diff --git a/Dockerfile b/Dockerfile index d78ccdb..c2730a9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,34 +1,104 @@ -# Example Dockerfile for amd64 -# 1. ARGs vor FROM deklarieren (für das Basis-Image) -ARG BASE_IMAGE=alpine:latest +# syntax=docker/dockerfile:1 +ARG BASE_IMAGE=alpine:latest #Fallback alpine:latest -FROM ${BASE_IMAGE} +FROM ${BASE_IMAGE} AS rootfs-stage -# 2. ARGs nach FROM erneut deklarieren (für die Verwendung im Build) -ARG MAINTAINER -ARG TZ -ARG APP_NAME -ARG APP_USER +ARG APP_VERSION=${BUILD_TAG} +ARG S6_OVERLAY_VERSION=${S6_OVERLAY_VERSION} +ARG ROOTFS=/root-out +ARG REL=${APP_VERSION} +ARG ARCH=amd64 +ARG MIRROR=http://dl-cdn.alpinelinux.org/alpine +ARG PACKAGES=alpine-baselayout,\ +alpine-keys,\ +apk-tools,\ +busybox,\ +libc-utils -# Metadaten setzen +# install packages +RUN \ + apk add --no-cache \ + bash \ + xz + +# build rootfs +RUN \ + mkdir -p "${ROOTFS}/etc/apk" && \ + { \ + echo "${MIRROR}/${REL}/main"; \ + echo "${MIRROR}/${REL}/community"; \ + } > "${ROOTFS}/etc/apk/repositories" && \ + apk --root "${ROOTFS}" --no-cache --keys-dir /etc/apk/keys add --arch ${ARCH} --initdb ${PACKAGES//,/ } && \ + sed -i -e 's/^root::/root:!:/' /root-out/etc/shadow + +# add s6 overlay +ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-noarch.tar.xz /tmp +RUN tar -C /root-out -Jxpf /tmp/s6-overlay-noarch.tar.xz +ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-${ARCH}.tar.xz /tmp +RUN tar -C /root-out -Jxpf /tmp/s6-overlay-${ARCH}.tar.xz + +# add s6 optional symlinks +ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-symlinks-noarch.tar.xz /tmp +RUN tar -C /root-out -Jxpf /tmp/s6-overlay-symlinks-noarch.tar.xz && unlink /root-out/usr/bin/with-contenv +ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-symlinks-arch.tar.xz /tmp +RUN tar -C /root-out -Jxpf /tmp/s6-overlay-symlinks-arch.tar.xz + +# Runtime stage +FROM scratch +COPY --from=rootfs-stage /root-out/ / +ARG BUILD_DATE +ARG VERSION +ARG MODS_VERSION="v3" +ARG PKG_INST_VERSION="v1" +ARG LSIOWN_VERSION="v1" +ARG WITHCONTENV_VERSION="v1" +LABEL build_version="${MAINTAINER} version: ${APP_VERSION} Build-date:- ${BUILD_DATE}" LABEL maintainer="${MAINTAINER}" -LABEL org.opencontainers.image.title="${APP_NAME}" -# Umgebungsvariablen im Container setzen -ENV TZ=${TZ} -ENV USER=${APP_USER} +ADD --chmod=755 "https://raw.githubusercontent.com/linuxserver/docker-mods/mod-scripts/docker-mods.${MODS_VERSION}" "/docker-mods" +ADD --chmod=755 "https://raw.githubusercontent.com/linuxserver/docker-mods/mod-scripts/package-install.${PKG_INST_VERSION}" "/etc/s6-overlay/s6-rc.d/init-mods-package-install/run" +ADD --chmod=755 "https://raw.githubusercontent.com/linuxserver/docker-mods/mod-scripts/lsiown.${LSIOWN_VERSION}" "/usr/bin/lsiown" +ADD --chmod=755 "https://raw.githubusercontent.com/linuxserver/docker-mods/mod-scripts/with-contenv.${WITHCONTENV_VERSION}" "/usr/bin/with-contenv" -# Basis-System Update (Beispiel für Alpine) -RUN apk add --no-cache tzdata ca-certificates +# environment variables +ENV PS1="$(whoami)@$(hostname):$(pwd)\\$ " \ + HOME="/root" \ + TERM="xterm" \ + S6_CMD_WAIT_FOR_SERVICES_MAXTIME="0" \ + S6_VERBOSITY=1 \ + S6_STAGE2_HOOK=/docker-mods \ + VIRTUAL_ENV=/lsiopy \ + PATH="/lsiopy/bin:$PATH" -# Verzeichnisse aus dem Template vorbereiten -WORKDIR /app -COPY ./config /app/config -COPY ./data /app/data +RUN \ + echo "**** install runtime packages ****" && \ + apk add --no-cache \ + alpine-release \ + bash \ + ca-certificates \ + catatonit \ + coreutils \ + curl \ + findutils \ + jq \ + netcat-openbsd \ + procps-ng \ + shadow \ + tzdata && \ + echo "**** create abc user and make our folders ****" && \ + groupmod -g ${APP_GID} users && \ + useradd -u 911 -U -d /config -s /bin/false ${APP_USER} && \ + usermod -G users ${APP_USER} && \ + mkdir -p \ + /app \ + /config \ + /defaults \ + /lsiopy && \ + echo "**** cleanup ****" && \ + rm -rf \ + /tmp/* -# Beispiel: User anlegen -RUN adduser -D ${APP_USER} && chown -R ${APP_USER}:${APP_USER} /app +# add local files +COPY root/ / -USER ${APP_USER} - -CMD ["sh"] \ No newline at end of file +ENTRYPOINT ["/init"] diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64 index 1f0fa57..47f68fc 100644 --- a/Dockerfile.aarch64 +++ b/Dockerfile.aarch64 @@ -1,34 +1,104 @@ -# Example Dockerfile for arm64 -# 1. ARGs vor FROM deklarieren (für das Basis-Image) -ARG BASE_IMAGE=alpine:latest +# syntax=docker/dockerfile:1 +ARG BASE_IMAGE=alpine:latest #Fallback alpine:latest -FROM ${BASE_IMAGE} +FROM ${BASE_IMAGE} AS rootfs-stage -# 2. ARGs nach FROM erneut deklarieren (für die Verwendung im Build) -ARG MAINTAINER -ARG TZ -ARG APP_NAME -ARG APP_USER +ARG APP_VERSION=${BUILD_TAG} +ARG S6_OVERLAY_VERSION=${S6_OVERLAY_VERSION} +ARG ROOTFS=/root-out +ARG REL=${APP_VERSION} +ARG ARCH=aarch64 +ARG MIRROR=http://dl-cdn.alpinelinux.org/alpine +ARG PACKAGES=alpine-baselayout,\ +alpine-keys,\ +apk-tools,\ +busybox,\ +libc-utils -# Metadaten setzen +# install packages +RUN \ + apk add --no-cache \ + bash \ + xz + +# build rootfs +RUN \ + mkdir -p "${ROOTFS}/etc/apk" && \ + { \ + echo "${MIRROR}/${REL}/main"; \ + echo "${MIRROR}/${REL}/community"; \ + } > "${ROOTFS}/etc/apk/repositories" && \ + apk --root "${ROOTFS}" --no-cache --keys-dir /etc/apk/keys add --arch ${ARCH} --initdb ${PACKAGES//,/ } && \ + sed -i -e 's/^root::/root:!:/' /root-out/etc/shadow + +# add s6 overlay +ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-noarch.tar.xz /tmp +RUN tar -C /root-out -Jxpf /tmp/s6-overlay-noarch.tar.xz +ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-${ARCH}.tar.xz /tmp +RUN tar -C /root-out -Jxpf /tmp/s6-overlay-${ARCH}.tar.xz + +# add s6 optional symlinks +ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-symlinks-noarch.tar.xz /tmp +RUN tar -C /root-out -Jxpf /tmp/s6-overlay-symlinks-noarch.tar.xz && unlink /root-out/usr/bin/with-contenv +ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-symlinks-arch.tar.xz /tmp +RUN tar -C /root-out -Jxpf /tmp/s6-overlay-symlinks-arch.tar.xz + +# Runtime stage +FROM scratch +COPY --from=rootfs-stage /root-out/ / +ARG BUILD_DATE +ARG VERSION +ARG MODS_VERSION="v3" +ARG PKG_INST_VERSION="v1" +ARG LSIOWN_VERSION="v1" +ARG WITHCONTENV_VERSION="v1" +LABEL build_version="${MAINTAINER} version: ${VERSION} Build-date:- ${BUILD_DATE}" LABEL maintainer="${MAINTAINER}" -LABEL org.opencontainers.image.title="${APP_NAME}" -# Umgebungsvariablen im Container setzen -ENV TZ=${TZ} -ENV USER=${APP_USER} +ADD --chmod=755 "https://raw.githubusercontent.com/linuxserver/docker-mods/mod-scripts/docker-mods.${MODS_VERSION}" "/docker-mods" +ADD --chmod=755 "https://raw.githubusercontent.com/linuxserver/docker-mods/mod-scripts/package-install.${PKG_INST_VERSION}" "/etc/s6-overlay/s6-rc.d/init-mods-package-install/run" +ADD --chmod=755 "https://raw.githubusercontent.com/linuxserver/docker-mods/mod-scripts/lsiown.${LSIOWN_VERSION}" "/usr/bin/lsiown" +ADD --chmod=755 "https://raw.githubusercontent.com/linuxserver/docker-mods/mod-scripts/with-contenv.${WITHCONTENV_VERSION}" "/usr/bin/with-contenv" -# Basis-System Update (Beispiel für Alpine) -RUN apk add --no-cache tzdata ca-certificates +# environment variables +ENV PS1="$(whoami)@$(hostname):$(pwd)\\$ " \ + HOME="/root" \ + TERM="xterm" \ + S6_CMD_WAIT_FOR_SERVICES_MAXTIME="0" \ + S6_VERBOSITY=1 \ + S6_STAGE2_HOOK=/docker-mods \ + VIRTUAL_ENV=/lsiopy \ + PATH="/lsiopy/bin:$PATH" -# Verzeichnisse aus dem Template vorbereiten -WORKDIR /app -COPY ./config /app/config -COPY ./data /app/data +RUN \ + echo "**** install runtime packages ****" && \ + apk add --no-cache \ + alpine-release \ + bash \ + ca-certificates \ + catatonit \ + coreutils \ + curl \ + findutils \ + jq \ + netcat-openbsd \ + procps-ng \ + shadow \ + tzdata && \ + echo "**** create abc user and make our folders ****" && \ + groupmod -g ${APP_GID} users && \ + useradd -u 911 -U -d /config -s /bin/false ${APP_USER} && \ + usermod -G users ${APP_USER} && \ + mkdir -p \ + /app \ + /config \ + /defaults \ + /lsiopy && \ + echo "**** cleanup ****" && \ + rm -rf \ + /tmp/* -# Beispiel: User anlegen -RUN adduser -D ${APP_USER} && chown -R ${APP_USER}:${APP_USER} /app +# add local files +COPY root/ / -USER ${APP_USER} - -CMD ["sh"] \ No newline at end of file +ENTRYPOINT ["/init"] diff --git a/buildargs.env b/buildargs.env index 737575c..2fca100 100644 --- a/buildargs.env +++ b/buildargs.env @@ -1,15 +1,17 @@ # --- Versionierung --- -BUILD_TAG=1.00 +BUILD_TAG=3.23 # --- Standard Variablen --- -BASE_IMAGE=alpine:3.23 +BASE_IMAGE=alpine:${BUILD_TAG} # Examples for BASE_IMAGE #alpine:${BUILD_TAG} #git.pi-farm.de/pi-farm/docker-baseimage-alpine:v${BUILD_TAG} - -MAINTAINER=your-name +S6_OVERLAY_VERSION=3.2.0.2 +MAINTAINER=pi-farm TZ=Europe/Berlin # --- Projekt Spezifisch --- -APP_NAME=your-app-name -APP_USER=pi \ No newline at end of file +APP_VERSION=3.23 +APP_NAME=basimage-alpine +APP_USER=pi +APP_GID=1000 \ No newline at end of file diff --git a/root/etc/s6-overlay/s6-rc.d/ci-service-check/dependencies.d/legacy-services b/root/etc/s6-overlay/s6-rc.d/ci-service-check/dependencies.d/legacy-services new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/ci-service-check/type b/root/etc/s6-overlay/s6-rc.d/ci-service-check/type new file mode 100644 index 0000000..bdd22a1 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/ci-service-check/type @@ -0,0 +1 @@ +oneshot diff --git a/root/etc/s6-overlay/s6-rc.d/ci-service-check/up b/root/etc/s6-overlay/s6-rc.d/ci-service-check/up new file mode 100644 index 0000000..e0f9488 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/ci-service-check/up @@ -0,0 +1 @@ +echo "[ls.io-init] done." \ No newline at end of file diff --git a/root/etc/s6-overlay/s6-rc.d/init-adduser/branding b/root/etc/s6-overlay/s6-rc.d/init-adduser/branding new file mode 100644 index 0000000..bc641bd --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-adduser/branding @@ -0,0 +1,11 @@ +───────────────────────────────────────────────────────── + +.#####...######..........######...####...#####...##...##. +.##..##....##............##......##..##..##..##..###.###. +.#####.....##....######..####....######..#####...##.#.##. +.##........##............##......##..##..##..##..##...##. +.##......######..........##......##..##..##..##..##...##. +......................................................... + + Based on images from linuxserver.io +───────────────────────────────────────────────────────── diff --git a/root/etc/s6-overlay/s6-rc.d/init-adduser/dependencies.d/init-migrations b/root/etc/s6-overlay/s6-rc.d/init-adduser/dependencies.d/init-migrations new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/init-adduser/run b/root/etc/s6-overlay/s6-rc.d/init-adduser/run new file mode 100644 index 0000000..c0bf8fc --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-adduser/run @@ -0,0 +1,49 @@ +#!/usr/bin/with-contenv bash +# shellcheck shell=bash + +PUID=${PUID:-911} +PGID=${PGID:-911} + +if [[ -z ${LSIO_READ_ONLY_FS} ]] && [[ -z ${LSIO_NON_ROOT_USER} ]]; then + USERHOME=$(grep abc /etc/passwd | cut -d ":" -f6) + usermod -d "/root" abc + + groupmod -o -g "${PGID}" abc + usermod -o -u "${PUID}" abc + + usermod -d "${USERHOME}" abc +fi + +if { [[ -z ${LSIO_READ_ONLY_FS} ]] && [[ -z ${LSIO_NON_ROOT_USER} ]]; } || [[ ! ${LSIO_FIRST_PARTY} = "true" ]]; then + cat /etc/s6-overlay/s6-rc.d/init-adduser/branding +else + cat /run/branding +fi + +echo ' +─────────────────────────────────────── +GID/UID +───────────────────────────────────────' +if [[ -z ${LSIO_NON_ROOT_USER} ]]; then +echo " +User UID: $(id -u abc) +User GID: $(id -g abc) +───────────────────────────────────────" +else +echo " +User UID: $(stat /run -c %u) +User GID: $(stat /run -c %g) +───────────────────────────────────────" +fi +if [[ -f /build_version ]]; then + cat /build_version + echo ' +─────────────────────────────────────── + ' +fi + +if [[ -z ${LSIO_READ_ONLY_FS} ]] && [[ -z ${LSIO_NON_ROOT_USER} ]]; then + lsiown abc:abc /app + lsiown abc:abc /config + lsiown abc:abc /defaults +fi diff --git a/root/etc/s6-overlay/s6-rc.d/init-adduser/type b/root/etc/s6-overlay/s6-rc.d/init-adduser/type new file mode 100644 index 0000000..bdd22a1 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-adduser/type @@ -0,0 +1 @@ +oneshot diff --git a/root/etc/s6-overlay/s6-rc.d/init-adduser/up b/root/etc/s6-overlay/s6-rc.d/init-adduser/up new file mode 100644 index 0000000..b8522da --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-adduser/up @@ -0,0 +1 @@ +/etc/s6-overlay/s6-rc.d/init-adduser/run diff --git a/root/etc/s6-overlay/s6-rc.d/init-config-end/dependencies.d/init-config b/root/etc/s6-overlay/s6-rc.d/init-config-end/dependencies.d/init-config new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/init-config-end/dependencies.d/init-crontab-config b/root/etc/s6-overlay/s6-rc.d/init-config-end/dependencies.d/init-crontab-config new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/init-config-end/type b/root/etc/s6-overlay/s6-rc.d/init-config-end/type new file mode 100644 index 0000000..bdd22a1 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-config-end/type @@ -0,0 +1 @@ +oneshot diff --git a/root/etc/s6-overlay/s6-rc.d/init-config-end/up b/root/etc/s6-overlay/s6-rc.d/init-config-end/up new file mode 100644 index 0000000..c329423 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-config-end/up @@ -0,0 +1 @@ +# This file doesn't do anything, it's just the end of the downstream image init process diff --git a/root/etc/s6-overlay/s6-rc.d/init-config/dependencies.d/init-os-end b/root/etc/s6-overlay/s6-rc.d/init-config/dependencies.d/init-os-end new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/init-config/type b/root/etc/s6-overlay/s6-rc.d/init-config/type new file mode 100644 index 0000000..bdd22a1 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-config/type @@ -0,0 +1 @@ +oneshot diff --git a/root/etc/s6-overlay/s6-rc.d/init-config/up b/root/etc/s6-overlay/s6-rc.d/init-config/up new file mode 100644 index 0000000..e80acfe --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-config/up @@ -0,0 +1 @@ +# This file doesn't do anything, it's just the start of the downstream image init process diff --git a/root/etc/s6-overlay/s6-rc.d/init-crontab-config/dependencies.d/init-config b/root/etc/s6-overlay/s6-rc.d/init-crontab-config/dependencies.d/init-config new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/init-crontab-config/run b/root/etc/s6-overlay/s6-rc.d/init-crontab-config/run new file mode 100644 index 0000000..45a4e88 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-crontab-config/run @@ -0,0 +1,33 @@ +#!/usr/bin/with-contenv bash +# shellcheck shell=bash + +for cron_user in abc root; do + if [[ -z ${LSIO_READ_ONLY_FS} ]] && [[ -z ${LSIO_NON_ROOT_USER} ]]; then + if [[ -f "/etc/crontabs/${cron_user}" ]]; then + lsiown "${cron_user}":"${cron_user}" "/etc/crontabs/${cron_user}" + crontab -u "${cron_user}" "/etc/crontabs/${cron_user}" + fi + fi + + if [[ -f "/defaults/crontabs/${cron_user}" ]]; then + # make folders + mkdir -p \ + /config/crontabs + + # if crontabs do not exist in config + if [[ ! -f "/config/crontabs/${cron_user}" ]]; then + # copy crontab from system + if crontab -l -u "${cron_user}" >/dev/null 2>&1; then + crontab -l -u "${cron_user}" >"/config/crontabs/${cron_user}" + fi + + # if crontabs still do not exist in config (were not