fc1d8a7a by Adam Heath

Merge branch 'master' of gitlab.brainfood.com:brainfood/docker-image-recipes

2 parents 88653337 82441f35
1 The MIT License (MIT)
2
3 Copyright (c) 2017 brainfood.com
4
5 Permission is hereby granted, free of charge, to any person obtaining a copy
6 of this software and associated documentation files (the "Software"), to deal
7 in the Software without restriction, including without limitation the rights
8 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 copies of the Software, and to permit persons to whom the Software is
10 furnished to do so, subject to the following conditions:
11
12 The above copyright notice and this permission notice shall be included in all
13 copies or substantial portions of the Software.
14
15 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 SOFTWARE.
1 This repository contains a series of simple docker image recipes. These are
2 meant to be referenced via docker-compose, and built for each project
3 separately. No sharing of images. This provides sanity for each project, as
4 you don't have to worry about an image changing underneath you. It also means
5 that you can be certain you can rebuild on your own whenever the situation
6 calls for it.
7
8 Here are the best practices in these files:
9
10 * Generally, any image listed here should run without any external
11 dependencies. No includes from other images, etc. This makes it easier to
12 understand and extend.
13
14 * Each Dockerfile is designed to have minimal layers. This makes rebuilds
15 faster, as there are less docker-runs. It also makes many things easier to
16 accomplish, as there is a real shell script that can do sophisticated
17 things.
18
19 * Images also tend to make use of standard, unmodified debian packages. Let
20 someone else do the hard-work of system integration, while these recipes
21 then just do slight tweaks.
22
23 * Any files that need to be shared between a host and a container should make
24 use of UID/GID being sent in from the host. The daemon in the container
25 should run as the UID/GID, and it's files changed to have that ownership.
26
27 During entrypoint, the target container user is then modified to have the
28 correct uid/gid setting. If there is no target user, then one should be
29 added during the image build, generally calling it hostuser/hostgroup.
30
31 * Daemons that have complex binary file setups should have those files created
32 during image build, then the entire structure placed in a tarball. The
33 entrypoint can then extract this seed tarball, but only if the target
34 directory is empty. This allows for the volume mounting of these
35 directories from the host. Make certain the uid/gid mapping is sane when
36 this occurs.
...@@ -4,12 +4,12 @@ set -ex ...@@ -4,12 +4,12 @@ set -ex
4 4
5 hostuser_home="$(getent passwd hostuser | cut -f 6 -d :)" 5 hostuser_home="$(getent passwd hostuser | cut -f 6 -d :)"
6 6
7 if [[ $GID ]]; then 7 if [[ $GID && $GID -ne 0 ]]; then
8 old_gid=$(getent group hostgroup | cut -f 3 -d :) 8 old_gid=$(getent group hostgroup | cut -f 3 -d :)
9 groupmod -g $GID hostgroup 9 groupmod -g $GID hostgroup
10 find "$hostuser_home" -gid $old_gid -print0 | xargs -0r chgrp hostgroup 10 find "$hostuser_home" -gid $old_gid -print0 | xargs -0r chgrp hostgroup
11 fi 11 fi
12 if [[ $UID ]]; then 12 if [[ $UID && $UID -ne 0 ]]; then
13 usermod -u $UID hostuser 13 usermod -u $UID hostuser
14 fi 14 fi
15 15
......
