ./update.sh.tmp 2>/dev/null | ||||
|             errMsg "Unable to download script update. Try again later." 42 | ||||
|       errMsg "Unable to download script update. Try again later." | ||||
|     else | ||||
|       # verify download | ||||
|       dlScriptChecksum=$(sha256sum "update.sh.tmp" | grep -o '^\S*') | ||||
| @ -190,7 +183,7 @@ if [ "$doScriptUpdate" -eq 1 ]; then | ||||
|         printf "[ERROR]\n" | ||||
|         # delete corrupt download as necessary | ||||
|         rm -f ./update.sh.tmp 2>/dev/null | ||||
|                 errMsg "Checksum mismatch! Try again later." 42 | ||||
|         errMsg "Checksum mismatch! Try again later." | ||||
|       else | ||||
|         okNotify | ||||
|         printf "\n%s*** This script has been updated. Please re-run it to load the updated version of this file. ***%s\n\n" "$warn" "$norm" | ||||
| @ -246,8 +239,7 @@ if [ "$doScriptUpdate" -eq 1 ]; then | ||||
|   done <"$checksumFilename" | ||||
| fi | ||||
| 
 | ||||
| # | ||||
| # display results | ||||
| ### display results | ||||
| if [ "$doScriptUpdate" -eq 1 ]; then | ||||
|   printf "\n%s*** Results ***%s\n" "$info" "$norm" | ||||
|   printf "\tUpdates: %s available\n" "$updatesAvailable" | ||||
| @ -255,29 +247,4 @@ if [ "$doScriptUpdate" -eq 1 ]; then | ||||
|   printf "\tUpdates: %s%s applied%s, %s%s failed%s\n" "$ok" "$updateSuccess" "$norm" "$err" "$updateFailed" "$norm" | ||||
| fi | ||||
| 
 | ||||
| # | ||||
| # exit | ||||
| if [ "$downloadFailed" -gt 0 ]; then | ||||
|     exit 43 | ||||
| elif [ "$updateFailed" -gt 0 ]; then | ||||
|     exit 44 | ||||
| else | ||||
| exit 0 | ||||
| fi | ||||
| # this is a trap for mis-coding... should never get an exit code 99! | ||||
| exit 99 | ||||
| 
 | ||||
| # | ||||
| # exit return codes | ||||
| # 0:        normal exit, no errors | ||||
| # 1:        missing or invalid parameter | ||||
| # 2:        docker not found or no docker permissions | ||||
| # 31:       unable to update docker container | ||||
| # 4x:       helper files errors | ||||
| #   41:     unable to download checksums | ||||
| #   42:     update script: unable to download or bad checksum | ||||
| #   43:     update helpers: unable to download | ||||
| #   44:     update helpers: bad checksum, no update | ||||
| # 99:       coding mistake trap -- this return code should never happen! | ||||
| 
 | ||||
| #EOF | ||||
|  | ||||
		Loading…
	
		Reference in New Issue
	
	Block a user