copied from system) + # copy crontab from image defaults (using -n, do not overwrite an existing file) + cp -n "/defaults/crontabs/${cron_user}" /config/crontabs/ + fi + + # set permissions and import user crontabs + lsiown "${cron_user}":"${cron_user}" "/config/crontabs/${cron_user}" + crontab -u "${cron_user}" "/config/crontabs/${cron_user}" + fi +done diff --git a/root/etc/s6-overlay/s6-rc.d/init-crontab-config/type b/root/etc/s6-overlay/s6-rc.d/init-crontab-config/type new file mode 100644 index 0000000..bdd22a1 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-crontab-config/type @@ -0,0 +1 @@ +oneshot diff --git a/root/etc/s6-overlay/s6-rc.d/init-crontab-config/up b/root/etc/s6-overlay/s6-rc.d/init-crontab-config/up new file mode 100644 index 0000000..d354111 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-crontab-config/up @@ -0,0 +1 @@ +/etc/s6-overlay/s6-rc.d/init-crontab-config/run diff --git a/root/etc/s6-overlay/s6-rc.d/init-custom-files/dependencies.d/init-mods-end b/root/etc/s6-overlay/s6-rc.d/init-custom-files/dependencies.d/init-mods-end new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/init-custom-files/run b/root/etc/s6-overlay/s6-rc.d/init-custom-files/run new file mode 100644 index 0000000..6b57858 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-custom-files/run @@ -0,0 +1,22 @@ +#!/usr/bin/with-contenv bash +# shellcheck shell=bash + +# Directories +SCRIPTS_DIR="/custom-cont-init.d" + +# Make sure custom init directory exists and has files in it +if [[ -e "${SCRIPTS_DIR}" ]] && [[ -n "$(/bin/ls -A ${SCRIPTS_DIR} 2>/dev/null)" ]]; then + echo "[custom-init] Files found, executing" + for SCRIPT in "${SCRIPTS_DIR}"/*; do + NAME="$(basename "${SCRIPT}")" + if [[ -x "${SCRIPT}" ]]; then + echo "[custom-init] ${NAME}: executing..." + /bin/bash "${SCRIPT}" + echo "[custom-init] ${NAME}: exited $?" + elif [[ ! -x "${SCRIPT}" ]]; then + echo "[custom-init] ${NAME}: is not an executable file" + fi + done +else + echo "[custom-init] No custom files found, skipping..." +fi diff --git a/root/etc/s6-overlay/s6-rc.d/init-custom-files/type b/root/etc/s6-overlay/s6-rc.d/init-custom-files/type new file mode 100644 index 0000000..bdd22a1 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-custom-files/type @@ -0,0 +1 @@ +oneshot diff --git a/root/etc/s6-overlay/s6-rc.d/init-custom-files/up b/root/etc/s6-overlay/s6-rc.d/init-custom-files/up new file mode 100644 index 0000000..28bf318 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-custom-files/up @@ -0,0 +1 @@ +/etc/s6-overlay/s6-rc.d/init-custom-files/run diff --git a/root/etc/s6-overlay/s6-rc.d/init-device-perms/dependencies.d/init-adduser b/root/etc/s6-overlay/s6-rc.d/init-device-perms/dependencies.d/init-adduser new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/init-device-perms/run b/root/etc/s6-overlay/s6-rc.d/init-device-perms/run new file mode 100644 index 0000000..18412b8 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-device-perms/run @@ -0,0 +1,37 @@ +#!/usr/bin/with-contenv bash +# shellcheck shell=bash + +if [[ -z ${LSIO_NON_ROOT_USER} ]] && [[ -n ${ATTACHED_DEVICES_PERMS} ]]; then + FILES=$(find ${ATTACHED_DEVICES_PERMS} -print 2>/dev/null) + + for i in ${FILES}; do + FILE_GID=$(stat -c '%g' "${i}") + FILE_UID=$(stat -c '%u' "${i}") + # check if user matches device + if id -u abc | grep -qw "${FILE_UID}"; then + echo "**** permissions for ${i} are good ****" + else + # check if group matches and that device has group rw + if id -G abc | grep -qw "${FILE_GID}" && [[ $(stat -c '%A' "${i}" | cut -b 5,6) == "rw" ]]; then + echo "**** permissions for ${i} are good ****" + # check if device needs to be added to group + elif ! id -G abc | grep -qw "${FILE_GID}"; then + # check if group needs to be created + GROUP_NAME=$(getent group "${FILE_GID}" | awk -F: '{print $1}') + if [[ -z "${GROUP_NAME}" ]]; then + GROUP_NAME="group$(head /dev/urandom | tr -dc 'a-z0-9' | head -c4)" + groupadd "${GROUP_NAME}" + groupmod -g "${FILE_GID}" "${GROUP_NAME}" + echo "**** creating group ${GROUP_NAME} with id ${FILE_GID} ****" + fi + echo "**** adding ${i} to group ${GROUP_NAME} with id ${FILE_GID} ****" + usermod -a -G "${GROUP_NAME}" abc + fi + # check if device has group rw + if [[ $(stat -c '%A' "${i}" | cut -b 5,6) != "rw" ]]; then + echo -e "**** The device ${i} does not have group read/write permissions, attempting to fix inside the container. ****" + chmod g+rw "${i}" + fi + fi + done +fi diff --git a/root/etc/s6-overlay/s6-rc.d/init-device-perms/type b/root/etc/s6-overlay/s6-rc.d/init-device-perms/type new file mode 100644 index 0000000..3d92b15 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-device-perms/type @@ -0,0 +1 @@ +oneshot \ No newline at end of file diff --git a/root/etc/s6-overlay/s6-rc.d/init-device-perms/up b/root/etc/s6-overlay/s6-rc.d/init-device-perms/up new file mode 100644 index 0000000..050e0b2 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-device-perms/up @@ -0,0 +1 @@ +/etc/s6-overlay/s6-rc.d/init-device-perms/run \ No newline at end of file diff --git a/root/etc/s6-overlay/s6-rc.d/init-envfile/run b/root/etc/s6-overlay/s6-rc.d/init-envfile/run new file mode 100644 index 0000000..592df52 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-envfile/run @@ -0,0 +1,19 @@ +#!/usr/bin/with-contenv bash +# shellcheck shell=bash + +if find /run/s6/container_environment/FILE__* -maxdepth 1 > /dev/null 2>&1; then + for FILENAME in /run/s6/container_environment/FILE__*; do + SECRETFILE=$(cat "${FILENAME}") + if [[ -f ${SECRETFILE} ]]; then + FILESTRIP=${FILENAME//FILE__/} + if [[ $(tail -n1 "${SECRETFILE}" | wc -l) != 0 ]]; then + echo "[env-init] Your secret: ${FILENAME##*/}" + echo " contains a trailing newline and may not work as expected" + fi + cat "${SECRETFILE}" >"${FILESTRIP}" + echo "[env-init] ${FILESTRIP##*/} set from ${FILENAME##*/}" + else + echo "[env-init] cannot find secret in ${FILENAME##*/}" + fi + done +fi diff --git a/root/etc/s6-overlay/s6-rc.d/init-envfile/type b/root/etc/s6-overlay/s6-rc.d/init-envfile/type new file mode 100644 index 0000000..bdd22a1 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-envfile/type @@ -0,0 +1 @@ +oneshot diff --git a/root/etc/s6-overlay/s6-rc.d/init-envfile/up b/root/etc/s6-overlay/s6-rc.d/init-envfile/up new file mode 100644 index 0000000..b2b4fb8 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-envfile/up @@ -0,0 +1 @@ +/etc/s6-overlay/s6-rc.d/init-envfile/run diff --git a/root/etc/s6-overlay/s6-rc.d/init-migrations/run b/root/etc/s6-overlay/s6-rc.d/init-migrations/run new file mode 100644 index 0000000..baf86a2 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-migrations/run @@ -0,0 +1,32 @@ +#!/usr/bin/with-contenv bash +# shellcheck shell=bash + +MIGRATIONS_DIR="/migrations" +MIGRATIONS_HISTORY="/config/.migrations" + +echo "[migrations] started" + +if [[ ! -d ${MIGRATIONS_DIR} ]]; then + echo "[migrations] no migrations found" + exit +fi + +for MIGRATION in $(find ${MIGRATIONS_DIR}/* | sort -n); do + NAME="$(basename "${MIGRATION}")" + if [[ -f ${MIGRATIONS_HISTORY} ]] && grep -Fxq "${NAME}" ${MIGRATIONS_HISTORY}; then + echo "[migrations] ${NAME}: skipped" + continue + fi + echo "[migrations] ${NAME}: executing..." + # Execute migration script in a subshell to prevent it from modifying the current environment + ("${MIGRATION}") + EXIT_CODE=$? + if [[ ${EXIT_CODE} -ne 0 ]]; then + echo "[migrations] ${NAME}: failed with exit code ${EXIT_CODE}, contact support" + exit "${EXIT_CODE}" + fi + echo "${NAME}" >>${MIGRATIONS_HISTORY} + echo "[migrations] ${NAME}: succeeded" +done + +echo "[migrations] done" diff --git a/root/etc/s6-overlay/s6-rc.d/init-migrations/type