1 FROM debian:stretch-slim
2
3 ARG JAVA_EXTRA_PACKAGES
4
5 COPY files/ /tmp/files/
6 RUN /tmp/files/configure
7
8 ENTRYPOINT ["/sbin/entrypoint"]
1 #!/bin/sh
2
3 set -e
4 apt-get update
5 mkdir -p /usr/share/man/man1
6 apt-get install -y ssmtp sudo openjdk-8-jdk $JAVA_EXTRA_PACKAGES
7
8 cp /tmp/files/entrypoint /sbin/entrypoint
9
10 addgroup hostgroup
11 adduser --gecos 'Host User' --ingroup hostgroup --disabled-password hostuser
12
13 rm -rf /tmp/files
1 #!/bin/bash
2
3 set -ex
4
5 TARGET_USER=hostuser
6 TARGET_GROUP=hostgroup
7
8 target_home="$(getent passwd "$TARGET_USER" | cut -f 6 -d :)"
9
10 if [[ $GID && $GID -ne 0 ]]; then
11 groupmod -g $GID "$TARGET_GROUP"
12 fi
13 if [[ $UID && $UID -ne 0 ]]; then
14 usermod -u $UID "$TARGET_USER"
15 fi
16
17 find "$target_home" \
18 '(' -not -user "$TARGET_USER" -a -not -group "$TARGET_GROUP" -exec chown "$TARGET_USER:$TARGET_GROUP" '{}' + ')' -o \
19 '(' -not -user "$TARGET_USER" -exec chown "$TARGET_USER" '{}' + ')' -o \
20 '(' -not -group "$TARGET_GROUP" -exec chgrp "$TARGET_GROUP" '{}' + ')' -o \
21 -true
22
23 if [[ $http_proxy =~ ^([^:]+)://([^/:]*)(:([0-9]+?))?(/.*)?$ ]]; then
24 http_proxy_protocol="${BASH_REMATCH[1]}"
25 http_proxy_domain="${BASH_REMATCH[2]}"
26 http_proxy_port="${BASH_REMATCH[4]}"
27 fi
28
29 if [[ $http_proxy ]]; then
30 mkdir -p "$target_home/.m2"
31 cat > "$target_home/.m2/settings.xml" << _EOF_
32 <settings>
33 <proxies>
34 <proxy>
35 <id>app-build-proxy</id>
36 <active>true</active>
37 <protocol>${http_proxy_protocol}</protocol>
38 <host>${http_proxy_domain}</host>
39 <port>${http_proxy_port}</port>
40 </proxy>
41 </proxies>
42 </settings>
43 _EOF_
44 fi
45
46 exec "$@"
1 FROM debian:stretch-slim
2
3 COPY files/ /tmp/files/
4 RUN /tmp/files/configure
5
6 ENTRYPOINT ["/sbin/entrypoint"]
7 VOLUME "/data"
8 CMD ["sudo", "-u", "mongodb", "/usr/bin/mongod", "--nounixsocket", "--dbpath", "/var/lib/mongodb"]
1 #!/bin/sh
2
3 set -e
4 apt-get update
5 apt-get install -y sudo ssmtp mongodb-server
6
7 cp /tmp/files/entrypoint /sbin/entrypoint
8
9 rm -rf /tmp/files
1 #!/bin/bash
2
3 set -ex
4
5 TARGET_USER=mongodb
6 TARGET_GROUP=mongodb
7
8 target_home="$(getent passwd "$TARGET_USER" | cut -f 6 -d :)"
9
10 if [[ $GID && $GID -ne 0 ]]; then
11 groupmod -g $GID "$TARGET_GROUP"
12 fi
13 if [[ $UID && $UID -ne 0 ]]; then
14 usermod -u $UID "$TARGET_USER"
15 fi
16
17 find "$target_home" \
18 '(' -not -user "$TARGET_USER" -a -not -group "$TARGET_GROUP" -exec chown "$TARGET_USER:$TARGET_GROUP" '{}' + ')' -o \
19 '(' -not -user "$TARGET_USER" -exec chown "$TARGET_USER" '{}' + ')' -o \
20 '(' -not -group "$TARGET_GROUP" -exec chgrp "$TARGET_GROUP" '{}' + ')' -o \
21 -true
22
23 exec "$@"
1 FROM debian:stretch-slim
2
3 COPY files/ /tmp/files/
4 RUN /tmp/files/configure
5
6 ENTRYPOINT ["/sbin/entrypoint"]
