diff --git a/config.sh b/base/config.sh similarity index 100% rename from config.sh rename to base/config.sh diff --git a/run.sh b/base/run.sh similarity index 100% rename from run.sh rename to base/run.sh diff --git a/with-proxy/Dockerfile b/with-proxy/Dockerfile index b09656b..6105efe 100644 --- a/with-proxy/Dockerfile +++ b/with-proxy/Dockerfile @@ -1,4 +1,5 @@ -FROM ledgersmb/ledgersmb:1.11.18 +FROM lsmb-split:latest +#FROM ledgersmb/ledgersmb:1.11.18 USER root # Remove inherited start.sh @@ -10,10 +11,7 @@ RUN set -x && \ apt-get dist-upgrade -y && \ apt-get install -y --no-install-recommends \ nginx wget xz-utils - -RUN set -x && \ - mkdir -p /var/lib/nginx/body /var/cache/nginx && \ - chown -R www-data:www-data /var/lib/nginx /var/cache/nginx + mkdir -p /var/lib/nginx/body /var/cache/nginx COPY nginx.conf /etc/nginx/nginx.conf @@ -36,19 +34,16 @@ RUN set -ex && \ # Configure nginx and starman with s6 COPY services/starman/run /etc/services.d/starman/run -RUN chmod +x /etc/services.d/starman/run && chown www-data:www-data /etc/services.d/starman/run +RUN chmod +x /etc/services.d/starman/run COPY services/nginx/run /etc/services.d/nginx/run -RUN chmod +x /etc/services.d/nginx/run && chown www-data:www-data /etc/services.d/nginx/run +RUN chmod +x /etc/services.d/nginx/run COPY scripts/ledgersmb_config /etc/s6-overlay/s6-rc.d/ledgersmb_config RUN touch /etc/s6-overlay/s6-rc.d/user/contents.d/ledgersmb_config -RUN chmod +x /etc/s6-overlay/s6-rc.d/ledgersmb_config/up \ - /etc/s6-overlay/s6-rc.d/ledgersmb_config/config && \ - chown -R www-data:www-data /etc/s6-overlay/s6-rc.d/ \ - /etc/services.d /run +RUN chmod +x /etc/s6-overlay/s6-rc.d/ledgersmb_config/up EXPOSE 80 -USER www-data +#USER www-data ENTRYPOINT ["/init"] diff --git a/with-proxy/nginx.conf b/with-proxy/nginx.conf index 69a0d11..ee08c18 100644 --- a/with-proxy/nginx.conf +++ b/with-proxy/nginx.conf @@ -3,6 +3,8 @@ error_log /dev/stderr info; pid /tmp/nginx.pid; worker_processes 1; +user www-data; + events { worker_connections 1024; diff --git a/with-proxy/scripts/ledgersmb_config/config b/with-proxy/scripts/ledgersmb_config/config deleted file mode 100644 index 176e9e9..0000000 --- a/with-proxy/scripts/ledgersmb_config/config +++ /dev/null @@ -1,148 +0,0 @@ -#!/usr/bin/with-contenv /bin/bash - -cd /srv/ledgersmb -[[ -d ./local/conf/ ]] || mkdir ./local/conf/ -if [[ -n "$SSMTP_ROOT" ]]; then - echo "\$SSMTP_ROOT set; parameter is deprecated and will be ignored" - LSMB_HAVE_DEPRECATED=1 -fi -if [[ -n "$SSMTP_FROMLINE_OVERRIDE" ]]; then - echo "\$SSMTP_FROMLINE_OVERRIDE set; parameter is deprecated and will be ignored" - LSMB_HAVE_DEPRECATED=1 -fi -if [[ -n "$SSMTP_MAILHUB" ]]; then - echo "\$SSMTP_MAILHUB set; parameter is deprecated" - if [[ -z "$LSMB_MAIL_SMTPHOST" ]]; then - echo " Deriving \$LSMB_MAIL_SMTPHOST setting from \$SSMTP_MAILHUB" - LSMB_MAIL_SMTPHOST=${SSMTP_MAILHUB%:*} - fi - if [[ -z "$LSMB_MAIL_SMTPPORT" ]]; then - echo " Deriving \$LSMB_MAIL_SMTPPORT setting from \$SSMTP_MAILHUB" - LSMB_MAIL_SMTPPORT=${SSMTP_MAILHUB#*:} - fi - LSMB_HAVE_DEPRECATED=1 -fi -if [[ -n "$SSMTP_HOSTNAME" ]]; then - echo "\$SSMTP_HOSTNAME set; parameter is deprecated" - if [[ -z "$LSMB_MAIL_SMTPSENDER_HOSTNAME" ]]; then - echo " Deriving \$LSMB_MAIL_SMTPSENDER_HOSTNAME setting from \$SSMTP_HOSTNAME" - LSMB_MAIL_SMTPSENDER_HOSTNAME=$SSMTP_HOSTNAME - fi - LSMB_HAVE_DEPRECATED=1 -fi -if [[ -n "$SSMTP_USE_STARTTLS" ]]; then - echo "\$SSMTP_USE_STARTTLS set; parameter is deprecated" - if [[ -z "$LSMB_MAIL_SMTPTLS" ]]; then - echo " Deriving \$LSMB_MAIL_SMTPSENDER_HOSTNAME setting from \$SSMTP_USE_STARTTLS" - LSMB_MAIL_SMTPTLS=$SSMTP_USE_STARTTLS - fi - LSMB_HAVE_DEPRECATED=1 -fi -if [[ -n "$SSMTP_AUTH_USER" ]]; then - echo "\$SSMTP_AUTH_USER set; parameter is deprecated" - if [[ -z "$LSMB_MAIL_SMTPUSER" ]]; then - echo " Deriving \$LSMB_MAIL_SMTPUSER setting from \$SSMTP_AUTH_USER" - LSMB_MAIL_SMTPUSER=$SSMTP_AUTH_USER - fi - LSMB_HAVE_DEPRECATED=1 -fi -if [[ -n "$SSMTP_AUTH_PASS" ]]; then - echo "\$SSMTP_AUTH_PASS set; parameter is deprecated" - if [[ -z "$LSMB_MAIL_SMTPPASS" ]]; then - echo " Deriving \$LSMB_MAIL_SMTPPASS setting from \$SSMTP_AUTH_PASS" - LSMB_MAIL_SMTPPASS=$SSMTP_AUTH_PASS - fi - LSMB_HAVE_DEPRECATED=1 -fi -if [[ -n "$SSMTP_AUTH_METHOD" ]]; then - echo "\$SSMTP_AUTH_METHOD set; parameter is deprecated" - if [[ -z "$LSMB_MAIL_SMTPAUTHMECH" ]]; then - echo " Deriving \$LSMB_MAIL_SMTPAUTHMECH setting from \$SSMTP_AUTH_METHOD" - LSMB_MAIL_SMTPAUTHMECH=$SSMTP_AUTH_METHOD - fi - LSMB_HAVE_DEPRECATED=1 -fi - -if [[ -n "$LSMB_HAVE_DEPRECATED" ]]; then - echo "!!! DEPRECATED \$SSMTP_* PARAMETERS WILL BE REMOVED in the 1.9 image!!!" -fi - -if [[ ! -f ./local/conf/ledgersmb.yaml ]]; then - cat <./local/conf/ledgersmb.yaml -paths: - \$class: Beam::Wire - config: - UI: ./UI/ - UI_cache: lsmb_templates/ -db: - \$class: LedgerSMB::Database::Factory - connect_data: - host: ${POSTGRES_HOST:-ledgersmb-do-user-66666666-0.k.db.ondigitalocean.com} - port: ${POSTGRES_PORT:-25060} -mail: - transport: - \$class: LedgerSMB::Mailer::TransportSMTP - tls: $LSMB_MAIL_SMTPTLS -miscellaneous: - \$class: Beam::Wire - config: - proxy_ip: ${PROXY_IP:-172.17.0.1/12} -ui: - class: LedgerSMB::Template::UI - method: new_UI - lifecycle: eager - args: - cache: - \$ref: paths/UI_cache - root: - \$ref: paths/UI -EOF - - if [[ -n "$LSMB_MAIL_SMTPHOST" ]] - then - if [[ "$LSMB_MAIL_SMTPHOST" == "__CONTAINER_GATEWAY__" ]] - then - LSMB_MAIL_SMTPHOST="$(ip route | awk '/default/ { print $3 }')" - export LSMB_MAIL_SMTPHOST - fi - - cat <./local/conf/ledgersmb.000.yaml -mail: - transport: - host: $LSMB_MAIL_SMTPHOST -EOF - fi - - if [[ -n "$LSMB_MAIL_SMTPPORT" ]] - then - cat <./local/conf/ledgersmb.001.yaml -mail: - transport: - port: $LSMB_MAIL_SMTPPORT -EOF - fi - - if [[ -n "$LSMB_MAIL_SMTPSENDER_HOSTNAME" ]] - then - cat <./local/conf/ledgersmb.002.yaml -mail: - transport: - helo: $LSMB_MAIL_SMTPSENDER_HOSTNAME -EOF - fi - - if [[ -n "$LSMB_MAIL_SMTPUSER" ]] - then - cat <./local/conf/ledgersmb.003.yaml -mail: - transport: - sasl_password: '' - sasl_username: - \$class: Authen::SASL - mechanism: $LSMB_MAIL_SMTPAUTHMECH - callback: - user: $LSMB_MAIL_SMTPUSER - pass: $LSMB_MAIL_SMTPPASS -EOF - fi -fi diff --git a/with-proxy/scripts/ledgersmb_config/up b/with-proxy/scripts/ledgersmb_config/up index 80cd625..b6603bc 100644 --- a/with-proxy/scripts/ledgersmb_config/up +++ b/with-proxy/scripts/ledgersmb_config/up @@ -1,2 +1,3 @@ foreground { echo "Running config..." } -/etc/s6-overlay/s6-rc.d/ledgersmb_config/config + +/usr/local/bin/config.sh diff --git a/with-proxy/services/starman/run b/with-proxy/services/starman/run index aea2bca..44218a0 100644 --- a/with-proxy/services/starman/run +++ b/with-proxy/services/starman/run @@ -1,16 +1,3 @@ #!/usr/bin/with-contenv /bin/bash -cd /srv/ledgersmb - -# start ledgersmb -# --preload-app allows application initialization to kill the entire -# starman instance (instead of just the worker, which will immediately -# get restarted) on error; it also has a positive effect on memory use - -LSMB_CONFIG_FILE=${LSMB_CONFIG_FILE:-./local/conf/ledgersmb.yaml} -export LSMB_CONFIG_FILE -echo '--------- LEDGERSMB CONFIGURATION: ledgersmb.conf' -cat ${LSMB_CONFIG_FILE} -echo '--------- LEDGERSMB CONFIGURATION --- END' - -exec starman --listen 0.0.0.0:5762 --workers ${LSMB_WORKERS:-5} -I lib -I old/lib --preload-app bin/ledgersmb-server.psgi +s6-setuidgid www-data /usr/local/bin/run.sh