b/root/etc/s6-overlay/s6-rc.d/init-migrations/type new file mode 100644 index 0000000..bdd22a1 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-migrations/type @@ -0,0 +1 @@ +oneshot diff --git a/root/etc/s6-overlay/s6-rc.d/init-migrations/up b/root/etc/s6-overlay/s6-rc.d/init-migrations/up new file mode 100644 index 0000000..7c4cbcf --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-migrations/up @@ -0,0 +1 @@ +/etc/s6-overlay/s6-rc.d/init-migrations/run diff --git a/root/etc/s6-overlay/s6-rc.d/init-mods-end/dependencies.d/init-mods-package-install b/root/etc/s6-overlay/s6-rc.d/init-mods-end/dependencies.d/init-mods-package-install new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/init-mods-end/type b/root/etc/s6-overlay/s6-rc.d/init-mods-end/type new file mode 100644 index 0000000..bdd22a1 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-mods-end/type @@ -0,0 +1 @@ +oneshot diff --git a/root/etc/s6-overlay/s6-rc.d/init-mods-end/up b/root/etc/s6-overlay/s6-rc.d/init-mods-end/up new file mode 100644 index 0000000..092149d --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-mods-end/up @@ -0,0 +1 @@ +# This file doesn't do anything, it's just the end of the mod init process diff --git a/root/etc/s6-overlay/s6-rc.d/init-mods-package-install/dependencies.d/init-mods b/root/etc/s6-overlay/s6-rc.d/init-mods-package-install/dependencies.d/init-mods new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/init-mods-package-install/type b/root/etc/s6-overlay/s6-rc.d/init-mods-package-install/type new file mode 100644 index 0000000..bdd22a1 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-mods-package-install/type @@ -0,0 +1 @@ +oneshot diff --git a/root/etc/s6-overlay/s6-rc.d/init-mods-package-install/up b/root/etc/s6-overlay/s6-rc.d/init-mods-package-install/up new file mode 100644 index 0000000..fb63301 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-mods-package-install/up @@ -0,0 +1 @@ +/etc/s6-overlay/s6-rc.d/init-mods-package-install/run diff --git a/root/etc/s6-overlay/s6-rc.d/init-mods/dependencies.d/init-config-end b/root/etc/s6-overlay/s6-rc.d/init-mods/dependencies.d/init-config-end new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/init-mods/type b/root/etc/s6-overlay/s6-rc.d/init-mods/type new file mode 100644 index 0000000..bdd22a1 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-mods/type @@ -0,0 +1 @@ +oneshot diff --git a/root/etc/s6-overlay/s6-rc.d/init-mods/up b/root/etc/s6-overlay/s6-rc.d/init-mods/up new file mode 100644 index 0000000..040d801 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-mods/up @@ -0,0 +1 @@ +# This file doesn't do anything, it's just the start of the mod init process diff --git a/root/etc/s6-overlay/s6-rc.d/init-os-end/dependencies.d/init-adduser b/root/etc/s6-overlay/s6-rc.d/init-os-end/dependencies.d/init-adduser new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/init-os-end/dependencies.d/init-device-perms b/root/etc/s6-overlay/s6-rc.d/init-os-end/dependencies.d/init-device-perms new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/init-os-end/dependencies.d/init-envfile b/root/etc/s6-overlay/s6-rc.d/init-os-end/dependencies.d/init-envfile new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/init-os-end/type b/root/etc/s6-overlay/s6-rc.d/init-os-end/type new file mode 100644 index 0000000..bdd22a1 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-os-end/type @@ -0,0 +1 @@ +oneshot diff --git a/root/etc/s6-overlay/s6-rc.d/init-os-end/up b/root/etc/s6-overlay/s6-rc.d/init-os-end/up new file mode 100644 index 0000000..092149d --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-os-end/up @@ -0,0 +1 @@ +# This file doesn't do anything, it's just the end of the mod init process diff --git a/root/etc/s6-overlay/s6-rc.d/init-services/dependencies.d/init-custom-files