7 CMD ["/usr/bin/mysqld_safe"]
1 #!/bin/sh
2
3 set -e
4 apt-get update
5 apt-get install -y ssmtp mysql-server
6
7 mkdir /var/lib/container
8 tar -cC /var/lib/mysql/ . | gzip -9v > /var/lib/container/var_lib_mysql.tar.gz
9 rm -rf /var/lib/mysql
10 mkdir /var/lib/mysql
11
12 cp -a /tmp/files/entrypoint /sbin
13
14 rm -rf /tmp/files
1 #!/bin/bash
2
3 set -ex
4
5 _mysql() {
6 mysqld_safe "$@"
7 }
8
9 if [[ $GID && $GID -ne 0 ]]; then
10 old_gid=$(getent group mysql | cut -f 3 -d :)
11 groupmod -g $GID mysql
12 fi
13
14 if [[ $UID && $UID -ne 0 ]]; then
15 usermod -u $UID mysql
16 fi
17
18 if [[ $(find /var/lib/mysql -maxdepth 1 -mindepth 1|wc -l) = 0 ]]; then
19 mkdir -p /var/lib/mysql
20 zcat /var/lib/container/var_lib_mysql.tar.gz | tar -C /var/lib/mysql -xf -
21 fi
22
23 declare -i i=0
24 mysqld_safe --skip-networking &
25 while eval [[ \$DB_INFO_$i ]]; do
26 IFS=: eval declare -a DB_INFO=\(\$DB_INFO_$i\)
27 echo "database=${DB_INFO[0]} user=${DB_INFO[1]} password=${DB_INFO[2]}" 1>&2
28 mysql --defaults-extra-file=/etc/mysql/debian.cnf -e "CREATE DATABASE IF NOT EXISTS \`${DB_INFO[0]}\` DEFAULT CHARACTER SET \`utf8mb4\` COLLATE \`utf8mb4_ci\`;"
29 mysql --defaults-extra-file=/etc/mysql/debian.cnf -e "GRANT ALL PRIVILEGES ON \`${DB_INFO[0]}\`.* TO '${DB_INFO[1]}' IDENTIFIED BY '${DB_INFO[2]}';"
30 i=$(($i + 1))
31 done
32 mysql --defaults-extra-file=/etc/mysql/debian.cnf -e "shutdown;"
33 wait
34
35 exec "$@"
1 FROM debian:stretch 1 FROM debian:stretch-slim
2 2
3 ARG NGINX_EXTRA_PACKAGES 3 ARG NGINX_EXTRA_PACKAGES
4 4
5 COPY files/ /tmp/files/ 5 COPY files/ /tmp/files/
6 RUN /tmp/files/configure 6 RUN /tmp/files/configure
7 7
8 ENTRYPOINT ["/sbin/entrypoint.sh"] 8 ENTRYPOINT ["/sbin/entrypoint"]
9 CMD ["nginx", "-g", "daemon off;"] 9 CMD ["nginx", "-g", "daemon off;"]
......
...@@ -4,6 +4,6 @@ set -e ...@@ -4,6 +4,6 @@ set -e
4 apt-get update 4 apt-get update
5 apt-get install -y ssmtp nginx libnginx-mod-http-subs-filter $NGINX_EXTRA_PACKAGES 5 apt-get install -y ssmtp nginx libnginx-mod-http-subs-filter $NGINX_EXTRA_PACKAGES
6 rm /etc/nginx/sites-enabled/default 6 rm /etc/nginx/sites-enabled/default
7 cp -a /tmp/files/entrypoint.sh /sbin 7 cp -a /tmp/files/entrypoint /sbin
8 8
9 rm -rf /tmp/files 9 rm -rf /tmp/files
......
1 FROM node 1 FROM debian:stretch-slim
2 2
3 ARG NODE_EXTRA_PACKAGES 3 ARG NODE_EXTRA_PACKAGES
4 4
5 COPY files/ /tmp/files/ 5 COPY files/ /tmp/files/
6 RUN /tmp/files/configure 6 RUN /tmp/files/configure
7 7
8 #ADD https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar /usr/local/bin/wp 8 ENTRYPOINT ["/sbin/entrypoint"]
9 #RUN ["chmod", "755", "/usr/local/bin/wp"]
10
11 ENTRYPOINT ["/root/entrypoint"]
12 #CMD ["/usr/sbin/php5-fpm", "--nodaemonize", "--force-stderr", "--fpm-config", "/etc/php5/fpm/php-fpm.conf"]
......
