diff --git a/contrib/docker/Dockerfile b/contrib/docker/Dockerfile index 708d8247b..cdff0d916 100644 --- a/contrib/docker/Dockerfile +++ b/contrib/docker/Dockerfile @@ -126,9 +126,9 @@ RUN --mount=type=cache,id=pixelfed-apt-${PHP_VERSION}-${PHP_DEBIAN_RELEASE}-${TA FROM base AS php-extensions -ARG PHP_EXTENSIONS_DATABASE ARG PHP_DEBIAN_RELEASE ARG PHP_EXTENSIONS +ARG PHP_EXTENSIONS_DATABASE ARG PHP_EXTENSIONS_EXTRA ARG PHP_PECL_EXTENSIONS ARG PHP_PECL_EXTENSIONS_EXTRA @@ -136,13 +136,10 @@ ARG PHP_VERSION ARG TARGETPLATFORM ENV PHP_EXTENSIONS_DATABASE=${PHP_EXTENSIONS_DATABASE} -ENV PHP_DEBIAN_RELEASE=${PHP_DEBIAN_RELEASE} ENV PHP_EXTENSIONS_EXTRA=${PHP_EXTENSIONS_EXTRA} ENV PHP_EXTENSIONS=${PHP_EXTENSIONS} ENV PHP_PECL_EXTENSIONS_EXTRA=${PHP_PECL_EXTENSIONS_EXTRA} ENV PHP_PECL_EXTENSIONS=${PHP_PECL_EXTENSIONS} -ENV PHP_VERSION=${PHP_VERSION} -ENV TARGETPLATFORM=${TARGETPLATFORM} COPY contrib/docker/shared/root/docker/install/php-extensions.sh /docker/install/php-extensions.sh RUN --mount=type=cache,id=pixelfed-php-${PHP_VERSION}-${PHP_DEBIAN_RELEASE}-${TARGETPLATFORM},sharing=locked,target=/usr/src/php/ \ diff --git a/contrib/docker/shared/root/docker/entrypoint.d/04-defaults.envsh b/contrib/docker/shared/root/docker/entrypoint.d/04-defaults.envsh index 00415b22f..3f1a77843 100755 --- a/contrib/docker/shared/root/docker/entrypoint.d/04-defaults.envsh +++ b/contrib/docker/shared/root/docker/entrypoint.d/04-defaults.envsh @@ -2,20 +2,23 @@ # NOTE: # -# this file is *sourced* not run by the entrypoint runner +# This file is *sourced* not run by the entrypoint runner # so any environment values set here will be accessible to all sub-processes # and future entrypoint.d scripts # +# We also don't need to source `helpers.sh` since it's already available entrypoint-set-name "${BASH_SOURCE[0]}" load-config-files +# We assign a 1MB buffer to the just-in-time calculated max post size to allow for fields and overhead : ${POST_MAX_SIZE_BUFFER:=1M} log-info "POST_MAX_SIZE_BUFFER is set to [${POST_MAX_SIZE_BUFFER}]" buffer=$(numfmt --invalid=fail --from=auto --to=none --to-unit=K "${POST_MAX_SIZE_BUFFER}") log-info "POST_MAX_SIZE_BUFFER converted to KB is [${buffer}]" +# Automatically calculate the [post_max_size] value for [php.ini] and [nginx] log-info "POST_MAX_SIZE will be calculated by [({MAX_PHOTO_SIZE} * {MAX_ALBUM_LENGTH}) + {POST_MAX_SIZE_BUFFER}]" log-info " MAX_PHOTO_SIZE=${MAX_PHOTO_SIZE}" log-info " MAX_ALBUM_LENGTH=${MAX_ALBUM_LENGTH}" @@ -23,4 +26,5 @@ log-info " POST_MAX_SIZE_BUFFER=${buffer}" : ${POST_MAX_SIZE:=$(numfmt --invalid=fail --from=auto --from-unit=K --to=si $(((${MAX_PHOTO_SIZE} * ${MAX_ALBUM_LENGTH}) + ${buffer})))} log-info "POST_MAX_SIZE was calculated to [${POST_MAX_SIZE}]" +# NOTE: must export the value so it's available in other scripts! export POST_MAX_SIZE diff --git a/contrib/docker/shared/root/docker/entrypoint.d/05-templating.sh b/contrib/docker/shared/root/docker/entrypoint.d/05-templating.sh index 22975a905..89b6f0504 100755 --- a/contrib/docker/shared/root/docker/entrypoint.d/05-templating.sh +++ b/contrib/docker/shared/root/docker/entrypoint.d/05-templating.sh @@ -3,37 +3,53 @@ source /docker/helpers.sh entrypoint-set-name "$0" -declare template_dir="${ENVSUBST_TEMPLATE_DIR:-/docker/templates}" -declare output_dir="${ENVSUBST_OUTPUT_DIR:-}" -declare filter="${ENVSUBST_FILTER:-}" -declare template defined_envs relative_path output_path output_dir subdir - -# load all dot-env files -load-config-files - +# Show [git diff] of templates being rendered (will help verify output) : ${ENTRYPOINT_SHOW_TEMPLATE_DIFF:=1} +# Directory where templates can be found +: ${ENTRYPOINT_TEMPLATE_DIR:=/docker/templates/} +# Root path to write template template_files to (default is '', meaning it will be written to /) +: ${ENTRYPOINT_TEMPLATE_OUTPUT_PREFIX:=} + +declare template_file relative_template_file_path output_file_dir + +# load all dot-env config files +load-config-files # export all dot-env variables so they are available in templating export ${seen_dot_env_variables[@]} -find "$template_dir" -follow -type f -print | while read -r template; do - relative_path="${template#"$template_dir/"}" - subdir=$(dirname "$relative_path") - output_path="$output_dir/${relative_path}" - output_dir=$(dirname "$output_path") +find "${ENTRYPOINT_TEMPLATE_DIR}" -follow -type f -print | while read -r template_file; do + # Example: template_file=/docker/templates/usr/local/etc/php/php.ini - if [ ! -w "$output_dir" ]; then - log-error-and-exit "ERROR: $template_dir exists, but $output_dir is not writable" + # The file path without the template dir prefix ($ENTRYPOINT_TEMPLATE_DIR) + # + # Example: /usr/local/etc/php/php.ini + relative_template_file_path="${template_file#"${ENTRYPOINT_TEMPLATE_DIR}"}" + + # Adds optional prefix to the output file path + # + # Example: /usr/local/etc/php/php.ini + output_file_path="${ENTRYPOINT_TEMPLATE_OUTPUT_PREFIX}/${relative_template_file_path}" + + # Remove the file from the path + # + # Example: /usr/local/etc/php + output_file_dir=$(dirname "${output_file_path}") + + # Ensure the output directory is writable + if ! is-writable "${output_file_dir}"; then + log-error-and-exit "${output_file_dir} is not writable" fi - # create a subdirectory where the template file exists - mkdir -p "$output_dir/$subdir" + # Create the output directory if it doesn't exists + ensure-directory "${output_file_dir}" - log-info "Running [gomplate] on [$template] --> [$output_path]" - cat "$template" | gomplate >"$output_path" + # Render the template + log-info "Running [gomplate] on [${template_file}] --> [${output_file_path}]" + cat "${template_file}" | gomplate >"${output_file_path}" # Show the diff from the envsubst command if [[ ${ENTRYPOINT_SHOW_TEMPLATE_DIFF} = 1 ]]; then - git --no-pager diff "$template" "${output_path}" || : + git --no-pager diff "${template_file}" "${output_file_path}" || : fi done diff --git a/contrib/docker/shared/root/docker/entrypoint.sh b/contrib/docker/shared/root/docker/entrypoint.sh index 4f2e2eb90..501fbced7 100755 --- a/contrib/docker/shared/root/docker/entrypoint.sh +++ b/contrib/docker/shared/root/docker/entrypoint.sh @@ -1,76 +1,72 @@ #!/bin/bash -set -e -o errexit -o nounset -o pipefail +if [[ ${ENTRYPOINT_SKIP:=0} != 0 ]]; then + exec "$@" +fi -: ${ENTRYPOINT_SKIP:=0} -: ${ENTRYPOINT_SKIP_SCRIPTS:=""} -: ${ENTRYPOINT_DEBUG:=0} : ${ENTRYPOINT_ROOT:="/docker/entrypoint.d/"} +: ${ENTRYPOINT_SKIP_SCRIPTS:=""} export ENTRYPOINT_ROOT -if [[ ${ENTRYPOINT_SKIP} == 0 ]]; then - [[ ${ENTRYPOINT_DEBUG} == 1 ]] && set -x +source /docker/helpers.sh - source /docker/helpers.sh +entrypoint-set-name "entrypoint.sh" - entrypoint-set-name "entrypoint.sh" +declare -a skip_scripts +IFS=' ' read -a skip_scripts <<<"$ENTRYPOINT_SKIP_SCRIPTS" - declare -a skip_scripts - IFS=' ' read -a skip_scripts <<<"$ENTRYPOINT_SKIP_SCRIPTS" +declare script_name - declare script_name +# ensure the entrypoint folder exists +mkdir -p "${ENTRYPOINT_ROOT}" - # ensure the entrypoint folder exists - mkdir -p "${ENTRYPOINT_ROOT}" +if /usr/bin/find "${ENTRYPOINT_ROOT}" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then + log-info "looking for shell scripts in /docker/entrypoint.d/" - if /usr/bin/find "${ENTRYPOINT_ROOT}" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then - log-info "looking for shell scripts in /docker/entrypoint.d/" + find "${ENTRYPOINT_ROOT}" -follow -type f -print | sort -V | while read -r file; do + script_name="$(get-entrypoint-script-name $file)" - find "${ENTRYPOINT_ROOT}" -follow -type f -print | sort -V | while read -r file; do - script_name="$(get-entrypoint-script-name $file)" + if in-array "${script_name}" skip_scripts; then + log-warning "Skipping script [${script_name}] since it's in the skip list (\$ENTRYPOINT_SKIP_SCRIPTS)" - if in-array "${script_name}" skip_scripts; then - log-warning "Skipping script [${script_name}] since it's in the skip list (\$ENTRYPOINT_SKIP_SCRIPTS)" + continue + fi - continue + case "${file}" in + *.envsh) + if ! is-executable "${file}"; then + # warn on shell scripts without exec bit + log-error-and-exit "File [${file}] is not executable (please 'chmod +x' it)" fi - case "${file}" in - *.envsh) - if ! is-executable "${file}"; then - # warn on shell scripts without exec bit - log-error-and-exit "File [${file}] is not executable (please 'chmod +x' it)" - fi + log-info "Sourcing [${file}]" - log-info "Sourcing [${file}]" + source "${file}" - source "${file}" + # the sourced file will (should) than the log prefix, so this restores our own + # "global" log prefix once the file is done being sourced + entrypoint-restore-name + ;; - # the sourced file will (should) than the log prefix, so this restores our own - # "global" log prefix once the file is done being sourced - entrypoint-restore-name - ;; + *.sh) + if ! is-executable "${file}"; then + # warn on shell scripts without exec bit + log-error-and-exit "File [${file}] is not executable (please 'chmod +x' it)" + fi - *.sh) - if ! is-executable "${file}"; then - # warn on shell scripts without exec bit - log-error-and-exit "File [${file}] is not executable (please 'chmod +x' it)" - fi + log-info "Running [${file}]" + "${file}" + ;; - log-info "Running [${file}]" - "${file}" - ;; + *) + log-warning "Ignoring unrecognized file [${file}]" + ;; + esac + done - *) - log-warning "Ignoring unrecognized file [${file}]" - ;; - esac - done - - log-info "Configuration complete; ready for start up" - else - log-warning "No files found in ${ENTRYPOINT_ROOT}, skipping configuration" - fi + log-info "Configuration complete; ready for start up" +else + log-warning "No files found in ${ENTRYPOINT_ROOT}, skipping configuration" fi exec "$@" diff --git a/contrib/docker/shared/root/docker/helpers.sh b/contrib/docker/shared/root/docker/helpers.sh index 5fb04d7a9..1a4f346b4 100644 --- a/contrib/docker/shared/root/docker/helpers.sh +++ b/contrib/docker/shared/root/docker/helpers.sh @@ -1,6 +1,10 @@ #!/bin/bash set -e -o errexit -o nounset -o pipefail +: ${ENTRYPOINT_DEBUG:=0} + +[[ ${ENTRYPOINT_DEBUG} == 1 ]] && set -x + # Some splash of color for important messages declare -g error_message_color="\033[1;31m" declare -g warn_message_color="\033[1;34m" @@ -110,6 +114,14 @@ function is-executable() { [[ -x "$1" ]] } +function is-writable() { + [[ -w "$1" ]] +} + +function ensure-directory() { + mkdir -pv "$@" +} + function get-entrypoint-script-name() { echo "${1#"$ENTRYPOINT_ROOT"}" }