b/root/etc/s6-overlay/s6-rc.d/init-services/dependencies.d/init-custom-files new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/init-services/type b/root/etc/s6-overlay/s6-rc.d/init-services/type new file mode 100644 index 0000000..bdd22a1 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-services/type @@ -0,0 +1 @@ +oneshot diff --git a/root/etc/s6-overlay/s6-rc.d/init-services/up b/root/etc/s6-overlay/s6-rc.d/init-services/up new file mode 100644 index 0000000..a7c3905 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-services/up @@ -0,0 +1 @@ +# This file doesn't do anything, it just signals that services can start diff --git a/root/etc/s6-overlay/s6-rc.d/svc-cron/dependencies.d/init-services b/root/etc/s6-overlay/s6-rc.d/svc-cron/dependencies.d/init-services new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/svc-cron/run b/root/etc/s6-overlay/s6-rc.d/svc-cron/run new file mode 100644 index 0000000..87e4fdb --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/svc-cron/run @@ -0,0 +1,15 @@ +#!/usr/bin/with-contenv bash +# shellcheck shell=bash + +if builtin command -v crontab >/dev/null 2>&1 && [[ -n "$(crontab -l -u abc 2>/dev/null || true)" || -n "$(crontab -l -u root 2>/dev/null || true)" ]]; then + if builtin command -v busybox >/dev/null 2>&1 && [[ $(busybox || true) =~ [[:space:]](crond)([,]|$) ]]; then + exec busybox crond -f -S -l 5 + elif [[ -f /usr/bin/apt ]] && [[ -f /usr/sbin/cron ]]; then + exec /usr/sbin/cron -f -L 5 + else + echo "**** cron not found ****" + sleep infinity + fi +else + sleep infinity +fi diff --git a/root/etc/s6-overlay/s6-rc.d/svc-cron/type b/root/etc/s6-overlay/s6-rc.d/svc-cron/type new file mode 100644 index 0000000..5883cff --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/svc-cron/type @@ -0,0 +1 @@ +longrun diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-adduser b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-adduser new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-config b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-config new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-config-end b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-config-end new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-crontab-config b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-crontab-config new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-custom-files b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-custom-files new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-device-perms b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-device-perms new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-envfile b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-envfile new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-migrations b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-migrations new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-mods b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-mods new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-mods-end b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-mods-end new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-mods-package-install b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-mods-package-install new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-os-end b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-os-end new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-services b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-services new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-cron b/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-cron new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/user2/contents.d/ci-service-check b/root/etc/s6-overlay/s6-rc.d/user2/contents.d/ci-service-check new file mode 100644 index 0000000..e69de29