...@@ -2,9 +2,20 @@ ...@@ -2,9 +2,20 @@
2 2
3 set -e 3 set -e
4 apt-get update 4 apt-get update
5 apt-get install -y ssmtp sudo $NODE_EXTRA_PACKAGES 5 apt-get install -y apt-transport-https gnupg
6 #npm install -g gulp grunt 6 cp /tmp/files/nodesource.list /etc/apt/sources.list.d
7 cp /tmp/files/nodesource.gpg.key /etc/apt/trusted.gpg.d/nodesource.asc
8 apt-get update
9
10 apt-get install -y ssmtp sudo nodejs npm $NODE_EXTRA_PACKAGES
11
12 if ! [ "z$NPM_GLOBAL_INSTALL" = "z" ]; then
13 npm install -g $NPM_GLOBAL_INSTALL
14 fi
15
16 addgroup node
17 adduser --gecos 'node' --ingroup node --disabled-password node
7 18
8 cp /tmp/files/entrypoint /root/entrypoint 19 cp /tmp/files/entrypoint /sbin/entrypoint
9 20
10 rm -rf /tmp/files 21 rm -rf /tmp/files
......
...@@ -4,14 +4,24 @@ set -ex ...@@ -4,14 +4,24 @@ set -ex
4 4
5 node_home="$(getent passwd node | cut -f 6 -d :)" 5 node_home="$(getent passwd node | cut -f 6 -d :)"
6 6
7 if [[ $GID ]]; then 7 if [[ $GID && $GID -ne 0 ]]; then
8 old_gid=$(getent group node | cut -f 3 -d :)
9 groupmod -g $GID node 8 groupmod -g $GID node
10 find "$node_home" -gid $old_gid -print0 | xargs -0r chgrp node
11 fi 9 fi
12 if [[ $UID ]]; then 10 if [[ $UID && $UID -ne 0 ]]; then
13 usermod -u $UID node 11 usermod -u $UID node
14 fi 12 fi
13
14 find "$node_home" \
15 '(' -not -user node -a -not -group node -exec chown node:node '{}' + ')' -o \
16 '(' -not -user node -exec chown node '{}' + ')' -o \
17 '(' -not -group node -exec chgrp node '{}' + ')' -o \
18 -true
19
20 npm -g config set http_proxy "$http_proxy"
21 npm -g config set https_proxy "$http_proxy"
22 sudo -u node npm config set http_proxy "$http_proxy"
23 sudo -u node npm config set https_proxy "$http_proxy"
24
15 if [[ -e package.json ]]; then 25 if [[ -e package.json ]]; then
16 sudo -u node npm install 26 sudo -u node npm install
17 fi 27 fi
......
1 -----BEGIN PGP PUBLIC KEY BLOCK-----
2 Version: GnuPG v1
3 Comment: GPGTools - https://gpgtools.org
4
5 mQINBFObJLYBEADkFW8HMjsoYRJQ4nCYC/6Eh0yLWHWfCh+/9ZSIj4w/pOe2V6V+
6 W6DHY3kK3a+2bxrax9EqKe7uxkSKf95gfns+I9+R+RJfRpb1qvljURr54y35IZgs
7 fMG22Np+TmM2RLgdFCZa18h0+RbH9i0b+ZrB9XPZmLb/h9ou7SowGqQ3wwOtT3Vy
8 qmif0A2GCcjFTqWW6TXaY8eZJ9BCEqW3k/0Cjw7K/mSy/utxYiUIvZNKgaG/P8U7
9 89QyvxeRxAf93YFAVzMXhoKxu12IuH4VnSwAfb8gQyxKRyiGOUwk0YoBPpqRnMmD
10 Dl7SdmY3oQHEJzBelTMjTM8AjbB9mWoPBX5G8t4u47/FZ6PgdfmRg9hsKXhkLJc7
11 C1btblOHNgDx19fzASWX+xOjZiKpP6MkEEzq1bilUFul6RDtxkTWsTa5TGixgCB/
12 G2fK8I9JL/yQhDc6OGY9mjPOxMb5PgUlT8ox3v8wt25erWj9z30QoEBwfSg4tzLc
13 Jq6N/iepQemNfo6Is+TG+JzI6vhXjlsBm/Xmz0ZiFPPObAH/vGCY5I6886vXQ7ft
14 qWHYHT8jz/R4tigMGC+tvZ/kcmYBsLCCI5uSEP6JJRQQhHrCvOX0UaytItfsQfLm
15 EYRd2F72o1yGh3yvWWfDIBXRmaBuIGXGpajC0JyBGSOWb9UxMNZY/2LJEwARAQAB
16 tB9Ob2RlU291cmNlIDxncGdAbm9kZXNvdXJjZS5jb20+iQI4BBMBAgAiBQJTmyS2
17 AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAWVaCraFdigHTmD/9OKhUy
18 jJ+h8gMRg6ri5EQxOExccSRU0i7UHktecSs0DVC4lZG9AOzBe+Q36cym5Z1di6JQ
19 kHl69q3zBdV3KTW+H1pdmnZlebYGz8paG9iQ/wS9gpnSeEyx0Enyi167Bzm0O4A1
20 GK0prkLnz/yROHHEfHjsTgMvFwAnf9uaxwWgE1d1RitIWgJpAnp1DZ5O0uVlsPPm
21 XAhuBJ32mU8S5BezPTuJJICwBlLYECGb1Y65Cil4OALU7T7sbUqfLCuaRKxuPtcU
22 VnJ6/qiyPygvKZWhV6Od0Yxlyed1kftMJyYoL8kPHfeHJ+vIyt0s7cropfiwXoka
23 1iJB5nKyt/eqMnPQ9aRpqkm9ABS/r7AauMA/9RALudQRHBdWIzfIg0Mlqb52yyTI
24 IgQJHNGNX1T3z1XgZhI+Vi8SLFFSh8x9FeUZC6YJu0VXXj5iz+eZmk/nYjUt4Mtc
25 pVsVYIB7oIDIbImODm8ggsgrIzqxOzQVP1zsCGek5U6QFc9GYrQ+Wv3/fG8hfkDn
26 xXLww0OGaEQxfodm8cLFZ5b8JaG3+Yxfe7JkNclwvRimvlAjqIiW5OK0vvfHco+Y
27 gANhQrlMnTx//IdZssaxvYytSHpPZTYw+qPEjbBJOLpoLrz8ZafN1uekpAqQjffI
28 AOqW9SdIzq/kSHgl0bzWbPJPw86XzzftewjKNbkCDQRTmyS2ARAAxSSdQi+WpPQZ
29 fOflkx9sYJa0cWzLl2w++FQnZ1Pn5F09D/kPMNh4qOsyvXWlekaV/SseDZtVziHJ
30 Km6V8TBG3flmFlC3DWQfNNFwn5+pWSB8WHG4bTA5RyYEEYfpbekMtdoWW/Ro8Kmh
31 41nuxZDSuBJhDeFIp0ccnN2Lp1o6XfIeDYPegyEPSSZqrudfqLrSZhStDlJgXjea
32 JjW6UP6txPtYaaila9/Hn6vF87AQ5bR2dEWB/xRJzgNwRiax7KSU0xca6xAuf+TD
33 xCjZ5pp2JwdCjquXLTmUnbIZ9LGV54UZ/MeiG8yVu6pxbiGnXo4Ekbk6xgi1ewLi
34 vGmz4QRfVklV0dba3Zj0fRozfZ22qUHxCfDM7ad0eBXMFmHiN8hg3IUHTO+UdlX/
35 aH3gADFAvSVDv0v8t6dGc6XE9Dr7mGEFnQMHO4zhM1HaS2Nh0TiL2tFLttLbfG5o
36 QlxCfXX9/nasj3K9qnlEg9G3+4T7lpdPmZRRe1O8cHCI5imVg6cLIiBLPO16e0fK
37 yHIgYswLdrJFfaHNYM/SWJxHpX795zn+iCwyvZSlLfH9mlegOeVmj9cyhN/VOmS3
38 QRhlYXoA2z7WZTNoC6iAIlyIpMTcZr+ntaGVtFOLS6fwdBqDXjmSQu66mDKwU5Ek
39 fNlbyrpzZMyFCDWEYo4AIR/18aGZBYUAEQEAAYkCHwQYAQIACQUCU5sktgIbDAAK
40 CRAWVaCraFdigIPQEACcYh8rR19wMZZ/hgYv5so6Y1HcJNARuzmffQKozS/rxqec
41 0xM3wceL1AIMuGhlXFeGd0wRv/RVzeZjnTGwhN1DnCDy1I66hUTgehONsfVanuP1
42 PZKoL38EAxsMzdYgkYH6T9a4wJH/IPt+uuFTFFy3o8TKMvKaJk98+Jsp2X/QuNxh
43 qpcIGaVbtQ1bn7m+k5Qe/fz+bFuUeXPivafLLlGc6KbdgMvSW9EVMO7yBy/2JE15
44 ZJgl7lXKLQ31VQPAHT3an5IV2C/ie12eEqZWlnCiHV/wT+zhOkSpWdrheWfBT+ac
45 hR4jDH80AS3F8jo3byQATJb3RoCYUCVc3u1ouhNZa5yLgYZ/iZkpk5gKjxHPudFb
46 DdWjbGflN9k17VCf4Z9yAb9QMqHzHwIGXrb7ryFcuROMCLLVUp07PrTrRxnO9A/4
47 xxECi0l/BzNxeU1gK88hEaNjIfviPR/h6Gq6KOcNKZ8rVFdwFpjbvwHMQBWhrqfu
48 G3KaePvbnObKHXpfIKoAM7X2qfO+IFnLGTPyhFTcrl6vZBTMZTfZiC1XDQLuGUnd
49 sckuXINIU3DFWzZGr0QrqkuE/jyr7FXeUJj9B7cLo+s/TXo+RaVfi3kOc9BoxIvy
50 /qiNGs/TKy2/Ujqp/affmIMoMXSozKmga81JSwkADO1JMgUy6dApXz9kP4EE3g==
51 =CLGF
52 -----END PGP PUBLIC KEY BLOCK-----
1 deb https://deb.nodesource.com/node_8.x stretch main
1 FROM debian:stretch 1 FROM debian:stretch-slim
2 2
3 ARG PHPFPM_EXTRA_PACKAGES 3 ARG PHPFPM_EXTRA_PACKAGES
4 4
...@@ -8,5 +8,5 @@ RUN /tmp/files/configure ...@@ -8,5 +8,5 @@ RUN /tmp/files/configure
8 ADD https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar /usr/local/bin/wp 8 ADD https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar /usr/local/bin/wp
9 RUN ["chmod", "755", "/usr/local/bin/wp"] 9 RUN ["chmod", "755", "/usr/local/bin/wp"]
10 10
11 ENTRYPOINT ["/root/entrypoint"] 11 ENTRYPOINT ["/sbin/entrypoint"]
12 CMD ["/usr/sbin/php-fpm7.0", "--nodaemonize", "--force-stderr", "--fpm-config", "/etc/php/7.0/fpm/php-fpm.conf"] 12 CMD ["/usr/sbin/php-fpm7.0", "--nodaemonize", "--force-stderr", "--fpm-config", "/etc/php/7.0/fpm/php-fpm.conf"]
......
...@@ -7,7 +7,7 @@ apt-get install -y sudo ssmtp php7.0-fpm php7.0-mysql php7.0-curl php7.0-imagick ...@@ -7,7 +7,7 @@ apt-get install -y sudo ssmtp php7.0-fpm php7.0-mysql php7.0-curl php7.0-imagick
7 rm /etc/php/7.0/fpm/pool.d/www.conf 7 rm /etc/php/7.0/fpm/pool.d/www.conf
8 cp -a /tmp/files/app-defaults.conf /etc/php/7.0/fpm 8 cp -a /tmp/files/app-defaults.conf /etc/php/7.0/fpm
9 9
10 cp /tmp/files/entrypoint /root/entrypoint 10 cp /tmp/files/entrypoint /sbin/entrypoint
11 11
12 addgroup hostgroup 12 addgroup hostgroup
13 adduser --gecos 'Host User' --ingroup hostgroup --disabled-password hostuser 13 adduser --gecos 'Host User' --ingroup hostgroup --disabled-password hostuser
......
...@@ -4,12 +4,12 @@ set -ex ...@@ -4,12 +4,12 @@ set -ex
4 4
5 hostuser_home="$(getent passwd hostuser | cut -f 6 -d :)" 5 hostuser_home="$(getent passwd hostuser | cut -f 6 -d :)"
6 6
7 if [[ $GID ]]; then 7 if [[ $GID && $GID -ne 0 ]]; then
8 old_gid=$(getent group hostgroup | cut -f 3 -d :) 8 old_gid=$(getent group hostgroup | cut -f 3 -d :)
9 groupmod -g $GID hostgroup 9 groupmod -g $GID hostgroup
10 find "$hostuser_home" -gid $old_gid -print0 | xargs -0r chgrp hostgroup 10 find "$hostuser_home" -gid $old_gid -print0 | xargs -0r chgrp hostgroup
11 fi 11 fi
12 if [[ $UID ]]; then 12 if [[ $UID && $GID -ne 0 ]]; then
13 usermod -u $UID hostuser 13 usermod -u $UID hostuser
14 fi 14 fi
15 mkdir -p /run/php 15 mkdir -p /run/php
......
...@@ -4,12 +4,12 @@ set -ex ...@@ -4,12 +4,12 @@ set -ex
4 4
5 hostuser_home="$(getent passwd hostuser | cut -f 6 -d :)" 5 hostuser_home="$(getent passwd hostuser | cut -f 6 -d :)"
6 6
7 if [[ $GID ]]; then 7 if [[ $GID && $GID -ne 0 ]]; then
8 old_gid=$(getent group hostgroup | cut -f 3 -d :) 8 old_gid=$(getent group hostgroup | cut -f 3 -d :)
9 groupmod -g $GID hostgroup 9 groupmod -g $GID hostgroup
10 find "$hostuser_home" -gid $old_gid -print0 | xargs -0r chgrp hostgroup 10 find "$hostuser_home" -gid $old_gid -print0 | xargs -0r chgrp hostgroup
11 fi 11 fi
12 if [[ $UID ]]; then 12 if [[ $UID && $UID -ne 0 ]]; then
13 usermod -u $UID hostuser 13 usermod -u $UID hostuser
14 fi 14 fi
15 15
......
1 FROM debian:stretch-slim
2
3 ARG POSTGRESQL_EXTRA_PACKAGES
4
5 COPY files/ /tmp/files
6 RUN /tmp/files/configure
7
8 ENTRYPOINT ["/sbin/entrypoint"]
9 CMD ["pg_ctlcluster", "9.6", "main", "start", "--foreground"]
1 #!/bin/sh
2
3 set -e
4
5 mkdir /usr/share/man/man1 /usr/share/man/man7
6 cp /tmp/files/no-suggests-recommends.conf /etc/apt/apt.conf.d/no-suggests-recommends
7 apt-get update
8 apt-get install -y postgresql-9.6 \
9 $POSTGRESQL_EXTRA_PACKAGES \
10 && true
11
12 rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/*
13
14 mkdir /var/lib/container
15 tar -cC /var/lib/postgresql/ . | gzip -9v > /var/lib/container/var_lib_postgresql.tar.gz
16 rm -rf /var/lib/postgresql
17 mkdir /var/lib/postgresql
18
19 cp -a /tmp/files/entrypoint /sbin
20
21 rm -rf /tmp/files
1 #!/bin/bash
2
3 set -ex
4
5 if [[ $(find /var/lib/postgresql -maxdepth 1 -mindepth 1|wc -l) = 0 ]]; then
6 zcat /var/lib/container/var_lib_postgresql.tar.gz | tar xf - -C /var/lib/postgresql
7 fi
8
9 postgres_home="$(getent passwd postgres | cut -f 6 -d :)"
10
11 if [[ $GID && $GID -ne 0 ]]; then
12 old_gid=$(getent group postgres | cut -f 3 -d :)
13 groupmod -g $GID postgres
14 find "$postgres_home" /etc/postgresql /var/run/postgresql -gid $old_gid -print0 | xargs -0r chgrp postgres
15 fi
16
17 if [[ $UID && $UID -ne 0 ]]; then
18 old_uid=$(getent passwd postgres | cut -f 3 -d :)
19 usermod -u $UID postgres
20 find /etc/postgresql /var/run/postgresql -uid $old_uid -print0 | xargs -0r chown postgres
21 fi
22
23 exec "$@"
1 APT::Install-Suggests false;
2 APT::Install-Recommends false;
1 FROM debian:stretch-slim
2
3 COPY files/ /tmp/files/
4 RUN /tmp/files/configure
5
6 ENTRYPOINT ["/sbin/entrypoint"]
7 VOLUME "/data"
8 CMD ["sudo", "-u", "redis", "redis-server", "/etc/redis/redis.conf"],
1 #!/bin/sh
2
3 set -e
4 apt-get update
5 apt-get install -y sudo ssmtp redis-server
6
7 cp /tmp/files/entrypoint /sbin/entrypoint
8
9 rm -rf /tmp/files
1 #!/bin/bash
2
3 set -ex
4
5 TARGET_GROUP=redis
6 TARGET_USER=redis
7
8 target_home="$(getent passwd "$TARGET_USER" | cut -f 6 -d :)"
9
10 if [[ $GID && $GID -ne 0 ]]; then
11 groupmod -g $GID "$TARGET_GROUP"
12 fi
13 if [[ $UID && $UID -ne 0 ]]; then
14 usermod -u $UID "$TARGET_USER"
15 fi
16
17 find "$target_home" \
18 '(' -not -user "$TARGET_USER" -a -not -group "$TARGET_GROUP" -exec chown "$TARGET_USER:$TARGET_GROUP" '{}' + ')' -o \
19 '(' -not -user "$TARGET_USER" -exec chown "$TARGET_USER" '{}' + ')' -o \
20 '(' -not -group "$TARGET_GROUP" -exec chgrp "$TARGET_GROUP" '{}' + ')' -o \
21 -true
22
23 exec "$@"
...@@ -4,12 +4,12 @@ set -ex ...@@ -4,12 +4,12 @@ set -ex
4 4
5 hostuser_home="$(getent passwd hostuser | cut -f 6 -d :)" 5 hostuser_home="$(getent passwd hostuser | cut -f 6 -d :)"
6 6
7 if [[ $GID ]]; then 7 if [[ $GID && $GID -ne 0 ]]; then
8 old_gid=$(getent group hostgroup | cut -f 3 -d :) 8 old_gid=$(getent group hostgroup | cut -f 3 -d :)
9 groupmod -g $GID hostgroup 9 groupmod -g $GID hostgroup
10 find "$hostuser_home" -gid $old_gid -print0 | xargs -0r chgrp hostgroup 10 find "$hostuser_home" -gid $old_gid -print0 | xargs -0r chgrp hostgroup
11 fi 11 fi
12 if [[ $UID ]]; then 12 if [[ $UID && $UID -ne 0 ]]; then
13 usermod -u $UID hostuser 13 usermod -u $UID hostuser
14 fi 14 fi
15 15
......